small changes and updates

deployment.sh

@@ -2,7 +2,8 @@
 
 case $1 in
 "destroy")
-    ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook destroy-k8s-cluster.yml
+    ansible-playbook setup-infra.yml -e operation=create -e terraform_workspace=${2:-default}
+    ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i host.ini destroy-k8s-cluster.yml -e terraform_workspace=${2:-default}
     ansible-playbook configure-route53.yml -e operation=destroy -e terraform_workspace=${2:-default}
     ansible-playbook setup-infra.yml -e operation=destroy -e terraform_workspace=${2:-default}
     ;;

destroy-k8s-cluster.yml

@@ -1,11 +1,10 @@
-- hosts: localhost
+- hosts: servicesnode
   vars:
     terraform_workspace: default
   tasks:
   - name: Destroy Kubernetes cluster   
     shell: >-
       kubectl delete cluster {{ terraform_workspace }}
     when:
-      - (operation == "destroy")
       - "enable_k8s_openondemand|default(false)|bool == true"
     register: destroy

roles/ldap_client/tasks/debian.yml

@@ -0,0 +1,48 @@
+---
+- name: Full system upgrade
+  apt:
+    update_cache: yes
+    cache_valid_time: 3600
+    upgrade: dist
+
+- name: Install LDAP client packages
+  apt:
+    name:
+      - libpam-ldap
+      - ldap-utils
+      - nscd
+      - nslcd
+      - libnss-ldapd
+    state: present
+
+- name: Configure nslcd uri
+  lineinfile:
+    path: /etc/nslcd.conf
+    regexp: '^uri'
+    line: 'uri ldap://{{ hostvars["servicesnode"]["ansible_default_ipv4"]["address"] }}/'
+  notify: restart nslcd
+
+- name: Configure basedn
+  lineinfile:
+    path: /etc/nslcd.conf
+    regexp: '^base'
+    line: 'base {{ ldap_base_dn }}'
+  notify: restart nslcd
+
+- name: Configure passwd in nsswitch.conf
+  lineinfile:
+    path: /etc/nsswitch.conf
+    regexp: '^passwd:'
+    line: 'passwd: files systemd ldap'
+
+- name: Configure group in nsswitch.conf
+  lineinfile:
+    path: /etc/nsswitch.conf
+    regexp: '^group:'
+    line: 'group: files systemd ldap'
+
+- name: Configure common-password
+  replace:
+    path: /etc/pam.d/common-password
+    regexp: '(use_authtok\s*)'
+    replace: ''

roles/ldap_client/tasks/main.yml

@@ -1,48 +1,6 @@
 ---
-- name: Full system upgrade
-  apt:
-    update_cache: yes
-    cache_valid_time: 3600
-    upgrade: dist
-
-- name: Install LDAP client packages
-  apt:
-    name:
-      - libpam-ldap
-      - ldap-utils
-      - nscd
-      - nslcd
-      - libnss-ldapd
-    state: present
+- import_tasks: debian.yml
+  when: ansible_os_family == "Debian"
 
-- name: Configure nslcd uri
-  lineinfile:
-    path: /etc/nslcd.conf
-    regexp: '^uri'
-    line: 'uri ldap://servicesnode.flexi.nesi/'
-  notify: restart nslcd
-
-- name: Configure basedn
-  lineinfile:
-    path: /etc/nslcd.conf
-    regexp: '^base'
-    line: 'base {{ ldap_base_dn }}'
-  notify: restart nslcd
-
-- name: Configure passwd in nsswitch.conf
-  lineinfile:
-    path: /etc/nsswitch.conf
-    regexp: '^passwd:'
-    line: 'passwd: files systemd ldap'
-
-- name: Configure group in nsswitch.conf
-  lineinfile:
-    path: /etc/nsswitch.conf
-    regexp: '^group:'
-    line: 'group: files systemd ldap'
-
-- name: Configure common-password
-  replace:
-    path: /etc/pam.d/common-password
-    regexp: '(use_authtok\s*)'
-    replace: ''
+- import_tasks: redhat.yml
+  when: ansible_os_family == "RedHat"

roles/ldap_client/tasks/redhat.yml

@@ -0,0 +1,48 @@
+---
+- name: Full system upgrade
+  dnf:
+    update_cache: yes
+    cache_valid_time: 3600
+    upgrade: dist
+
+- name: Install LDAP client packages
+  dnf:
+    name:
+      - libpam-ldap
+      - ldap-utils
+      - nscd
+      - nslcd
+      - libnss-ldapd
+    state: present
+
+- name: Configure nslcd uri
+  lineinfile:
+    path: /etc/nslcd.conf
+    regexp: '^uri'
+    line: 'uri ldap://{{ hostvars["servicesnode"]["ansible_default_ipv4"]["address"] }}/'
+  notify: restart nslcd
+
+- name: Configure basedn
+  lineinfile:
+    path: /etc/nslcd.conf
+    regexp: '^base'
+    line: 'base {{ ldap_base_dn }}'
+  notify: restart nslcd
+
+- name: Configure passwd in nsswitch.conf
+  lineinfile:
+    path: /etc/nsswitch.conf
+    regexp: '^passwd:'
+    line: 'passwd: files systemd ldap'
+
+- name: Configure group in nsswitch.conf
+  lineinfile:
+    path: /etc/nsswitch.conf
+    regexp: '^group:'
+    line: 'group: files systemd ldap'
+
+- name: Configure common-password
+  replace:
+    path: /etc/pam.d/common-password
+    regexp: '(use_authtok\s*)'
+    replace: ''