dellemc-openmanage-ansible-modules
dellemc-openmanage-ansible-modules copied to clipboard
dell
[QUESTION]: Factory Reset iDRAC & wait_for_idrac?
How can the team help?
We'd like to do the following in a single playbook:
- Factory Reset BIOS Settings
- Factory Reset iDRAC via reset_to_default: "ALL" (including network & user)
- Change Root Password
Issue:
When resetting the iDRAC to default root password back to 'calvin', we can't use dellemc.openmanage.idrac_reset with wait_for_idrac: True to guarantee the iDRAC is ready before we try to reset the password since the credentials used to call the role are different half way through execution.
Question:
Is there an easy way to call the lcstatuscheck Task separately before Change Root Password or is there an example of how to call the URI /redfish/v1/Dell/Managers/iDRAC.Embedded.1/DellLCService/Actions/DellLCService.GetRemoteServicesAPIStatus on its own?
Playbook
- hosts: '{{ host }}'
gather_facts: false
tasks:
- name: Factory Reset Dell BIOS
dellemc.openmanage.idrac_bios:
idrac_ip: '{{ idrac_ip }}'
idrac_password: '{{ idrac_password }}'
idrac_user: '{{ idrac_user }}'
validate_certs: False
reset_bios: yes
delegate_to: localhost
- name: Factory Reset the iDRAC (keep network and user settings) and wait for the idrac to be ready
ansible.builtin.include_role:
name: dellemc.openmanage.idrac_reset
vars:
hostname: '{{ idrac_ip }}'
username: '{{ idrac_user }}'
password: '{{ idrac_password }}'
reset_to_default: "All"
validate_certs: False
wait_for_idrac: False # Wish this could be True
- name: Change Root Password
community.general.idrac_redfish_config:
category: Manager
command: SetManagerAttributes
manager_attributes:
Users.2.AuthenticationProtocol: "SHA"
Users.2.EmailAddress: ""
Users.2.Enable: "Enabled"
Users.2.IpmiLanPrivilege: "Administrator"
Users.2.IpmiSerialPrivilege: "Administrator"
Users.2.Password: "{{ idrac_password }}"
Users.2.PrivacyProtocol: "AES"
Users.2.Privilege: 511
Users.2.ProtocolEnable: "Disabled"
Users.2.Simple2FA: "Disabled"
Users.2.SolEnable: "Enabled"
Users.2.UseEmail: "Disabled"
Users.2.UserName: "root"
baseuri: "{{ idrac_ip }}"
username: "{{ idrac_user }}"
password: "calvin"
delegate_to: localhost
@dhekimian You can have a task as below added in playbook before setting a password for root user it will fetch the LC status with a default username and password. But before this you need to track for idrac to be up.
- name: Get lifecycle controller status for iDRAC9
ansible.builtin.uri:
url: "https://{{ hostname }}:{{ https_port }}/redfish/v1/Dell/Managers/iDRAC.Embedded.1/DellLCService/Actions/DellLCService.GetRemoteServicesAPIStatus"
user: "{{ default_username}}"
password: "{{ default_password }}"
validate_certs: "{{ validate_certs }}"
headers:
Accept: "application/json"
Content-Type: "application/json"
OData-Version: "4.0"
body_format: "json"
return_content: true
force_basic_auth: true
timeout: 30
method: "POST"
body: "{}"
status_code: 200
delegate_to: localhost
register: result
Let me think about enhancing a idrac_reset role to support track with a default username and password and get back
@dhekimian we are in plan to add the params default_username and default_password to the module/role, which will be used to authenticate after the Reset is performed. This way user will have a choice of sending the default credentials that idrac would have when reset all is performed.
let me know your view.
cc : @anupamaloke