327 lines
13 KiB
YAML
327 lines
13 KiB
YAML
# Note the indentation here is required as it's joined
|
|
# to create a playbook in deploy-steps.j2
|
|
|
|
#####################################################
|
|
# Per step puppet configuration of the baremetal host
|
|
#####################################################
|
|
|
|
- name: Write the config_step hieradata
|
|
no_log: True
|
|
copy:
|
|
content: "{{ dict(step=step|int) | to_json }}"
|
|
dest: /etc/puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}hieradata/config_step.json
|
|
force: true
|
|
mode: '0600'
|
|
check_mode: no
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Run puppet host configuration for step {{ step }}
|
|
async: 3600
|
|
poll: 0
|
|
when: enable_puppet|bool
|
|
shell: >-
|
|
set -o pipefail;
|
|
puppet apply {{ host_puppet_config_debug | default('') }}
|
|
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
|
|
--detailed-exitcodes
|
|
--summarize
|
|
--color=false
|
|
{{ ansible_check_mode | bool | ternary('--noop', '') }}
|
|
{{ ansible_check_mode | bool | ternary('--hiera_config /etc/puppet/check-mode/hiera.yaml', '') }}
|
|
/var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp
|
|
2>&1 | logger -s -t puppet-user
|
|
register: puppet_host_async_result
|
|
no_log: true
|
|
tags:
|
|
- host_config
|
|
check_mode: no
|
|
|
|
- name: Wait for puppet host configuration to finish
|
|
async_status:
|
|
jid: "{{ puppet_host_async_result.ansible_job_id }}"
|
|
register: puppet_host_outputs
|
|
until: puppet_host_outputs.finished
|
|
retries: 1200
|
|
delay: 3
|
|
failed_when:
|
|
- (not puppet_host_outputs.finished) or (puppet_host_outputs.rc is defined and puppet_host_outputs.rc not in [0, 2])
|
|
tags:
|
|
- host_config
|
|
|
|
- name: "Debug output for task: Run puppet host configuration for step {{ step }}"
|
|
debug:
|
|
var: puppet_host_outputs.stdout_lines | default([]) | union(puppet_host_outputs.stderr_lines | default([]))
|
|
when:
|
|
- enable_puppet | bool
|
|
- puppet_host_outputs.rc is defined
|
|
changed_when: puppet_host_outputs.rc == 2
|
|
failed_when: puppet_host_outputs.rc not in [0, 2]
|
|
tags:
|
|
- host_config
|
|
ignore_errors: "{{ ansible_check_mode|bool }}"
|
|
|
|
#########################################
|
|
# Pre-cache facts for container-puppet.py
|
|
#########################################
|
|
# We don't want the pre-cache tasks to be skipped in dry-run so we force
|
|
# check_mode to "no".
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1738529
|
|
- name: Pre-cache facts for container-puppet.py
|
|
check_mode: no
|
|
tags:
|
|
- container_config
|
|
- container_config_tasks
|
|
block:
|
|
- name: Create puppet caching structures
|
|
file:
|
|
path: /var/lib/container-puppet/puppetlabs
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
recurse: True
|
|
- name: Check for facter.conf
|
|
check_mode: false
|
|
stat:
|
|
path: "/var/lib/container-puppet/puppetlabs/facter.conf"
|
|
register: _facter_conf_file
|
|
# See LP#1852606 for context
|
|
- name: Remove facter.conf if directory
|
|
check_mode: false
|
|
become: true
|
|
file:
|
|
path: "/var/lib/container-puppet/puppetlabs/facter.conf"
|
|
state: absent
|
|
force: true
|
|
when:
|
|
- _facter_conf_file.stat.isdir is defined
|
|
- _facter_conf_file.stat.isdir
|
|
- name: Write facter cache config
|
|
copy:
|
|
dest: /var/lib/container-puppet/puppetlabs/facter.conf
|
|
content: |
|
|
facts : {
|
|
ttls: [
|
|
{ "kernel" : 8 hour },
|
|
{ "memory" : 8 hour },
|
|
{ "networking" : 8 hour },
|
|
{ "operating system" : 8 hour },
|
|
{ "processor" : 8 hour },
|
|
]
|
|
}
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
- name: Cleanup facter cache if exists
|
|
file:
|
|
path: /opt/puppetlabs/facter
|
|
state: absent
|
|
ignore_errors: True
|
|
- name: Pre-cache facts
|
|
check_mode: false
|
|
command: facter --config /var/lib/container-puppet/puppetlabs/facter.conf
|
|
no_log: True
|
|
ignore_errors: True
|
|
register: _facter_cache_run
|
|
- name: Facter error output when failed
|
|
check_mode: false
|
|
debug:
|
|
msg: "{{ _facter_cache_run.stderr }}"
|
|
when: _facter_cache_run is failed
|
|
- name: Sync cached facts
|
|
check_mode: false
|
|
synchronize:
|
|
src: /opt/puppetlabs/
|
|
dest: /var/lib/container-puppet/puppetlabs/
|
|
delegate_to: "{{ inventory_hostname }}"
|
|
when: _facter_cache_run is succeeded
|
|
|
|
######################################
|
|
# Generate config via container-puppet.py
|
|
######################################
|
|
|
|
- name: Run container-puppet tasks (generate config) during step {{ step }}
|
|
async: 3600
|
|
poll: 0
|
|
shell: "{{ python_cmd }} /var/lib/container-puppet/container-puppet.py"
|
|
environment:
|
|
NET_HOST: 'true'
|
|
DEBUG: '{{ docker_puppet_debug | bool }}'
|
|
PROCESS_COUNT: '{{ docker_puppet_process_count }}'
|
|
CONTAINER_CLI: "{{ container_cli }}"
|
|
CONFIG: '/var/lib/container-puppet/{{ ansible_check_mode | bool | ternary("check-mode/", "") }}container-puppet.json'
|
|
CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | bool | ternary("/check-mode", "") }}'
|
|
CHECK_MODE: '{{ ansible_check_mode | bool | ternary(1, 0) }}'
|
|
STARTUP_CONFIG_PATTERN: '/var/lib/tripleo-config/container-startup-config/*/{{ ansible_check_mode | bool | ternary("check-mode/", "") }}*.json'
|
|
MOUNT_HOST_PUPPET: '{{docker_puppet_mount_host_puppet | default(true)}}'
|
|
CONTAINER_LOG_STDOUT_PATH: "{{ container_log_stdout_path }}"
|
|
CONTAINER_HEALTHCHECK_DISABLED: "{{ container_healthcheck_disabled }}"
|
|
when: step|int == 1
|
|
check_mode: no
|
|
register: generate_config_async_result
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Wait for container-puppet tasks (generate config) to finish
|
|
async_status:
|
|
jid: "{{ generate_config_async_result.ansible_job_id }}"
|
|
register: generate_config_outputs
|
|
until: generate_config_outputs.finished
|
|
retries: 1200
|
|
delay: 3
|
|
when: step|int == 1
|
|
tags:
|
|
- container_config
|
|
|
|
- name: "Debug output for task: Run container-puppet tasks (generate config) during step {{ step }}"
|
|
debug:
|
|
var: generate_config_outputs.stdout_lines | default([]) | union(generate_config_outputs.stderr_lines | default([]))
|
|
when: generate_config_outputs.rc is defined
|
|
failed_when: generate_config_outputs.rc != 0
|
|
tags:
|
|
- container_config
|
|
ignore_errors: "{{ ansible_check_mode|bool }}"
|
|
|
|
- name: Diff container-puppet.py puppet-generated changes for check mode
|
|
shell: |
|
|
diff -ruN --no-dereference -q /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
|
|
diff -ruN --no-dereference /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
|
|
register: diff_results
|
|
tags:
|
|
- container_config
|
|
check_mode: no
|
|
when:
|
|
- step|int == 1
|
|
- ansible_check_mode|bool
|
|
- ansible_diff_mode
|
|
failed_when: false
|
|
changed_when: diff_results.rc == 1
|
|
|
|
- name: Diff container-puppet.py puppet-generated changes for check mode
|
|
debug:
|
|
var: diff_results.stdout_lines
|
|
changed_when: diff_results.rc == 1
|
|
when:
|
|
- step|int == 1
|
|
- ansible_check_mode|bool
|
|
- ansible_diff_mode
|
|
tags:
|
|
- container_config
|
|
|
|
##################################################
|
|
# Per step starting of the containers using paunch
|
|
##################################################
|
|
|
|
# Note container-puppet.py generates the hashed-*.json file, which is a copy of
|
|
# the *step_n.json with a hash of the generated external config added
|
|
# This acts as a salt to enable restarting the container if config changes
|
|
- name: Start containers for step {{ step }} using paunch
|
|
async: 3600
|
|
poll: 0
|
|
environment:
|
|
TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
|
|
paunch:
|
|
config: "/var/lib/tripleo-config/container-startup-config/step_{{ step }}"
|
|
config_id: "tripleo_step{{ step }}"
|
|
action: apply
|
|
container_cli: "{{ container_cli }}"
|
|
container_log_stdout_path: "{{ container_log_stdout_path }}"
|
|
healthcheck_disabled: "{{ container_healthcheck_disabled | bool }}"
|
|
managed_by: "tripleo-{{ tripleo_role_name }}"
|
|
debug: "{{ enable_debug | bool }}"
|
|
register: outputs
|
|
failed_when: false
|
|
when: enable_paunch|default(true)
|
|
register: start_containers_async_result
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Wait for containers to start for step {{ step }} using paunch
|
|
async_status:
|
|
jid: "{{ start_containers_async_result.ansible_job_id }}"
|
|
register: start_containers_outputs
|
|
until: start_containers_outputs.finished
|
|
retries: 1200
|
|
delay: 3
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: "Debug output for task: Start containers for step {{ step }}"
|
|
debug:
|
|
var: start_containers_outputs.stdout_lines | default([]) | union(start_containers_outputs.stderr_lines | default([]))
|
|
when: start_containers_outputs.rc is defined
|
|
failed_when: start_containers_outputs.rc != 0
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
########################################################
|
|
# Bootstrap tasks - run any tasks that have been defined
|
|
########################################################
|
|
|
|
- name: "Clean container_puppet_tasks for {{ansible_hostname}} step {{step}}"
|
|
file:
|
|
path: /var/lib/container-puppet/container-puppet-tasks{{step}}.json
|
|
state: absent
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Calculate container_puppet_tasks for {{ansible_hostname}} step {{step}}
|
|
set_fact:
|
|
host_container_puppet_tasks: "{{host_container_puppet_tasks|default([]) + [item]}}"
|
|
loop: "{{container_puppet_tasks.get('step_' + step, [])}}"
|
|
when: (groups[item.service_name] | default ([]) | map('extract', hostvars, 'inventory_hostname') | sort | first) == ansible_hostname
|
|
vars:
|
|
container_puppet_tasks: "{{ lookup('file', tripleo_role_name + '/container_puppet_tasks.yaml', errors='ignore') | default({}, True) | from_yaml }}"
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Write container-puppet-tasks json file for {{ansible_hostname}} step {{step}}
|
|
no_log: True
|
|
copy:
|
|
content: "{{host_container_puppet_tasks|to_nice_json}}"
|
|
dest: "/var/lib/container-puppet/container-puppet-tasks{{step}}.json"
|
|
force: yes
|
|
mode: '0600'
|
|
tags:
|
|
- container_config_tasks
|
|
when: host_container_puppet_tasks is defined
|
|
|
|
- name: Run container-puppet tasks (bootstrap tasks) for step {{ step }}
|
|
async: 3600
|
|
poll: 0
|
|
shell: "{{ python_cmd }} /var/lib/container-puppet/container-puppet.py"
|
|
environment:
|
|
CONFIG: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet-tasks{{ step }}.json
|
|
CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | bool | ternary("/check-mode", "") }}'
|
|
NET_HOST: "true"
|
|
NO_ARCHIVE: "true"
|
|
STEP: "{{ step }}"
|
|
CONTAINER_CLI: "{{ container_cli }}"
|
|
DEBUG: "{{ docker_puppet_debug }}"
|
|
MOUNT_HOST_PUPPET: '{{docker_puppet_mount_host_puppet}}'
|
|
when: host_container_puppet_tasks is defined
|
|
register: bootstrap_tasks_async_result
|
|
no_log: true
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Wait for container-puppet tasks (bootstrap tasks) for step {{ step }} to finish
|
|
async_status:
|
|
jid: "{{ bootstrap_tasks_async_result.ansible_job_id }}"
|
|
register: bootstrap_tasks_outputs
|
|
until: bootstrap_tasks_outputs.finished
|
|
retries: 1200
|
|
delay: 3
|
|
when: host_container_puppet_tasks is defined
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: "Debug output for task: Run container-puppet tasks (bootstrap tasks) for step {{ step }}"
|
|
debug:
|
|
var: bootstrap_tasks_outputs.stdout_lines | default([]) | union(bootstrap_tasks_outputs.stderr_lines | default([]))
|
|
when:
|
|
- host_container_puppet_tasks is defined
|
|
- bootstrap_tasks_outputs.rc is defined
|
|
failed_when: bootstrap_tasks_outputs.rc != 0
|
|
tags:
|
|
- container_config_tasks
|