diff --git a/files/network-hooks b/files/network-hooks new file mode 100644 index 0000000..16c3e15 --- /dev/null +++ b/files/network-hooks @@ -0,0 +1,12 @@ +#!/bin/bash + +if [ "$2" = "started" ] || [ "${2}" = "updated" ]; then + /sbin/iptables -F LIBVIRT_FWI || : + /sbin/iptables -F LIBVIRT_FWO || : + /sbin/iptables -A LIBVIRT_FWI -d 192.168.123.0/24 -p all -j ACCEPT || : + /sbin/iptables -A LIBVIRT_FWI -d 192.168.122.0/24 -p all -j ACCEPT || : + /sbin/iptables -A LIBVIRT_FWI -d 172.22.0.0/24 -p all -j ACCEPT || : + /sbin/iptables -A LIBVIRT_FWO -s 192.168.123.0/24 -p all -j ACCEPT || : + /sbin/iptables -A LIBVIRT_FWO -s 192.168.122.0/24 -p all -j ACCEPT || : + /sbin/iptables -A LIBVIRT_FWO -s 172.22.0.0/24 -p all -j ACCEPT || : +fi \ No newline at end of file diff --git a/tasks/base_virt_ipi.yml b/tasks/base_virt_ipi.yml index 18559f9..e9aaf79 100644 --- a/tasks/base_virt_ipi.yml +++ b/tasks/base_virt_ipi.yml @@ -15,6 +15,20 @@ - ocp4-net.xml - ocp4-prov-net.xml +- name: create libvirt hooks dir + ansible.builtin.file: + path: /etc/libvirt/hooks + state: directory + mode: 0755 + +- name: setup libvirt hook for network restart + ansible.builtin.copy: + src: network-hooks + dest: /etc/libvirt/hooks/network + owner: root + group: root + mode: 0744 + - name: Check if ocp4-net network is already configured ansible.builtin.command: virsh net-dumpxml ocp4-net register: ocp4_net_return @@ -488,6 +502,18 @@ when: ocp4_aio_deploy_type == "ipi" +- name: Set VMs to autostart on reboot + ansible.builtin.command: "{{ item }}" + with_items: + - "virsh autostart ocp4-bastion" + - "virsh autostart ocp4-master1" + - "virsh autostart ocp4-master2" + - "virsh autostart ocp4-master3" + - "virsh autostart ocp4-worker1" + - "virsh autostart ocp4-worker2" + - "virsh autostart ocp4-worker3" + when: bastion_defined.rc == 0 + - name: Check if ssh-key already exists ansible.builtin.stat: path: "/root/.ssh/id_rsa"