rht
/
sno-playbooks


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879
							---
# Deploys the infrastructure modifications needed to support SNOx node installation:
#
# - DNS zone files
# - DNS zone configuration
# - bastion zone delegation
# - DHCP server modifications
#
# REQUIRES:
#  - variable "node" according to vms structure
#
- name: Publish forward DNS zone
  template:
    src: templates/sno.zone.j2
    dest: /var/named/{{ node.cluster }}.example.com.zone
    mode: 0640
    owner: root
    group: named
  notify:
    - reload_named

- name: Configure DNS to load the published zone
  lineinfile:
    path: /etc/named.conf
    insertafter: "^# BEGIN ANSIBLE MANAGED DNS ZONES$"
    regexp: '^zone "{{ node.cluster }}.example.com"'
    line: 'zone "{{ node.cluster }}.example.com" { type master; file "{{ node.cluster }}.example.com.zone"; allow-update { none; }; };'
    state: present
  notify:
    - reload_named

- name: Update reverse DNS zone
  lineinfile:
    path: /var/named/50.168.192.in-addr.arpa.zone
    insertafter: "^; BEGIN DYNAMIC 50 rZONE RECORDS$"
    regexp: "^{{ node.ip | regex_replace('^192.168.50.', '') }}"
    line: "{{ node.ip | regex_replace('^192.168.50.', '') }}      IN PTR {{ node.name }}.{{ node.cluster }}.example.com."
    state: present
  register: zoneupdate

- name: Extract the serial if rzone was updated
  shell: grep -i serial /var/named/50.168.192.in-addr.arpa.zone | awk '{ print $1 }'
  register: rzone_serial_result
  when: zoneupdate.changed

- name: Bump up the serial if rzone was updated
  set_fact:
    rzone_serial: "{{ rzone_serial_result.stdout | int + 1 }}"
  when: zoneupdate.changed

- name: Update the serial number of reverse DNS zone
  lineinfile:
    path: /var/named/50.168.192.in-addr.arpa.zone
    regexp: "(?i); serial"
    line: "		{{ rzone_serial }} ; serial"
    state: present
  when: zoneupdate.changed
  notify:
    - reload_named

- name: Delegate the new zone to utility from bastion
  delegate_to: bastion.lab.example.com
  template:
    src: templates/dnsmasq.conf.j2
    dest: /etc/dnsmasq.d/{{ node.cluster }}.conf
    mode: 0644
    owner: root
    group: root
  notify: restart_bastion_dnsmasq

- name: Make sure DHCP server recognizes us
  lineinfile:
    path: /etc/dhcp/dhcpd.conf
    insertafter: "^# BEGIN ANSIBLE MANAGED DHCP CONFIG$"
    regexp: "(?i)hardware ethernet {{ node.mac | regex_replace('^01-', '') | regex_replace('-', ':') }}"
    line: 'host {{ node.name }}-{{ node.cluster }} { hardware ethernet {{ node.mac | regex_replace("^01-", "") | regex_replace("-", ":") }}; fixed-address {{ node.ip }}; option host-name "{{ node.name }}.{{ node.cluster }}.example.com"; option domain-name "{{ node.cluster }}.example.com"; option domain-search "{{ node.cluster }}.example.com"; }'
    state: present
  notify: restart_dhcpd
...