tripleo-heat-templates/common/deploy-steps-tasks-step-1.yaml
Jose Luis Franco Arza 6c45e3e8c0 Update container-config-scripts/ folder content before update_tasks.
Currently, multiple scripts are being stored in
/var/lib/container-config-scripts directory if any of theses scripts
are being used during the update_tasks the content won't be up to
date (or the script will be fully missing if added in a new release),
as the content of this folder is being updated during the deploy tasks
(step 1), which occurs after all the update_tasks.

This patch gathers the tasks responsible for the folder creation and
content update into a new playbook named common_container_config_scripts.yaml,
this way we can reference the tasks from the deploy-tasks step1 playbook
(as it was happening up to now) and invoke them before the update_tasks
playbook gets called.

Change-Id: I2ac6bb98e1d4183327e888240fc8d5a70e0d6fcb
Related-Bug: #1904193
(cherry picked from commit bb8cb15d20)
2021-01-06 07:38:56 +00:00

317 lines
8.2 KiB
YAML

- name: Create and ensure setype for /var/log/containers directory
become: true
file:
path: /var/log/containers
state: directory
setype: container_file_t
selevel: s0
mode: 0750
tags:
- host_config
- name: Create ContainerLogStdoutPath directory
become: true
file:
path: "{{ container_log_stdout_path }}"
state: directory
selevel: s0
tags:
- host_config
- name: Create /var/lib/tripleo-config directory
become: true
file:
path: /var/lib/tripleo-config
state: directory
setype: container_file_t
selevel: s0
recurse: true
tags:
- host_config
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
- name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode
become: true
file:
path: /var/lib/tripleo-config/check-mode
state: absent
tags:
- host_config
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
when:
- ansible_check_mode|bool
check_mode: no
- name: Create /var/lib/tripleo-config/check-mode directory for check mode
become: true
file:
path: /var/lib/tripleo-config/check-mode
state: directory
setype: container_file_t
selevel: s0
recurse: true
tags:
- host_config
- container_config
- container_config_tasks
- container_config_scripts
- container_startup_configs
when:
- ansible_check_mode|bool
check_mode: no
# Puppet manifest for baremetal host configuration
- name: Write the puppet step_config manifest
become: true
no_log: True
copy:
content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}"
dest: /var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp
force: yes
mode: '0600'
tags:
- host_config
check_mode: no
diff: no
- name: Diff puppet step_config manifest changes for check mode
command:
diff -uN /var/lib/tripleo-config/puppet_step_config.pp /var/lib/tripleo-config/check-mode/puppet_step_config.pp
register: diff_results
tags:
- host_config
check_mode: no
when:
- ansible_check_mode|bool
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff puppet step_config manifest changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- ansible_check_mode|bool
- ansible_diff_mode
tags:
- host_config
# Puppet Containers Config directory used to generate container configs
- name: Create /var/lib/container-puppet
become: true
file:
path: /var/lib/container-puppet
state: directory
setype: container_file_t
selevel: s0
tags:
- container_config
- container_config_tasks
- name: Delete existing /var/lib/container-puppet/check-mode for check mode
become: true
file:
path: /var/lib/container-puppet/check-mode
state: absent
tags:
- container_config
check_mode: no
when:
- ansible_check_mode|bool
- name: Create /var/lib/container-puppet/check-mode for check mode
become: true
file:
path: /var/lib/container-puppet/check-mode
state: directory
setype: container_file_t
selevel: s0
tags:
- container_config
check_mode: no
when:
- ansible_check_mode|bool
- name: Write container-puppet.json file
become: true
no_log: True
copy:
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}"
dest: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet.json
force: yes
mode: '0600'
tags:
- container_config
check_mode: no
diff: no
- name: Diff container-puppet.json changes for check mode
command:
diff -uN /var/lib/container-puppet/container-puppet.json /var/lib/container-puppet/check-mode/container-puppet.json
register: diff_results
tags:
- container_config
check_mode: no
when:
- ansible_check_mode|bool
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff container-puppet.json changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- ansible_check_mode|bool
- ansible_diff_mode
tags:
- container_config
# The container config files
# /var/lib/container-startup-configs.json is removed as we now write
# per-step files instead
- name: Clean old /var/lib/container-startup-configs.json file
become: true
file:
path: /var/lib/container-startup-configs.json
state: absent
tags:
- container_startup_configs
# For legacy, can be removed in Train cycle
- name: Clean old /var/lib/docker-container-startup-configs.json file
become: true
file:
path: /var/lib/docker-container-startup-configs.json
state: absent
tags:
- container_startup_configs
- import_tasks: common_container_config_scripts.yaml
# This file location is deprecated and the new location is now:
# /var/lib/tripleo-config/container-startup-config/step_X/<container_name>.json
# Can be removed in V cycle
- name: Write /var/lib/tripleo-config/container-startup-config-readme.txt
become: true
no_log: True
copy:
content: "Container startup configs moved to /var/lib/tripleo-config/container-startup-config"
dest: /var/lib/tripleo-config/container-startup-config-readme.txt
force: yes
mode: '0600'
tags:
- container_startup_configs
- name: Generate startup configs files per step and per container
become: true
container_startup_config:
config_base_dir: /var/lib/tripleo-config/container-startup-config
config_data: "{{ lookup('file', (tripleo_role_name + '/docker_config.yaml'), errors='ignore') | default({}, True) | from_yaml }}"
tags:
- container_startup_configs
- name: Ensure config hashes are up-to-date for container startup configs
become: true
container_puppet_config:
update_config_hash_only: true
tags:
- container_startup_configs
- name: Create /var/lib/kolla/config_files directory
become: true
file:
path: /var/lib/kolla/config_files
state: directory
setype: container_file_t
selevel: s0
recurse: true
tags:
- container_startup_configs
- name: Create /var/lib/config-data directory
become: true
file:
path: /var/lib/config-data
state: directory
setype: container_file_t
selevel: s0
- name: Write container config json files
become: true
tripleo_container_configs:
config_data: "{{ lookup('file', tripleo_role_name + '/kolla_config.yaml', errors='ignore') | default({}, True) | from_yaml }}"
tags:
- container_startup_configs
- name: gather facts needed by role
setup:
gather_subset: "!min,python"
when: ansible_python is not defined
tags:
- container_config_tasks
- name: set python_cmd
set_fact:
python_cmd: "python{{ ansible_python.version.major }}"
cacheable: true
when: python_cmd is not defined
tags:
- container_config_tasks
- name: Set host puppet debugging fact string
set_fact:
host_puppet_config_debug: "--debug --verbose"
when:
- enable_puppet | bool
- enable_debug | bool
tags:
- host_config
- name: Check for /etc/puppet/check-mode directory for check mode
stat:
path: /etc/puppet/check-mode
register: check_mode_dir
when: ansible_check_mode|bool
tags:
- host_config
- container_config
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
become: true
file:
path: /etc/puppet/check-mode/hieradata
state: directory
setype: container_file_t
selevel: s0
recurse: true
check_mode: no
when:
- ansible_check_mode|bool
- not check_mode_dir.stat.exists
tags:
- host_config
- container_config
- name: Create puppet check-mode files if they don't exist for check mode
become: true
shell: |
cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
sed -i 's/\/etc\/puppet\/hieradata/\/etc\/puppet\/check-mode\/hieradata/' /etc/puppet/check-mode/hiera.yaml
when:
- ansible_check_mode|bool
- not check_mode_dir.stat.exists
check_mode: no
tags:
- host_config
- container_config