Add initial Ansible for nodepool hosts

This is a start at ansible-deployed nodepool environments. We rename the minimal-nodepool element to nodepool-base-legacy, and keep running that for the old nodes. The groups are updated so that only the .openstack.org hosts will run puppet. Essentially they should remain unchanged. We start a nodepool-base element that will replace the current puppet-<openstackci|nodepool> deployment parts. For step one, this grabs project-config and links in the elements and config file. A testing host is added for gate testing which should trigger these roles. This will build into a full deployment test of the builder container. Change-Id: If0eb9f02763535bf200062c51a8a0f8793b1e1aa Depends-On: https://review.opendev.org/#/c/710700/
2020-03-03 10:48:34 +11:00 · 2020-03-03 10:48:34 +11:00 · 281425a44d
commit 281425a44d
parent ac11734cf9
9 changed files with 85 additions and 10 deletions
--- a/.zuul.yaml
+++ b/.zuul.yaml
@ -837,6 +837,8 @@
          label: ubuntu-xenial
        - name: nb01.openstack.org
          label: ubuntu-xenial
        - name: nb01-test.opendev.org
          label: ubuntu-bionic
    vars:
      run_playbooks:
        - playbooks/service-nodepool.yaml
--- a/inventory/groups.yaml
+++ b/inventory/groups.yaml
@ -92,9 +92,13 @@ groups:
    - nb[0-9]*.open*.org
    - nl[0-9]*.open*.org
  nodepool-builder:
-    - nb[0-9]*.open*.org
+    - nb[0-9]*.openstack.org
  nodepool-builder_opendev:
    - nb[0-9]*.opendev.org
  nodepool-launcher:
-    - nl[0-9]*.open*.org
+    - nl[0-9]*.openstack.org
  nodepool-launcher_opendev:
    - nl[0-8]*.opendev.org
  ns:
    - ns[0-9]*.open*.org
  openstackid-dev:
@ -131,8 +135,8 @@ groups:
    - logstash[0-9]*.open*.org
    - mirror-update[0-9]*.openstack.org
    - mirror[0-9]*.openstack.org
-    - nb[0-9]*.open*.org
+    - nb[0-9]*.openstack.org
-    - nl[0-9]*.open*.org
+    - nl[0-9]*.openstack.org
    - openstackid-dev*.openstack.org
    - openstackid.org
    - openstackid[0-9]*.openstack.org
@ -180,7 +184,7 @@ groups:
    - logstash[0-9]*.open*.org
    - mirror-update[0-9]*.openstack.org
    - ^mirror[0-9].*\..*\.(?!linaro|linaro-london|linaro-us).*\.openstack\.org
-    - ^nb(?!03)[0-9]*\.open.*\.org
+    - ^nb(?!03)[0-9]*\.openstack\.org
    - nl[0-9]*.open*.org
    - openstackid[0-9]*.openstack.org
    - openstackid-dev[0-9]*.openstack.org
--- a/playbooks/group_vars/nodepool-builder_opendev.yaml
+++ b/playbooks/group_vars/nodepool-builder_opendev.yaml
@ -0,0 +1,4 @@
 openstacksdk_config_dir: /home/nodepool/.config/openstack
 openstacksdk_config_owner: nodepool
 openstacksdk_config_group: nodepool
 openstacksdk_config_template: clouds/nodepool_clouds.yaml.j2
--- a/playbooks/group_vars/nodepool-launcher_opendev.yaml
+++ b/playbooks/group_vars/nodepool-launcher_opendev.yaml
@ -0,0 +1,4 @@
 openstacksdk_config_dir: /home/nodepool/.config/openstack
 openstacksdk_config_owner: nodepool
 openstacksdk_config_group: nodepool
 openstacksdk_config_template: clouds/nodepool_clouds.yaml.j2
--- a/playbooks/roles/nodepool-base-legacy/README.rst
+++ b/playbooks/roles/nodepool-base-legacy/README.rst
@ -1,9 +1,8 @@
 Minimal nodepool requirements for mixed puppet/ansible deployment.
 Create minimal nodepool requirements so that we can manage nodepool servers
 with ansible and puppet while we transition.
 NOTE: THis likely isn't what we want long term. Should have a proper nodepool
 role or use windmill.
 **Role Variables**
 * None
--- a/playbooks/roles/nodepool-base-legacy/tasks/main.yaml
+++ b/playbooks/roles/nodepool-base-legacy/tasks/main.yaml
--- a/playbooks/roles/nodepool-base/README.rst
+++ b/playbooks/roles/nodepool-base/README.rst
@ -0,0 +1,3 @@
 nodepool base setup
 **Role Variables**
--- a/playbooks/roles/nodepool-base/tasks/main.yaml
+++ b/playbooks/roles/nodepool-base/tasks/main.yaml
@ -0,0 +1,48 @@
 - name: Add the nodepool group
  group:
    name: nodepool
    state: present
 - name: Add the nodepool user
  user:
    name: nodepool
    group: nodepool
    home: /home/nodepool
    create_home: yes
    shell: /bin/bash
 # NOTE(ianw) : A note on testing; we have some configurations for
 # system-config-run-nodepool test hosts committed to project-config.
 # Since this is a protected repo we can't speculatively test, which is
 # why we're just cloning from opendev.org master and not a local
 # checkout here.  We don't expect the configs to change so this is OK.
 - name: Clone the project-config repo for configs
  git:
    repo: 'https://opendev.org/openstack/project-config'
    dest: /opt/project-config
    force: yes
 - name: Create nodepool config dir
  file:
    name: /etc/nodepool
    state: directory
    owner: nodepool
    group: nodepool
    mode: 0755
 - name: Look for a host specific config file
  stat:
    path: /opt/project-config/nodepool/{{ inventory_hostname }}.yaml
  register: host_config_file
 - name: Set config file symlink
  file:
    state: link
    src: '{{ host_config_file.stat.exists | ternary(host_config_file.stat.path, "/opt/project-config/nodepool/nodepool.yaml") }}'
    dest: /etc/nodepool/nodepool.yaml
 - name: Symlink in elements from project-config repo
  file:
    state: link
    src: /opt/project-config/nodepool/elements
    dest: /etc/nodepool/elements
--- a/playbooks/service-nodepool.yaml
+++ b/playbooks/service-nodepool.yaml
@ -1,7 +1,18 @@
 - hosts: nodepool-launcher:nodepool-builder:!disabled
-  name: "Base: configure OpenStackSDK on nodepool"
+  name: "Base: configure OpenStackSDK on nodepool legacy hosts"
  strategy: free
  roles:
-    - minimal-nodepool
+    - nodepool-base-legacy
    - configure-openstacksdk
    - configure-kubectl
 - hosts: nodepool-builder_opendev:!disabled
  name: "Configure nodepool builders"
  strategy: free
  roles:
    - nodepool-base
    - configure-openstacksdk
 # TODO(ianw) 2020-03-03 : watch this space...
 #- hosts: nodepool-launcher_opendev:!disabled
 #  name: "Configure nodepool launchers"