create_headnode.yml

---
- hosts: localhost
  gather_facts: false
  vars_files:
    - vars/main.yml

  tasks:
    - name: Upload image to OpenStack
      openstack.cloud.image:
        name: "{{ image_name }}"
        filename: "{{ image_file }}"
        disk_format: qcow2
        container_format: bare
        state: present

    - name: Launch cluster head node instance
      openstack.cloud.server:
        name: "{{ head_node_name }}"
        image: "{{ image_name }}"
        flavor: "{{ head_node_flavor }}"
        key_name: "{{ keypair_name }}"
        network: "{{ cluster_network_name }}"
        auto_ip: false
        security_groups: "{{ cluster_security_group }}"
        state: present
        userdata: |
          #cloud-config
          packages:
            - python3
          package_upgrade: true
          runcmd:
            - echo "CRYPTO_POLICY='-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr -oMACs=umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512 -oGSSAPIKeyExchange=no -oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512 -oHostKeyAlgorithms=rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com -oPubkeyAcceptedKeyTypes=rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com -oCASignatureAlgorithms=rsa-sha2-256,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,rsa-sha2-512,ecdsa-sha2-nistp521,ssh-ed25519'" >>/etc/sysconfig/sshd
            - systemctl restart sshd

    - name: Add head node to inventory
      import_tasks: tasks/add_headnode_inventory.yml

    - debug:
        msg: "{{ cluster_name }} head node is launched at {{ hostvars['localhost'].headnode.openstack_servers[0].private_v4 }}"

- hosts: headnode
  gather_facts: false
  vars_files:
    - ./vars/main.yml

  tasks:
    - name: wait for head node to boot and become reachable
      wait_for_connection:
        delay: 5

    - debug:
        msg: "{{ cluster_name }} head node is up at {{ hostvars['localhost'].headnode.openstack_servers[0].private_v4 }}."