Heat templates for deploying OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

334 lines
13KB

  1. # Note the indentation here is required as it's joined
  2. # to create a playbook in deploy-steps.j2
  3. ##################################################
  4. # Step 1 block, write data for subsequent steps
  5. ##################################################
  6. - name: gather facts needed by role
  7. setup:
  8. gather_subset: "!min,python"
  9. when: ansible_python is not defined
  10. tags:
  11. - container_config_tasks
  12. - name: set python_cmd
  13. set_fact:
  14. python_cmd: "python{{ ansible_python.version.major }}"
  15. cacheable: true
  16. when: python_cmd is not defined
  17. tags:
  18. - container_config_tasks
  19. #####################################################
  20. # Per step puppet configuration of the baremetal host
  21. #####################################################
  22. - name: Set host puppet debugging fact string
  23. set_fact:
  24. host_puppet_config_debug: "--debug --verbose"
  25. when:
  26. - enable_puppet | bool
  27. - enable_debug | bool
  28. tags:
  29. - host_config
  30. - name: Check for /etc/puppet/check-mode directory for check mode
  31. stat:
  32. path: /etc/puppet/check-mode
  33. register: check_mode_dir
  34. when: ansible_check_mode|bool
  35. tags:
  36. - host_config
  37. - container_config
  38. - name: Create /etc/puppet/check-mode/hieradata directory for check mode
  39. file:
  40. path: /etc/puppet/check-mode/hieradata
  41. state: directory
  42. setype: svirt_sandbox_file_t
  43. selevel: s0
  44. recurse: true
  45. check_mode: no
  46. when:
  47. - ansible_check_mode|bool
  48. - not check_mode_dir.stat.exists
  49. tags:
  50. - host_config
  51. - container_config
  52. - name: Write the config_step hieradata
  53. no_log: True
  54. copy:
  55. content: "{{ dict(step=step|int) | to_json }}"
  56. dest: /etc/puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}hieradata/config_step.json
  57. force: true
  58. mode: '0600'
  59. check_mode: no
  60. tags:
  61. - host_config
  62. - name: Create puppet check-mode files if they don't exist for check mode
  63. shell: |
  64. cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
  65. cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
  66. sed -i 's/\/etc\/puppet\/hieradata/\/etc\/puppet\/check-mode\/hieradata/' /etc/puppet/check-mode/hiera.yaml
  67. when:
  68. - ansible_check_mode|bool
  69. - not check_mode_dir.stat.exists
  70. check_mode: no
  71. tags:
  72. - host_config
  73. - container_config
  74. - name: Run puppet host configuration for step {{ step }}
  75. when: enable_puppet|bool
  76. shell: >-
  77. set -o pipefail;
  78. puppet apply {{ host_puppet_config_debug | default('') }}
  79. --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
  80. --detailed-exitcodes
  81. --summarize
  82. --color=false
  83. {{ ansible_check_mode | bool | ternary('--noop', '') }}
  84. {{ ansible_check_mode | bool | ternary('--hiera_config /etc/puppet/check-mode/hiera.yaml', '') }}
  85. /var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp
  86. 2>&1 | logger -s -t puppet-user
  87. changed_when: outputs.rc == 2
  88. register: outputs
  89. failed_when: false
  90. no_log: true
  91. tags:
  92. - host_config
  93. check_mode: no
  94. - name: "Debug output for task: Run puppet host configuration for step {{ step }}"
  95. debug:
  96. var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
  97. when:
  98. - enable_puppet | bool
  99. - outputs.rc is defined
  100. failed_when: outputs.rc not in [0, 2]
  101. tags:
  102. - host_config
  103. ignore_errors: "{{ ansible_check_mode|bool }}"
  104. #########################################
  105. # Pre-cache facts for container-puppet.py
  106. #########################################
  107. # We don't want the pre-cache tasks to be skipped in dry-run so we force
  108. # check_mode to "no".
  109. # https://bugzilla.redhat.com/show_bug.cgi?id=1738529
  110. - name: Pre-cache facts for container-puppet.py
  111. check_mode: no
  112. tags:
  113. - container_config
  114. - container_config_tasks
  115. block:
  116. - name: Create puppet caching structures
  117. file:
  118. path: /var/lib/container-puppet/puppetlabs
  119. state: directory
  120. setype: svirt_sandbox_file_t
  121. selevel: s0
  122. recurse: True
  123. - name: Check for facter.conf
  124. check_mode: false
  125. stat:
  126. path: "/var/lib/container-puppet/puppetlabs/facter.conf"
  127. register: _facter_conf_file
  128. # See LP#1852606 for context
  129. - name: Remove facter.conf if directory
  130. check_mode: false
  131. become: true
  132. file:
  133. path: "/var/lib/container-puppet/puppetlabs/facter.conf"
  134. state: absent
  135. force: true
  136. when:
  137. - _facter_conf_file.stat.isdir is defined
  138. - _facter_conf_file.stat.isdir
  139. - name: Write facter cache config
  140. copy:
  141. dest: /var/lib/container-puppet/puppetlabs/facter.conf
  142. content: |
  143. facts : {
  144. ttls: [
  145. { "kernel" : 8 hour },
  146. { "memory" : 8 hour },
  147. { "networking" : 8 hour },
  148. { "operating system" : 8 hour },
  149. { "processor" : 8 hour },
  150. ]
  151. }
  152. setype: svirt_sandbox_file_t
  153. selevel: s0
  154. - name: Cleanup facter cache if exists
  155. file:
  156. path: /opt/puppetlabs/facter
  157. state: absent
  158. ignore_errors: True
  159. - name: Pre-cache facts
  160. command: facter --config /var/lib/container-puppet/puppetlabs/facter.conf
  161. no_log: True
  162. ignore_errors: True
  163. - name: Sync cached facts
  164. synchronize:
  165. src: /opt/puppetlabs/
  166. dest: /var/lib/container-puppet/puppetlabs/
  167. delegate_to: "{{ inventory_hostname }}"
  168. ######################################
  169. # Generate config via container-puppet.py
  170. ######################################
  171. - name: Run container-puppet tasks (generate config) during step {{ step }}
  172. shell: "{{ python_cmd }} /var/lib/container-puppet/container-puppet.py"
  173. environment:
  174. NET_HOST: 'true'
  175. DEBUG: '{{ docker_puppet_debug | bool }}'
  176. PROCESS_COUNT: '{{ docker_puppet_process_count }}'
  177. CONTAINER_CLI: "{{ container_cli }}"
  178. CONFIG: '/var/lib/container-puppet/{{ ansible_check_mode | bool | ternary("check-mode/", "") }}container-puppet.json'
  179. CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | bool | ternary("/check-mode", "") }}'
  180. CHECK_MODE: '{{ ansible_check_mode | bool | ternary(1, 0) }}'
  181. STARTUP_CONFIG_PATTERN: '/var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary("check-mode/", "") }}container-startup-config-step_*.json'
  182. MOUNT_HOST_PUPPET: '{{docker_puppet_mount_host_puppet | default(true)}}'
  183. CONTAINER_LOG_STDOUT_PATH: "{{ container_log_stdout_path }}"
  184. CONTAINER_HEALTHCHECK_DISABLED: "{{ container_healthcheck_disabled }}"
  185. when: step|int == 1
  186. changed_when: false
  187. check_mode: no
  188. register: outputs
  189. failed_when: false
  190. no_log: true
  191. tags:
  192. - container_config
  193. - name: "Debug output for task: Run container-puppet tasks (generate config) during step {{ step }}"
  194. debug:
  195. var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
  196. when: outputs.rc is defined
  197. failed_when: outputs.rc != 0
  198. tags:
  199. - container_config
  200. ignore_errors: "{{ ansible_check_mode|bool }}"
  201. - name: Diff container-puppet.py puppet-generated changes for check mode
  202. shell: |
  203. diff -ruN --no-dereference -q /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
  204. diff -ruN --no-dereference /var/lib/config-data/puppet-generated /var/lib/config-data/check-mode/puppet-generated
  205. register: diff_results
  206. tags:
  207. - container_config
  208. check_mode: no
  209. when:
  210. - step|int == 1
  211. - ansible_check_mode|bool
  212. - ansible_diff_mode
  213. failed_when: false
  214. changed_when: diff_results.rc == 1
  215. - name: Diff container-puppet.py puppet-generated changes for check mode
  216. debug:
  217. var: diff_results.stdout_lines
  218. changed_when: diff_results.rc == 1
  219. when:
  220. - step|int == 1
  221. - ansible_check_mode|bool
  222. - ansible_diff_mode
  223. tags:
  224. - container_config
  225. ##################################################
  226. # Per step starting of the containers using paunch
  227. ##################################################
  228. # Note container-puppet.py generates the hashed-*.json file, which is a copy of
  229. # the *step_n.json with a hash of the generated external config added
  230. # This acts as a salt to enable restarting the container if config changes
  231. - name: Start containers for step {{ step }} using paunch
  232. environment:
  233. TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
  234. paunch:
  235. config: "/var/lib/tripleo-config/hashed-container-startup-config-step_{{ step }}.json"
  236. config_id: "tripleo_step{{ step }}"
  237. action: apply
  238. container_cli: "{{ container_cli }}"
  239. container_log_stdout_path: "{{ container_log_stdout_path }}"
  240. healthcheck_disabled: "{{ container_healthcheck_disabled | bool }}"
  241. managed_by: "tripleo-{{ tripleo_role_name }}"
  242. debug: "{{ enable_debug | bool }}"
  243. register: outputs
  244. failed_when: false
  245. when: enable_paunch|default(true)
  246. tags:
  247. - container_startup_configs
  248. - name: "Debug output for task: Start containers for step {{ step }}"
  249. debug:
  250. var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
  251. when:
  252. - enable_paunch|default(true)
  253. - outputs.rc is defined
  254. failed_when: outputs.rc != 0
  255. tags:
  256. - container_startup_configs
  257. ########################################################
  258. # Bootstrap tasks - run any tasks that have been defined
  259. ########################################################
  260. - name: "Clean container_puppet_tasks for {{ansible_hostname}} step {{step}}"
  261. file:
  262. path: /var/lib/container-puppet/container-puppet-tasks{{step}}.json
  263. state: absent
  264. tags:
  265. - container_config_tasks
  266. - name: Calculate container_puppet_tasks for {{ansible_hostname}} step {{step}}
  267. set_fact:
  268. host_container_puppet_tasks: "{{host_container_puppet_tasks|default([]) + [item]}}"
  269. loop: "{{container_puppet_tasks.get('step_' + step, [])}}"
  270. when: (groups[item.service_name] | default ([]) | map('extract', hostvars, 'inventory_hostname') | sort | first) == ansible_hostname
  271. vars:
  272. container_puppet_tasks: "{{ lookup('file', tripleo_role_name + '/container_puppet_tasks.yaml', errors='ignore') | default({}, True) | from_yaml }}"
  273. tags:
  274. - container_config_tasks
  275. - name: Write container-puppet-tasks json file for {{ansible_hostname}} step {{step}}
  276. no_log: True
  277. copy:
  278. content: "{{host_container_puppet_tasks|to_nice_json}}"
  279. dest: "/var/lib/container-puppet/container-puppet-tasks{{step}}.json"
  280. force: yes
  281. mode: '0600'
  282. tags:
  283. - container_config_tasks
  284. when: host_container_puppet_tasks is defined
  285. - name: Run container-puppet tasks (bootstrap tasks) for step {{ step }}
  286. shell: "{{ python_cmd }} /var/lib/container-puppet/container-puppet.py"
  287. environment:
  288. CONFIG: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet-tasks{{ step }}.json
  289. CONFIG_VOLUME_PREFIX: '/var/lib/config-data{{ ansible_check_mode | bool | ternary("/check-mode", "") }}'
  290. NET_HOST: "true"
  291. NO_ARCHIVE: "true"
  292. STEP: "{{ step }}"
  293. CONTAINER_CLI: "{{ container_cli }}"
  294. DEBUG: "{{ docker_puppet_debug }}"
  295. MOUNT_HOST_PUPPET: '{{docker_puppet_mount_host_puppet}}'
  296. when: host_container_puppet_tasks is defined
  297. changed_when: false
  298. register: outputs
  299. failed_when: false
  300. no_log: true
  301. tags:
  302. - container_config_tasks
  303. - name: "Debug output for task: Run container-puppet tasks (bootstrap tasks) for step {{ step }}"
  304. debug:
  305. var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
  306. when: outputs.rc is defined
  307. failed_when: outputs.rc != 0
  308. tags:
  309. - container_config_tasks