From a7661065743086961b8ef93056b810e7d2a49eda Mon Sep 17 00:00:00 2001
From: James Slagle <jslagle@redhat.com>
Date: Wed, 19 Jun 2019 17:09:28 -0400
Subject: [PATCH] Use Ansible for vip_data hieradata

Migrates the vip_data hieradata to the tripleo-hieradata role which will
use a jinja2 template to create this file on the deployed nodes. Allows
for removing the AllNodesConfig resource/template completely.

Change-Id: I5412f26423a1739088f12705fa47bac2377b9817
Depends-On: Iaf91f36a189d8e00627c21f14ca992a4d60fa10f
---
 common/deploy-steps.j2                     |  56 ++++++---
 overcloud-resource-registry-puppet.j2.yaml |   1 -
 overcloud.j2.yaml                          |  79 +++++-------
 puppet/all-nodes-config.j2.yaml            | 137 ---------------------
 sample-env-generator/ssl.yaml              |   2 +-
 5 files changed, 73 insertions(+), 202 deletions(-)
 delete mode 100644 puppet/all-nodes-config.j2.yaml

diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2
index d1de4debbd..8e33e5e812 100644
--- a/common/deploy-steps.j2
+++ b/common/deploy-steps.j2
@@ -116,9 +116,6 @@ parameters:
     type: json
     default: {}
 {%- for role in roles %}
-  {{role.name}}AllNodesDeploymentHieradata:
-    type: json
-    default: {}
   {{role.name}}DeploymentHieradata:
     type: json
     default: {}
@@ -188,6 +185,23 @@ parameters:
   EnabledServices:
     default: []
     type: comma_delimited_list
+  ControlVirtualIP:
+    type: string
+  EnabledNetworks:
+    type: comma_delimited_list
+  NetVipMap:
+    type: json
+{%- for network in networks if network.enabled|default(true) %}
+  {{network.name}}NetName:
+    default: {{network.name_lower}}
+    description: The name of the {{network.name_lower}} network.
+    type: string
+{%- endfor %}
+  CloudNames:
+    type: json
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
 conditions:
 {% for role in enabled_roles %}
@@ -326,6 +340,27 @@ outputs:
         stack_update_type: {get_param: StackUpdateType}
         container_cli: {get_param: ContainerCli}
         enabled_services: {get_param: EnabledServices}
+        control_virtual_ip: {get_param: ControlVirtualIP}
+        enabled_networks: {get_param: EnabledNetworks}
+        net_vip_map: {get_param: NetVipMap}
+{%- for network in networks if network.enabled|default(true) %}
+        {{network.name_lower}}_net_name: {get_param: {{network.name}}NetName}
+{%- endfor %}
+        network_virtual_ips:
+          ctlplane:
+            ip_address: {get_param: [NetVipMap, ctlplane]}
+            index: 1
+{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
+# External virtual ip is currently being handled separately as public_virtual_ip.
+# Likewise, optional StorageNFS virtual ip is handled separately as ganesha_vip.
+{%- if network.name != 'External' and network.name != 'StorageNFS' %}
+          {{network.name_lower}}:
+            ip_address: {get_param: [NetVipMap, {get_param: {{network.name}}NetName}]}
+            index: {{loop.index + 1}}
+{%- endif %}
+{%- endfor %}
+        cloud_names: {get_param: CloudNames}
+        enable_internal_tls: {get_param: EnableInternalTLS}
       common_deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml}
       docker_puppet_script: {get_file: ./container-puppet.py}
       all_nodes_validation_script.sh : {get_file: ../validation-scripts/all-nodes.sh}
@@ -456,16 +491,6 @@ outputs:
               any_errors_fatal: yes
               tasks:
 {%- for role in roles %}
-                - name: AllNodesDeployment hieradata
-                  include_role:
-                    name: tripleo-hieradata
-                  vars:
-                    hieradata_template: "{{role.name}}/all-nodes-deployment-hieradata.j2.yaml"
-                    hieradata_variable_start_string: $$
-                    hieradata_variable_end_string: $$
-                    hieradata_files: "{{ '{{' }} lookup('file', '{{role.name}}/deployment-hierarchy.yaml') {{ '}}' }}"
-                  when: tripleo_role_name == '{{role.name}}'
-
                 - name: Deployment hieradata
                   include_role:
                     name: tripleo-hieradata
@@ -505,6 +530,7 @@ outputs:
                     hieradata_templates_list:
                       - bootstrap_node
                       - all_nodes
+                      - vip_data
                   when: tripleo_role_name == '{{role.name}}'
               tags:
                 - overcloud
@@ -757,10 +783,6 @@ outputs:
       external_deploy_steps_tasks: {get_attr: [ExternalDeployTasks, value]}
       external_post_deploy_steps_tasks: {get_attr: [ExternalPostDeployTasks, value]}
 {%- for role in roles %}
-      # TODO (slagle): temporarily write the path with a .yaml extension until
-      # https://review.opendev.org/#/c/663736 merges. Once merged, this can be
-      # removed.
-      {{role.name}}/all-nodes-deployment-hieradata.j2.yaml: {get_param: {{role.name}}AllNodesDeploymentHieradata}
       {{role.name}}/deployment-hieradata.j2.yaml: {get_param: {{role.name}}DeploymentHieradata}
       {{role.name}}/deployment-hierarchy.yaml: {get_param: {{role.name}}DeploymentHierarchy}
       {{role.name}}/per-host-hieradata.j2.yaml: {get_param: {{role.name}}PerHostHieradata}
diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml
index 66d4db964f..388868883b 100644
--- a/overcloud-resource-registry-puppet.j2.yaml
+++ b/overcloud-resource-registry-puppet.j2.yaml
@@ -4,7 +4,6 @@ resource_registry:
   OS::Heat::SoftwareDeployment: config-download-software.yaml
   OS::Heat::StructuredDeployment: config-download-structured.yaml
   OS::TripleO::PostDeploySteps: common/post.yaml
-  OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
   OS::TripleO::AllNodesDeployment: OS::Heat::None
   OS::TripleO::Hosts::SoftwareConfig: hosts-config.yaml
   OS::TripleO::Ssh::HostPubKey: OS::Heat::None
diff --git a/overcloud.j2.yaml b/overcloud.j2.yaml
index d367bd7f4b..8af9b2089f 100644
--- a/overcloud.j2.yaml
+++ b/overcloud.j2.yaml
@@ -577,17 +577,6 @@ resources:
       config: {get_resource: SshKnownHostsConfig}
       servers: {get_attr: [{{role.name}}Servers, value]}
 
-  {{role.name}}AllNodesDeployment:
-    type: OS::TripleO::AllNodesDeployment
-    depends_on:
-{%- for role_inner in roles %}
-      - {{role_inner.name}}SshKnownHostsDeployment
-{%- endfor %}
-    properties:
-      name: {{role.name}}AllNodesDeployment
-      config: {get_attr: [{{role.name}}allNodesConfig, config_id]}
-      servers: {get_attr: [{{role.name}}Servers, value]}
-
   {{role.name}}IpListMap:
     type: OS::TripleO::Network::Ports::NetIpListMap
     properties:
@@ -752,6 +741,26 @@ resources:
             - '\n'
             - {get_attr: [HostsValue, value]}
 
+  CloudNames:
+    type: OS::Heat::Value
+    properties:
+      value:
+{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
+  {%- if network.name == 'External' %}
+        # Special case the External hostname param, which is CloudName
+        cloud_name_{{network.name_lower}}: {get_param: CloudName}
+  {%- elif network.name == 'InternalApi' %}
+        # Special case the Internal API hostname param, which is CloudNameInternal
+        cloud_name_{{network.name_lower}}: {get_param: CloudNameInternal}
+  {%- elif network.name == 'StorageMgmt' %}
+        # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
+        cloud_name_{{network.name_lower}}: {get_param: CloudNameStorageManagement}
+  {%- else %}
+        cloud_name_{{network.name_lower}}: {get_param: CloudName{{network.name}}}
+  {%- endif %}
+{%- endfor %}
+        cloud_name_ctlplane: {get_param: CloudNameCtlplane}
+
 {%- for outer_role in roles %}
 
   {{outer_role.name}}HieradataVars:
@@ -762,34 +771,6 @@ resources:
           yaql:
             expression: coalesce($.data, []).first(null)
             data: {get_attr: [{{outer_role.name}}, hostname]}
-
-  {{outer_role.name}}allNodesConfig:
-    type: OS::TripleO::AllNodes::SoftwareConfig
-    properties:
-{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
-  {%- if network.name == 'External' %}
-  # Special case the External hostname param, which is CloudName
-      cloud_name_{{network.name_lower}}: {get_param: CloudName}
-  {%- elif network.name == 'InternalApi' %}
-  # Special case the Internal API hostname param, which is CloudNameInternal
-      cloud_name_{{network.name_lower}}: {get_param: CloudNameInternal}
-  {%- elif network.name == 'StorageMgmt' %}
-  # Special case StorageMgmt hostname param, which is CloudNameStorageManagement
-      cloud_name_{{network.name_lower}}: {get_param: CloudNameStorageManagement}
-  {%- else %}
-      cloud_name_{{network.name_lower}}: {get_param: CloudName{{network.name}}}
-  {%- endif %}
-{%- endfor %}
-      cloud_name_ctlplane: {get_param: CloudNameCtlplane}
-      enabled_services:
-        list_join:
-          - ','
-{%- for role in roles %}
-          - {get_attr: [{{role.name}}ServiceNames, value]}
-{%- endfor %}
-      NetVipMap: {get_attr: [VipMap, net_ip_map]}
-      RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
-      ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
 {%- endfor %}
 
   GlobalConfig:
@@ -980,9 +961,9 @@ resources:
         - service_names
         - service_configs
         - {{role.name.lower()}}
-        - bootstrap_node # provided by allNodesConfig
-        - all_nodes # provided by allNodesConfig
-        - vip_data # provided by allNodesConfig
+        - bootstrap_node # provided by tripleo-hieradata
+        - all_nodes # provided by tripleo-hieradata
+        - vip_data # provided by tripleo-hieradata
         - net_ip_map
         - '"%{::osfamily}"'
         # The following are required for compatibility with the Controller role
@@ -1001,9 +982,6 @@ resources:
     type: OS::TripleO::PostDeploySteps
     depends_on:
       - AllNodesExtraConfig
-{%- for role in roles %}
-      - {{role.name}}AllNodesDeployment
-{%- endfor %}
     properties:
       servers:
 {%- for role in roles %}
@@ -1020,7 +998,6 @@ resources:
       ssh_known_hosts_hostnames: {get_attr: [SshKnownHostsHostnames, value]}
 {%- for role in roles %}
       {{role.name}}Count: {get_param: {{role.name}}Count}
-      {{role.name}}AllNodesDeploymentHieradata: {get_attr: [{{role.name}}allNodesConfig, all_nodes_config_hieradata]}
       {{role.name}}DeploymentHieradata:
         map_merge:
           list_concat:
@@ -1058,6 +1035,16 @@ resources:
 {%- for role in roles %}
           - {get_attr: [{{role.name}}ServiceNames, value]}
 {%- endfor %}
+      ControlVirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      EnabledNetworks:
+{%- for network in networks if network.enabled|default(true) %}
+        - {{ network.name }}
+{%- endfor %}
+      NetVipMap:
+        map_merge:
+          - {get_attr: [VipMap, net_ip_map]}
+          - redis: {get_attr: [RedisVirtualIP, ip_address]}
+      CloudNames: {get_attr: [CloudNames, value]}
 
   DeployedServerEnvironment:
     type: OS::TripleO::DeployedServerEnvironment
diff --git a/puppet/all-nodes-config.j2.yaml b/puppet/all-nodes-config.j2.yaml
deleted file mode 100644
index ec8752df38..0000000000
--- a/puppet/all-nodes-config.j2.yaml
+++ /dev/null
@@ -1,137 +0,0 @@
-{%- set _networks = [] -%}
-{%- for network in networks if network.enabled|default(true) -%}
-  {%- set _networks = _networks.append(network.name) -%}
-{%- endfor -%}
-heat_template_version: rocky
-description: 'All Nodes Config for Puppet'
-
-parameters:
-{%- for network in networks if network.vip|default(false) %}
-  cloud_name_{{network.name_lower}}:
-    type: string
-{%- endfor %}
-  cloud_name_ctlplane:
-    type: string
-  enabled_services:
-    type: comma_delimited_list
-  NetVipMap:
-    type: json
-  RedisVirtualIP:
-    type: string
-    default: ''
-  ServiceNetMap:
-    type: json
-  EnableInternalTLS:
-    type: boolean
-    default: false
-  AllNodesExtraMapData:
-    type: json
-    default: {}
-    description: Map of extra data (hieradata) to set on each node.
-
-{%- for network in networks if network.enabled|default(true) %}
-  {{network.name}}NetName:
-    default: {{network.name_lower}}
-    description: The name of the {{network.name_lower}} network.
-    type: string
-{%- endfor %}
-
-resources:
-
-  allNodesConfigDatafiles:
-    type: OS::Heat::Value
-    properties:
-      value:
-        datafiles:
-          all_nodes_extra_map_data: {get_parm: AllNodesExtraMapData}
-          vip_data:
-            map_merge:
-              # Dynamically generate per-service VIP data based on enabled_services
-              # This works as follows (outer->inner functions)
-              # yaql - filters services where no mapping exists in ServiceNetMap
-              #   map_replace: substitute e.g internal_api with the IP from NetVipMap
-              #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
-              #       map_merge/repeat: generate a per-service mapping
-              - yaql:
-                  # This filters any entries where the value hasn't been substituted for
-                  # a list, e.g it's still $service_network.  This happens when there is
-                  # no network defined for the service in the ServiceNetMap, which is OK
-                  # as not all services have to be bound to a network, so we filter them
-                  expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
-                  data:
-                    map:
-                      map_replace:
-                        - map_replace:
-                            - map_merge:
-                                repeat:
-                                  template:
-                                    SERVICE_vip: SERVICE_network
-                                  for_each:
-                                    SERVICE: {get_param: enabled_services}
-                            - values: {get_param: ServiceNetMap}
-                        - values: {get_param: NetVipMap}
-              - keystone_admin_api_vip:
-                  get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
-                keystone_public_api_vip:
-                  get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
-  {%- if 'External' in _networks %}
-                public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
-  {%- else %}
-                public_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-  {%- endif %}
-                controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-  {%- if 'InternalApi' in _networks %}
-                # the internal_api_virtual_ip is needed for contrail only
-                internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
-  {%- endif %}
-                network_virtual_ips:
-                  ctlplane:
-                    ip_address: {get_param: [NetVipMap, ctlplane]}
-                    index: 1
-  {%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
-  # External virtual ip is currently being handled separately as public_virtual_ip.
-  # Likewise, optional StorageNFS virtual ip is handled separately as ganesha_vip.
-  {%- if network.name != 'External' and network.name != 'StorageNFS' %}
-                  {{network.name_lower}}:
-                    ip_address: {get_param: [NetVipMap, {get_param: {{network.name}}NetName}]}
-                    index: {{loop.index + 1}}
-  {%- endif %}
-  {%- endfor %}
-                redis_vip: {get_param: RedisVirtualIP}
-  {%- for network in networks if network.name == 'StorageNFS' and network.enabled|default(true) %}
-                ganesha_vip: {get_param: [NetVipMap, {get_param: StorageNFSNetName}]}
-  {%- endfor %}
-                # public_virtual_ip and controller_virtual_ip are needed in
-                # both HAproxy & keepalived.
-  {%- if 'External' in _networks %}
-                tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
-                tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
-  {%- else %}
-                tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-                tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-  {%- endif %}
-                tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-                tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
-                tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
-                tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
-  {%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
-                cloud_name_{{network.name_lower}}: {get_param: cloud_name_{{network.name_lower}}}
-  {%- endfor %}
-                cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
-                enable_internal_tls: {get_param: EnableInternalTLS}
-
-  allNodesConfigImpl:
-    type: OS::Heat::StructuredConfig
-    properties:
-      group: hiera
-      config: {get_attr: [allNodesConfigDatafiles, value]}
-
-outputs:
-  config_id:
-    description: The ID of the allNodesConfigImpl resource.
-    value:
-      {get_resource: allNodesConfigImpl}
-  all_nodes_config_hieradata:
-    description: The all_nodes config in the full format with datafiles section.
-    value: {get_attr: [allNodesConfigDatafiles, value]}
-
diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml
index 0292b4a80b..bab35af9c9 100644
--- a/sample-env-generator/ssl.yaml
+++ b/sample-env-generator/ssl.yaml
@@ -31,7 +31,7 @@ environments:
       A Heat environment file which can be used to enable TLS for the internal
       network via certmonger
     files:
-      puppet/all-nodes-config.yaml:
+      common/post.yaml:
         parameters:
           - EnableInternalTLS
       deployment/nova/nova-base-puppet.yaml: