From eadc47749bdef5d12a8da055b37a8047d5c9499d Mon Sep 17 00:00:00 2001 From: jullienl <lionel.jullien@hpe.com> Date: Sun, 31 Oct 2021 18:20:50 -0400 Subject: [PATCH] Changes for release-v1.2 --- WIN_autodeploy_using_autogenerated_ISO.yml | 405 +++++++++++++++++++++ WIN_unprovision.yml | 76 ++++ files/Ansible_control_node_requirements.md | 2 +- group_vars/Windows.yml | 4 + readme.md | 204 ++++++++++- vars/WIN_provisioning.yml | 70 ++++ 6 files changed, 759 insertions(+), 2 deletions(-) create mode 100644 WIN_autodeploy_using_autogenerated_ISO.yml create mode 100644 WIN_unprovision.yml create mode 100644 vars/WIN_provisioning.yml diff --git a/WIN_autodeploy_using_autogenerated_ISO.yml b/WIN_autodeploy_using_autogenerated_ISO.yml new file mode 100644 index 0000000..a01442d --- /dev/null +++ b/WIN_autodeploy_using_autogenerated_ISO.yml @@ -0,0 +1,405 @@ +--- + +# Performing automated Windows Server 2022 Boot from SAN installation on Gen10 Synergy Module(s) using a kickstart and a HPE OneView Server Profile Template + +- name: Performing an unattended Windows Server 2022 Boot from SAN installation on a Gen10 Synergy Module using a OneView Server Profile Template + hosts: Windows + collections: + - hpe.oneview + gather_facts: no + vars_files: + - vars/WIN_provisioning.yml + #- vars/encrypted_credentials.yml + vars: + # HPE Synergy Composer configuration + - config: "{{ playbook_dir }}/oneview_config.json" + + - inventory_fqdn: "{{ inventory_hostname | lower }}.{{ domain }}" + + - ansible_python_interpreter: python3 + - ansible_host_key_checking: false + - validate_certs: false + + tasks: + +# Staging the Windows Server ISO on Ansible Controller + + - name: Checking if Windows Server ISO file exists on "{{lookup("pipe","hostname")}}" + stat: + path: "{{ src_iso_directory }}/{{ src_iso_file }}" + register: p + delegate_to: localhost + + - name: Creating the directory "{{ src_iso_directory }}" to host the ISO file on "{{ lookup("pipe","hostname") }}" + file: + path: "{{ src_iso_directory }}" + state: directory + delegate_to: localhost + + - name: Downloading file "{{ src_iso_file }}" to "{{ lookup("pipe","hostname") }}" if not present + get_url: + url: "{{ src_iso_url }}/{{ src_iso_file }}" + dest: "{{ src_iso_directory }}" + validate_certs: no + when: p.stat.exists == False + delegate_to: localhost + + - name: Checking if Windows Server ISO file extraction is necessary on "{{ lookup("pipe","hostname") }}" + stat: + path: /opt/baremetal/{{ inventory_hostname }} + register: p + delegate_to: localhost + + - name: Creating /mnt/{{ inventory_hostname }} on "{{lookup("pipe","hostname")}}" if it does not exist + file: + path: /mnt/{{ inventory_hostname }} + state: directory + mode: '0755' + delegate_to: localhost + + - name: Creating /opt/baremetal/{{ inventory_hostname }}/ on "{{lookup("pipe","hostname")}}" if it does not exist + file: + path: /opt/baremetal/{{ inventory_hostname }} + state: directory + mode: '0755' + delegate_to: localhost + + - name: Mounting Windows Server ISO and copying ISO files to /opt/baremetal/{{ inventory_hostname }}/ on "{{lookup("pipe","hostname")}}" + shell: | + mount -o loop {{ src_iso_directory }}/{{ src_iso_file }} /mnt/{{ inventory_hostname }}/ + cp -r /mnt/{{ inventory_hostname }}/. /opt/baremetal/{{ inventory_hostname }}/ + umount /mnt/{{ inventory_hostname }} + args: + warn: false # To prevent warning + when: p.stat.exists == False + delegate_to: localhost + +# Creating $OEM$ resources to host the different scripts that we need to run at startup + + - name: Creating $OEM$ on "{{lookup("pipe","hostname")}}" in /opt/baremetal/{{ inventory_hostname }}/sources to run scripts at startup + file: + path: "{{ item }}" + state: directory + owner: root + group: root + mode: 0775 + loop: + - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$ + - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$1 + - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$1/Temp + - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$ + - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup + - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup/Scripts + delegate_to: localhost + + - name: Download POSH script from GitHub to configure Windows for remote management with Ansible + get_url: + url: https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 + dest: /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$1/Temp/winRM.ps1 + mode: '0775' + delegate_to: localhost + +# Creating a Server Profile in HPE OneView from a boot from SAN Server Profile Template: + + - name: Creating Server Profile "{{ inventory_hostname }}" from Server Profile Template "{{ server_template }}" + oneview_server_profile: + config: "{{ config }}" + data: + serverProfileTemplateName: "{{ server_template }}" + name: "{{ inventory_hostname }}" + # serverHardwareUri: "/rest/server-hardware/39313738-3234-584D-5138-323830343848" + # server_hardware: Encl1, bay 12 + # If any hardware is provided, it tries to get one available + delegate_to: localhost + register: result + + - name: Capturing information for the customization of the kickstart file [server generation - MAC of first management NIC - LUN uri of the primary boot volume] + set_fact: + server_hardware_name: "{{ server_hardware.name }}" + generation: "{{ server_hardware.generation }}" + lunuri: "{{ (server_profile.sanStorage.volumeAttachments | selectattr('bootVolumePriority', 'equalto', 'Primary') | map(attribute='volumeUri') | list)[0] }}" + mac1: "{{ (server_profile.connectionSettings.connections | selectattr('id', 'equalto', 1) | map(attribute='mac') | list)[0] }}" + mac2: "{{ (server_profile.connectionSettings.connections | selectattr('id', 'equalto', 2) | map(attribute='mac') | list)[0] }}" + +# #- debug: var=server_profile +# #- debug: var=serial_number +# #- debug: var=server_hardware +# #- debug: var=compliance_preview +# #- debug: var=created + +# #- debug: var=generation +# #- debug: var=lunuri +# #- debug: var=mac1 + + - name: Showing the result of the Server Profile creation task + debug: + msg: "Hardware selected: {{ server_hardware_name }} - Result: {{ result.msg }}" + + - name: Collecting volumes information + oneview_volume_facts: + config: "{{ config }}" + delegate_to: localhost + + #- debug: var=storage_volumes + + - name: Capturing boot LUN size defined in the Server Profile to ensure that Windows Server will be installed on this disk using the kickstart file + set_fact: + size: "{{ ((storage_volumes | selectattr('uri', 'equalto', lunuri) | map(attribute='provisionedCapacity') | list)[0] | int / (1024*1024*1024) ) |int}}" + + # - debug: var=size + +# Creation of the SetupComplete.cmd to configure the network settings + + - name: Creating configure_network.ps1 that will be launched by SetupComplete.cmd (creation of a team using the first two NICs and configuration of IP parameters) + copy: + force: true + dest: /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup/Scripts/configure_network.ps1 + content: | + $mac1="{{ mac1 }}" + $net1=get-netadapter | where MacAddress -eq $mac1.replace(":","-") | select name + $mac2="{{ mac2 }}" + $net2=get-netadapter | where MacAddress -eq $mac2.replace(":","-") | select name + New-NetLbfoTeam -Name mgmt_nw_team -TeamMembers $net1.name,$net2.name -confirm:$false + netsh interface ip set address mgmt_nw_team static "{{host_management_ip}}" "{{netmask}}" "{{gateway}}" 1 + netsh interface ip add dns mgmt_nw_team "{{nameserver1}}" + netsh interface ip add dns mgmt_nw_team "{{nameserver2}}" index=2 + $team_index = Get-NetAdapter -Name mgmt_nw_team | % ifindex + Set-DnsClient -InterfaceIndex $team_index -ConnectionSpecificSuffix "{{domain}}" -RegisterThisConnectionsAddress $true -UseSuffixWhenRegistering $true + delegate_to: localhost + + - name: Creating SetupComplete.cmd for the network settings + # SetupComplete.cmd automatically runs after the Windows Setup process + # Windows Setup logs the action in the C:\Windows\Panther\UnattendGC\Setupact.log file + copy: + force: true + dest: /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup/Scripts/SetupComplete.cmd + content: | + Powershell.exe -ExecutionPolicy Bypass -File "%SYSTEMROOT%/Setup/Scripts/configure_network.ps1" -WindowStyle Hidden > "%SYSTEMROOT%\Panther\UnattendGC\setupcomplete.log" 2>&1 + delegate_to: localhost + +# Creation of the new Windows Server ISO image with unattended installation + + - name: Updating autounattend.xml file + template: + src: files/{{ windows_version }}/{{ unattend }} + dest: /opt/baremetal/{{ inventory_hostname }} + delegate_to: localhost + + - name: Creating customized bootable ISO + shell: > + mkisofs + --allow-limited-size + -no-emul-boot + -b "boot/etfsboot.com" + -boot-load-seg 0 + -boot-load-size 8 + -eltorito-alt-boot + -no-emul-boot + -e "efi/microsoft/boot/efisys_noprompt.bin" + -boot-load-size 1 + -iso-level 4 + -udf + -o /opt/baremetal/{{ inventory_hostname }}.iso + /opt/baremetal/{{ inventory_hostname }}/ + delegate_to: localhost + + - name: Creating /usr/share/nginx/html/isos/ on "{{lookup("pipe","hostname")}}" if it does not exist + file: + path: /usr/share/nginx/html/isos/ + state: directory + mode: '0755' + delegate_to: localhost + + - name: Moving created ISO to the nginx default html folder of "{{ lookup("pipe","hostname") }}" + shell: | + mv /opt/baremetal/{{ inventory_hostname }}.iso /usr/share/nginx/html/isos/ + delegate_to: localhost + +# Starting the OS unattended installation + + - name: Powering on and booting "{{ server_hardware_name }}" from created ISO using iLO Virtual Media + community.general.hpilo_boot: + host: "{{ server_hardware.mpHostInfo.mpIpAddresses[1].address }}" + login: Administrator + password: password + media: cdrom + image: 'http://{{ lookup("pipe","hostname") }}/isos/{{ inventory_hostname }}.iso' + delegate_to: localhost + + - name: Waiting for Windows Server installation to complete - Waiting for "{{ host_management_ip }}" to respond... + wait_for: + timeout: 1500 + host: "{{ host_management_ip }}" + port: 3389 + register: boot_wait_time + delegate_to: localhost + + - debug: + msg: "{{ inventory_hostname }} installation took {{ (boot_wait_time.elapsed / 60) | round | int }} minutes" + +# Cleaning up staging files + + - name: Deleting all temporary files in the stagging location on "{{lookup("pipe","hostname")}}" + file: + path: "/opt/baremetal/{{ inventory_hostname }}" + state: absent + delegate_to: localhost + + - name: Deleting created ISO file in the web server directory on "{{lookup("pipe","hostname")}}" + file: + path: "/usr/share/nginx/html/isos/{{ inventory_hostname }}.iso" + state: absent + delegate_to: localhost + + - name: Unmounting original ISO file on "{{lookup("pipe","hostname")}}" + file: + path: "/mnt/{{ inventory_hostname }}" + state: absent + delegate_to: localhost + + - name: Collecting product_id found in install.xml file of the HPE iSUT package + shell: | + unzip -p files/{{ windows_version }}/{{ iSUT_package }} install.xml | grep "product id" | awk '{ print substr ($0, 16, 36 ) }' + args: + warn: false # To prevent warning + register: iSUT_product_id + delegate_to: localhost + + - name: Collecting product_id found in install.xml file of the HPE AMS package + shell: | + unzip -p files/{{ windows_version }}/{{ AMS_package }} install.xml | grep "product id" | awk '{ print substr ($0, 16, 36 ) }' + args: + warn: false # To prevent warning + register: AMS_product_id + delegate_to: localhost + + #- debug: msg='{{ iSUT_product_id.stdout }}' + #- debug: msg='{{ AMS_product_id.stdout }}' + +# Adding a DNS record for the newly provisioned server in the defined DNS server + +- name: Creating a DNS record for the bare metal Windows Server + hosts: Windows + gather_facts: no + vars_files: + - vars/WIN_provisioning.yml + - vars/windows_dns.yml + # - vars/encrypted_credentials.yml + tasks: + - name: Adding "{{ inventory_hostname }}" with "{{ host_management_ip }}" on "{{ dns_server }}" in "{{ domain }}" DNS domain + community.windows.win_dns_record: + name: "{{ inventory_hostname }}" + type: "A" + value: "{{ host_management_ip }}" + zone: "{{ domain }}" + state: present + delegate_to: "{{ dns_server }}" + + +# Installing iSUT and AMS on the server for online installation of HPE drivers for Windows Server + +- name: Installing HPE iSUT and HPE AMS on the server for online installation of HPE drivers for Windows Server + hosts: Windows + collections: + - hpe.oneview + gather_facts: no + vars_files: + - vars/WIN_provisioning.yml + # - vars/encrypted_credentials.yml + vars: + # HPE Synergy Composer configuration + - config: "{{ playbook_dir }}/oneview_config.json" + + tasks: + + - name: Copying HPE iSUT package file to {{ inventory_hostname }} + win_copy: + src: files/{{ windows_version }}/{{ iSUT_package }} + dest: c:\Temp\sut.exe + + - name: Copying HPE AMS package file to {{ inventory_hostname }} + win_copy: + src: files/{{ windows_version }}/{{ AMS_package }} + dest: c:\Temp\amsd.exe + + - name: Installing Integrated Smart Update Tools + win_package: + path: c:\Temp\sut.exe + product_id: '{{ iSUT_product_id.stdout }}' + arguments: /s + register: SUT_install + # failed_when is required because the installation of the package returns a false error. + failed_when: "SUT_install.rc != 0 and SUT_install.rc != 1" + + - name: Installing HPE Agentless Management Service + win_package: + path: c:\Temp\amsd.exe + product_id: '{{ AMS_product_id.stdout }}' + arguments: /s + register: AMS_install + # failed_when is required because the installation of the package returns a false error. + failed_when: "AMS_install.rc != 0 and AMS_install.rc != 1" + + - name: Configuring iSUT mode to allow OS driver updates via HPE OneView Server Profile + win_shell: + sut.exe -set mode=autodeploy + #sut -set mode=AutoDeployReboot + #sut -set mode=AutoStage + #sut -set mode=OnDemand + register: sut_status + + - debug: msg="{{ sut_status.stdout }}" + +# Changing the OneView Server Profile to enable OS drivers installation using the SSP/SPP. + + - name: Updating Server Profile to enable Firmware and OS Drivers using SUT + oneview_server_profile: + config: "{{ config }}" + state: "present" + data: + name: "{{ inventory_hostname }}" + firmware: + firmwareInstallType: "FirmwareAndOSDrivers" + delegate_to: localhost + register: result + + - debug: msg="{{ result.msg }}" + +# Joining Windows domain + + - name: Joining domain {{ domain }} + ansible.windows.win_domain_membership: + dns_domain_name: "{{ domain }}" + hostname: "{{ inventory_hostname }}" + domain_admin_user: "{{ win_domain_admin_user }}" + domain_admin_password: "{{ win_domain_admin_password }}" + state: domain + register: domain_state + +# Waiting for HPE drivers to be installed + + - name: Monitoring SUT status for 'reboot the system' message + oneview_server_hardware_facts: + config: "{{ config }}" + name: "{{ server_hardware.name }}" + retries: 50 + delay: 30 + until: server_hardwares.serverSettings.firmwareAndDriversInstallState.installState == "InstalledPendingReboot" + delegate_to: localhost + +# Rebooting host for the HPE drivers/firmware activation + + - name: Rebooting host for the HPE drivers/firmware activation and waiting for it to restart + win_reboot: + msg: "Reboot initiated by Ansible" + connect_timeout: 5 + reboot_timeout: 600 + pre_reboot_delay: 0 + post_reboot_delay: 30 + test_command: whoami + + - name: Displaying install completed message + debug: + msg: + - '{{ inventory_hostname }}.{{domain}} Installation completed !' + - 'OS is configured and running with HPE OS drivers.' diff --git a/WIN_unprovision.yml b/WIN_unprovision.yml new file mode 100644 index 0000000..d26218a --- /dev/null +++ b/WIN_unprovision.yml @@ -0,0 +1,76 @@ +--- +- name: Deleting provisioned Windows Server compute module(s) + hosts: Windows + collections: + - hpe.oneview + gather_facts: no + vars_files: + - vars/WIN_provisioning.yml + #- vars/vault.yml # encrypted credentials yml + vars: + # HPE Synergy Composer configuration + - config: "{{ playbook_dir }}/oneview_config.json" + + - ansible_python_interpreter: python3 + - ansible_host_key_checking: false + - validate_certs: false + + tasks: + + - name : Getting server profile "{{ inventory_hostname }}" information + oneview_server_profile: + config: "{{ config }}" + state: "present" + data: + name: "{{ inventory_hostname }}" + delegate_to: localhost + + #- debug: var=server_hardware + + - name: Powering off server hardware "{{ server_hardware.name }}" + oneview_server_hardware: + config: "{{ config }}" + state: power_state_set + data: + name : "{{ server_hardware.name }}" + powerStateData: + powerState: "Off" + powerControl: "PressAndHold" + delegate_to: localhost + + - name: Deleting server profile "{{ inventory_hostname }}" + oneview_server_profile: + config: "{{ config }}" + state: "absent" + data: + name: "{{ inventory_hostname }}" + delegate_to: localhost + register: result + + - name: Result of the task to delete the server profile + debug: + msg: "{{ result.msg }}" + + - name: Removing {{ inventory_hostname }} SSH key + known_hosts: + name: '{{ inventory_hostname }}' + path: ~/.ssh/known_hosts + state: absent + delegate_to: localhost + + +- name: Removing the DNS record for "{{ inventory_hostname }}" + hosts: Windows + gather_facts: no + vars_files: + - vars/WIN_provisioning.yml + - vars/windows_dns.yml + tasks: + - name: Removing "{{ host_management_ip }}"" from "{{ dns_server }}" + community.windows.win_dns_record: + name: "{{ inventory_hostname }}" + type: "A" + zone: "{{ domain }}" + state: absent + delegate_to: "{{ dns_server }}" + diff --git a/files/Ansible_control_node_requirements.md b/files/Ansible_control_node_requirements.md index d428f7d..eef841d 100644 --- a/files/Ansible_control_node_requirements.md +++ b/files/Ansible_control_node_requirements.md @@ -4,7 +4,7 @@ ``` mkdir ~/Projects cd ~/Projects -git clone https://github.com/jullienl/HPE-Synergy-baremetal +git clone https://github.com/jullienl/HPE-Synergy-baremetal.git ``` ## openssh installation diff --git a/group_vars/Windows.yml b/group_vars/Windows.yml index 9a93ca9..1a28fbf 100644 --- a/group_vars/Windows.yml +++ b/group_vars/Windows.yml @@ -9,3 +9,7 @@ ansible_port: 5985 # The following is necessary for Python 2.7.9+ when using default WinRM self-signed certificates: ansible_winrm_server_cert_validation: ignore + +# Domain Administrator credentials +win_domain_admin_user: lj\Administrator +win_domain_admin_password: xxxxxxxx \ No newline at end of file diff --git a/readme.md b/readme.md index 694fb56..074daa1 100644 --- a/readme.md +++ b/readme.md @@ -9,7 +9,7 @@ The provisioning is performed automatically using kickstart/unattend files, auto The different playbooks can be used to provision 3 type of OS: - Red Hat Enterprise Linux or equivalent - vSphere ESXi 6.7 and 7 -- Windows Server 2022 or equivalent (coming soon) +- Windows Server 2022 or equivalent One playbook can provision one OS type on one or multiple servers as defined by the Ansible inventory file. @@ -549,7 +549,209 @@ changed: [RHEL-deploy -> dc.lj.lab] PLAY RECAP *************************************************************************************************************************************************************************************** RHEL-deploy : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 ``` +## Output sample of Windows Server bare metal provisioning playbook +``` +ansible-playbook -i hosts WIN_autodeploy_using_autogenerated_ISO.yml + +PLAY [Performing an unattended Windows Server 2022 Boot from SAN installation on a Gen10 Synergy Module using a OneView Server Profile Template] ******************************************************** + +TASK [Checking if Windows Server ISO file exists on "ansible.lj.lab"] *********************************************************************************************************************************** +ok: [WIN-1 -> localhost] + +TASK [Creating the directory "/opt/winisosrc" to host the ISO file on "ansible.lj.lab"] ***************************************************************************************************************** +ok: [WIN-1 -> localhost] + +TASK [Downloading file "en-us_windows_server_version_2022_updated_october_2021_x64_dvd_b6e25591.iso" to "ansible.lj.lab" if not present] **************************************************************** +skipping: [WIN-1] + +TASK [Checking if Windows Server ISO file extraction is necessary on "ansible.lj.lab"] ****************************************************************************************************************** +ok: [WIN-1 -> localhost] + +TASK [Creating /mnt/WIN-1 on "ansible.lj.lab" if it does not exist] ************************************************************************************************************************************* +changed: [WIN-1 -> localhost] + +TASK [Creating /opt/baremetal/WIN-1/ on "ansible.lj.lab" if it does not exist] ************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Mounting Windows Server ISO and copying ISO files to /opt/baremetal/WIN-1/ on "ansible.lj.lab"] *************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Creating $OEM$ on "ansible.lj.lab" in /opt/baremetal/WIN-1/sources to run scripts at startup] ***************************************************************************************************** +changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$) +changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$1) +changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$1/Temp) +changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$$) +changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$$/Setup) +changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$$/Setup/Scripts) + +TASK [Download POSH script from GitHub to configure Windows for remote management with Ansible] ********************************************************************************************************* +changed: [WIN-1 -> localhost] + +TASK [Creating Server Profile "WIN-1" from Server Profile Template "Windows BFS"] *********************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Capturing information for the customization of the kickstart file [server generation - MAC of first management NIC - LUN uri of the primary boot volume]] ***************************************** +ok: [WIN-1] + +TASK [Showing the result of the Server Profile creation task] ******************************************************************************************************************************************* +ok: [WIN-1] => { + "msg": "Hardware selected: Frame4, bay 3 - Result: Server Profile created." +} + +TASK [Collecting volumes information] ******************************************************************************************************************************************************************* +ok: [WIN-1 -> localhost] + +TASK [Capturing boot LUN size defined in the Server Profile to ensure that Windows Server will be installed on this disk using the kickstart file] **************************************************************** +ok: [WIN-1] + +TASK [Creating configure_network.ps1 that will be launched by SetupComplete.cmd (creation of a team using the first two NICs and configuration of IP parameters)] *************************************** +changed: [WIN-1 -> localhost] + +TASK [Creating SetupComplete.cmd for the network settings] ********************************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Updating autounattend.xml file] ******************************************************************************************************************************************************************* +changed: [WIN-1 -> localhost] + +TASK [Creating customized bootable ISO] ***************************************************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Creating /usr/share/nginx/html/isos/ on "ansible.lj.lab" if it does not exist] ******************************************************************************************************************** +ok: [WIN-1 -> localhost] + +TASK [Moving created ISO to the nginx default html folder of "ansible.lj.lab"] ************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Powering on and booting "Frame4, bay 3" from created ISO using iLO Virtual Media] ***************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Waiting for Windows Server installation to complete - Waiting for "192.168.3.175" to respond...] ************************************************************************************************** +ok: [WIN-1 -> localhost] + +TASK [debug] ******************************************************************************************************************************************************************************************** +ok: [WIN-1] => { + "msg": "WIN-1 installation took 21 minutes" +} + +TASK [Deleting all temporary files in the stagging location on "ansible.lj.lab"] ************************************************************************************************************************ +changed: [WIN-1 -> localhost] + +TASK [Deleting created ISO file in the web server directory on "ansible.lj.lab"] ************************************************************************************************************************ +changed: [WIN-1 -> localhost] + +TASK [Unmounting original ISO file on "ansible.lj.lab"] ************************************************************************************************************************************************* +changed: [WIN-1 -> localhost] + +TASK [Collecting product_id found in install.xml file of the HPE iSUT package] ************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Collecting product_id found in install.xml file of the HPE AMS package] *************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +PLAY [Creating a DNS record for the bare metal Windows Server] ****************************************************************************************************************************************** + +TASK [Adding "WIN-1" with "192.168.3.175" on "dc.lj.lab" in "lj.lab" DNS domain] ************************************************************************************************************************ +changed: [WIN-1 -> dc.lj.lab] + +PLAY [Installing HPE iSUT and HPE AMS on the server for online installation of HPE drivers for Windows Server] ****************************************************************************************** + +TASK [Copying HPE iSUT package file to WIN-1] *********************************************************************************************************************************************************** +changed: [WIN-1] + +TASK [Copying HPE AMS package file to WIN-1] ************************************************************************************************************************************************************ +changed: [WIN-1] + +TASK [Installing Integrated Smart Update Tools] ********************************************************************************************************************************************************* +ok: [WIN-1] + +TASK [Installing HPE Agentless Management Service] ****************************************************************************************************************************************************** +ok: [WIN-1] +TASK [Configuring iSUT mode to allow OS driver updates via HPE OneView Server Profile] ****************************************************************************************************************** +changed: [WIN-1] + +TASK [debug] ******************************************************************************************************************************************************************************************** +ok: [WIN-1] => { + "msg": "Set Mode: autodeploy\r\nService will be registered and started\r\nSUT Service started successfully\r\nRegistration successful\r\n" +} + +TASK [Updating Server Profile to enable Firmware and OS Drivers using SUT] ****************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [debug] ******************************************************************************************************************************************************************************************** +ok: [WIN-1] => { + "msg": "Server profile updated" +} + +TASK [Joining domain lj.lab] **************************************************************************************************************************************************************************** +changed: [WIN-1] + +TASK [Monitoring SUT status for 'reboot the system' message] ******************************************************************************************************************************************** +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (50 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (49 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (48 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (47 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (46 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (45 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (44 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (43 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (42 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (41 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (40 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (39 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (38 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (37 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (36 retries left). +FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (35 retries left). +ok: [WIN-1 -> localhost] + +TASK [Rebooting host for the HPE drivers/firmware activation and waiting for it to restart] ************************************************************************************************************* +changed: [WIN-1] + +TASK [Displaying install completed message] ************************************************************************************************************************************************************* +ok: [WIN-1] => { + "msg": [ + "WIN-1.lj.lab Installation completed !", + "OS is configured and running with HPE OS drivers." + ] +} + +PLAY RECAP ********************************************************************************************************************************************************************************************** +WIN-1 : ok=40 changed=24 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 + +``` + +## Output sample of RHEL bare metal unprovisioning playbook +``` +ansible-playbook -i hosts WIN_unprovision.yml + +PLAY [Deleting provisioned Windows Server compute module(s)] ******************************************************************************************************** + +TASK [Getting server profile "WIN-1" information] ******************************************************************************************************************* +ok: [WIN-1 -> localhost] + +TASK [Powering off server hardware "Frame4, bay 3"] ***************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Deleting server profile "WIN-1"] ****************************************************************************************************************************** +changed: [WIN-1 -> localhost] + +TASK [Result of the task to delete the server profile] ************************************************************************************************************** +ok: [WIN-1] => { + "msg": "Deleted profile" +} + +TASK [Removing WIN-1 SSH key] *************************************************************************************************************************************** +ok: [WIN-1 -> localhost] + +PLAY [Removing the DNS record for "{{ inventory_hostname }}"] ******************************************************************************************************* + +TASK [Removing "192.168.3.175"" from "dc.lj.lab"] ******************************************************************************************************************* +changed: [WIN-1 -> dc.lj.lab] + +PLAY RECAP ********************************************************************************************************************************************************** +WIN-1 : ok=6 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 +``` ## Thank you diff --git a/vars/WIN_provisioning.yml b/vars/WIN_provisioning.yml new file mode 100644 index 0000000..b629b06 --- /dev/null +++ b/vars/WIN_provisioning.yml @@ -0,0 +1,70 @@ +--- +# Host information is provided by the inventory hosts file +# esxi_hostname: "ESXi-Ansible" +# host_management_ip: "192.168.3.172" + +# Name of the HPE OneView Server Profile Template that we will use to generate the HPE OneView Server Profile +server_template: "Windows BFS" + +domain: "lj.lab" +gateway: "192.168.1.1" +nameserver1: "192.168.2.1" +nameserver2: "192.168.2.3" +netmask: "255.255.252.0" + +# OS vendor ISO file information +src_iso_url: "https://liogw.lj.lab/deployment/win2022-x64-en_us" +src_iso_file: "en-us_windows_server_version_2022_updated_october_2021_x64_dvd_b6e25591.iso" + +# Directory on the Ansible control node where the source ISO will be copied: +src_iso_directory: "/opt/winisosrc" + +# Folder located in <Ansible_project_dir>/files to store the autounattend.xml file +# Use the template name: WIN_<version>. <version> is 2019, 2022, etc. +windows_version: "WIN_2022" + +# Name of the kickstart file available in files/WIN_<version> +unattend: "autounattend.xml" + +# Name of the HPE Packages founf in <Ansible_project_dir>/files +AMS_package: "AMS-cp046676.exe" +iSUT_package: "iSUT-cp048420.exe" + +############################################################################################################################### +# unattended file customization + +# Windows Server Settings +administrator_password: "xxxxxxxx" +windows_key: "xxxxx-xxxxx-xxxxx-xxxxx-xxxxx" + +# Timezone +# See https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/default-time-zones?view=windows-11#time-zones +timezone: "W. Europe Standard Time" + +registered_owner: "Jullienl" +registered_organization: "HPE" + +# Language pack, keyboard and time/currency format +# See https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/hh825682(v=win.10)#default-keyboards +# en-US - fr-FR - de-DE - es-ES, etc. +input_local: "en-US" # specifies the input language +system_locale: "en-US" # specifies the default language to use for non-Unicode programs. +ui_language: "en-US" # specifies the language that will be used as the default system language to display user interface +user_locale: "en-US" # specifies the per-user settings used for formatting dates, times, currency, and numbers + +# Windows version +Image_name: "Windows Server 2022 SERVERDATACENTER" +# Image_name: "Windows Server 2022 SERVERDATACENTERCORE" +# Image_name: "Windows Server 2022 SERVERSTANDARD" +# Image_name: "Windows Server 2022 SERVERSTANDARDCORE" + +# Do not show Server Manager at logon +no_server_manager_at_logon: "true" + +# Enable Remote Desktop +remote_desktop: "true" + +############################################################################################################################### + + +