openstack/tripleo-common
Code Issues Proposed changes
eec15ed2dc
tripleo-common/scripts/run-validation
Jesse Pretorius (odyssey4me) bbc0d767bb Implement Ansible fact cache for Mistral executor 
Most of the playbooks executed by Mistral gather facts which, by default,
are stored in memory until the conclusion of the playbook execution. This
means that for every new playbook run the facts for each host are gathered
again. Fact gathering can take a long time, especially when the target host
has a lot of devices, which is often the case for compute hosts (many
network devices and many storage devices) and for controller hosts (many
network devices).

To optimise fact gathering, we set the default behaviour for Mistral's
Ansible execution to store gathered facts using the jsonfile format in a
temporary location, and we tell it to use smart gathering so that it will
only gather new facts when a new playbook executes.

The validations are run using the 'validations' user, it cannot share the
same fact cache because the /var/tmp/ansible_fact_cache folder will be owned
by the 'mistral' user, and is therefore not writable by the 'validations'
user. We therefore set the validations to use a different path.

This should cut down the deployment time a bit, which saves a little time in
CI and saves a lot of time in production environments.

Related: rhbz#1749406
Change-Id: Ie7adf41cef0fafde646f840b2bf3e01ba42a17d5
2019-10-02 15:37:18 +01:00

112 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
set -o pipefail
SCRIPT_NAME=$(basename $0)
OPTS=`getopt -o i: -l inputs: -n $SCRIPT_NAME -- "$@"`
if [ $? != 0 ]; then
echo "Terminating..." >&2
exit 1
fi
EXTRA_VARS_FILE=""
# Note the quotes around `$OPTS': they are essential!
eval set -- "$OPTS"
while true ; do
case "$1" in
-i | --inputs ) EXTRA_VARS_FILE="$2" ; shift 2 ;;
-- ) shift ; break ;;
* ) echo "Error: unsupported option $1." ; exit 1 ;;
esac
done
VALIDATION_FILE=$1
IDENTITY_FILE=$2
PLAN_NAME=$3
VALIDATIONS_BASEDIR=$4
if [[ -z "$VALIDATION_FILE" ]]; then
echo "Missing required validation file"
exit 1
fi
if [[ ! -r "$VALIDATION_FILE" ]]; then
echo "Can not find validation at $VALIDATION_FILE"
exit 1
fi
if [[ -z "$IDENTITY_FILE" ]]; then
echo "Missing required identity file"
exit 1
fi
if [[ -z "$EXTRA_VARS_FILE" ]]; then
EXTRA_VARS_ARGS=""
elif [[ -r "$EXTRA_VARS_FILE" ]]; then
EXTRA_VARS_ARGS="--extra-vars @$EXTRA_VARS_FILE"
else
echo "Can not find the inputs file at $EXTRA_VARS_FILE"
exit 1
fi
if [[ -z "$VALIDATIONS_BASEDIR" ]]; then
echo "Missing required tripleo-validations basedir"
exit 1
fi
if [[ ! -d "$VALIDATIONS_BASEDIR" ]]; then
echo "Can not find tripleo-validations basedir at $VALIDATION_BASEDIR"
exit 1
fi
# Make sure ssh is not asking interactively for hosts it can't check the key
# authenticity
export ANSIBLE_HOST_KEY_CHECKING=False
# Disable retry files until we find a good use and location for them
export ANSIBLE_RETRY_FILES_ENABLED=False
# Use a fact cache to improve performance
# The defaults from tripleo_common/actions/ansible.py cannot be used
# beause they will clash with the 'mistral' user owning the fact cache
# path.
export ANSIBLE_GATHERING=smart
export ANSIBLE_CACHE_PLUGIN=jsonfile
export ANSIBLE_CACHE_PLUGIN_CONNECTION=~/ansible_fact_cache
export ANSIBLE_GATHER_TIMEOUT=7200 # 7200s = 2h
# ANSIBLE_SUDO_FLAGS is deprecated in favor of become and will be removed in
# version 2.8. We now have to use ANSIBLE_BECOME_FLAGS to pass Flags to the
# privilege escalation sudo executable.
export ANSIBLE_BECOME_FLAGS="-H -S -n -E"
export ANSIBLE_PRIVATE_KEY_FILE=$IDENTITY_FILE
export ANSIBLE_INVENTORY=$(which tripleo-ansible-inventory)
# Use the custom validation-specific formatter
export ANSIBLE_STDOUT_CALLBACK=validation_output
export ANSIBLE_CALLBACK_PLUGINS="${VALIDATIONS_BASEDIR}/callback_plugins"
export ANSIBLE_ROLES_PATH="${VALIDATIONS_BASEDIR}/roles"
export ANSIBLE_LOOKUP_PLUGINS="${VALIDATIONS_BASEDIR}/lookup_plugins"
export ANSIBLE_LIBRARY="${VALIDATIONS_BASEDIR}/library"
# Environment variable is the easiest way to pass variables to an Ansible
# dynamic inventory script
export TRIPLEO_PLAN_NAME=${PLAN_NAME}
# NOTE(shadower): set up token-based environment for the openstack
# client when the password doesn't exist. This happens when called
# from mistral:
if [ -z "${OS_PASSWORD:-}" ]; then
# The auth type must be explicitly set to token
export OS_AUTH_TYPE=token
# The openstack client expects the token as OS_TOKEN
export OS_TOKEN=$OS_AUTH_TOKEN
# TODO(shadower): I could not get the token auth working with v3:
export OS_AUTH_URL=${OS_AUTH_URL/%v3/v2.0}
fi
ansible-playbook $EXTRA_VARS_ARGS $VALIDATION_FILE
View Git Blame Copy Permalink