tripleo-heat-templates/common/major_upgrade_steps.j2.yaml
Giulio Fidente a592cc05bf Pass blacklisted_{ip_addresses,hostnames} to major_upgrade_steps
Durig upgrade PostDeploySteps is mapped into major_upgrade_steps
which was missing blacklisted_{ip_addresses,hostnames} previously
added only into deploy-steps.

Change-Id: Ifdcdad63e430972f7254f0c40e021b00333fdf56
Closes-Bug: 1745379
2018-01-25 14:59:25 +01:00

253 lines
8.6 KiB
YAML

{% set enabled_roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
{% set batch_upgrade_steps_max = 3 -%}
{% set upgrade_steps_max = 6 -%}
{% set deliver_script = {'deliver': False} -%}
heat_template_version: queens
description: 'Upgrade steps for all roles'
parameters:
servers:
type: json
stack_name:
type: string
description: Name of the topmost stack
role_data:
type: json
description: Mapping of Role name e.g Controller to the per-role data
ctlplane_service_ips:
type: json
blacklisted_ip_addresses:
description: List of IP addresses belong to blacklisted servers
type: comma_delimited_list
default: []
blacklisted_hostnames:
description: List of hostnames belong to blacklisted servers
type: comma_delimited_list
default: []
UpdateIdentifier:
type: string
default: ''
description: >
Setting to a previously unused value during stack-update will trigger
the Upgrade resources to re-run on all roles.
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
NovaPassword:
description: The password for the nova service and db account
type: string
hidden: true
resources:
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
{{role.name}}DeliverUpgradeScriptConfig:
type: OS::Heat::SoftwareConfig
properties:
name: {{role.name}}DeliverUpgradeScriptConfig
group: script
config:
list_join:
- ''
- - "#!/bin/bash\n\n"
- "set -eu\n\n"
- str_replace:
template: |
ROLE='ROLE_NAME'
params:
ROLE_NAME: {{role.name}}
- get_file: ../extraconfig/tasks/pacemaker_common_functions.sh
- get_file: ../extraconfig/tasks/tripleo_upgrade_node.sh
{{role.name}}DeliverUpgradeScriptDeployment:
type: OS::Heat::SoftwareDeploymentGroup
properties:
name: {{role.name}}DeliverUpgradeScriptDeployment
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}DeliverUpgradeScriptConfig}
{% endfor %}
# Upgrade Steps for all roles, batched updates
# The UpgradeConfig resources could actually be created without
# serialization, but the event output is easier to follow if we
# do, and there should be minimal performance hit (creating the
# config is cheap compared to the time to apply the deployment).
{% for step in range(0, batch_upgrade_steps_max) %}
# Batch config resources step {{step}}
{%- for role in roles %}
{{role.name}}UpgradeBatchConfig_Step{{step}}:
type: OS::TripleO::UpgradeConfig
{%- if step > 0 %}
depends_on:
{%- for role_inside in enabled_roles %}
- {{role_inside.name}}UpgradeBatch_Step{{step -1}}
{%- endfor %}
{% else %}
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
{% if deliver_script.update({'deliver': True}) %} {% endif %}
{% endfor %}
{% if deliver_script.deliver %}
depends_on:
{% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
- {{dep.name}}DeliverUpgradeScriptDeployment
{% endfor %}
{% endif %}
{% endif %}
properties:
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_batch_tasks]}
step: {{step}}
{%- endfor %}
# Batch deployment resources for step {{step}} (only for enabled roles)
{%- for role in enabled_roles %}
{{role.name}}UpgradeBatch_Step{{step}}:
type: OS::Heat::SoftwareDeploymentGroup
{%- if step > 0 %}
depends_on:
{%- for role_inside in enabled_roles %}
- {{role_inside.name}}UpgradeBatch_Step{{step -1}}
{%- endfor %}
{% else %}
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
{% if deliver_script.update({'deliver': True}) %} {% endif %}
{% endfor %}
{% if deliver_script.deliver %}
depends_on:
{% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
- {{dep.name}}DeliverUpgradeScriptDeployment
{% endfor %}
{% endif %}
{% endif %}
update_policy:
batch_create:
max_batch_size: {{role.upgrade_batch_size|default(1)}}
rolling_update:
max_batch_size: {{role.upgrade_batch_size|default(1)}}
properties:
name: {{role.name}}UpgradeBatch_Step{{step}}
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}UpgradeBatchConfig_Step{{step}}}
input_values:
role: {{role.name}}
update_identifier: {get_param: UpdateIdentifier}
{%- endfor %}
{%- endfor %}
# Upgrade Steps for all roles
{%- for step in range(0, upgrade_steps_max) %}
# Config resources for step {{step}}
{%- for role in roles %}
{{role.name}}UpgradeConfig_Step{{step}}:
type: OS::TripleO::UpgradeConfig
# The UpgradeConfig resources could actually be created without
# serialization, but the event output is easier to follow if we
# do, and there should be minimal performance hit (creating the
# config is cheap compared to the time to apply the deployment).
depends_on:
{%- for role_inside in enabled_roles %}
{%- if step > 0 %}
- {{role_inside.name}}Upgrade_Step{{step -1}}
{%- else %}
- {{role_inside.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}}
{%- endif %}
{%- endfor %}
properties:
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_tasks]}
step: {{step}}
{%- endfor %}
# Deployment resources for step {{step}} (only for enabled roles)
{%- for role in enabled_roles %}
{{role.name}}Upgrade_Step{{step}}:
type: OS::Heat::SoftwareDeploymentGroup
depends_on:
{%- for role_inside in enabled_roles %}
{%- if step > 0 %}
- {{role_inside.name}}Upgrade_Step{{step -1}}
{%- else %}
- {{role_inside.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}}
{%- endif %}
{%- endfor %}
properties:
name: {{role.name}}Upgrade_Step{{step}}
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}UpgradeConfig_Step{{step}}}
input_values:
role: {{role.name}}
update_identifier: {get_param: UpdateIdentifier}
{%- endfor %}
{%- endfor %}
# Post upgrade deployment steps for all roles
# This runs the normal configuration (e.g puppet) steps unless upgrade
# is disabled for the role
AllNodesPostUpgradeSteps:
type: OS::TripleO::PostUpgradeSteps
depends_on:
{%- for dep in enabled_roles %}
- {{dep.name}}Upgrade_Step{{upgrade_steps_max - 1}}
{%- endfor %}
properties:
servers: {get_param: servers}
stack_name: {get_param: stack_name}
role_data: {get_param: role_data}
ctlplane_service_ips: {get_param: ctlplane_service_ips}
{%- for step in range(0, upgrade_steps_max) %}
{%- for role in roles %}
{{role.name}}PostUpgradeConfig_Config{{step}}:
type: OS::TripleO::UpgradeConfig
depends_on:
{%- for role_inside in enabled_roles %}
{%- if step > 0 %}
- {{role_inside.name}}PostUpgradeConfig_Deployment{{step -1}}
{%- else %}
- AllNodesPostUpgradeSteps
{%- endif %}
{%- endfor %}
properties:
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, post_upgrade_tasks]}
step: {{step}}
{%- endfor %}
{%- for role in enabled_roles %}
{{role.name}}PostUpgradeConfig_Deployment{{step}}:
type: OS::Heat::SoftwareDeploymentGroup
depends_on:
{%- for role_inside in enabled_roles %}
{%- if step > 0 %}
- {{role_inside.name}}PostUpgradeConfig_Deployment{{step -1}}
{%- else %}
- AllNodesPostUpgradeSteps
{%- endif %}
{%- endfor %}
properties:
name: {{role.name}}PostUpgradeConfig_Deployment{{step}}
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}PostUpgradeConfig_Config{{step}}}
input_values:
role: {{role.name}}
update_identifier: {get_param: UpdateIdentifier}
{%- endfor %}
{%- endfor %}
outputs:
# Output the config for each role, just use Step1 as the config should be
# the same for all steps (only the tag provided differs)
upgrade_configs:
description: The per-role upgrade configuration used
value:
{% for role in roles %}
{{role.name.lower()}}: {get_attr: [{{role.name}}UpgradeConfig_Step1, upgrade_config]}
{% endfor %}
RoleConfig:
description: Mapping of config data for all roles
value: {get_attr: [AllNodesPostUpgradeSteps, RoleConfig]}