a592cc05bf
Durig upgrade PostDeploySteps is mapped into major_upgrade_steps which was missing blacklisted_{ip_addresses,hostnames} previously added only into deploy-steps. Change-Id: Ifdcdad63e430972f7254f0c40e021b00333fdf56 Closes-Bug: 1745379
253 lines
8.6 KiB
YAML
253 lines
8.6 KiB
YAML
{% set enabled_roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
|
|
{% set batch_upgrade_steps_max = 3 -%}
|
|
{% set upgrade_steps_max = 6 -%}
|
|
{% set deliver_script = {'deliver': False} -%}
|
|
heat_template_version: queens
|
|
description: 'Upgrade steps for all roles'
|
|
|
|
parameters:
|
|
servers:
|
|
type: json
|
|
stack_name:
|
|
type: string
|
|
description: Name of the topmost stack
|
|
role_data:
|
|
type: json
|
|
description: Mapping of Role name e.g Controller to the per-role data
|
|
ctlplane_service_ips:
|
|
type: json
|
|
blacklisted_ip_addresses:
|
|
description: List of IP addresses belong to blacklisted servers
|
|
type: comma_delimited_list
|
|
default: []
|
|
blacklisted_hostnames:
|
|
description: List of hostnames belong to blacklisted servers
|
|
type: comma_delimited_list
|
|
default: []
|
|
UpdateIdentifier:
|
|
type: string
|
|
default: ''
|
|
description: >
|
|
Setting to a previously unused value during stack-update will trigger
|
|
the Upgrade resources to re-run on all roles.
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
KeystoneRegion:
|
|
type: string
|
|
default: 'regionOne'
|
|
description: Keystone region for endpoint
|
|
NovaPassword:
|
|
description: The password for the nova service and db account
|
|
type: string
|
|
hidden: true
|
|
|
|
resources:
|
|
|
|
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
|
|
{{role.name}}DeliverUpgradeScriptConfig:
|
|
type: OS::Heat::SoftwareConfig
|
|
properties:
|
|
name: {{role.name}}DeliverUpgradeScriptConfig
|
|
group: script
|
|
config:
|
|
list_join:
|
|
- ''
|
|
- - "#!/bin/bash\n\n"
|
|
- "set -eu\n\n"
|
|
- str_replace:
|
|
template: |
|
|
ROLE='ROLE_NAME'
|
|
params:
|
|
ROLE_NAME: {{role.name}}
|
|
- get_file: ../extraconfig/tasks/pacemaker_common_functions.sh
|
|
- get_file: ../extraconfig/tasks/tripleo_upgrade_node.sh
|
|
|
|
{{role.name}}DeliverUpgradeScriptDeployment:
|
|
type: OS::Heat::SoftwareDeploymentGroup
|
|
properties:
|
|
name: {{role.name}}DeliverUpgradeScriptDeployment
|
|
servers: {get_param: [servers, {{role.name}}]}
|
|
config: {get_resource: {{role.name}}DeliverUpgradeScriptConfig}
|
|
{% endfor %}
|
|
|
|
# Upgrade Steps for all roles, batched updates
|
|
# The UpgradeConfig resources could actually be created without
|
|
# serialization, but the event output is easier to follow if we
|
|
# do, and there should be minimal performance hit (creating the
|
|
# config is cheap compared to the time to apply the deployment).
|
|
{% for step in range(0, batch_upgrade_steps_max) %}
|
|
# Batch config resources step {{step}}
|
|
{%- for role in roles %}
|
|
{{role.name}}UpgradeBatchConfig_Step{{step}}:
|
|
type: OS::TripleO::UpgradeConfig
|
|
{%- if step > 0 %}
|
|
depends_on:
|
|
{%- for role_inside in enabled_roles %}
|
|
- {{role_inside.name}}UpgradeBatch_Step{{step -1}}
|
|
{%- endfor %}
|
|
{% else %}
|
|
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
|
|
{% if deliver_script.update({'deliver': True}) %} {% endif %}
|
|
{% endfor %}
|
|
{% if deliver_script.deliver %}
|
|
depends_on:
|
|
{% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
|
|
- {{dep.name}}DeliverUpgradeScriptDeployment
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% endif %}
|
|
properties:
|
|
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_batch_tasks]}
|
|
step: {{step}}
|
|
{%- endfor %}
|
|
|
|
# Batch deployment resources for step {{step}} (only for enabled roles)
|
|
{%- for role in enabled_roles %}
|
|
{{role.name}}UpgradeBatch_Step{{step}}:
|
|
type: OS::Heat::SoftwareDeploymentGroup
|
|
{%- if step > 0 %}
|
|
depends_on:
|
|
{%- for role_inside in enabled_roles %}
|
|
- {{role_inside.name}}UpgradeBatch_Step{{step -1}}
|
|
{%- endfor %}
|
|
{% else %}
|
|
{% for role in roles if role.disable_upgrade_deployment|default(false) %}
|
|
{% if deliver_script.update({'deliver': True}) %} {% endif %}
|
|
{% endfor %}
|
|
{% if deliver_script.deliver %}
|
|
depends_on:
|
|
{% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
|
|
- {{dep.name}}DeliverUpgradeScriptDeployment
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% endif %}
|
|
update_policy:
|
|
batch_create:
|
|
max_batch_size: {{role.upgrade_batch_size|default(1)}}
|
|
rolling_update:
|
|
max_batch_size: {{role.upgrade_batch_size|default(1)}}
|
|
properties:
|
|
name: {{role.name}}UpgradeBatch_Step{{step}}
|
|
servers: {get_param: [servers, {{role.name}}]}
|
|
config: {get_resource: {{role.name}}UpgradeBatchConfig_Step{{step}}}
|
|
input_values:
|
|
role: {{role.name}}
|
|
update_identifier: {get_param: UpdateIdentifier}
|
|
{%- endfor %}
|
|
{%- endfor %}
|
|
|
|
# Upgrade Steps for all roles
|
|
{%- for step in range(0, upgrade_steps_max) %}
|
|
# Config resources for step {{step}}
|
|
{%- for role in roles %}
|
|
{{role.name}}UpgradeConfig_Step{{step}}:
|
|
type: OS::TripleO::UpgradeConfig
|
|
# The UpgradeConfig resources could actually be created without
|
|
# serialization, but the event output is easier to follow if we
|
|
# do, and there should be minimal performance hit (creating the
|
|
# config is cheap compared to the time to apply the deployment).
|
|
depends_on:
|
|
{%- for role_inside in enabled_roles %}
|
|
{%- if step > 0 %}
|
|
- {{role_inside.name}}Upgrade_Step{{step -1}}
|
|
{%- else %}
|
|
- {{role_inside.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
properties:
|
|
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_tasks]}
|
|
step: {{step}}
|
|
{%- endfor %}
|
|
|
|
# Deployment resources for step {{step}} (only for enabled roles)
|
|
{%- for role in enabled_roles %}
|
|
{{role.name}}Upgrade_Step{{step}}:
|
|
type: OS::Heat::SoftwareDeploymentGroup
|
|
depends_on:
|
|
{%- for role_inside in enabled_roles %}
|
|
{%- if step > 0 %}
|
|
- {{role_inside.name}}Upgrade_Step{{step -1}}
|
|
{%- else %}
|
|
- {{role_inside.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
properties:
|
|
name: {{role.name}}Upgrade_Step{{step}}
|
|
servers: {get_param: [servers, {{role.name}}]}
|
|
config: {get_resource: {{role.name}}UpgradeConfig_Step{{step}}}
|
|
input_values:
|
|
role: {{role.name}}
|
|
update_identifier: {get_param: UpdateIdentifier}
|
|
{%- endfor %}
|
|
{%- endfor %}
|
|
|
|
# Post upgrade deployment steps for all roles
|
|
# This runs the normal configuration (e.g puppet) steps unless upgrade
|
|
# is disabled for the role
|
|
AllNodesPostUpgradeSteps:
|
|
type: OS::TripleO::PostUpgradeSteps
|
|
depends_on:
|
|
{%- for dep in enabled_roles %}
|
|
- {{dep.name}}Upgrade_Step{{upgrade_steps_max - 1}}
|
|
{%- endfor %}
|
|
properties:
|
|
servers: {get_param: servers}
|
|
stack_name: {get_param: stack_name}
|
|
role_data: {get_param: role_data}
|
|
ctlplane_service_ips: {get_param: ctlplane_service_ips}
|
|
|
|
{%- for step in range(0, upgrade_steps_max) %}
|
|
{%- for role in roles %}
|
|
{{role.name}}PostUpgradeConfig_Config{{step}}:
|
|
type: OS::TripleO::UpgradeConfig
|
|
depends_on:
|
|
{%- for role_inside in enabled_roles %}
|
|
{%- if step > 0 %}
|
|
- {{role_inside.name}}PostUpgradeConfig_Deployment{{step -1}}
|
|
{%- else %}
|
|
- AllNodesPostUpgradeSteps
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
properties:
|
|
UpgradeStepConfig: {get_param: [role_data, {{role.name}}, post_upgrade_tasks]}
|
|
step: {{step}}
|
|
{%- endfor %}
|
|
|
|
{%- for role in enabled_roles %}
|
|
{{role.name}}PostUpgradeConfig_Deployment{{step}}:
|
|
type: OS::Heat::SoftwareDeploymentGroup
|
|
depends_on:
|
|
{%- for role_inside in enabled_roles %}
|
|
{%- if step > 0 %}
|
|
- {{role_inside.name}}PostUpgradeConfig_Deployment{{step -1}}
|
|
{%- else %}
|
|
- AllNodesPostUpgradeSteps
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
properties:
|
|
name: {{role.name}}PostUpgradeConfig_Deployment{{step}}
|
|
servers: {get_param: [servers, {{role.name}}]}
|
|
config: {get_resource: {{role.name}}PostUpgradeConfig_Config{{step}}}
|
|
input_values:
|
|
role: {{role.name}}
|
|
update_identifier: {get_param: UpdateIdentifier}
|
|
{%- endfor %}
|
|
{%- endfor %}
|
|
|
|
outputs:
|
|
# Output the config for each role, just use Step1 as the config should be
|
|
# the same for all steps (only the tag provided differs)
|
|
upgrade_configs:
|
|
description: The per-role upgrade configuration used
|
|
value:
|
|
{% for role in roles %}
|
|
{{role.name.lower()}}: {get_attr: [{{role.name}}UpgradeConfig_Step1, upgrade_config]}
|
|
{% endfor %}
|
|
RoleConfig:
|
|
description: Mapping of config data for all roles
|
|
value: {get_attr: [AllNodesPostUpgradeSteps, RoleConfig]}
|
|
|