openstack/tripleo-heat-templates
Code Issues Proposed changes
Files
3bdf0c980f046a61b652bcfc9ee1798f31abe577
tripleo-heat-templates/common/deploy-steps-tasks.yaml
T
Alex Schultz e8e9965eb7 Don't fail hard when facter cache doesn't work correctly 
Since the facter cache is supposed to be a help but not necessarily a
hard requirement, let's make sure the tasks don't fail if something goes
wrong. We should output the error if the facter execution fails, but we
don't want to always output it.

Change-Id: I58d42c74295f031b260c0b67dbc12336fc31db1f
Related-Bug: #1852606
(cherry picked from 79f41d1d41a23b8b851410a912fd352c5e6fac32)
2019-11-22 14:08:56 -07:00

343 lines
13 KiB
YAML
Raw Blame History

# Note the indentation here is required as it's joined
# to create a playbook in deploy-steps.j2
##################################################
# Step 1 block, write data for subsequent steps
##################################################
- name: gather facts needed by role
setup:
gather_subset: "!min,python"
when: ansible_python is not defined
tags:
- container_config_tasks
- name: set python_cmd
set_fact:
python_cmd: "python{{ ansible_python.version.major }}"
cacheable: true
when: python_cmd is not defined
tags:
- container_config_tasks
#####################################################
# Per step puppet configuration of the baremetal host
#####################################################
- name: Set host puppet debugging fact string
set_fact:
host_puppet_config_debug: "--debug --verbose"
when:
- enable_puppet | bool
- enable_debug | bool
tags:
- host_config
- name: Check for /etc/puppet/check-mode directory for check mode
stat:
path: /etc/puppet/check-mode
register: check_mode_dir
when: ansible_check_mode|bool
tags:
- host_config
- container_config
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
file:
path: /etc/puppet/check-mode/hieradata
state: directory
setype: svirt_sandbox_file_t
selevel: s0
recurse: true
check_mode: no
when:
- ansible_check_mode|bool
- not check_mode_dir.stat.exists
tags:
- host_config
- container_config
- name: Write the config_step hieradata
no_log: True
copy:
content: "{{ dict(step=step|int) | to_json }}"
dest: /etc/puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}hieradata/config_step.json
force: true
mode: '0600'
check_mode: no
tags:
- host_config
- name: Create puppet check-mode files if they don't exist for check mode
shell: |
cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
sed -i 's/\/etc\/puppet\/hieradata/\/etc\/puppet\/check-mode\/hieradata/' /etc/puppet/check-mode/hiera.yaml
when:
- ansible_check_mode|bool
- not check_mode_dir.stat.exists
check_mode: no
tags:
- host_config
- container_config
- name: Run puppet host configuration for step {{ step }}
when: enable_puppet|bool
shell: >-
set -o pipefail;
puppet apply {{ host_puppet_config_debug | default('') }}
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
--detailed-exitcodes
--summarize
--color=false
{{ ansible_check_mode | bool | ternary('--noop', '') }}
{{ ansible_check_mode | bool | ternary('--hiera_config /etc/puppet/check-mode/hiera.yaml', '') }}
/var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp
2>&1 | logger -s -t puppet-user
changed_when: outputs.rc == 2
register: outputs
failed_when: false
no_log: true
tags:
- host_config
check_mode: no
- name: "Debug output for task: Run puppet host configuration for step {{ step }}"
debug:
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
when:
- enable_puppet | bool
- outputs.rc is defined
failed_when: outputs.rc not in [0, 2]
tags:
- host_config
ignore_errors: "{{ ansible_check_mode|bool }}"
#########################################
# Pre-cache facts for container-puppet.py
#########################################
# We don't want the pre-cache tasks to be skipped in dry-run so we force
# check_mode to "no".
# https://bugzilla.redhat.com/show_bug.cgi?id=1738529
- name: Pre-cache facts for container-puppet.py
check_mode: no
tags:
- container_config
- container_config_tasks
block:
- name: Create puppet caching structures
file:
path: /var/lib/container-puppet/puppetlabs
state: directory
setype: svirt_sandbox_file_t
selevel: s0
recurse: True
- name: Check for facter.conf
check_mode: false
stat:
path: "/var/lib/container-puppet/puppetlabs/facter.conf"
register: _facter_conf_file
# See LP#1852606 for context
- name: Remove facter.conf if directory
check_mode: false
become: true
file:
path: "/var/lib/container-puppet/puppetlabs/facter.conf"
state: absent
force: true
when:
- _facter_conf_file.stat.isdir is defined
- _facter_conf_file.stat.isdir
- name: Write facter cache config
copy:
dest: /var/lib/container-puppet/puppetlabs/facter.conf
content: |
facts : {
ttls: [
{ "kernel" : 8 hour },
{ "memory" : 8 hour },
{ "networking" : 8 hour },
{ "operating system" : 8 hour },
{ "processor" : 8 hour },
]
}
setype: svirt_sandbox_file_t
selevel: s0
- name: Cleanup facter cache if exists
file:
path: /opt/puppetlabs/facter
state: absent
ignore_errors: True
- name: Pre-cache facts
check_mode: false
command: facter --config /var/lib/container-puppet/puppetlabs/facter.conf
no_log: True
ignore_errors: True
register: _facter_cache_run
- name: Facter error output when failed
check_mode: false
debug:
msg: "{{ _facter_cache_run.stderr }}"
when: _facter_cache_run is failed
- name: Sync cached facts
check_mode: false
synchronize:
src: /opt/puppetlabs/
dest: /var/lib/container-puppet/puppetlabs/
delegate_to: "{{ inventory_hostname }}"
when: _facter_cache_run is succeeded
######################################
# Generate config via container-puppet.py
######################################
- name: Run container-puppet tasks (generate config) during step {{ step }}
shell: "{{ python_cmd }} /var/lib/container-puppet/container-puppet.py"
environment:
NET_HOST: 'true'
DEBUG: '{{ docker_puppet_debug | bool }}'
PROCESS_COUNT: '{{ docker_puppet_process_count }}'
CONTAINER_CLI: "{{ container_cli }}"
CONFIG: '/var/lib/container-puppet/{{ ansible_check_mode | bool | ternary("check-mode/", "") }}container-puppet.json'
CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | bool | ternary("/check-mode", "") }}'
CHECK_MODE: '{{ ansible_check_mode | bool | ternary(1, 0) }}'
STARTUP_CONFIG_PATTERN: '/var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary("check-mode/", "") }}container-startup-config-step_*.json'
MOUNT_HOST_PUPPET: '{{docker_puppet_mount_host_puppet | default(true)}}'
CONTAINER_LOG_STDOUT_PATH: "{{ container_log_stdout_path }}"
CONTAINER_HEALTHCHECK_DISABLED: "{{ container_healthcheck_disabled }}"
when: step|int == 1
changed_when: false
check_mode: no
register: outputs
failed_when: false
no_log: true
tags:
- container_config
- name: "Debug output for task: Run container-puppet tasks (generate config) during step {{ step }}"
debug:
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
when: outputs.rc is defined
failed_when: outputs.rc != 0
tags:
- container_config
ignore_errors: "{{ ansible_check_mode|bool }}"
- name: Diff container-puppet.py puppet-generated changes for check mode
shell: |
diff -ruN --no-dereference -q /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
diff -ruN --no-dereference /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
register: diff_results
tags:
- container_config
check_mode: no
when:
- step|int == 1
- ansible_check_mode|bool
- ansible_diff_mode
failed_when: false
changed_when: diff_results.rc == 1
- name: Diff container-puppet.py puppet-generated changes for check mode
debug:
var: diff_results.stdout_lines
changed_when: diff_results.rc == 1
when:
- step|int == 1
- ansible_check_mode|bool
- ansible_diff_mode
tags:
- container_config
##################################################
# Per step starting of the containers using paunch
##################################################
# Note container-puppet.py generates the hashed-*.json file, which is a copy of
# the *step_n.json with a hash of the generated external config added
# This acts as a salt to enable restarting the container if config changes
- name: Start containers for step {{ step }} using paunch
environment:
TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
paunch:
config: "/var/lib/tripleo-config/hashed-container-startup-config-step_{{ step }}.json"
config_id: "tripleo_step{{ step }}"
action: apply
container_cli: "{{ container_cli }}"
container_log_stdout_path: "{{ container_log_stdout_path }}"
healthcheck_disabled: "{{ container_healthcheck_disabled | bool }}"
managed_by: "tripleo-{{ tripleo_role_name }}"
debug: "{{ enable_debug | bool }}"
register: outputs
failed_when: false
when: enable_paunch|default(true)
tags:
- container_startup_configs
- name: "Debug output for task: Start containers for step {{ step }}"
debug:
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
when:
- enable_paunch|default(true)
- outputs.rc is defined
failed_when: outputs.rc != 0
tags:
- container_startup_configs
########################################################
# Bootstrap tasks - run any tasks that have been defined
########################################################
- name: "Clean container_puppet_tasks for {{ansible_hostname}} step {{step}}"
file:
path: /var/lib/container-puppet/container-puppet-tasks{{step}}.json
state: absent
tags:
- container_config_tasks
- name: Calculate container_puppet_tasks for {{ansible_hostname}} step {{step}}
set_fact:
host_container_puppet_tasks: "{{host_container_puppet_tasks|default([]) + [item]}}"
loop: "{{container_puppet_tasks.get('step_' + step, [])}}"
when: (groups[item.service_name] | default ([]) | map('extract', hostvars, 'inventory_hostname') | sort | first) == ansible_hostname
vars:
container_puppet_tasks: "{{ lookup('file', tripleo_role_name + '/container_puppet_tasks.yaml', errors='ignore') | default({}, True) | from_yaml }}"
tags:
- container_config_tasks
- name: Write container-puppet-tasks json file for {{ansible_hostname}} step {{step}}
no_log: True
copy:
content: "{{host_container_puppet_tasks|to_nice_json}}"
dest: "/var/lib/container-puppet/container-puppet-tasks{{step}}.json"
force: yes
mode: '0600'
tags:
- container_config_tasks
when: host_container_puppet_tasks is defined
- name: Run container-puppet tasks (bootstrap tasks) for step {{ step }}
shell: "{{ python_cmd }} /var/lib/container-puppet/container-puppet.py"
environment:
CONFIG: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet-tasks{{ step }}.json
CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | bool | ternary("/check-mode", "") }}'
NET_HOST: "true"
NO_ARCHIVE: "true"
STEP: "{{ step }}"
CONTAINER_CLI: "{{ container_cli }}"
DEBUG: "{{ docker_puppet_debug }}"
MOUNT_HOST_PUPPET: '{{docker_puppet_mount_host_puppet}}'
when: host_container_puppet_tasks is defined
changed_when: false
register: outputs
failed_when: false
no_log: true
tags:
- container_config_tasks
- name: "Debug output for task: Run container-puppet tasks (bootstrap tasks) for step {{ step }}"
debug:
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
when: outputs.rc is defined
failed_when: outputs.rc != 0
tags:
- container_config_tasks
View Git Blame Copy Permalink