6d0f16d430
Adds check mode support for puppet host tasks. This works by writing the new puppet host manifest under /var/lib/tripleo-config/check-mode, and diffing it against the existing version of the manifest. Puppet is also run with --noop, so that it only reports on what changes would have been made. It also uses the check mode hiera configuration at /etc/puppet/check-mode/hiera.yaml if it exists so that the updated hiera data is also accounted for when puppet runs with --noop. Depends-On: Ibe0c2ab79c35f04ce51e7a1ade0e8ff72b430163 Change-Id: I112b63096c8dce05176b0939a7678bec02987294
425 lines
15 KiB
YAML
425 lines
15 KiB
YAML
# Note the indentation here is required as it's joined
|
|
# to create a playbook in deploy-steps.j2
|
|
##################################################
|
|
# Step 1 block, write data for subsequent steps
|
|
##################################################
|
|
|
|
- name: Write config data at the start of step 1
|
|
when: step == "1"
|
|
block:
|
|
- name: Create /var/lib/tripleo-config directory
|
|
file:
|
|
path: /var/lib/tripleo-config
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
recurse: true
|
|
tags:
|
|
- host_config
|
|
- container_config
|
|
- container_config_tasks
|
|
- container_config_scripts
|
|
- container_startup_configs
|
|
|
|
- name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode
|
|
file:
|
|
path: /var/lib/tripleo-config/check-mode
|
|
state: absent
|
|
tags:
|
|
- host_config
|
|
- container_puppet
|
|
- container_puppet_tasks
|
|
- container_config_scripts
|
|
- container_startup_configs
|
|
when:
|
|
- ansible_check_mode
|
|
ignore_errors: true
|
|
check_mode: no
|
|
|
|
- name: Create /var/lib/tripleo-config/check-mode directory for check mode
|
|
file:
|
|
path: /var/lib/tripleo-config/check-mode
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
recurse: true
|
|
tags:
|
|
- host_config
|
|
- container_puppet
|
|
- container_puppet_tasks
|
|
- container_config_scripts
|
|
- container_startup_configs
|
|
when:
|
|
- ansible_check_mode
|
|
check_mode: no
|
|
|
|
# Puppet manifest for baremetal host configuration
|
|
- name: Write the puppet step_config manifest
|
|
copy:
|
|
content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}"
|
|
dest: /var/lib/tripleo-config/{{ ansible_check_mode | ternary('check-mode/', '') }}puppet_step_config.pp
|
|
force: yes
|
|
mode: '0600'
|
|
tags:
|
|
- host_config
|
|
check_mode: no
|
|
diff: no
|
|
|
|
- name: Diff puppet step_config manifest changes for check mode
|
|
command:
|
|
diff -uN /var/lib/tripleo-config/puppet_step_config.pp /var/lib/tripleo-config/check-mode/puppet_step_config.pp
|
|
register: diff_results
|
|
tags:
|
|
- host_config
|
|
check_mode: no
|
|
when:
|
|
- ansible_check_mode
|
|
- ansible_diff_mode
|
|
failed_when: false
|
|
changed_when: diff_results.rc == 1
|
|
|
|
- name: Diff puppet step_config manifest changes for check mode
|
|
debug:
|
|
var: diff_results.stdout_lines
|
|
changed_when: diff_results.rc == 1
|
|
when:
|
|
- ansible_check_mode
|
|
- ansible_diff_mode
|
|
tags:
|
|
- host_config
|
|
|
|
# Config file for our docker-puppet.py script, used to generate container configs
|
|
- name: Create /var/lib/docker-puppet
|
|
file:
|
|
path: /var/lib/docker-puppet
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Write docker-puppet.json file
|
|
copy:
|
|
content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_json }}"
|
|
dest: /var/lib/docker-puppet/docker-puppet.json
|
|
force: yes
|
|
mode: '0600'
|
|
tags:
|
|
- container_config
|
|
|
|
- name: Create /var/lib/docker-config-scripts
|
|
file:
|
|
path: /var/lib/docker-config-scripts
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
tags:
|
|
- container_config_scripts
|
|
|
|
|
|
# The container config files
|
|
# /var/lib/docker-container-startup-configs.json is removed as we now write
|
|
# per-step files instead
|
|
- name: Clean old /var/lib/docker-container-startup-configs.json file
|
|
file:
|
|
path: /var/lib/docker-container-startup-configs.json
|
|
state: absent
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Write docker config scripts
|
|
copy:
|
|
content: "{{ item[1].content }}"
|
|
dest: "/var/lib/docker-config-scripts/{{ item[0] }}"
|
|
force: yes
|
|
mode: "{{ item[1].mode | default('0600', true) }}"
|
|
setype: svirt_sandbox_file_t
|
|
loop: "{{ role_data_docker_config_scripts | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
vars:
|
|
role_data_docker_config_scripts: "{{ lookup('file', tripleo_role_name + '/docker_config_scripts.yaml', errors='ignore') | default({}, True) | from_yaml }}"
|
|
tags:
|
|
- container_config_scripts
|
|
|
|
|
|
# Here we are dumping all the docker container startup configuration data
|
|
# so that we can have access to how they are started outside of heat
|
|
# and docker-cmd. This lets us create command line tools to test containers.
|
|
# FIXME We need to update the defaults, e.g in docker-tool, so we can remove the
|
|
# docker-container-startup-configs.json and use per-step configs instead
|
|
- name: Set docker_config_default fact
|
|
no_log: True
|
|
set_fact:
|
|
docker_config_default: "{{ docker_config_default | default({}) | combine( {'step_' + item: {}} ) }}"
|
|
with_sequence: count={{ deploy_steps_max }}
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Set docker_startup_configs_with_default fact
|
|
no_log: True
|
|
set_fact:
|
|
docker_config_with_default: "{{ docker_config_default | combine(role_data_docker_config) }}"
|
|
vars:
|
|
role_data_docker_config: "{{ lookup('file', tripleo_role_name + '/docker_config.yaml', errors='ignore') | default({}, True) | from_yaml }}"
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Write docker-container-startup-configs
|
|
copy:
|
|
content: "{{ docker_config_with_default | to_json }}"
|
|
dest: /var/lib/docker-container-startup-configs.json
|
|
force: yes
|
|
mode: '0600'
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Write per-step docker-container-startup-configs
|
|
copy:
|
|
content: "{{ item[1] | to_json }}"
|
|
dest: "/var/lib/tripleo-config/docker-container-startup-config-{{ item[0] }}.json"
|
|
force: yes
|
|
mode: '0600'
|
|
loop: "{{ docker_config_with_default | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Create /var/lib/kolla/config_files directory
|
|
file:
|
|
path: /var/lib/kolla/config_files
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
recurse: true
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: Create /var/lib/config-data directory
|
|
file:
|
|
path: /var/lib/config-data
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
|
|
- name: Write kolla config json files
|
|
copy:
|
|
content: "{{ item[1] | to_json }}"
|
|
dest: "{{ item[0] }}"
|
|
force: yes
|
|
mode: '0600'
|
|
setype: svirt_sandbox_file_t
|
|
loop: "{{ lookup('file', tripleo_role_name + '/kolla_config.yaml', errors='ignore') | default([], True) | from_yaml | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
########################################################
|
|
# Bootstrap tasks, only performed on bootstrap_server_id
|
|
########################################################
|
|
|
|
- name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
|
|
file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
with_fileglob:
|
|
- /var/lib/docker-puppet/docker-puppet-tasks*.json
|
|
when: deploy_server_id == bootstrap_server_id
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Write docker-puppet-tasks json files
|
|
copy:
|
|
content: "{{item[1]|to_json}}"
|
|
dest: /var/lib/docker-puppet/docker-puppet-tasks{{item[0].replace("step_", "")}}.json
|
|
force: yes
|
|
mode: '0600'
|
|
loop: "{{ lookup('file', tripleo_role_name + '/docker_puppet_tasks.yaml', errors='ignore') | default({}, True) | from_yaml | dictsort }}"
|
|
loop_control:
|
|
label: "{{ item[0] }}"
|
|
when: deploy_server_id == bootstrap_server_id
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
#####################################################
|
|
# Per step puppet configuration of the baremetal host
|
|
#####################################################
|
|
|
|
- name: Set host puppet debugging fact string
|
|
set_fact:
|
|
host_puppet_config_debug: "--debug --verbose"
|
|
when:
|
|
- enable_puppet | default(true) | bool
|
|
- enable_debug | default(false) | bool
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Check for /etc/puppet/check-mode directory for check mode
|
|
stat:
|
|
path: /etc/puppet/check-mode
|
|
register: check_mode_dir
|
|
when: ansible_check_mode
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Create /etc/puppet/check-mode/hieradata directory for check mode
|
|
file:
|
|
path: /etc/puppet/check-mode/hieradata
|
|
state: directory
|
|
setype: svirt_sandbox_file_t
|
|
selevel: s0
|
|
recurse: true
|
|
check_mode: no
|
|
when:
|
|
- ansible_check_mode
|
|
- not check_mode_dir.stat.exists
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Write the config_step hieradata
|
|
copy:
|
|
content: "{{ dict(step=step|int) | to_json }}"
|
|
dest: /etc/puppet/{{ ansible_check_mode | ternary('check-mode/', '') }}hieradata/config_step.json
|
|
force: true
|
|
mode: '0600'
|
|
check_mode: no
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Create puppet check-mode files if they don't exist for check mode
|
|
shell: |
|
|
cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
|
|
cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
|
|
sed -i 's/\/etc\/puppet\/hieradata/\/etc\/puppet\/check-mode\/hieradata/' /etc/puppet/check-mode/hiera.yaml
|
|
when:
|
|
- ansible_check_mode
|
|
- not check_mode_dir.stat.exists
|
|
check_mode: no
|
|
tags:
|
|
- host_config
|
|
|
|
- name: Run puppet host configuration for step {{ step }}
|
|
when: enable_puppet|default(true)|bool
|
|
command: >-
|
|
puppet apply {{ host_puppet_config_debug | default('') }}
|
|
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
|
|
--detailed-exitcodes
|
|
--summarize
|
|
--logdest syslog --logdest console --color=false
|
|
{{ ansible_check_mode | ternary('--noop', '') }}
|
|
{{ ansible_check_mode | ternary('--hiera_config /etc/puppet/check-mode/hiera.yaml', '') }}
|
|
/var/lib/tripleo-config/{{ ansible_check_mode | ternary('check-mode/', '') }}puppet_step_config.pp
|
|
changed_when: outputs.rc == 2
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
tags:
|
|
- host_config
|
|
check_mode: no
|
|
|
|
- name: "Debug output for task: Run puppet host configuration for step {{ step }}"
|
|
debug:
|
|
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
|
|
when:
|
|
- enable_puppet | default(true) | bool
|
|
- outputs.rc is defined
|
|
failed_when: outputs.rc not in [0, 2]
|
|
tags:
|
|
- host_config
|
|
|
|
######################################
|
|
# Generate config via docker-puppet.py
|
|
######################################
|
|
|
|
- name: Run docker-puppet tasks (generate config) during step {{ step }}
|
|
shell: python /var/lib/docker-puppet/docker-puppet.py
|
|
environment:
|
|
NET_HOST: 'true'
|
|
DEBUG: '{{ docker_puppet_debug | default(false) }}'
|
|
PROCESS_COUNT: '{{ docker_puppet_process_count | default(3) }}'
|
|
CONTAINER_CLI: "{{ container_cli | default('docker') }}"
|
|
when: step == "1"
|
|
changed_when: false
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
tags:
|
|
- container_config
|
|
|
|
- name: "Debug output for task: Run docker-puppet tasks (generate config) during step {{ step }}"
|
|
debug:
|
|
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc != 0
|
|
tags:
|
|
- container_config
|
|
|
|
##################################################
|
|
# Per step starting of the containers using paunch
|
|
##################################################
|
|
|
|
# Note docker-puppet.py generates the hashed-*.json file, which is a copy of
|
|
# the *step_n.json with a hash of the generated external config added
|
|
# This acts as a salt to enable restarting the container if config changes
|
|
- name: Start containers for step {{ step }}
|
|
command: >-
|
|
paunch --debug apply
|
|
--default-runtime "{{ container_cli | default('docker') }}"
|
|
--file /var/lib/tripleo-config/hashed-docker-container-startup-config-step_{{ step }}.json
|
|
--config-id tripleo_step{{ step }} --managed-by tripleo-{{ tripleo_role_name }}
|
|
changed_when: false
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
- name: "Debug output for task: Start containers for step {{ step }}"
|
|
debug:
|
|
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc != 0
|
|
tags:
|
|
- container_startup_configs
|
|
|
|
########################################################
|
|
# Bootstrap tasks, only performed on bootstrap_server_id
|
|
########################################################
|
|
|
|
- name: Check if /var/lib/docker-puppet/docker-puppet-tasks{{ step }}.json exists
|
|
stat:
|
|
path: /var/lib/docker-puppet/docker-puppet-tasks{{ step }}.json
|
|
register: docker_puppet_tasks_json
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: Run docker-puppet tasks (bootstrap tasks) for step {{ step }}
|
|
shell: python /var/lib/docker-puppet/docker-puppet.py
|
|
environment:
|
|
CONFIG: /var/lib/docker-puppet/docker-puppet-tasks{{ step }}.json
|
|
NET_HOST: "true"
|
|
NO_ARCHIVE: "true"
|
|
STEP: "{{ step }}"
|
|
CONTAINER_CLI: "{{ container_cli | default('docker') }}"
|
|
when:
|
|
- deploy_server_id == bootstrap_server_id
|
|
- docker_puppet_tasks_json.stat.exists
|
|
changed_when: false
|
|
check_mode: no
|
|
register: outputs
|
|
failed_when: false
|
|
no_log: true
|
|
tags:
|
|
- container_config_tasks
|
|
|
|
- name: "Debug output for task: Run docker-puppet tasks (bootstrap tasks) for step {{ step }}"
|
|
debug:
|
|
var: outputs.stdout_lines | default([]) | union(outputs.stderr_lines | default([]))
|
|
when: outputs.rc is defined
|
|
failed_when: outputs.rc != 0
|
|
tags:
|
|
- container_config_tasks
|