Refactors the --stack-only, --setup-only, --config-download-only, to work
with ephemeral-heat. The arguments now do the expected behavior and work
with how they previously worked prior to ephemeral heat.
--stack-only: create the stack, download the config. no overcloud node
changes
--setup-only: ssh admin authorization setup.
--config-download-only: run config-download playbook(s) to configure the
overcloud.
Signed-off-by: James Slagle <jslagle@redhat.com>
Depends-On: Ie47abe2d7c5d7891aceb88d9008d45d7922dea15
Change-Id: Ia765c2c2ea548a1dcd20f592eda8741f40a1cf16
With ephemeral-heat, we need to save the needed stack outputs in the
working_dir so that the values can be used when needed if the stack is
no longer around.
With the outputs saved, the stack object no longer needs to be passed to
workflows.deployment.config_download and
workflows.deployment.get_hosts_and_enable_ssh_admin, only the stack name
and output values are needed.
Signed-off-by: James Slagle <jslagle@redhat.com>
Change-Id: I3cc61bfee94227045909a4b0ccf84a8d595b2cea
Updates the cli-enable-ssh-admin.yaml and cli-grant-local-access.yaml
ansible playbook executions to use the consistent working directory
instead of a temporary directory. Adds reproduce_command=True to the
calls to utils.run_ansible_playbook so that the workflows can be re-run
out of the deployment for reproducability.
Change-Id: Id4880be3a0d936e67bfc77ed28145eb1b9de162e
Signed-off-by: James Slagle <jslagle@redhat.com>
Change I5fc78158bbff468576eaddf1924e67a6666213e3 switched the symlink
source/target of the config-download dir for the consistent working dir
from new->old instead of old->new.
We want the old location at ~/config-download/<stack> to be a symlink to
the new location, and store the actual files in the new location. The
symlink is for backwards compatibility. A migration is added for any
files at the old location to the new location, if the new location does
not yet exist.
This patch also changes the default working dir to be a directory under
~/overcloud-deploy for the stack name instead of
~/overcloud-deploy-<stack>. Given multi-stack and multi-overcloud
support, defaulting to using a single directory is a more
straight forward approach and easier to collect.
Change-Id: I189bd751066cfaebd951d92d8371250aac5b4e9b
Signed-off-by: James Slagle <jslagle@redhat.com>
We changed all client workflows other than derived params
to not use mistral and zaqar. However, the unit tests still
mock lot of these. Let's remove those.
Change-Id: Ieddd97e73b1bd0f88b1fed17ac2575b3e2964e5f
I493ec949e09a1a1a1745f4bf161bc6d3dc185e1e removed
tripleo_common.actions.config so these no longer should be mocked. This
causes build failures in dlrn.
If5053530eeadd277db091d60bc9095aa7f05d67f removed
AnsibleGenerateInventoryAction so we don't need to mock it.
Closes-Bug: #1884138
Change-Id: I9558f70d333b340bbd81065f014fc207f5ac6563
This change removes all of mistral from the config_download_deploy function
by calling the required functions directly.
- All of the inputs within this function have been cleaned up and documented.
- New log entires will be created when using this method giving the deployer
a better overall user experience.
- To ensure we're able to support the ability to reproduce commands, the ssh
args extravar has been moved to an environment variable.
- The methods get_config and get_key have been moved to the utils module.
This was done to help avoid circular imports.
Update methods have been changed to execute without running within a mistral
workflow. This was changed because there's no need to support the multiple
code paths anymore given config_download is now running directly.
Test classes have been updated to reduce duplication.
With the new streamlined execution process we should see improved deployment
times and better visability into the deployment process.
Task: 38422
Story: 2007212
Depends-On: I006291a2465aa4c950abce76f9e5f9459b76e330
Change-Id: Ide1a4503dd2bdd2d5e494cd1eac483b842a21acf
Co-authored-by: Luke Short <ekultails@gmail.com>
Co-authored-by: Dougal Matthews <dougal@dougalmatthews.com>
Signed-off-by: Kevin Carter <kecarter@redhat.com>
This change converts the deployment process to use the new enable ssh admin
playbook instead of the shell commands and a mistral workflow.
Tests have been updated to reflect the use of the new methods.
Story: 2007212
Task: 38427
Depends-On: https://review.opendev.org/#/c/706196/
Depends-On: I5ab7f4d9dc39a74714c9bcfa39fa50cc586e8e08
Change-Id: I5c744e116f00e81f92c014fc1f599ad3db11ada2
Signed-off-by: Kevin Carter <kecarter@redhat.com>
This change replaces all of the ansible shell commands with the
python library, ansible-runner. This library is supported by
upstream ansible, is approved by the openstack foundation, is
supported in global requirements, and provides a better, more
programatic interface into running ansible playbooks.
All tests that interacted with the old shell commands have been
updated to now test using the library.
Change-Id: I8db50da826e2fbc074f4e7986d6fd00f6d488648
Signed-off-by: Kevin Carter <kecarter@redhat.com>
This patch adds handling and checking of any instances of the workflow
tripleo.deployment.v1.config_download_deploy already in progress for the
current stack. It will prevent duplicate instances of the same workflow
being started and running at the same time.
It will allow for multiple instances of the workflow running at the same
time as long as they are for different stacks.
Change-Id: Ic8dbf28b5796ff998165b6b73b941f21c65f1dfa
Closes-Bug: #1852314
ssh-keygen has private key which shouldn't be visible in output. This
patch change the behaviour to print only exit code on failure. Also this
patch closes file descriptor once key is read.
Change-Id: I5a286cca6e48b0abc9cec3f15b2648977ae838c2
Related-Bug: rhbz#1734356
These resources were previously not properly closed when leading to
ResourceWarnings being printed to the end user.
Change-Id: I27e3f209f948b4c7c04e7994fc4dc7489f28f720
Related-Bug: #1837393
The server blacklist also needs to be honored when getting the list
of hosts that we use to check for the ssh port being available, and
injecting the temporary ssh key.
Change-Id: I7ea9201f39af17bb43b7a1b8a9d8d1064e365c14
Closes-Bug: #1797572
Pass the stack/plan name to the enable_ssh_admin workflow, otherwise,
only the default 'overcloud' name works.
Depends-On: Ie5dbe86232c3b6a85665a9eec08ace8ba9415ea1
Change-Id: I76531c5fb36135cfd733ddb6980bf43d0295db30
Closes-Bug: #1795417
In some cases, we may not want to always assume the ctlplane as the
network to use for both ssh access to the overcloud nodes, and for
generating the ansible inventory. This patches adds a new cli argument,
--overcloud-ssh-network that can be used to set the network name to be
used. Defaults to ctlplane.
Depends-On: I1e3f9a5142bff5e4f77e5e40df164089d9144652
Change-Id: I767984623c7d2402b10bae3d30b695783166f6bf
Instead of using the script from the templates, use python for the
enable-ssh-admin logic. This will allow for more properly handling
failures.
This also fixes a race condition where sshd has not already started on
some of the nodes before we try and connect via ssh. A timeout is added
where we wait for the port to come up. If the timeout has passed and the
port is still not up, then an exception is raised.
Change-Id: I3431d2ec724a880baf0de8f586490d145bedf870
Closes-Bug: #1769230
James Slagle
Rabi Mishra
Alex Schultz
Kevin Carter
Sergii Golovatiuk