Dell-Omnia-Clusters-HPC-AI/control_plane/roles/control_plane_common/vars/main.yml

#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
---

# vars file for control_plane_common

# Usage: package_installation.yml
common_packages:
  - git
  - gcc
  - gcc-c++
  - nodejs
  - bzip2
  - python2-pip
  - python3-pip
  - nano
  - lvm2
  - gettext
  - net-tools
  - python3-netaddr
  - dos2unix
  - make
os_supported_leap: "leap"
os_supported_leap_version: "15.3"
python_version_leap: '3.6.13'
common_packages_rocky:
  - epel-release
  - yum-utils
  - device-mapper-persistent-data
  - yum-plugin-versionlock

# Usage: set_docker_os.yml
docker_rocky_os_version: "8"
docker_leap_os_version: "15.3"
docker_alpine_os_version: "3.15"
cobbler_rocky_dockerfile_path: "{{ playbook_dir }}/roles/provision_cobbler/files/Dockerfile_rocky"
cobbler_leap_dockerfile_path: "{{ playbook_dir }}/roles/provision_cobbler/files/Dockerfile_leap"
ib_dockerfile_path: "{{ playbook_dir }}/roles/control_plane_ib/files/Dockerfile"
mgmnt_dockerfile_path: "{{ playbook_dir }}/roles/control_plane_device/files/Dockerfile"

# Usage: pre_requisite.yml
internet_delay: 0
internet_timeout: 10
hostname: github.com
port_no: 22
os_supported_centos: "centos"
os_supported_rocky: "rocky"
os_supported_centos_version: "8.3"
os_supported_rocky_version: "8.4"
fail_os_status: "Unsupported OS or OS version. OS should be {{ os_supported_centos }} {{ os_supported_centos_version }} or {{ os_supported_rocky }} {{ os_supported_rocky_version }} or {{ os_supported_leap }} {{ os_supported_leap_version }}"
success_os_status: "Management Station OS validated"
internet_status: "Failed. No Internet connection. Make sure network is up."
selinux_warning: "Warning! SELinux status is disabled by user. No SELinux policy is loaded"
ansible_python_version_status: "For {{ mgmt_os }} {{ ansible_distribution_version }}, python bindings of firewalld, dnf, selinux are not available if python is installed from source and not from dnf or zypper. So please make sure python3.6 is installed using dnf or zypper. And ansible uses the python version 3.6 installed using dnf or zypper"
python_version_support: '3.6.8'
default_ansible_config_file_path: /etc/ansible/ansible.cfg
invalid_run_tag_msg: "Failed. init tag should be used with run tags"
invalid_skip_tag_msg: "Failed. init tag can't be used with skip tags"

# Usage: verify_login_inputs.yml
login_vars_filename: "input_params/login_vars.yml"
vault_filename: input_params/.login_vault_key
min_length: 8
max_length: 30
min_username_length: 4
min_length_grafana: 5
file_perm: '0755'
vault_file_perm: '0644'
mount_dir_perm: '0775'
nic_min_length: 3
login_input_config_failure_msg: "Failed. Please provide all the required parameters in login_vars.yml"
fail_msg_provision_password: "Failed. Incorrect provision_password format provided in login_vars.yml"
fail_msg_cobbler_password: "Failed. Incorrect cobbler_password format provided in login_vars.yml file"
fail_msg_idrac_credentials: "Failed. Incorrect idrac_username or idrac_password format provided in login_vars.yml"
fail_msg_grafana_credentials: "Failed. Incorrect grafana_username or grafana_password format provided in login_vars.yml"
fail_msg_ethernet_credentials: "Failed. Incorrect ethernet_switch_username or ethernet_switch_password format provided in login_vars.yml"
fail_msg_ib_credentials: "Failed. Incorrect ib_username or ib_password format provided in login_vars.yml"
fail_msg_me4_credentials: "Failed. Incorrect powervault_me4_username or powervault_me4_password format provided in login_vars.yml"
login_security_config_failure_msg: "Failed. Please provide the required passwords in login_vars.yml for installing ipa"
success_msg_dir_manager_password: "ms_directory_manager_password successfully validated"
fail_msg_dir_manager_password: "Failed. Incorrect format provided for ms_directory_manager_password"
success_msg_ipa_admin_pwd: "ms_kerberos_admin_password successfully validated"
fail_msg_ipa_admin_pwd: "Failed. Incorrect format provided for ms_kerberos_admin_password"

# Usage: verify_omnia_params.yml
config_filename: "omnia_config.yml"
config_vaultname: .omnia_vault_key
input_omnia_failure_msg: "Please provide all the required parameters in omnia_config.yml"
fail_msg_mariadb_password: "Failed. Incorrect mariadb_password format provided in omnia_config.yml file"
success_msg_mariadb_password: "mariadb_password validated"
success_msg_k8s_version: "Kubernetes Version Validated"
fail_msg_k8s_version: "Failed. Kubernetes Version is unsupported or incorrect in omnia_config.yml"
success_msg_k8s_cni: "Kubernetes CNI Validated"
fail_msg_k8s_cni: "Failed. Kubernetes CNI is incorrect in omnia_config.yml"
domain_name_success_msg: "domain name successfully validated"
domain_name_fail_msg: "Failed. Incorrect format provided for domain name in omnia_config.yml"
realm_name_success_msg: "realm_name successfully validated"
realm_name_fail_msg: "Failed. Incorrect realm_name formate in omnia_config.yml"
success_msg_directory_manager_password: "directory_manager_password successfully validated"
fail_msg_directory_manager_password: "Failed. Incorrect format provided for directory_manager_password"
success_msg_kerberos_admin_password: "kerberos_admin_password successfully validated"
fail_msg_kerberos_admin_password: "Failed. Incorrect format provided for kerberos_admin_password"
omnia_input_config_failure_msg: "Failed. Please provide all the required parameters in omnia_config.yml for for login_node"
login_node_required_success_msg: "login_node_required successfully validated"
login_node_required_fail_msg: "Failed. login_node_required should be either true or false"
secure_login_node_success_msg: "enable_secure_login_node successfully validated"
secure_login_node_fail_msg: "Failed. enable_secure_login_node should be either true or false"

# Usage: fetch_base_inputs.yml
base_vars_filename: "input_params/base_vars.yml"
input_base_failure_msg: "Please provide all the required parameters in base_vars.yml"
success_snmp_trap_dest: "SNMP trap destination IP validated"
fail_snmp_trap_dest: "Failed. Incorrect SNMP trap destination IP format provided in base_address.yml"
success_snmp_comm_msg: "SNMP community string validated"
fail_snmp_comm_msg: "snmp community string cannoy be blank in base_vars.yml"
success_msg_public_nic: "Public nic successfully validated"
fail_msg_public_nic: "Failed. Incorrect public nic provided in base_vars.yml"
success_msg_k8s_pod_network_cidr: "Appliance k8s pod network cidr validated"
fail_msg_k8s_pod_network_cidr: "Failed. Incorrect appliance k8s pod network cidr provided in base_vars.yml"
success_awx_organization: "awx organization validated"
success_provision_method: "Provision method validated"
fail_provision_method: "Failed. provision_method can either be set to idrac or PXE"
fail_awx_organization: "Failed. Incorrect format in awx organization"
success_timezone_msg: "timezone validated"
fail_timezone_msg: "Failed. Incorrect timezone provided. Please check the file timezone.txt in control_plane/roles/control_plane_common/files/ folder"
fail_language: "Failed. Only en-US(english) language supported"
invalid_iso_file_path: "Invalid iso_file_path provided in base_vars.yml. Make sure iso_file_path contains value mentioned in provision_os."
missing_iso_file_path: "Incorrect iso_file_path provided in base_vars.yml. Make sure iso file is present in the provided iso_file_path."
valid_iso_file_path: "iso_file_path validated"
ethernet_switch_support_success_msg: "ethernet_switch_support validated"
ethernet_switch_support_fail_msg: "Failed. ethernet_switch_support only accepts boolean values true or false"
ib_switch_support_success_msg: "ib_switch_support validated"
ib_switch_support_fail_msg: "Failed. ib_switch_support only accepts boolean values true or false"
powervault_support_success_msg: "powervault_support validated"
powervault_support_fail_msg: "Failed. power_vault_support only accepts boolean values true or false"
success_msg_mngmnt_network_nic: "Management network nic successfully validated"
fail_msg_mngmnt_network_nic: "Failed. Incorrect Management network nic provided in base_vars.yml"
success_msg_host_network_nic: "Host network nic successfully validated"
fail_msg_host_network_nic: "Failed. Incorrect host network nic provided in base_vars.yml"
success_msg_ib_network_nic: "Infiniband network nic successfully validated"
fail_msg_ib_network_nic: "Failed. Incorrect infiniband network nic provided in base_vars.yml"
success_dhcp_range: "Dhcp_range validated"
fail_dhcp_range: "Failed. Incorrect range assigned for dhcp"
invalid_mapping_file_path: "Incorrect mapping_file_path provided in base_vars.yml"
success_msg_different_nics: "The nics of different containers and public nic are not the same - Validated"
fail_msg_different_nics: "Failed. Incorrect nic information. public nic, management network nic and host network nic should not be the same"
success_msg_different_nics_ib: "The nics of different containers and public nic are not the same as infiniband nic- Validated"
fail_msg_different_nics_ib: "Failed. Infiniband nic cannot be the same as other nics"
success_msg_lease_time: "Default lease time validated"
fail_msg_lease_time: "Failed. Please provide a valid default lease time"
provision_os_success_msg: "provision_os validated"
provision_os_fail_msg: "Failed. Incorrect provision_os selected. Supported OS are {{ os_supported_centos }} or {{ os_supported_rocky }}"
provision_state_success_msg: "provision_state validated"
provision_state_fail_msg: "Failed. Incorrect provision_state selected. Supported only stateful"
enable_security_support_success_msg: "enable_security_support validated"
enable_security_support_fail_msg: "Failed. enable_security_support only accepts boolean values true or false"
dns_empty_warning_msg: "[WARNING] primary_dns and secondary_dns is empty. DHCP routing in compute nodes for internet access won't be configured. Stop and re-run control_plane.yml, if DHCP routing is required."
primary_dns_empty_msg: "primary_dns is empty and secondary_dns provided. If one dns entry present, provide primary_dns only."
primary_dns_success_msg: "primary_dns successfully validated"
primary_dns_fail_msg: "Failed. Incorrect primary_dns provided in base_vars.yml"
primary_dns_not_reachable_msg: "Failed. primary_dns is not reachable. Provide valid dns"
secondary_dns_success_msg: "secondary_dns successfully validated"
secondary_dns_fail_msg: "Failed. Incorrect secondary_dns provided in base_vars.yml"
secondary_dns_not_reachable_msg: "[WARNING] secondary_dns is not reachable"
ping_search_key: "100% packet loss"
success_device_config: " Success. Device_config_support has valid values"
fail_device_config: "Failed. Give a valid value in device_config_support"
device_ip_list_not_supported: "[Warning] Device_ip_list is invalid as minimum idrac_support should be true"
mgmnt_device_fail: "Failed. Container already present. Either delete the container or make device_config_support as true"

# Usage: ip_metric.yml
public_metric: 101
mngmnt_metric: 102
host_metric: 103
ib_metric: 150

# Usage: device_config_validations
success_msg_ib: "Infiniband variables validated"
fail_msg_ib: "Failed. Please provide all the InfiniBand related parameters in base_vars.yml"
ethernet_device_config: " Ethernet_switch_support will be set to false only since device_config_support is set to false"
ib_device_config: " Ib_switch_support will be set to false only since device_config_support is set to false"
pv_device_config: " Powervault_support will be set to false only since device_config_support is set to false"
idrac_support_valid: "Idrac support is initiated."
failed_idrac_support: " Failed. Atleast idrac_support should be true."

# Usage: fetch_sm_inputs.yml
ib_config_file: "{{ role_path }}/../../input_params/ib_vars.yml"
opensm_conf_file: "{{ role_path }}/../../input_params/opensm.conf"
fail_msg_config_file: ib_vars.yml file doesn't exist.
fail_msg_opensm_config_file: opensm.conf file doesn't exist.
fail_msg_ib_input_definition: Infiniband config directories must be defined.
fail_msg_ib_input: Infiniband config directories can't be left empty.

# Usage: encrypt_idrac_2fa_vars.yml
idrac_tools_vaultname: input_params/.idrac_vault_key
idrac_tools_vars_filename: input_params/idrac_tools_vars.yml

# Usage: nfs_server_setup.yml
nfs_share_offline_repo: /var/nfs_repo
nfs_share_awx: /var/nfs_awx
nfs_share_dir_mode: 0777
exports_file_path: /etc/exports
nfs_services:
  - mountd
  - rpc-bind
  - nfs

# Usage: validate_host_mapping_file.yml
fail_msg_mapping_file: "Mapping file doesn't exist at given path: "
mapping_file_key: "MAC"
fail_mapping_file_header: "Header of csv file is not in correct format.
                          It should be of the format: MAC,Hostname,IP,Component_role or MAC,Hostname,IP"
host_mapping_header_format: "MAC,Hostname,IP"
host_mapping_header_with_role_format: "MAC,Hostname,IP,Component_role"
fail_mapping_file_field_seperation: "Failed: Mapping file should be comma separated and all fields must be filled."
fail_mapping_file_duplicate_ip: "Failed: Duplicate ip exists. Please verify following mapping file again: "
fail_mapping_file_duplicate_hostname: "Failed: Duplicate hostname exists. Please verify host mapping file again."
fail_mapping_file_hostname_chars: "Hostname should not contain _ or . or space as it will cause error with slurm and K8s. Found in: "
fail_mapping_file_roles_error: "Failed. Define correct Component Roles for each node.
                                Component roles can only take values: {{ group_name_manager }}, {{group_name_compute}},
                                 {{ group_name_login }}, {{ group_name_nfs }}"
fail_mapping_file_manager_role: "Exactly 1 manager node must be defined"
fail_mapping_file_compute_role: "Atleast 1 compute node must be defined"
fail_mapping_file_login_role: "Exactly 1 login node must be defined or login_node_required must be true in omnia_config.yml"
fail_mapping_file_nfs_role: "Exactly 1 nfs node must be defined or powervault_support must be true in base_vars.yml"
count_of_roles_defined: "Component Roles defined: Manager Node: {{ count_of_manager }},
                        Compute Nodes: {{ count_of_compute }}, Login Node: {{ count_of_login }},
                        Nfs Node: {{ count_of_nfs_node }}, Total Nodes: {{ count_total_items }} "
group_name_manager: "manager"
group_name_compute: "compute"
group_name_login: "login_node"
group_name_nfs: "nfs_node"

# Usage: validate_device_mapping_file.yml
fail_device_mapping_file_header: "Failed: Header (MAC,IP) should be present in the mapping file."
device_mapping_header_format: "MAC,IP"

# Usage: fetch_security_inputs.yml
security_vars_filename: "input_params/security_vars.yml"
input_security_failure_msg: "Please provide all the required parameters in security_vars.yml"
dom_name_length: '63'
dom_name_success_msg: "domain name successfully validated"
dom_name_fail_msg: "Failed. Incorrect format provided for domain name in security_vars.yml"
realm_success_msg: "realm_name successfully validated"
realm_fail_msg: "Failed. Incorrect realm_name format in security_vars.yml"
domain_name_blank_msg: "Failed. Domain name is not set in hostname It should have hostname.domain_name format"
server_domain_name_success: "Domain name in server hostname validated"
server_domain_name_fail: "Failed. Domain name set is not same as domain name in security_vars.yml"
hosts_file_path: /etc/hosts
hosts_file_mode: "0644"
hostname_blank_msg: "Failed. Domain name is not set in hostname or missing entries in /etc/hosts. It should have hostname.domain_name format."
server_hostname_success: "Hostname in server hostname validated"
server_hostname_fail: "Failed. Hostname set is not valid"
max_failures_success_msg: "max_failures successfully validated"
max_failures_fail_msg: "Failed. Incorrect max_failures value in security_vars.yml"
failure_reset_interval_success_msg: "failure_reset_interval successfully validated"
failure_reset_interval_fail_msg: "Failed. Incorrect failure_reset_interval value in security_vars.yml"
lockout_duration_success_msg: "lockout_duration successfully validated"
lockout_duration_fail_msg: "Failed. Incorrect lockout_duration value in security_vars.yml"
session_timeout_success_msg: "session_timeout successfully validated"
session_timeout_fail_msg: "Failed. Incorrect session_timeout value in security_vars.yml"
max_failures_default_value: 3
failure_reset_interval_min_value: 30
failure_reset_interval_max_value: 60
lockout_duration_min_value: 5
lockout_duration_max_value: 10
session_timeout_min_value: 90
session_timeout_max_value: 180
alert_email_success_msg: "alert_email_address successfully validated"
alert_email_fail_msg: "Failed. Incorrect alert_email_address value in security_vars.yml"
alert_email_warning_msg: "[WARNING] alert_email_address is empty. Authentication failure alerts won't be configured."
email_max_length: 320
email_search_key: "@"
user_success_msg: "user successfully validated"
user_fail_msg: "Failed. Incorrect user format in security_vars.yml"
allow_deny_success_msg: "Access successfully validated"
allow_deny_fail_msg: "Failed. Incorrect Access format in security_vars.yml"
restrict_program_support_success_msg: "restrict_program_support successfully validated"
restrict_program_support_failure_msg: "Failed. Accepted values are true or false."
restrict_softwares_success_msg: "restrict_softwares successfully validated"
restrict_softwares_failure_msg: "Warning. Values should be comma separated. The supported services are telnet, lpd, bluetooth, rlogin, rexec. Please check restrict_softwares variable"

# Usage: validate_idrac_vars.yml
idrac_input_filename: input_params/idrac_vars.yml
firmware_update_success_msg: "firmware_update_required validated"
firmware_update_fail_msg: "Failed. firmware_update_required accepts only true or false in idrac_vars.yml"
poweredge_model_success_msg: "poweredge_model validated"
poweredge_model_fail_msg: "Failed. poweredge_model is incorrect or unsupported. Please update the list with the supported models in the correct format"

# Usage: validate_device_ip_file.yml
fail_device_ip_format: "Failed.Incorrect file format. File should only contain IPs"
success_device_ip_format: "File is correct"
mgmnt_ip_path: "{{ role_path}}/../collect_device_info/files/mgmt_provisioned_hosts.yml"