Ansible playbooks for managing IBM Power Systems via HMC (Hardware Management Console).
- LPARs anlegen und löschen – LPAR erstellen (mit oder ohne Netboot), LV auf VIOS, LPAR löschen
- LPARs per Netboot installieren – RHEL-Installation über PXE/Kickstart (TFTP, DHCP, Kickstart-Datei)
- Neue RHEL-Versionen auf dem Kickstart-Server ablegen – ISO einspielen, Repo- und TFTP-Struktur anlegen
- Multiple managed systems per HMC – Liste verwalteter Systeme pro HMC
- LPAR-Steuerung – Ein/Aus, Anlegen, Löschen
- Self-signed certificate support – HMCs mit selbstsignierten Zertifikaten
- Ansible (2.9+)
- Python 3 on the control node
- sshpass installed (
brew install hudochenkov/sshpass/sshpasson macOS) - Network access to the HMC from the control node
- HMC credentials with appropriate permissions
Install the required Ansible collection:
ansible-galaxy collection install -r requirements.ymlEdit inventory/hosts.yml to configure your HMC hosts and managed systems:
all:
children:
hmc:
hosts:
10.32.104.241:
managed_systems_list:
- "power91"
- "power92"
10.32.104.242:
managed_systems_list:
- "power93"
vars:
hmc_user: "admin"Option 1: Command line
ansible-playbook power_control.yml -e "hmc_pass=YOUR_PASSWORD"Option 2: Environment variable
export HMC_PASSWORD="your_password"
ansible-playbook power_control.yml -e "hmc_pass=$HMC_PASSWORD"Option 3: Ansible Vault
ansible-vault create group_vars/hmc/vault.yml
# Add: hmc_pass: "your_secure_password"ansible-playbook power_control.yml \
-i inventory/hosts.yml \
-e "power_state=on" \
-e "hmc_pass=YOUR_PASSWORD"ansible-playbook power_control.yml \
-i inventory/hosts.yml \
-e "power_state=off" \
-e "hmc_pass=YOUR_PASSWORD"ansible-playbook power_control.yml \
-i inventory/hosts.yml \
-l 10.32.104.241 \
-e "power_state=off" \
-e "hmc_pass=YOUR_PASSWORD"ansible-playbook power_control.yml \
-i inventory/hosts.yml \
-e '{"managed_systems_list": ["power91"]}' \
-e "power_state=off" \
-e "hmc_pass=YOUR_PASSWORD"Use lpar_control.yml to power on/off individual LPARs by name.
ansible-playbook lpar_control.yml \
-i inventory/hosts.yml \
-e "lpar_name=my_lpar" \
-e "power_state=on" \
-e "hmc_pass=YOUR_PASSWORD"ansible-playbook lpar_control.yml \
-i inventory/hosts.yml \
-e "lpar_name=my_lpar" \
-e "power_state=off" \
-e "hmc_pass=YOUR_PASSWORD"If you know which system the LPAR is on (faster):
ansible-playbook lpar_control.yml \
-i inventory/hosts.yml \
-e "lpar_name=my_lpar" \
-e "managed_system=power91" \
-e "power_state=on" \
-e "hmc_pass=YOUR_PASSWORD"If you don't specify managed_system, the playbook will search all systems defined in managed_systems_list to find the LPAR.
Use lpar_delete.yml to remove an LPAR (LPAR is shut down first).
ansible-playbook lpar_delete.yml -i inventory/hosts.yml \
-e "lpar_name=my_lpar" \
-e "managed_system=power91" \
-e "hmc_pass=YOUR_PASSWORD" \
-e "confirm_delete=yes"Without confirm_delete=yes the playbook exits with a reminder to set it.
Kickstart-Server einmalig einrichten oder neue RHEL-Version hinzufügen:
ansible-playbook setup_kickstart_server.yml -i inventory/hosts.yml \
-e "rhel_version=9.6" \
-e "iso_path=/path/to/rhel-9.6-ppc64le-dvd.iso"Legt ISO/Repo/TFTP-Struktur an (Mount, rsync, GRUB2, Kernel/Initrd), installiert den Standard-TFTP-Server (tftp-server) und httpd und konfiguriert Firewall sowie SELinux.
Um ausschließlich die generische grub.cfg für Power-Network-Boot neu zu installieren (z. B. nach Änderung an templates/grub_generic.cfg.j2), das Playbook mit dem Tag install_grub_generic ausführen:
ansible-playbook setup_kickstart_server.yml -i inventory/hosts.yml --tags install_grub_genericEs werden nur die Tasks mit diesem Tag ausgeführt; Voraussetzung ist, dass grub_generic: true gesetzt ist (Standard im Playbook).
Use upload_media.yml to upload ISO/DVD images to the HMC's VIOS repository. The HMC pulls the file via SFTP or NFS from a remote server.
The simplest approach is to use your control node as the SFTP server (SSH must be enabled):
ansible-playbook upload_media.yml \
-i inventory/hosts.yml \
-e "iso_file=/home/user/images/AIX_7.3_DVD1.iso" \
-e "sftp_server=192.168.1.100" \
-e "sftp_user=myuser" \
-e "sftp_password=mypassword" \
-e "hmc_pass=YOUR_PASSWORD"If you have an NFS server with the ISO:
ansible-playbook upload_media.yml \
-i inventory/hosts.yml \
-e "iso_file=/exports/images/AIX_7.3_DVD1.iso" \
-e "media_type=nfs" \
-e "nfs_server=192.168.1.50" \
-e "nfs_mount=/exports/images" \
-e "hmc_pass=YOUR_PASSWORD"By default, images are stored in uploaded_images directory. Override with:
-e "repository_dir=aix_images"- SSH/SFTP must be enabled on your control node
- The HMC must have network access to your control node
- Use your control node's IP address that the HMC can reach
Use lpar_create.yml to create a new Linux LPAR configured for RHEL installation from a DVD ISO on VIOS.
ansible-playbook lpar_create.yml \
-i inventory/hosts.yml \
-e "lpar_name=rhel-server01" \
-e "hmc_pass=YOUR_PASSWORD"ansible-playbook lpar_create.yml \
-i inventory/hosts.yml \
-e "lpar_name=rhel-server01" \
-e "lpar_cpu=4" \
-e "lpar_mem=8192" \
-e "lpar_disk=100" \
-e "hmc_pass=YOUR_PASSWORD"ansible-playbook lpar_create.yml \
-i inventory/hosts.yml \
-e "lpar_name=rhel-server01" \
-e "lpar_cpu=4" \
-e "lpar_cpu_min=2" \
-e "lpar_cpu_max=8" \
-e "lpar_mem=16384" \
-e "lpar_disk=200" \
-e "vios_name=vios1" \
-e "virtual_network=ETHERNET0" \
-e "hmc_pass=YOUR_PASSWORD"| Variable | Default | Description |
|---|---|---|
lpar_name |
(required) | Name of the new LPAR |
lpar_cpu |
2 |
Number of virtual processors |
lpar_cpu_min |
1 |
Minimum processors |
lpar_cpu_max |
4 |
Maximum processors |
lpar_mem |
4096 |
Memory in MB |
lpar_mem_min |
2048 |
Minimum memory in MB |
lpar_mem_max |
16384 |
Maximum memory in MB |
lpar_disk |
50 |
Disk size in GB |
vios_name |
(required) | VIOS partition name |
vios_volume_group |
(required) | Volume group on VIOS for LPAR disk |
virtual_network |
VLAN1-ETHERNET0 |
Virtual network name |
vlan_id |
1 |
VLAN ID (0 = untagged) |
After creating the LPAR, configure the virtual optical device on VIOS:
# On VIOS: Find the virtual host adapter
lsmap -all | grep <lpar_name>
# Create virtual optical device
mkvdev -fbo -vadapter vhostX
# Load the RHEL ISO
loadopt -vtd vtoptX -disk /path/to/rhel-dvd.iso
# Verify
lsmap -vadapter vhostXThen power on the LPAR and boot from the virtual optical device.
| Variable | Default | Description |
|---|---|---|
power_state |
on |
Desired power state: on or off |
managed_systems_list |
(from inventory) | List of managed system names per HMC |
hmc_user |
hscroot |
HMC username |
hmc_pass |
(empty) | HMC password (required) |
Use inventory/lpars.power_hmc.yml to automatically discover all LPARs from the HMC.
# Set credentials
export HMC_USER=admin
export HMC_PASS=your_passwordansible-inventory -i inventory/lpars.power_hmc.yml --list --yamlansible-playbook your_playbook.yml -i inventory/lpars.power_hmc.ymlThe dynamic inventory automatically creates these groups:
| Group | Description |
|---|---|
aix_lpars |
All AIX partitions |
vios_lpars |
All VIOS partitions |
linux_lpars |
All Linux partitions |
ibmi_lpars |
All IBM i partitions |
running_lpars |
Partitions in running state |
not_activated |
Partitions not activated |
system_<name> |
LPARs grouped by managed system (e.g., system_power91) |
LPARs must have one of the following to appear in the inventory:
- RMC IP address configured (check with
lsrsrc IBM.MCPon the LPAR) - DNS-resolvable hostname matching the LPAR name
To enable RMC on AIX/Linux LPARs:
/usr/sbin/rsct/bin/rmcctrl -A
/usr/sbin/rsct/install/bin/recfgctOr add LPAR names to /etc/hosts on your control node.
power-playbooks/
├── power_control.yml # Managed Systems ein/aus
├── lpar_control.yml # Einzelne LPAR ein/aus
├── lpar_delete.yml # LPAR löschen (mit Bestätigung: -e confirm_delete=yes)
├── lpar_create.yml # LPAR anlegen + VIOS-LV (hmc_create_lpar_lv_api)
├── lpar_create_old.yml # LPAR anlegen + Rolle create_lpar_lv
├── lpar_netinstall.yml # LPAR für Netboot: Kea-DHCP, GRUB, Kickstart, lpar_netboot
├── add_lv_to_lpar.yml # Nur LV auf VIOS anlegen und an LPAR mappen (Rolle create_lpar_lv)
├── setup_kickstart_server.yml # Kickstart-Server: RHEL-ISO, Repo, TFTP (tftp-server), httpd
├── upload_media.yml # ISO in HMC/VIOS-Repository hochladen
├── download_rhel_media.yml # RHEL-DVD-ISO von Red Hat API herunterladen
├── lpar_info.yml # LPAR-Infos vom HMC abfragen
├── inventory/
│ ├── hosts.yml
│ ├── group_vars/
│ └── lpars.power_hmc.yml
├── roles/
│ └── create_lpar_lv/ # LV auf VIOS anlegen und mappen
├── library/ # Lokale Module (hmc_create_lpar_lv, hmc_create_lpar_lv_api)
├── templates/ # Für setup_kickstart_server, lpar_netinstall
├── requirements.yml
└── README.md
Die Dateien my_lpar_cfg.yml und lpar_config.yml sind in .gitignore eingetragen und werden nicht ins Repository oder auf den Server übernommen. Für Passwörter und lokale LPAR-Variablen verwenden (z. B. -e @my_lpar_cfg.yml); sensible Werte mit Ansible Vault schützen.
The playbook automatically disables SSL verification for self-signed certificates via environment variables.
Install sshpass:
- macOS:
brew install hudochenkov/sshpass/sshpass - Ubuntu/Debian:
apt-get install sshpass - RHEL/CentOS:
yum install sshpass
This error occurs when trying to power off a system with running LPARs. Use lpar_control.yml to shut down individual LPARs first.