Add preflight retries;Housekeeping;Upload&Import images;Fix var reference;Improve UX

ansible/roles/firstboot/files/ansible_payload/bootstrap/roles/metacluster/tasks/registry.yml

@@ -64,20 +64,6 @@
           hv:
             fqdn: "{{ vapp['metacluster.fqdn'] }}"
 
-    # - name: Restart kubelet (k3s) to pick up configured registries
-    #   ansible.builtin.systemd:
-    #     name: k3s
-    #     state: restarted
-
-    # - name: Ensure k3s API availability
-    #   ansible.builtin.uri:
-    #     url: https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose
-    #     method: GET
-    #   register: api_readycheck
-    #   until: api_readycheck.json.apiVersion is defined
-    #   retries: 5
-    #   delay: 30
-
   module_defaults:
     ansible.builtin.uri:
       validate_certs: no

ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/vcenter.yml

@@ -4,6 +4,9 @@
       community.vmware.vmware_vcenter_settings_info:
         schema: vsphere
       register: vcenter_info
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.short }}"
+      until: vcenter_info is not failed
 
   module_defaults:
     group/vmware:

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/k3s.yml

@@ -27,7 +27,7 @@
     chdir: /opt/metacluster/k3s
   environment:
     INSTALL_K3S_SKIP_DOWNLOAD: 'true'
-    INSTALL_K3S_EXEC: "server --token {{ vapp['metacluster.token'] | trim }} --server https://{{ vapp['metacluster.fqdn'] }}:6443 --disable local-storage --config /etc/rancher/k3s/config.yaml"
+    INSTALL_K3S_EXEC: "server --token {{ vapp['metacluster.token'] | trim }} --server https://{{ vapp['metacluster.vip'] }}:6443 --disable local-storage --config /etc/rancher/k3s/config.yaml"
   when: ansible_facts.services['k3s.service'] is undefined
 
 - name: Ensure API availability

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/main.yml

@@ -1,9 +1,9 @@
 - import_tasks: init.yml
+- import_tasks: registry.yml
 - import_tasks: k3s.yml
-# - import_tasks: assets.yml
+- import_tasks: assets.yml
 # - import_tasks: ingress.yml
 # - import_tasks: storage.yml
 # - import_tasks: certauthority.yml
-# - import_tasks: registry.yml
 # - import_tasks: git.yml
 # - import_tasks: gitops.yml

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/registry.yml

@@ -0,0 +1,50 @@
+- block:
+
+    - name: Push images to registry
+      ansible.builtin.shell:
+        cmd: >-
+          skopeo copy \
+            --insecure-policy \
+            --dest-tls-verify=false \
+            --dest-creds admin:{{ vapp['metacluster.password'] }} \
+            docker-archive:./{{ item | basename }} \
+            docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \
+              skopeo list-tags \
+                --insecure-policy \
+                docker-archive:./{{ item | basename }} | \
+              jq -r '.Tags[0]')
+        chdir: /opt/metacluster/container-images/
+      register: push_result
+      loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}"
+      loop_control:
+        label: "{{ item | basename }}"
+      retries: "{{ playbook.retries }}"
+      delay: "{{ playbook.delays.short }}"
+      until: push_result is not failed
+
+    - name: Get all stored container images (=artifacts)
+      ansible.builtin.uri:
+        url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/search?q=library
+        method: GET
+      register: registry_artifacts
+
+    - name: Get source registries of all artifacts
+      ansible.builtin.set_fact:
+        source_registries: "{{ (source_registries | default([]) + [(item | split('/'))[1]]) | unique | sort }}"
+      loop: "{{ registry_artifacts.json.repository | json_query('[*].repository_name') }}"
+
+    - name: Configure K3s node for private registry
+      ansible.builtin.template:
+        dest: /etc/rancher/k3s/registries.yaml
+        src: registries.j2
+      vars:
+        _template:
+          data: "{{ source_registries }}"
+          hv:
+            fqdn: "{{ vapp['metacluster.fqdn'] }}"
+
+  module_defaults:
+    ansible.builtin.uri:
+      validate_certs: no
+      status_code: [200, 201, 401]
+      body_format: json

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/metacluster.yml

@@ -1,6 +1,6 @@
 - name: Check for metacluster connectivity
   ansible.builtin.uri:
-    url: https://{{ vapp['metacluster.fqdn'] }}:6443/livez?verbose
+    url: https://{{ vapp['metacluster.vip'] }}:6443/livez?verbose
     method: GET
     validate_certs: no
     status_code: [200, 401]

scripts/Update-OvfConfiguration.upgrade.yml

@@ -28,6 +28,14 @@ PropertyCategories:
     Configurations: '*'
     UserConfigurable: true
 
+  - Key: metacluster.password
+    Type: password(7..)
+    Label: Meta-cluster administrator password*
+    Description: 'Needed to authenticate with target meta-cluster'
+    DefaultValue: ''
+    Configurations: '*'
+    UserConfigurable: true
+
   - key: metacluster.token
     Type: string(1..)
     Label: K3s install token*
@@ -47,14 +55,6 @@ PropertyCategories:
     Configurations: '*'
     UserConfigurable: true
 
-  - Key: metacluster.password
-    Type: password(7..)
-    Label: Appliance password*
-    Description: ''
-    DefaultValue: ''
-    Configurations: '*'
-    UserConfigurable: true
-
   - Key: guestinfo.ipaddress
     Type: ip
     Label: IP Address*