Skip to content

Commit

Permalink
fixed ansible-lint errors for KVM part of sap_hypervisor_preconfigure
Browse files Browse the repository at this point in the history
  • Loading branch information
Nils Koenig committed Sep 25, 2023
1 parent 9ce9c60 commit ba9bb05
Show file tree
Hide file tree
Showing 14 changed files with 65 additions and 65 deletions.
9 changes: 8 additions & 1 deletion roles/sap_hypervisor_node_preconfigure/meta/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,15 @@ galaxy_info:
namespace: community
role_name: sap_hypervisor_node_preconfigure
author: Nils Koenig
description: Provide the configuration of SAP-certified hypervisors
description: Provide the configuration of hypervisors for SAP workloads
license: Apache-2.0
min_ansible_version: 2.9
galaxy_tags: [ 'sap', 'hana', 'rhel', 'redhat', 'sles', 'suse' ]
platforms:
- name: CentOS
versions:
8
- name: RHEL
versions:
8
dependencies: []
1 change: 1 addition & 0 deletions ..._hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/configure-kargs-per-node.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: Get worker name
ansible.builtin.set_fact:
__sap_hypervisor_node_preconfigure_register_worker_name:
Expand Down
1 change: 1 addition & 0 deletions .../sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/download-rhel-images.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: "Download rhel 8.6 image"
kubernetes.core.k8s:
state: present
Expand Down
1 change: 1 addition & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/install-trident.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: Download trident
ansible.builtin.unarchive:
remote_src: true
Expand Down
1 change: 1 addition & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/kargs.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: Personalize template
ansible.builtin.template:
src: 99-kargs-worker.yml.j2
Expand Down
1 change: 1 addition & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/node-network.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: Print network
ansible.builtin.debug:
var: __sap_hypervisor_node_preconfigure_register_worker_network
Expand Down
1 change: 1 addition & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/prepare.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: Gather Facts
ansible.builtin.gather_facts:

Expand Down
1 change: 1 addition & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_ocp_virt/setup-worker-node.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
- name: Include configure kargs
ansible.builtin.include_tasks: configure-kargs-per-node.yml
with_items: "{{ __sap_hypervisor_node_preconfigure_register_nodes }}"
Expand Down
39 changes: 23 additions & 16 deletions .../sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-configuration.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,13 @@
- name: Get kernel command line
ansible.builtin.command: cat /proc/cmdline
register: __sap_hypervisor_node_preconfigure_kernelcmdline_assert
changed_when: __sap_hypervisor_node_preconfigure_kernelcmdline_assert.rc != 0

- name: "Assert - Kernel same page merging (KSM): Get status"
ansible.builtin.shell: systemctl status ksm
ansible.builtin.command: systemctl status ksm
register: __sap_hypervisor_node_preconfigure_ksmstatus_assert
ignore_errors: yes
changed_when: __sap_hypervisor_node_preconfigure_ksmstatus_assert.rc != 0

- name: "Assert - Kernel same page merging (KSM): Check if stopped"
ansible.builtin.assert:
Expand All @@ -18,9 +20,10 @@
ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}"

- name: "Assert - Kernel same page merging (KSM) Tuning Daemon: Get status"
ansible.builtin.shell: systemctl status ksmtuned
ansible.builtin.command: systemctl status ksmtuned
register: __sap_hypervisor_node_preconfigure_ksmtunedstatus_assert
ignore_errors: yes
changed_when: __sap_hypervisor_node_preconfigure_ksmtunedstatus_assert.rc != 0

- name: "Assert - Kernel same page merging (KSM) Tuning Daemon: Check if stopped"
ansible.builtin.assert:
Expand All @@ -30,10 +33,12 @@
ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}"

- name: Check CPU Stepping
ansible.builtin.shell: lscpu | awk '/Stepping/{print $2}'
ansible.builtin.shell: set -o pipefail && lscpu | awk '/Stepping/{print $2}'
register: __sap_hypervisor_node_preconfigure_cpu_stepping_output_assert
changed_when: __sap_hypervisor_node_preconfigure_cpu_stepping_output_assert.rc != 0

- set_fact:
- name: register stepping as fact
set_fact:
__sap_hypervisor_node_preconfigure_cpu_stepping_assert: "{{ __sap_hypervisor_node_preconfigure_cpu_stepping_output_assert.stdout }}"

- name: Print CPU Stepping
Expand All @@ -47,6 +52,7 @@
ansible.builtin.command: grep -E '^options\s+kvm_intel.*?ple_gap\s*=\s*0.*$' /etc/modprobe.d/kvm.conf
register: __sap_hypervisor_node_preconfigure_skylake_plegap_assert
ignore_errors: yes
changed_when: __sap_hypervisor_node_preconfigure_skylake_plegap_assert.rc != 0

- name: Assert - Check if ple_gap=0
ansible.builtin.assert:
Expand Down Expand Up @@ -76,9 +82,11 @@

- name: Assert - check seccomp_sanbox=0
block:
- command: grep -E '^seccomp_sandbox\s+=\s+0.*$' /etc/libvirt/qemu.conf
- name: Get seccomp setting
ansible.builtin.command: grep -E '^seccomp_sandbox\s+=\s+0.*$' /etc/libvirt/qemu.conf
register: __sap_hypervisor_node_preconfigure_seccomp_assert
ignore_errors: yes
changed_when: __sap_hypervisor_node_preconfigure_seccomp_assert.rc != 0

- name: "Assert - Check seccomp_sanbox=0 is in /etc/libvirt/qemu.conf"
ansible.builtin.assert:
Expand All @@ -90,8 +98,9 @@
- name: Assert - check amount of 1G hugepages
block:
- name: Get amount of 1G hugepages
ansible.builtin.shell: hugeadm --pool-list | grep 1073741824 | awk '{print $3}'
register: __sap_hypervisor_node_preconfigure_1Ghugepages_assert
ansible.builtin.shell: set -o pipefail && hugeadm --pool-list | grep 1073741824 | awk '{print $3}'
register: __sap_hypervisor_node_preconfigure_1g_hugepages_assert
changed_when: __sap_hypervisor_node_preconfigure_1g_hugepages_assert.rc != 0

- name: "Check that at least {{ sap_hypervisor_node_preconfigure_reserved_ram }} GB are available for the hypervisor and the rest are 1G hugepages"
ansible.builtin.assert:
Expand All @@ -102,26 +111,24 @@

- name: Assert - check Kernel command line
block:
- assert:
- name: Ensure iommu is enabled
ansible.builtin.assert:
that: "'intel_iommu=on' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout"
fail_msg: "FAIL: intel_iommu=on not on Kernel command line"
success_msg: "PASS: intel_iommu=on on Kernel command line"
ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}"

- assert:
- name: Ensure iommu passthrough is enabled
ansible.builtin.assert:
that: "'iommu=pt' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout"
fail_msg: "FAIL: iommu=pt not on Kernel command line"
success_msg: "PASS: iommu=pt on Kernel command line"
ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}"

- assert:
# XXX shouldn't tsx be on?
- name: Ensure tsx is off
ansible.builtin.assert:
that: "'tsx=off' in __sap_hypervisor_node_preconfigure_kernelcmdline_assert.stdout"
fail_msg: "FAIL: tsx=off not on Kernel command line"
success_msg: "PASS: tsx=off on Kernel command line"
ignore_errors: "{{ sap_hypervisor_node_preconfigure_ignore_failed_assertion }}"


#- name: Trigger tuned profile sap-hana-kvm activation
# include_tasks: set-tuned-profile.yml
#
##### install hooks: HP, cpufreq
4 changes: 4 additions & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-rhv-hooks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
- name: Check file permissions
ansible.builtin.command: "stat -c%a /usr/libexec/vdsm/hooks/before_vm_start/{{ item }}"
register: __sap_hypervisor_node_preconfigure_register_file_permissions_assert
changed_when: __sap_hypervisor_node_preconfigure_register_file_permissions_assert.rc != 0

- name: Assert hook file permissions
ansible.builtin.assert:
Expand All @@ -14,16 +15,19 @@
ansible.builtin.file:
path: /tmp/sap_hypervisor_node_preconfigure
state: directory
mode: "0755"

- name: Copy hook for checking
ansible.builtin.copy:
dest: "/tmp/sap_hypervisor_node_preconfigure/{{ item }}"
src: "{{ item }}"
mode: "0755"

- name: Diff hook
ansible.builtin.command: "diff -uw /tmp/sap_hypervisor_node_preconfigure/{{ item }} /usr/libexec/vdsm/hooks/before_vm_start/{{ item }}"
register: __sap_hypervisor_node_preconfigure_register_hook_diff_assert
ignore_errors: yes
changed_when: __sap_hypervisor_node_preconfigure_register_hook_diff_assert.rc != 0

- name: Assert hook content
ansible.builtin.assert:
Expand Down
1 change: 1 addition & 0 deletions ..._hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/assert-set-tuned-profile.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
- name: Get tuned profile
ansible.builtin.command: tuned-adm active
register: __sap_hypervisor_node_preconfigure_tuned_profile_assert
changed_when: __sap_hypervisor_node_preconfigure_tuned_profile_assert.rc != 0

- name: Verify tuned profile
ansible.builtin.assert:
Expand Down
63 changes: 16 additions & 47 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/configuration.yml
View file
Original file line number Diff line number Diff line change
@@ -1,60 +1,29 @@
---
# tasks file for sap_hypervisor_node_preconfigure

- name: Test if kernel same page merging (KSM) exists
ansible.builtin.shell: systemctl cat ksm
register: ksm
ignore_errors: true
become: true
become_user: root

- name: Test if kernel same page merging (KSM) tuning daemon exists
ansible.builtin.shell: systemctl cat ksmtuned
register: ksmtuned
ignore_errors: true
become: true
become_user: root

- name: Stop kernel same page merging (KSM)
ansible.builtin.shell: systemctl stop ksm
when: ksm.rc == 0
become: true
become_user: root

- name: Disable kernel same page merging (KSM)
ansible.builtin.shell: systemctl disable ksm
when: ksm.rc == 0
become: true
become_user: root

- name: Stop Kernel Samepage Merging (KSM) Tuning Daemon
ansible.builtin.shell: systemctl stop ksmtuned
when: ksmtuned.rc == 0
become: true
become_user: root

- name: Disable Kernel Samepage Merging (KSM) Tuning Daemon
ansible.builtin.shell: systemctl disable ksmtuned
when: ksmtuned.rc == 0
become: true
become_user: root
- name: Stop and disable kernel same page merging (KSM)
ansible.builtin.systemd:
name: ksm
state: stopped
enabled: false

- name: Stop and disable kernel same page merging (KSM) tuning daemon
ansible.builtin.systemd:
name: ksmtuned
state: stopped
enabled: false

- name: Check CPU Stepping
ansible.builtin.shell: lscpu | awk '/Stepping/{print $2}'
ansible.builtin.shell: set -o pipefail && lscpu | awk '/Stepping/{print $2}'
register: cpu_stepping_output
become: true
become_user: root
changed_when: cpu_stepping_output.rc != 0

- set_fact:
- name: Register CPU stepping as fact
set_fact:
cpu_stepping: "{{ cpu_stepping_output.stdout }}"
become: true
become_user: root

- name: Print CPU Stepping
ansible.builtin.shell: echo "{{ cpu_stepping }}"
become: true
become_user: root

# skylake:
- name: Set ple_gap=0 on Intel Skylake CPU Platform
ansible.builtin.lineinfile:
Expand Down Expand Up @@ -108,7 +77,7 @@
become: true
become_user: root

- name: Trigger tuned profile sap-hana-kvm activation
- name: Include allocate hughepages at runtime
ansible.builtin.include_tasks: allocate-hugepages-at-runtime.yml
when: sap_hypervisor_node_preconfigure_reserve_hugepages == "runtime"

Expand Down
3 changes: 2 additions & 1 deletion roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/rhv-hooks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,14 @@
ansible.builtin.file:
path: /usr/libexec/vdsm/hooks/before_vm_start
state: directory
mode: "0755"
become: true
become_user: root

- name: Copy hook
ansible.builtin.copy:
dest: "/usr/libexec/vdsm/hooks/before_vm_start/{{ item }}"
src: "{{ item }}"
mode: '0755'
mode: "0755"
become: true
become_user: root
4 changes: 4 additions & 0 deletions roles/sap_hypervisor_node_preconfigure/tasks/platform/redhat_rhel_kvm/set-tuned-profile.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,14 @@
ansible.builtin.file:
path: /usr/lib/tuned/sap-hana-kvm-host
state: directory
mode: "0755"
become: true
become_user: root

- name: Create sap-hana-kvm-host tuned profile
ansible.builtin.copy:
dest: "/usr/lib/tuned/sap-hana-kvm-host/tuned.conf"
mode: "0644"
content: |
#
# tuned configuration
Expand Down Expand Up @@ -36,5 +38,7 @@

- name: Activate tuned profile
ansible.builtin.command: tuned-adm profile sap-hana-kvm-host
register: __sap_hypervisor_node_preconfigre_register_tuned_activation_output
become: true
become_user: root
changed_when: __sap_hypervisor_node_preconfigre_register_tuned_activation_output.rc != 0

0 comments on commit ba9bb05

Please sign in to comment.