diff options
Diffstat (limited to 'resources/tools/testbed-setup/ansible/roles')
19 files changed, 729 insertions, 54 deletions
diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/Dockerfile b/resources/tools/testbed-setup/ansible/roles/cobbler/files/Dockerfile new file mode 100644 index 0000000000..8d70c0b495 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/Dockerfile @@ -0,0 +1,96 @@ +# Copyright (c) 2019 Cisco and/or its affiliates. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM centos:7 + +MAINTAINER csit-dev <csit-dev@lists.fd.io> +LABEL Description="CSIT cobbler service image." +LABEL Version="0.1" + +# Build arguments +ARG cobbler_sys_pass +ARG cobbler_web_pass +ARG cobbler_ip_addr +ARG cobbler_http_port=60080 +ARG cobbler_https_port=60443 + +# Install dependencies +RUN yum -y install epel-release \ + && yum -y install \ + cobbler \ + cobbler-web \ + fence-agents \ + python-pip \ + curl \ + dhcp \ + bind \ + file \ + debmirror \ + net-tools \ + rsync \ + pykickstart \ + supervisor \ + wget \ + which \ + && yum clean all \ + && rm -rf /var/cache/yum + +# Workaround for Cobbler 2.8.4 bug +RUN pip2.7 install -U django==1.9.13 + +# Copy CSIT configration +COPY supervisord/supervisord.conf /etc/supervisord.conf +COPY etc/cobbler/dhcp.template /etc/cobbler/dhcp.template +COPY var/lib/cobbler/kickstarts/* /var/lib/cobbler/kickstarts/ +COPY etc/httpd/conf.d/cobbler_web.conf /etc/httpd/conf.d/cobbler_web.conf + +RUN sed -i \ + -e "/^default_password_crypted/ s|:.*$|: \"${cobbler_sys_pass}\"|" \ + -e "/^next_server:/ s/:.*$/: ${cobbler_ip_addr}/" \ + -e "/^server/ s/:.*$/: ${cobbler_ip_addr}/" \ + -e "/^http_port:/ s/:.*$/: ${cobbler_http_port}/" \ + -e "/^pxe_just_once:/ s/:.*$/: 1/" \ + -e "/^manage_dhcp:/ s/:.*$/: 1/" \ + /etc/cobbler/settings \ + && sed -i "s/service %s restart/supervisorctl restart %s/g" \ + /usr/lib/python2.7/site-packages/cobbler/modules/sync_post_restart_services.py \ + && sed -i "s/Listen 80/Listen ${cobbler_http_port}/g" \ + /etc/httpd/conf/httpd.conf \ + && sed -i "s/Listen 443 https/Listen ${cobbler_https_port} https/g" \ + /etc/httpd/conf.d/ssl.conf + +# Change Cobbler WEB password +RUN echo -n "cobbler:Cobbler:${cobbler_web_pass}" \ + | md5sum \ + | cut -d' ' -f1 \ + | xargs printf "%s:%s:%s\n" cobbler Cobbler > "/etc/cobbler/users.digest" + +# Create Cobbler directories +RUN mkdir -p /var/lib/cobbler/config/distros.d \ + && mkdir -p /var/lib/cobbler/config/files.d \ + && mkdir -p /var/lib/cobbler/config/images.d \ + && mkdir -p /var/lib/cobbler/config/mgmtclasses.d \ + && mkdir -p /var/lib/cobbler/config/packages.d \ + && mkdir -p /var/lib/cobbler/config/profiles.d \ + && mkdir -p /var/lib/cobbler/config/repos.d \ + && mkdir -p /var/lib/cobbler/config/systems.d \ + && mkdir -p /var/www/cobbler/links/ \ + && touch /usr/share/cobbler/web/cobbler.wsgi + +# Expose TFTP WWW COBBLER +EXPOSE 69 +EXPOSE $cobbler_http_port +EXPOSE $cobbler_https_port +EXPOSE 25151 + +ENTRYPOINT /usr/bin/supervisord -c /etc/supervisord.conf diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/cobbler/dhcp.template b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/cobbler/dhcp.template new file mode 100644 index 0000000000..cf2fbdfe34 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/cobbler/dhcp.template @@ -0,0 +1,86 @@ +# ****************************************************************** +# Cobbler managed dhcpd.conf file +# +# generated from cobbler dhcp.conf template ($date) +# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes +# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be +# overwritten. +# +# ****************************************************************** + +ddns-update-style interim; + +allow booting; +allow bootp; + +ignore client-updates; +set vendorclass = option vendor-class-identifier; + +option pxe-system-type code 93 = unsigned integer 16; + +subnet 10.30.51.0 netmask 255.255.255.0 { + option routers 10.30.51.1; + option domain-name "linuxfoundation.org"; + option domain-name-servers 199.204.44.24, 199.204.47.54; + option subnet-mask 255.255.255.0; + range dynamic-bootp 10.30.51.2 10.30.51.254; + default-lease-time 600; + max-lease-time 7200; + next-server $next_server; + class "pxeclients" { + match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; + if option pxe-system-type = 00:02 { + filename "ia64/elilo.efi"; + } else if option pxe-system-type = 00:06 { + filename "grub/grub-x86.efi"; + } else if option pxe-system-type = 00:07 { + filename "grub/grub-x86_64.efi"; + } else { + filename "pxelinux.0"; + } + } +} + +#for dhcp_tag in $dhcp_tags.keys(): + ## group could be subnet if your dhcp tags line up with your subnets + ## or really any valid dhcpd.conf construct ... if you only use the + ## default dhcp tag in cobbler, the group block can be deleted for a + ## flat configuration +# group for Cobbler DHCP tag: $dhcp_tag +group { + #for mac in $dhcp_tags[$dhcp_tag].keys(): + #set iface = $dhcp_tags[$dhcp_tag][$mac] + host $iface.name { + hardware ethernet $mac; + #if $iface.ip_address: + fixed-address $iface.ip_address; + #end if + #if $iface.hostname: + option host-name "$iface.hostname"; + #end if + #if $iface.netmask: + option subnet-mask $iface.netmask; + #end if + #if $iface.gateway: + option routers $iface.gateway; + #end if + #if $iface.enable_gpxe: + if exists user-class and option user-class = "gPXE" { + filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; + } else if exists user-class and option user-class = "iPXE" { + filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner"; + } else { + filename "undionly.kpxe"; + } + #else + filename "$iface.filename"; + #end if + ## Cobbler defaults to $next_server, but some users + ## may like to use $iface.system.server for proxied setups + next-server $next_server; + ## next-server $iface.next_server; + } + #end for +} +#end for + diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/httpd/conf.d/cobbler_web.conf b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/httpd/conf.d/cobbler_web.conf new file mode 100644 index 0000000000..8b0f9863c1 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/etc/httpd/conf.d/cobbler_web.conf @@ -0,0 +1,33 @@ +# This configuration file enables the cobbler web +# interface (django version) + +<Directory "/usr/share/cobbler/web/"> + SetEnv VIRTUALENV + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all +</Directory> + +<Directory "/var/www/cobbler_webui_content/"> + Options +Indexes +FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all +</Directory> + +# Use separate process group for wsgi +WSGISocketPrefix /var/run/wsgi +WSGIScriptAlias /cobbler_web /usr/share/cobbler/web/cobbler.wsgi +WSGIDaemonProcess cobbler_web display-name=%{GROUP} +WSGIProcessGroup cobbler_web +WSGIPassAuthorization On + +<IfVersion >= 2.4> + <Location /cobbler_web> + Require all granted + </Location> + <Location /cobbler_webui_content> + Require all granted + </Location> +</IfVersion> diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/supervisord/supervisord.conf b/resources/tools/testbed-setup/ansible/roles/cobbler/files/supervisord/supervisord.conf new file mode 100644 index 0000000000..4ac5af8f99 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/supervisord/supervisord.conf @@ -0,0 +1,42 @@ +[unix_http_server] +file=/run/supervisor.sock + +[supervisord] +pidfile=/var/run/supervisord.pid +identifier=supervisor +directory=/run +logfile=/var/log/supervisord.log +loglevel=debug +nodaemon=true + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl=unix:///run/supervisor.sock + +[program:cobblerd] +command=/usr/bin/cobblerd -F +stdout_logfile=/var/log/supervisord.log +stderr_logfile=/var/log/supervisord.log + +[program:httpd] +command=/usr/sbin/httpd -DFOREGROUND +stdout_logfile=/var/log/supervisord.log +stderr_logfile=/var/log/supervisord.log + +[program:tftpd] +command=/usr/sbin/in.tftpd --foreground --verbose --user root --permissive --blocksize 1380 --address 0.0.0.0:69 --secure /var/lib/tftpboot +stdout_logfile=/var/log/supervisord.log +stderr_logfile=/var/log/supervisord.log + +[program:rsyncd] +command=/usr/bin/rsync --no-detach --daemon --config /etc/rsyncd.conf +stopsignal=QUIT +stdout_logfile=/var/log/supervisord.log +stderr_logfile=/var/log/supervisord.log + +[program:dhcpd] +command=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid +stdout_logfile=/var/log/supervisord.log +stderr_logfile=/var/log/supervisord.log diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/files/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed b/resources/tools/testbed-setup/ansible/roles/cobbler/files/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed new file mode 100644 index 0000000000..250701232c --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/files/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed @@ -0,0 +1,137 @@ +#### Contents of the preconfiguration file (for Ubuntu 18.04 Server LTS) + +### Localization +# Locale sets language and country. +d-i debian-installer/locale string en_US +d-i pkgsel/install-language-support boolean false +# Keyboard selection. +# Disable automatic (interactive) keymap detection. +d-i console-setup/ask_detect boolean false +d-i console-setup/layoutcode string us + +### Network configuration +# netcfg will choose an interface that has link if possible. This makes it +# skip displaying a list if there is more than one interface. +d-i netcfg/choose_interface select auto +# If you have a slow dhcp server and the installer times out waiting for +# it, this might be useful. +d-i netcfg/dhcp_timeout string 60 +# If you prefer to configure the network manually, uncomment this line and +# the static network configuration below. +#d-i netcfg/disable_dhcp boolean true +# If you want the preconfiguration file to work on systems both with and +# without a dhcp server, uncomment these lines and the static network +# configuration below. +d-i netcfg/dhcp_failed note +#d-i netcfg/dhcp_options select Configure network manually +# Static network configuration. +#d-i netcfg/get_nameservers string 172.30.0.2 +#d-i netcfg/get_ipaddress string 172.30.15.42 +#d-i netcfg/get_netmask string 255.255.0.0 +#d-i netcfg/get_gateway string 172.30.0.1 +#d-i netcfg/confirm_static boolean true +# Any hostname and domain names assigned from dhcp take precedence over +# values set here. However, setting the values still prevents the questions +# from being shown, even if values come from dhcp. +d-i netcfg/get_hostname string unassigned-hostname +d-i netcfg/get_domain string unassigned-domain +# Disable WEP key dialog. +d-i netcfg/wireless_wep string +# Alternatively: by default, the installer uses CC.archive.ubuntu.com where +# CC is the ISO-3166-2 code for the selected country. You can preseed this +# so that it does so without asking. +d-i mirror/http/mirror select us.archive.ubuntu.com + +### Mirror settings +d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs + +### Clock and time zone setup +# Controls whether or not the hardware clock is set to UTC. +d-i clock-setup/utc boolean true +# You may set this to any valid setting for $TZ; see the contents of +# /usr/share/zoneinfo/ for valid values. +d-i time/zone string America/Los_Angeles +# Controls whether to use NTP to set the clock during the install +d-i clock-setup/ntp boolean false + +### Partitioning +## If the system has free space you can choose to only partition that space. +# Alternatives: custom, some_device, some_device_crypto, some_device_lvm. +d-i partman-auto/init_automatically_partition select some_device +# Alternatively, you can specify a disk to partition. The device name must +# be given in traditional non-devfs format. +d-i partman-auto/disk string /dev/sda +# In addition, you'll need to specify the method to use. +# The presently available methods are: "regular", "lvm" and "crypto" +d-i partman-auto/method string regular +# If one of the disks that are going to be automatically partitioned +# contains an old LVM configuration, the user will normally receive a +# warning. This can be preseeded away... +d-i partman-lvm/device_remove_lvm boolean true +# The same applies to pre-existing software RAID array: +d-i partman-md/device_remove_md boolean true +# And the same goes for the confirmation to write the lvm partitions. +d-i partman-lvm/confirm boolean true +# You can choose one of the three predefined partitioning recipes: +# - atomic: all files in one partition +# - home: separate /home partition +# - multi: separate /home, /usr, /var, and /tmp partitions +d-i partman-auto/choose_recipe select atomic +# If you just want to change the default filesystem from ext3 to something +# else, you can do that without providing a full recipe. +d-i partman/default_filesystem string ext4 +# This makes partman automatically partition without confirmation, provided +# that you told it what to do using one of the methods above. +d-i partman/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +### Account setup +# Skip creation of a root account (normal user account will be able to +# use sudo). The default is false; preseed this to true if you want to set +# a root password. +d-i passwd/root-login boolean false +# Root password, either in clear text +#d-i passwd/root-password password pass +#d-i passwd/root-password-again password pass +# or encrypted using an MD5 hash. +#d-i passwd/root-password-crypted password f4f1d7b6738330f521de21da3f563bce +# To create a normal user account. +d-i passwd/user-fullname string testuser +d-i passwd/username string testuser +# Normal user's password, either in clear text +d-i passwd/user-password password Csit1234 +d-i passwd/user-password-again password Csit1234 +# or encrypted using an MD5 hash. +#d-i passwd/user-password-crypted password f4f1d7b6738330f521de21da3f563bce +# The installer will warn about weak passwords. If you are sure you know +# what you're doing and want to override it, uncomment this. +d-i user-setup/allow-password-weak boolean true +# Set to true if you want to encrypt the first user's home directory. +d-i user-setup/encrypt-home boolean false + +### Package selection +tasksel tasksel/first multiselect ubuntu-server +# Individual additional packages to install +d-i pkgsel/include string openssh-server python2.7 +# Whether to upgrade packages after debootstrap. +# Allowed values: none, safe-upgrade, full-upgrade +#d-i pkgsel/upgrade select none +# Policy for applying updates. May be "none" (no automatic updates), +# "unattended-upgrades" (install security updates automatically), or +# "landscape" (manage system with Landscape). +d-i pkgsel/update-policy select none + +### Boot loader installation +d-i grub-installer/bootdev string default +# This is fairly safe to set, it makes grub install automatically to the MBR +# if no other operating system is detected on the machine. +d-i grub-installer/only_debian boolean false +# This one makes grub-installer install to the MBR if it also finds some other +# OS, which is less safe as it might not be able to boot that other OS. +d-i grub-installer/with_other_os boolean false + +### Finishing up the installation +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/main.yaml new file mode 100644 index 0000000000..f48a976ea1 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/main.yaml @@ -0,0 +1,45 @@ +--- +# file: roles/cobbler/tasks/main.yaml + +- name: Sync the cobbler docker directory + synchronize: + src: 'files' + dest: '/home/{{ ansible_user }}/cobbler_docker' + register: __cobbler_image_built + tags: cobbler-build-image + +- name: Build the cobbler docker image + docker_image: + path: '/home/{{ ansible_user }}/cobbler_docker/files' + name: 'csit/cobbler' + buildargs: + cobbler_pass: '{{ cobbler_pass }}' + cobbler_web_pass: '{{ cobbler_password }}' + cobbler_ip_addr: '{{ inventory_hostname }}' + when: __cobbler_image_built + tags: cobbler-build-image + +- name: Run Cobbler image + docker_container: + name: 'cobbler' + image: 'csit/cobbler' + network_mode: 'host' + volumes: + - '/mnt:/mnt:ro' + register: __cobbler_image_running + tags: cobbler-run-image + +- name: Run cobbler setup get-loaders + command: 'docker exec -i cobbler cobbler get-loaders' + when: __cobbler_image_running + tags: cobbler-run-image + +- name: Run cobbler setup sync + command: 'docker exec -i cobbler cobbler sync' + when: __cobbler_image_running + tags: cobbler-run-image + +- name: Add Ubuntu 18.04.2 Server x86_64 to cobbler + include_tasks: 'ubuntu-18.04.2-server-x86_64.yaml' + when: __cobbler_image_running + tags: cobbler-run-image diff --git a/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml new file mode 100644 index 0000000000..2c89234de2 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml @@ -0,0 +1,35 @@ +--- +# file: roles/cobbler/tasks/ubuntu-18.04.2-server-x86_64.yaml + +- name: Download Ubuntu 18.04.2 Server x86_64 with check (sha256) + get_url: + url: 'http://cdimage.ubuntu.com/ubuntu/releases/18.04/release/ubuntu-18.04.2-server-amd64.iso' + dest: '/mnt/ubuntu-18.04.2-server-amd64.iso' + checksum: 'sha256:a2cb36dc010d98ad9253ea5ad5a07fd6b409e3412c48f1860536970b073c98f5' + register: __iso_downloaded + tags: cobbler-import-image + +- name: Create directory for Ubuntu 18.04.2 Server x86_64 mount + file: + path: '/mnt/ubuntu-18.04.2-server-x86_64' + state: 'directory' + register: __mount_directory_created + tags: cobbler-import-image + +- name: Mount Ubuntu 18.04.2 Server x86_64 iso + mount: + src: '/mnt/ubuntu-18.04.2-server-amd64.iso' + path: '/mnt/ubuntu-18.04.2-server-x86_64' + fstype: 'iso9660' + opts: 'ro,loop' + state: mounted + when: __iso_downloaded and __mount_directory_created + tags: cobbler-import-image + +- name: Run cobbler distro import for Ubuntu 18.04.2 Server x86_64 + command: | + docker exec -i cobbler cobbler import + --path=/mnt/ubuntu-18.04.2-server-x86_64 + --name=ubuntu-18.04.2-server-x86_64 + --kickstart=/var/lib/cobbler/kickstarts/ubuntu-18.04.2-server-x86_64.seed + tags: cobbler-import-image diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/cimc.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/cimc.yaml new file mode 100644 index 0000000000..e31d712d4d --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/common/handlers/cimc.yaml @@ -0,0 +1,69 @@ +--- +# file: roles/common/handlers/cimc.yaml + +- name: Boot from network + imc_rest: + hostname: '{{ inventory_cimc_hostname }}' + username: '{{ inventory_cimc_username }}' + password: '{{ inventory_cimc_password }}' + validate_certs: no + content: | + <!-- Configure PXE boot --> + <configConfMo><inConfig> + <lsbootLan dn="sys/rack-unit-1/boot-policy/lan-read-only" access="read-only" order="1" prot="pxe" type="lan"/> + </inConfig></configConfMo> + delegate_to: localhost + tags: boot-network + +- name: Boot from storage + imc_rest: + hostname: '{{ inventory_cimc_hostname }}' + username: '{{ inventory_cimc_username }}' + password: '{{ inventory_cimc_password }}' + validate_certs: no + content: | + <configConfMo><inConfig> + <lsbootStorage dn="sys/rack-unit-1/boot-policy/storage-read-write" access="read-write" order="1" type="storage"/> + </inConfig></configConfMo> + delegate_to: localhost + tags: boot-storage + +- name: Power up server + imc_rest: + hostname: '{{ inventory_cimc_hostname }}' + username: '{{ inventory_cimc_username }}' + password: '{{ inventory_cimc_password }}' + validate_certs: no + content: | + <configConfMo><inConfig> + <computeRackUnit dn="sys/rack-unit-1" adminPower="up"/> + </inConfig></configConfMo> + delegate_to: localhost + tags: power-up + +- name: Power down server + imc_rest: + hostname: '{{ inventory_cimc_hostname }}' + username: '{{ inventory_cimc_username }}' + password: '{{ inventory_cimc_password }}' + validate_certs: no + content: | + <configConfMo><inConfig> + <computeRackUnit dn="sys/rack-unit-1" adminPower="down"/> + </inConfig></configConfMo> + delegate_to: localhost + tags: power-down + +- name: Power cycle server + imc_rest: + hostname: '{{ inventory_cimc_hostname }}' + username: '{{ inventory_cimc_username }}' + password: '{{ inventory_cimc_password }}' + validate_certs: no + content: | + <!-- Power cycle server --> + <configConfMo><inConfig> + <computeRackUnit dn="sys/rack-unit-1" adminPower="cycle-immediate"/> + </inConfig></configConfMo> + delegate_to: localhost + tags: power-cycle diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/ipmi.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/ipmi.yaml new file mode 100644 index 0000000000..6252cc04fd --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/common/handlers/ipmi.yaml @@ -0,0 +1,47 @@ +--- +# file: roles/common/handlers/ipmi.yaml + +- name: Boot from network + ipmi_boot: + name: '{{ inventory_ipmi_hostname }}' + user: '{{ inventory_ipmi_username }}' + password: '{{ inventory_ipmi_password }}' + bootdev: network + delegate_to: localhost + tags: boot-network + +- name: Boot from storage + ipmi_boot: + name: '{{ inventory_ipmi_hostname }}' + user: '{{ inventory_ipmi_username }}' + password: '{{ inventory_ipmi_password }}' + bootdev: hd + delegate_to: localhost + tags: boot-storage + +- name: Power up server + ipmi_power: + name: '{{ inventory_ipmi_hostname }}' + user: '{{ inventory_ipmi_username }}' + password: '{{ inventory_ipmi_password }}' + state: on + delegate_to: localhost + tags: power-up + +- name: Power down server + ipmi_power: + name: '{{ inventory_ipmi_hostname }}' + user: '{{ inventory_ipmi_username }}' + password: '{{ inventory_ipmi_password }}' + state: off + delegate_to: localhost + tags: power-down + +- name: Power cycle server + ipmi_power: + name: '{{ inventory_ipmi_hostname }}' + user: '{{ inventory_ipmi_username }}' + password: '{{ inventory_ipmi_password }}' + state: boot + delegate_to: localhost + tags: power-cycle diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml index bdcf6832f4..f994afdc60 100644 --- a/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml +++ b/resources/tools/testbed-setup/ansible/roles/common/handlers/main.yaml @@ -1,6 +1,30 @@ --- # file: roles/common/handlers/main.yaml +- name: IPMI specific + import_tasks: ipmi.yaml + when: inventory_ipmi_hostname is defined + tags: ipmi-handlers + +- name: CIMC specific + import_tasks: cimc.yaml + when: inventory_cimc_hostname is defined + tags: cimc-handlers + - name: Update GRUB command: update-grub tags: update-grub + +- name: Reboot server + reboot: + reboot_timeout: 3600 + tags: reboot-server + +- name: Wait for server to restart + wait_for: + host: '{{ inventory_hostname }}' + search_regex: OpenSSH + port: 22 + delay: 60 + timeout: 3600 + tags: reboot-server diff --git a/resources/tools/testbed-setup/ansible/roles/common/handlers/reboot.yaml b/resources/tools/testbed-setup/ansible/roles/common/handlers/reboot.yaml deleted file mode 100644 index 01e1eb1b6b..0000000000 --- a/resources/tools/testbed-setup/ansible/roles/common/handlers/reboot.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# file roles/common/handlers/reboot.yaml - -- name: Reboot host - command: shutdown -r now "Ansible updates triggered" - async: 0 - poll: 0 - ignore_errors: true - tags: reboot-host - -- name: Waiting for server to come back - local_action: wait_for host={{ inventory_hostname }} - state=started - tags: reboot-host diff --git a/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml index d7355883e0..43e83105ce 100644 --- a/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml +++ b/resources/tools/testbed-setup/ansible/roles/common/tasks/main.yaml @@ -1,29 +1,62 @@ --- # file: roles/common/tasks/main.yaml +- name: Ensure the system exists in Cobbler + cobbler_system: + host: '{{ cobbler_hostname }}' + port: 60080 + interfaces: + br1: + ipaddress: '{{ ansible_default_ipv4.address }}' + macaddress: '{{ ansible_default_ipv4.macaddress }}' + name: '{{ hostname }}' + password: '{{ cobbler_password }}' + properties: + hostname: '{{ hostname }}' + gateway: '{{ ansible_default_ipv4.gateway }}' + profile: '{{ cobbler_profile }}' + name_servers: '{{ name_servers }}' + name_servers_search: '{{ name_servers_search }}' + kickstart: '/var/lib/cobbler/kickstarts/{{ cobbler_profile }}.seed' + kernel_options: '"interface={{ ansible_default_ipv4.interface }}"' + netboot_enabled: yes + username: '{{ cobbler_username }}' + use_ssl: no + validate_certs: no + when: provision_enabled + delegate_to: localhost + tags: cobbler-include + +- name: Commit Cobbler changes + cobbler_sync: + host: '{{ cobbler_hostname }}' + port: 60080 + password: '{{ cobbler_password }}' + username: '{{ cobbler_username }}' + use_ssl: no + validate_certs: no + run_once: yes + when: provision_enabled + delegate_to: localhost + register: __included_in_cobbler + notify: + - 'Boot from network' + - 'Reboot server' + tags: cobbler-include + +- meta: flush_handlers + - name: Add permanent proxy settings lineinfile: - path: "/etc/environment" - state: "present" - line: "{{ item.key }}={{ item.value }}" - with_dict: "{{ proxy_env }}" + path: '/etc/environment' + state: 'present' + line: '{{ item.key }}={{ item.value }}' + with_dict: '{{ proxy_env }}' when: proxy_env is defined - name: Install distribution - release - machine prerequisites include_tasks: '{{ ansible_distribution|lower }}_{{ ansible_distribution_release }}.yaml' -- name: Set hostname - hostname: - name: '{{ hostname }}' - tags: set-hostname - -- name: Ensure hostname is in /etc/hosts - lineinfile: - path: '/etc/hosts' - regexp: '^{{ ansible_default_ipv4.address }}.+$' - line: '{{ ansible_default_ipv4.address }} {{ hostname }}.{{ name_servers_search }}' - tags: set-hostname - - name: Set sudoers admin lineinfile: path: '/etc/sudoers' @@ -49,13 +82,9 @@ owner: 'root' group: 'root' mode: '644' - notify: ['Update GRUB'] + notify: + - 'Update GRUB' + - 'Reboot server' tags: copy-grub -- name: Add permanent proxy settings - lineinfile: - path: "/etc/environment" - state: "present" - line: "{{ item.key }}={{ item.value }}" - with_dict: "{{ proxy_env }}" - when: proxy_env is defined +- meta: flush_handlers diff --git a/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml b/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml index 506cb3ace5..962c333276 100644 --- a/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml +++ b/resources/tools/testbed-setup/ansible/roles/sut/tasks/ubuntu_bionic.yaml @@ -20,6 +20,9 @@ - 'python-cffi-backend' - 'python3-cffi' - 'python3-cffi-backend' + - 'libnuma-dev' + - 'lzop' + - 'lrzip' state: 'present' install_recommends: False tags: install-csit-dependencies diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config index 7a6ae9e468..694bff1f4f 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config @@ -9,4 +9,4 @@ network: dhcp4: false gateway4: {{ ansible_default_ipv4["gateway"] }} nameservers: - addresses: {{ name_servers }} + addresses: [ {{ name_servers }} ] diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml index 15a6803671..8fbcb29de0 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/handlers/main.yaml @@ -6,3 +6,17 @@ name: 'docker' state: 'restarted' tags: restart-docker + +- name: Reboot server + reboot: + reboot_timeout: 3600 + tags: reboot-server + +- name: Wait for server to restart + wait_for: + host: '{{ inventory_hostname }}' + search_regex: OpenSSH + port: 22 + delay: 60 + timeout: 3600 + tags: reboot-server diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml index 5c205b5a70..67c6c17220 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu_bionic.yaml @@ -15,6 +15,8 @@ - 'ca-certificates' - 'software-properties-common' - 'libnuma-dev' + - 'lzop' + - 'lrzip' state: 'present' install_recommends: False tags: install-csit-dependencies diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml index e5a2ad3c7a..dc0b685a7f 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/x86_64.yaml @@ -1,18 +1,22 @@ --- # file: roles/tg_sut/tasks/x86_64.yaml +- name: Load msr by default + lineinfile: + path: '/etc/modules' + state: 'present' + line: 'msr' + tags: disable-turbo-boost + - name: Configure x86_64 kernel parameters lineinfile: path: '/etc/default/grub' state: 'present' regexp: '^GRUB_CMDLINE_LINUX=' line: 'GRUB_CMDLINE_LINUX="isolcpus={{ grub.isolcpus }} nohz_full={{ grub.nohz_full }} rcu_nocbs={{ grub.rcu_nocbs }} numa_balancing=disable intel_pstate=disable intel_iommu=on iommu=pt nmi_watchdog=0 audit=0 nosoftlockup processor.max_cstate=1 intel_idle.max_cstate=1 hpet=disable tsc=reliable mce=off"' - notify: ['Update GRUB'] + notify: + - 'Update GRUB' + - 'Reboot server' tags: set-grub -- name: Load msr by default - lineinfile: - path: '/etc/modules' - state: 'present' - line: 'msr' - tags: disable-turbo-boost +- meta: flush_handlers diff --git a/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml index bda9dd4649..7b53dda7ab 100644 --- a/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml +++ b/resources/tools/testbed-setup/ansible/roles/vpp_device/handlers/main.yaml @@ -1,11 +1,27 @@ --- # file: roles/vpp_device/handlers/main.yaml -- name: Enable csit-initialize-vfs.service - command: systemctl enable csit-initialize-vfs.service - tags: enable-vf-service +- name: Start csit-initialize-vfs.service + systemd: + enabled: yes + state: started + name: csit-initialize-vfs.service + tags: start-vf-service - name: Update GRUB command: update-grub tags: update-grub +- name: Reboot server + reboot: + reboot_timeout: 3600 + tags: reboot-server + +- name: Wait for server to restart + wait_for: + host: '{{ inventory_hostname }}' + search_regex: OpenSSH + port: 22 + delay: 60 + timeout: 3600 + tags: reboot-server diff --git a/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml index c3fbfeb1c6..97dec04d8f 100644 --- a/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml +++ b/resources/tools/testbed-setup/ansible/roles/vpp_device/tasks/main.yaml @@ -10,21 +10,28 @@ mode: '744' tags: copy-vf-script -- name: Copy csit-initialize-vfs.service +- name: Start csit-initialize-vfs.service copy: src: 'files/csit-initialize-vfs.service' dest: '/etc/systemd/system/' owner: 'root' group: 'root' mode: '644' - notify: ['Enable csit-initialize-vfs.service'] - tags: copy-vf-service + notify: + - 'Start csit-initialize-vfs.service' + tags: start-vf-service -- name: Set isolcpus and pstate parameter +- meta: flush_handlers + +- name: Set hugepages in GRUB lineinfile: path: '/etc/default/grub' state: 'present' regexp: '^GRUB_CMDLINE_LINUX=' line: 'GRUB_CMDLINE_LINUX="hugepagesz=2M hugepages={{ grub.nr_hugepages }}"' - notify: ['Update GRUB'] + notify: + - 'Update GRUB' + - 'Reboot server' tags: set-grub + +- meta: flush_handlers |