group updates to public branch

.jenkins/runAnsibleLintTests.groovy

@@ -0,0 +1,3 @@
+#!/usr/bin/env groovy
+
+runAnsibleLintTests()

.jenkins/runKicsLintTests.groovy

@@ -0,0 +1,3 @@
+#!/usr/bin/env groovy
+
+runKicsLintTests()

.jenkins/runMoleculeTests.groovy

@@ -0,0 +1,3 @@
+#!/usr/bin/env groovy
+
+runMoleculeTests()

.jenkins/runYamlLintTests.groovy

@@ -0,0 +1,3 @@
+#!/usr/bin/env groovy
+
+runYamlLintTests()

README.md

@@ -326,7 +326,7 @@ $ ansible-playbook site.yml --tags iscsi-client
 ansible -i inventory/hosts.yml openstack -m ping
 ansible -i inventory/hosts-openstack.ini openstack -m ping
 
-ansible-playbook site.yml --tags bootstrap-linux --limit dc_os_linux
+ansible-playbook site.yml --tags bootstrap-linux --limit os_linux
 ansible-playbook site.yml --tags bootstrap-linux-firewalld --limit vmub2201
 ansible-playbook site.yml --tags bootstrap-docker --limit docker
 ansible-playbook site.yml --tags bootstrap-network --limit node01
@@ -365,7 +365,7 @@ openstack server create --image cirros --flavor m1.tiny --key-name mykey --netwo
 
 Other useful plays
 ```shell
-ansible-playbook site.yml --tags bootstrap-linux-mounts --limit dc_os_linux
+ansible-playbook site.yml --tags bootstrap-linux-mounts --limit os_linux
 ansible-playbook site.yml --tags bootstrap-linux-mounts --limit dc_os_centos_7
 ansible-playbook site.yml --tags bootstrap-linux-mounts --limit postgres
 ansible-playbook site.yml --tags bootstrap-linux-mounts --limit media
@@ -439,7 +439,7 @@ ansible -v -u administrator -e ansible_password=${ANSIBLE_SSH_PASSWORD} -e ansib
 
 ```shell
 ansible-playbook site.yml --tags display-vars -l control01
-ansible-playbook site.yml --tags display-domain-vars -l dc_os_linux
+ansible-playbook site.yml --tags display-domain-vars -l os_linux
 ansible-playbook site.yml --tags display-domain-vars -l nas02
 ansible-playbook site.yml --tags display-domain-vars -l control01
 ansible all -m debug -a var=groups['ca_domain']

TESTING.md

@@ -96,7 +96,7 @@ $ ansible -i inventory/ -m debug -a var=bootstrap_ntp_var_source,bootstrap_ntp_s
 
 Query intersecting groups:
 ```shell
-$ ansible -i inventory/ -m debug -a var=group_names dmz:\&dc_os_linux
+$ ansible -i inventory/ -m debug -a var=group_names dmz:\&os_linux
 $ ansible -i inventory/ -m debug -a var=group_names dmz:\&testgroup_lnx
 $ ansible -i inventory/ -m debug -a var=group_names dmz:\&testgroup_lnx:\&ntp_network
 ```

bootstrap_docker_ci.yml

@@ -9,14 +9,14 @@
 #      changed_when: "'molecule-idempotence-notest' not in ansible_skip_tags"
 
 - name: "Bootstrap linux OS on instance"
-  hosts: dc_os_linux
+  hosts: os_linux
   connection: local
   become: yes
   roles:
     - role: bootstrap-linux
 
 - name: "Bootstrap windows OS on instance"
-  hosts: dc_os_windows
+  hosts: os_windows
   connection: local
   become: yes
   roles:

bootstrap_vm_template.yml

@@ -29,7 +29,7 @@
       var: group_names | d([])
 
 - name: "Bootstrap linux OS on vm template"
-#  hosts: dc_os_linux
+#  hosts: os_linux
   hosts: vm_template_linux
   tags: vm-template
   connection: local
@@ -38,7 +38,7 @@
     - role: bootstrap-linux
 
 - name: "Bootstrap windows OS on vm template"
-#  hosts: dc_os_windows
+#  hosts: os_windows
   hosts: vm_template_windows
   tags: vm-template
   connection: local

connectivity-tests.yml

@@ -17,23 +17,23 @@
 
         - name: "Ping test via module ping"
 #          when: ansible_os_family|d('')|lower in ['debian', 'redhat']
-          when: "'dc_os_linux' in group_names"
+          when: "'os_linux' in group_names"
           action: ping
           register: ping_test
           changed_when: no
 
         - name: "Ping test via module win_ping"
 #          when: ansible_os_family|d('')|lower is search('windows')
-          when: "'dc_os_windows' in group_names"
+          when: "'os_windows' in group_names"
           action: win_ping
           register: winping_test
           changed_when: no
 
         - name: "Ping test via module net_ping"
           delegate_to: localhost
           when:
-            - "'dc_os_windows' not in group_names"
-            - "'dc_os_linux' not in group_names"
+            - "'os_windows' not in group_names"
+            - "'os_linux' not in group_names"
           net_ping:
             dest: "{{ ansible_host }}"
           register: netping_test

display-hostvars.yml

@@ -8,7 +8,7 @@
 
     - name: Set os info
       set_fact:
-        os_family: "{{ 'dc_os_linux' if ansible_os_family|d('')|lower in ['debian', 'redhat']
+        os_family: "{{ 'os_linux' if ansible_os_family|d('')|lower in ['debian', 'redhat']
           else ansible_os_family|d('Unknown') }}"
         os_distribution: "os_{{ ansible_facts['distribution'] |d('Unknown') | lower | replace(' ','_') }}"
         os_distribution_version: "os_{{ ansible_facts['distribution'] |d('Unknown') | lower
@@ -34,9 +34,9 @@
     - name: Set os info for windows
       when: ansible_os_family|d('')|lower is search('windows')
       set_fact:
-        os_family: "dc_os_windows"
+        os_family: "os_windows"
         os_distribution: "windows"
-        os_distribution_version: "dc_os_windows_{{ ansible_facts['distribution']|d('Unknown')
+        os_distribution_version: "os_windows_{{ ansible_facts['distribution']|d('Unknown')
           | lower | replace(' ','_') | regex_replace('(microsoft_|windows_)', '') }}"
 
     - name: Display os group classification info

docs/ansible/ansible-idempotent-roles/ansible-idempotent-firewall/ansible-firewall-idempotent.md

@@ -410,7 +410,7 @@ For examples, see the group_var files in the [example repo here](https://github.
 
 group var file|var names used
 ---|---
-[dc_os_linux.yml](https://github.com/lj020326/ansible-datacenter/inventory/group_vars/dc_os_linux.yml)|firewalld_services__linux
+[os_linux.yml](https://github.com/lj020326/ansible-datacenter/inventory/group_vars/os_linux.yml)|firewalld_services__linux
 [postfix_server.yml](https://github.com/lj020326/ansible-datacenter/inventory/group_vars/postfix_server.yml)|firewalld_ports__postfix
 [nameserver.yml](https://github.com/lj020326/ansible-datacenter/inventory/group_vars/nameserver.yml)|firewalld_ports__bind
 [veeam_agent.yml](https://github.com/lj020326/ansible-datacenter/inventory/group_vars/veeam_agent.yml)|firewalld_ports__veeam

docs/ansible/ansible-idempotent-roles/ansible-idempotent-roles.md

@@ -410,7 +410,7 @@ For examples, see the group_var files in the [example repo here](https://github.
 
 group var file|var names used
 ---|---
-[dc_os_linux.yml](https://github.com/lj020326/ansible-datacenter/tree/main/inventory/group_vars/dc_os_linux.yml)|firewalld_services__linux
+[os_linux.yml](https://github.com/lj020326/ansible-datacenter/tree/main/inventory/group_vars/os_linux.yml)|firewalld_services__linux
 [postfix_server.yml](https://github.com/lj020326/ansible-datacenter/tree/main/inventory/group_vars/postfix_server.yml)|firewalld_ports__postfix
 [nameserver.yml](https://github.com/lj020326/ansible-datacenter/tree/main/inventory/group_vars/nameserver.yml)|firewalld_ports__bind
 [veeam_agent.yml](https://github.com/lj020326/ansible-datacenter/tree/main/inventory/group_vars/veeam_agent.yml)|firewalld_ports__veeam
@@ -558,7 +558,7 @@ The role will automatically dereference/merge/combine all the app-specific FW co
 
 ## ref: [see firewall notes here](./docs/ansible-firewall-example.md)
 - name: "Bootstrap linux firewall"
-  hosts: dc_os_linux,!node_offline
+  hosts: os_linux,!node_offline
   become: yes
   tags:
     - bootstrap-firewall
@@ -570,7 +570,7 @@ The role will automatically dereference/merge/combine all the app-specific FW co
 
 ## ref: [see firewall notes here](./docs/ansible-firewall-example.md)
 - name: "Configure linux firewall"
-  hosts: dc_os_linux,!node_offline
+  hosts: os_linux,!node_offline
   become: yes
   tags:
     - configure-firewall

docs/ansible/ansible-running-env-jobs.md

@@ -139,7 +139,7 @@ ansible_ssh_private_key_file: "{{ lookup('cyberark.conjur.conjur_variable', env|
 
 The machine credentials for the OS can be set in the respective os groups.
 
-inventory/group_vars/dc_os_linux.yml:
+inventory/group_vars/os_linux.yml:
 ```yaml
 ---
 ## ref: https://github.com/cyberark/ansible-conjur-collection
@@ -150,7 +150,7 @@ ansible_password: "{{ lookup('cyberark.conjur.conjur_variable', env|upper + '/Li
 
 ```
 
-inventory/group_vars/dc_os_windows.yml:
+inventory/group_vars/os_windows.yml:
 ```yaml
 ---
 ## ref: https://github.com/cyberark/ansible-conjur-collection

docs/img/screenshots/ansible-datacenter-3d-bootstrap-linux-console.md

@@ -212,8 +212,8 @@ Running on admin02 in /workspace/dettonville/infra/ansible-datacenter/dev/bootst
 11:46:59  ├── ldap_client.yml -> ../../group_vars/ldap_client.yml
 11:46:59  ├── linux_ip_dhcp.yml -> ../../group_vars/linux_ip_dhcp.yml
 11:46:59  ├── linux_ip_static.yml -> ../../group_vars/linux_ip_static.yml
-11:46:59  ├── dc_os_linux_baremetal.yml -> ../../group_vars/dc_os_linux_baremetal.yml
-11:46:59  ├── dc_os_linux.yml -> ../../group_vars/dc_os_linux.yml
+11:46:59  ├── os_linux_baremetal.yml -> ../../group_vars/os_linux_baremetal.yml
+11:46:59  ├── os_linux.yml -> ../../group_vars/os_linux.yml
 11:46:59  ├── mergerfs.yml -> ../../group_vars/mergerfs.yml
 11:46:59  ├── nameserver.yml -> ../../group_vars/nameserver.yml
 11:46:59  ├── ntp_client.yml -> ../../group_vars/ntp_client.yml
@@ -283,7 +283,7 @@ Running on admin02 in /workspace/dettonville/infra/ansible-datacenter/dev/bootst
 11:45:04    - ****_distribution_major_version=20
 11:45:04    - ****_python_interpreter=/usr/bin/python3
 11:45:04    - ****_pip_interpreter=pip3
-11:45:04    - group_names=['ca_domain', 'ca_domain_int_johnson', 'cert_node', 'deploy_vm', 'dhcp_client_mac_interface', 'dhcp_hosts', 'esxi', 'ldap_client', 'linux_ip_dhcp', 'dc_os_linux', 'nfs_service', 'ntp_client', 'dc_os_Ubuntu', 'dc_os_Ubuntu_20', 'postfix_client', 'server_node', 'server_vm', 'step_ca_cli', 'stepca_certs', 'vmware_flavor_ubuntu20_small', 'vmware_linux_ip_dhcp', 'vmware_ubuntu20_dhcp', 'vmware_ubuntu20_dhcp_int_johnson', 'vmware_ubuntu20_int_johnson', 'vmware_vm', 'vmware_vm_dhcp', 'vmware_vm_linux']
+11:45:04    - group_names=['ca_domain', 'ca_domain_int_johnson', 'cert_node', 'deploy_vm', 'dhcp_client_mac_interface', 'dhcp_hosts', 'esxi', 'ldap_client', 'linux_ip_dhcp', 'os_linux', 'nfs_service', 'ntp_client', 'dc_os_Ubuntu', 'dc_os_Ubuntu_20', 'postfix_client', 'server_node', 'server_vm', 'step_ca_cli', 'stepca_certs', 'vmware_flavor_ubuntu20_small', 'vmware_linux_ip_dhcp', 'vmware_ubuntu20_dhcp', 'vmware_ubuntu20_dhcp_int_johnson', 'vmware_ubuntu20_int_johnson', 'vmware_vm', 'vmware_vm_dhcp', 'vmware_vm_linux']
 11:45:04    - ntp_servers=['10.0.0.1 prefer iburst']
 11:45:04    - docker_stack_external_domain=
 11:45:04    - docker_stack_internal_domain=

inventory/xenv_groups.yml

@@ -106,7 +106,7 @@ all:
     #    dc_os_esxi:
     #      children:
     #        vmware_esx_host: {}
-    #    dc_os_linux:
+    #    os_linux:
     #      children:
     #        dc_os_centos: {}
     #        dc_os_debian: {}
@@ -125,7 +125,7 @@ all:
     #    dc_os_vcenter:
     #      children:
     #        vmware_vcenter: {}
-    #    dc_os_windows:
+    #    os_windows:
     #      children:
     #        os_windows: {}
     dell_idrac_hosts:

molecule/README.md

@@ -22,15 +22,145 @@ $ docker-image-sync.sh redhat8-systemd-python
 ## Create molecule container
 
 ```shell
-$ MOLECULE_DISTRO=centos8-systemd-python \
-  molecule --debug create -s bootstrap-linux
+$ MOLECULE_DISTRO=centos8-systemd-python molecule --debug create -s bootstrap-linux
+```
+
+### Handling 'Unable to contact the Docker daemon' error
+
+If you get the 'Unable to contact the Docker daemon' result when running molecule as follows:
+```shell
+$ MOLECULE_DISTRO=centos8-systemd-python molecule --debug converge -s bootstrap-linux
+...
+INFO     Sanity checks: 'docker'
+CRITICAL Unable to contact the Docker daemon. Please refer to https://docs.docker.com/config/daemon/ for managing the daemon
+$ 
+$ telnet localhost 2375
+Trying ::1...
+Connection failed: Connection refused
+Trying 127.0.0.1...
+Connected to localhost.
+Escape character is '^]'.
+^]
+telnet> q
+Connection closed.
+
+```
+
+Check the docker version / info
+```shell
+$ docker version
+Client:
+ Version:           23.0.6
+ API version:       1.42
+ Go version:        go1.19.9
+ Git commit:        ef23cbc
+ Built:             Fri May  5 21:14:58 2023
+ OS/Arch:           darwin/amd64
+ Context:           default
+error during connect: Get "http://docker:2375/v1.24/version": dial tcp: lookup docker: no such host
+$ docker info
+Client:
+ Context:    default
+ Debug Mode: false
+ Plugins:
+  buildx: Docker Buildx (Docker Inc.)
+    Version:  v0.14.1-desktop.1
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-buildx
+  compose: Docker Compose (Docker Inc.)
+    Version:  v2.27.1-desktop.1
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-compose
+  debug: Get a shell into any image or container (Docker Inc.)
+    Version:  0.0.32
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-debug
+  dev: Docker Dev Environments (Docker Inc.)
+    Version:  v0.1.2
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-dev
+  extension: Manages Docker extensions (Docker Inc.)
+    Version:  v0.2.24
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-extension
+  feedback: Provide feedback, right in your terminal! (Docker Inc.)
+    Version:  v1.0.5
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-feedback
+  init: Creates Docker-related starter files for your project (Docker Inc.)
+    Version:  v1.2.0
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-init
+  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
+    Version:  0.6.0
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-sbom
+  scout: Docker Scout (Docker Inc.)
+    Version:  v1.9.3
+    Path:     /Users/ljohnson/.docker/cli-plugins/docker-scout
+
+Server:
+ERROR: error during connect: Get "http://docker:2375/v1.24/info": dial tcp: lookup docker: no such host
+errors pretty printing info
+
+```
+
+The results above indicate a communications issue most likely affected by the `DOCKER_HOST` environment variable.
+So we check the value for the `DOCKER_HOST` environment variable:
+```shell
+$ echo $DOCKER_HOST
+tcp://docker:2375
+```
+
+So unset the variable and retry:
+```shell
+$ unset DOCKER_HOST
+$ echo $DOCKER_HOST
+$ docker version
+Client:
+ Version:           23.0.6
+ API version:       1.42
+ Go version:        go1.19.9
+ Git commit:        ef23cbc
+ Built:             Fri May  5 21:14:58 2023
+ OS/Arch:           darwin/amd64
+ Context:           desktop-linux
+
+Server: Docker Desktop 4.31.0 (153195)
+ Engine:
+  Version:          26.1.4
+  API version:      1.45 (minimum version 1.24)
+  Go version:       go1.21.11
+  Git commit:       de5c9cf
+  Built:            Wed Jun  5 11:29:22 2024
+  OS/Arch:          linux/amd64
+  Experimental:     false
+ containerd:
+  Version:          1.6.33
+  GitCommit:        d2d58213f83a351ca8f528a95fbd145f5654e957
+ runc:
+  Version:          1.1.12
+  GitCommit:        v1.1.12-0-g51d5e94
+ docker-init:
+  Version:          0.19.0
+  GitCommit:        de40ad0
+$ 
+```
+
+```shell
+$ molecule --debug test
+```
+
+Conversely the environment variable may require setup per: 
+https://stackoverflow.com/questions/70199313/how-to-use-docker-host-error-during-connect 
+
+### Handling 'SyntaxError: future feature annotations is not defined' error
+
+Ansible core 2.16 is slated to be something of an 'LTS' release, [according to one of the core maintainers](https://github.com/ansible/ansible/issues/83357#issuecomment-2148280535)—so if you lock into that version of Ansible core anywhere you run code against RHEL 8 servers, you should be good to go:
+
+```shell
+$ pip3 install 'ansible-core<2.17'
 ```
 
+ref: https://www.jeffgeerling.com/blog/2024/newer-versions-ansible-dont-work-rhel-8
+
+
 ## Converge molecule container
 
 ```shell
-$ MOLECULE_DISTRO=centos8-systemd-python \
-  molecule --debug converge -s bootstrap-linux
+$ MOLECULE_DISTRO=centos8-systemd-python molecule --debug converge -s bootstrap-linux
 ```
 
 ## Test molecule container