hypervisor.yml

- name: Add rhos-release repos and update ipxe-roms (for Ironic)
  hosts: hypervisor
  gather_facts: yes
  any_errors_fatal: true
  vars:
      rhos_release_rpm: "https://url.corp.redhat.com/rhos-release-latest-rpm"
  pre_tasks:
      - name: check for subscription
        command: subscription-manager identity
        failed_when: false
        register: cdn_status
        changed_when: false
        when: not install.cdn|default(False)
  tasks:
      - name: update /etc/hosts with VMs details
        lineinfile:
            dest: /etc/hosts
            line: "{{ hostvars[item].ansible_host|
                      default(hostvars[item].ansible_ssh_host) }}    \
                   {{ item }}.redhat.local {{ item }}"
            regexp: ".*{{ item }}$"
            state: present
        when: '"ansible_ssh_host" in hostvars[item] or "ansible_host" in hostvars[item]'
        with_items: "{{ groups.all | difference(['localhost']) | difference(['hypervisor']) }}"

      - name: get Ironic requirement
        block:
            - package:
                state: latest
                name: ipxe-roms-qemu
              register: update
        rescue:
            - fail:
                msg: |
                  "Package ipxe-roms-qemu cannot be found.
                  Install repositories which provide this package.
                  For RedHat system it might be rhelosp-rhel repo
                  For CentOS it is Base repo"

      # (fhubik) Detect bug in ansible, packages with long names aren't parsed correctly and upgraded
      # Remove when fixed (https://github.com/ansible/ansible-modules-core/issues/4318)
      - name: make sure we have latest ipxe-roms-qemu (workaround ansible-modules-core yum bug 4318)
        command: 'yum install ipxe-roms-qemu -y'
        when: not update is changed


# In case we're dealing with hypervisor, we need to make sure the undercloud is able to ssh to the hypervisor
- name: Create the stack user on the hypervisor and allow SSH to hypervisor
  hosts: hypervisor
  gather_facts: no
  any_errors_fatal: true
  vars:
      undercloud_node: "{{ groups.undercloud | first }}"
  tasks:
      - name: create stack user on hypervisor
        user:
            name: "{{ install.user.name }}"
            state: present
            password: "{{ install.user.password | password_hash('sha512') }}"

      - name: set permissions for the user to access the hypervisor
        copy:
            content: |
                [libvirt Management Access]
                Identity=unix-user:{{ install.user.name }}
                Action=org.libvirt.unix.manage
                ResultAny=yes
                ResultInactive=yes
                ResultActive=yes
            dest: "/etc/polkit-1/localauthority/50-local.d/50-libvirt-user-{{ install.user.name }}.pkla"