This repository contains an Ansible sample for deploying OpenShift on IBM Z/LinuxONE. It was created from a system managed by the z/VM ESI tool.
The playbook does not cover creation of support infrastructure such as DNS or load-balancer. You need to have these requirements satisfied externally before you can run the playbook to build a cluster.
As written, the z/VM SMAPI is used to perform guest operations including start and stop.
The z/VM ESI system also provides an smcli exec that potentially uses a different command syntax than other versions of smcli (such as the one in Feilong, for example).
Some support programs and services are made available in z/VM ESI as well.
group_vars/all/runtime.yaml file.
This file is provided here as an empty sample, which will need to be populated (the comments in the file should help with this).systemd services are provided in z/VM ESI, including:
ocp-approve-csrs, which (as the name suggests) approves OCP CSRsThe functons provided by these services can be reproduced in other ways (e.g. manual approving of CSRs when needed).
The playbook does not perform any z/VM unit-record operations to prepare the guests for boot.
In z/VM ESI, the ZNETBOOT tool (written by Rick Troth) is used to make the guests "self-booting".
If ZNETBOOT is not used, the playbook would either need to have appropriate changes to add the punching of the CoreOS files needed to boot the installations, or prompt for manual action to prepare and boot the guests.
The values in the inventory/group_vars/all/default.yml file need to be filled in for your intended cluster and system environment (z/VM details, etc).
Once dependencies are met, you should be able to run the playbook, passing the cluster_name variable on the command line:
ansible-playbook -i inventory -v -D -e "cluster_name=ocp-z-poc" create-cluster.ymlThere are a couple of other playbooks present as well, which you can either try out yourself or use as models for creating your own.
cluster-guests-create.ymlThis reads the details from the inventory and uses the smcli program to invoke SMAPI to create the cluster guests.
cluster-guests-delete.ymlThis reads the details from the inventory and uses the smcli program to invoke SMAPI to delete the cluster guests.
regen-certificates.ymlIn its current form, this playbook uses Ansible OpenSSL modules to create certificates for the HTTPS interfaces in the z/VM ESI "ELAN" guest. It also regenerates the z/VM System SSL and LDAP certificates.
expect script to drive a gskkyman session to store the certificate in a GSKit database in the z/VM BFS.update-dns-domain.ymlThis playbook updates the BIND DNS server configuration (it is driven as part of the ipconf.sh "firstboot" script on the z/VM ESI "ELAN" system).