Dynamic roles

ansible/configs/just-a-bunch-of-nodes/post_infra.yml

@@ -6,3 +6,16 @@
   tasks:
     - debug:
         msg: "Step 002 Post Infrastructure"
+
+- name: Configure all hosts authorized_keys
+  hosts:
+    - all:!windows
+  become: true
+  gather_facts: false
+  tags:
+    - common_tasks
+  tasks:
+
+    - include_role:
+        name: set_env_authorized_key
+      when: set_env_authorized_key | bool

ansible/configs/just-a-bunch-of-nodes/pre_infra.yml

@@ -6,3 +6,7 @@
   tasks:
     - debug:
         msg: "Step 000 Pre Infrastructure"
+
+    - include_role:
+        name: infra-local-create-ssh_key
+      when: set_env_authorized_key | bool

ansible/configs/just-a-bunch-of-nodes/pre_software.yml

@@ -7,10 +7,6 @@
     - debug:
         msg: "Step 003 Pre Software"
 
-    - include_role:
-        name: infra-local-create-ssh_key
-      when: set_env_authorized_key | bool
-
 - name: Configure all hosts with Repositories, Common Files and Set environment key
   hosts:
     - all:!windows
@@ -21,16 +17,12 @@
   tasks:
     - include_role:
         name: set-repositories
-      when: repo_method is defined
+      when: repo_method is defined and repo_method != 'none'
 
     - include_role:
         name: common
       when: install_common | bool
 
-    - include_role:
-        name: set_env_authorized_key
-      when: set_env_authorized_key | bool
-
 - name: Configuring Bastion Hosts
   hosts: bastions
   become: true

ansible/configs/just-a-bunch-of-nodes/sample_vars/equinix_metal_ocp4_aio.yaml

@@ -0,0 +1,203 @@
+---
+cloud_provider: equinix_metal
+remote_user: root
+cloud_tags:
+  ci_org_owner: Customer And Field engagement BU
+  env_type: '{{ env_type }}'
+  platform: '{{ platform | d(''unknown'') }}'
+env_type: just-a-bunch-of-nodes
+extra_sno_nodes: false
+hypervisor_count: 1
+hypervisor_os: centos_8
+install_bastion: false
+install_common: false
+install_ftl: false
+install_student_user: true
+key_name: opentlc_admin_backdoor
+ocp4_aio_deploy_acm: false
+ocp4_aio_deploy_acs: false
+ocp4_aio_deploy_cnv: false
+ocp4_aio_deploy_cnvlab: true
+ocp4_aio_deploy_compact: false
+ocp4_aio_deploy_disconnected: false
+ocp4_aio_deploy_guacamole: true
+ocp4_aio_deploy_ipi: true
+ocp4_aio_deploy_nfs: false
+ocp4_aio_deploy_ocp: true
+ocp4_aio_deploy_ocp_plus: false
+ocp4_aio_deploy_ocs: true
+ocp4_aio_deploy_ods: false
+ocp4_aio_deploy_sno: false
+ocp4_aio_deploy_type: ipi
+deploy_type: ipi
+ocp4_aio_ocp_version: 4.9.5
+ocp4_aio_ocp_workers: 3
+ocp4_aio_baremetal_provider: "{{ cloud_provider }}"
+ocp4_aio_rhcos_iso_url: https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/latest/latest/rhcos-live.x86_64.iso
+ocp4_aio_use_ddns: true
+own_repo_path: http://d3s3zqyaz8cp2d.cloudfront.net/repos/ocp/{{osrelease}}
+platform: dev
+pull_secret: '{{ ocp4_pull_secret }}'
+purpose: production
+repo_method: none
+set_env_authorized_key: false
+override_deploy_ocp: >-
+  {{ ( ocp4_aio_deploy_ocs
+  or ocp4_aio_deploy_cnv
+  or ocp4_aio_deploy_acm ) | bool
+  }}
+override_deploy_compact: "{{ ocp4_aio_ocp_workers != 0 }}"
+override_deploy_nfs: "{{ not ocp4_aio_deploy_ocs | bool }}"
+
+equinix_metal_facility: am6
+hypervisor_type: s3.xlarge.x86
+
+ansible_user: root
+
+# Environment Instances
+instances:
+  - name: "hypervisor"
+    count: "{{ hypervisor_count }}"
+    public_dns: true
+    type: "{{ hypervisor_type }}"
+    os: "{{ hypervisor_os }}"
+    facility: "{{ equinix_metal_facility }}"
+    tags:
+      - key: "AnsibleGroup"
+        value: "bastions,hypervisors"
+      - key: "ostype"
+        value: "linux"
+
+requirements_content:
+  roles:
+    - src: https://github.com/fridim/ocp4_aio_infra_role_base_software.git
+      scm: git
+      name: ocp4_aio_base_software
+      version: main
+
+    - name: ocp4_aio_base_virt
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_infra_role_base_virt.git
+      scm: git
+      version: v0.0.3
+
+    - name: ocp4_aio_prepare_bastion
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_infra_role_prepare_bastion.git
+      scm: git
+      version: v0.0.2
+
+    - name: ocp4_aio_role_acm
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_acm.git
+      scm: git
+      version: v0.0.1
+
+    - name: ocp4_aio_role_acs
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_acs.git
+      scm: git
+      version: v0.0.1
+
+    - name: ocp4_aio_role_cnv
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_cnv.git
+      scm: git
+      version: v0.0.1
+
+    - name: ocp4_aio_role_imgreg
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_imgreg.git
+      scm: git
+      version: v0.0.1
+
+    - name: ocp4_aio_role_nfsmount
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_nfsmount.git
+      scm: git
+      version: v0.0.2
+
+    - name: ocp4_aio_role_ocs
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_ocs.git
+      scm: git
+      version: v0.0.3
+
+    - name: ocp4_aio_deploy_bastion
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_infra_role_deploy_bastion.git
+      scm: git
+      version: v0.0.3
+
+    - name: ocp4_aio_deploy_guac
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_infra_role_deploy_guacamole.git
+      scm: git
+      version: v0.0.1
+
+    - name: ocp4_aio_deploy_ocp
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_infra_role_deploy_ocp.git
+      scm: git
+      version: v0.0.4
+
+    - name: ocp4_aio_workload_cnvlab
+      src: https://github.com/RHFieldProductManagement/ocp4_aio_role_deploy_cnvlab.git
+      scm: git
+      version: v0.0.2
+
+    # PoC, implement rogue tasks as roles
+
+    - name: ocp4_equinix_aio_post_infra
+      src: https://github.com/fridim/ocp4_equinix_aio_post_infra
+      version: main
+
+    - name: ocp4_equinix_aio_set_guid
+      src: https://github.com/fridim/ocp4_equinix_aio_set_guid
+      version: main
+
+    - name: ocp4_equinix_metal_kube
+      src: https://github.com/fridim/ocp4_equinix_metal_kube
+      version: main
+
+  collections:
+    - name: community.general
+    - name: containers.podman
+
+
+agnosticd_post_infra_roles:
+  - name: ocp4_equinix_aio_post_infra
+
+agnosticd_pre_software_roles:
+  - name: ocp4_equinix_aio_set_guid
+    group: hypervisors
+
+  - name: bastion-student-user
+    group: hypervisors
+    when: install_student_user
+
+  - name: ocp4_aio_base_software
+    group: hypervisors
+
+  - name: ocp4_aio_base_virt
+    group: hypervisors
+    facts:
+      aio_host_ip_address: "{{ hostvars['hypervisor']['public_ip_address'] }}"
+
+  - name: ocp4_aio_prepare_bastion
+    group: hypervisors
+    facts:
+      ocp4_aio_ssh_key: "{{ lookup('file', '{{ output_dir }}/{{ guid }}_id_rsa.pub' ) }}"
+
+  - name: ocp4_aio_deploy_guac
+    group: hypervisors
+    when: ocp4_aio_deploy_guacamole
+
+  - name: ocp4_aio_deploy_bastion
+    host: bastion-vm
+    facts:
+      ocp4_aio_ssh_key: "{{ lookup('file', '{{ output_dir }}/{{ guid }}_id_rsa.pub' ) }}"
+
+agnosticd_software_roles:
+  - name: ocp4_aio_deploy_ocp
+    host: bastion-vm
+    facts:
+      aio_host_ip_address: "{{ hostvars['hypervisor']['public_ip_address'] }}"
+
+agnosticd_post_software_roles:
+  # Setup OCS Storage
+  - name: ocp4_aio_role_ocs
+    host: bastion-vm
+
+  # Enable internal registry
+  - name: ocp4_aio_role_imgreg
+    host: bastion-vm

ansible/destroy.yml

@@ -29,6 +29,13 @@
        })
     }}
 
+- name: Post Destroy Hooks
+  import_playbook: hooks/post_destroy.yaml
+  tags:
+    - dynamic_roles
+    - post_destroy
+    - post_destroy_tasks
+
 - import_playbook: save_output_dir.yml
 
 - import_playbook: completion_callback.yml

ansible/hooks/facts_tasks.yaml

@@ -0,0 +1,4 @@
+---
+- name: Set facts
+  loop: "{{ _facts | default({}) | dict2items }}"
+  set_fact: {"{{ item.key }}":"{{ item.value }}"}

ansible/hooks/infra.yml

@@ -0,0 +1,35 @@
+---
+- name: Install Infra dynamic roles
+  hosts: localhost
+  gather_facts: false
+  tags:
+    - dynamic_roles
+  tasks:
+    - name: Process facts
+      loop: "{{ agnosticd_infra_roles | default([]) }}"
+      loop_control:
+        loop_var: _role
+        label: "{{ _role.name }}"
+      when: >-
+        _role.facts | default({}) | length > 0
+        and
+        lookup('test', _role.when | default(true))
+
+      include_tasks: facts_tasks.yaml
+      vars:
+        _facts: "{{ _role.facts }}"
+
+    - name: Process roles
+      vars:
+        agnosticd_stage: infra
+      loop: "{{ agnosticd_infra_roles | default([]) }}"
+      loop_control:
+        loop_var: _role
+        label: "{{ _role.name }}"
+      when: lookup('test', _role.when | default(true))
+      include_role:
+        name: "{{ _role.name }}"
+        defaults_from: "{{ _role.defaults_from | default('main') }}"
+        handlers_from: "{{ _role.handlers_from | default('main') }}"
+        tasks_from: "{{ _role.tasks_from | default('main') }}"
+        vars_from: "{{ _role.vars_from | default('main') }}"

ansible/hooks/post_destroy.yaml

@@ -0,0 +1,38 @@
+---
+- name: Post Destroy Dynamic Roles
+  hosts: localhost
+  gather_facts: false
+  tags:
+    - dynamic_roles
+  tasks:
+    - name: Process facts
+      loop: "{{ agnosticd_post_destroy_roles | default([]) }}"
+      loop_control:
+        loop_var: _role
+        label: "{{ _role.name }}"
+      when: >-
+        _role.facts | default({}) | length > 0
+        and
+        lookup('test', _role.when | default(true))
+
+      include_tasks: facts_tasks.yaml
+      vars:
+        _facts: "{{ _role.facts }}"
+
+    - name: Process roles
+      vars:
+        agnosticd_stage: post_destroy
+      loop: "{{ agnosticd_post_destroy_roles | default([]) }}"
+      loop_control:
+        loop_var: _role
+        label: "{{ _role.name }}"
+      when: lookup('test', _role.when | default(true))
+      include_role:
+        name: "{{ _role.name }}"
+        defaults_from: "{{ _role.defaults_from | default('main') }}"
+        handlers_from: "{{ _role.handlers_from | default('main') }}"
+        tasks_from: "{{ _role.tasks_from | default('main') }}"
+        vars_from: "{{ _role.vars_from | default('main') }}"
+        apply:
+          vars:
+            - "{{ _role.vars | default({}) }}"