Refactor network protocol profile;Update container image references to local registry;Update/Remove dependencies

2022-12-29 12:31:27 +01:00 · 2022-12-29 12:31:27 +01:00 · 3efee69602
commit 3efee69602
parent 0c8272c9e4
5 changed files with 82 additions and 64 deletions
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/secrets.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/secrets.yml
@ -7,46 +7,46 @@
    kubeconfig: "{{ kubeconfig.path }}"
    # values: "{{ components.sealedsecrets.chart_values }}"
- name: Store hypervisor details in configmap/secret
+# - name: Store hypervisor details in configmap/secret
-  kubernetes.core.k8s:
+#   kubernetes.core.k8s:
-    state: present
+#     state: present
-    template: "{{ item.kind }}.j2"
+#     template: "{{ item.kind }}.j2"
-    kubeconfig: "{{ kubeconfig.path }}"
+#     kubeconfig: "{{ kubeconfig.path }}"
-  vars:
+#   vars:
-    _template:
+#     _template:
-      name: "{{ item.name }}"
+#       name: "{{ item.name }}"
-      namespace: "{{ item.namespace }}"
+#       namespace: "{{ item.namespace }}"
-      annotations: "{{ item.annotations | default('{}') | indent(width=4, first=True) }}"
+#       annotations: "{{ item.annotations | default('{}') | indent(width=4, first=True) }}"
-      labels: "{{ item.labels | default('{}') | indent(width=4, first=True) }}"
+#       labels: "{{ item.labels | default('{}') | indent(width=4, first=True) }}"
-      data: "{{ item.data }}"
+#       data: "{{ item.data }}"
-  loop:
+#   loop:
-    - name: hypervisor-credentials
+#     - name: hypervisor-credentials
-      namespace: kube-system
+#       namespace: kube-system
-      kind: secret
+#       kind: secret
-      data:
+#       data:
-        - key: HV_FQDN
+#         - key: HV_FQDN
-          value: "{{ vapp['hv.fqdn'] | b64encode }}"
+#           value: "{{ vapp['hv.fqdn'] | b64encode }}"
-        - key: HV_USERNAME
+#         - key: HV_USERNAME
-          value: "{{ vapp['hv.username'] | b64encode }}"
+#           value: "{{ vapp['hv.username'] | b64encode }}"
-        - key: HV_PASSWORD
+#         - key: HV_PASSWORD
-          value: "{{ vapp['hv.password'] | b64encode }}"
+#           value: "{{ vapp['hv.password'] | b64encode }}"
-    - name: hypervisor-ippool
+#     - name: hypervisor-ippool
-      namespace: kube-system
+#       namespace: kube-system
-      kind: configmap
+#       kind: configmap
-      data:
+#       data:
-        - key: VAPP_MOREF
+#         - key: VAPP_MOREF
-          value: "{{ moref_id }}"
+#           value: "{{ moref_id }}"
-        - key: VAPP_IPPOOL_FQDN
+#         - key: VAPP_IPPOOL_FQDN
-          value: "{{ vapp['metacluster.fqdn'] }}"
+#           value: "{{ vapp['metacluster.fqdn'] }}"
-        - key: VAPP_IPPOOL_NETWORK
+#         - key: VAPP_IPPOOL_NETWORK
-          value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('network') }}"
+#           value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('network') }}"
-        - key: VAPP_IPPOOL_NETMASK
+#         - key: VAPP_IPPOOL_NETMASK
-          value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('netmask') }}"
+#           value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('netmask') }}"
-        - key: VAPP_IPPOOL_DNSSERVER
+#         - key: VAPP_IPPOOL_DNSSERVER
-          value: "{{ vapp['guestinfo.dnsserver'] }}"
+#           value: "{{ vapp['guestinfo.dnsserver'] }}"
-        - key: VAPP_IPPOOL_GATEWAY
+#         - key: VAPP_IPPOOL_GATEWAY
-          value: "{{ vapp['guestinfo.gateway'] }}"
+#           value: "{{ vapp['guestinfo.gateway'] }}"
-        - key: VAPP_IPPOOL_RANGE
+#         - key: VAPP_IPPOOL_RANGE
-          value: "{{ vapp['ippool.startip'] + '#' + (vapp['ippool.startip'] | netaddr_iter_iprange(vapp['ippool.endip']) | length | string) }}"
+#           value: "{{ vapp['ippool.startip'] + '#' + (vapp['ippool.startip'] | netaddr_iter_iprange(vapp['ippool.endip']) | length | string) }}"
-  loop_control:
+#   loop_control:
-    label: "{{ item.kind + '/' + item.name + ' (' + item.namespace + ')' }}"
+#     label: "{{ item.kind + '/' + item.name + ' (' + item.namespace + ')' }}"
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
@ -25,6 +25,21 @@
        version: "{{ components.clusterapi.workload.version.k8s }}"
        vip: "{{ vapp['workloadcluster.vip'] }}"
 - name: Update image references to use local registry
  ansible.builtin.replace:
    dest: "{{ item.root + '/' + item.path }}"
    regexp: '([ ]+image:[ "]+)(?!({{ _template.pattern }}|"{{ _template.pattern }}))'
    replace: '\1{{ _template.pattern }}'
  vars:
    _template:
      pattern: registry.{{ vapp['metacluster.fqdn'] }}/library/
  loop: "{{ lookup('community.general.filetree', '/opt/metacluster/wip') }}"
  loop_control:
    label: "{{ item.path }}"
  when:
    - item.path is search('.yaml')
    - item.path is not search("clusterctl.yaml|metadata.yaml")
 - name: Initialize Cluster API management cluster
  ansible.builtin.shell:
    cmd: >-
@ -35,18 +50,3 @@
        --config ./clusterctl.yaml \
        --kubeconfig {{ kubeconfig.path }}
    chdir: /opt/metacluster/cluster-api
 # - name: Update image references to use local registry
 #   # This should ASAP be changed to be idempotent!
 #   # ansible.builtin.lineinfile:
 #   #   path: "{{ item.root + '/' + item.path }}"
 #   #   regexp: (.*image:[ "]+)(.*)
 #   #   line: \g<1>registry.{{ vapp['metacluster.fqdn'] }}/library/\g<2>
 #   # loop: "{{ lookup('community.general.filetree', '/opt/metacluster/cluster-api') }}"
 #   # when:
 #   #   - item.path | match('.yaml')
 #   #   - not (item.path | search("clusterctl.yaml|metadata.yaml"))
 #   ansible.builtin.shell:
 #     cmd: >-
 #       find . -type f | xargs -I {} sed -r 's|(image:[ "]+)|\1registry.{{ vapp['metacluster.fqdn'] }}/library/|' -i {}
 #     chdir: /opt/metacluster/cluster-api
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml
@ -55,3 +55,20 @@
  loop: "{{ govc_inventory.results }}"
  loop_control:
    label: "{{ item.item.attribute }}"
 - name: Configure network protocol profile on hypervisor
  ansible.builtin.shell:
    cmd: >-
      npp-prepper \
        --server {{ vapp['hv.fqdn'] }} \
        --username {{ vapp['hv.username'] }} \
        --password {{ vapp['hv.password'] }} \
        dc \
        --name {{ vcenter_info.datacenter }} \
        --portgroup {{ vcenter_info.network }} \
        --startaddress {{ vapp['ippool.startip'] }} \
        --endaddress {{ vapp['ippool.endip'] }} \
        --netmask {{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('netmask') }} \
        {{ vapp['guestinfo.dnsserver'] | split(',') | map('trim') | map('regex_replace', '^', '--dnsserver ') | join(' ') }} \
        --dnsdomain {{ vapp['metacluster.fqdn'] }} \
        --gateway {{ vapp['guestinfo.gateway'] }}
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
@ -40,13 +40,14 @@
    - name: Add vApp properties on deployed VM's
      ansible.builtin.shell:
        cmd: >-
-          vappprop-manager \
+          npp-prepper \
            --server {{ vapp['hv.fqdn'] }} \
            --username {{ vapp['hv.username'] }} \
            --password {{ vapp['hv.password'] }} \
            vm \
            --datacenter {{ vcenter_info.datacenter }} \
-            --network {{ vcenter_info.network }} \
+            --portgroup {{ vcenter_info.network }} \
-            --virtualmachine {{ item.instance.hw_name }}
+            --name {{ item.instance.hw_name }}
      when: existing_ova.results[index] is failed
      loop: "{{ ova_deploy.results }}"
      loop_control:
--- a/ansible/vars/metacluster.yml
+++ b/ansible/vars/metacluster.yml
@ -211,7 +211,7 @@ dependencies:
    - kubernetes.core
  container_images:
-    - vmware/powerclicore:12.7
+    # - vmware/powerclicore:12.7
    # The following list is generated by running the following commands:
    #   $ clusterctl init -i vsphere:<version> [...]
    #   $ clusterctl generate cluster <name> [...] | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)' | sort -u
@ -246,8 +246,8 @@ dependencies:
      extra_opts: --strip-components=2
    - filename: yq
      url: http://github.com/mikefarah/yq/releases/download/v4.30.5/yq_linux_amd64
-    - filename: vappprop-manager
+    - filename: npp-prepper
-      url: https://code.spamasaurus.com/api/packages/djpbessems/generic/vappprop-manager/v0.3.2/vappprop-manager
+      url: https://code.spamasaurus.com/api/packages/djpbessems/generic/npp-prepper/v0.4.3/npp-prepper
  packages:
    apt: