openstack/tripleo-heat-templates
Code Issues Proposed changes
dc3b0a76aa
tripleo-heat-templates/common/deploy-steps-tasks.yaml

280 lines
12 KiB
YAML
Raw Normal View History

Move deploy-steps-playbook to deploy-steps-tasks So that we can more easily iterate over an include in an output Change-Id: Idd5bb47589e5c37123caafcded1afbff8881aa33
2017-07-20 15:04:10 +01:00
# Note the indentation here is required as it's joined
# to create a playbook in deploy-steps.j2
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
##################################################
# Step 1 block, write data for subsequent steps
##################################################
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write config data at the start of step 1
when: step == "1"
become: true
block:
- name: Create /var/lib/tripleo-config directory
file: path=/var/lib/tripleo-config state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
# Puppet manifest for baremetal host configuration
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Check if puppet step_config.pp manifest exists
delegate_to: localhost
become: false
stat:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
path: "{{ tripleo_role_name + '/step_config.pp' }}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
register: stat_step_config
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Set fact when file existed
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
set_fact:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
role_data_step_config: "{{lookup('file', tripleo_role_name + '/step_config.pp')}}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
when: stat_step_config.stat.exists
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write the puppet step_config manifest
copy: content="{{role_data_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes mode=0600
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
# Config file for our docker-puppet.py script, used to generate container configs
- name: Create /var/lib/docker-puppet
file: path=/var/lib/docker-puppet state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Check if docker-puppet puppet_config.yaml configuration file exists
delegate_to: localhost
become: false
stat:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
path: "{{ tripleo_role_name + '/puppet_config.yaml' }}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
register: stat_puppet_config
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Set fact when file existed
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
set_fact:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
role_data_puppet_config: "{{lookup('file', tripleo_role_name + '/puppet_config.yaml') | from_yaml | to_json}}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
when: stat_puppet_config.stat.exists
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Write docker-puppet.json file
copy: content="{{role_data_puppet_config}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes mode=0600
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Create /var/lib/docker-config-scripts
file: path=/var/lib/docker-config-scripts state=directory
# The container config files
# /var/lib/docker-container-startup-configs.json is removed as we now write
# per-step files instead
- name: Clean old /var/lib/docker-container-startup-configs.json file
file:
path: /var/lib/docker-container-startup-configs.json
state: absent
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Check if docker_config_scripts.yaml file exists
delegate_to: localhost
become: false
stat:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
path: "{{ tripleo_role_name + '/docker_config_scripts.yaml' }}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
register: stat_docker_config_scripts
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Set fact when file existed
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
set_fact:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
role_data_docker_config_scripts: "{{lookup('file', tripleo_role_name + '/docker_config_scripts.yaml') | from_yaml}}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
when: stat_docker_config_scripts.stat.exists
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write docker config scripts
copy: content="{{item.value.content}}" dest="/var/lib/docker-config-scripts/{{item.key}}" force=yes mode="{{item.value.mode|default('0600', true)}}"
with_dict: "{{role_data_docker_config_scripts}}"
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
# Here we are dumping all the docker container startup configuration data
# so that we can have access to how they are started outside of heat
# and docker-cmd. This lets us create command line tools to test containers.
# FIXME We need to update the defaults e.g in docker-toool so we can remove the
# docker-container-startup-configs.json and use per-step configs instead
- name: Set docker_config_default fact
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
set_fact:
docker_config_default: "{{ docker_config_default|default({}) | combine( {'step_'+item: {}} ) }}"
with_sequence: count={{deploy_steps_max}}
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Check if docker_config.yaml file exists
delegate_to: localhost
become: false
stat:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
path: "{{ tripleo_role_name + '/docker_config.yaml' }}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
register: stat_docker_config
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Set fact when file existed
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
set_fact:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
role_data_docker_config: "{{lookup('file', tripleo_role_name + '/docker_config.yaml') | from_yaml}}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
when: stat_docker_config.stat.exists
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Set docker_startup_configs_with_default fact
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
set_fact:
docker_config_with_default: "{{docker_config_default | combine(role_data_docker_config)}}"
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write docker-container-startup-configs
copy: content="{{docker_config_with_default | to_json }}" dest=/var/lib/docker-container-startup-configs.json force=yes mode=0600
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write per-step docker-container-startup-configs
copy: content="{{item.value|to_json}}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{item.key}}.json" force=yes mode=0600
with_dict: "{{docker_config_with_default}}"
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Create /var/lib/kolla/config_files directory
file: path=/var/lib/kolla/config_files state=directory setype=svirt_sandbox_file_t selevel=s0 recurse=true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Check if kolla_config.yaml file exists
delegate_to: localhost
become: false
stat:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
path: "{{ tripleo_role_name + '/kolla_config.yaml' }}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
register: stat_kolla_config
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Set fact when file existed
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
set_fact:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
role_data_kolla_config: "{{lookup('file', tripleo_role_name + '/kolla_config.yaml') | from_yaml}}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
when: stat_kolla_config.stat.exists
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write kolla config json files
copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes mode=0600
with_dict: "{{role_data_kolla_config}}"
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
########################################################
# Bootstrap tasks, only performed on bootstrap_server_id
########################################################
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
file:
path: "{{item}}"
state: absent
with_fileglob:
- /var/lib/docker-puppet/docker-puppet-tasks*.json
when: deploy_server_id == bootstrap_server_id
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Check if docker_puppet_tasks.yaml file exists
delegate_to: localhost
become: false
stat:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
path: "{{ tripleo_role_name + '/docker_puppet_tasks.yaml' }}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
register: stat_docker_puppet_tasks
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
- name: Set fact when file existed
Don't log set_fact tasks for role_data set_fact logs the fact value. In the case of reading the role_data_* files, this is very verbose as the files can be large. Use no_log: True to make these tasks less verbose. The content is saved in the config-download output already, so no useful info is lost. Change-Id: Ie6f75113194961628a0c9bdfbfbf5d88a18059eb Closes-Bug: #1760996
2018-04-03 17:43:57 -04:00
no_log: True
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
set_fact:
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
role_data_docker_puppet_tasks: "{{lookup('file', tripleo_role_name + '/docker_puppet_tasks.yaml') | from_yaml}}"
Consume RoleData config from config download files In https://review.openstack.org/#/c/525260/, we moved the creation of various RoleData driven config files to deploy-steps-tasks.yaml, and to consume the values from various role_data_* variables that were written in the inventory (see https://review.openstack.org/#/c/528354/). However, we were already downloading and saving the RoleData to separate files via config download. We should consume from those files instead of the inventory. That has the advantage that one can quickly modify and iterate on the local files, and have those changes applied. That is harder to do when these values are in the inventory, and not possible to do when using dynamic inventory. Since the tasks will fail trying to read from the files when not using config-download, conditional local_action tasks that use the stat module first verify the existence of the files before attempting to read their contents. If they don't exist, the values fall back to whatever has been defined by the ansible variable. Change-Id: Idfdce6f0a778b0a7f2fed17ff56d1a3e451868ab Closes-Bug: #1749784
2018-02-15 14:36:52 -05:00
when: stat_docker_puppet_tasks.stat.exists
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move step 1 preparation to deploy-steps-tasks.yaml This moves the writing of various files that are consumed by the tasks in deploy-steps-tasks.yaml, hopefully this is clearer, and it also means we can drive the creation of these files via ansible directly using https://review.openstack.org/528354 Change-Id: I173d22ebcbc986cefdef47f81298abe10ce8591b
2017-12-04 13:55:10 +00:00
- name: Write docker-puppet-tasks json files
copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes mode=0600
with_dict: "{{role_data_docker_puppet_tasks}}"
when: deploy_server_id == bootstrap_server_id
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
#####################################################
# Per step puppet configuration of the baremetal host
#####################################################
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Fix ConfigDebug for puppet host runs Before pike we used to be able to add -e environments/config-debug.yaml and that would give us debug logs for puppet. With the move to ansible running puppet we lost this feature. Let's make sure that the old ConfigDebug variable still works with the ansible playbook-based deploy steps. With this patch and ConfigDebug set to true, we correctly get the puppet debug logs: TASK [debug] ******************************************************************* ok: [localhost] => { "(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))": [ "Warning: Undefined variable 'deploy_config_name'; ", " (file & line not available)", "Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::Bool. There is further documentation for validate_legacy function in the README. at [\"/etc/puppet/modules/ntp/manifests/init.pp\", 54]:[\"/etc/puppet/modules/tripleo/manifests/profile/base/time/ntp.pp\", 29]", " (at /etc/puppet/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation')", "Debug: Runtime environment: puppet_version=4.8.2, ruby_version=2.0.0, run_mode=user, default_encoding=UTF-8", "Debug: Loading external facts from /etc/puppet/modules/openstacklib/facts.d", "Debug: Loading external facts from /var/lib/puppet/facts.d", .... Change-Id: Ia726fb8ca4a6f7bbbd7a1284d76ff42df6825d01 Closes-Bug: #1722752
2017-10-11 12:47:01 +02:00
- name: Set host puppet debugging fact string
set_fact:
host_puppet_config_debug: "--debug --verbose"
Add EnablePuppet (defaults to true) This wires in a heat parameter that can be used to disable the baremetal (Puppet) deployment tasks. Useful for testing some lightweight/containers only deployments. Change-Id: I376418c618616b7755fafefa80fea8150cf16b99
2018-03-06 13:43:07 -05:00
when:
- enable_puppet|default(true)|bool
- enable_debug|default(false)|bool
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
- name: Write the config_step hieradata
Set mode for ansible written files Use a more restrictive mode for these files, as some may contain sensitive data which shouldn't be world readable Closes-Bug: #1714986 Change-Id: Ib1e79b1d4e25d6e329938402b1ca776bdab81bdd
2017-09-04 13:53:04 +01:00
copy: content="{{dict(step=step|int)|to_json}}" dest=/etc/puppet/hieradata/config_step.json force=true mode=0600
Use "become: true" in deploy steps tasks In the deploy steps playbook downloaded via "openstack overcloud config download", all the tasks require sudo. The tasks should use "become: true", otherwise they fail with permission denied errors. Change-Id: I561b5ef6dee0ee7cac67ba798eda284fb7f7a8d0 Closes-Bug: #1717298
2017-09-14 10:08:07 -06:00
become: true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
- name: Run puppet host configuration for step {{step}}
Add EnablePuppet (defaults to true) This wires in a heat parameter that can be used to disable the baremetal (Puppet) deployment tasks. Useful for testing some lightweight/containers only deployments. Change-Id: I376418c618616b7755fafefa80fea8150cf16b99
2018-03-06 13:43:07 -05:00
when: enable_puppet|default(true)|bool
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
command: >-
Fix ConfigDebug for puppet host runs Before pike we used to be able to add -e environments/config-debug.yaml and that would give us debug logs for puppet. With the move to ansible running puppet we lost this feature. Let's make sure that the old ConfigDebug variable still works with the ansible playbook-based deploy steps. With this patch and ConfigDebug set to true, we correctly get the puppet debug logs: TASK [debug] ******************************************************************* ok: [localhost] => { "(outputs.stderr|default('')).split('\n')|union(outputs.stdout_lines|default([]))": [ "Warning: Undefined variable 'deploy_config_name'; ", " (file & line not available)", "Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::Bool. There is further documentation for validate_legacy function in the README. at [\"/etc/puppet/modules/ntp/manifests/init.pp\", 54]:[\"/etc/puppet/modules/tripleo/manifests/profile/base/time/ntp.pp\", 29]", " (at /etc/puppet/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation')", "Debug: Runtime environment: puppet_version=4.8.2, ruby_version=2.0.0, run_mode=user, default_encoding=UTF-8", "Debug: Loading external facts from /etc/puppet/modules/openstacklib/facts.d", "Debug: Loading external facts from /var/lib/puppet/facts.d", .... Change-Id: Ia726fb8ca4a6f7bbbd7a1284d76ff42df6825d01 Closes-Bug: #1722752
2017-10-11 12:47:01 +02:00
puppet apply {{ host_puppet_config_debug|default('') }}
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
--modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules
Add --detailed-exitcodes when running puppet via ansible puppet run on never fails, even when it should, since we moved to the ansible way of applying it. The reason is the current following code: - name: Run puppet host configuration for step {{step}} command: >- puppet apply --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --logdest syslog --logdest console --color=false /var/lib/tripleo-config/puppet_step_config.pp The above is missing the --detailed-exitcodes switch and so puppet will never really error out on us and the deployment will keep on running all the steps even though a previous puppet manifest might have failed. This cause extra hard-to-debug failures. Initially the issue was observed on the puppet host runs, but this parameter is missing also from docker-puppet.py, so let's add it there as well as it makes sense to return proper error codes whenever we call puppet. Besides this being a good idea in general, we actually *have* to do it because puppet does not fail correctly without this option due to the following puppet bug: https://tickets.puppetlabs.com/browse/PUP-2754 Depends-On: I607927c2ee5c29b605e18e9294b0f91d37337680 Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ie9df4f520645404560a9635fb66e3af42b966f54 Closes-Bug: #1723163
2017-10-12 17:37:50 +02:00
--detailed-exitcodes
puppet apply: add --summarize ... so we can know how long take resources configuration in Puppet catalogs, and more easily debug why we have timeouts. Change-Id: If3fae8837140caae91120e46b4880146ffe22afc
2018-01-03 12:55:55 -08:00
--summarize
Also log puppet output to console Running puppet apply with --logdest syslog results in all the output being redirected to syslog. You get no error messages. In the case where this ansible task fails, the subsequent debug task shows nothing useful as there was no stdout/stderr. Also pass --logdest console to puppet apply so that we get the output for the debug task. My local testing showed that when specifying logdest twice, both values were honored, and the output went to syslog and the console. Change-Id: Id5212b3ed27b6299e33e81ecf71ead554f9bdd29 Closes-Bug: #1707030
2017-07-27 13:59:04 -04:00
--logdest syslog --logdest console --color=false
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
/var/lib/tripleo-config/puppet_step_config.pp
Add --detailed-exitcodes when running puppet via ansible puppet run on never fails, even when it should, since we moved to the ansible way of applying it. The reason is the current following code: - name: Run puppet host configuration for step {{step}} command: >- puppet apply --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --logdest syslog --logdest console --color=false /var/lib/tripleo-config/puppet_step_config.pp The above is missing the --detailed-exitcodes switch and so puppet will never really error out on us and the deployment will keep on running all the steps even though a previous puppet manifest might have failed. This cause extra hard-to-debug failures. Initially the issue was observed on the puppet host runs, but this parameter is missing also from docker-puppet.py, so let's add it there as well as it makes sense to return proper error codes whenever we call puppet. Besides this being a good idea in general, we actually *have* to do it because puppet does not fail correctly without this option due to the following puppet bug: https://tickets.puppetlabs.com/browse/PUP-2754 Depends-On: I607927c2ee5c29b605e18e9294b0f91d37337680 Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ie9df4f520645404560a9635fb66e3af42b966f54 Closes-Bug: #1723163
2017-10-12 17:37:50 +02:00
changed_when: outputs.rc == 2
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
check_mode: no
register: outputs
failed_when: false
no_log: true
Use "become: true" in deploy steps tasks In the deploy steps playbook downloaded via "openstack overcloud config download", all the tasks require sudo. The tasks should use "become: true", otherwise they fail with permission denied errors. Change-Id: I561b5ef6dee0ee7cac67ba798eda284fb7f7a8d0 Closes-Bug: #1717298
2017-09-14 10:08:07 -06:00
become: true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Add name to debug tasks This makes it clearer that the previous task failed, which isn't immediately evident from the ansible task output due to the failed_when on those tasks. Change-Id: I765208d5865f6e5a292e5b52c572e2e79540c663 Closes-Bug: #1748443
2018-02-09 13:18:49 +00:00
- name: "Debug output for task which failed: Run puppet host configuration for step {{step}}"
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
Add EnablePuppet (defaults to true) This wires in a heat parameter that can be used to disable the baremetal (Puppet) deployment tasks. Useful for testing some lightweight/containers only deployments. Change-Id: I376418c618616b7755fafefa80fea8150cf16b99
2018-03-06 13:43:07 -05:00
when:
- enable_puppet|default(true)|bool
- outputs.rc is defined
Add --detailed-exitcodes when running puppet via ansible puppet run on never fails, even when it should, since we moved to the ansible way of applying it. The reason is the current following code: - name: Run puppet host configuration for step {{step}} command: >- puppet apply --modulepath=/etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules --logdest syslog --logdest console --color=false /var/lib/tripleo-config/puppet_step_config.pp The above is missing the --detailed-exitcodes switch and so puppet will never really error out on us and the deployment will keep on running all the steps even though a previous puppet manifest might have failed. This cause extra hard-to-debug failures. Initially the issue was observed on the puppet host runs, but this parameter is missing also from docker-puppet.py, so let's add it there as well as it makes sense to return proper error codes whenever we call puppet. Besides this being a good idea in general, we actually *have* to do it because puppet does not fail correctly without this option due to the following puppet bug: https://tickets.puppetlabs.com/browse/PUP-2754 Depends-On: I607927c2ee5c29b605e18e9294b0f91d37337680 Co-Authored-By: Damien Ciabrini <dciabrin@redhat.com> Change-Id: Ie9df4f520645404560a9635fb66e3af42b966f54 Closes-Bug: #1723163
2017-10-12 17:37:50 +02:00
failed_when: outputs.rc not in [0, 2]
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
######################################
# Generate config via docker-puppet.py
######################################
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Add {{step}} var to Task name Add the {{step}} var to a couple of task names from deploy-steps-tasks.yaml where it was missing. Makes the output a bit more consistent and user friendly. Change-Id: I0a1b3f7f62543107b2f82ee57d75e65ecc7e02d4
2018-01-25 16:42:07 -05:00
- name: Run docker-puppet tasks (generate config) during step {{step}}
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
shell: python /var/lib/docker-puppet/docker-puppet.py
environment:
NET_HOST: 'true'
Default docker_puppet_debug to false This isn't set unless the playbook is run via heat, so default it to false to enable easier use via ansible-playbook combined with tripleo-ansible-inventory Change-Id: I9705e4533831a019dd0051e5522d4b7958682506
2017-07-21 11:21:09 +01:00
DEBUG: '{{docker_puppet_debug|default(false)}}'
Add DockerPuppetProcessCount defaults to 3 docker-puppet.py is very aggressive about running concurrently. It uses python multiprocessing to run multiple config generating containers at once. This seems to work well in general, but in some cases... perhaps when the registry is slow or under heavy load can cause timeouts to occur. Lately I'm seeing several 'container did not start before the specified timeout' errors that always seem to occur when config files are generated (docker-puppet.py is initially executed. A couple of things: -when config files are generated this is the first time most of the containers are pulled to each host machine during deployment -docker-puppet.py runs many of these processes at once. Some of them run faster, other not. -docker daemon's pull limit defaults to 3. This would throttle the above a bit perhaps contributing the the likelyhood of a timeout. One solution that seems to work for me is to set the PROCESS_COUNT in docker-puppet.py to 3. As this matches docker daemon's default it is probably safer at the cost of being slightly slower in some cases. Change-Id: I17feb3abd9d36fe7c95865a064502ce9902a074e Closes-bug: #1713188
2017-08-25 23:01:24 -04:00
PROCESS_COUNT: '{{docker_puppet_process_count|default(3)}}'
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
when: step == "1"
changed_when: false
check_mode: no
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
register: outputs
failed_when: false
no_log: true
Use "become: true" in deploy steps tasks In the deploy steps playbook downloaded via "openstack overcloud config download", all the tasks require sudo. The tasks should use "become: true", otherwise they fail with permission denied errors. Change-Id: I561b5ef6dee0ee7cac67ba798eda284fb7f7a8d0 Closes-Bug: #1717298
2017-09-14 10:08:07 -06:00
become: true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Add name to debug tasks This makes it clearer that the previous task failed, which isn't immediately evident from the ansible task output due to the failed_when on those tasks. Change-Id: I765208d5865f6e5a292e5b52c572e2e79540c663 Closes-Bug: #1748443
2018-02-09 13:18:49 +00:00
- name: "Debug output for task which failed: Run docker-puppet tasks (generate config) during step {{step}}"
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
Fix all outputs|failed and outputs is defined The ansible "failed_when" filter that uses a registered output of a previous task piped to the '|failed' filter does not work as expected. Given the following playbook: - name: return code shell: | echo "fail 2" exit 2 failed_when: false log_when: false register: outputs - debug: msg: "rc: {{ outputs.rc }}" - debug: msg="Broken (does not fail as expected)" when: outputs is defined failed_when: outputs|failed - debug: msg="Working (fails as expected)" when: outputs is defined failed_when: outputs.rc != 0 We obtain the following output: TASK [return code] **** changed: [localhost] TASK [debug] ********** ok: [localhost] => { "msg": "rc: 2" } TASK [debug] ********** ok: [localhost] => { "failed_when_result": false, "msg": "Broken (does not fail as expected)" } TASK [debug] ********** fatal: [localhost]: FAILED! => { "failed_when_result": true, "msg": "Working (fails as expected)" } This means that the 'outputs|failed' just does not work at all. Let's move to a more explicit check on the rc code of the registered variable. We also need to fix all the "outputs is defined" checks, because when a task is skipped the registered outputs variable *is* actually defined as the following dictionary: {'skip_reason': u'Conditional result was False', 'skipped': True, 'changed': False} So we use "outputs.rc is defined" in order to make sure that the previous task did indeed run. Closes-Bug: #1733402 Change-Id: I6ef53dc3f9aede42f10c7f110d24722355481261
2017-11-20 20:48:50 +01:00
when: outputs.rc is defined
failed_when: outputs.rc != 0
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
##################################################
# Per step starting of the containers using paunch
##################################################
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Write md5sum for service config directories The configuration generated by docker-puppet may change on update, so checksum the combined files from the config-data directories, to enable detecting those that have changed and restarting the appropriate containers - we need to merge this checksum into the environment passed to the containters, as this will cause paunch to correctly restart containers when the configuration generated changes, even if the rest of the json definition provided by heat does not. Change-Id: I40d9080cf3ad708ef4ed91e46d2b2ae1138bb9c3
2017-05-19 16:38:56 +01:00
# Note docker-puppet.py generates the hashed-*.json file, which is a copy of
# the *step_n.json with a hash of the generated external config added
# This acts as a salt to enable restarting the container if config changes
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
- name: Start containers for step {{step}}
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
command: >-
paunch --debug apply
--file /var/lib/tripleo-config/hashed-docker-container-startup-config-step_{{step}}.json
deploy-steps: switch to tripleo_role_name "role_name" is internal to Ansible, we should not use it. This patch uses the new variable set in the inventory to use a specific TripleO var: tripleo_role_name which is the TripleO role name and not the Ansible role names, both things are very different. Depends-On: I57c4eac87e2f96dfe5490b111cd2508505715d56 Change-Id: Iecaf6f1b830e65be2f9e2e44431054fe46f9f565 Related-Bug: #1771171
2018-05-14 11:15:09 -07:00
--config-id tripleo_step{{step}} --managed-by tripleo-{{tripleo_role_name}}
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
changed_when: false
check_mode: no
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
register: outputs
failed_when: false
no_log: true
Use "become: true" in deploy steps tasks In the deploy steps playbook downloaded via "openstack overcloud config download", all the tasks require sudo. The tasks should use "become: true", otherwise they fail with permission denied errors. Change-Id: I561b5ef6dee0ee7cac67ba798eda284fb7f7a8d0 Closes-Bug: #1717298
2017-09-14 10:08:07 -06:00
become: true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Add name to debug tasks This makes it clearer that the previous task failed, which isn't immediately evident from the ansible task output due to the failed_when on those tasks. Change-Id: I765208d5865f6e5a292e5b52c572e2e79540c663 Closes-Bug: #1748443
2018-02-09 13:18:49 +00:00
- name: "Debug output for task which failed: Start containers for step {{step}}"
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
Fix all outputs|failed and outputs is defined The ansible "failed_when" filter that uses a registered output of a previous task piped to the '|failed' filter does not work as expected. Given the following playbook: - name: return code shell: | echo "fail 2" exit 2 failed_when: false log_when: false register: outputs - debug: msg: "rc: {{ outputs.rc }}" - debug: msg="Broken (does not fail as expected)" when: outputs is defined failed_when: outputs|failed - debug: msg="Working (fails as expected)" when: outputs is defined failed_when: outputs.rc != 0 We obtain the following output: TASK [return code] **** changed: [localhost] TASK [debug] ********** ok: [localhost] => { "msg": "rc: 2" } TASK [debug] ********** ok: [localhost] => { "failed_when_result": false, "msg": "Broken (does not fail as expected)" } TASK [debug] ********** fatal: [localhost]: FAILED! => { "failed_when_result": true, "msg": "Working (fails as expected)" } This means that the 'outputs|failed' just does not work at all. Let's move to a more explicit check on the rc code of the registered variable. We also need to fix all the "outputs is defined" checks, because when a task is skipped the registered outputs variable *is* actually defined as the following dictionary: {'skip_reason': u'Conditional result was False', 'skipped': True, 'changed': False} So we use "outputs.rc is defined" in order to make sure that the previous task did indeed run. Closes-Bug: #1733402 Change-Id: I6ef53dc3f9aede42f10c7f110d24722355481261
2017-11-20 20:48:50 +01:00
when: outputs.rc is defined
failed_when: outputs.rc != 0
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
########################################################
# Bootstrap tasks, only performed on bootstrap_server_id
########################################################
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Move docker_puppet_tasks calculation into services.yaml This makes the RolesData output more accurate, and we can rework things so docker-puppet only gets run when there is a non-empty file calculated (e.g there are tasks to run). Change-Id: I8cdab3c857977c80fe2e359ab9e05740a838d66b
2017-07-19 20:36:11 +01:00
- name: Check if /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json exists
stat:
path: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
register: docker_puppet_tasks_json
Use "become: true" in deploy steps tasks In the deploy steps playbook downloaded via "openstack overcloud config download", all the tasks require sudo. The tasks should use "become: true", otherwise they fail with permission denied errors. Change-Id: I561b5ef6dee0ee7cac67ba798eda284fb7f7a8d0 Closes-Bug: #1717298
2017-09-14 10:08:07 -06:00
become: true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Add {{step}} var to Task name Add the {{step}} var to a couple of task names from deploy-steps-tasks.yaml where it was missing. Makes the output a bit more consistent and user friendly. Change-Id: I0a1b3f7f62543107b2f82ee57d75e65ecc7e02d4
2018-01-25 16:42:07 -05:00
- name: Run docker-puppet tasks (bootstrap tasks) for step {{step}}
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
shell: python /var/lib/docker-puppet/docker-puppet.py
environment:
CONFIG: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
NET_HOST: "true"
NO_ARCHIVE: "true"
STEP: "{{step}}"
Move docker_puppet_tasks calculation into services.yaml This makes the RolesData output more accurate, and we can rework things so docker-puppet only gets run when there is a non-empty file calculated (e.g there are tasks to run). Change-Id: I8cdab3c857977c80fe2e359ab9e05740a838d66b
2017-07-19 20:36:11 +01:00
when: deploy_server_id == bootstrap_server_id and docker_puppet_tasks_json.stat.exists
Convert puppet and docker steps to ansible Replace the multiple SoftwareDeployment resources with a common playbook that runs on all roles, consuming the configuration data written via the HostPrepAnsible tasks. This hopefully simplifies things, and will enable re-running the deploy steps for minor updates (we'll need some way to detect a container should be replaced, but that will be done via a follow-up patch). Change-Id: I674a4d9d2c77d1f6fbdb0996f6c9321848e32662
2017-05-03 17:12:55 +01:00
changed_when: false
check_mode: no
Improve logs from ansible, puppet, docker-puppet.py * Debug ansible 'puppet apply' stderr joined stdout, split by lines. * Do 'puppet apply' w/o colors, logdest syslog, and given a wanted modulepath instead of the module puppet, that can't support those options. * Bind-mount syslog socket for docker-puppet.py to pass puppet logs to host OS syslog. * Fix logging handlers for multiprocess workers in docker-puppet.py. Related-bug: #1698172 Closes-bug: #1700086 Change-Id: I84112a836e968aa5c3596a6544e0392980529963 Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-06-09 18:03:50 +02:00
register: outputs
failed_when: false
no_log: true
Use "become: true" in deploy steps tasks In the deploy steps playbook downloaded via "openstack overcloud config download", all the tasks require sudo. The tasks should use "become: true", otherwise they fail with permission denied errors. Change-Id: I561b5ef6dee0ee7cac67ba798eda284fb7f7a8d0 Closes-Bug: #1717298
2017-09-14 10:08:07 -06:00
become: true
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Add name to debug tasks This makes it clearer that the previous task failed, which isn't immediately evident from the ansible task output due to the failed_when on those tasks. Change-Id: I765208d5865f6e5a292e5b52c572e2e79540c663 Closes-Bug: #1748443
2018-02-09 13:18:49 +00:00
- name: "Debug output for task which failed: Run docker-puppet tasks (bootstrap tasks) for step {{step}}"
debug: var=outputs.stdout_lines|default([])|union(outputs.stderr_lines|default([]))
Fix all outputs|failed and outputs is defined The ansible "failed_when" filter that uses a registered output of a previous task piped to the '|failed' filter does not work as expected. Given the following playbook: - name: return code shell: | echo "fail 2" exit 2 failed_when: false log_when: false register: outputs - debug: msg: "rc: {{ outputs.rc }}" - debug: msg="Broken (does not fail as expected)" when: outputs is defined failed_when: outputs|failed - debug: msg="Working (fails as expected)" when: outputs is defined failed_when: outputs.rc != 0 We obtain the following output: TASK [return code] **** changed: [localhost] TASK [debug] ********** ok: [localhost] => { "msg": "rc: 2" } TASK [debug] ********** ok: [localhost] => { "failed_when_result": false, "msg": "Broken (does not fail as expected)" } TASK [debug] ********** fatal: [localhost]: FAILED! => { "failed_when_result": true, "msg": "Working (fails as expected)" } This means that the 'outputs|failed' just does not work at all. Let's move to a more explicit check on the rc code of the registered variable. We also need to fix all the "outputs is defined" checks, because when a task is skipped the registered outputs variable *is* actually defined as the following dictionary: {'skip_reason': u'Conditional result was False', 'skipped': True, 'changed': False} So we use "outputs.rc is defined" in order to make sure that the previous task did indeed run. Closes-Bug: #1733402 Change-Id: I6ef53dc3f9aede42f10c7f110d24722355481261
2017-11-20 20:48:50 +01:00
when: outputs.rc is defined
failed_when: outputs.rc != 0
Add spacing for readability Add blank lines between the Ansible tasks and plays in the stack outputs. This is an improvement in readability for the user. Change-Id: I52ebd9081cacf213ac29f1d24e73db6ea5cfe33f
2018-01-30 19:41:35 -05:00
Copy Permalink