terraform-ibm-modules · tripan27 · Sep 5, 2025 · Aug 26, 2025 · Aug 26, 2025 · Sep 1, 2025
@@ -8,7 +8,7 @@
 ############################################################
 
 GLOBAL_RHEL_PACKAGES="rhel-system-roles rhel-system-roles-sap expect"
-GLOBAL_GALAXY_COLLECTIONS="ibm.power_linux_sap:>=3.0.0,<4.0.0"
+GLOBAL_GALAXY_COLLECTIONS="ibm.power_linux_sap:>=3.0.0,<4.0.0 ibm.power_aix:>=2.0.0,<3.0.0"
 
 ############################################################
 # Start functions

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+### Using input variables from terraform
+ansible_playbook=${ansible_playbook_file}
+ansible_log_path=${ansible_log_path}
+ansible_inventory=${ansible_inventory}
+ansible_private_key_file=${ansible_private_key_file}
+
+# Create ansible.cfg file
+ansible_playbook_name=$(basename $${ansible_playbook})
+echo -e "[defaults]\nhost_key_checking=False" >ansible.cfg
+export ANSIBLE_LOG_PATH=$${ansible_log_path}/$${ansible_playbook_name}.$(date "+%Y.%m.%d-%H.%M.%S").log
+export ANSIBLE_PRIVATE_KEY_FILE=$${ansible_private_key_file}
+
+#Execute ansible playbook
+unbuffer ansible-playbook -i $${ansible_inventory} $${ansible_playbook}
+if [ $? -ne 0 ]; then
+    rm -rf $${ansible_private_key_file}
+    exit 1
+fi
+echo \"Playbook command successful\"
+rm -rf $${ansible_private_key_file}
@@ -0,0 +1,259 @@
+---
+- name: AIX Configuration (proxy, rootvg, curl, data fs, nfs, ntp)
+  hosts: all
+  gather_facts: no
+
+  vars:
+    EXTEND_ROOT_VOLUME_WWN: "${EXTEND_ROOT_VOLUME_WWN}"
+    DATA_VOLUME_WWN: "${DATA_VOLUME_WWN}"
+    DATA_VOLUME_MOUNT_PATH: "${DATA_VOLUME_MOUNT_PATH}"
+    DATAVG: "${DATAVG}"
+    DATALV: "${DATALV}"
+    PROXY_IP_PORT: "${PROXY_IP_PORT}"
+    NO_PROXY: "${NO_PROXY}"
+    NFS_ENABLE: "${NFS_ENABLE}"
+    NFS_MOUNT_POINT: "${NFS_MOUNT_POINT}"
+    NFS_HOST_OR_PATH: "${NFS_HOST_OR_PATH}"
+    NTP_ENABLE: "${NTP_ENABLE}"
+    NTP_SERVER: "${NTP_SERVER}"
+    # Hardcoded values (Terraform can override)
+    NFS_DOMAIN: "${NFS_DOMAIN}"
+    NFS_HOSTNAME: "${NFS_HOSTNAME}"
+    ansible_shell_executable: /usr/bin/ksh
+    ansible_shell_type: sh
+
+  tasks:
+
+    ##############################################################
+    # Configure Proxy
+    ##############################################################
+    - block:
+        - name: Set proxy environment variables in /etc/profile
+          ansible.builtin.blockinfile:
+            path: /etc/profile
+            marker: "# {mark} PROXY SETTINGS"
+            block: |
+              export http_proxy=http://{{ PROXY_IP_PORT }}
+              export https_proxy=http://{{ PROXY_IP_PORT }}
+              export HTTP_PROXY=http://{{ PROXY_IP_PORT }}
+              export HTTPS_PROXY=http://{{ PROXY_IP_PORT }}
+              export no_proxy={{ NO_PROXY }}
+
+        - name: Export proxy variables for current session
+          ansible.builtin.shell: |
+            export http_proxy=http://{{ PROXY_IP_PORT }}
+            export https_proxy=http://{{ PROXY_IP_PORT }}
+            export HTTP_PROXY=http://{{ PROXY_IP_PORT }}
+            export HTTPS_PROXY=http://{{ PROXY_IP_PORT }}
+            export no_proxy={{ NO_PROXY }}
+          changed_when: false
+      tags: proxy
+
+    ##############################################################
+    # Extend rootvg
+    ##############################################################
+    - block:
+        - name: Discover hdisk by WWN for rootvg extension (run cfgmgr first)
+          ansible.builtin.shell: |
+            cfgmgr >/dev/null 2>&1
+            lspv -u | tr '[:upper:]' '[:lower:]' |
+            awk -v w="{{ EXTEND_ROOT_VOLUME_WWN | lower }}" 'index($0,w){print $1; exit}'
+          register: hdisk_name
+          changed_when: false
+
+        - name: Get current MAX PPs per PV for rootvg
+          ansible.builtin.shell: "lsvg rootvg | grep 'MAX PPs per PV' | awk '{print $5}'"
+          register: chvg_limit
+          changed_when: false
+
+        - name: Update rootvg partition limit if less than 1024
+          ansible.builtin.shell: "chvg -t 16 rootvg"
+          when: chvg_limit.stdout | int < 1024
+          changed_when: false
+
+        - name: Mark hdisk as physical volume
+          ansible.builtin.command: "chdev -l {{ hdisk_name.stdout }} -a pv=yes"
+          when: hdisk_name.stdout != ""
+          changed_when: false
+
+        - name: Extend rootvg with new disk
+          community.general.aix_lvg:
+            vg: rootvg
+            pvs: ["{{ hdisk_name.stdout }}"]
+            force: true
+            state: present
+          when: hdisk_name.stdout != ""
+
+        - name: Resize filesystems
+          community.general.aix_filesystem:
+            filesystem: "{{ item.filesystem }}"
+            size: "{{ item.size }}"
+            state: present
+          loop:
+            - { filesystem: "/",    size: "8G" }
+            - { filesystem: "/usr", size: "8G" }
+            - { filesystem: "/opt", size: "6G" }
+            - { filesystem: "/var", size: "6G" }
+            - { filesystem: "/tmp", size: "4G" }
+      tags: rootvg
+
+    ##############################################################
+    # Install curl package
+    ##############################################################
+    - block:
+        - name: Install curl package using dnf
+          ansible.builtin.shell: |
+            . /etc/profile && echo 'y' | /opt/freeware/bin/dnf install curl-7.53*
+          register: curl_install
+          changed_when: "'Complete!' in curl_install.stdout or 'Nothing to do.' in curl_install.stdout"
+
+        - name: Verify curl installation
+          ansible.builtin.shell: |
+            . /etc/profile && /opt/freeware/bin/dnf list installed curl | grep curl
+          register: curl_check
+          changed_when: false
+          failed_when: curl_check.rc != 0
+      tags: curl
+
+    ##############################################################
+    # Create filesystem for data volume
+    ##############################################################
+    - block:
+        - name: Get hdisk for data volume
+          ansible.builtin.shell: |
+            lspv -u | tr '[:upper:]' '[:lower:]' |
+            awk -v w="{{ DATA_VOLUME_WWN | lower }}" 'index($0,w){print $1; exit}'
+          register: data_hdisk
+          changed_when: false
+
+        - name: Fail if data hdisk not found
+          ansible.builtin.fail:
+            msg: "Error: Disk {{ DATA_VOLUME_WWN }} not found."
+          when: data_hdisk.stdout == ""
+
+        - name: Create Volume Group ({{ DATAVG }}) on data hdisk
+          ibm.power_aix.lvg:
+            vg_name: "{{ DATAVG }}"
+            pvs: ["{{ data_hdisk.stdout }}"]
+            state: present
+
+        - name: Gather LVM facts
+          ibm.power_aix.lvm_facts:
+          register: lvm_info
+
+        - name: Calculate LV size = Free PPs × PP Size
+          ansible.builtin.set_fact:
+            datalv_size: "{{ (lvm_info.ansible_facts.LVM.VGs[DATAVG]['FREE PPs'] | regex_search('^\\d+') | int) *
+                             (lvm_info.ansible_facts.LVM.VGs[DATAVG]['PP SIZE'] | regex_search('^\\d+') | int) }}M"
+
+        - name: Create Logical Volume ({{ DATALV }}) in {{ DATAVG }}
+          ibm.power_aix.lvol:
+            vg: "{{ DATAVG }}"
+            lv: "{{ DATALV }}"
+            size: "{{ datalv_size }}"
+            state: present
+          when:
+            - "DATALV not in (lvm_info.ansible_facts.LVM.VGs[DATAVG].LVs | default({}))"
+            - (lvm_info.ansible_facts.LVM.VGs[DATAVG]['FREE PPs'] | regex_search('^\\d+') | int) > 0
+
+        - name: Ensure mount path exists
+          ansible.builtin.file:
+            path: "{{ DATA_VOLUME_MOUNT_PATH }}"
+            state: directory
+            mode: '0755'
+
+        - name: Ensure filesystem exists on LV and is mounted
+          ibm.power_aix.filesystem:
+            device: "/dev/{{ DATALV }}"
+            filesystem: "{{ DATA_VOLUME_MOUNT_PATH }}"
+            fs_type: jfs2
+            auto_mount: yes
+            permissions: rw
+            state: present
+
+        - name: Ensure mount is active
+          ibm.power_aix.mount:
+            mount_dir: "{{ DATA_VOLUME_MOUNT_PATH }}"
+            state: mount
+
+        - name: Verify filesystem mounted with df -g
+          ansible.builtin.shell: df -g | grep "{{ DATA_VOLUME_MOUNT_PATH }}"
+          register: df_output
+          changed_when: false
+      tags: data
+
+    ##############################################################
+    # Configure NFS
+    ##############################################################
+    - block:
+        - name: Set NFS domain
+          ansible.builtin.command: chnfsdom "{{ NFS_DOMAIN }}"
+          changed_when: false
+
+        - name: Ensure NFS services running
+          ansible.builtin.command: startsrc -g nfs
+          changed_when: false
+
+        - name: Ensure NFS server entry in /etc/hosts
+          ansible.builtin.lineinfile:
+            path: /etc/hosts
+            line: "{{ NFS_HOST_OR_PATH.split(':')[0] }} {{ NFS_HOSTNAME }}"
+            state: present
+
+        - name: Create mount directory
+          ansible.builtin.file:
+            path: "{{ NFS_MOUNT_POINT }}"
+            state: directory
+
+        - name: Ensure NFS filesystem stanza exists (persistent)
+          ibm.power_aix.filesystem:
+            device: "{{ NFS_HOST_OR_PATH.split(':')[1] }}"
+            filesystem: "{{ NFS_MOUNT_POINT }}"
+            fs_type: nfs4
+            auto_mount: yes
+            permissions: rw
+            state: present
+            nfs_server: "{{ NFS_HOSTNAME }}"
+
+        - name: Ensure NFS is actually mounted now
+          ibm.power_aix.mount:
+            mount_dir: "{{ NFS_MOUNT_POINT }}"
+            state: mount
+
+        - name: Show NFS mount status
+          ansible.builtin.command: df -g {{ NFS_MOUNT_POINT }}
+          register: nfs_mount_status
+          changed_when: false
+      when: NFS_ENABLE | bool
+      tags: nfs
+
+    ##############################################################
+    # Configure NTP (persistent)
+    ##############################################################
+    - block:
+        - name: Ensure NTP server entry is in /etc/ntp.conf
+          ansible.builtin.lineinfile:
+            path: /etc/ntp.conf
+            line: "server {{ NTP_SERVER }}"
+            state: present
+
+        - name: Ensure NTP daemon entry exists in /etc/inittab (persistent)
+          ibm.power_aix.inittab:
+            name: xntpd
+            runlevel: '2'
+            action: 'respawn'
+            command: '/usr/bin/startsrc -s xntpd > /dev/console 2>&1'
+            state: present
+
+        - name: Restart NTP service
+          ansible.builtin.service:
+            name: xntpd
+            state: restarted
+
+        - name: Verify NTP service with ntpq -p
+          ansible.builtin.command: ntpq -p
+          register: ntpq_output
+          changed_when: false
+
+      when: NTP_ENABLE | bool
+      tags: ntp
@@ -55,6 +55,7 @@ This example sets up the following infrastructure:
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_pi_aix_configure_services"></a> [pi\_aix\_configure\_services](#module\_pi\_aix\_configure\_services) | ../../modules/powervs-vpc-landing-zone/submodules/ansible | n/a |
 | <a name="module_pi_scc_wp_agent"></a> [pi\_scc\_wp\_agent](#module\_pi\_scc\_wp\_agent) | ../../modules/powervs-vpc-landing-zone/submodules/ansible | n/a |
 | <a name="module_powervs_instance"></a> [powervs\_instance](#module\_powervs\_instance) | terraform-ibm-modules/powervs-instance/ibm | 2.7.0 |
 | <a name="module_standard"></a> [standard](#module\_standard) | ../../modules/powervs-vpc-landing-zone | n/a |
@@ -63,7 +64,6 @@ This example sets up the following infrastructure:
 
 | Name | Type |
 |------|------|
-| [terraform_data.aix_init](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/resources/data) | resource |
 | [ibm_iam_auth_token.auth_token](https://registry.terraform.io/providers/IBM-Cloud/ibm/1.82.0/docs/data-sources/iam_auth_token) | data source |
 
 ### Inputs