# Copyright 2021 Dell Inc. or its subsidiaries. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. --- - name: Include base variable file base_vars.yml include_vars: "{{ base_vars_filename }}" no_log: true - name: Validate input parameters of base_vars are not empty fail: msg: "{{ input_base_failure_msg }}" register: input_base_check when: - ansible_conf_file_path | length < 1 or public_nic | length < 1 or appliance_k8s_pod_net_cidr | length < 1 or awx_organization | length < 1 or timezone | length < 1 or language | length < 1 or iso_file_path | length < 1 or mngmnt_network_nic | length < 1 or mngmnt_network_dhcp_start_range | length < 1 or mngmnt_network_dhcp_end_range | length < 1 or host_network_nic | length < 1 or host_network_dhcp_start_range | length < 1 or host_network_dhcp_end_range | length < 1 or provision_method | length < 1 or default_lease_time | length < 1 or provision_os | length < 1 or provision_state | length < 1 - name: Validate default lease time assert: that: - default_lease_time|int - default_lease_time|int <= 31536000 - default_lease_time|int >= 21600 success_msg: "{{ success_msg_lease_time }}" fail_msg: "{{ fail_msg_lease_time }}" - name: Calculate max lease time set_fact: max_lease_time: "{{ default_lease_time|int + 10000 }}" - name: Validate infiniband base_vars are not empty assert: that: - ib_network_nic | length > 2 - ib_network_dhcp_start_range | length > 6 - ib_network_dhcp_end_range | length > 6 success_msg: "{{ success_msg_ib }}" fail_msg: "{{ fail_msg_ib }}" register: ib_check when: ib_switch_support - name: Set facts to validate snmp support set_fact: snmp_enabled: false mngmnt_mapping_file: false host_mapping_file: false - name: Verify snmp_trap_destination IP address set_fact: snmp_enabled: true when: snmp_trap_destination | length > 1 - name: Assert snmp trap destination address assert: that: - snmp_enabled - snmp_trap_destination | length > 7 - snmp_trap_destination | ipv4 success_msg: "{{ success_snmp_trap_dest }}" fail_msg: "{{ fail_snmp_trap_dest }}" when: snmp_enabled - name: Assert snmp community string assert: that: - snmp_enabled - snmp_community_name success_msg: "{{ success_snmp_comm_msg }}" fail_msg: "{{ fail_snmp_comm_msg }}" when: snmp_enabled - name: Check whether ansible config file exists stat: path: "{{ ansible_conf_file_path }}/ansible.cfg" register: ansible_conf_exists - name: Create the directory if it does not exist file: path: "{{ ansible_conf_file_path }}" state: directory mode: "{{ file_perm }}" when: not ansible_conf_exists.stat.exists changed_when: false - name: Create ansible config file if it does not exist copy: dest: '{{ ansible_conf_file_path }}/ansible.cfg' mode: "{{ file_perm }}" content: | [defaults] log_path = /var/log/omnia.log when: not ansible_conf_exists.stat.exists - name: Assert ethernet_switch_support assert: that: - ethernet_switch_support == true or ethernet_switch_support == false success_msg: "{{ ethernet_switch_support_success_msg }}" fail_msg: "{{ ethernet_switch_support_fail_msg }}" - name: Assert ib_switch_support assert: that: - ib_switch_support == true or ib_switch_support == false success_msg: "{{ ib_switch_support_success_msg }}" fail_msg: "{{ ib_switch_support_fail_msg }}" - name: Assert powervault_support assert: that: - powervault_support == true or powervault_support == false success_msg: "{{ powervault_support_success_msg }}" fail_msg: "{{ powervault_support_fail_msg }}" - name: Fetch the network interfaces in UP state in the system shell: set -o pipefail && ip a | awk '/state UP/{print $2}' register: nic_addr_up changed_when: false - name: Assert public nic assert: that: - public_nic in nic_addr_up.stdout success_msg: "{{ success_msg_public_nic }}" fail_msg: "{{ fail_msg_public_nic }}" - name: Fetch the system public IP set_fact: public_ip: "{{ lookup('vars','ansible_'+public_nic).ipv4.address }}" - name: Assert kubernetes pod network CIDR assert: that: - appliance_k8s_pod_net_cidr | ipv4 - appliance_k8s_pod_net_cidr | length > 9 - '"/" in appliance_k8s_pod_net_cidr ' success_msg: "{{ success_msg_k8s_pod_network_cidr }}" fail_msg: "{{ fail_msg_k8s_pod_network_cidr }}" - name: Assert Organization in awx assert: that: - awx_organization | length >= min_username_length - awx_organization | length < max_length - '"-" not in awx_organization ' - '"\\" not in awx_organization ' - '"\"" not in awx_organization ' - " \"'\" not in awx_organization " success_msg: "{{ success_awx_organization }}" fail_msg: "{{ fail_awx_organization }}" - name: Convert timezone.txt to linux format command: dos2unix {{ role_path }}/files/timezone.txt failed_when: false changed_when: false - name: Check timezone file command: grep -Fx "{{ timezone }}" {{ role_path }}/files/timezone.txt failed_when: false register: timezone_out changed_when: false - name: Assert timezone assert: that: timezone in timezone_out.stdout success_msg: "{{ success_timezone_msg }}" fail_msg: "{{ fail_timezone_msg }}" register: timezone_check - name: Assert language for provisioning nodes fail: msg: "{{ fail_language }}" when: '"en-US" not in language' - name: Assert provisioning method assert: that: - provision_method == "PXE" or provision_method == "idrac" success_msg: "{{ success_provision_method }}" fail_msg: "{{ fail_provision_method }}" - name: Assert provision_state assert: that: - provision_state == "stateful" fail_msg: "{{ provision_state_fail_msg }}" success_msg: "{{ provision_state_success_msg }}" - name: Assert operating system assert: that: - provision_os == os_supported_centos or provision_os == os_supported_rocky fail_msg: "{{ provision_os_fail_msg }}" success_msg: "{{ provision_os_success_msg }}" - name: Verify the iso_file_path stat: path: "{{ iso_file_path }}" register: result_path_iso_file - name : Assert iso_file_path location fail: msg: "{{ missing_iso_file_path }}" when: not result_path_iso_file.stat.exists - name: Validate iso_file_path name assert: that: - result_path_iso_file.stat.exists - '".iso" in iso_file_path' - provision_os in iso_file_path | lower fail_msg: "{{ invalid_iso_file_path }}" success_msg: "{{ valid_iso_file_path }}" #### management_net_dhcp_start_end_range - name: Assert management network nic assert: that: - mngmnt_network_nic in nic_addr_up.stdout success_msg: "{{ success_msg_mngmnt_network_nic }}" fail_msg: "{{ fail_msg_mngmnt_network_nic }}" - name: Fetch the management network ip, netmask and subnet set_fact: mngmnt_network_ip: "{{ lookup('vars','ansible_'+mngmnt_network_nic).ipv4.address }}" mngmnt_network_netmask: "{{ lookup('vars','ansible_'+mngmnt_network_nic).ipv4.netmask }}" mngmnt_network_subnet: "{{ lookup('vars','ansible_'+mngmnt_network_nic).ipv4.network }}" - name: Check the subnet of management network dhcp start range shell: | IFS=. read -r i1 i2 i3 i4 <<< "{{ mngmnt_network_dhcp_start_range }}" IFS=. read -r m1 m2 m3 m4 <<< "{{ mngmnt_network_netmask }}" printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))" args: warn: no register: dhcp_start_mgmnt_result changed_when: false - name: Set the start dhcp subnet for management network set_fact: dhcp_start_mgmnt: "{{ dhcp_start_mgmnt_result.stdout }}" - name: Check the subnet of dhcp end range for management network shell: | IFS=. read -r i1 i2 i3 i4 <<< "{{ mngmnt_network_dhcp_end_range }}" IFS=. read -r m1 m2 m3 m4 <<< "{{ mngmnt_network_netmask }}" printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))" register: dhcp_end_mgmnt_result changed_when: false - name: Set the end dhcp subnet for management network set_fact: dhcp_end_mgmnt: "{{ dhcp_end_mgmnt_result.stdout }}" - name: Assert management_net_dhcp_start_range assert: that: - mngmnt_network_dhcp_start_range - mngmnt_network_dhcp_start_range | ipv4 - mngmnt_network_dhcp_start_range != mngmnt_network_ip - mngmnt_network_dhcp_start_range != mngmnt_network_dhcp_end_range - dhcp_start_mgmnt == mngmnt_network_subnet - dhcp_start_mgmnt == dhcp_end_mgmnt success_msg: "{{ success_dhcp_range }} for management network" fail_msg: "{{ fail_dhcp_range }} for management network" - name: Assert management_net_dhcp_end_range assert: that: - mngmnt_network_dhcp_end_range - mngmnt_network_dhcp_end_range | ipv4 - mngmnt_network_dhcp_end_range != mngmnt_network_ip - mngmnt_network_dhcp_start_range != mngmnt_network_dhcp_end_range - dhcp_end_mgmnt == mngmnt_network_subnet - dhcp_start_mgmnt == dhcp_end_mgmnt success_msg: "{{ success_dhcp_range }} for management network" fail_msg: "{{ fail_dhcp_range }} for management network" - name: Set the mapping file value for management network set_fact: mngmnt_mapping_file: true when: mngmnt_mapping_file_path | length > 0 - name: Assert valid mngmnt_mapping_file_path stat: path: "{{ mngmnt_mapping_file_path }}" when: mngmnt_mapping_file register: result_mngmnt_mapping_file - name : Valid mngmnt_mapping_file_path fail: msg: "{{ invalid_mapping_file_path }} for management network" when: mngmnt_mapping_file and not result_mngmnt_mapping_file.stat.exists ######### ###Host network#### - name: Fetch the host network ip, netmask and subnet set_fact: hpc_ip: "{{ lookup('vars','ansible_'+host_network_nic).ipv4.address }}" netmask: "{{ lookup('vars','ansible_'+host_network_nic).ipv4.netmask }}" subnet: "{{ lookup('vars','ansible_'+host_network_nic).ipv4.network }}" - name: Check the subnet of host network dhcp start range shell: | IFS=. read -r i1 i2 i3 i4 <<< "{{ host_network_dhcp_start_range }}" IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}" printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))" args: warn: no register: dhcp_start_host_result changed_when: false - name: Set the start dhcp subnet for host network set_fact: dhcp_start_host: "{{ dhcp_start_host_result.stdout }}" - name: Check the subnet of dhcp end range for host network shell: | IFS=. read -r i1 i2 i3 i4 <<< "{{ host_network_dhcp_end_range }}" IFS=. read -r m1 m2 m3 m4 <<< "{{ netmask }}" printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))" register: dhcp_end_host_result changed_when: false - name: Set the end dhcp subnet for host network set_fact: dhcp_end_host: "{{ dhcp_end_host_result.stdout }}" - name: Assert host_network_dhcp_start_range assert: that: - host_network_dhcp_start_range - host_network_dhcp_start_range | ipv4 - host_network_dhcp_start_range != hpc_ip - host_network_dhcp_start_range != host_network_dhcp_end_range - dhcp_start_host == subnet - dhcp_start_host == dhcp_end_host success_msg: "{{ success_dhcp_range }} for host network" fail_msg: "{{ fail_dhcp_range }} for host network" - name: Assert host_network_dhcp_end_range assert: that: - host_network_dhcp_end_range - host_network_dhcp_end_range | ipv4 - host_network_dhcp_end_range != hpc_ip - host_network_dhcp_start_range != host_network_dhcp_end_range - dhcp_end_host == subnet - dhcp_start_host == dhcp_end_host success_msg: "{{ success_dhcp_range }} for host network" fail_msg: "{{ fail_dhcp_range }} for host network" - name: Set the mapping file value for host network set_fact: host_mapping_file: true when: host_mapping_file_path | length > 0 - name: Assert valid mapping_file_path stat: path: "{{ host_mapping_file_path }}" when: host_mapping_file register: result_host_mapping_file - name: Valid mapping_file_path fail: msg: "{{ invalid_mapping_file_path }} for host_network" when: host_mapping_file and not result_host_mapping_file.stat.exists - name: Verify different nics assert: that: - public_nic != mngmnt_network_nic - mngmnt_network_nic != host_network_nic - public_nic != host_network_nic success_msg: "{{ success_msg_different_nics }}" fail_msg: "{{ fail_msg_different_nics }}" ######## - name: Fetch the infiniband network ip, netmask and subnet set_fact: ib_ip: "{{ lookup('vars','ansible_'+ib_network_nic).ipv4.address }}" ib_netmask: "{{ lookup('vars','ansible_'+ib_network_nic).ipv4.netmask }}" ib_subnet: "{{ lookup('vars','ansible_'+ib_network_nic).ipv4.network }}" when: ib_switch_support - name: Check the subnet of infiniband network dhcp start range shell: | IFS=. read -r i1 i2 i3 i4 <<< "{{ ib_network_dhcp_start_range }}" IFS=. read -r m1 m2 m3 m4 <<< "{{ ib_netmask }}" printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))" args: warn: no register: dhcp_start_ib_result when: ib_switch_support changed_when: false - name: Set the start dhcp subnet for infiniband network set_fact: dhcp_start_ib: "{{ dhcp_start_ib_result.stdout }}" when: ib_switch_support - name: Check the subnet of dhcp end range for infiniband network shell: | IFS=. read -r i1 i2 i3 i4 <<< "{{ ib_network_dhcp_end_range }}" IFS=. read -r m1 m2 m3 m4 <<< "{{ ib_netmask }}" printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))" register: dhcp_end_ib_result when: ib_switch_support changed_when: false - name: Set the end dhcp subnet for infiniband network set_fact: dhcp_end_ib: "{{ dhcp_end_ib_result.stdout }}" when: ib_switch_support - name: Assert infiniband_net_dhcp_start_range assert: that: - ib_network_dhcp_start_range - ib_network_dhcp_start_range | ipv4 - ib_network_dhcp_start_range != ib_ip - ib_network_dhcp_start_range != ib_network_dhcp_end_range - dhcp_start_ib == ib_subnet - dhcp_start_ib == dhcp_end_ib success_msg: "{{ success_dhcp_range }} for infiniband network" fail_msg: "{{ fail_dhcp_range }} for infiniband network" when: ib_switch_support - name: Assert infiniband_net_dhcp_end_range assert: that: - ib_network_dhcp_end_range - ib_network_dhcp_end_range | ipv4 - ib_network_dhcp_end_range != ib_ip - ib_network_dhcp_start_range != ib_network_dhcp_end_range - dhcp_end_ib == ib_subnet - dhcp_start_ib == dhcp_end_ib success_msg: "{{ success_dhcp_range }} for infiniband network" fail_msg: "{{ fail_dhcp_range }} for infiniband network" when: ib_switch_support - name: Verify different nics with infiniband nic assert: that: - public_nic != ib_network_nic - mngmnt_network_nic != ib_network_nic - ib_network_nic != host_network_nic success_msg: "{{ success_msg_different_nics_ib }}" fail_msg: "{{ fail_msg_different_nics_ib }}" when: ib_switch_support