Feature: new docs_library group and introduced more generic stack_name for groups of machines.

[pneerincx]

• Added new docs server on Merlin to replace the one running on one of the EOL OpenStack boxes:
  • Added corresponding docs_library inventory group.
  • Added new docs_on_merlin server to group_vars and static_inventories for all relevant clusters.
• The new docs_library inventory group is the second one following the iRODS machines that does not contain Slurm cluster machines. Therefore this PR contains major refactoring to replace {{ slurm_cluster_name }}_cluster with {{ stack_name }} to accommodate other groups of machines.
  • Renamed all static inventory files and vault keys to use new {{ stack_name }} variable.
  • Updated vault labels in all encrypted files to use {{ stack_name }}.
  • lor-init: updated to find the correct static inventory and vault password for a {{ stack_name }}. Can also use {{ stack_prefix }} to find the corresponding {{ stack_name }}.
  • Updated Marvin config to give it its own CA key pair for signing host keys. And encrypted the corresponding files using the correct vault key + label.
• Bugfixes for deploy-os_servers.yml:
  • Description of security group for IRODs machines was too long (has to be < 255 characters).
  • Name of task that creates ip_addresses.yml.new listed ip_addresses.yml as the file being created, which was confusing.
  • Removed unsupported parameter hosts for openstack.cloud.security_group module.
  • Description of security group for IRODs machines was too long: shortened name to make it <= 255 characters.
• Bugfixes for group_vars/nibbler_cluster/vars.yml:
  • Changed local_volume_size_irods from 1 to 20, because current iRODS VMs have have local volumes of 20 GB and the playbook cannot shrink volumes resulting in a Cannot shrink volumes error.
  • Added irods_icat_fqdn, because it is also needed for the static_hostname_lookup role on jumphosts and group_vars/irods.yml is not used for jumphosts.
    Bugfix: fixed when statements for deploying either ldap or sssd roles in:
  • single_group_playbooks/jumphost.yml
  • single_group_playbooks/cluster_part2.yml
  • single_group_playbooks/data_transfer.yml
• Pulp failed on Nibbler: could not easily figure out why this no longer works, but it looks like something got updated despite pinning various version numbers. To make it work again:
  • Upgraded pulp-installer to 3.16.0.
  • Upgraded pulpcore and pulp-rpm to 3.16.1.
  • Updated pulp-cli to 0.13.0
  • Install both pulp-cli as well as all its Python dependencies using a pulp-cli-requirements.txt file with locked version numbers.
• Bugfix for SSSD config:
  • Switched enumerate false -> true to fix issues with Ansible playbooks, which need to be able to list all groups.
  • Updated generate_secrets.py to support nested data structures e.g. for ldap_credentials as used by sssd_client role.