Deployment on Edge Nodes with Ubuntu 20.04

.gitignore

@@ -3,3 +3,4 @@
 *.pyc
 /inventory/default/group_vars/*/30_*_flavor.yml
 /inventory/automated/
+*.log

inventory/default/group_vars/edgenode_group/10-default.yml

@@ -83,6 +83,12 @@ os_yum_base_packages:
   moreutils,jq,python-devel,createrepo,psmisc,bash-completion,rsync,patch,libselinux-python,libselinux-python3"
 _os_yum_exclude_rpm_packages: "exclude=kernel-3* kernel-rt* kernel-rt-kvm* kernel-rt-devel*"
 
+os_ubuntu_base_packages:
+  "vim-common,curl,lvm2,python3,wget,bridge-utils,libboost-all-dev,libpcre3,libpcre3-dev,zlib1g-dev,libglib2.0-dev,\
+  autoconf,automake,libtool,flex,bison,cmake,pciutils,python-websocket,libjsoncpp-dev,libfcgi-dev,libhiredis-dev,libnuma-dev,\
+  build-essential,psmisc,python-httplib2,libpixman-1-dev,moreutils,jq,python-dev-is-python2,psmisc,bash-completion,rsync,\
+  patch"
+
 # URLs to docker images saved with `docker save <image>:<ver> | gzip > <image>.tar.gz` that are going to be preloaded after docker setup
 docker_images: []
 

inventory/default/group_vars/edgenode_vca_group/10-default.yml

@@ -10,6 +10,12 @@ os_yum_base_packages:
 _os_yum_exclude_rpm_packages: "exclude=kernel-3* kernel-rt* kernel-rt-kvm* kernel-rt-devel*"
 os_remove_yum_plugins: true
 
+os_ubuntu_base_packages:
+  "vim-common,curl,lvm2,wget,bridge-utils,libboost-all-dev,libpcre3,libpcre3-dev,zlib1g-dev,libglib2.0-dev,\
+  autoconf,automake,libtool,flex,bison,cmake,pciutils,python-websocket,libjsoncpp-dev,libfcgi-dev,libhiredis-dev,\
+  libnuma-dev,build-essential,psmisc,python-httplib2,libpixman-1-dev,moreutils,jq,python-dev-is-python2,psmisc,\
+  sshpass,bash-completion,rsync"
+
 ## URLs to docker images saved with `docker save <image>:<ver> | gzip > <image>.tar.gz` that are going to be preloaded after docker setup
 docker_images: []
 

roles/infrastructure/docker/tasks/main.yml

@@ -2,7 +2,7 @@
 # Copyright (c) 2019-2020 Intel Corporation
 
 ---
-- name: add Docker repository
+- name: add Docker repository in CentOs
   yum_repository:
     name: docker
     description: Docker CE repository
@@ -14,14 +14,58 @@
   retries: "{{ number_of_retries }}"
   until: result is succeeded
   delay: "{{ retry_delay }}"
-  when: not offline_enable
+  when: 
+     - not offline_enable
+     - ansible_distribution == "CentOS"
+
+- name: Install aptitude on Ubuntu 
+  apt: 
+    name: aptitude 
+    state: latest 
+    update_cache: yes 
+    force_apt_get: yes
+  when: ansible_distribution == "Ubuntu"
+  become: yes
+
+- name: Install required system packages on Ubuntu
+  apt: 
+    name: "{{ item }}"
+    state: present 
+    update_cache: yes
+  with_items:
+     - apt-transport-https 
+     - ca-certificates 
+     - curl
+     - software-properties-common
+     - python3-pip
+     - virtualenv
+     - libcurl4-gnutls-dev
+     - python3-setuptools
+  become: yes
+  when: ansible_distribution == "Ubuntu"
+
+- name: gather the package facts
+  package_facts:
+    manager: "apt"
+  when: ansible_distribution == "Ubuntu"
+
+- name: Install Docker in Ubuntu
+  apt: 
+    name: docker.io
+    state: present
+    update_cache: yes 
+  when:
+    - ansible_distribution == "Ubuntu"
+  become: yes
 
 - name: clear yum cache
   command: yum clean all
   args:
     warn: false
   changed_when: true
-  when: not offline_enable
+  when: 
+     - not offline_enable
+     - ansible_distribution == "CentOS"
 
 - name: add group "docker"
   group:
@@ -39,19 +83,29 @@
 - name: reset connection
   meta: reset_connection
 
-- name: install Docker CE
+- name: install Docker CE for CentOS
   yum:
     name: "{{ _docker_packages }}"
     state: present
   become: yes
   notify:
     - enable and start docker service
+  when: ansible_distribution == "CentOS"
 
 - name: get runc version
   shell: set -o pipefail && runc --version | grep -oP '{{ _runc_ver_pattern }}\K(.+)'
   register: runc_rc_ver
   ignore_errors: true
   changed_when: false
+  when: ansible_distribution == "CentOS"
+
+- name: get runc for Ubuntu
+  apt: 
+    name: runc
+    state: present
+    update_cache: yes
+  become: yes
+  when: ansible_distribution == "Ubuntu"
 
 - name: Check if offline mode
   set_fact:
@@ -75,19 +129,89 @@
         dest: /usr/bin/runc
         checksum: "sha256:{{ _runc_checksum }}"
       become: yes
-  when: runc_rc_ver.rc == 0 and runc_rc_ver.stdout|int < _runc_min_rc
+  when: 
+     - ansible_distribution == "CentOS"
+     - runc_rc_ver.rc == 0
+     - runc_rc_ver.stdout|int < _runc_min_rc 
 
 - name: install pip dependencies
   block:
     - name: copy requirements.txt
       copy:
         src: requirements.txt
         dest: /tmp/requirements.txt
+    - name: remove non working requirements in Ubuntu
+      lineinfile: 
+        dest: /tmp/requirements.txt
+        state: absent
+        regexp: '^(perf==|pygobject==|python-linux-procfs==|schedutils==|urlgrabber==|yum-metadata-parser==|pycurl==)'
+      when: ansible_distribution == "Ubuntu"
+    - name: download and install python requirements that failed using pip on Ubuntu
+      vars:
+        packages:
+          python-linux-procfs: http://ftp.br.debian.org/debian/pool/main/p/python-linux-procfs/python-linux-procfs_0.6.1-1_amd64.deb
+          schedutils: http://ftp.br.debian.org/debian/pool/main/p/python-schedutils/python-schedutils_0.6-1_amd64.deb
+          urlgrabber: http://ftp.br.debian.org/debian/pool/main/u/urlgrabber/python-urlgrabber_3.10.2-1_all.deb
+      when: ansible_distribution == "Ubuntu"
+      block:
+        - name: download python packages on Ubuntu
+          get_url:
+            url: "{{ item.value }}"
+            dest: "/tmp/{{ item.key }}.deb"
+          loop: "{{ packages | dict2items }}"
+        - name: install python packages on Ubuntu
+          apt: "deb=/tmp/{{ item.key }}.deb"
+          loop: "{{ packages | dict2items }}"
+          become: yes
+        - name: install pygobject # 3.24
+          block:
+          - name: install pygobject dependencies
+            apt:
+              name:
+                - pkg-config
+                - libglib2.0-0
+                - libglib2.0-dev
+                - libgirepository1.0-dev
+                - libgtk-3-dev
+                - libcairo-gobject2
+                - gir1.2-freedesktop
+                - python3-cairo
+                - python3-cairo-dev
+                - python3-cairo-doc
+              state: present
+              update_cache: yes
+            become: yes
+          - unarchive:
+              src: https://ftp-stud.hs-esslingen.de/pub/Mirrors/ftp.gnome.org/sources/pygobject/3.22/pygobject-3.22.0.tar.xz
+              dest: /tmp/
+              remote_src: yes
+          - shell: ./configure; make; make install
+            args:
+              chdir: /tmp/pygobject-3.22.0/
+            become: yes
+        - name: install pycurl
+          apt: 
+            name: python-pycurl
+            update_cache: yes
+          become: yes
+
+    - name: install some Ubuntu necessary dependencies
+      apt: 
+        name:
+          - python-dev
+          - libattr1-dev # for pyxattr
+          - libgpgme11-dev # for pygpgme
+          - liblzma-dev # pyliblzma
+        state: present
+        update_cache: yes
+      become: yes
+      when: ansible_distribution == "Ubuntu"
     - name: install dependencies
       pip:
         requirements: /tmp/requirements.txt
         state: present
         extra_args: "{{ local_pip | default(omit) }}"
+        executable: pip2
       register: result
       retries: "{{ number_of_retries }}"
       until: result is succeeded
@@ -98,6 +222,7 @@
         name: "{{ _docker_compose_package }}"
         state: present
         extra_args: "{{ local_pip | default(omit) }}"
+        executable: pip2
       register: result
       retries: "{{ number_of_retries }}"
       until: result is succeeded
@@ -140,6 +265,15 @@
   when: item.stat.exists
   with_items: "{{ stats.results }}"
 
+- name: install auditd on Ubuntu
+  apt:
+    name: 
+      - auditd
+      - audispd-plugins
+    update-cache: yes
+  become: yes
+  when: ansible_distribution == 'Ubuntu'
+
 - name: restart auditd
   command: service auditd restart # noqa 303
   become: yes
@@ -165,6 +299,7 @@
         url: "{{ _docker_compose_completion_url }}"
         dest: "/etc/bash_completion.d"
       become: yes
+
 - name: create the directory for docker images
   file:
     path: "{{ docker_images_dir }}"

roles/infrastructure/docker/tasks/uninstall.yml

@@ -6,6 +6,7 @@
   file:
     name: "/etc/audit/rules.d/docker.rules"
     state: absent
+  become: yes
 
 - name: Restart auditd
   command: service auditd restart # noqa 303
@@ -22,11 +23,19 @@
   ignore_errors: yes
   become: yes
 
-- name: uninstall
+- name: uninstall on CentOS
   yum:
     name: "{{ _docker_packages_to_remove }}"
     state: absent
   become: yes
+  when: ansible_distribution == "CentOS"
+
+- name: uninstall on Ubuntu
+  apt:
+    name: docker.io
+    state: absent
+  become: yes
+  when: ansible_distribution == "Ubuntu"
 
 - name: remove docker-compose
   pip:
@@ -55,12 +64,14 @@
     name: docker
     state: absent
   become: yes
+  when: ansible_distribution == "CentOS"
 
 - name: clear yum cache
   command: yum clean all
   args:
     warn: false
   changed_when: true
+  when: ansible_distribution == "CentOS"
 
 - name: remove group "docker"
   group:

roles/infrastructure/docker/templates/daemon.json.j2

@@ -22,4 +22,8 @@
       "Soft": 4096
     }
   }
+}{% if ansible_distribution == 'Ubuntu' %},
+{
+  "dns": ["8.8.8.8"]
 }
+{% endif %}

roles/infrastructure/grub/tasks/main.yml

@@ -7,6 +7,12 @@
     - name: set GRUB config path (BIOS)
       set_fact:
         grub_file_path: /boot/grub2/grub.cfg
+      when: ansible_distribution == "CentOS"
+
+    - name: set GRUB config path (BIOS)
+      set_fact:
+        grub_file_path: /boot/grub/grub.cfg
+      when: ansible_distribution == "Ubuntu"
 
     - name: check if host is using EFI
       stat:
@@ -40,25 +46,36 @@
   command: grub2-mkconfig -o {{ grub_file_path }}
   changed_when: true
   become: yes
+  when: ansible_distribution == "CentOS"
+
+- name: regenerate grub.cfg
+  command: grub-mkconfig -o {{ grub_file_path }}
+  changed_when: true
+  become: yes
+  when: ansible_distribution == "Ubuntu"
 
 - name: get current CMDLINE
   command: cat /proc/cmdline
   register: current_cmdline
   changed_when: false
 
-- name: get future cmdline
+- name: get future cmdline CentOS
   shell: set -o pipefail && grubby --info=$(grubby --default-kernel) | grep args
   register: future_cmdline
   changed_when: false
   become: yes
+  when: ansible_distribution == "CentOS"  
 
 - name: extract proper parts from the outputs
   set_fact:
     current_args: "{{ current_cmdline.stdout | regex_replace('BOOT_IMAGE=.*? root=.*? (.*)', '\\1') | trim }}"
     future_args:  "{{ future_cmdline.stdout | regex_replace('args=\"(.*)\"', '\\1') | trim }}"
+  when: ansible_distribution == "CentOS"
 
 # role `conditional_reboot` checks if `perform_reboot` is defined, is so machine is rebooted
 - name: request reboot (will be performed by `conditional_reboot` role)
   set_fact:
     perform_reboot: "{{ perform_reboot|default([]) + [ 'grub' ] }}"
-  when: current_args != future_args
+  when: 
+     - ansible_distribution == "CentOS"
+     - current_args != future_args

roles/infrastructure/os_setup/tasks/add_yum_excludes.yml

@@ -10,4 +10,5 @@
   when:
     - _os_yum_exclude_rpm_packages is defined
     - _os_yum_exclude_rpm_packages|length > 0
+    - ansible_distribution == "CentOS"
   become: yes

roles/infrastructure/os_setup/tasks/change_default_sh_ubuntu.yml

@@ -0,0 +1,11 @@
+
+---
+- name: set bash as the default shell (sh)
+  when: ansible_distribution == 'Ubuntu'
+  become: yes
+  block: 
+  - name: set dash/sh to false
+    shell: echo "dash dash/sh boolean false" | debconf-set-selections
+
+  - name: set the default sh as bash on Ubuntu
+    shell: dpkg-reconfigure -p critical dash