Ansible: Add CIMC/IPMI/COBBLER

- added tasks and handlers for CIMC, IPMI, COBBLER
- allows provisioning of servers via COBBLER

Change-Id: I64080069260dabb8a6e3b648aeff12f109d3f7c2
Signed-off-by: Peter Mikus <pmikus@cisco.com>

19 files changed, 729 insertions, 54 deletions

diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/Dockerfile b/resources/tools/testbed-setup/ansible/roles/cobbler/files/Dockerfile
new file mode 100644
index 0000000000..8d70c0b495
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/Dockerfile
@@ -0,0 +1,96 @@
+# Copyright (c) 2019 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM centos:7
+
+MAINTAINER csit-dev <csit-dev@lists.fd.io>
+LABEL Description="CSIT cobbler service image."
+LABEL Version="0.1"
+
+# Build arguments
+ARG cobbler_sys_pass
+ARG cobbler_web_pass
+ARG cobbler_ip_addr
+ARG cobbler_http_port=60080
+ARG cobbler_https_port=60443
+
+# Install dependencies
+RUN yum -y install epel-release \
+    && yum -y install \
+        cobbler \
+        cobbler-web \
+        fence-agents \
+        python-pip \
+        curl \
+        dhcp \
+        bind \
+        file \
+        debmirror \
+        net-tools \
+        rsync \
+        pykickstart \
+        supervisor \
+        wget \
+        which \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+
+# Workaround for Cobbler 2.8.4 bug
+RUN pip2.7 install -U django==1.9.13
+
+# Copy CSIT configration
+COPY supervisord/supervisord.conf /etc/supervisord.conf
+COPY etc/cobbler/dhcp.template /etc/cobbler/dhcp.template
+COPY var/lib/cobbler/kickstarts/* /var/lib/cobbler/kickstarts/
+COPY etc/httpd/conf.d/cobbler_web.conf /etc/httpd/conf.d/cobbler_web.conf
+
+RUN sed -i \
+    -e "/^default_password_crypted/ s|:.*$|: \"${cobbler_sys_pass}\"|" \
+    -e "/^next_server:/ s/:.*$/: ${cobbler_ip_addr}/" \
+    -e "/^server/ s/:.*$/: ${cobbler_ip_addr}/" \
+    -e "/^http_port:/ s/:.*$/: ${cobbler_http_port}/" \
+    -e "/^pxe_just_once:/ s/:.*$/: 1/" \
+    -e "/^manage_dhcp:/ s/:.*$/: 1/" \
+    /etc/cobbler/settings \
+    && sed -i "s/service %s restart/supervisorctl restart %s/g" \
+    /usr/lib/python2.7/site-packages/cobbler/modules/sync_post_restart_services.py \
+    && sed -i "s/Listen 80/Listen ${cobbler_http_port}/g" \
+    /etc/httpd/conf/httpd.conf \
+    && sed -i "s/Listen 443 https/Listen ${cobbler_https_port} https/g" \
+    /etc/httpd/conf.d/ssl.conf
+
+# Change Cobbler WEB password
+RUN echo -n "cobbler:Cobbler:${cobbler_web_pass}" \
+    | md5sum \
+    | cut -d' ' -f1 \
+    | xargs printf "%s:%s:%s\n" cobbler Cobbler  > "/etc/cobbler/users.digest"
+
+# Create Cobbler directories
+RUN mkdir -p /var/lib/cobbler/config/distros.d \
+    && mkdir -p /var/lib/cobbler/config/files.d \
+    && mkdir -p /var/lib/cobbler/config/images.d \
+    && mkdir -p /var/lib/cobbler/config/mgmtclasses.d \
+    && mkdir -p /var/lib/cobbler/config/packages.d \
+    && mkdir -p /var/lib/cobbler/config/profiles.d \
+    && mkdir -p /var/lib/cobbler/config/repos.d \
+    && mkdir -p /var/lib/cobbler/config/systems.d \
+    && mkdir -p /var/www/cobbler/links/ \
+    && touch /usr/share/cobbler/web/cobbler.wsgi
+
+# Expose TFTP WWW COBBLER
+EXPOSE 69
+EXPOSE $cobbler_http_port
+EXPOSE $cobbler_https_port
+EXPOSE 25151
+
+ENTRYPOINT /usr/bin/supervisord -c /etc/supervisord.conf
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/cobbler/dhcp.template b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/cobbler/dhcp.template
new file mode 100644
index 0000000000..cf2fbdfe34
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/cobbler/dhcp.template
@@ -0,0 +1,86 @@
+# ******************************************************************
+# Cobbler managed dhcpd.conf file
+#
+# generated from cobbler dhcp.conf template ($date)
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
+# overwritten.
+#
+# ******************************************************************
+
+ddns-update-style interim;
+
+allow booting;
+allow bootp;
+
+ignore client-updates;
+set vendorclass = option vendor-class-identifier;
+
+option pxe-system-type code 93 = unsigned integer 16;
+
+subnet 10.30.51.0 netmask 255.255.255.0 {
+     option routers             10.30.51.1;
+     option domain-name         "linuxfoundation.org";
+     option domain-name-servers 199.204.44.24, 199.204.47.54;
+     option subnet-mask         255.255.255.0;
+     range dynamic-bootp        10.30.51.2 10.30.51.254;
+     default-lease-time         600;
+     max-lease-time             7200;
+     next-server                $next_server;
+     class "pxeclients" {
+          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
+          if option pxe-system-type = 00:02 {
+                  filename "ia64/elilo.efi";
+          } else if option pxe-system-type = 00:06 {
+                  filename "grub/grub-x86.efi";
+          } else if option pxe-system-type = 00:07 {
+                  filename "grub/grub-x86_64.efi";
+          } else {
+                  filename "pxelinux.0";
+          }
+     }
+}
+
+#for dhcp_tag in $dhcp_tags.keys():
+    ## group could be subnet if your dhcp tags line up with your subnets
+    ## or really any valid dhcpd.conf construct ... if you only use the
+    ## default dhcp tag in cobbler, the group block can be deleted for a
+    ## flat configuration
+# group for Cobbler DHCP tag: $dhcp_tag
+group {
+        #for mac in $dhcp_tags[$dhcp_tag].keys():
+            #set iface = $dhcp_tags[$dhcp_tag][$mac]
+    host $iface.name {
+        hardware ethernet $mac;
+        #if $iface.ip_address:
+        fixed-address $iface.ip_address;
+        #end if
+        #if $iface.hostname:
+        option host-name "$iface.hostname";
+        #end if
+        #if $iface.netmask:
+        option subnet-mask $iface.netmask;
+        #end if
+        #if $iface.gateway:
+        option routers $iface.gateway;
+        #end if
+        #if $iface.enable_gpxe:
+        if exists user-class and option user-class = "gPXE" {
+            filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
+        } else if exists user-class and option user-class = "iPXE" {
+            filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
+        } else {
+            filename "undionly.kpxe";
+        }
+        #else
+        filename "$iface.filename";
+        #end if
+        ## Cobbler defaults to $next_server, but some users
+        ## may like to use $iface.system.server for proxied setups
+        next-server $next_server;
+        ## next-server $iface.next_server;
+    }
+        #end for
+}
+#end for
+
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/httpd/conf.d/cobbler_web.conf b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/httpd/conf.d/cobbler_web.conf
new file mode 100644
index 0000000000..8b0f9863c1
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/httpd/conf.d/cobbler_web.conf
@@ -0,0 +1,33 @@
+# This configuration file enables the cobbler web
+# interface (django version)
+
+<Directory "/usr/share/cobbler/web/">
+        SetEnv VIRTUALENV
+        Options Indexes MultiViews
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+</Directory>
+
+<Directory "/var/www/cobbler_webui_content/">
+        Options +Indexes +FollowSymLinks
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+</Directory>
+
+# Use separate process group for wsgi
+WSGISocketPrefix /var/run/wsgi
+WSGIScriptAlias /cobbler_web /usr/share/cobbler/web/cobbler.wsgi
+WSGIDaemonProcess cobbler_web display-name=%{GROUP}
+WSGIProcessGroup cobbler_web
+WSGIPassAuthorization On
+
+<IfVersion >= 2.4>
+    <Location /cobbler_web>
+        Require all granted
+    </Location>
+    <Location /cobbler_webui_content>
+        Require all granted
+    </Location>
+</IfVersion>
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/supervisord/supervisord.conf b/resources/tools/testbed-setup/ansible/roles/cobbler/files/supervisord/supervisord.conf
new file mode 100644
index 0000000000..4ac5af8f99
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/supervisord/supervisord.conf
@@ -0,0 +1,42 @@
+[unix_http_server]
+file=/run/supervisor.sock
+
+[supervisord]
+pidfile=/var/run/supervisord.pid
+identifier=supervisor
+directory=/run
+logfile=/var/log/supervisord.log
+loglevel=debug
+nodaemon=true
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///run/supervisor.sock
+
+[program:cobblerd]
+command=/usr/bin/cobblerd -F
+stdout_logfile=/var/log/supervisord.log
+stderr_logfile=/var/log/supervisord.log
+
+[program:httpd]
+command=/usr/sbin/httpd -DFOREGROUND
+stdout_logfile=/var/log/supervisord.log
+stderr_logfile=/var/log/supervisord.log
+
+[program:tftpd]
+command=/usr/sbin/in.tftpd --foreground --verbose --user root --permissive --blocksize 1380 --address 0.0.0.0:69 --secure /var/lib/tftpboot
+stdout_logfile=/var/log/supervisord.log
+stderr_logfile=/var/log/supervisord.log
+
+[program:rsyncd]
+command=/usr/bin/rsync --no-detach --daemon --config /etc/rsyncd.conf
+stopsignal=QUIT
+stdout_logfile=/var/log/supervisord.log
+stderr_logfile=/var/log/supervisord.log
+
+[program:dhcpd]
+command=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
+stdout_logfile=/var/log/supervisord.log
+stderr_logfile=/var/log/supervisord.log
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed b/resources/tools/testbed-setup/ansible/roles/cobbler/files/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed
new file mode 100644
index 0000000000..250701232c
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed
@@ -0,0 +1,137 @@
+#### Contents of the preconfiguration file (for Ubuntu 18.04 Server LTS)
+
+### Localization
+# Locale sets language and country.
+d-i debian-installer/locale string en_US
+d-i pkgsel/install-language-support boolean false
+# Keyboard selection.
+# Disable automatic (interactive) keymap detection.
+d-i console-setup/ask_detect boolean false
+d-i console-setup/layoutcode string us
+
+### Network configuration
+# netcfg will choose an interface that has link if possible. This makes it
+# skip displaying a list if there is more than one interface.
+d-i netcfg/choose_interface select auto
+# If you have a slow dhcp server and the installer times out waiting for
+# it, this might be useful.
+d-i netcfg/dhcp_timeout string 60
+# If you prefer to configure the network manually, uncomment this line and
+# the static network configuration below.
+#d-i netcfg/disable_dhcp boolean true
+# If you want the preconfiguration file to work on systems both with and
+# without a dhcp server, uncomment these lines and the static network
+# configuration below.
+d-i netcfg/dhcp_failed note
+#d-i netcfg/dhcp_options select Configure network manually
+# Static network configuration.
+#d-i netcfg/get_nameservers string 172.30.0.2
+#d-i netcfg/get_ipaddress string 172.30.15.42
+#d-i netcfg/get_netmask string 255.255.0.0
+#d-i netcfg/get_gateway string 172.30.0.1
+#d-i netcfg/confirm_static boolean true
+# Any hostname and domain names assigned from dhcp take precedence over
+# values set here. However, setting the values still prevents the questions
+# from being shown, even if values come from dhcp.
+d-i netcfg/get_hostname string unassigned-hostname
+d-i netcfg/get_domain string unassigned-domain
+# Disable WEP key dialog.
+d-i netcfg/wireless_wep string
+# Alternatively: by default, the installer uses CC.archive.ubuntu.com where
+# CC is the ISO-3166-2 code for the selected country. You can preseed this
+# so that it does so without asking.
+d-i mirror/http/mirror select us.archive.ubuntu.com
+
+### Mirror settings
+d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
+
+### Clock and time zone setup
+# Controls whether or not the hardware clock is set to UTC.
+d-i clock-setup/utc boolean true
+# You may set this to any valid setting for $TZ; see the contents of
+# /usr/share/zoneinfo/ for valid values.
+d-i time/zone string America/Los_Angeles
+# Controls whether to use NTP to set the clock during the install
+d-i clock-setup/ntp boolean false
+
+### Partitioning
+## If the system has free space you can choose to only partition that space.
+# Alternatives: custom, some_device, some_device_crypto, some_device_lvm.
+d-i partman-auto/init_automatically_partition select some_device
+# Alternatively, you can specify a disk to partition. The device name must
+# be given in traditional non-devfs format.
+d-i partman-auto/disk string /dev/sda
+# In addition, you'll need to specify the method to use.
+# The presently available methods are: "regular", "lvm" and "crypto"
+d-i partman-auto/method string regular
+# If one of the disks that are going to be automatically partitioned
+# contains an old LVM configuration, the user will normally receive a
+# warning. This can be preseeded away...
+d-i partman-lvm/device_remove_lvm boolean true
+# The same applies to pre-existing software RAID array:
+d-i partman-md/device_remove_md boolean true
+# And the same goes for the confirmation to write the lvm partitions.
+d-i partman-lvm/confirm boolean true
+# You can choose one of the three predefined partitioning recipes:
+# - atomic: all files in one partition
+# - home:   separate /home partition
+# - multi:  separate /home, /usr, /var, and /tmp partitions
+d-i partman-auto/choose_recipe select atomic
+# If you just want to change the default filesystem from ext3 to something
+# else, you can do that without providing a full recipe.
+d-i partman/default_filesystem string ext4
+# This makes partman automatically partition without confirmation, provided
+# that you told it what to do using one of the methods above.
+d-i partman/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+### Account setup
+# Skip creation of a root account (normal user account will be able to
+# use sudo). The default is false; preseed this to true if you want to set
+# a root password.
+d-i passwd/root-login boolean false
+# Root password, either in clear text
+#d-i passwd/root-password password pass
+#d-i passwd/root-password-again password pass
+# or encrypted using an MD5 hash.
+#d-i passwd/root-password-crypted password f4f1d7b6738330f521de21da3f563bce
+# To create a normal user account.
+d-i passwd/user-fullname string testuser
+d-i passwd/username string testuser
+# Normal user's password, either in clear text
+d-i passwd/user-password password Csit1234
+d-i passwd/user-password-again password Csit1234
+# or encrypted using an MD5 hash.
+#d-i passwd/user-password-crypted password f4f1d7b6738330f521de21da3f563bce
+# The installer will warn about weak passwords. If you are sure you know
+# what you're doing and want to override it, uncomment this.
+d-i user-setup/allow-password-weak boolean true
+# Set to true if you want to encrypt the first user's home directory.
+d-i user-setup/encrypt-home boolean false
+
+### Package selection
+tasksel tasksel/first multiselect ubuntu-server
+# Individual additional packages to install
+d-i pkgsel/include string openssh-server python2.7
+# Whether to upgrade packages after debootstrap.
+# Allowed values: none, safe-upgrade, full-upgrade
+#d-i pkgsel/upgrade select none
+# Policy for applying updates. May be "none" (no automatic updates),
+# "unattended-upgrades" (install security updates automatically), or
+# "landscape" (manage system with Landscape).
+d-i pkgsel/update-policy select none
+
+### Boot loader installation
+d-i grub-installer/bootdev string default
+# This is fairly safe to set, it makes grub install automatically to the MBR
+# if no other operating system is detected on the machine.
+d-i grub-installer/only_debian boolean false
+# This one makes grub-installer install to the MBR if it also finds some other
+# OS, which is less safe as it might not be able to boot that other OS.
+d-i grub-installer/with_other_os boolean false
+
+### Finishing up the installation
+# Avoid that last message about the install being complete.
+d-i finish-install/reboot_in_progress note
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/main.yaml
new file mode 100644
index 0000000000..f48a976ea1
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/main.yaml
@@ -0,0 +1,45 @@
+---
+# file: roles/cobbler/tasks/main.yaml
+
+- name: Sync the cobbler docker directory
+  synchronize:
+    src: 'files'
+    dest: '/home/{{ ansible_user }}/cobbler_docker'
+  register: __cobbler_image_built
+  tags: cobbler-build-image
+
+- name: Build the cobbler docker image
+  docker_image:
+     path: '/home/{{ ansible_user }}/cobbler_docker/files'
+     name: 'csit/cobbler'
+     buildargs:
+       cobbler_pass: '{{ cobbler_pass }}'
+       cobbler_web_pass: '{{ cobbler_password }}'
+       cobbler_ip_addr: '{{ inventory_hostname }}'
+  when: __cobbler_image_built
+  tags: cobbler-build-image
+
+- name: Run Cobbler image
+  docker_container:
+    name: 'cobbler'
+    image: 'csit/cobbler'
+    network_mode: 'host'
+    volumes:
+      - '/mnt:/mnt:ro'
+  register: __cobbler_image_running
+  tags: cobbler-run-image
+
+- name: Run cobbler setup get-loaders
+  command: 'docker exec -i cobbler cobbler get-loaders'
+  when: __cobbler_image_running
+  tags: cobbler-run-image
+
+- name: Run cobbler setup sync
+  command: 'docker exec -i cobbler cobbler sync'
+  when: __cobbler_image_running
+  tags: cobbler-run-image
+
+- name: Add Ubuntu 18.04.2 Server x86_64 to cobbler
+  include_tasks: 'ubuntu-18.04.2-server-x86_64.yaml'
+  when: __cobbler_image_running
+  tags: cobbler-run-image
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml
new file mode 100644
index 0000000000..2c89234de2
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml
@@ -0,0 +1,35 @@
+---
+# file: roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml
+
+- name: Download Ubuntu 18.04.2 Server x86_64 with check (sha256)
+  get_url:
+    url: 'http://cdimage.ubuntu.com/ubuntu/releases/18.04/release/ubuntu-18.04.2-server-amd64.iso'
+    dest: '/mnt/ubuntu-18.04.2-server-amd64.iso'
+    checksum: 'sha256:a2cb36dc010d98ad9253ea5ad5a07fd6b409e3412c48f1860536970b073c98f5'
+  register: __iso_downloaded
+  tags: cobbler-import-image
+
+- name: Create directory for Ubuntu 18.04.2 Server x86_64 mount
+  file:
+    path: '/mnt/ubuntu-18.04.2-server-x86_64'
+    state: 'directory'
+  register: __mount_directory_created
+  tags: cobbler-import-image
+
+- name: Mount Ubuntu 18.04.2 Server x86_64 iso
+  mount:
+    src: '/mnt/ubuntu-18.04.2-server-amd64.iso'
+    path: '/mnt/ubuntu-18.04.2-server-x86_64'
+    fstype: 'iso9660'
+    opts: 'ro,loop'
+    state: mounted
+  when: __iso_downloaded and __mount_directory_created
+  tags: cobbler-import-image
+
+- name: Run cobbler distro import for Ubuntu 18.04.2 Server x86_64
+  command: |
+      docker exec -i cobbler cobbler import
+      --path=/mnt/ubuntu-18.04.2-server-x86_64
+      --name=ubuntu-18.04.2-server-x86_64
+      --kickstart=/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed
+  tags: cobbler-import-image
diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/cimc.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/cimc.yaml
new file mode 100644
index 0000000000..e31d712d4d
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/common/handlers/cimc.yaml
@@ -0,0 +1,69 @@
+---
+# file: roles/common/handlers/cimc.yaml
+
+- name: Boot from network
+  imc_rest:
+    hostname: '{{ inventory_cimc_hostname }}'
+    username: '{{ inventory_cimc_username }}'
+    password: '{{ inventory_cimc_password }}'
+    validate_certs: no
+    content: |
+      <!-- Configure PXE boot -->
+      <configConfMo><inConfig>
+        <lsbootLan dn="sys/rack-unit-1/boot-policy/lan-read-only" access="read-only" order="1" prot="pxe" type="lan"/>
+      </inConfig></configConfMo>
+  delegate_to: localhost
+  tags: boot-network
+
+- name: Boot from storage
+  imc_rest:
+    hostname: '{{ inventory_cimc_hostname }}'
+    username: '{{ inventory_cimc_username }}'
+    password: '{{ inventory_cimc_password }}'
+    validate_certs: no
+    content: |
+      <configConfMo><inConfig>
+        <lsbootStorage dn="sys/rack-unit-1/boot-policy/storage-read-write" access="read-write" order="1" type="storage"/>
+      </inConfig></configConfMo>
+  delegate_to: localhost
+  tags: boot-storage
+
+- name: Power up server
+  imc_rest:
+    hostname: '{{ inventory_cimc_hostname }}'
+    username: '{{ inventory_cimc_username }}'
+    password: '{{ inventory_cimc_password }}'
+    validate_certs: no
+    content: |
+      <configConfMo><inConfig>
+        <computeRackUnit dn="sys/rack-unit-1" adminPower="up"/>
+      </inConfig></configConfMo>
+  delegate_to: localhost
+  tags: power-up
+
+- name: Power down server
+  imc_rest:
+    hostname: '{{ inventory_cimc_hostname }}'
+    username: '{{ inventory_cimc_username }}'
+    password: '{{ inventory_cimc_password }}'
+    validate_certs: no
+    content: |
+      <configConfMo><inConfig>
+        <computeRackUnit dn="sys/rack-unit-1" adminPower="down"/>
+      </inConfig></configConfMo>
+  delegate_to: localhost
+  tags: power-down
+
+- name: Power cycle server
+  imc_rest:
+    hostname: '{{ inventory_cimc_hostname }}'
+    username: '{{ inventory_cimc_username }}'
+    password: '{{ inventory_cimc_password }}'
+    validate_certs: no
+    content: |
+      <!-- Power cycle server -->
+      <configConfMo><inConfig>
+        <computeRackUnit dn="sys/rack-unit-1" adminPower="cycle-immediate"/>
+      </inConfig></configConfMo>
+  delegate_to: localhost
+  tags: power-cycle
diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/ipmi.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/ipmi.yaml
new file mode 100644
index 0000000000..6252cc04fd
--- /dev/null
+++ b/resources/tools/testbed-setup/ansible/roles/common/handlers/ipmi.yaml
@@ -0,0 +1,47 @@
+---
+# file: roles/common/handlers/ipmi.yaml
+
+- name: Boot from network
+  ipmi_boot:
+    name: '{{ inventory_ipmi_hostname }}'
+    user: '{{ inventory_ipmi_username }}'
+    password: '{{ inventory_ipmi_password }}'
+    bootdev: network
+  delegate_to: localhost
+  tags: boot-network
+
+- name: Boot from storage
+  ipmi_boot:
+    name: '{{ inventory_ipmi_hostname }}'
+    user: '{{ inventory_ipmi_username }}'
+    password: '{{ inventory_ipmi_password }}'
+    bootdev: hd
+  delegate_to: localhost
+  tags: boot-storage
+
+- name: Power up server
+  ipmi_power:
+    name: '{{ inventory_ipmi_hostname }}'
+    user: '{{ inventory_ipmi_username }}'
+    password: '{{ inventory_ipmi_password }}'
+    state: on
+  delegate_to: localhost
+  tags: power-up
+
+- name: Power down server
+  ipmi_power:
+    name: '{{ inventory_ipmi_hostname }}'
+    user: '{{ inventory_ipmi_username }}'
+    password: '{{ inventory_ipmi_password }}'
+    state: off
+  delegate_to: localhost
+  tags: power-down
+
+- name: Power cycle server
+  ipmi_power:
+    name: '{{ inventory_ipmi_hostname }}'
+    user: '{{ inventory_ipmi_username }}'
+    password: '{{ inventory_ipmi_password }}'
+    state: boot
+  delegate_to: localhost
+  tags: power-cycle
diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml
index bdcf6832f4..f994afdc60 100644
--- a/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml
@@ -1,6 +1,30 @@
 ---
 # file: roles/common/handlers/main.yaml
 
+- name: IPMI specific
+  import_tasks: ipmi.yaml
+  when: inventory_ipmi_hostname is defined
+  tags: ipmi-handlers
+
+- name: CIMC specific
+  import_tasks: cimc.yaml
+  when: inventory_cimc_hostname is defined
+  tags: cimc-handlers
+
 - name: Update GRUB
   command: update-grub
   tags: update-grub
+
+- name: Reboot server
+  reboot:
+    reboot_timeout: 3600
+  tags: reboot-server
+
+- name: Wait for server to restart
+  wait_for:
+    host: '{{ inventory_hostname }}'
+    search_regex: OpenSSH
+    port: 22
+    delay: 60
+    timeout: 3600
+  tags: reboot-server
diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/reboot.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/reboot.yaml
deleted file mode 100644
index 01e1eb1b6b..0000000000
--- a/resources/tools/testbed-setup/ansible/roles/common/handlers/reboot.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# file roles/common/handlers/reboot.yaml
-
-- name: Reboot host
-  command: shutdown -r now "Ansible updates triggered"
-  async: 0
-  poll: 0
-  ignore_errors: true
-  tags: reboot-host
-
-- name: Waiting for server to come back
-  local_action: wait_for host={{ inventory_hostname }}
-                state=started
-  tags: reboot-host
diff --git a/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml
index d7355883e0..43e83105ce 100644
--- a/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml
@@ -1,29 +1,62 @@
 ---
 # file: roles/common/tasks/main.yaml
 
+- name: Ensure the system exists in Cobbler
+  cobbler_system:
+    host: '{{ cobbler_hostname }}'
+    port: 60080
+    interfaces:
+      br1:
+        ipaddress: '{{ ansible_default_ipv4.address }}'
+        macaddress: '{{ ansible_default_ipv4.macaddress }}'
+    name: '{{ hostname }}'
+    password: '{{ cobbler_password }}'
+    properties:
+      hostname: '{{ hostname }}'
+      gateway: '{{ ansible_default_ipv4.gateway }}'
+      profile: '{{ cobbler_profile }}'
+      name_servers: '{{ name_servers }}'
+      name_servers_search: '{{ name_servers_search }}'
+      kickstart: '/var/lib/cobbler/kickstarts/{{ cobbler_profile }}.seed'
+      kernel_options: '"interface={{ ansible_default_ipv4.interface }}"'
+      netboot_enabled: yes
+    username: '{{ cobbler_username }}'
+    use_ssl: no
+    validate_certs: no
+  when: provision_enabled
+  delegate_to: localhost
+  tags: cobbler-include
+
+- name: Commit Cobbler changes
+  cobbler_sync:
+    host: '{{ cobbler_hostname }}'
+    port: 60080
+    password: '{{ cobbler_password }}'
+    username: '{{ cobbler_username }}'
+    use_ssl: no
+    validate_certs: no
+  run_once: yes
+  when: provision_enabled
+  delegate_to: localhost
+  register: __included_in_cobbler
+  notify:
+    - 'Boot from network'
+    - 'Reboot server'
+  tags: cobbler-include
+
+- meta: flush_handlers
+
 - name: Add permanent proxy settings
   lineinfile:
-    path: "/etc/environment"
-    state: "present"
-    line: "{{ item.key }}={{ item.value }}"
-  with_dict: "{{ proxy_env }}"
+    path: '/etc/environment'
+    state: 'present'
+    line: '{{ item.key }}={{ item.value }}'
+  with_dict: '{{ proxy_env }}'
   when: proxy_env is defined
 
 - name: Install distribution - release - machine prerequisites
   include_tasks: '{{ ansible_distribution|lower }}_{{ ansible_distribution_release }}.yaml'
 
-- name: Set hostname
-  hostname:
-      name: '{{ hostname }}'
-  tags: set-hostname
-
-- name: Ensure hostname is in /etc/hosts
-  lineinfile:
-    path: '/etc/hosts'
-    regexp: '^{{ ansible_default_ipv4.address }}.+$'
-    line: '{{ ansible_default_ipv4.address }} {{ hostname }}.{{ name_servers_search }}'
-  tags: set-hostname
-
 - name: Set sudoers admin
   lineinfile:
     path: '/etc/sudoers'
@@ -49,13 +82,9 @@
    owner: 'root'
    group: 'root'
    mode: '644'
-  notify: ['Update GRUB']
+  notify:
+    - 'Update GRUB'
+    - 'Reboot server'
   tags: copy-grub
 
-- name: Add permanent proxy settings
-  lineinfile:
-    path: "/etc/environment"
-    state: "present"
-    line: "{{ item.key }}={{ item.value }}"
-  with_dict: "{{ proxy_env }}"
-  when: proxy_env is defined
+- meta: flush_handlers
diff --git a/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml b/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml
index 506cb3ace5..962c333276 100644
--- a/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml
@@ -20,6 +20,9 @@
       - 'python-cffi-backend'
       - 'python3-cffi'
       - 'python3-cffi-backend'
+      - 'libnuma-dev'
+      - 'lzop'
+      - 'lrzip'
     state: 'present'
     install_recommends: False
   tags: install-csit-dependencies
diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config
index 7a6ae9e468..694bff1f4f 100644
--- a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config
+++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config
@@ -9,4 +9,4 @@ network:
       dhcp4: false
       gateway4: {{ ansible_default_ipv4["gateway"] }}
       nameservers:
-        addresses: {{ name_servers }}
+        addresses: [ {{ name_servers }} ]
diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml
index 15a6803671..8fbcb29de0 100644
--- a/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml
@@ -6,3 +6,17 @@
     name: 'docker'
     state: 'restarted'
   tags: restart-docker
+
+- name: Reboot server
+  reboot:
+    reboot_timeout: 3600
+  tags: reboot-server
+
+- name: Wait for server to restart
+  wait_for:
+    host: '{{ inventory_hostname }}'
+    search_regex: OpenSSH
+    port: 22
+    delay: 60
+    timeout: 3600
+  tags: reboot-server
diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml
index 5c205b5a70..67c6c17220 100644
--- a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml
@@ -15,6 +15,8 @@
       - 'ca-certificates'
       - 'software-properties-common'
       - 'libnuma-dev'
+      - 'lzop'
+      - 'lrzip'
     state: 'present'
     install_recommends: False
   tags: install-csit-dependencies
diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml
index e5a2ad3c7a..dc0b685a7f 100644
--- a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml
@@ -1,18 +1,22 @@
 ---
 # file: roles/tg_sut/tasks/x86_64.yaml
 
+- name: Load msr by default
+  lineinfile:
+    path: '/etc/modules'
+    state: 'present'
+    line: 'msr'
+  tags: disable-turbo-boost
+
 - name: Configure x86_64 kernel parameters
   lineinfile:
     path: '/etc/default/grub'
     state: 'present'
     regexp: '^GRUB_CMDLINE_LINUX='
     line: 'GRUB_CMDLINE_LINUX="isolcpus={{ grub.isolcpus }} nohz_full={{ grub.nohz_full }} rcu_nocbs={{ grub.rcu_nocbs }} numa_balancing=disable intel_pstate=disable intel_iommu=on iommu=pt nmi_watchdog=0 audit=0 nosoftlockup processor.max_cstate=1 intel_idle.max_cstate=1 hpet=disable tsc=reliable mce=off"'
-  notify: ['Update GRUB']
+  notify:
+    - 'Update GRUB'
+    - 'Reboot server'
   tags: set-grub
 
-- name: Load msr by default
-  lineinfile:
-    path: '/etc/modules'
-    state: 'present'
-    line: 'msr'
-  tags: disable-turbo-boost
+- meta: flush_handlers
diff --git a/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml
index bda9dd4649..7b53dda7ab 100644
--- a/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml
@@ -1,11 +1,27 @@
 ---
 # file: roles/vpp_device/handlers/main.yaml
 
-- name: Enable csit-initialize-vfs.service
-  command: systemctl enable csit-initialize-vfs.service
-  tags: enable-vf-service
+- name: Start csit-initialize-vfs.service
+  systemd:
+    enabled: yes
+    state: started
+    name: csit-initialize-vfs.service
+  tags: start-vf-service
 
 - name: Update GRUB
   command: update-grub
   tags: update-grub
 
+- name: Reboot server
+  reboot:
+    reboot_timeout: 3600
+  tags: reboot-server
+
+- name: Wait for server to restart
+  wait_for:
+    host: '{{ inventory_hostname }}'
+    search_regex: OpenSSH
+    port: 22
+    delay: 60
+    timeout: 3600
+  tags: reboot-server
diff --git a/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml
index c3fbfeb1c6..97dec04d8f 100644
--- a/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml
@@ -10,21 +10,28 @@
    mode: '744'
   tags: copy-vf-script
 
-- name: Copy csit-initialize-vfs.service
+- name: Start csit-initialize-vfs.service
   copy:
    src: 'files/csit-initialize-vfs.service'
    dest: '/etc/systemd/system/'
    owner: 'root'
    group: 'root'
    mode: '644'
-  notify: ['Enable csit-initialize-vfs.service']
-  tags: copy-vf-service
+  notify:
+    - 'Start csit-initialize-vfs.service'
+  tags: start-vf-service
 
-- name: Set isolcpus and pstate parameter
+- meta: flush_handlers
+
+- name: Set hugepages in GRUB
   lineinfile:
     path: '/etc/default/grub'
     state: 'present'
     regexp: '^GRUB_CMDLINE_LINUX='
     line: 'GRUB_CMDLINE_LINUX="hugepagesz=2M hugepages={{ grub.nr_hugepages }}"'
-  notify: ['Update GRUB']
+  notify:
+    - 'Update GRUB'
+    - 'Reboot server'
   tags: set-grub
+
+- meta: flush_handlers