diff --git a/common/deploy-steps-tasks-step-1.yaml b/common/deploy-steps-tasks-step-1.yaml new file mode 100644 index 0000000000..1972f2f506 --- /dev/null +++ b/common/deploy-steps-tasks-step-1.yaml @@ -0,0 +1,301 @@ + - name: Write config data at the start of step 1 + block: + - name: Create and ensure setype for /var/log/containers directory + file: + path: /var/log/containers + state: directory + setype: container_file_t + selevel: s0 + tags: + - host_config + - name: Create ContainerLogStdoutPath directory + file: + path: "{{ container_log_stdout_path }}" + state: directory + selevel: s0 + tags: + - host_config + - name: Create /var/lib/tripleo-config directory + file: + path: /var/lib/tripleo-config + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + recurse: true + tags: + - host_config + - container_config + - container_config_tasks + - container_config_scripts + - container_startup_configs + + - name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode + file: + path: /var/lib/tripleo-config/check-mode + state: absent + tags: + - host_config + - container_config + - container_config_tasks + - container_config_scripts + - container_startup_configs + when: + - ansible_check_mode|bool + ignore_errors: true + check_mode: no + + - name: Create /var/lib/tripleo-config/check-mode directory for check mode + file: + path: /var/lib/tripleo-config/check-mode + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + recurse: true + tags: + - host_config + - container_config + - container_config_tasks + - container_config_scripts + - container_startup_configs + when: + - ansible_check_mode|bool + check_mode: no + + # Puppet manifest for baremetal host configuration + - name: Write the puppet step_config manifest + no_log: True + copy: + content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}" + dest: /var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp + force: yes + mode: '0600' + tags: + - host_config + check_mode: no + diff: no + + - name: Diff puppet step_config manifest changes for check mode + command: + diff -uN /var/lib/tripleo-config/puppet_step_config.pp /var/lib/tripleo-config/check-mode/puppet_step_config.pp + register: diff_results + tags: + - host_config + check_mode: no + when: + - ansible_check_mode|bool + - ansible_diff_mode + failed_when: false + changed_when: diff_results.rc == 1 + + - name: Diff puppet step_config manifest changes for check mode + debug: + var: diff_results.stdout_lines + changed_when: diff_results.rc == 1 + when: + - ansible_check_mode|bool + - ansible_diff_mode + tags: + - host_config + + # Config file for our container-puppet.py script, used to generate container configs + - name: Create /var/lib/container-puppet + file: + path: /var/lib/container-puppet + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + tags: + - container_config + - container_config_tasks + + # For backward compatibility in Stein, so our operators have time + # to learn about the new directory. + - name: Create /var/lib/docker-puppet for backward compatibility + file: + path: /var/lib/docker-puppet + state: directory + tags: + - container_config + - container_config_tasks + + - name: Deprecation file about /var/lib/docker-puppet + copy: + dest: /var/lib/docker-puppet/readme.txt + content: | + /var/lib/docker-puppet was moved under + /var/lib/container-puppet because we don't run Docker anymore. + ignore_errors: true + + - name: Delete existing /var/lib/container-puppet/container-puppet.sh + file: + path: /var/lib/container-puppet/container-puppet.sh + state: absent + tags: + - container_config + ignore_errors: true + check_mode: no + + - name: Delete existing /var/lib/container-puppet/check-mode for check mode + file: + path: /var/lib/container-puppet/check-mode + state: absent + tags: + - container_config + ignore_errors: true + check_mode: no + when: + - ansible_check_mode|bool + + - name: Create /var/lib/container-puppet/check-mode for check mode + file: + path: /var/lib/container-puppet/check-mode + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + tags: + - container_config + check_mode: no + when: + - ansible_check_mode|bool + + - name: Write container-puppet.json file + no_log: True + copy: + content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}" + dest: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet.json + force: yes + mode: '0600' + tags: + - container_config + check_mode: no + diff: no + + - name: Diff container-puppet.json changes for check mode + command: + diff -uN /var/lib/container-puppet/container-puppet.json /var/lib/container-puppet/check-mode/container-puppet.json + register: diff_results + tags: + - container_config + check_mode: no + when: + - ansible_check_mode|bool + - ansible_diff_mode + failed_when: false + changed_when: diff_results.rc == 1 + + - name: Diff container-puppet.json changes for check mode + debug: + var: diff_results.stdout_lines + changed_when: diff_results.rc == 1 + when: + - ansible_check_mode|bool + - ansible_diff_mode + tags: + - container_config + + - name: Create /var/lib/container-config-scripts + file: + path: /var/lib/container-config-scripts + state: directory + setype: svirt_sandbox_file_t + tags: + - container_config_scripts + + # The container config files + # /var/lib/container-startup-configs.json is removed as we now write + # per-step files instead + - name: Clean old /var/lib/container-startup-configs.json file + file: + path: /var/lib/container-startup-configs.json + state: absent + tags: + - container_startup_configs + + # For legacy, can be removed in Train cycle + - name: Clean old /var/lib/docker-container-startup-configs.json file + file: + path: /var/lib/docker-container-startup-configs.json + state: absent + tags: + - container_startup_configs + + + - name: Write container config scripts + no_log: True + copy: + content: "{{ item[1].content }}" + dest: "/var/lib/container-config-scripts/{{ item[0] }}" + force: yes + mode: "{{ item[1].mode | default('0600', true) }}" + setype: svirt_sandbox_file_t + loop: "{{ role_data_container_config_scripts | dictsort }}" + loop_control: + label: "{{ item[0] }}" + vars: + role_data_container_config_scripts: "{{ lookup('file', tripleo_role_name + '/container_config_scripts.yaml', errors='ignore') | default({}, True) | from_yaml }}" + tags: + - container_config_scripts + + # Here we are dumping all the container startup configuration data + # so that we can have access to how they are started outside of heat + # and container cmd. This lets us create command line tools to test containers. + - name: Set container_config_default fact + no_log: True + set_fact: + container_config_default: "{{ container_config_default | default({}) | combine( {'step_' + item: {}} ) }}" + with_sequence: count={{ deploy_steps_max }} + tags: + - container_startup_configs + + - name: Set container_startup_configs_with_default fact + no_log: True + set_fact: + container_config_with_default: "{{ container_config_default | combine(role_data_container_config) }}" + vars: + role_data_container_config: "{{ lookup('file', tripleo_role_name + '/docker_config.yaml', errors='ignore') | default({}, True) | from_yaml }}" + tags: + - container_startup_configs + + - name: Write per-step container startup configs + no_log: True + copy: + content: "{{ item[1] | to_nice_json }}" + dest: /var/lib/tripleo-config/container-startup-config-{{ item[0] }}.json + force: yes + mode: '0600' + loop: "{{ container_config_with_default | dictsort }}" + loop_control: + label: "{{ item[0] }}" + tags: + - container_startup_configs + + - name: Create /var/lib/kolla/config_files directory + file: + path: /var/lib/kolla/config_files + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + recurse: true + tags: + - container_startup_configs + + - name: Create /var/lib/config-data directory + file: + path: /var/lib/config-data + state: directory + setype: svirt_sandbox_file_t + selevel: s0 + + - name: Write kolla config json files + no_log: True + copy: + content: "{{ item[1] | to_nice_json }}" + dest: "{{ item[0] }}" + force: yes + mode: '0600' + setype: svirt_sandbox_file_t + loop: "{{ lookup('file', tripleo_role_name + '/kolla_config.yaml', errors='ignore') | default([], True) | from_yaml | dictsort }}" + loop_control: + label: "{{ item[0] }}" + tags: + - container_startup_configs diff --git a/common/deploy-steps-tasks.yaml b/common/deploy-steps-tasks.yaml index 140e73d816..b49b781cb3 100644 --- a/common/deploy-steps-tasks.yaml +++ b/common/deploy-steps-tasks.yaml @@ -25,309 +25,6 @@ tags: - container_config_tasks - - name: Write config data at the start of step 1 - when: step|int == 1 - block: - - name: Create and ensure setype for /var/log/containers directory - file: - path: /var/log/containers - state: directory - setype: container_file_t - selevel: s0 - tags: - - host_config - - name: Create ContainerLogStdoutPath directory - file: - path: "{{ container_log_stdout_path }}" - state: directory - selevel: s0 - tags: - - host_config - - name: Create /var/lib/tripleo-config directory - file: - path: /var/lib/tripleo-config - state: directory - setype: svirt_sandbox_file_t - selevel: s0 - recurse: true - tags: - - host_config - - container_config - - container_config_tasks - - container_config_scripts - - container_startup_configs - - - name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode - file: - path: /var/lib/tripleo-config/check-mode - state: absent - tags: - - host_config - - container_config - - container_config_tasks - - container_config_scripts - - container_startup_configs - when: - - ansible_check_mode|bool - ignore_errors: true - check_mode: no - - - name: Create /var/lib/tripleo-config/check-mode directory for check mode - file: - path: /var/lib/tripleo-config/check-mode - state: directory - setype: svirt_sandbox_file_t - selevel: s0 - recurse: true - tags: - - host_config - - container_config - - container_config_tasks - - container_config_scripts - - container_startup_configs - when: - - ansible_check_mode|bool - check_mode: no - - # Puppet manifest for baremetal host configuration - - name: Write the puppet step_config manifest - no_log: True - copy: - content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}" - dest: /var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp - force: yes - mode: '0600' - tags: - - host_config - check_mode: no - diff: no - - - name: Diff puppet step_config manifest changes for check mode - command: - diff -uN /var/lib/tripleo-config/puppet_step_config.pp /var/lib/tripleo-config/check-mode/puppet_step_config.pp - register: diff_results - tags: - - host_config - check_mode: no - when: - - ansible_check_mode|bool - - ansible_diff_mode - failed_when: false - changed_when: diff_results.rc == 1 - - - name: Diff puppet step_config manifest changes for check mode - debug: - var: diff_results.stdout_lines - changed_when: diff_results.rc == 1 - when: - - ansible_check_mode|bool - - ansible_diff_mode - tags: - - host_config - - # Config file for our container-puppet.py script, used to generate container configs - - name: Create /var/lib/container-puppet - file: - path: /var/lib/container-puppet - state: directory - setype: svirt_sandbox_file_t - selevel: s0 - tags: - - container_config - - container_config_tasks - - # For backward compatibility in Stein, so our operators have time - # to learn about the new directory. - - name: Create /var/lib/docker-puppet for backward compatibility - file: - path: /var/lib/docker-puppet - state: directory - tags: - - container_config - - container_config_tasks - - - name: Deprecation file about /var/lib/docker-puppet - copy: - dest: /var/lib/docker-puppet/readme.txt - content: | - /var/lib/docker-puppet was moved under - /var/lib/container-puppet because we don't run Docker anymore. - ignore_errors: true - - - name: Delete existing /var/lib/container-puppet/container-puppet.sh - file: - path: /var/lib/container-puppet/container-puppet.sh - state: absent - tags: - - container_config - ignore_errors: true - check_mode: no - - - name: Delete existing /var/lib/container-puppet/check-mode for check mode - file: - path: /var/lib/container-puppet/check-mode - state: absent - tags: - - container_config - ignore_errors: true - check_mode: no - when: - - ansible_check_mode|bool - - - name: Create /var/lib/container-puppet/check-mode for check mode - file: - path: /var/lib/container-puppet/check-mode - state: directory - setype: svirt_sandbox_file_t - selevel: s0 - tags: - - container_config - check_mode: no - when: - - ansible_check_mode|bool - - - name: Write container-puppet.json file - no_log: True - copy: - content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}" - dest: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet.json - force: yes - mode: '0600' - tags: - - container_config - check_mode: no - diff: no - - - name: Diff container-puppet.json changes for check mode - command: - diff -uN /var/lib/container-puppet/container-puppet.json /var/lib/container-puppet/check-mode/container-puppet.json - register: diff_results - tags: - - container_config - check_mode: no - when: - - ansible_check_mode|bool - - ansible_diff_mode - failed_when: false - changed_when: diff_results.rc == 1 - - - name: Diff container-puppet.json changes for check mode - debug: - var: diff_results.stdout_lines - changed_when: diff_results.rc == 1 - when: - - ansible_check_mode|bool - - ansible_diff_mode - tags: - - container_config - - - name: Create /var/lib/container-config-scripts - file: - path: /var/lib/container-config-scripts - state: directory - setype: svirt_sandbox_file_t - tags: - - container_config_scripts - - # The container config files - # /var/lib/container-startup-configs.json is removed as we now write - # per-step files instead - - name: Clean old /var/lib/container-startup-configs.json file - file: - path: /var/lib/container-startup-configs.json - state: absent - tags: - - container_startup_configs - - # For legacy, can be removed in Train cycle - - name: Clean old /var/lib/docker-container-startup-configs.json file - file: - path: /var/lib/docker-container-startup-configs.json - state: absent - tags: - - container_startup_configs - - - - name: Write container config scripts - no_log: True - copy: - content: "{{ item[1].content }}" - dest: "/var/lib/container-config-scripts/{{ item[0] }}" - force: yes - mode: "{{ item[1].mode | default('0600', true) }}" - setype: svirt_sandbox_file_t - loop: "{{ role_data_container_config_scripts | dictsort }}" - loop_control: - label: "{{ item[0] }}" - vars: - role_data_container_config_scripts: "{{ lookup('file', tripleo_role_name + '/container_config_scripts.yaml', errors='ignore') | default({}, True) | from_yaml }}" - tags: - - container_config_scripts - - # Here we are dumping all the container startup configuration data - # so that we can have access to how they are started outside of heat - # and container cmd. This lets us create command line tools to test containers. - - name: Set container_config_default fact - no_log: True - set_fact: - container_config_default: "{{ container_config_default | default({}) | combine( {'step_' + item: {}} ) }}" - with_sequence: count={{ deploy_steps_max }} - tags: - - container_startup_configs - - - name: Set container_startup_configs_with_default fact - no_log: True - set_fact: - container_config_with_default: "{{ container_config_default | combine(role_data_container_config) }}" - vars: - role_data_container_config: "{{ lookup('file', tripleo_role_name + '/docker_config.yaml', errors='ignore') | default({}, True) | from_yaml }}" - tags: - - container_startup_configs - - - name: Write per-step container startup configs - no_log: True - copy: - content: "{{ item[1] | to_nice_json }}" - dest: /var/lib/tripleo-config/container-startup-config-{{ item[0] }}.json - force: yes - mode: '0600' - loop: "{{ container_config_with_default | dictsort }}" - loop_control: - label: "{{ item[0] }}" - tags: - - container_startup_configs - - - name: Create /var/lib/kolla/config_files directory - file: - path: /var/lib/kolla/config_files - state: directory - setype: svirt_sandbox_file_t - selevel: s0 - recurse: true - tags: - - container_startup_configs - - - name: Create /var/lib/config-data directory - file: - path: /var/lib/config-data - state: directory - setype: svirt_sandbox_file_t - selevel: s0 - - - name: Write kolla config json files - no_log: True - copy: - content: "{{ item[1] | to_nice_json }}" - dest: "{{ item[0] }}" - force: yes - mode: '0600' - setype: svirt_sandbox_file_t - loop: "{{ lookup('file', tripleo_role_name + '/kolla_config.yaml', errors='ignore') | default([], True) | from_yaml | dictsort }}" - loop_control: - label: "{{ item[0] }}" - tags: - - container_startup_configs - ##################################################### # Per step puppet configuration of the baremetal host ##################################################### diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2 index b71a75f6dc..7acbd6753f 100644 --- a/common/deploy-steps.j2 +++ b/common/deploy-steps.j2 @@ -368,6 +368,7 @@ outputs: all_nodes_extra_map_data: {get_param: AllNodesExtraMapData} sorted_bootstrap_node: true common_deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml} + common_deploy_steps_tasks_step_1: {get_file: deploy-steps-tasks-step-1.yaml} docker_puppet_script: {get_file: ./container-puppet.py} all_nodes_validation_script.sh : {get_file: ../validation-scripts/all-nodes.sh} deploy-artifacts.sh : {get_file: ../puppet/deploy-artifacts.sh} @@ -724,6 +725,37 @@ outputs: - deploy_steps - step{{step}} +{% if step == 1 %} + - hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST + name: Overcloud common deploy step 1 tasks + gather_facts: {{ '"{{' }} gather_facts | default(false) {{ '}}"' }} + any_errors_fatal: yes + vars: + bootstrap_server_id: BOOTSTRAP_SERVER_ID + step: '{{step}}' + deploy_identifier: DEPLOY_IDENTIFIER + enable_debug: ENABLE_DEBUG + enable_puppet: ENABLE_PUPPET + container_cli: CONTAINER_CLI + container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH + container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED + docker_puppet_debug: DOCKER_PUPPET_DEBUG + docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT + docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET + tasks: + - name: Check if /var/lib/tripleo-config/container-startup-config-1.json already exists + stat: + path: /var/lib/tripleo-config/container-startup-config-1.json + register: container_startup_configs_json_stat + - include_tasks: common_deploy_steps_tasks_step_1.yaml + when: + - ((deploy_identifier is defined and deploy_identifier != "" and deploy_identifier is not none) or not container_startup_configs_json_stat.stat.exists) + tags: + - overcloud + - deploy_steps + - step{{step}} + +{% endif %} - hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST name: Overcloud common deploy step tasks {{step}} gather_facts: {{ '"{{' }} gather_facts | default(false) {{ '}}"' }}