openstack/tripleo-heat-templates
Code Issues Proposed changes

check mode: docker_puppet

Browse Source 
Adds check mode support for docker_puppet. The updated json file is
written to /var/lib/docker-puppet/check-mode/docker-puppet.json
during check mode and then diffed with the existing version at
/var/lib/docker-puppet/docker-puppet.json.

When docker-puppet.py is run during check mode, the updated json file
under the check-mode directory is passed to the command. All generated
config files are then written under /var/lib/config-data/check-mode,
which is then recursively diffed with the existing config under just
/var/lib/config-data to report on all changed config files.

Change-Id: I5c831e9546f8b6edaf3b0fda6c9fbef86c825a4c
This commit is contained in:
James Slagle 2018-09-06 14:37:14 -04:00
parent 6d0f16d430
commit a6f9821821
2 changed files with 108 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
common/deploy-steps-tasks.yaml
View File

@ -27,8 +27,8 @@
state: absent
tags:
- host_config
- container_puppet
- container_puppet_tasks
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
when:
@ -45,8 +45,8 @@
recurse: true
tags:
- host_config
- container_puppet
- container_puppet_tasks
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
when:
@ -98,14 +98,62 @@
tags:
- container_config
- name: Delete existing /var/lib/docker-puppet/check-mode for check mode
file:
path: /var/lib/docker-puppet/check-mode
state: absent
tags:
- container_config
ignore_errors: true
check_mode: no
when:
- ansible_check_mode
- name: Create /var/lib/docker-puppet/check-mode for check mode
file:
path: /var/lib/docker-puppet/check-mode
state: directory
setype: svirt_sandbox_file_t
selevel: s0
tags:
- container_config
check_mode: no
when:
- ansible_check_mode
- name: Write docker-puppet.json file
copy:
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_json }}"
dest: /var/lib/docker-puppet/docker-puppet.json
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}"
dest: /var/lib/docker-puppet/{{ ansible_check_mode | ternary('check-mode/', '') }}docker-puppet.json
force: yes
mode: '0600'
tags:
- container_config
check_mode: no
diff: no
- name: Diff docker-puppet.json changes for check mode
command:
diff -uN /var/lib/docker-puppet/docker-puppet.json /var/lib/docker-puppet/check-mode/docker-puppet.json
register: diff_results
tags:
- container_config
check_mode: no
when:
- ansible_check_mode
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff docker-puppet.json changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- ansible_check_mode
- ansible_diff_mode
tags:
- container_config
- name: Create /var/lib/docker-config-scripts
file:
@ -115,7 +163,6 @@
tags:
- container_config_scripts
# The container config files
# /var/lib/docker-container-startup-configs.json is removed as we now write
# per-step files instead
@ -141,7 +188,6 @@
tags:
- container_config_scripts
# Here we are dumping all the docker container startup configuration data
# so that we can have access to how they are started outside of heat
# and docker-cmd. This lets us create command line tools to test containers.
@ -262,6 +308,7 @@
when: ansible_check_mode
tags:
- host_config
- container_config
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
file:
@ -276,6 +323,7 @@
- not check_mode_dir.stat.exists
tags:
- host_config
- container_config
- name: Write the config_step hieradata
copy:
@ -298,6 +346,7 @@
check_mode: no
tags:
- host_config
- container_config
- name: Run puppet host configuration for step {{ step }}
when: enable_puppet|default(true)|bool
@ -339,6 +388,10 @@
DEBUG: '{{ docker_puppet_debug | default(false) }}'
PROCESS_COUNT: '{{ docker_puppet_process_count | default(3) }}'
CONTAINER_CLI: "{{ container_cli | default('docker') }}"
CONFIG: '/var/lib/docker-puppet/{{ ansible_check_mode | ternary("check-mode/", "") }}docker-puppet.json'
CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | ternary("/check-mode", "") }}'
CHECK_MODE: '{{ ansible_check_mode | ternary(1, 0) }}'
STARTUP_CONFIG_PATTERN: '/var/lib/tripleo-config/{{ ansible_check_mode | ternary("check-mode/", "") }}docker-container-startup-config-step_*.json'
when: step == "1"
changed_when: false
check_mode: no
@ -356,6 +409,31 @@
tags:
- container_config
- name: Diff docker-puppet.py puppet-generated changes for check mode
command:
diff -ruN /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
register: diff_results
tags:
- container_config
check_mode: no
when:
- step == "1"
- ansible_check_mode
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff docker-puppet.py puppet-generated changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- step == "1"
- ansible_check_mode
- ansible_diff_mode
tags:
- container_config
##################################################
# Per step starting of the containers using paunch
##################################################

25
docker/docker-puppet.py
View File

@ -255,6 +255,13 @@ with open(sh_script, 'w') as script_file:
TAGS="--tags \"$PUPPET_TAGS\""
fi
CHECK_MODE=""
if [ -d "/tmp/puppet-check-mode" ]; then
mkdir -p /etc/puppet/check-mode
cp -a /tmp/puppet-check-mode/* /etc/puppet/check-mode
CHECK_MODE="--hiera_config /etc/puppet/check-mode/hiera.yaml"
fi
# Create a reference timestamp to easily find all files touched by
# puppet. The sync ensures we get all the files we want due to
# different timestamp.
@ -275,6 +282,7 @@ with open(sh_script, 'w') as script_file:
--logdest console \
--modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules \
$TAGS \
$CHECK_MODE \
/etc/config.pp
rc=$?
set -e
@ -321,7 +329,7 @@ with open(sh_script, 'w') as script_file:
def mp_puppet_config(*args):
(config_volume,puppet_tags,manifest,config_image,volumes,privileged) = args[0]
(config_volume,puppet_tags,manifest,config_image,volumes,privileged,check_mode) = args[0]
log = get_logger()
log.info('Starting configuration of %s using image %s' % (config_volume,
config_image))
@ -331,6 +339,8 @@ def mp_puppet_config(*args):
log.debug('config_image %s' % config_image)
log.debug('volumes %s' % volumes)
log.debug('privileged %s' % privileged)
log.debug('check_mode %s' % check_mode)
with tempfile.NamedTemporaryFile() as tmp_man:
with open(tmp_man.name, 'w') as man_file:
man_file.write('include ::tripleo::packages\n')
@ -367,6 +377,11 @@ def mp_puppet_config(*args):
dcmd = common_dcmd + cli_dcmd
if check_mode:
dcmd.extend([
'--volume',
'/etc/puppet/check-mode:/tmp/puppet-check-mode:ro'])
for volume in volumes:
if volume:
dcmd.extend(['--volume', volume])
@ -414,6 +429,9 @@ def mp_puppet_config(*args):
# to consume.
process_map = []
check_mode = int(os.environ.get('CHECK_MODE', 0))
log.debug('CHECK_MODE: %s' % check_mode)
for config_volume in configs:
service = configs[config_volume]
@ -428,7 +446,8 @@ for config_volume in configs:
else:
puppet_tags = "file,file_line,concat,augeas,cron"
process_map.append([config_volume, puppet_tags, manifest, config_image, volumes, privileged])
process_map.append([config_volume, puppet_tags, manifest, config_image,
volumes, privileged, check_mode])
for p in process_map:
log.debug('- %s' % p)
@ -450,7 +469,7 @@ for returncode, config_volume in zip(returncodes, config_volumes):
# Update the startup configs with the config hash we generated above
startup_configs = os.environ.get('STARTUP_CONFIG_PATTERN', '/var/lib/tripleo-config/docker-container-startup-config-step_*.json')
log.debug('STARTUP_CONFIG_PATTERN: %s' % startup_configs)
infiles = glob.glob('/var/lib/tripleo-config/docker-container-startup-config-step_*.json')
infiles = glob.glob(startup_configs)
for infile in infiles:
with open(infile) as f:
infile_data = json.load(f)