DNS update fixes for ICIC

viccross · Jul 2, 2024 · 12fe3f3 · 12fe3f3
1 parent 8010242
commit 12fe3f3
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 10 deletions.
diff --git a/local-playbooks/roles/setup-icic-deployer/templates/setup-icic-compute.yml.j2 b/local-playbooks/roles/setup-icic-deployer/templates/setup-icic-compute.yml.j2
@@ -1,5 +1,5 @@
 ---
-- name: Wait for ICIC management node accessibility
+- name: Wait for ICIC compute node accessibility
   hosts: s390x_bastion_workstation
   tasks:
   - name: Wait for SSH
@@ -33,7 +33,7 @@
       key_algorithm: "hmac-sha256"
       server: "172.24.26.1"
       zone: "26.24.172.in-addr.arpa"
-      record: "{% raw %}{{ icic_compute_ip_address.split('.')[3] }}{% endraw %}"
+      record: "12"
       type: PTR
       value: "{% raw %}iciccmp1.{{ esigroup | lower }}.{{ cluster_base_domain }}.{% endraw %}"
 

diff --git a/local-playbooks/roles/setup-icic-deployer/templates/setup-icic-management.yml.j2 b/local-playbooks/roles/setup-icic-deployer/templates/setup-icic-management.yml.j2
@@ -1,28 +1,28 @@
 ---
-- name: wait for ICIC management node accessibility
+- name: Wait for ICIC management node accessibility
   hosts: s390x_bastion_workstation
   tasks:
-  - name: wait for SSH
+  - name: Wait for SSH
     wait_for:
       port: 22
       host: "172.24.26.11"
       search_regex: OpenSSH
       delay: 1
       timeout: 10000
 
-- name: gather facts from the ICIC management node
+- name: Gather facts from the ICIC management node
   hosts: s390x_ICIC_management_node
   tasks:
     - setup:
 
-- name: create the certificate for ICIC
+- name: Create the certificate and DNS for ICIC
   hosts: s390x_bastion_workstation
   tasks:
-  - name: create ICIC certificate
+  - name: Create ICIC certificate
     include_tasks: tasks/create-certificate.yml
     with_items:
     - { filename: "icic", common_name: "icicmgt0.{% raw %}{{ esigroup }}.{{ cluster_base_domain }}{% endraw %}", subject_alt_name: ",IP:{% raw %}{{ icic_management_ip_address }}{% endraw %}" }
-  - name: Add or modify A for ICIC management
+  - name: Add or modify A for ICIC management (make a hack)
     nsupdate:
       key_name: "{% raw %}{{ esigroup | lower }}-key{% endraw %}"
       key_secret: "{% raw %}{{ tsigkey }}{% endraw %}"
@@ -31,15 +31,15 @@
       zone: "{% raw %}{{ esigroup | lower }}.{{ cluster_base_domain }}{% endraw %}"
       record: icicmgt0
       type: A
-      value: "{% raw %}{{ icic_management_ip_address }}{% endraw %}"
+      value: "172.24.26.11"
   - name: Add or modify PTR for ICIC management
     nsupdate:
       key_name: "{% raw %}{{ esigroup | lower }}-key{% endraw %}"
       key_secret: "{% raw %}{{ tsigkey }}{% endraw %}"
       key_algorithm: "hmac-sha256"
       server: "172.24.26.1"
       zone: "26.24.172.in-addr.arpa"
-      record: "{% raw %}{{ icic_management_ip_address.split('.')[3] }}{% endraw %}"
+      record: "11"
       type: PTR
       value: "{% raw %}icicmgt0.{{ esigroup | lower }}.{{ cluster_base_domain }}{% endraw %}."
 
@@ -117,3 +117,17 @@
     - name: Restart the ICIC services
       command:
         cmd: /opt/ibm/icic/bin/icic-services restart
+
+- name: Set the DNS for the ICIC management node correctly
+  hosts: s390x_bastion_workstation
+  tasks:
+  - name: Add or modify A for ICIC management (make a hack)
+    nsupdate:
+      key_name: "{% raw %}{{ esigroup | lower }}-key{% endraw %}"
+      key_secret: "{% raw %}{{ tsigkey }}{% endraw %}"
+      key_algorithm: "hmac-sha256"
+      server: "172.24.26.1"
+      zone: "{% raw %}{{ esigroup | lower }}.{{ cluster_base_domain }}{% endraw %}"
+      record: icicmgt0
+      type: A
+      value: "{% raw %}{{ icic_management_ip_address }}{% endraw %}"