| --- |
| - name: Verify Manditory Variables |
| fail: msg="Variable '{{ item }}' is not defined" |
| when: item not in hostvars[inventory_hostname] |
| with_items: |
| - fabric_ip |
| tags: |
| - interface_config |
| |
| - name: Applications |
| become: yes |
| apt: name={{ item }} state=latest force=yes |
| with_items: |
| - build-essential |
| - git |
| - python-pip |
| - ifenslave-2.6 |
| - bridge-utils |
| - ethtool |
| - minicom |
| - curl |
| - jq |
| |
| - name: Ensure Docker Insecure Repository |
| become: yes |
| lineinfile: |
| dest: /etc/default/docker |
| line: 'DOCKER_OPTS="$DOCKER_OPTS --insecure-registry docker-registry:5000"' |
| insertafter: '^DOCKER_OPTS' |
| register: docker_config |
| |
| - name: Ensure Docker Registry Mirror |
| become: yes |
| lineinfile: |
| dest: /etc/default/docker |
| line: 'DOCKER_OPTS="$DOCKER_OPTS --registry-mirror=http://docker-registry:5001"' |
| insertafter: '^DOCKER_OPTS' |
| register: docker_config_mirror |
| |
| - name: Docker Restart |
| become: yes |
| service: |
| name=docker |
| state=restarted |
| when: docker_config.changed or docker_config_mirror.changed |
| |
| - name: Ensure Docker Ansible Support |
| become: yes |
| pip: |
| name=docker-py |
| version=0.3.1 |
| |
| - name: Set Default Password |
| become: yes |
| user: |
| name={{ ansible_user }} |
| password="$6$TjhJuOgh8xp.v$z/4GwFbn5koVmkD6Ex9wY7bgP7L3uP2ujZkZSs1HNdzQdz9YclbnZH9GvqMC/M1iwC0MceL05.13HoFz/bai0/" |
| when: '"{{ ansible_user }}" == "ubuntu"' |
| |
| - name: Authorize SSH Key |
| become: yes |
| authorized_key: |
| key="{{ pub_ssh_key }}" |
| user={{ ansible_user }} |
| state=present |
| |
| - name: Verify Private SSH Key |
| become: yes |
| stat: |
| path=/home/{{ ansible_user }}/.ssh/id_rsa |
| register: private_key |
| |
| - name: Ensure SSH Key |
| become: no |
| copy: |
| src=files/{{ item }} |
| dest={{ ansible_env['PWD'] }}/.ssh/{{ item }} |
| owner={{ ansible_user }} |
| mode=0600 |
| with_items: |
| - id_rsa |
| - id_rsa.pub |
| - config |
| |
| - name: Ensure CORD SUDO |
| become: yes |
| copy: |
| src=files/99-cord-sudoers |
| dest=/etc/sudoers.d/99-cord-sudoers |
| owner=root |
| group=root |
| mode=0600 |
| |
| - name: Ensure Utility Scripts |
| become: yes |
| copy: |
| src=files/{{ item }} |
| dest=/usr/local/bin/{{ item }} |
| owner=root |
| group=root |
| mode=0755 |
| with_items: |
| - delete-fabric-config |
| - delete-node-prov-state |
| - docker-ip |
| - fabric-pingall |
| - get-fabric-config |
| - get-node-prov-state |
| - remove-xos-components |
| - post-fabric-config |
| - pull-latest-docker-images |
| |
| - name: Verify Mellanox 40Gb NIC |
| shell: /usr/bin/lspci | grep "Ethernet controller" | grep -c ConnectX-3 || true |
| register: mlx_nic_present |
| changed_when: False |
| |
| - name: Verify Intel 40Gb NIC |
| shell: /usr/bin/lspci | grep "Ethernet controller" | grep -c "XL710 for 40GbE QSFP+" || true |
| register: intel_nic_present |
| changed_when: False |
| |
| - name: Verify i40e Driver |
| command: modinfo --field=version i40e |
| register: i40e_version |
| when: intel_nic_present.stdout != "0" |
| changed_when: False |
| failed_when: False |
| tags: |
| - interface_config |
| |
| - name: Verify mlx4 Driver |
| command: modinfo --field=version mlx4_core |
| register: mlx4_version |
| when: mlx_nic_present.stdout != "0" |
| changed_when: False |
| failed_when: False |
| tags: |
| - interface_config |
| |
| - name: Update mlx4 Driver |
| include: tasks/mlx4_driver.yml |
| when: mlx_nic_present.stdout != "0" and mlx4_version.stdout != '3.1-1.0.4' |
| tags: |
| - interface_config |
| |
| - name: Update i40e Driver |
| include: tasks/i40e_driver.yml |
| when: intel_nic_present.stdout != "0" and i40e_version.stdout != '1.4.25' |
| tags: |
| - interface_config |
| |
| - name: Consistent Interface Naming |
| become: yes |
| script: files/rename_ifaces.sh "{{ compute_node.interfaces.fabric }}" "{{ compute_node.addresses.fabric }}" "{{ compute_node.interfaces.external }}" "{{ compute_node.addresses.external }}" "{{ compute_node.gateway.external }}" "{{ compute_node.interfaces.management }}" "{{ compute_node.addresses.management }}" "{{ compute_node.gateway.management }}" "{{ compute_node.fabric_iface_match }}" |
| register: ifaces_changed |
| changed_when: ifaces_changed.stdout.find("true") != -1 |
| tags: |
| - interface_config |
| |
| - name: Load modules at boot |
| become: yes |
| lineinfile: |
| dest: /etc/modules |
| line: "{{ item }}" |
| with_items: |
| - lp |
| - loop |
| - rtc |
| - bonding |
| |
| - name: Reboot Required |
| become: yes |
| command: /sbin/reboot |
| async: 0 |
| poll: 0 |
| ignore_errors: true |
| when: ifaces_changed.stdout.find("true") != -1 |
| tags: |
| - interface_config |
| - reboot |
| |
| - name: Ensure Port Defined |
| set_fact: |
| ansible_ssh_port: 22 |
| when: ansible_ssh_port is not defined |
| |
| - name: Wait For Restart |
| local_action: wait_for port={{ ansible_ssh_port }} host={{ inventory_hostname }} search_regex=OpenSSH delay=30 timeout=600 connect_timeout=15 |
| when: ifaces_changed.stdout.find("true") != -1 |
| tags: |
| - interface_config |
| - reboot |