openstack/tripleo-heat-templates
Code Issues Proposed changes

Add docker_puppet_tasks initialization on primary node

Browse Source 
This patch adds a new (optional) section to the docker post.j2.yaml
that collects any 'docker_puppet_tasks' data from enabled
services and applies it on the primary role node (the
first node in the primary (first) role).

The use case for this is although we are generally only using
puppet for configuration there are several exceptions that we
desire to make use of today for parity with baremetal. This
includes things like database creation and keystone endpoint
initialization which we rely on configuration via hiera variables
controlled by the puppet services.

Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
This commit is contained in:
Dan Prince 2017-01-29 08:01:46 -05:00
parent ad2ea290be
commit 84626c82cc
4 changed files with 79 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docker/docker-puppet.py
View File

@ -72,7 +72,9 @@ with open(config_file) as f:
configs = {}
for service in json_data:
for service in (json_data or []):
if service is None:
continue
config_volume = service[0] or ''
puppet_tags = service[1] or ''
manifest = service[2] or ''

71
docker/post.j2.yaml
View File

@ -29,6 +29,66 @@ parameters:
resources:
# These utility tasks use docker-puppet.py to execute tasks via puppet
# We only execute these on the first node in the primary role
{{primary_role_name}}DockerPuppetTasks:
type: OS::Heat::Value
properties:
type: json
value:
yaql:
expression:
dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
data:
docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]}
# BEGIN primary_role_name docker-puppet-tasks (run only on a single node)
{% for step in range(1, 6) %}
{{primary_role_name}}DockerPuppetJsonConfig{{step}}:
type: OS::Heat::StructuredConfig
properties:
group: json-file
config:
/var/lib/docker-puppet/docker-puppet-tasks{{step}}.json:
{get_attr: [{{primary_role_name}}DockerPuppetTasks, value, 'step_{{step}}']}
{{primary_role_name}}DockerPuppetJsonDeployment{{step}}:
type: OS::Heat::SoftwareDeployment
properties:
server: {get_param: [servers, {{primary_role_name}}, '0']}
config: {get_resource: {{primary_role_name}}DockerPuppetJsonConfig{{step}}}
{{primary_role_name}}DockerPuppetTasksConfig{{step}}:
type: OS::Heat::SoftwareConfig
properties:
group: script
config: {get_file: docker-puppet.py}
inputs:
- name: CONFIG
- name: NET_HOST
- name: NO_ARCHIVE
{{primary_role_name}}DockerPuppetTasksDeployment{{step}}:
type: OS::Heat::SoftwareDeployment
depends_on:
{% for dep in roles %}
- {{dep.name}}Deployment_Step{{step}}
- {{dep.name}}ContainersDeployment_Step{{step}}
{% endfor %}
- {{primary_role_name}}DockerPuppetJsonDeployment{{step}}
properties:
name: {{primary_role_name}}DockerPuppetJsonDeployment{{step}}
server: {get_param: [servers, {{primary_role_name}}, '0']}
config: {get_resource: {{primary_role_name}}DockerPuppetTasksConfig{{step}}}
input_values:
CONFIG: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
NET_HOST: 'true'
NO_ARCHIVE: 'true'
{% endfor %}
# END primary_role_name docker-puppet-tasks
{% for role in roles %}
# Post deployment steps for all roles
# A single config is re-applied with an incrementing step number
@ -165,10 +225,11 @@ resources:
depends_on: [{{role.name}}PreConfig, {{role.name}}ArtifactsDeploy]
{% else %}
depends_on:
{% for dep in roles %}
{% for dep in roles %}
- {{dep.name}}Deployment_Step{{step -1}}
- {{dep.name}}ContainersDeployment_Step{{step -1}}
{% endfor %}
{% endfor %}
- {{primary_role_name}}DockerPuppetTasksDeployment{{step -1}}
{% endif %}
properties:
name: {{role.name}}Deployment_Step{{step}}
@ -201,11 +262,12 @@ resources:
- {{role.name}}GenerateConfigDeployment
{% else %}
depends_on:
{% for dep in roles %}
{% for dep in roles %}
- {{dep.name}}ContainersDeployment_Step{{step -1}}
- {{dep.name}}Deployment_Step{{step}} # baremetal steps of the same level run first
- {{dep.name}}Deployment_Step{{step -1}}
{% endfor %}
{% endfor %}
- {{primary_role_name}}DockerPuppetTasksDeployment{{step -1}}
{% endif %}
properties:
name: {{role.name}}ContainersDeployment_Step{{step}}
@ -220,6 +282,7 @@ resources:
depends_on:
{% for dep in roles %}
- {{dep.name}}Deployment_Step5
- {{primary_role_name}}DockerPuppetTasksDeployment5
{% endfor %}
properties:
servers: {get_param: servers}

7
docker/services/README.rst
View File

@ -76,6 +76,13 @@ are re-asserted when applying latter ones.
'docker_image' above but some containers share a common set of
config files which are generated in a common base container.
* docker_puppet_tasks: This section provides data to drive the
docker-puppet.py tool directly. The task is executed only once
within the cluster (not on each node) and is useful for several
puppet snippets we require for initialization of things like
keystone endpoints, database users, etc. See docker-puppet.py
for formatting.
Docker steps
------------
Similar to baremetal docker containers are brought up in a stepwise manner.

2
docker/services/services.yaml
View File

@ -75,3 +75,5 @@ outputs:
map_merge: {get_attr: [ServiceChain, role_data, kolla_config]}
docker_config:
{get_attr: [ServiceChain, role_data, docker_config]}
docker_puppet_tasks:
{get_attr: [ServiceChain, role_data, docker_puppet_tasks]}