make ocp survive an hv reboot

files/network-hooks

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [ "$2" = "started" ] || [ "${2}" = "updated" ]; then
+        /sbin/iptables -F LIBVIRT_FWI || :
+        /sbin/iptables -F LIBVIRT_FWO || :
+        /sbin/iptables -A LIBVIRT_FWI -d 192.168.123.0/24 -p all -j ACCEPT || :
+        /sbin/iptables -A LIBVIRT_FWI -d 192.168.122.0/24 -p all -j ACCEPT || :
+        /sbin/iptables -A LIBVIRT_FWI -d 172.22.0.0/24 -p all -j ACCEPT || :
+        /sbin/iptables -A LIBVIRT_FWO -s 192.168.123.0/24 -p all -j ACCEPT || :
+        /sbin/iptables -A LIBVIRT_FWO -s 192.168.122.0/24 -p all -j ACCEPT || :
+        /sbin/iptables -A LIBVIRT_FWO -s 172.22.0.0/24 -p all -j ACCEPT || :
+fi

tasks/base_virt_ipi.yml

@@ -15,6 +15,20 @@
     - ocp4-net.xml
     - ocp4-prov-net.xml
 
+- name: create libvirt hooks dir
+  ansible.builtin.file:
+    path: /etc/libvirt/hooks
+    state: directory
+    mode: 0755
+
+- name: setup libvirt hook for network restart
+  ansible.builtin.copy:
+    src: network-hooks
+    dest: /etc/libvirt/hooks/network
+    owner: root
+    group: root
+    mode: 0744
+
 - name: Check if ocp4-net network is already configured
   ansible.builtin.command: virsh net-dumpxml ocp4-net
   register: ocp4_net_return
@@ -488,6 +502,18 @@
   when:
     ocp4_aio_deploy_type == "ipi"
 
+- name: Set VMs to autostart on reboot
+  ansible.builtin.command: "{{ item }}"
+  with_items: 
+    - "virsh autostart ocp4-bastion"
+    - "virsh autostart ocp4-master1"
+    - "virsh autostart ocp4-master2"
+    - "virsh autostart ocp4-master3"
+    - "virsh autostart ocp4-worker1"
+    - "virsh autostart ocp4-worker2"
+    - "virsh autostart ocp4-worker3"
+  when: bastion_defined.rc == 0
+
 - name: Check if ssh-key already exists
   ansible.builtin.stat:
     path: "/root/.ssh/id_rsa"