Skip to content

Ansible role in JetBrew to provision the EDPM nodes #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
smandaRH wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Ansible role in JetBrew to provision the EDPM nodes #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
8138d74
group variables
smandaRH Oct 26, 2025
a5ef2db
Add EDPM provisioning with Foreman role integration
smandaRH Oct 29, 2025
1626892
Add EDPM provisioning with Foreman role integration
smandaRH Oct 29, 2025
f34fddf
Merge branch 'redhat-performance:main' into provision
smandaRH Dec 1, 2025
d90eed8
Add EDPM provisioning with Foreman role integration
smandaRH Oct 29, 2025
3ba27fd
Merge branch 'redhat-performance:main' into provision
smandaRH Dec 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions ansible/edpm_provisioning.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
---
- name: Provisioning EDPM nodes
hosts: localhost
gather_facts: false

pre_tasks:
- name: Download or load OCP inventory
include_tasks: roles/bootstrap/tasks/includes/download_ocp_inventory.yml

- name: Parse nodes from OCP inventory
set_fact:
all_nodes: "{{ (ocp_inventory.content | from_json).nodes }}"
total_num_nodes: "{{ (ocp_inventory.content | from_json).nodes | length }}"

- name: last index
set_fact:
last_compute_node_index: "{{ compute_start_node_index + compute_count }}"
when: compute_count != -1

- name: Select EDPM nodes from start_node
set_fact:
edpm_nodes: "{{ ocp_inventory.json.nodes[compute_start_node_index|int:last_compute_node_index|int] | map(attribute='name') | list }}"

roles:
- role: foreman
6 changes: 6 additions & 0 deletions ansible/group_vars/all.sample.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,3 +46,9 @@ ceph_admin_node: #hostname/ip
ceph_admin_user: root
ceph_admin_password: "{{ ansible_ssh_password }}"
ceph_config_local_path: /root/ceph-config


# Provision Variables
foreman_os: RHEL 9.4
foreman_url: https://foreman.example.com
compute_start_node_index: 4
2 changes: 2 additions & 0 deletions ansible/roles/bootstrap/tasks/includes/download_ocp_inventory.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
uri:
url: "https://wiki.scalelab.redhat.com/instack/{{ cloud }}_ocpinventory.json"
return_content: true
validate_certs: false
register: ocpinventory_scale
when:
- lab == 'scalelab'
Expand All @@ -30,6 +31,7 @@
uri:
url: "https://wiki.rdu3.labs.perfscale.redhat.com/instack/{{ cloud }}_ocpinventory.json"
return_content: true
validate_certs: false
register: ocpinventory_alias
when:
- lab == 'performancelab'
Expand Down
5 changes: 5 additions & 0 deletions ansible/roles/foreman/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
# Starting node index for compute node provisioning (0-indexed)
# Default is 4 (starts from 5th node: 1 bastion + 3 OCP nodes = index 4)
# Set this in group_vars/all.yml to start provisioning from a different node
compute_start_node_index: 4
107 changes: 107 additions & 0 deletions ansible/roles/foreman/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
---
# Foreman Role - Main Tasks
# This role handles Foreman-related operations including EDPM node provisioning

- name: Set fact for foreman_user and foreman_password
ansible.builtin.set_fact:
foreman_user: "{{ all_nodes[0].pm_user }}"
foreman_password: "{{ all_nodes[0].pm_password }}"


- name: Generate Foreman configuration file
template:
src: "foreman_config.j2"
dest: "/tmp/foreman_config_updated_{{ cloud }}.yml"


- name: Determine boot mode for each node
set_fact:
node_boot_modes: "{{ node_boot_modes | default([]) + [{'node': item, 'boot_mode': boot_mode_result}] }}"
vars:
boot_mode_result: >-
{%- if item is match('.*(1029u|1029p|5039ms|6018r|6029p|6029r|6048p|6048r|6049p).*') -%}
Bios
{%- elif item is match('.*r660.*') -%}
UEFI
{%- else -%}
{%- set badfish_result = lookup('pipe', 'podman run quay.io/quads/badfish:latest --get-bios-attribute --attribute BootMode -H mgmt-' + item + ' -u ' + foreman_user + ' -p ' + foreman_password + ' -o json 2>&1 | jq -r .CurrentValue') -%}
{%- if badfish_result and badfish_result != 'null' and badfish_result != '' -%}
{{ badfish_result }}
{%- else -%}
UEFI
{%- endif -%}
{%- endif -%}
loop: "{{ edpm_nodes }}"


- name: Update Foreman host configuration for each node
shell: |
podman run \
-v /tmp/foreman_config_updated_{{ cloud }}.yml:/opt/hammer/foreman_config.yml \
quay.io/cloud-bulldozer/foreman-cli:latest \
hammer \
-c /opt/hammer/foreman_config.yml \
--verify-ssl false \
-u {{ cloud }} \
-p {{ foreman_password }} \
host update \
--name {{ item.node }} \
--operatingsystem "{{ foreman_os }}" \
--pxe-loader "{{ 'PXELinux BIOS' if item.boot_mode == 'Bios' else 'PXELinux UEFI' }}" \
--build 1
loop: "{{ node_boot_modes }}"
register: foreman_update_results


- name: Set boot device for SuperMicro servers
shell: |
podman run quay.io/ocp-edge-qe/ipmitool ipmitool -I lanplus -H mgmt-{{ item.node }} -U {{ foreman_user }} -P {{ foreman_password }} chassis bootdev pxe
loop: "{{ node_boot_modes | selectattr('boot_mode', 'equalto', 'Bios') | list }}"
register: supermicro_bootdev_results


- name: Set boot device for non-SuperMicro servers
shell: |
podman run quay.io/quads/badfish:latest -H mgmt-{{ item.node }} -u {{ foreman_user }} -p {{ foreman_password }} -i config/idrac_interfaces.yml -t foreman
loop: "{{ node_boot_modes | rejectattr('boot_mode', 'equalto', 'Bios') | list }}"
register: badfish_bootdev_results


- name: Reboot all nodes
shell: |
podman run quay.io/quads/badfish:latest --reboot-only -H mgmt-{{ item.node }} -u {{ foreman_user }} -p {{ foreman_password }}
loop: "{{ node_boot_modes }}"
register: reboot_results


- name: Wait for nodes to be SSH accessible after reboot
shell: |
sshpass -p {{ ssh_password }} ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@{{ item.node }} 'hostname'
loop: "{{ node_boot_modes }}"
register: ssh_check_results
retries: 30
delay: 30
until: ssh_check_results is succeeded


- name: Remove existing SSH keys for all nodes
shell: |
ssh-keygen -R {{ item.node }} 2>/dev/null || true
loop: "{{ node_boot_modes }}"


- name: Get SSH host keys for all nodes
shell: |
ssh-keyscan -t ecdsa,ed25519,rsa {{ item.node }} 2>/dev/null
loop: "{{ node_boot_modes }}"
register: ssh_keys_result
changed_when: false


- name: Add SSH keys to known_hosts for all nodes
ansible.builtin.known_hosts:
name: "{{ item.item.node }}"
key: "{{ item.stdout }}"
state: present
loop: "{{ ssh_keys_result.results }}"
when: item.stdout is defined and item.stdout != ""
11 changes: 11 additions & 0 deletions ansible/roles/foreman/templates/foreman_config.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
:modules:
- hammer_cli_foreman

:foreman:
:enable_module: true
:host: '{{ foreman_url }}'
:username: '{{ cloud }}'
:password: '{{ foreman_password }}'

:log_dir: '~/.hammer/log'
:log_level: 'error'