oracle-devrel · bgraef · May 28, 2025 · May 6, 2025 · May 6, 2025 · May 7, 2025
diff --git a/ol/build.yml b/ol/build.yml
@@ -197,13 +197,46 @@
       - "  private ip: {{ instance_private_ip }}"
   when: debug_enabled
 
+- name: Print SSH proxy command
+  ansible.builtin.debug:
+    msg: "SSH Proxy: {{ ssh_proxy_cmd | default('') }}"
+  when: debug_enabled
+
 - name: Add host to in-memory host file
   ansible.builtin.add_host:
     name: "{{ instance_display_name }}"
     groups: "{{ item.value.type }}"
     ansible_user: opc
     ansible_private_key_file: "{{ lookup('env', 'HOME') + '/.ssh/' + private_key }}"
-    ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+    ansible_ssh_common_args: "-o StrictHostKeyChecking=no {{ ssh_proxy_cmd | default('') }}"
     ansible_host: "{{ instance_public_ip }}"
     ansible_port: 22
-    instance_ocid: "{{ instance_id }}"
+    instance_ocid: "{{ my_instance_id }}"
+
+- name: Create host ini file
+  ansible.builtin.lineinfile:
+    path: hosts
+    regexp: '^\[{{ host_group }}'
+    line: "[{{ host_group }}]"
+    create: true
+    mode: "0664"
+  delegate_to: localhost
+  loop:
+    - engine
+    - kvm
+  loop_control:
+    loop_var: host_group
+
+- name: Add host to ini host file
+  ansible.builtin.lineinfile:
+    path: hosts
+    regexp: '^{{ instance_name }}'
+    line: >-
+      {{ instance_name }}
+      ansible_host={{ instance_ansible_host }}
+      ansible_user={{ instance_ansible_user }}
+      ansible_private_key_file={{ instance_ansible_private_key_file }}
+      ansible_ssh_common_args={{ instance_ansible_ssh_common_args | quote }}
+    insertafter: '^\[{{ item.value.type }}\]$'
+    create: true
+    mode: "0664"
diff --git a/ol/create_instance.yml b/ol/create_instance.yml
@@ -49,6 +49,11 @@
       ansible.builtin.set_fact:
         my_tenancy_id: "{{ lookup('ini', 'tenancy section={{ oci_config_section }} file={{ oci_config_file }}') }}"
 
+    - name: Print tenancy id
+      ansible.builtin.debug:
+        msg: "{{ my_tenancy_id }}"
+      when: debug_enabled
+
     - name: Get region id
       ansible.builtin.set_fact:
         my_region_id: "{{ lookup('ini', 'region section={{ oci_config_section }} file={{ oci_config_file }}') }}"

diff --git a/ol/default_vars.yml b/ol/default_vars.yml
@@ -59,3 +59,15 @@ virtualbox_extpack_version: "7.1.2"
 ol_iso_version: "9"
 ol_update: "4"
 dwnld_ol_iso: false
+
+# ssh_proxy_cmd: '-o ProxyCommand="nc --proxy www.example.com:80 %h %p"'
+
+# pip_proxy_env:
+#   http_proxy: 'http://www.example.com:80
+#   https_proxy: 'https://www.example.com:80'
+
+# proxy_env:
+#   http_proxy: 'www.example.com:80'
+#   https_proxy: 'www.example.com:80'
+#   ftp_proxy: 'www.example.com:80'
+#   no_proxy: 'localhost,127.0.0.1,example.com'
diff --git a/ol/host_setup.yml b/ol/host_setup.yml
@@ -20,11 +20,21 @@
     #     search_regex: OpenSSH
     #     delay: 10
 
-    - name: Wait for system to become reachable
+    - name: Wait for connection to systems to become reachable
       ansible.builtin.wait_for_connection:
       vars:
         python_version: "/usr/bin/python3"
         ansible_python_interpreter: "{{ python_version if localhost_python_interpreter is defined | default(omit) }}"
+      when: ssh_proxy_cmd is undefined
+
+    - name: Wait for systems to become reachable using ssh
+      ansible.builtin.wait_for:
+        port: 22
+        host: '{{ (ansible_ssh_host | default(ansible_host)) | default(inventory_hostname) }}'
+        search_regex: OpenSSH
+        delay: 10
+        timeout: 300
+      when: ssh_proxy_cmd is defined
 
     # - name: Run ansible adhoc ping module
     #   ansible.builtin.command: ansible all -i '{{ hostvars[inventory_hostname].ansible_host }},' -m ping

diff --git a/ol/update_all_rpms.yml b/ol/update_all_rpms.yml
@@ -20,6 +20,7 @@
       when: ansible_distribution == 'OracleLinux'
       retries: 5
       delay: 10
+      environment: "{{ proxy_env | default({}) }}"
 
     - name: Check if a reboot is required
       ansible.builtin.command: /usr/bin/needs-restarting -r

diff --git a/olvm/build.yml b/olvm/build.yml
@@ -48,6 +48,12 @@
   ansible.builtin.set_fact:
     my_instance_id: "{{ result.instance.id }}"
 
+- name: Add instance id to state file
+  ansible.builtin.lineinfile:
+    path: .ansible-state
+    line: "instance{{ ansible_loop.index0 + 1 }}_ocid: {{ my_instance_id }}"
+    mode: "0755"
+
 - name: Set the compute instance display_name
   ansible.builtin.set_fact:
     instance_display_name: "{{ result.instance.display_name }}"
@@ -201,13 +207,18 @@
       - "  private ip: {{ instance_private_ip }}"
   when: debug_enabled
 
+- name: Print SSH proxy command
+  ansible.builtin.debug:
+    msg: "SSH Proxy: {{ ssh_proxy_cmd | default('') }}"
+  when: debug_enabled
+
 - name: Add host to in-memory host file
   ansible.builtin.add_host:
     name: "{{ instance_display_name }}"
     groups: "{{ item.value.type }}"
     ansible_user: opc
     ansible_private_key_file: "{{ lookup('env', 'HOME') + '/.ssh/' + private_key }}"
-    ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+    ansible_ssh_common_args: "-o StrictHostKeyChecking=no {{ ssh_proxy_cmd | default('') }}"
     ansible_host: "{{ instance_public_ip }}"
     ansible_port: 22
     instance_ocid: "{{ my_instance_id }}"
@@ -244,6 +255,6 @@
     instance_name: "{{ instance_display_name }}"
     instance_ansible_user: opc
     instance_ansible_private_key_file: "{{ lookup('env', 'HOME') + '/.ssh/' + private_key }}"
-    instance_ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+    instance_ansible_ssh_common_args: "-o StrictHostKeyChecking=no {{ ssh_proxy_cmd | default('') }}"
     instance_ansible_host: "{{ instance_public_ip }}"
     instance_ansible_port: 22
diff --git a/olvm/check_instance_available.yml b/olvm/check_instance_available.yml
@@ -5,19 +5,21 @@
 # See LICENSE.TXT for details.
 
 - name: Configure new instances
-  hosts: all
+  hosts: engine:kvm:!localhost
   gather_facts: false
   vars_files:
     - default_vars.yml
     - oci_vars.yml
 
   tasks:
 
-    - name: Wait for systems to become reachable
-      ansible.builtin.wait_for_connection:
-      vars:
-        python_version: "/usr/bin/python3"
-        ansible_python_interpreter: "{{ python_version if localhost_python_interpreter is defined | default(omit) }}"
+    - name: Wait for systems to become reachable using ssh
+      ansible.builtin.wait_for:
+        port: 22
+        host: '{{ (ansible_ssh_host | default(ansible_host)) | default(inventory_hostname) }}'
+        search_regex: OpenSSH
+        delay: 10
+        timeout: 300
 
     - name: Get a set of all available facts
       ansible.builtin.setup:

diff --git a/olvm/configure_passwordless_ssh.yml b/olvm/configure_passwordless_ssh.yml
@@ -5,7 +5,7 @@
 # See LICENSE.TXT for details.
 
 - name: Configure passwordless ssh between hosts
-  hosts: all
+  hosts: engine:kvm:!localhost
   vars_files:
     - default_vars.yml
     - oci_vars.yml
@@ -33,7 +33,8 @@
         user: "{{ username }}"
         state: present
         key: "{{ lookup('file', 'buffer/{{ item }}-id_rsa.pub') }}"
-      loop: "{{ groups['all'] | flatten(levels=1) }}"
+      # loop: "{{ groups['all'] | flatten(levels=1) }}"
+      loop: "{{ ansible_play_hosts_all | difference(['localhost']) }}"
       become: true
 
     # - name: Copy public key to each destination for root
@@ -47,7 +48,8 @@
     - name: Print hostvars for groups
       ansible.builtin.debug:
         msg: "{{ hostvars[item] }}"
-      loop: "{{ groups['all'] | flatten(levels=1) }}"
+      # loop: "{{ groups['all'] | flatten(levels=1) }}"
+      loop: "{{ ansible_play_hosts_all | difference(['localhost']) }}"
       when: debug_enabled
 
     - name: Print vcn subnet_domain_name
@@ -62,7 +64,8 @@
         {{ hostvars[item].ansible_default_ipv4.address }},\
         {{ hostvars[item].ansible_hostname + '.' + my_subnet1_domain_name }} >> ~/.ssh/known_hosts
       with_items:
-        - "{{ groups['all'] }}"
+        # - "{{ groups['all'] }}"
+        "{{ ansible_play_hosts_all | difference(['localhost']) }}"
       become: true
       become_user: "{{ username }}"
       register: result

diff --git a/olvm/configure_secondary_nic.yml b/olvm/configure_secondary_nic.yml
@@ -5,7 +5,7 @@
 # See LICENSE.TXT for details.
 
 - name: Configure secondary nic
-  hosts: all
+  hosts: engine,kvm
   vars_files:
     - default_vars.yml
     - oci_vars.yml
@@ -87,8 +87,13 @@
     - name: Get network interface
       ansible.builtin.set_fact:
         interface: "{{ item }}"
-      with_items: "{{ ansible_interfaces | reject('==', 'lo') }}"
-      when: ansible_facts[item].macaddress == mac_addr
+      with_items: "{{ ansible_interfaces | select('match', '^(ens|enp|eth)') | list }}"
+      when: ansible_facts[item].macaddress is defined and ansible_facts[item].macaddress == mac_addr
+
+    - name: Check if kvm hosts added to olvm cluster
+      ansible.builtin.stat:
+        path: /tmp/.olvm-provisioned
+      register: olvm_provision
 
     - name: Assign static IP
       community.general.nmcli:
@@ -99,6 +104,7 @@
         gw4: 10.0.1.1
         state: present
       become: true
+      when: not olvm_provision.stat.exists
 
     - name: Add two IPv4 DNS server addresses
       community.general.nmcli:
@@ -109,3 +115,4 @@
           - 169.254.169.254
         state: present
       become: true
+      when: not olvm_provision.stat.exists
diff --git a/olvm/create_block_storage.yml b/olvm/create_block_storage.yml
@@ -20,6 +20,12 @@
   ansible.builtin.set_fact:
     volume_id: "{{ kvm_create_block.volume.id }}"
 
+- name: Add storage id to state file
+  ansible.builtin.lineinfile:
+    path: .ansible-state
+    line: "{{ storage_name }}_ocid: {{ volume_id }}"
+    mode: "0755"
+
 - name: Attach shared block volume for vm storage
   oracle.oci.oci_compute_volume_attachment:
     instance_id: "{{ my_instance_id }}"

diff --git a/olvm/create_hostfile_secondary_nic.yml b/olvm/create_hostfile_secondary_nic.yml
@@ -5,7 +5,7 @@
 # See LICENSE.TXT for details.
 
 - name: Create a host file for secondary nic hostnames
-  hosts: all
+  hosts: engine:kvm:!localhost
   vars_files:
     - default_vars.yml
     - oci_vars.yml
@@ -31,7 +31,7 @@
         regexp: "^.*vdsm.*$"
         line: "{{ dns_ip.stdout }} vdsm.{{ my_subnet2_domain_name }} vdsm"
       delegate_to: "{{ item }}"
-      loop: "{{ groups['all'] }}"
+      loop: "{{ ansible_play_hosts_all | difference(['localhost']) }}"
       become: true
 
     - name: Get kvm host IP address # noqa: run-once[task]
@@ -54,5 +54,5 @@
         block: "{{ lookup('template', 'etc_hosts_kvm.j2') }}"
         marker: "# {mark} ANSIBLE MANAGED BLOCK kvm"
       delegate_to: "{{ item }}"
-      loop: "{{ groups['all'] }}"
+      loop: "{{ ansible_play_hosts_all | difference(['localhost']) }}"
       become: true