Add switch-vlans role

This patch adds this new role created from: - validations/swithc-vlans.yaml Change-Id: I4a3dd54c9737f74a3f2cdcfe67b11f88c7e94786 Implements: blueprint validation-framework Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
2019-02-25 15:08:38 +01:00 · 2019-02-25 15:08:38 +01:00 · d0680b83e9
parent 6ecfb48553
commit d0680b83e9
5 changed files with 83 additions and 0 deletions
--- a/playbooks/switch-vlans.yaml
+++ b/playbooks/switch-vlans.yaml
@ -0,0 +1,18 @@
+---
+- hosts: undercloud
+  vars:
+    metadata:
+      name: Compare switch port VLANs to VLANs in nic config
+      description: >
+        LLDP data received during introspection contains the configured VLANs
+        for each switch port attached to the nodes interfaces.  Compare the
+        VLAN IDs set on the switch port to those configured in nic config
+        files. Since the mapping of roles to nodes isn't known prior to
+        deployment, this check can only check VLANs across all switch ports,
+        not on a particular switch port.
+      groups:
+        - pre-deployment
+    network_environment_path: environments/network-environment.yaml
+    ironic_inspector_conf_file: "/var/lib/config-data/puppet-generated/ironic_inspector/etc/ironic-inspector/inspector.conf"
+  roles:
+    - switch-vlans
--- a/roles/switch-vlans/defaults/main.yml
+++ b/roles/switch-vlans/defaults/main.yml
@ -0,0 +1,3 @@
+---
+ironic_inspector_conf_file: /var/lib/config-data/puppet-generated/ironic_inspector/etc/ironic-inspector/inspector.conf
+network_environment_path: environments/network-environment.yaml
--- a/roles/switch-vlans/meta/main.yml
+++ b/roles/switch-vlans/meta/main.yml
@ -0,0 +1,27 @@
+galaxy_info:
+  author: TripleO Validations Team
+  company: Red Hat
+  license: Apache
+  min_ansible_version: 2.4
+
+  platforms:
+  - name: CentOS
+    versions:
+    - 7
+  - name: RHEL
+    versions:
+    - 7
+
+  categories:
+    - cloud
+    - baremetal
+    - system
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
--- a/roles/switch-vlans/tasks/main.yml
+++ b/roles/switch-vlans/tasks/main.yml
@ -0,0 +1,23 @@
+---
+- name: Get Ironic Inspector swift auth_url
+  become: true
+  ini:
+    path: "{{ ironic_inspector_conf_file }}"
+    section: swift
+    key: auth_url
+  register: auth_url
+
+- name: Get Ironic Inspector swift password
+  become: true
+  ini:
+    path: "{{ ironic_inspector_conf_file }}"
+    section: swift
+    key: password
+  register: password
+
+- name: Check that switch vlans are present if used in nic-config files
+  switch_vlans:
+    path: "{{ network_environment_path }}"
+    template_files: "{{ lookup('tht') }}"
+    introspection_data: "{{ lookup('introspection_data',
+                            auth_url=auth_url.value, password=password.value) }}"
--- a/roles/switch-vlans/vars/main.yml
+++ b/roles/switch-vlans/vars/main.yml
@ -0,0 +1,12 @@
+---
+metadata:
+  name: Compare switch port VLANs to VLANs in nic config
+  description: >
+    LLDP data received during introspection contains the configured VLANs
+    for each switch port attached to the nodes interfaces.  Compare the
+    VLAN IDs set on the switch port to those configured in nic config
+    files. Since the mapping of roles to nodes isn't known prior to
+    deployment, this check can only check VLANs across all switch ports,
+    not on a particular switch port.
+  groups:
+    - pre-deployment