openstack/tripleo-quickstart-extras
Code Issues Proposed changes
5d0662d735
tripleo-quickstart-extras/playbooks/baremetal-full-freeipa.yml
Ronelle Landy 2c2b16dc1e Modify IPA install and usage for multi-env 
Remove auto-reverse from IPA server install as
this option is causing errors in environments
where the zone being created already exists and
is owned by some other dns server.
See related change in:
https://review.opendev.org/c/openstack/tripleo-quickstart-extras/+/737058/.

This patch also stops the unbound service if it
is running on the undercloud.

Change-Id: Ie46809379e5c143910560b4d3f7cb0eee6f80ea1
2022-11-03 06:49:31 -04:00

133 lines
3.3 KiB
YAML
Raw Blame History

---
- name: Run inventory to add supplemental node
hosts: undercloud
gather_facts: false
tags:
- freeipa-setup
tasks:
- include_role:
name: tripleo-inventory
vars:
inventory: extra_node
- name: Add supplemental IP to /etc/hosts
lineinfile:
line: "{{ supplemental_node_ip }} {{ freeipa_server_hostname }}"
path: /etc/hosts
become: true
- name: set the freeipa_internal_ip
set_fact:
freeipa_internal_ip: "{{ supplemental_node_ip }}"
cacheable: true
- name: Deploy the FreeIPA server
hosts: supplemental
gather_facts: true
tags:
- freeipa-setup
tasks:
- name: Create /etc/ci directory for supplemental
become: true
file:
path: /etc/ci
state: directory
owner: root
group: root
mode: 0755
- name: Slurp the contents of mirror_info.sh from undercloud
become: true
slurp:
src: '/etc/ci/mirror_info.sh'
register: mirror_info_sh
delegate_to: undercloud
- name: Write mirror_info.sh contents to file on supplemental
become: true
copy:
dest: '/etc/ci/mirror_info.sh'
content: |
{{ mirror_info_sh['content'] | b64decode }}
- include_role:
name: repo-setup
vars:
repo_setup_dir: /home/{{ supplemental_user|default('centos') }}
- name: Set eth2 public IP address
shell: |
ip a add dev eth2 {{ supplemental_node_ip }}/24;
ip l set eth2 up;
ip link set dev eth2 mtu 1450;
ping 10.0.0.1 -c 4 -q;
become: true
changed_when: false
- include_role:
name: freeipa-setup
- name: Use supplemental node as DNS server
hosts: undercloud
gather_facts: false
tags:
- freeipa-setup
tasks:
- name: ensure that DHCP doesn't overwrite DNS settings (CentOS/RHEL >= 8)
become: true
when:
- ansible_os_family == 'RedHat'
- ansible_distribution_major_version is version(8, '>=')
block:
- name: set 'dns=none' in NetworkManager config file
ini_file:
path: /etc/NetworkManager/NetworkManager.conf
state: present
no_extra_spaces: true
section: main
option: dns
value: none
backup: true
- name: reload NetworkManager service
service:
name: NetworkManager
state: reloaded
- name: disable unbound service
become: true
service:
name: unbound
state: stopped
ignore_errors: true
- name: remove any existing entries from the resolv.conf file
become: true
lineinfile:
path: /etc/resolv.conf
regexp: "^nameserver "
state: absent
- name: set IPA server domain search
become: true
lineinfile:
path: /etc/resolv.conf
insertafter: '^search'
line: "search ooo.test"
state: present
- name: set IPA server as primary DNS provider
become: true
lineinfile:
path: /etc/resolv.conf
insertafter: '^search'
line: "nameserver {{ freeipa_internal_ip }}"
state: present
- name: print content of 'resolv.conf' after modifications
become: true
debug:
msg: "Content of resolv.conf: {{ lookup('file', '/etc/resolv.conf') }}"
View Git Blame Copy Permalink