adjust vars for fqdn and add public rt to vlan

Author: bgraef

olvm/build.yml

@@ -231,10 +231,10 @@
     path: hosts
     regexp: '^{{ instance_name }}'
     line: >-
-      {{ instance_name }} 
-      ansible_host={{ instance_ansible_host }} 
-      ansible_user={{ instance_ansible_user }} 
-      ansible_private_key_file={{ instance_ansible_private_key_file }} 
+      {{ instance_name }}
+      ansible_host={{ instance_ansible_host }}
+      ansible_user={{ instance_ansible_user }}
+      ansible_private_key_file={{ instance_ansible_private_key_file }}
       ansible_ssh_common_args={{ instance_ansible_ssh_common_args | quote }}
     insertafter: '^\[{{ item.value.type }}\]$'
     create: true

olvm/create_hostfile_secondary_nic.yml

@@ -13,7 +13,7 @@
   tasks:
 
     - name: Get engine ip address # noqa: run-once[task]
-      ansible.builtin.command: "dig vdsm.olvpriv.vcn.oraclevcn.com +short"
+      ansible.builtin.command: "dig vdsm.{{ my_subnet2_domain_name }} +short"
       register: dns_ip
       changed_when: dns_ip.rc == 0
       delegate_to: "{{ groups['engine'][0] }}"
@@ -29,13 +29,13 @@
       ansible.builtin.lineinfile:
         dest: /etc/hosts
         regexp: "^.*vdsm.*$"
-        line: "{{ dns_ip.stdout }} vdsm.olvpriv.vcn.oraclevcn.com vdsm"
+        line: "{{ dns_ip.stdout }} vdsm.{{ my_subnet2_domain_name }} vdsm"
       delegate_to: "{{ item }}"
       loop: "{{ groups['all'] }}"
       become: true
 
     - name: Get kvm host IP address # noqa: run-once[task]
-      ansible.builtin.command: "dig vdsm{{ hostvars[item].inventory_hostname_short[-2:] }}.olvpriv.vcn.oraclevcn.com +short"
+      ansible.builtin.command: "dig vdsm{{ hostvars[item].inventory_hostname_short[-2:] }}.{{ my_subnet2_domain_name }} +short"
       register: kvm_dns_ip
       loop: "{{ groups['kvm'] | flatten(levels=1) }}"
       changed_when: kvm_dns_ip.rc == 0

olvm/create_vlan.yml

@@ -47,6 +47,7 @@
       - "{{ my_l2_vlan_nsg_id }}"
     vcn_id: "{{ my_vcn_id }}"
     vlan_tag: 1
+    route_table_id: "{{ my_public_rt_id }}"
   register: result
   retries: 10
   delay: 30

olvm/default_vars.yml

@@ -33,7 +33,7 @@ vnc_port: "1"
 vnc_default_password: "{{ username }}"
 vnc_geometry: "1920x1080"
 
-engine_fqdn: olvm.olvpub.vcn.oraclevcn.com
+engine_fqdn: olvm.pub.olv.oraclevcn.com
 engine_url: https://{{ engine_fqdn }}/ovirt-engine/api
 engine_user: admin@ovirt@internalsso
 engine_pass: How-2-install

olvm/ovirt_add_hosts.yml

@@ -6,15 +6,15 @@
 
 - name: Add KVM hosts to a Cluster in the Engine server
   hosts: olvm
-
   vars_files:
     - default_vars.yml
+    - oci_vars.yml
 
   tasks:
 
     - name: Download ca-cert
       ansible.builtin.get_url:
-        url: "https://olvm.olvpub.vcn.oraclevcn.com/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA"
+        url: "https://{{ engine_fqdn }}/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA"
         dest: "{{ ansible_env.HOME + '/pki-resource' }}"
         mode: '0664'
         validate_certs: false
@@ -27,15 +27,15 @@
         ca_file: "{{ ansible_env.HOME + '/pki-resource' }}"
         insecure: true
       when: ovirt_auth is undefined or not ovirt_auth
-      register: connection
+      register: auth_connection
       tags:
         - always
 
     - name: Add KVM host
       ovirt.ovirt.ovirt_host:
         cluster: "Default"
         name: "olkvm0{{ ansible_loop.index0 + 1 }}"
-        address: "vdsm0{{ ansible_loop.index0 + 1 }}.olvpriv.vcn.oraclevcn.com"
+        address: "vdsm0{{ ansible_loop.index0 + 1 }}.{{ my_subnet2_domain_name }}"
         auth: "{{ ovirt_auth }}"
         timeout: 2200
         power_management_enabled: false
@@ -47,7 +47,7 @@
       register: kvm_sleeper
 
     - name: Disconnect from the OLVM Engine application
-      ovirt_auth:
+      ovirt.ovirt.ovirt_auth:
         state: absent
         ovirt_auth: "{{ ovirt_auth }}"
       tags:

olvm/ovirt_connection_test.yml

@@ -27,16 +27,16 @@
         ca_file: "{{ ansible_env.HOME + '/pki-resource' }}"
         insecure: true
       when: ovirt_auth is undefined or not ovirt_auth
-      register: connection
+      register: auth_connection
       tags:
         - always
 
     - name: Show connection information
-      debug:
-        msg: "Connected to the OLVM Engine application at {{ connection.ansible_facts.ovirt_auth.url }}"
+      ansible.builtin.debug:
+        msg: "Connected to the OLVM Engine application at {{ auth_connection.ansible_facts.ovirt_auth.url }}"
 
     - name: Disconnect from the OLVM Engine application
-      ovirt_auth:
+      ovirt.ovirt.ovirt_auth:
         state: absent
         ovirt_auth: "{{ ovirt_auth }}"
       tags:

olvm/ovirt_upload_image.yml

@@ -14,7 +14,7 @@
 
     - name: Download ca-cert
       ansible.builtin.get_url:
-        url: "https://olvm.olvpub.vcn.oraclevcn.com/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA"
+        url: "https://{{ engine_fqdn }}/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA"
         dest: /tmp/pki-resource
         mode: '0664'
         validate_certs: false

olvm/provision_olvm_engine.yml

@@ -6,6 +6,7 @@
 
 - name: Get Started with OLVM
   hosts: all
+  order: sorted
   vars_files:
     - default_vars.yml
     - oci_vars.yml
@@ -78,6 +79,13 @@
       delegate_to: "{{ groups['engine'][0] }}"
       run_once: true
 
+    - name: Check if OLVM Eingine is installed # noqa: run-once[task]
+      ansible.builtin.stat:
+        path: "/etc/pki/ovirt-engine/keys/engine_id_rsa"
+      register: olvm_engine_installed
+      delegate_to: "{{ groups['engine'][0] }}"
+      run_once: true
+
     - name: Install OLVM Engine with defaults # noqa: run-once[task]
       ansible.builtin.expect:
         command: /bin/engine-setup --generate-answer=file --accept-defaults
@@ -90,16 +98,18 @@
       changed_when: result.rc == 0
       delegate_to: "{{ groups['engine'][0] }}"
       run_once: true
+      when: not olvm_engine_installed.stat.exists
 
-    - name: Activate Cockpit web console on the KVM hosts
+    - name: Activate Cockpit web console on the KVM hosts # noqa: run-once[task]
       ansible.builtin.systemd:
         state: started
         name: cockpit.socket
         enabled: true
       delegate_to: "{{ item }}"
       loop: "{{ groups['kvm'] }}"
+      run_once: true
 
-    - name: Open firewall for cockpit and virsh on the KVM hosts
+    - name: Open firewall for cockpit and virsh on the KVM hosts # noqa: run-once[task]
       ansible.posix.firewalld:
         zone: public
         service: "{{ item[0] }}"
@@ -108,3 +118,4 @@
         immediate: true
       delegate_to: "{{ item[1] }}"
       loop: "{{ ['libvirt', 'libvirt-tls', 'cockpit'] | product(groups['kvm']) | list }}"
+      run_once: true

olvm/provision_olvm_engine_privatekey.yml

@@ -30,13 +30,14 @@
       delegate_to: "{{ groups['engine'][0] }}"
       run_once: true
 
-    - name: Copy public key to each destination
+    - name: Copy public key to each destination # noqa: run-once[task]
       ansible.posix.authorized_key:
         user: "root"
         state: present
         key: "{{ lookup('file', 'buffer/engine-key.pub') }}"
       delegate_to: "{{ item }}"
       loop: "{{ groups['kvm'] }}"
+      run_once: true
 
     - name: Download ol9 ova image # noqa: run-once[task]
       ansible.builtin.get_url:

olvm/templates/etc_hosts_kvm.j2

@@ -1,3 +1,3 @@
 {% for i in kvm_dns_ip.results %}
-{{ i.stdout }} vdsm0{{ loop.index }}.olvpriv.vcn.oraclevcn.com vdsm0{{ loop.index }}
+{{ i.stdout }} vdsm0{{ loop.index }}.{{ my_subnet2_domain_name }} vdsm0{{ loop.index }}
 {% endfor %}