# Copyright 2015 Red Hat, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # from __future__ import print_function import argparse from collections import OrderedDict import json import logging import os import os.path from prettytable import PrettyTable from pwd import getpwuid import re import shutil import six import subprocess import tempfile import time import yaml from heatclient.common import template_utils from osc_lib import exceptions as oscexc from osc_lib.i18n import _ from swiftclient.exceptions import ClientException from tripleo_common import update from tripleoclient import command from tripleoclient import constants from tripleoclient import exceptions from tripleoclient import utils from tripleoclient.workflows import baremetal from tripleoclient.workflows import deployment from tripleoclient.workflows import parameters as workflow_params from tripleoclient.workflows import plan_management class DeployOvercloud(command.Command): """Deploy Overcloud""" log = logging.getLogger(__name__ + ".DeployOvercloud") # This may be switched on by default in the future, but for now # we'll want this behavior only in `overcloud update stack` and # `overcloud upgrade stack`, as enabling it here by default might # mean e.g. it might mean never deleting files under user-files/ # directory in the plan. _keep_env_on_update = False def _setup_clients(self, parsed_args): self.clients = self.app.client_manager self.object_client = self.clients.tripleoclient.object_store self.workflow_client = self.clients.workflow_engine self.orchestration_client = self.clients.orchestration if not parsed_args.deployed_server: self.compute_client = self.clients.compute self.baremetal_client = self.clients.baremetal def _update_parameters(self, args, stack): parameters = {} stack_is_new = stack is None # *Identifier will be update to timestamp value during the deploy # workflow, but till then for all heat stack validations, we need # and entry for starting the deploy action. if stack_is_new or args.skip_deploy_identifier: parameters['DeployIdentifier'] = '' else: parameters[ 'DeployIdentifier'] = stack.parameters['DeployIdentifier'] parameters['UpdateIdentifier'] = '' parameters['StackAction'] = 'CREATE' if stack_is_new else 'UPDATE' # Update parameters from answers file: if args.answers_file is not None: with open(args.answers_file, 'r') as answers_file: answers = yaml.safe_load(answers_file) if args.templates is None: args.templates = answers['templates'] if 'environments' in answers: if args.environment_files is not None: answers['environments'].extend(args.environment_files) args.environment_files = answers['environments'] param_args = ( ('NtpServer', 'ntp_server'), ) if stack_is_new: new_stack_args = ( ('NovaComputeLibvirtType', 'libvirt_type'), ) param_args = param_args + new_stack_args else: globalcfg = utils.get_stack_output_item(stack, 'GlobalConfig') # verif if tls was enabled in previous deploy run if globalcfg and 'use_tls_for_nbd' in globalcfg: nbd_tls = globalcfg['use_tls_for_nbd'] self.log.debug("use_tls_for_nbd=%s" % nbd_tls) parameters['UseTLSTransportForNbd'] = nbd_tls else: # in case of an update use_tls_for_nbd global config key # won't exist, check the nbd_tls hiera key from the roledata. roledata = utils.get_stack_output_item(stack, 'RoleData') if roledata: nbd_tls_key = 'nova::compute::libvirt::qemu::nbd_tls' for key in roledata: if not roledata[key]: # Probably an incomplete stack, ignore it. continue config_settings = roledata[key].get('config_settings') if config_settings: nbd_tls = config_settings.get(nbd_tls_key) if nbd_tls: self.log.debug("use_tls_for_nbd=%s" % nbd_tls) parameters['UseTLSTransportForNbd'] = nbd_tls break else: parameters['UseTLSTransportForNbd'] = False # Update parameters from commandline for param, arg in param_args: if getattr(args, arg, None) is not None: parameters[param] = getattr(args, arg) parameters[ 'UndercloudHostsEntries'] = [self._get_undercloud_host_entry()] return parameters def _cleanup_host_entry(self, entry): # remove any tab or space excess entry_stripped = re.sub('[ \t]+', ' ', str(entry).rstrip()) # removes any duplicate identical lines unique_lines = list(set(entry_stripped.splitlines())) ret = '' for line in unique_lines: # remove any duplicate word hosts_unique = (' '.join( OrderedDict((w, w) for w in line.split()).keys())) if hosts_unique != '': ret += hosts_unique + '\n' return ret.rstrip('\n') def _get_undercloud_host_entry(self): """Get hosts entry for undercloud ctlplane network The host entry will be added on overcloud nodes """ ctlplane_hostname = '.'.join([utils.get_short_hostname(), 'ctlplane']) cmd = ['getent', 'hosts', ctlplane_hostname] process = subprocess.Popen(cmd, stdout=subprocess.PIPE, universal_newlines=True) out, err = process.communicate() if process.returncode != 0: raise exceptions.DeploymentError('No entry for %s in /etc/hosts' % ctlplane_hostname) return self._cleanup_host_entry(out) def _create_breakpoint_cleanup_env(self, tht_root, container_name): bp_env = {} update.add_breakpoints_cleanup_into_env(bp_env) env_path, swift_path = self._write_user_environment( bp_env, 'tripleoclient-breakpoint-cleanup.yaml', tht_root, container_name) return bp_env def _create_parameters_env(self, parameters, tht_root, container_name): parameter_defaults = {"parameter_defaults": parameters} env_path, swift_path = self._write_user_environment( parameter_defaults, 'tripleoclient-parameters.yaml', tht_root, container_name) return parameter_defaults def _check_limit_skiplist_warning(self, env): if env.get('parameter_defaults').get('DeploymentServerBlacklist'): msg = _('[WARNING] DeploymentServerBlacklist is defined and will ' 'be ignored because --limit has been specified.') self.log.warning(msg) def _write_user_environment(self, env_map, abs_env_path, tht_root, container_name): # We write the env_map to the local /tmp tht_root and also # to the swift plan container. contents = yaml.safe_dump(env_map, default_flow_style=False) env_dirname = os.path.dirname(abs_env_path) user_env_dir = os.path.join( tht_root, 'user-environments', env_dirname[1:]) user_env_path = os.path.join( user_env_dir, os.path.basename(abs_env_path)) self.log.debug("user_env_path=%s" % user_env_path) if not os.path.exists(user_env_dir): os.makedirs(user_env_dir) with open(user_env_path, 'w') as f: self.log.debug("Writing user environment %s" % user_env_path) f.write(contents) # Upload to swift if abs_env_path.startswith("/"): swift_path = "user-environments/{}".format(abs_env_path[1:]) else: swift_path = "user-environments/{}".format(abs_env_path) contents = yaml.safe_dump(env_map, default_flow_style=False) self.log.debug("Uploading %s to swift at %s" % (abs_env_path, swift_path)) self.object_client.put_object(container_name, swift_path, contents) return user_env_path, swift_path def _heat_deploy(self, stack, stack_name, template_path, parameters, env_files, timeout, tht_root, env, update_plan_only, run_validations, skip_deploy_identifier, plan_env_file, deployment_options=None): """Verify the Baremetal nodes are available and do a stack update""" if stack: self.log.debug( "Checking compatibilities of neutron drivers for {0}".format( stack_name)) msg = update.check_neutron_mechanism_drivers( env, stack, self.object_client, stack_name) if msg: raise oscexc.CommandError(msg) self.log.debug("Getting template contents from plan %s" % stack_name) # We need to reference the plan here, not the local # tht root, as we need template_object to refer to # the rendered overcloud.yaml, not the tht_root overcloud.j2.yaml # FIXME(shardy) we need to move more of this into mistral actions plan_yaml_path = os.path.relpath(template_path, tht_root) # heatclient template_utils needs a function that can # retrieve objects from a container by name/path def do_object_request(method='GET', object_path=None): obj = self.object_client.get_object(stack_name, object_path) return obj and obj[1] template_files, template = template_utils.get_template_contents( template_object=plan_yaml_path, object_request=do_object_request) files = dict(list(template_files.items()) + list(env_files.items())) moved_files = self._upload_missing_files( stack_name, files, tht_root) self._process_and_upload_environment( stack_name, env, moved_files, tht_root) # Invokes the workflows specified in plan environment file if plan_env_file: workflow_params.invoke_plan_env_workflows(self.clients, stack_name, plan_env_file) workflow_params.check_deprecated_parameters(self.clients, stack_name) if not update_plan_only: print("Deploying templates in the directory {0}".format( os.path.abspath(tht_root))) deployment.deploy_and_wait( self.log, self.clients, stack, stack_name, self.app_args.verbose_level, timeout=timeout, run_validations=run_validations, skip_deploy_identifier=skip_deploy_identifier, deployment_options=deployment_options) def _process_and_upload_environment(self, container_name, env, moved_files, tht_root): """Process the environment and upload to Swift The environment at this point should be the result of the merged custom user environments. We need to look at the paths in the environment and update any that changed when they were uploaded to swift. """ file_prefix = "file://" if env.get('resource_registry'): for name, path in env['resource_registry'].items(): if not isinstance(path, six.string_types): continue if path in moved_files: new_path = moved_files[path] env['resource_registry'][name] = new_path elif path.startswith(file_prefix): path = path[len(file_prefix):] if path.startswith(tht_root): path = path[len(tht_root):] # We want to make sure all the paths are relative. if path.startswith("/"): path = path[1:] env['resource_registry'][name] = path # Parameters are removed from the environment params = env.pop('parameter_defaults', None) contents = yaml.safe_dump(env, default_flow_style=False) # Until we have a well defined plan update workflow in tripleo-common # we need to manually add an environment in swift and for users # custom environments passed to the deploy command. # See bug: https://bugs.launchpad.net/tripleo/+bug/1623431 # Update plan env. swift_path = "user-environment.yaml" self.object_client.put_object(container_name, swift_path, contents) env = yaml.safe_load(self.object_client.get_object( container_name, constants.PLAN_ENVIRONMENT)[1]) user_env = {'path': swift_path} if user_env not in env['environments']: env['environments'].append(user_env) yaml_string = yaml.safe_dump(env, default_flow_style=False) self.object_client.put_object( container_name, constants.PLAN_ENVIRONMENT, yaml_string) # Parameters are sent to the update parameters action, this stores them # in the plan environment and means the UI can find them. if params: workflow_params.update_parameters( self.workflow_client, container=container_name, parameters=params) def _upload_missing_files(self, container_name, files_dict, tht_root): """Find the files referenced in custom environments and upload them Heat environments can be passed to be included in the deployment, these files can include references to other files anywhere on the local file system. These need to be discovered and uploaded to Swift. When they have been uploaded to Swift the path to them will be different, the new paths are store din the file_relocation dict, which is returned and used by _process_and_upload_environment which will merge the environment and update paths to the relative Swift path. """ file_relocation = {} file_prefix = "file://" # select files files for relocation & upload for fullpath in files_dict.keys(): if not fullpath.startswith(file_prefix): continue path = fullpath[len(file_prefix):] if path.startswith(tht_root): # This should already be uploaded. continue file_relocation[fullpath] = "user-files/{}".format( os.path.normpath(path[1:])) # make sure links within files point to new locations, and upload them for orig_path, reloc_path in file_relocation.items(): link_replacement = utils.relative_link_replacement( file_relocation, os.path.dirname(reloc_path)) contents = utils.replace_links_in_template_contents( files_dict[orig_path], link_replacement) self.object_client.put_object(container_name, reloc_path, contents) return file_relocation def _download_missing_files_from_plan(self, tht_dir, plan_name): # get and download missing files into tmp directory plan_list = self.object_client.get_container(plan_name) plan_filenames = [f['name'] for f in plan_list[1]] for pf in plan_filenames: file_path = os.path.join(tht_dir, pf) if not os.path.isfile(file_path): self.log.debug("Missing in templates directory, downloading \ %s from swift into %s" % (pf, file_path)) if not os.path.exists(os.path.dirname(file_path)): os.makedirs(os.path.dirname(file_path)) # open in binary as the swiftclient get/put error under # python3 if opened as Text I/O with open(file_path, 'wb') as f: f.write(self.object_client.get_object(plan_name, pf)[1]) def _deploy_tripleo_heat_templates_tmpdir(self, stack, parsed_args): # copy tht_root to temporary directory because we need to # download any missing (e.g j2 rendered) files from the plan tht_root = os.path.abspath(parsed_args.templates) tht_tmp = tempfile.mkdtemp(prefix='tripleoclient-') new_tht_root = "%s/tripleo-heat-templates" % tht_tmp self.log.debug("Creating temporary templates tree in %s" % new_tht_root) try: shutil.copytree(tht_root, new_tht_root, symlinks=True) self._deploy_tripleo_heat_templates(stack, parsed_args, new_tht_root, tht_root) finally: if parsed_args.no_cleanup: self.log.warning("Not cleaning temporary directory %s" % tht_tmp) else: shutil.rmtree(tht_tmp) def _deploy_tripleo_heat_templates(self, stack, parsed_args, tht_root, user_tht_root): """Deploy the fixed templates in TripleO Heat Templates""" plans = plan_management.list_deployment_plans(self.clients) generate_passwords = not parsed_args.disable_password_generation # TODO(d0ugal): We need to put a more robust strategy in place here to # handle updating plans. if parsed_args.stack in plans: # Upload the new plan templates to swift to replace the existing # templates. plan_management.update_plan_from_templates( self.clients, parsed_args.stack, tht_root, parsed_args.roles_file, generate_passwords, parsed_args.plan_environment_file, parsed_args.networks_file, type(self)._keep_env_on_update, validate_stack=False) else: plan_management.create_plan_from_templates( self.clients, parsed_args.stack, tht_root, parsed_args.roles_file, generate_passwords, parsed_args.plan_environment_file, parsed_args.networks_file, validate_stack=False) # Get any missing (e.g j2 rendered) files from the plan to tht_root self._download_missing_files_from_plan( tht_root, parsed_args.stack) print("Processing templates in the directory {0}".format( os.path.abspath(tht_root))) self.log.debug("Creating Environment files") env = {} created_env_files = [] created_env_files.extend( self._provision_baremetal(parsed_args, tht_root)) if parsed_args.environment_directories: created_env_files.extend(utils.load_environment_directories( parsed_args.environment_directories)) parameters = {} if stack: try: # If user environment already exist then keep it user_env = yaml.safe_load(self.object_client.get_object( parsed_args.stack, constants.USER_ENVIRONMENT)[1]) template_utils.deep_update(env, user_env) except ClientException: pass parameters.update(self._update_parameters(parsed_args, stack)) template_utils.deep_update(env, self._create_parameters_env( parameters, tht_root, parsed_args.stack)) if parsed_args.environment_files: created_env_files.extend(parsed_args.environment_files) deployment_options = {} if parsed_args.deployment_python_interpreter: deployment_options['ansible_python_interpreter'] = \ parsed_args.deployment_python_interpreter self.log.debug("Processing environment files %s" % created_env_files) env_files, localenv = utils.process_multiple_environments( created_env_files, tht_root, user_tht_root, cleanup=(not parsed_args.no_cleanup)) template_utils.deep_update(env, localenv) if parsed_args.limit: # check if skip list is defined while using --limit and throw a # warning if necessary self._check_limit_skiplist_warning(env) if stack: if not parsed_args.disable_validations: # note(aschultz): network validation goes here before we deploy utils.check_stack_network_matches_env_files(stack, env) ceph_deployed = env.get('resource_registry', {}).get( 'OS::TripleO::Services::CephMon', 'OS::Heat::None') ceph_external = env.get('resource_registry', {}).get( 'OS::TripleO::Services::CephExternal', 'OS::Heat::None') # note (fpantano) if ceph is not TripleO deployed and no # external ceph cluster are present, there's no reason to # make this check and we can simply ignore it if (ceph_deployed != "OS::Heat::None" or ceph_external != "OS::Heat::None"): utils.check_ceph_fsid_matches_env_files(stack, env) bp_cleanup = self._create_breakpoint_cleanup_env( tht_root, parsed_args.stack) template_utils.deep_update(env, bp_cleanup) # FIXME(shardy) It'd be better to validate this via mistral # e.g part of the plan create/update workflow number_controllers = int(parameters.get('ControllerCount', 0)) if number_controllers > 1: if not env.get('parameter_defaults').get('NtpServer'): raise exceptions.InvalidConfiguration( 'Specify --ntp-server as parameter or NtpServer in ' 'environments when using multiple controllers ' '(with HA).') self._try_overcloud_deploy_with_compat_yaml( tht_root, stack, parsed_args.stack, parameters, env_files, parsed_args.timeout, env, parsed_args.update_plan_only, parsed_args.run_validations, parsed_args.skip_deploy_identifier, parsed_args.plan_environment_file, deployment_options=deployment_options) self._unprovision_baremetal(parsed_args) def _try_overcloud_deploy_with_compat_yaml(self, tht_root, stack, stack_name, parameters, env_files, timeout, env, update_plan_only, run_validations, skip_deploy_identifier, plan_env_file, deployment_options=None): overcloud_yaml = os.path.join(tht_root, constants.OVERCLOUD_YAML_NAME) try: self._heat_deploy(stack, stack_name, overcloud_yaml, parameters, env_files, timeout, tht_root, env, update_plan_only, run_validations, skip_deploy_identifier, plan_env_file, deployment_options=deployment_options) except ClientException as e: messages = 'Failed to deploy: %s' % str(e) raise ValueError(messages) def _format_endpoint_name(self, service, interface): return re.sub('v[0-9]+', '', service.capitalize() + interface.capitalize()) def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) # NOTE(jaosorior): The overcloud endpoint can contain an IP address or # an FQDN depending on how what it's configured to output in the # tripleo-heat-templates. Such a configuration can be done by # overriding the EndpointMap through parameter_defaults. overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname keystone_admin_ip = utils.get_endpoint('KeystoneAdmin', stack) no_proxy = os.environ.get('no_proxy', overcloud_ip_or_fqdn) no_proxy_list = map(utils.bracket_ipv6, [no_proxy, overcloud_ip_or_fqdn, keystone_admin_ip]) os.environ['no_proxy'] = ','.join( [x for x in no_proxy_list if x is not None]) utils.remove_known_hosts(overcloud_ip_or_fqdn) def _validate_args(self, parsed_args): # TODO(bcrochet): This should be removed after Rocky or 'S'. if any(map(lambda x: getattr(parsed_args, x) is not None, [ 'control_scale', 'compute_scale', 'ceph_storage_scale', 'block_storage_scale', 'swift_storage_scale', 'control_flavor', 'compute_flavor', 'ceph_storage_flavor', 'block_storage_flavor', 'swift_storage_flavor' ])): raise oscexc.CommandError( "A scale or flavor argument was passed to the command line. " "These arguments are no longer valid. They MUST be replaced " "with an environment file that contains a valid " "parameter_default. Failure to do so may cause possible data " "loss or a decommisioning of nodes.") if parsed_args.templates is None and parsed_args.answers_file is None: raise oscexc.CommandError( "You must specify either --templates or --answers-file") if parsed_args.environment_files: nonexisting_envs = [] jinja2_envs = [] for env_file in parsed_args.environment_files: if env_file.endswith(".j2.yaml"): jinja2_envs.append(env_file) elif not os.path.isfile(env_file): # Tolerate missing file if there's a j2.yaml file that will # be rendered in the plan but not available locally (yet) if not os.path.isfile(env_file.replace(".yaml", ".j2.yaml")): nonexisting_envs.append(env_file) # Check networks_file existence if parsed_args.networks_file: if not os.path.isfile(parsed_args.networks_file): nonexisting_envs.append(parsed_args.networks_file) # check plan_environment_file existence if parsed_args.plan_environment_file: if not os.path.isfile(parsed_args.plan_environment_file): nonexisting_envs.append(parsed_args.plan_environment_file) # check answers_file existence if parsed_args.answers_file: if not os.path.isfile(parsed_args.answers_file): nonexisting_envs.append(parsed_args.answers_file) if jinja2_envs: rewritten_paths = [e.replace(".j2.yaml", ".yaml") for e in jinja2_envs] raise oscexc.CommandError( "Error: The following jinja2 files were provided: -e " "{}. Did you mean -e {}?".format( ' -e '.join(jinja2_envs), ' -e '.join(rewritten_paths))) if nonexisting_envs: raise oscexc.CommandError( "Error: The following files were not found: {0}".format( ", ".join(nonexisting_envs))) if (parsed_args.baremetal_deployment and not parsed_args.deployed_server): raise oscexc.CommandError( "Error: --deployed-server must be used when using " "--baremetal-deployment") if parsed_args.deployed_server and (parsed_args.run_validations or not parsed_args.disable_validations): raise oscexc.CommandError( "Error: The --deployed-server cannot be used without " "the --disable-validations") if parsed_args.environment_directories: self._validate_args_environment_directory( parsed_args.environment_directories) def _validate_args_environment_directory(self, directories): default = os.path.expanduser(constants.DEFAULT_ENV_DIRECTORY) nonexisting_dirs = [] for d in directories: if not os.path.isdir(d) and d != default: nonexisting_dirs.append(d) if nonexisting_dirs: raise oscexc.CommandError( "Error: The following environment directories were not found" ": {0}".format(", ".join(nonexisting_dirs))) def _provision_baremetal(self, parsed_args, tht_root): if not parsed_args.baremetal_deployment: return [] with open(parsed_args.baremetal_deployment, 'r') as fp: roles = yaml.safe_load(fp) key = self.get_key_pair(parsed_args) with open('{}.pub'.format(key), 'rt') as fp: ssh_key = fp.read() parameter_defaults = baremetal.deploy_roles( self.app.client_manager, plan=parsed_args.stack, roles=roles, ssh_keys=[ssh_key], ssh_user_name=parsed_args.overcloud_ssh_user ) env_path, swift_path = self._write_user_environment( parameter_defaults, 'baremetal-deployed.yaml', tht_root, parsed_args.stack) return [env_path] def _unprovision_baremetal(self, parsed_args): if not parsed_args.baremetal_deployment: return with open(parsed_args.baremetal_deployment, 'r') as fp: roles = yaml.safe_load(fp) baremetal.undeploy_roles( self.app.client_manager, plan=parsed_args.stack, roles=roles ) def _post_stack_validation(self, stack): """Post stack update mandatory validation Runs a validation in the to make sure that KernelArgs either contains a TSX parameter or the ForceNoTsx parameter is defined. This is a mandatory validation and it has to happen before as soon as possible. """ libvirt_service = "OS::TripleO::Services::NovaLibvirt" services = filter(lambda x: (x.endswith('Services') and libvirt_service in stack.parameters[x]), stack.parameters) impacted_roles = [] for i in services: role_name = re.sub('Services$', '', i) role_param = stack.parameters.get(role_name + 'Parameters') if role_param: role_params = json.loads(role_param) kernel_args = role_params.get('KernelArgs') no_tsx = role_params.get('ForceNoTsx') if (not no_tsx and (not kernel_args or "tsx=" not in kernel_args)): impacted_roles.append(role_name) if len(impacted_roles): self.log.error("Roles in the following list are expected to have " "a TSX flag configured in their KernelArgs " "parameter. For more information on why we must " "explicitly define the TSX flag, please visit: " "https://access.redhat.com/solutions/6036141") self.log.error("You can also skip this validation by setting " "ForceNoTsx parameter for the desired role(s)") self.log.error("Impacted roles: {roles}".format( roles=",".join(impacted_roles))) raise exceptions.PostStackValidationError() def get_parser(self, prog_name): # add_help doesn't work properly, set it to False: parser = argparse.ArgumentParser( description=self.get_description(), prog=prog_name, add_help=False ) parser.add_argument( '--templates', nargs='?', const=constants.TRIPLEO_HEAT_TEMPLATES, help=_("The directory containing the Heat templates to deploy"), ) parser.add_argument('--stack', help=_("Stack name to create or update"), default='overcloud') parser.add_argument('--timeout', '-t', metavar='', type=int, default=240, help=_('Deployment timeout in minutes.')) utils.add_deployment_plan_arguments(parser, mark_as_depr=True) parser.add_argument('--libvirt-type', choices=['kvm', 'qemu'], help=_('Libvirt domain type.')) parser.add_argument('--ntp-server', help=_('The NTP for overcloud nodes. ')) parser.add_argument( '--no-proxy', default=os.environ.get('no_proxy', ''), help=_('A comma separated list of hosts that should not be ' 'proxied.') ) parser.add_argument( '--overcloud-ssh-user', default='heat-admin', help=_('User for ssh access to overcloud nodes') ) parser.add_argument( '--overcloud-ssh-key', default=None, help=_('Key path for ssh access to overcloud nodes. When' 'undefined the key will be autodetected.') ) parser.add_argument( '--overcloud-ssh-network', help=_('Network name to use for ssh access to overcloud nodes.'), default='ctlplane' ) parser.add_argument( '--overcloud-ssh-enable-timeout', help=_('Timeout for the ssh enable process to finish.'), type=int, default=constants.ENABLE_SSH_ADMIN_TIMEOUT ) parser.add_argument( '--overcloud-ssh-port-timeout', help=_('Timeout for to wait for the ssh port to become active.'), type=int, default=constants.ENABLE_SSH_ADMIN_SSH_PORT_TIMEOUT ) parser.add_argument( '--environment-file', '-e', metavar='', action='append', dest='environment_files', help=_('Environment files to be passed to the heat stack-create ' 'or heat stack-update command. (Can be specified more than ' 'once.)') ) parser.add_argument( '--environment-directory', metavar='', action='append', dest='environment_directories', default=[os.path.expanduser(constants.DEFAULT_ENV_DIRECTORY)], help=_('Environment file directories that are automatically ' ' added to the heat stack-create or heat stack-update' ' commands. Can be specified more than once. Files in' ' directories are loaded in ascending sort order.') ) parser.add_argument( '--roles-file', '-r', dest='roles_file', help=_('Roles file, overrides the default %s in the --templates ' 'directory. May be an absolute path or the path relative ' ' to --templates') % constants.OVERCLOUD_ROLES_FILE ) parser.add_argument( '--networks-file', '-n', dest='networks_file', help=_('Networks file, overrides the default %s in the ' '--templates directory') % constants.OVERCLOUD_NETWORKS_FILE ) parser.add_argument( '--plan-environment-file', '-p', help=_('Plan Environment file, overrides the default %s in the ' '--templates directory') % constants.PLAN_ENVIRONMENT ) parser.add_argument( '--no-cleanup', action='store_true', help=_('Don\'t cleanup temporary files, just log their location') ) parser.add_argument( '--update-plan-only', action='store_true', help=_('Only update the plan. Do not perform the actual ' 'deployment. NOTE: Will move to a discrete command in a ' 'future release.') ) parser.add_argument( '--validation-errors-nonfatal', dest='validation_errors_fatal', action='store_false', default=True, help=_('Allow the deployment to continue in spite of validation ' 'errors. Note that attempting deployment while errors ' 'exist is likely to fail.') ) parser.add_argument( '--validation-warnings-fatal', action='store_true', default=False, help=_('Exit if there are warnings from the configuration ' 'pre-checks.') ) parser.add_argument( '--disable-validations', action='store_true', default=False, help=_('DEPRECATED. Disable the pre-deployment validations ' 'entirely. These validations are the built-in ' 'pre-deployment validations. To enable external ' 'validations from tripleo-validations, ' 'use the --run-validations flag. These validations are ' 'now run via the external validations in ' 'tripleo-validations.')) parser.add_argument( '--inflight-validations', action='store_true', default=False, dest='inflight', help=_('Activate in-flight validations during the deploy. ' 'In-flight validations provide a robust way to ensure ' 'deployed services are running right after their ' 'activation. Defaults to False.') ) parser.add_argument( '--dry-run', action='store_true', default=False, help=_('Only run validations, but do not apply any changes.') ) parser.add_argument( '--run-validations', action='store_true', default=False, help=_('Run external validations from the tripleo-validations ' 'project.')) parser.add_argument( '--skip-postconfig', action='store_true', default=False, help=_('Skip the overcloud post-deployment configuration.') ) parser.add_argument( '--force-postconfig', action='store_true', default=False, help=_('Force the overcloud post-deployment configuration.') ) parser.add_argument( '--skip-deploy-identifier', action='store_true', default=False, help=_('Skip generation of a unique identifier for the ' 'DeployIdentifier parameter. The software configuration ' 'deployment steps will only be triggered if there is an ' 'actual change to the configuration. This option should ' 'be used with Caution, and only if there is confidence ' 'that the software configuration does not need to be ' 'run, such as when scaling out certain roles.') ) parser.add_argument( '--answers-file', help=_('Path to a YAML file with arguments and parameters.') ) parser.add_argument( '--disable-password-generation', action='store_true', default=False, help=_('Disable password generation.') ) parser.add_argument( '--deployed-server', action='store_true', default=False, help=_('Use pre-provisioned overcloud nodes. Removes baremetal,' 'compute and image services requirements from the' 'undercloud node. Must only be used with the' '--disable-validations.') ) parser.add_argument( '--config-download', action='store_true', default=True, help=_('Run deployment via config-download mechanism. This is ' 'now the default, and this CLI options may be removed in ' 'the future.') ) parser.add_argument( '--no-config-download', '--stack-only', action='store_false', default=False, dest='config_download', help=_('Disable the config-download workflow and only create ' 'the stack and associated OpenStack resources. No ' 'software configuration will be applied.') ) parser.add_argument( '--config-download-only', action='store_true', default=False, help=_('Disable the stack create/update, and only run the ' 'config-download workflow to apply the software ' 'configuration.') ) parser.add_argument( '--output-dir', action='store', default=None, help=_('Directory to use for saved output when using ' '--config-download. The directory must be ' 'writeable by the mistral user. When not ' 'specified, the default server side value ' 'will be used (/var/lib/mistral/.') ) parser.add_argument( '--override-ansible-cfg', action='store', default=None, help=_('Path to ansible configuration file. The configuration ' 'in the file will override any configuration used by ' 'config-download by default.') ) parser.add_argument( '--config-download-timeout', action='store', type=int, default=None, help=_('Timeout (in minutes) to use for config-download steps. If ' 'unset, will default to however much time is leftover ' 'from the --timeout parameter after the stack operation.') ) parser.add_argument('--deployment-python-interpreter', default=None, help=_('The path to python interpreter to use for ' 'the deployment actions. This may need to ' 'be used if deploying on a python2 host ' 'from a python3 system or vice versa.')) parser.add_argument('-b', '--baremetal-deployment', metavar='', help=_('Configuration file describing the ' 'baremetal deployment')) parser.add_argument( '--limit', action='store', default=None, help=_("A string that identifies a single node or comma-separated" "list of nodes the config-download Ansible playbook " "execution will be limited to. For example: --limit" " \"compute-0,compute-1,compute-5\".") ) parser.add_argument( '--tags', action='store', default=None, help=_('A list of tags to use when running the config-download' ' ansible-playbook command.') ) parser.add_argument( '--skip-tags', action='store', default=None, help=_('A list of tags to skip when running the' ' config-download ansible-playbook command.') ) parser.add_argument( '--ansible-forks', action='store', default=None, type=int, help=_('The number of Ansible forks to use for the' ' config-download ansible-playbook command.') ) return parser def take_action(self, parsed_args): self.log.debug("take_action(%s)" % parsed_args) deploy_status = 'success' deploy_message = 'without error' self._setup_clients(parsed_args) # Swiftclient logs things like 404s at error level, which is a problem # because we use EAFP to check for the existence of files. Turn off # most swiftclient logging to avoid cluttering up our output with # pointless tracebacks. sc_logger = logging.getLogger("swiftclient") sc_logger.setLevel(logging.CRITICAL) self._validate_args(parsed_args) # Throw warning if deprecated service is enabled and # ask user if deployment should still be continued. if parsed_args.environment_files: utils.check_deprecated_service_is_enabled( parsed_args.environment_files) stack = utils.get_stack(self.orchestration_client, parsed_args.stack) if stack and stack.stack_status == 'IN_PROGRESS': raise exceptions.StackInProgress( "Unable to deploy as the stack '{}' status is '{}'".format( stack.stack_name, stack.stack_status)) self._update_parameters(parsed_args, stack) stack_create = stack is None if stack_create: self.log.info("No stack found, will be doing a stack create") else: self.log.info("Stack found, will be doing a stack update") if parsed_args.dry_run: print("Validation Finished") return start = time.time() if not parsed_args.config_download_only: self._deploy_tripleo_heat_templates_tmpdir(stack, parsed_args) # Get a new copy of the stack after stack update/create. If it was # a create then the previous stack object would be None. stack = utils.get_stack(self.orchestration_client, parsed_args.stack) if parsed_args.update_plan_only: # If we are only updating the plan, then we either wont have a # stack yet or there wont be any changes and the following code # wont do anything. return try: # Force fetching of attributes stack.get() overcloudrcs = deployment.create_overcloudrc( self.clients, container=stack.stack_name, no_proxy=parsed_args.no_proxy) rcpath = utils.write_overcloudrc(stack.stack_name, overcloudrcs) overcloud_endpoint = utils.get_overcloud_endpoint(stack) horizon_url = deployment.get_horizon_url( self.clients, stack=stack.stack_name) if parsed_args.config_download: print("Deploying overcloud configuration") deployment.set_deployment_status( self.clients, 'deploying', plan=stack.stack_name) if not parsed_args.config_download_only: deployment.get_hosts_and_enable_ssh_admin( self.log, self.clients, stack, parsed_args.overcloud_ssh_network, parsed_args.overcloud_ssh_user, self.get_key_pair(parsed_args), parsed_args.overcloud_ssh_enable_timeout, parsed_args.overcloud_ssh_port_timeout ) if parsed_args.config_download_timeout: timeout = parsed_args.config_download_timeout * 60 else: used = int(time.time() - start) timeout = (parsed_args.timeout * 60) - used deployment_options = {} if parsed_args.deployment_python_interpreter: deployment_options['ansible_python_interpreter'] = \ parsed_args.deployment_python_interpreter deployment.config_download( self.log, self.clients, stack, parsed_args.templates, parsed_args.overcloud_ssh_user, parsed_args.overcloud_ssh_key, parsed_args.overcloud_ssh_network, parsed_args.output_dir, parsed_args.override_ansible_cfg, timeout=parsed_args.overcloud_ssh_port_timeout, verbosity=self.app_args.verbose_level, deployment_options=deployment_options, in_flight_validations=parsed_args.inflight, deployment_timeout=timeout, tags=parsed_args.tags, skip_tags=parsed_args.skip_tags, limit_hosts=utils.playbook_limit_parse( limit_nodes=parsed_args.limit ), forks=parsed_args.ansible_forks ) except Exception as deploy_e: deploy_status = 'failed' deploy_message = 'with error' deploy_trace = deploy_e deployment.set_deployment_status( self.clients, deploy_status, plan=stack.stack_name) finally: # Copy clouds.yaml to the cloud user directory user = getpwuid(os.stat(constants.CLOUD_HOME_DIR).st_uid).pw_name utils.copy_clouds_yaml(user) utils.create_tempest_deployer_input() # Run postconfig on create or force. Use force to makes sure # endpoints are created with deploy reruns and upgrades if (stack_create or parsed_args.force_postconfig and not parsed_args.skip_postconfig): self._deploy_postconfig(stack, parsed_args) print("Overcloud Endpoint: {0}".format(overcloud_endpoint)) print("Overcloud Horizon Dashboard URL: {0}".format(horizon_url)) print("Overcloud rc file: {0}".format(rcpath)) print("Overcloud Deployed {0}".format(deploy_message)) if deploy_status == 'failed': raise(deploy_trace) class GetDeploymentStatus(command.Command): """Get deployment status""" log = logging.getLogger(__name__ + ".GetDeploymentStatus") def get_parser(self, prog_name): parser = super(GetDeploymentStatus, self).get_parser(prog_name) parser.add_argument('--plan', '--stack', help=_('Name of the stack/plan. ' '(default: overcloud)'), default='overcloud') return parser def take_action(self, parsed_args): self.log.debug("take_action(%s)" % parsed_args) plan = parsed_args.plan status = deployment.get_deployment_status( self.app.client_manager, plan=plan ) if not status: print('No deployment was found for %s' % plan) return payload = status['workflow_status']['payload'] table = PrettyTable( ['Plan Name', 'Deployment Status']) table.add_row([payload['plan_name'], payload['deployment_status']]) print(table, file=self.app.stdout) class GetDeploymentFailures(command.Command): """Get deployment failures""" log = logging.getLogger(__name__ + ".GetDeploymentFailures") def get_parser(self, prog_name): parser = super(GetDeploymentFailures, self).get_parser(prog_name) parser.add_argument('--plan', '--stack', help=_('Name of the stack/plan. ' '(default: overcloud)'), default='overcloud') return parser def take_action(self, parsed_args): self.log.debug("take_action(%s)" % parsed_args) plan = parsed_args.plan failures = deployment.get_deployment_failures( self.app.client_manager, plan=plan ) out = self.app.stdout hosts = list(failures.keys()) hosts.sort() for host in hosts: host_failures = failures[host] host_failures = sorted(host_failures, key=lambda k: k[0]) out.write("|-> Failures for host: %s\n" % host) for task_name, task in host_failures: out.write('|--> Task: %s\n' % task_name) task_keys = sorted(task.keys()) for task_key in task_keys: task_value = task[task_key] out.write('|---> %s: ' % task_key) try: value = json.dumps(task_value, sort_keys=True, separators=(',', ': '), indent=4) except ValueError: value = task_value out.write('%s\n' % value) out.write('\n')