Heat templates for deploying OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

439 lines
16KB

  1. # Note the indentation here is required as it's joined
  2. # to create a playbook in deploy-steps.j2
  3. # Identify if we are bootstrap node of this role
  4. # We expect hieradata was already written in pre_deployments
  5. - name: get bootstrap nodeid
  6. tags: common
  7. command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
  8. register: bootstrap_node
  9. - name: set is_bootstrap_node fact
  10. tags: common
  11. set_fact:
  12. is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
  13. ##################################################
  14. # Step 1 block, write data for subsequent steps
  15. ##################################################
  16. - name: Write config data at the start of step 1
  17. when: step == "1"
  18. become: true
  19. block:
  20. - name: Create and ensure setype for /var/log/containers directory
  21. file:
  22. path: /var/log/containers
  23. state: directory
  24. setype: var_log_t
  25. selevel: s0
  26. mode: 0750
  27. tags:
  28. - host_config
  29. - container_config
  30. - container_config_tasks
  31. - container_config_scripts
  32. - container_startup_configs
  33. - name: Create /var/lib/tripleo-config directory
  34. file: path=/var/lib/tripleo-config state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
  35. tags:
  36. - host_config
  37. - container_config
  38. - container_config_tasks
  39. - container_config_scripts
  40. - container_startup_configs
  41. # Puppet manifest for baremetal host configuration
  42. - name: Check if puppet step_config.pp manifest exists
  43. delegate_to: localhost
  44. become: false
  45. stat:
  46. path: "{{ tripleo_role_name + '/step_config.pp' }}"
  47. register: stat_step_config
  48. tags:
  49. - host_config
  50. - name: Set fact when file existed
  51. no_log: True
  52. set_fact:
  53. role_data_step_config: "{{lookup('file', tripleo_role_name + '/step_config.pp')}}"
  54. when: stat_step_config.stat.exists
  55. tags:
  56. - host_config
  57. - name: Write the puppet step_config manifest
  58. copy: content="{{role_data_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes mode=0600
  59. tags:
  60. - host_config
  61. # Config file for our docker-puppet.py script, used to generate container configs
  62. - name: Create /var/lib/docker-puppet
  63. file: path=/var/lib/docker-puppet state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
  64. tags:
  65. - container_config
  66. - name: Check if docker-puppet puppet_config.yaml configuration file exists
  67. delegate_to: localhost
  68. become: false
  69. stat:
  70. path: "{{ tripleo_role_name + '/puppet_config.yaml' }}"
  71. register: stat_puppet_config
  72. tags:
  73. - container_config
  74. - name: Set fact when file existed
  75. no_log: True
  76. set_fact:
  77. role_data_puppet_config: "{{lookup('file', tripleo_role_name + '/puppet_config.yaml') | from_yaml | to_json}}"
  78. when: stat_puppet_config.stat.exists
  79. tags:
  80. - container_config
  81. - name: Write docker-puppet.json file
  82. copy: content="{{role_data_puppet_config}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes mode=0600
  83. tags:
  84. - container_config
  85. - name: Create /var/lib/docker-config-scripts
  86. file: path=/var/lib/docker-config-scripts state=directory
  87. tags:
  88. - container_config_scripts
  89. # The container config files
  90. # /var/lib/docker-container-startup-configs.json is removed as we now write
  91. # per-step files instead
  92. - name: Clean old /var/lib/docker-container-startup-configs.json file
  93. file:
  94. path: /var/lib/docker-container-startup-configs.json
  95. state: absent
  96. tags:
  97. - container_startup_configs
  98. - name: Check if docker_config_scripts.yaml file exists
  99. delegate_to: localhost
  100. become: false
  101. stat:
  102. path: "{{ tripleo_role_name + '/docker_config_scripts.yaml' }}"
  103. register: stat_docker_config_scripts
  104. tags:
  105. - container_config_scripts
  106. - name: Set fact when file existed
  107. no_log: True
  108. set_fact:
  109. role_data_docker_config_scripts: "{{lookup('file', tripleo_role_name + '/docker_config_scripts.yaml') | from_yaml}}"
  110. when: stat_docker_config_scripts.stat.exists
  111. tags:
  112. - container_config_scripts
  113. - name: Write docker config scripts
  114. copy: content="{{ item[1].content }}" dest="/var/lib/docker-config-scripts/{{ item[0] }}" force=yes mode="{{ item[1].mode | default('0600', true) }}"
  115. loop: "{{ role_data_docker_config_scripts | dictsort }}"
  116. loop_control:
  117. label: "{{ item[0] }}"
  118. tags:
  119. - container_config_scripts
  120. # Here we are dumping all the docker container startup configuration data
  121. # so that we can have access to how they are started outside of heat
  122. # and docker-cmd. This lets us create command line tools to test containers.
  123. # FIXME We need to update the defaults e.g in docker-toool so we can remove the
  124. # docker-container-startup-configs.json and use per-step configs instead
  125. - name: Set docker_config_default fact
  126. no_log: True
  127. set_fact:
  128. docker_config_default: "{{ docker_config_default|default({}) | combine( {'step_'+item: {}} ) }}"
  129. with_sequence: count={{deploy_steps_max}}
  130. tags:
  131. - container_startup_configs
  132. - name: Check if docker_config.yaml file exists
  133. delegate_to: localhost
  134. become: false
  135. stat:
  136. path: "{{ tripleo_role_name + '/docker_config.yaml' }}"
  137. register: stat_docker_config
  138. tags:
  139. - container_startup_configs
  140. - name: Set fact when file existed
  141. no_log: True
  142. set_fact:
  143. role_data_docker_config: "{{lookup('file', tripleo_role_name + '/docker_config.yaml') | from_yaml}}"
  144. when: stat_docker_config.stat.exists
  145. tags:
  146. - container_startup_configs
  147. - name: Set docker_startup_configs_with_default fact
  148. no_log: True
  149. set_fact:
  150. docker_config_with_default: "{{docker_config_default | combine(role_data_docker_config)}}"
  151. tags:
  152. - container_startup_configs
  153. - name: Write docker-container-startup-configs
  154. copy: content="{{docker_config_with_default | to_json }}" dest=/var/lib/docker-container-startup-configs.json force=yes mode=0600
  155. tags:
  156. - container_startup_configs
  157. - name: Write per-step docker-container-startup-configs
  158. copy: content="{{ item[1] | to_json }}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{ item[0] }}.json" force=yes mode=0600
  159. loop: "{{ docker_config_with_default | dictsort }}"
  160. loop_control:
  161. label: "{{ item[0] }}"
  162. tags:
  163. - container_startup_configs
  164. - name: Create /var/lib/kolla/config_files directory
  165. file: path=/var/lib/kolla/config_files state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
  166. tags:
  167. - container_startup_configs
  168. - name: Check if kolla_config.yaml file exists
  169. delegate_to: localhost
  170. become: false
  171. stat:
  172. path: "{{ tripleo_role_name + '/kolla_config.yaml' }}"
  173. register: stat_kolla_config
  174. tags:
  175. - container_startup_configs
  176. - name: Set fact when file existed
  177. no_log: True
  178. set_fact:
  179. role_data_kolla_config: "{{lookup('file', tripleo_role_name + '/kolla_config.yaml') | from_yaml}}"
  180. when: stat_kolla_config.stat.exists
  181. tags:
  182. - container_startup_configs
  183. - name: Write kolla config json files
  184. copy: content="{{ item[1] | to_json }}" dest="{{ item[0] }}" force=yes mode=0600
  185. loop: "{{ role_data_kolla_config | dictsort }}"
  186. loop_control:
  187. label: "{{ item[0] }}"
  188. tags:
  189. - container_startup_configs
  190. ###############################################################
  191. # Bootstrap tasks, only performed on bootstrap node of the role
  192. ###############################################################
  193. - name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
  194. file:
  195. path: "{{item}}"
  196. state: absent
  197. with_fileglob:
  198. - /var/lib/docker-puppet/docker-puppet-tasks*.json
  199. when: is_bootstrap_node|bool
  200. tags:
  201. - container_config_tasks
  202. - name: Check if docker_puppet_tasks.yaml file exists
  203. delegate_to: localhost
  204. become: false
  205. stat:
  206. path: "{{ tripleo_role_name + '/docker_puppet_tasks.yaml' }}"
  207. register: stat_docker_puppet_tasks
  208. tags:
  209. - container_config_tasks
  210. - name: Set fact when file existed
  211. no_log: True
  212. set_fact:
  213. role_data_docker_puppet_tasks: "{{lookup('file', tripleo_role_name + '/docker_puppet_tasks.yaml') | from_yaml}}"
  214. when: stat_docker_puppet_tasks.stat.exists
  215. tags:
  216. - container_config_tasks
  217. - name: Write docker-puppet-tasks json files
  218. copy: content="{{ item[1] | to_json }}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{ item[0].replace("step_", "") }}.json force=yes mode=0600
  219. loop: "{{ role_data_docker_puppet_tasks | dictsort }}"
  220. loop_control:
  221. label: "{{ item[0] }}"
  222. when: is_bootstrap_node|bool
  223. tags:
  224. - container_config_tasks
  225. #####################################################
  226. # Per step puppet configuration of the baremetal host
  227. #####################################################
  228. - name: Set host puppet debugging fact string
  229. set_fact:
  230. host_puppet_config_debug: "--debug --verbose"
  231. when: enable_debug|default(false)|bool
  232. tags:
  233. - host_config
  234. - name: Write the config_step hieradata
  235. copy: content="{{dict(step=step|int)|to_json}}" dest=/etc/puppet/hieradata/config_step.json force=true mode=0600
  236. become: true
  237. tags:
  238. - host_config
  239. - name: Run puppet host configuration for step {{step}}
  240. command: >-
  241. puppet apply {{ host_puppet_config_debug|default('') }}
  242. --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
  243. --detailed-exitcodes
  244. --summarize
  245. --logdest syslog --logdest console --color=false
  246. /var/lib/tripleo-config/puppet_step_config.pp
  247. changed_when: outputs.rc == 2
  248. check_mode: no
  249. register: outputs
  250. failed_when: false
  251. no_log: true
  252. become: true
  253. tags:
  254. - host_config
  255. - name: "Debug output for task: Run puppet host configuration for step {{ step }}"
  256. debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
  257. when: outputs.rc is defined
  258. failed_when: outputs.rc not in [0, 2]
  259. tags:
  260. - host_config
  261. #########################################
  262. # Pre-cache facts for container-puppet.py
  263. #########################################
  264. # We don't want the pre-cache tasks to be skipped in dry-run so we force
  265. # check_mode to "no".
  266. # https://bugzilla.redhat.com/show_bug.cgi?id=1738529
  267. - name: Pre-cache facts for container-puppet.py
  268. check_mode: no
  269. tags:
  270. - container_config
  271. - container_config_tasks
  272. block:
  273. - name: Create puppet caching structures
  274. file:
  275. path: /var/lib/container-puppet/puppetlabs
  276. state: directory
  277. setype: svirt_sandbox_file_t
  278. selevel: s0
  279. recurse: True
  280. - name: Write facter cache config
  281. copy:
  282. dest: /var/lib/container-puppet/puppetlabs/facter.conf
  283. content: |
  284. facts : {
  285. ttls: [
  286. { "kernel" : 8 hour },
  287. { "memory" : 8 hour },
  288. { "networking" : 8 hour },
  289. { "operating system" : 8 hour },
  290. { "processor" : 8 hour },
  291. ]
  292. }
  293. setype: svirt_sandbox_file_t
  294. selevel: s0
  295. - name: Cleanup facter cache if exists
  296. file:
  297. path: /opt/puppetlabs/facter
  298. state: absent
  299. ignore_errors: True
  300. - name: Pre-cache facts
  301. command: facter --config /var/lib/container-puppet/puppetlabs/facter.conf
  302. no_log: True
  303. ignore_errors: True
  304. - name: Sync cached facts
  305. synchronize:
  306. src: /opt/puppetlabs/
  307. dest: /var/lib/container-puppet/puppetlabs/
  308. delegate_to: "{{ inventory_hostname }}"
  309. ######################################
  310. # Generate config via docker-puppet.py
  311. ######################################
  312. - name: Run docker-puppet tasks (generate config) during step {{step}}
  313. shell: python /var/lib/docker-puppet/docker-puppet.py
  314. environment:
  315. NET_HOST: 'true'
  316. DEBUG: '{{docker_puppet_debug|default(false)}}'
  317. PROCESS_COUNT: '{{docker_puppet_process_count|default(3)}}'
  318. when: step == "1"
  319. changed_when: false
  320. check_mode: no
  321. register: outputs
  322. failed_when: false
  323. no_log: true
  324. become: true
  325. tags:
  326. - container_config
  327. - name: "Debug output for task: Run docker-puppet tasks (generate config) during step {{ step }}"
  328. debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
  329. when: outputs.rc is defined
  330. failed_when: outputs.rc != 0
  331. tags:
  332. - container_config
  333. ##################################################
  334. # Per step starting of the containers using paunch
  335. ##################################################
  336. # Note docker-puppet.py generates the hashed-*.json file, which is a copy of
  337. # the *step_n.json with a hash of the generated external config added
  338. # This acts as a salt to enable restarting the container if config changes
  339. - name: Start containers for step {{step}}
  340. environment:
  341. TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
  342. command: >-
  343. paunch --debug apply
  344. --file /var/lib/tripleo-config/hashed-docker-container-startup-config-step_{{step}}.json
  345. --config-id tripleo_step{{step}} --managed-by tripleo-{{tripleo_role_name}}
  346. changed_when: false
  347. check_mode: no
  348. register: outputs
  349. failed_when: false
  350. no_log: true
  351. become: true
  352. tags:
  353. - container_startup_configs
  354. - name: "Debug output for task: Start containers for step {{ step }}"
  355. debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
  356. when: outputs.rc is defined
  357. failed_when: outputs.rc != 0
  358. tags:
  359. - container_startup_configs
  360. ###############################################################
  361. # Bootstrap tasks, only performed on bootstrap node of the role
  362. ###############################################################
  363. - name: Check if /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json exists
  364. stat:
  365. path: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
  366. register: docker_puppet_tasks_json
  367. become: true
  368. tags:
  369. - container_config_tasks
  370. - name: Run docker-puppet tasks (bootstrap tasks) for step {{step}}
  371. shell: python /var/lib/docker-puppet/docker-puppet.py
  372. environment:
  373. CONFIG: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
  374. NET_HOST: "true"
  375. NO_ARCHIVE: "true"
  376. STEP: "{{step}}"
  377. when: is_bootstrap_node|bool and docker_puppet_tasks_json.stat.exists
  378. changed_when: false
  379. check_mode: no
  380. register: outputs
  381. failed_when: false
  382. no_log: true
  383. become: true
  384. tags:
  385. - container_config_tasks
  386. - name: "Debug output for task: Run docker-puppet tasks (bootstrap tasks) for step {{ step }}"
  387. debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
  388. when: outputs.rc is defined
  389. failed_when: outputs.rc != 0
  390. tags:
  391. - container_config_tasks