added use of bastion validation for destroy and add new compute

frankmit11 · Jul 3, 2024 · 9998ef1 · 9998ef1
1 parent 99a0ed4
commit 9998ef1
Show file tree

Hide file tree

Showing 6 changed files with 146 additions and 119 deletions.
diff --git a/z_infra_provisioning/cloud_infra_center/ocp_upi/04-destroy.yaml b/z_infra_provisioning/cloud_infra_center/ocp_upi/04-destroy.yaml
@@ -18,6 +18,8 @@
 - import_playbook: destroy-controls.yaml
 - import_playbook: destroy-bootstrap.yaml
 - import_playbook: destroy-computes.yaml
+- import_playbook: cleanup-bastion.yaml
+  when: use_internal_bastion == true
 - import_playbook: destroy-network.yaml
 - import_playbook: destroy-security-groups.yaml
 - import_playbook: destroy-volumes.yaml

diff --git a/z_infra_provisioning/cloud_infra_center/ocp_upi/add-new-compute-node.yaml b/z_infra_provisioning/cloud_infra_center/ocp_upi/add-new-compute-node.yaml
@@ -238,52 +238,6 @@
         workers_list: "{{ item.split(',') }}"
       with_items: "{{ works_list_results.stdout_lines }}"
 
-- hosts: bastion
-  tasks:
-    - name: 'Check whether use internal bastion'
-      set_fact:
-        use_internal_bastion: "{{ hostvars['localhost']['use_internal_bastion'] }}"
-
-    - name: 'Modify bastion dns for new worker'
-      ansible.builtin.include_tasks: modify-dns.yaml
-      vars:
-        worker_name: "{{ item.split(':')[0] }}"
-        worker_ip: "{{ item.split(':')[-1] }}"
-        cluster_domain_name: "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
-      with_items: "{{ hostvars['localhost']['workers_list'] }}" 
-      when:
-        - use_internal_bastion == true
-
-    - name: 'Modify bastion haproxy for new worker'
-      ansible.builtin.include_tasks: modify-haproxy.yaml
-      vars:
-        worker_name: "{{ item.split(':')[0] }}"
-        cluster_domain_name:  "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
-      with_items: "{{ hostvars['localhost']['workers_list'] }}" 
-      when:
-        - use_internal_bastion == true
-
-    - name: Restart named-chroot.service
-      ansible.builtin.service:
-        name: named-chroot.service
-        state: restarted
-      when:
-        - use_internal_bastion == true
-
-    - name: Restart HAProxy.service
-      ansible.builtin.service:
-        name: haproxy.service
-        state: restarted
-      when:
-        - use_internal_bastion == true
-
-    - name: Check if named-chroot is running
-      ansible.builtin.service:
-        name: named-chroot
-        state: started
-
-    - name: Check if HAProxy is running
-      ansible.builtin.service:
-        name: haproxy
-        state: started
-
+- import_playbook: update-bastion-new-compute.yaml
+  when: use_internal_bastion == true
+
diff --git a/z_infra_provisioning/cloud_infra_center/ocp_upi/cleanup-bastion.yaml b/z_infra_provisioning/cloud_infra_center/ocp_upi/cleanup-bastion.yaml
@@ -0,0 +1,77 @@
+# =================================================================
+# Copyright 2021 https://github.com/openshift/installer
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# =================================================================
+
+# Required Python packages:
+#
+# ansible
+# openstackclient
+# openstacksdk
+
+- hosts: bastion
+  tasks:
+    - name: 'Check whether use internal bastion'
+      set_fact:
+        use_internal_bastion: "{{ hostvars['localhost']['use_internal_bastion'] }}"
+
+    - name: 'Set fact of domain info'
+      set_fact:
+        cluster_domain_name: "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
+
+    - name: 'Validate master exits'
+      ansible.builtin.shell: | 
+        count=$(grep -c 'master' /var/named/{{ cluster_domain_name  }}.zone)
+        echo $count
+      register: master_exists_count
+
+    - name: 'Get the line number of the master'
+      ansible.builtin.shell: grep 'master' /var/named/{{ cluster_domain_name  }}.zone
+      register: master_ln
+      when: master_exists_count.stdout | int > 0
+
+    - name: Remove /etc/haproxy/haproxy.cfg info with masters
+      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /etc/haproxy/haproxy.cfg
+      with_items: "{{ master_ln.stdout_lines }}"
+      when:
+        - master_exists_count.stdout | int > 0
+
+    - name: Remove bastion dns info with masters
+      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /var/named/{{ cluster_domain_name  }}.zone
+      with_items: "{{ master_ln.stdout_lines }}"
+      when:
+        - master_exists_count.stdout | int > 0
+
+    - name: 'Validate worker exits'
+      ansible.builtin.shell: | 
+        count=$(grep -c 'worker' /var/named/{{ cluster_domain_name  }}.zone)
+        echo $count
+      register: worker_exist_count
+
+    - name: 'Get the line number of the worker'
+      ansible.builtin.shell: grep 'worker' /var/named/{{ cluster_domain_name  }}.zone
+      register: worker_ln
+      when: worker_exist_count.stdout | int > 0
+
+    - name: Remove /etc/haproxy/haproxy.cfg info with workers
+      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /etc/haproxy/haproxy.cfg
+      with_items: "{{ worker_ln.stdout_lines }}"
+      when:
+        - worker_exist_count.stdout | int > 0
+
+    - name: Remove bastion dns info with workers
+      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /var/named/{{ cluster_domain_name  }}.zone
+      with_items: "{{ worker_ln.stdout_lines }}"
+      when:
+        - worker_exist_count.stdout | int > 0
diff --git a/z_infra_provisioning/cloud_infra_center/ocp_upi/destroy-computes.yaml b/z_infra_provisioning/cloud_infra_center/ocp_upi/destroy-computes.yaml
@@ -61,38 +61,3 @@
       ansible.builtin.shell:
         cmd: "openstack server delete {{ item.1 }}"
       with_indexed_items: "{{ computes.stdout_lines }}"
-
-- hosts: bastion
-  tasks:
-    - name: 'Check whether use internal bastion'
-      set_fact:
-        use_internal_bastion: "{{ hostvars['localhost']['use_internal_bastion'] }}"
-
-    - name: 'Set fact of domain info'
-      set_fact:
-        cluster_domain_name: "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
-
-    - name: 'Validate worker exits'
-      ansible.builtin.shell: | 
-        count=$(grep -c 'worker' /var/named/{{ cluster_domain_name  }}.zone)
-        echo $count
-      register: worker_exist_count
-
-    - name: 'Get the line number of the worker'
-      ansible.builtin.shell: grep 'worker' /var/named/{{ cluster_domain_name  }}.zone
-      register: worker_ln
-      when: worker_exist_count.stdout | int > 0
-
-    - name: Remove /etc/haproxy/haproxy.cfg info with workers
-      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /etc/haproxy/haproxy.cfg
-      with_items: "{{ worker_ln.stdout_lines }}"
-      when:
-        - worker_exist_count.stdout | int > 0
-        - use_internal_bastion == true
-
-    - name: Remove bastion dns info with workers
-      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /var/named/{{ cluster_domain_name  }}.zone
-      with_items: "{{ worker_ln.stdout_lines }}"
-      when:
-        - worker_exist_count.stdout | int > 0
-        - use_internal_bastion ==  true
diff --git a/z_infra_provisioning/cloud_infra_center/ocp_upi/destroy-controls.yaml b/z_infra_provisioning/cloud_infra_center/ocp_upi/destroy-controls.yaml
@@ -53,38 +53,3 @@
         cmd: "openstack --os-compute-api-version=2.15 server group delete {{ server_group_id }}"
       when:
         - server_group_id is defined
-
-- hosts: bastion
-  tasks:
-    - name: 'Check whether use internal bastion'
-      set_fact:
-        use_internal_bastion: "{{ hostvars['localhost']['use_internal_bastion'] }}"
-
-    - name: 'Set fact of domain info'
-      set_fact:
-        cluster_domain_name: "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
-
-    - name: 'Validate master exits'
-      ansible.builtin.shell: | 
-        count=$(grep -c 'master' /var/named/{{ cluster_domain_name  }}.zone)
-        echo $count
-      register: master_exists_count
-
-    - name: 'Get the line number of the master'
-      ansible.builtin.shell: grep 'master' /var/named/{{ cluster_domain_name  }}.zone
-      register: master_ln
-      when: master_exists_count.stdout | int > 0
-
-    - name: Remove /etc/haproxy/haproxy.cfg info with masters
-      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /etc/haproxy/haproxy.cfg
-      with_items: "{{ master_ln.stdout_lines }}"
-      when:
-        - master_exists_count.stdout | int > 0
-        - use_internal_bastion == true
-
-    - name: Remove bastion dns info with masters
-      ansible.builtin.shell: sed -i '/{{ item.split(' ')[0] }}/d' /var/named/{{ cluster_domain_name  }}.zone
-      with_items: "{{ master_ln.stdout_lines }}"
-      when:
-        - master_exists_count.stdout | int > 0
-        - use_internal_bastion == true
diff --git a/z_infra_provisioning/cloud_infra_center/ocp_upi/update-bastion-new-compute.yaml b/z_infra_provisioning/cloud_infra_center/ocp_upi/update-bastion-new-compute.yaml
@@ -0,0 +1,64 @@
+# =================================================================
+# Licensed Materials - Property of IBM
+#
+# (c) Copyright IBM Corp. 2023 All Rights Reserved
+#
+# US Government Users Restricted Rights - Use, duplication or
+# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
+# =================================================================
+
+# Required Python packages:
+#
+# ansible
+# openstackclient
+# openstacksdk
+# netaddr
+
+- hosts: bastion
+  tasks:
+    - name: 'Check whether use internal bastion'
+      set_fact:
+        use_internal_bastion: "{{ hostvars['localhost']['use_internal_bastion'] }}"
+
+    - name: 'Modify bastion dns for new worker'
+      ansible.builtin.include_tasks: modify-dns.yaml
+      vars:
+        worker_name: "{{ item.split(':')[0] }}"
+        worker_ip: "{{ item.split(':')[-1] }}"
+        cluster_domain_name: "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
+      with_items: "{{ hostvars['localhost']['workers_list'] }}" 
+      when:
+        - use_internal_bastion == true
+
+    - name: 'Modify bastion haproxy for new worker'
+      ansible.builtin.include_tasks: modify-haproxy.yaml
+      vars:
+        worker_name: "{{ item.split(':')[0] }}"
+        cluster_domain_name:  "{{ hostvars['localhost']['cluster_name'] }}.{{ hostvars['localhost']['base_domain'] }}"
+      with_items: "{{ hostvars['localhost']['workers_list'] }}" 
+      when:
+        - use_internal_bastion == true
+
+    - name: Restart named-chroot.service
+      ansible.builtin.service:
+        name: named-chroot.service
+        state: restarted
+      when:
+        - use_internal_bastion == true
+
+    - name: Restart HAProxy.service
+      ansible.builtin.service:
+        name: haproxy.service
+        state: restarted
+      when:
+        - use_internal_bastion == true
+
+    - name: Check if named-chroot is running
+      ansible.builtin.service:
+        name: named-chroot
+        state: started
+
+    - name: Check if HAProxy is running
+      ansible.builtin.service:
+        name: haproxy
+        state: started