Add Rocky Linux 9 support

RedHat-EMEA-SSA-Team · Dec 7, 2022 · 5a72e7a · 5a72e7a
1 parent 8af050e
commit 5a72e7a
Show file tree

Hide file tree

Showing 3 changed files with 75 additions and 2 deletions.
diff --git a/ansible/roles/openshift-4-cluster/tasks/post-install-storage-nfs.yml b/ansible/roles/openshift-4-cluster/tasks/post-install-storage-nfs.yml
@@ -19,7 +19,7 @@
 - name: Set nfs_server
   ansible.builtin.set_fact:
     nfs_server: "nfs-server"
-  when: ansible_os_family == "RedHat" and ansible_distribution_major_version == '8'
+  when: ansible_os_family == "RedHat" and (ansible_distribution_major_version == '8' or ansible_distribution_major_version == '9')
 
 - name: Ensure nfs is running.
   ansible.builtin.service:

diff --git a/ansible/roles/openshift-4-cluster/tasks/prepare-host-Rocky-9.yml b/ansible/roles/openshift-4-cluster/tasks/prepare-host-Rocky-9.yml
@@ -0,0 +1,73 @@
+---
+- name: Installing KVM Packages
+  ansible.builtin.package:
+    name:
+      - "@virtualization-hypervisor"
+      - "@virtualization-client"
+      - "@virtualization-platform"
+      - "@virtualization-tools"
+      # ansible virt need lxml
+      - python3-lxml
+      - firewalld
+    state: present
+
+- name: Upgrade all packages
+  ansible.builtin.package:
+    name: '*'
+    state: latest
+  register: update
+
+- name: Check if new kernel has been installed and local execution
+  ansible.builtin.set_fact:
+    hetzner_ocp4_prepare_host_reboot_needed: true
+  when:
+    - update.changed
+    - update.results | select('match','Installed:.*kernel.*') | length > 0
+  tags:
+    - skip_ansible_lint
+
+- name: Enable & Start firewalld
+  ansible.builtin.service:
+    name: firewalld
+    state: started
+    enabled: true
+
+- name: Allow NFS traffic from VM's to Host
+  ansible.posix.firewalld:
+    zone: libvirt
+    state: enabled
+    permanent: yes
+    service: "{{ item }}"
+  with_items:
+    - nfs
+    - mountd
+    - rpc-bind
+  notify: 'reload firewalld'
+
+- name: Allow OpenShift traffic from VM's to Host
+  ansible.posix.firewalld:
+    zone: libvirt
+    state: enabled
+    permanent: yes
+    port: "{{ item }}"
+  with_items:
+    - 80/tcp
+    - 443/tcp
+    - 6443/tcp
+    - 22623/tcp
+  notify: 'reload firewalld'
+
+- name: Allow OpenShift traffic from public to Host
+  ansible.posix.firewalld:
+    zone: public
+    state: enabled
+    permanent: yes
+    port: "{{ item }}"
+  with_items:
+    - 80/tcp
+    - 443/tcp
+    - 6443/tcp
+  notify: 'reload firewalld'
+
+- name: firewalld reload
+  ansible.builtin.command: firewall-cmd --reload
diff --git a/docs/release-notes.md b/docs/release-notes.md
@@ -12,7 +12,7 @@
  * Handling reboot after new kernel is installed
  * [Added support for remote execution (execute playbooks on your laptop)](remote-execution.md)
  * Added `install_config_capabilities` configuration
-
+ * Added Rocky Linux 9 support
 
 
 ## 2022-06-19