Heat templates for deploying OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

350 lines
9.1 KiB

  1. - name: Create and ensure setype for /var/log/containers directory
  2. become: true
  3. file:
  4. path: /var/log/containers
  5. state: directory
  6. setype: container_file_t
  7. selevel: s0
  8. mode: 0750
  9. tags:
  10. - host_config
  11. - name: Create ContainerLogStdoutPath directory
  12. become: true
  13. file:
  14. path: "{{ container_log_stdout_path }}"
  15. state: directory
  16. selevel: s0
  17. tags:
  18. - host_config
  19. - name: Create /var/lib/tripleo-config directory
  20. become: true
  21. file:
  22. path: /var/lib/tripleo-config
  23. state: directory
  24. setype: container_file_t
  25. selevel: s0
  26. recurse: true
  27. tags:
  28. - host_config
  29. - container_config
  30. - container_config_tasks
  31. - container_config_scripts
  32. - container_startup_configs
  33. - name: Delete existing /var/lib/tripleo-config/check-mode directory for check mode
  34. become: true
  35. file:
  36. path: /var/lib/tripleo-config/check-mode
  37. state: absent
  38. tags:
  39. - host_config
  40. - container_config
  41. - container_config_tasks
  42. - container_config_scripts
  43. - container_startup_configs
  44. when:
  45. - ansible_check_mode|bool
  46. check_mode: no
  47. - name: Create /var/lib/tripleo-config/check-mode directory for check mode
  48. become: true
  49. file:
  50. path: /var/lib/tripleo-config/check-mode
  51. state: directory
  52. setype: container_file_t
  53. selevel: s0
  54. recurse: true
  55. tags:
  56. - host_config
  57. - container_config
  58. - container_config_tasks
  59. - container_config_scripts
  60. - container_startup_configs
  61. when:
  62. - ansible_check_mode|bool
  63. check_mode: no
  64. # Puppet manifest for baremetal host configuration
  65. - name: Write the puppet step_config manifest
  66. become: true
  67. no_log: True
  68. copy:
  69. content: "{{ lookup('file', tripleo_role_name + '/step_config.pp', errors='ignore') | default('', True) }}"
  70. dest: /var/lib/tripleo-config/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}puppet_step_config.pp
  71. force: yes
  72. mode: '0600'
  73. tags:
  74. - host_config
  75. check_mode: no
  76. diff: no
  77. - name: Diff puppet step_config manifest changes for check mode
  78. command:
  79. diff -uN /var/lib/tripleo-config/puppet_step_config.pp /var/lib/tripleo-config/check-mode/puppet_step_config.pp
  80. register: diff_results
  81. tags:
  82. - host_config
  83. check_mode: no
  84. when:
  85. - ansible_check_mode|bool
  86. - ansible_diff_mode
  87. failed_when: false
  88. changed_when: diff_results.rc == 1
  89. - name: Diff puppet step_config manifest changes for check mode
  90. debug:
  91. var: diff_results.stdout_lines
  92. changed_when: diff_results.rc == 1
  93. when:
  94. - ansible_check_mode|bool
  95. - ansible_diff_mode
  96. tags:
  97. - host_config
  98. # Puppet Containers Config directory used to generate container configs
  99. - name: Create /var/lib/container-puppet
  100. become: true
  101. file:
  102. path: /var/lib/container-puppet
  103. state: directory
  104. setype: container_file_t
  105. selevel: s0
  106. tags:
  107. - container_config
  108. - container_config_tasks
  109. - name: Delete existing /var/lib/container-puppet/check-mode for check mode
  110. become: true
  111. file:
  112. path: /var/lib/container-puppet/check-mode
  113. state: absent
  114. tags:
  115. - container_config
  116. check_mode: no
  117. when:
  118. - ansible_check_mode|bool
  119. - name: Create /var/lib/container-puppet/check-mode for check mode
  120. become: true
  121. file:
  122. path: /var/lib/container-puppet/check-mode
  123. state: directory
  124. setype: container_file_t
  125. selevel: s0
  126. tags:
  127. - container_config
  128. check_mode: no
  129. when:
  130. - ansible_check_mode|bool
  131. - name: Write container-puppet.json file
  132. become: true
  133. no_log: True
  134. copy:
  135. content: "{{ lookup('file', tripleo_role_name + '/puppet_config.yaml', errors='ignore') | default([], True) | from_yaml | to_nice_json }}"
  136. dest: /var/lib/container-puppet/{{ ansible_check_mode | bool | ternary('check-mode/', '') }}container-puppet.json
  137. force: yes
  138. mode: '0600'
  139. tags:
  140. - container_config
  141. check_mode: no
  142. diff: no
  143. - name: Diff container-puppet.json changes for check mode
  144. command:
  145. diff -uN /var/lib/container-puppet/container-puppet.json /var/lib/container-puppet/check-mode/container-puppet.json
  146. register: diff_results
  147. tags:
  148. - container_config
  149. check_mode: no
  150. when:
  151. - ansible_check_mode|bool
  152. - ansible_diff_mode
  153. failed_when: false
  154. changed_when: diff_results.rc == 1
  155. - name: Diff container-puppet.json changes for check mode
  156. debug:
  157. var: diff_results.stdout_lines
  158. changed_when: diff_results.rc == 1
  159. when:
  160. - ansible_check_mode|bool
  161. - ansible_diff_mode
  162. tags:
  163. - container_config
  164. - name: Create /var/lib/container-config-scripts
  165. become: true
  166. file:
  167. path: /var/lib/container-config-scripts
  168. state: directory
  169. setype: container_file_t
  170. tags:
  171. - container_config_scripts
  172. # The container config files
  173. # /var/lib/container-startup-configs.json is removed as we now write
  174. # per-step files instead
  175. - name: Clean old /var/lib/container-startup-configs.json file
  176. become: true
  177. file:
  178. path: /var/lib/container-startup-configs.json
  179. state: absent
  180. tags:
  181. - container_startup_configs
  182. # For legacy, can be removed in Train cycle
  183. - name: Clean old /var/lib/docker-container-startup-configs.json file
  184. become: true
  185. file:
  186. path: /var/lib/docker-container-startup-configs.json
  187. state: absent
  188. tags:
  189. - container_startup_configs
  190. - name: Write container config scripts
  191. become: true
  192. no_log: True
  193. copy:
  194. content: "{{ item[1].content }}"
  195. dest: "/var/lib/container-config-scripts/{{ item[0] }}"
  196. force: yes
  197. mode: "{{ item[1].mode | default('0600', true) }}"
  198. setype: container_file_t
  199. loop: "{{ role_data_container_config_scripts | dictsort }}"
  200. loop_control:
  201. label: "{{ item[0] }}"
  202. vars:
  203. role_data_container_config_scripts: "{{ lookup('file', tripleo_role_name + '/container_config_scripts.yaml', errors='ignore') | default({}, True) | from_yaml }}"
  204. tags:
  205. - container_config_scripts
  206. # This file location is deprecated and the new location is now:
  207. # /var/lib/tripleo-config/container-startup-config/step_X/<container_name>.json
  208. # Can be removed in V cycle
  209. - name: Write /var/lib/tripleo-config/container-startup-config-readme.txt
  210. become: true
  211. no_log: True
  212. copy:
  213. content: "Container startup configs moved to /var/lib/tripleo-config/container-startup-config"
  214. dest: /var/lib/tripleo-config/container-startup-config-readme.txt
  215. force: yes
  216. mode: '0600'
  217. tags:
  218. - container_startup_configs
  219. - name: Generate startup configs files per step and per container
  220. become: true
  221. container_startup_config:
  222. config_base_dir: /var/lib/tripleo-config/container-startup-config
  223. config_data: "{{ lookup('file', (tripleo_role_name + '/docker_config.yaml'), errors='ignore') | default({}, True) | from_yaml }}"
  224. tags:
  225. - container_startup_configs
  226. - name: Ensure config hashes are up-to-date for container startup configs
  227. become: true
  228. container_puppet_config:
  229. update_config_hash_only: true
  230. tags:
  231. - container_startup_configs
  232. - name: Create /var/lib/kolla/config_files directory
  233. become: true
  234. file:
  235. path: /var/lib/kolla/config_files
  236. state: directory
  237. setype: container_file_t
  238. selevel: s0
  239. recurse: true
  240. tags:
  241. - container_startup_configs
  242. - name: Create /var/lib/config-data directory
  243. become: true
  244. file:
  245. path: /var/lib/config-data
  246. state: directory
  247. setype: container_file_t
  248. selevel: s0
  249. - name: Write kolla config json files
  250. become: true
  251. no_log: True
  252. copy:
  253. content: "{{ item[1] | to_nice_json }}"
  254. dest: "{{ item[0] }}"
  255. force: yes
  256. mode: '0600'
  257. setype: container_file_t
  258. loop: "{{ lookup('file', tripleo_role_name + '/kolla_config.yaml', errors='ignore') | default([], True) | from_yaml | dictsort }}"
  259. loop_control:
  260. label: "{{ item[0] }}"
  261. tags:
  262. - container_startup_configs
  263. - name: gather facts needed by role
  264. setup:
  265. gather_subset: "!min,python"
  266. when: ansible_python is not defined
  267. tags:
  268. - container_config_tasks
  269. - name: set python_cmd
  270. set_fact:
  271. python_cmd: "python{{ ansible_python.version.major }}"
  272. cacheable: true
  273. when: python_cmd is not defined
  274. tags:
  275. - container_config_tasks
  276. - name: Set host puppet debugging fact string
  277. set_fact:
  278. host_puppet_config_debug: "--debug --verbose"
  279. when:
  280. - enable_puppet | bool
  281. - enable_debug | bool
  282. tags:
  283. - host_config
  284. - name: Check for /etc/puppet/check-mode directory for check mode
  285. stat:
  286. path: /etc/puppet/check-mode
  287. register: check_mode_dir
  288. when: ansible_check_mode|bool
  289. tags:
  290. - host_config
  291. - container_config
  292. - name: Create /etc/puppet/check-mode/hieradata directory for check mode
  293. become: true
  294. file:
  295. path: /etc/puppet/check-mode/hieradata
  296. state: directory
  297. setype: container_file_t
  298. selevel: s0
  299. recurse: true
  300. check_mode: no
  301. when:
  302. - ansible_check_mode|bool
  303. - not check_mode_dir.stat.exists
  304. tags:
  305. - host_config
  306. - container_config
  307. - name: Create puppet check-mode files if they don't exist for check mode
  308. become: true
  309. shell: |
  310. cp -a /etc/puppet/hiera.yaml /etc/puppet/check-mode/hiera.yaml
  311. cp -a /etc/puppet/hieradata/* /etc/puppet/check-mode/hieradata/
  312. sed -i 's/\/etc\/puppet\/hieradata/\/etc\/puppet\/check-mode\/hieradata/' /etc/puppet/check-mode/hiera.yaml
  313. when:
  314. - ansible_check_mode|bool
  315. - not check_mode_dir.stat.exists
  316. check_mode: no
  317. tags:
  318. - host_config
  319. - container_config