Use interface autodetection;Skip TLS Verify

ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml

@@ -1,43 +1,51 @@
-- name: Install harbor chart
+- block:
-  kubernetes.core.helm:
-    name: harbor
-    chart_ref: /opt/metacluster/helm-charts/harbor
-    release_namespace: harbor
-    create_namespace: yes
-    wait: yes
-    kubeconfig: "{{ kubeconfig.path }}"
-    values: "{{ components.harbor.chart_values }}"
 
-- name: Ensure harbor API availability
+    - name: Install harbor chart
-  ansible.builtin.uri:
+      kubernetes.core.helm:
-    url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/health
+        name: harbor
-    method: GET
+        chart_ref: /opt/metacluster/helm-charts/harbor
-  register: api_readycheck
+        release_namespace: harbor
-  until:
+        create_namespace: yes
-    - api_readycheck.json.status is defined
+        wait: yes
-    - api_readycheck.json.status == 'healthy'
+        kubeconfig: "{{ kubeconfig.path }}"
-  retries: 5
+        values: "{{ components.harbor.chart_values }}"
-  delay: 30
 
-- name: Push images to registry
+    - name: Ensure harbor API availability
-  ansible.builtin.shell:
+      ansible.builtin.uri:
-    cmd: >-
+        url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/health
-      skopeo copy \
+        method: GET
-        --insecure-policy \
+      register: api_readycheck
-        --dest-tls-verify=false \
+      until:
-        --dest-creds admin:{{ vapp['guestinfo.rootpw'] }} \
+        - api_readycheck.json.status is defined
-        docker-archive:./{{ item | basename }} \
+        - api_readycheck.json.status == 'healthy'
-        docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \
+      retries: 5
-          skopeo list-tags \
+      delay: 30
+
+    - name: Push images to registry
+      ansible.builtin.shell:
+        cmd: >-
+          skopeo copy \
             --insecure-policy \
-            docker-archive:./{{ item | basename }} | \
+            --dest-tls-verify=false \
-          jq -r '.Tags[0]')
+            --dest-creds admin:{{ vapp['guestinfo.rootpw'] }} \
-    chdir: /opt/metacluster/container-images/
+            docker-archive:./{{ item | basename }} \
-  loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}"
+            docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \
-  loop_control:
+              skopeo list-tags \
-    label: "{{ item | basename }}"
+                --insecure-policy \
+                docker-archive:./{{ item | basename }} | \
+              jq -r '.Tags[0]')
+        chdir: /opt/metacluster/container-images/
+      loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}"
+      loop_control:
+        label: "{{ item | basename }}"
 
-- name: Configure K3s node for private registry
+    - name: Configure K3s node for private registry
-  ansible.builtin.template:
+      ansible.builtin.template:
-    dest: /etc/rancher/k3s/registries.yaml
+        dest: /etc/rancher/k3s/registries.yaml
-    src: registries.j2
+        src: registries.j2
+
+  module_defaults:
+    ansible.builtin.uri:
+      validate_certs: no
+      status_code: [200, 201]
+      body_format: json

ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml

@@ -37,7 +37,7 @@
       loop_control:
         index_var: index
 
-    - name: Add vApp properties (required for Network Protocol Profiles)
+    - name: Add vApp properties on deployed VM's
       community.vmware.vmware_guest:
         name: "{{ (item | basename | split('.'))[:-1] | join('.') }}"
         vapp_properties:

ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2

@@ -35,5 +35,5 @@ VSPHERE_SSH_AUTHORIZED_KEY: "{{ _template.cluster.publickey }}"
 
 KUBERNETES_VERSION: "{{ _template.cluster.version }}"
 CONTROL_PLANE_ENDPOINT_IP: "{{ _template.cluster.vip }}"
-VIP_NETWORK_INTERFACE: "eth0"
+VIP_NETWORK_INTERFACE: ""
 EXP_CLUSTER_RESOURCE_SET: "true"