467 lines
17 KiB
YAML
467 lines
17 KiB
YAML
# Note the indentation here is required as it's joined
|
|
# to create a playbook in deploy-steps.j2
|
|
|
|
# Identify if we are bootstrap node of this role
|
|
# We expect hieradata was already written in pre_deployments
|
|
- name: get bootstrap nodeid
|
|
tags: common
|
|
command: hiera -c /etc/puppet/hiera.yaml bootstrap_nodeid
|
|
register: bootstrap_node
|
|
- name: set is_bootstrap_node fact
|
|
tags: common
|
|
set_fact:
|
|
is_bootstrap_node={{bootstrap_node.stdout|lower == ansible_hostname|lower}}
|
|
|
|
##################################################
|
|
# Step 1 block, write data for subsequent steps
|
|
##################################################
|
|
|
|
- name: Write config data at the start of step 1
|
|
when: step == "1"
|
|
become: true
|
|
block:
|
|
- name: Create and ensure setype for /var/log/containers directory
|
|
file:
|
|
path: /var/log/containers
|
|
state: directory
|
|
setype: var_log_t
|
|
selevel: s0
|
|
mode: 0750
|
|
tags:
|
|
- host_config
|
|
- container_config
|
|
- container_config_tasks
|
|
- container_config_scripts
|
|
- container_startup_configs
|
|
|
|
- name: Create /var/lib/tripleo-config directory
|
|
file: path=/var/lib/tripleo-config state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
|
|
tags:
|
|
- host_config
|
|
- container_config
|
|
- container_config_tasks
|
|
- container_config_scripts
|
|
- container_startup_configs
|
|
|
|
# Puppet manifest for baremetal host configuration
|
|
- name: Check if puppet step_config.pp manifest exists
|
|
delegate_to: localhost
|
|
become: false
|
|
stat:
|
|
path: "{{ tripleo_role_name + '/step_config.pp' }}"
|
|
register: stat_step_config
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Set fact when file existed
|
|
no_log: True
|
|
set_fact:
|
|
role_data_step_config: "{{lookup('file', tripleo_role_name + '/step_config.pp')}}"
|
|
when: stat_step_config.stat.exists
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Write the puppet step_config manifest
|
|
copy: content="{{role_data_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes mode=0600
|
|
tags:
|
|
- host_config
|
|
|
|
# Config file for our docker-puppet.py script, used to generate container configs
|
|
- name: Create /var/lib/docker-puppet
|
|
file: path=/var/lib/docker-puppet state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Check if docker-puppet puppet_config.yaml configuration file exists
|
|
delegate_to: localhost
|
|
become: false
|
|
stat:
|
|
path: "{{ tripleo_role_name + '/puppet_config.yaml' }}"
|
|
register: stat_puppet_config
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Set fact when file existed
|
|
no_log: True
|
|
set_fact:
|
|
role_data_puppet_config: "{{lookup('file', tripleo_role_name + '/puppet_config.yaml') | from_yaml | to_json}}"
|
|
when: stat_puppet_config.stat.exists
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Write docker-puppet.json file
|
|
copy: content="{{role_data_puppet_config}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes mode=0600
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Create /var/lib/docker-config-scripts
|
|
file: path=/var/lib/docker-config-scripts state=directory
|
|
tags:
|
|
- container_config_scripts
|
|
|
|
# The container config files
|
|
# /var/lib/docker-container-startup-configs.json is removed as we now write
|
|
# per-step files instead
|
|
- name: Clean old /var/lib/docker-container-startup-configs.json file
|
|
file:
|
|
path: /var/lib/docker-container-startup-configs.json
|
|
state: absent
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Check if docker_config_scripts.yaml file exists
|
|
delegate_to: localhost
|
|
become: false
|
|
stat:
|
|
path: "{{ tripleo_role_name + '/docker_config_scripts.yaml' }}"
|
|
register: stat_docker_config_scripts
|
|
tags:
|
|
- container_config_scripts
|
|
|
|
- name: Set fact when file existed
|
|
no_log: True
|
|
set_fact:
|
|
role_data_docker_config_scripts: "{{lookup('file', tripleo_role_name + '/docker_config_scripts.yaml') | from_yaml}}"
|
|
when: stat_docker_config_scripts.stat.exists
|
|
tags:
|
|
- container_config_scripts
|
|
|
|
- name: Write docker config scripts
|
|
copy: content="{{ item[1].content }}" dest="/var/lib/docker-config-scripts/{{ item[0] }}" force=yes mode="{{ item[1].mode | default('0600', true) }}"
|
|
loop: "{{ role_data_docker_config_scripts | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
tags:
|
|
- container_config_scripts
|
|
|
|
# Here we are dumping all the docker container startup configuration data
|
|
# so that we can have access to how they are started outside of heat
|
|
# and docker-cmd. This lets us create command line tools to test containers.
|
|
# FIXME We need to update the defaults e.g in docker-toool so we can remove the
|
|
# docker-container-startup-configs.json and use per-step configs instead
|
|
- name: Set docker_config_default fact
|
|
no_log: True
|
|
set_fact:
|
|
docker_config_default: "{{ docker_config_default|default({}) | combine( {'step_'+item: {}} ) }}"
|
|
with_sequence: count={{deploy_steps_max}}
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Check if docker_config.yaml file exists
|
|
delegate_to: localhost
|
|
become: false
|
|
stat:
|
|
path: "{{ tripleo_role_name + '/docker_config.yaml' }}"
|
|
register: stat_docker_config
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Set fact when file existed
|
|
no_log: True
|
|
set_fact:
|
|
role_data_docker_config: "{{lookup('file', tripleo_role_name + '/docker_config.yaml') | from_yaml}}"
|
|
when: stat_docker_config.stat.exists
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Set docker_startup_configs_with_default fact
|
|
no_log: True
|
|
set_fact:
|
|
docker_config_with_default: "{{docker_config_default | combine(role_data_docker_config)}}"
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Write docker-container-startup-configs
|
|
copy: content="{{docker_config_with_default | to_json }}" dest=/var/lib/docker-container-startup-configs.json force=yes mode=0600
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Write per-step docker-container-startup-configs
|
|
copy: content="{{ item[1] | to_json }}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{ item[0] }}.json" force=yes mode=0600
|
|
loop: "{{ docker_config_with_default | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Create /var/lib/kolla/config_files directory
|
|
file: path=/var/lib/kolla/config_files state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Check if kolla_config.yaml file exists
|
|
delegate_to: localhost
|
|
become: false
|
|
stat:
|
|
path: "{{ tripleo_role_name + '/kolla_config.yaml' }}"
|
|
register: stat_kolla_config
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Set fact when file existed
|
|
no_log: True
|
|
set_fact:
|
|
role_data_kolla_config: "{{lookup('file', tripleo_role_name + '/kolla_config.yaml') | from_yaml}}"
|
|
when: stat_kolla_config.stat.exists
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Write kolla config json files
|
|
copy: content="{{ item[1] | to_json }}" dest="{{ item[0] }}" force=yes mode=0600
|
|
loop: "{{ role_data_kolla_config | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
###############################################################
|
|
# Bootstrap tasks, only performed on bootstrap node of the role
|
|
###############################################################
|
|
|
|
- name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
|
|
file:
|
|
path: "{{item}}"
|
|
state: absent
|
|
with_fileglob:
|
|
- /var/lib/docker-puppet/docker-puppet-tasks*.json
|
|
when: is_bootstrap_node|bool
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Check if docker_puppet_tasks.yaml file exists
|
|
delegate_to: localhost
|
|
become: false
|
|
stat:
|
|
path: "{{ tripleo_role_name + '/docker_puppet_tasks.yaml' }}"
|
|
register: stat_docker_puppet_tasks
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Set fact when file existed
|
|
no_log: True
|
|
set_fact:
|
|
role_data_docker_puppet_tasks: "{{lookup('file', tripleo_role_name + '/docker_puppet_tasks.yaml') | from_yaml}}"
|
|
when: stat_docker_puppet_tasks.stat.exists
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Write docker-puppet-tasks json files
|
|
copy: content="{{ item[1] | to_json }}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{ item[0].replace("step_", "") }}.json force=yes mode=0600
|
|
loop: "{{ role_data_docker_puppet_tasks | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
when: is_bootstrap_node|bool
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
#####################################################
|
|
# Per step puppet configuration of the baremetal host
|
|
#####################################################
|
|
|
|
- name: Set host puppet debugging fact string
|
|
set_fact:
|
|
host_puppet_config_debug: "--debug --verbose"
|
|
when: enable_debug|default(false)|bool
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Write the config_step hieradata
|
|
copy: content="{{dict(step=step|int)|to_json}}" dest=/etc/puppet/hieradata/config_step.json force=true mode=0600
|
|
become: true
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Run puppet host configuration for step {{step}}
|
|
command: >-
|
|
puppet apply {{ host_puppet_config_debug|default('') }}
|
|
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
|
|
--detailed-exitcodes
|
|
--summarize
|
|
--logdest syslog --logdest console --color=false
|
|
/var/lib/tripleo-config/puppet_step_config.pp
|
|
changed_when: outputs.rc == 2
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
become: true
|
|
tags:
|
|
- host_config
|
|
|
|
- name: "Debug output for task: Run puppet host configuration for step {{ step }}"
|
|
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc not in [0, 2]
|
|
tags:
|
|
- host_config
|
|
|
|
#########################################
|
|
# Pre-cache facts for container-puppet.py
|
|
#########################################
|
|
# We don't want the pre-cache tasks to be skipped in dry-run so we force
|
|
# check_mode to "no".
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1738529
|
|
- name: Pre-cache facts for container-puppet.py
|
|
check_mode: no
|
|
tags:
|
|
- container_config
|
|
- container_config_tasks
|
|
block:
|
|
- name: Create puppet caching structures
|
|
file:
|
|
path: /var/lib/container-puppet/puppetlabs
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
recurse: True
|
|
- name: Check for facter.conf
|
|
check_mode: false
|
|
stat:
|
|
path: "/var/lib/container-puppet/puppetlabs/facter.conf"
|
|
register: _facter_conf_file
|
|
# See LP#1852606 for context
|
|
- name: Remove facter.conf if directory
|
|
check_mode: false
|
|
become: true
|
|
file:
|
|
path: "/var/lib/container-puppet/puppetlabs/facter.conf"
|
|
state: absent
|
|
force: true
|
|
when:
|
|
- _facter_conf_file.stat.isdir is defined
|
|
- _facter_conf_file.stat.isdir
|
|
- name: Write facter cache config
|
|
copy:
|
|
dest: /var/lib/container-puppet/puppetlabs/facter.conf
|
|
content: |
|
|
facts : {
|
|
blocklist: [ "EC2" ],
|
|
ttls: [
|
|
{ "kernel" : 8 hour },
|
|
{ "memory" : 8 hour },
|
|
{ "networking" : 8 hour },
|
|
{ "operating system" : 8 hour },
|
|
{ "processor" : 8 hour },
|
|
]
|
|
}
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
- name: Cleanup facter cache if exists
|
|
file:
|
|
path: /opt/puppetlabs/facter
|
|
state: absent
|
|
ignore_errors: True
|
|
- name: Pre-cache facts
|
|
check_mode: false
|
|
command: facter --config /var/lib/container-puppet/puppetlabs/facter.conf
|
|
retries: 5
|
|
delay: 5
|
|
no_log: True
|
|
ignore_errors: True
|
|
register: _facter_cache_run
|
|
- name: Failed deployment if facter fails
|
|
check_mode: false
|
|
fail:
|
|
msg: "{{ _facter_cache_run.stderr }}"
|
|
when: _facter_cache_run is failed
|
|
- name: Sync cached facts
|
|
check_mode: false
|
|
synchronize:
|
|
src: /opt/puppetlabs/
|
|
dest: /var/lib/container-puppet/puppetlabs/
|
|
delegate_to: "{{ inventory_hostname }}"
|
|
when: _facter_cache_run is succeeded
|
|
|
|
######################################
|
|
# Generate config via docker-puppet.py
|
|
######################################
|
|
|
|
- name: Run docker-puppet tasks (generate config) during step {{step}}
|
|
shell: python /var/lib/docker-puppet/docker-puppet.py
|
|
environment:
|
|
NET_HOST: 'true'
|
|
DEBUG: '{{docker_puppet_debug|default(false)}}'
|
|
PROCESS_COUNT: '{{docker_puppet_process_count|default(3)}}'
|
|
when: step == "1"
|
|
changed_when: false
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
become: true
|
|
tags:
|
|
- container_config
|
|
|
|
- name: "Debug output for task: Run docker-puppet tasks (generate config) during step {{ step }}"
|
|
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc != 0
|
|
tags:
|
|
- container_config
|
|
|
|
##################################################
|
|
# Per step starting of the containers using paunch
|
|
##################################################
|
|
|
|
# Note docker-puppet.py generates the hashed-*.json file, which is a copy of
|
|
# the *step_n.json with a hash of the generated external config added
|
|
# This acts as a salt to enable restarting the container if config changes
|
|
- name: Start containers for step {{step}}
|
|
environment:
|
|
TRIPLEO_MINOR_UPDATE: '{{ tripleo_minor_update | default(false) }}'
|
|
command: >-
|
|
paunch --debug apply
|
|
--file /var/lib/tripleo-config/hashed-docker-container-startup-config-step_{{step}}.json
|
|
--config-id tripleo_step{{step}} --managed-by tripleo-{{tripleo_role_name}}
|
|
changed_when: false
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
become: true
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: "Debug output for task: Start containers for step {{ step }}"
|
|
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc != 0
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
###############################################################
|
|
# Bootstrap tasks, only performed on bootstrap node of the role
|
|
###############################################################
|
|
|
|
- name: Check if /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json exists
|
|
stat:
|
|
path: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
|
|
register: docker_puppet_tasks_json
|
|
become: true
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Run docker-puppet tasks (bootstrap tasks) for step {{step}}
|
|
shell: python /var/lib/docker-puppet/docker-puppet.py
|
|
environment:
|
|
CONFIG: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
|
|
NET_HOST: "true"
|
|
NO_ARCHIVE: "true"
|
|
STEP: "{{step}}"
|
|
when: is_bootstrap_node|bool and docker_puppet_tasks_json.stat.exists
|
|
changed_when: false
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
become: true
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: "Debug output for task: Run docker-puppet tasks (bootstrap tasks) for step {{ step }}"
|
|
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc != 0
|
|
tags:
|
|
- container_config_tasks
|