openstack
/
tripleo-heat-templates
Code Issues Proposed changes

check mode: docker_puppet 

Adds check mode support for docker_puppet. The updated json file is
written to /var/lib/docker-puppet/check-mode/docker-puppet.json
during check mode and then diffed with the existing version at
/var/lib/docker-puppet/docker-puppet.json.

When docker-puppet.py is run during check mode, the updated json file
under the check-mode directory is passed to the command. All generated
config files are then written under /var/lib/config-data/check-mode,
which is then recursively diffed with the existing config under just
/var/lib/config-data to report on all changed config files.

Change-Id: I5c831e9546f8b6edaf3b0fda6c9fbef86c825a4c
(cherry picked from commit a6f9821821)
This commit is contained in:
James Slagle 2018-09-06 14:37:14 -04:00
parent 8c67f6039f
commit 65a8b44c5b
2 changed files with 109 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
common/deploy-steps-tasks.yaml
View File

@ -27,8 +27,8 @@
state: absent
tags:
- host_config
- container_puppet
- container_puppet_tasks
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
when:
@ -45,8 +45,8 @@
recurse: true
tags:
- host_config
- container_puppet
- container_puppet_tasks
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
when:
@ -98,14 +98,62 @@
tags:
- container_config
- name: Delete existing /var/lib/docker-puppet/check-mode for check mode
file:
path: /var/lib/docker-puppet/check-mode
state: absent
tags:
- container_config
ignore_errors: true
check_mode: no
when:
- ansible_check_mode
- name: Create /var/lib/docker-puppet/check-mode for check mode
file:
path: /var/lib/docker-puppet/check-mode
state: directory
setype: svirt_sandbox_file_t
selevel: s0
tags:
- container_config
check_mode: no
when:
- ansible_check_mode
- name: Write docker-puppet.json file
copy:
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_json }}"
dest: /var/lib/docker-puppet/docker-puppet.json
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}"
dest: /var/lib/docker-puppet/{{ ansible_check_mode | ternary('check-mode/', '') }}docker-puppet.json
force: yes
mode: '0600'
tags:
- container_config
check_mode: no
diff: no
- name: Diff docker-puppet.json changes for check mode
command:
diff -uN /var/lib/docker-puppet/docker-puppet.json /var/lib/docker-puppet/check-mode/docker-puppet.json
register: diff_results
tags:
- container_config
check_mode: no
when:
- ansible_check_mode
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff docker-puppet.json changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- ansible_check_mode
- ansible_diff_mode
tags:
- container_config
- name: Create /var/lib/docker-config-scripts
file:
@ -114,7 +162,6 @@
tags:
- container_config_scripts
# The container config files
# /var/lib/docker-container-startup-configs.json is removed as we now write
# per-step files instead
@ -139,7 +186,6 @@
tags:
- container_config_scripts
# Here we are dumping all the docker container startup configuration data
# so that we can have access to how they are started outside of heat
# and docker-cmd. This lets us create command line tools to test containers.
@ -252,6 +298,7 @@
when: ansible_check_mode
tags:
- host_config
- container_config
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
file:
@ -266,6 +313,7 @@
- not check_mode_dir.stat.exists
tags:
- host_config
- container_config
- name: Write the config_step hieradata
copy:
@ -288,6 +336,7 @@
check_mode: no
tags:
- host_config
- container_config
- name: Run puppet host configuration for step {{ step }}
when: enable_puppet|default(true)|bool
@ -328,6 +377,10 @@
NET_HOST: 'true'
DEBUG: '{{ docker_puppet_debug | default(false) }}'
PROCESS_COUNT: '{{ docker_puppet_process_count | default(3) }}'
CONFIG: '/var/lib/docker-puppet/{{ ansible_check_mode | ternary("check-mode/", "") }}docker-puppet.json'
CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | ternary("/check-mode", "") }}'
CHECK_MODE: '{{ ansible_check_mode | ternary(1, 0) }}'
STARTUP_CONFIG_PATTERN: '/var/lib/tripleo-config/{{ ansible_check_mode | ternary("check-mode/", "") }}docker-container-startup-config-step_*.json'
when: step == "1"
changed_when: false
check_mode: no
@ -345,6 +398,31 @@
tags:
- container_config
- name: Diff docker-puppet.py puppet-generated changes for check mode
command:
diff -ruN /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
register: diff_results
tags:
- container_config
check_mode: no
when:
- step == "1"
- ansible_check_mode
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff docker-puppet.py puppet-generated changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- step == "1"
- ansible_check_mode
- ansible_diff_mode
tags:
- container_config
##################################################
# Per step starting of the containers using paunch
##################################################

27
docker/docker-puppet.py
View File

@ -229,6 +229,13 @@ with open(sh_script, 'w') as script_file:
TAGS="--tags \"$PUPPET_TAGS\""
fi
CHECK_MODE=""
if [ -d "/tmp/puppet-check-mode" ]; then
mkdir -p /etc/puppet/check-mode
cp -a /tmp/puppet-check-mode/* /etc/puppet/check-mode
CHECK_MODE="--hiera_config /etc/puppet/check-mode/hiera.yaml"
fi
# Create a reference timestamp to easily find all files touched by
# puppet. The sync ensures we get all the files we want due to
# different timestamp.
@ -240,7 +247,7 @@ with open(sh_script, 'w') as script_file:
# $::deployment_type in puppet-tripleo
export FACTER_deployment_type=containers
FACTER_hostname=$HOSTNAME /usr/bin/puppet apply --summarize \
--detailed-exitcodes --color=false --logdest syslog --logdest console --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules $TAGS /etc/config.pp
--detailed-exitcodes --color=false --logdest syslog --logdest console --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules $TAGS $CHECK_MODE /etc/config.pp
rc=$?
set -e
if [ $rc -ne 2 -a $rc -ne 0 ]; then
@ -285,7 +292,8 @@ with open(sh_script, 'w') as script_file:
def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volumes)):
def mp_puppet_config(*args):
(config_volume,puppet_tags,manifest,config_image,volumes,check_mode) = args[0]
log = get_logger()
log.info('Starting configuration of %s using image %s' % (config_volume,
config_image))
@ -294,6 +302,8 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
log.debug('manifest %s' % manifest)
log.debug('config_image %s' % config_image)
log.debug('volumes %s' % volumes)
log.debug('check_mode %s' % check_mode)
with tempfile.NamedTemporaryFile() as tmp_man:
with open(tmp_man.name, 'w') as man_file:
man_file.write('include ::tripleo::packages\n')
@ -326,6 +336,11 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
# script injection
'--volume', '%s:%s:z' % (sh_script, sh_script) ]
if check_mode:
dcmd.extend([
'--volume',
'/etc/puppet/check-mode:/tmp/puppet-check-mode:ro'])
for volume in volumes:
if volume:
dcmd.extend(['--volume', volume])
@ -373,6 +388,9 @@ def mp_puppet_config((config_volume, puppet_tags, manifest, config_image, volume
# to consume.
process_map = []
check_mode = int(os.environ.get('CHECK_MODE', 0))
log.debug('CHECK_MODE: %s' % check_mode)
for config_volume in configs:
service = configs[config_volume]
@ -386,7 +404,8 @@ for config_volume in configs:
else:
puppet_tags = "file,file_line,concat,augeas,cron"
process_map.append([config_volume, puppet_tags, manifest, config_image, volumes])
process_map.append([config_volume, puppet_tags, manifest, config_image,
volumes, check_mode])
for p in process_map:
log.debug('- %s' % p)
@ -410,7 +429,7 @@ config_volume_prefix = os.environ.get('CONFIG_VOLUME_PREFIX', '/var/lib/config-d
log.debug('CONFIG_VOLUME_PREFIX: %s' % config_volume_prefix)
startup_configs = os.environ.get('STARTUP_CONFIG_PATTERN', '/var/lib/tripleo-config/docker-container-startup-config-step_*.json')
log.debug('STARTUP_CONFIG_PATTERN: %s' % startup_configs)
infiles = glob.glob('/var/lib/tripleo-config/docker-container-startup-config-step_*.json')
infiles = glob.glob(startup_configs)
for infile in infiles:
with open(infile) as f:
infile_data = json.load(f)