I am having several issues in playbook 5:
You can see the failure below where named does not start
It failed to start because it didn't build the DNS record for the bastion
The "api" and "app" DNS records are missing the base domain name portion!
Is there some way I can change my yaml file so these problems don't occur ????
ansible-playbook playbooks/5_setup_bastion.yaml
TASK [dns : Add infrastructure nodes to DNS reverse lookup file on bastion] ***************************************************************************************
changed: [bastion.ocp1.ibm.com] => (item=0)
changed: [bastion.ocp1.ibm.com] => (item=1)
changed: [bastion.ocp1.ibm.com] => (item=2)
TASK [dns : Restart named to update changes made to DNS] **********************************************************************************************************
fatal: [bastion.ocp1.ibm.com]: FAILED! => {"changed": false, "msg": "Unable to restart service named: Job for named.service failed because the control process exited with error code.\nSee "systemctl status named.service" and "journalctl -xe" for details.\n"}
PLAY RECAP ********************************************************************************************************************************************************
127.0.0.1 : ok=8 changed=4 unreachable=0 failed=0 skipped=18 rescued=0 ignored=0
bastion.ocp1.ibm.com : ok=31 changed=25 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0
[admin1@controller Ansible-OpenShift-Provisioning]$
May 31 16:26:11 bastion bash[23363]: zone 0.in-addr.arpa/IN: loaded serial 0
May 31 16:26:11 bastion bash[23363]: zone ibm.com/IN: NS 'bastion.ocp1.ibm.com'
has no address records (A or AAAA)
May 31 16:26:11 bastion bash[23363]: zone ibm.com/IN: not loaded due to errors.
May 31 16:26:11 bastion bash[23363]: _default/ibm.com/IN: bad zone
[root@bastion named]# cat ocp1.db
$TTL 86400
@ IN SOA bastion.ocp1.ibm.com. admin.ocp1.ibm.com.(
2020021821 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server / Bastion Information
@ IN NS bastion.ocp1.ibm.com.
;IP Address for Name Server
bastion IN A 9.76.61.82
;entry for bootstrap host.
bootstrap.ocp1.ibm.com. IN A 9.76.61.84
;entries for the control nodes
cp3.ocp1.ibm.com. IN A 9.76.61.87
cp2.ocp1.ibm.com. IN A 9.76.61.86
cp1.ocp1.ibm.com. IN A 9.76.61.85
;entries for the compute nodes
aw3.ocp1.ibm.com. IN A 9.76.61.93
aw2.ocp1.ibm.com. IN A 9.76.61.92
aw1.ocp1.ibm.com. IN A 9.76.61.91
;The api identifies the IP of your load balancer.
api.ocp1 IN CNAME bastion.ibm.com.
api-int.ocp1 IN CNAME bastion.ibm.com.
;The wildcard also identifies the load balancer.
apps.ocp1 IN CNAME bastion.ibm.com.
*.apps.ocp1 IN CNAME bastion.ibm.com.
;EOF
iw1.ocp1.ibm.com. IN A 9.76.61.88
iw2.ocp1.ibm.com. IN A 9.76.61.89
iw3.ocp1.ibm.com. IN A 9.76.61.90
[root@bastion named]# cat ocp1.rev
$TTL 86400
@ IN SOA bastion.ocp1.ibm.com. admin.ocp1.ibm.com (
2020011800 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS bastion.ocp1.ibm.com.
bastion IN A 9.76.61.82
;Reverse lookup for Name Server
82 IN PTR bastion.ocp1.ibm.com.
;PTR Record IP address to Hostname
90 IN PTR iw3.ocp1.ibm.com.
89 IN PTR iw2.ocp1.ibm.com.
88 IN PTR iw1.ocp1.ibm.com.
93 IN PTR aw3.ocp1.ibm.com.
92 IN PTR aw2.ocp1.ibm.com.
91 IN PTR aw1.ocp1.ibm.com.
87 IN PTR cp3.ocp1.ibm.com.
86 IN PTR cp2.ocp1.ibm.com.
85 IN PTR cp1.ocp1.ibm.com.
84 IN PTR bootstrap.ocp1.ibm.com.
82 IN PTR api-int.ocp1.ibm.com.
82 IN PTR api.ocp1.ibm.com.
[root@bastion named]#
[admin1@controller Ansible-OpenShift-Provisioning]$ cat inventories/default/group_vars/all.yaml
Section 1 - Ansible Controller
env:
controller:
sudo_pass: its0
Section 2 - LPAR(s)
z:
high_availability: False
ip_forward: True
lpar1:
create: False
hostname: rdbkkvm4
ip: 9.76.61.184
user: lnxadmin
pass: lnx4rdbk
lpar2:
create: False
hostname:
ip:
user:
pass:
hostname:
ip:
user:
pass:
Section 3 - File Server
file_server:
ip: 9.76.61.95
user: admin1
pass: its0
protocol: http
iso_mount_dir: /home/admin1/RHEL/8.7
cfgs_dir: ocp-config
Section 4 - Red Hat
redhat:
username: xxxxxxxxxx
password: xxxxxxxx
# Make sure to enclose pull_secret in 'single quotes'
pull_secret: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
Section 5 - Bastion
bastion:
create: True
vm_name: bastion
resources:
disk_size: 30
ram: 8192
swap: 4096
vcpu: 4
networking:
ip: 9.76.61.82
hostname: bastion
base_domain: ocp1.ibm.com
subnetmask: 255.255.255.0
gateway: 9.76.61.1
nameserver1: 9.0.0.2
nameserver2:
forwarder: 9.0.0.2
interface: enc1
access:
user: admin1
pass: its0
root_pass: its0
options:
dns: True
loadbalancer:
on_bastion: True
public_ip: 9.76.61.80
private_ip: 9.76.71.80
Section 6 - Cluster Networking
cluster:
networking:
metadata_name: ocp1
base_domain: ibm.com
subnetmask: 255.255.255.0
gateway: 9.76.61.1
nameserver1: 9.76.61.94
nameserver2:
Section 7 - Bootstrap Node
nodes:
bootstrap:
disk_size: 120
ram: 16384
vcpu: 4
vm_name: bootstrap
ip: 9.76.61.84
hostname: bootstrap
Section 8 - Control Nodes
control:
disk_size: 120
ram: 16384
vcpu: 4
vm_name:
- cp1
- cp2
- cp3
ip:
- 9.76.61.85
- 9.76.61.86
- 9.76.61.87
hostname:
- cp1
- cp2
- cp3
Section 9 - Compute Nodes
compute:
disk_size: 120
ram: 16384
vcpu: 4
vm_name:
- aw1
- aw2
- aw3
ip:
- 9.76.61.91
- 9.76.61.92
- 9.76.61.93
hostname:
- aw1
- aw2
- aw3
Section 10 - Infra Nodes
infra:
disk_size: 120
ram: 16384
vcpu: 4
vm_name:
- iw1
- iw2
- iw3
ip:
- 9.76.61.88
- 9.76.61.89
- 9.76.61.90
hostname:
- iw1
- iw2
- iw3
#######################################################################################
All variables below this point do not need to be changed for a default installation
#######################################################################################
Section 11 - (Optional) Packages
pkgs:
galaxy: [ ibm.ibm_zhmc, community.general, community.crypto, ansible.posix, community.libvirt ]
controller: [ openssh, expect ]
kvm: [ libguestfs, libvirt-client, libvirt-daemon-config-network, libvirt-daemon-kvm, cockpit-machines, virt-top, qemu-kvm, python3-lxml, cockpit, lvm2 ]
bastion: [ haproxy, httpd, bind, bind-utils, expect, firewalld, mod_ssl, python3-policycoreutils, rsync ]
hypershift: [ make, jq, git, virt-install ]
Section 12 - OpenShift Settings
openshift:
version: 4.12.0
install_config:
api_version: v1
compute:
architecture: s390x
hyperthreading: Enabled
control:
architecture: s390x
hyperthreading: Enabled
cluster_network:
cidr: 10.128.0.0/14
host_prefix: 23
type: OVNKubernetes
service_network: 172.30.0.0/16
fips: 'false'
Section 13 - (Optional) Proxy
proxy:
http:
https:
no:
Section 14 - (Optional) Misc
language: en_US.UTF-8
timezone: America/New_York
keyboard: us
root_access: false
ansible_key_name: ansible-ocpz
ocp_ssh_key_comment: OpenShift key
bridge_name: bond4
network_mode:
#jumphost if network mode is NAT
jumphost:
name:
ip:
user:
pass:
path_to_keypair:
Section 15 - RHCOS (CoreOS)
rhcos_download_url with '/' at the end !
rhcos_download_url: "https://mirror.openshift.com/pub/openshift-v4/s390x/dependencies/rhcos/4.12/4.12.3/"
For rhcos_os_variant use the OS string as defined in 'osinfo-query os -f short-id'
rhcos_os_variant: rhel8.6
RHCOS live image filenames
rhcos_live_kernel: "rhcos-4.12.3-s390x-live-kernel-s390x"
rhcos_live_initrd: "rhcos-4.12.3-s390x-live-initramfs.s390x.img"
rhcos_live_rootfs: "rhcos-4.12.3-s390x-live-rootfs.s390x.img"
Section 16 - Hypershift
hypershift:
kvm_host:
kvm_host_user:
bastion_hypershift:
bastion_hypershift_user:
mgmt_cluster_nameserver:
go_version: "1.19.5" # Change this if you want to install any other version of go
oc_url:
#Hosted Control Plane Parameters
hcp:
clusters_namespace:
hosted_cluster_name:
basedomain:
pull_secret_file: /root/ansible_workdir/auth_file
ocp_release:
machine_cidr:
arch:
# Make sure to enclose pull_secret in 'single quotes'
pull_secret:
AgentServiceConfig Parameters
asc:
url_for_ocp_release_file:
db_volume_size:
fs_volume_size:
ocp_version:
iso_url:
root_fs_url:
mce_namespace: "multicluster-engine" # This is the Recommended Namespace for Multicluster Engine operator
path_to_key_pair: /home/admin1/.ssh/ansible-ocpz.pub