Move files between payload folders;Define upgrade vapp properties;Join metacluster

ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/main.yml

@@ -1,13 +1 @@
-- block:
-
-    - name: Check for vCenter connectivity
-      community.vmware.vmware_vcenter_settings_info:
-        schema: vsphere
-      register: vcenter_info
-
-  module_defaults:
-    group/vmware:
-      hostname: "{{ vapp['hv.fqdn'] }}"
-      validate_certs: no
-      username: "{{ vapp['hv.username'] }}"
-      password: "{{ vapp['hv.password'] }}"
+- import_tasks: vcenter.yml

ansible/roles/firstboot/files/ansible_payload/common/roles/preflight/tasks/vcenter.yml

@@ -0,0 +1,13 @@
+- block:
+
+    - name: Check for vCenter connectivity
+      community.vmware.vmware_vcenter_settings_info:
+        schema: vsphere
+      register: vcenter_info
+
+  module_defaults:
+    group/vmware:
+      hostname: "{{ vapp['hv.fqdn'] }}"
+      validate_certs: no
+      username: "{{ vapp['hv.username'] }}"
+      password: "{{ vapp['hv.password'] }}"

ansible/roles/firstboot/files/ansible_payload/upgrade/playbook.yml

@@ -12,7 +12,7 @@
     - preflight
     - users
     - disks
-    # - metacluster
+    - metacluster
     # - workloadcluster
     - tty
     - cleanup

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/k3s.yml

@@ -0,0 +1,63 @@
+- name: Store custom configuration files
+  ansible.builtin.copy:
+    dest: "{{ item.filename }}"
+    content: "{{ item.content }}"
+  loop:
+    - filename: /etc/rancher/k3s/config.yaml
+      content: |
+        kubelet-arg:
+          - "config=/etc/rancher/k3s/kubelet.config"
+    - filename: /etc/rancher/k3s/kubelet.config
+      content: |
+        apiVersion: kubelet.config.k8s.io/v1beta1
+        kind: KubeletConfiguration
+
+        shutdownGracePeriod: 180s
+        shtudownGracePeriodCriticalPods: 60s
+  loop_control:
+    label: "{{ item.filename }}"
+
+- name: Gather service facts
+  ansible.builtin.service_facts:
+    # Module requires no attributes
+
+- name: Install K3s
+  ansible.builtin.command:
+    cmd: ./install.sh
+    chdir: /opt/metacluster/k3s
+  environment:
+    INSTALL_K3S_SKIP_DOWNLOAD: 'true'
+    INSTALL_K3S_EXEC: "server --token {{ vapp['metacluster.token'] }} --server https://{{ vapp['metacluster.fqdn'] }}:6443 --disable local-storage --config /etc/rancher/k3s/config.yaml"
+  when: ansible_facts.services['k3s.service'] is undefined
+
+- name: Ensure API availability
+  ansible.builtin.uri:
+    url: https://{{ vapp['guestinfo.ipaddress'] }}:6443/livez?verbose
+    method: GET
+    validate_certs: no
+    status_code: [200, 401]
+  register: api_readycheck
+  until: api_readycheck.json.apiVersion is defined
+  retries: "{{ playbook.retries }}"
+  delay: "{{ playbook.delays.medium }}"
+
+- name: Install kubectl tab-completion
+  ansible.builtin.shell:
+    cmd: kubectl completion bash | tee /etc/bash_completion.d/kubectl
+
+- name: Initialize tempfile
+  ansible.builtin.tempfile:
+    state: file
+  register: kubeconfig
+
+- name: Retrieve kubeconfig
+  ansible.builtin.command:
+    cmd: kubectl config view --raw
+  register: kubectl_config
+
+- name: Store kubeconfig in tempfile
+  ansible.builtin.copy:
+    dest: "{{ kubeconfig.path }}"
+    content: "{{ kubectl_config.stdout }}"
+    mode: 0600
+  no_log: true

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/metacluster/tasks/main.yml

@@ -0,0 +1,9 @@
+# - import_tasks: init.yml
+- import_tasks: k3s.yml
+# - import_tasks: assets.yml
+# - import_tasks: ingress.yml
+# - import_tasks: storage.yml
+# - import_tasks: certauthority.yml
+# - import_tasks: registry.yml
+# - import_tasks: git.yml
+# - import_tasks: gitops.yml

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/main.yml

@@ -0,0 +1,2 @@
+- import_tasks: vcenter.yml
+- import_tasks: metacluster.yml

ansible/roles/firstboot/files/ansible_payload/upgrade/roles/preflight/tasks/metacluster.yml

@@ -0,0 +1,6 @@
+- name: Check for metacluster connectivity
+  ansible.builtin.uri:
+    url: https://{{ vapp['metacluster.fqdn'] }}:6443/livez?verbose
+    method: GET
+    validate_certs: no
+    status_code: [200, 401]

scripts/Update-OvfConfiguration.upgrade.yml

@@ -42,7 +42,7 @@ PropertyCategories:
   - Key: metacluster.password
     Type: password(7..)
     Label: Appliance password*
-    Description: 'Initial password for respective administrator accounts within each component'
+    Description: ''
     DefaultValue: ''
     Configurations: '*'
     UserConfigurable: true
@@ -65,9 +65,17 @@ PropertyCategories:
 
   - Key: metacluster.fqdn
     Type: string(1..)
-    Label: Appliance FQDN*
-    Description: Respective subdomains will be available for each component (e.g. storage.example.org); this address should already be configured as a wildcard record within your DNS zone.
-    DefaultValue: meta.k8s.cluster
+    Label: Meta-cluster FQDN/IP-address*
+    Description: The address of the target meta-cluster which this appliance will perform an upgrade on.
+    DefaultValue: ''
+    Configurations: '*'
+    UserConfigurable: true
+
+  - key: metacluster.token
+    Type: string(1..)
+    Label: K3s install token*
+    Description: Must match the token originally used for the target meta-cluster
+    DefaultValue: ''
     Configurations: '*'
     UserConfigurable: true
 
@@ -95,53 +103,18 @@ PropertyCategories:
     Configurations: '*'
     UserConfigurable: true
 
-- Name: 2) Workload-cluster
-  ProductProperties:
-
-  - Key: workloadcluster.name
-    Type: string(1..15)
-    Label: Workload-cluster name*
-    Description: ''
-    DefaultValue: 'workload-{{ hostname.suffix }}'
-    Configurations: '*'
-    UserConfigurable: true
-
-  - Key: workloadcluster.vip
-    Type: ip
-    Label: Workload-cluster virtual IP*
-    Description: Workload-cluster control plane endpoint virtual IP
-    DefaultValue: ''
-    Configurations: '*'
-    UserConfigurable: true
-
-  - Key: ippool.startip
-    Type: ip
-    Label: Workload-cluster IP-pool start IP*
-    Description: All nodes for the workload-cluster will be provisioned within this IP pool
-    DefaultValue: ''
-    Configurations: '*'
-    UserConfigurable: true
-
-  - Key: ippool.endip
-    Type: ip
-    Label: Workload-cluster IP-pool end IP*
-    Description: All nodes for the workload-cluster will be provisioned within this IP pool
-    DefaultValue: ''
-    Configurations: '*'
-    UserConfigurable: true
-
-- Name: 3) Common
+- Name: 2) Common
   ProductProperties:
 
   - Key: guestinfo.rootsshkey
     Type: password(1..)
     Label: SSH public key*
-    Description: Authentication for any node (meta-cluster *and* workloadcluster); this line should start with 'ssh-rsa AAAAB3N'
+    Description: Authentication for this meta-cluster node; this line should start with 'ssh-rsa AAAAB3N'
     DefaultValue: ''
     Configurations: '*'
     UserConfigurable: true
 
-- Name: 4) Hypervisor
+- Name: 3) Hypervisor
   ProductProperties:
 
   - Key: hv.fqdn