437 lines
12 KiB
YAML
437 lines
12 KiB
YAML
# POST_DEPLOYMENT TASKS
|
|
- id: enable_quorum
|
|
type: shell
|
|
version: 2.1.0
|
|
role: [primary-controller]
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
cross-depends:
|
|
- name: post_deployment_start
|
|
role: self
|
|
- name: dns-client
|
|
- name: ntp-server
|
|
- name: public_vip_ping
|
|
cross-depended-by:
|
|
- name: post_deployment_end
|
|
role: self
|
|
condition:
|
|
yaql_exp: "changed($.network_metadata.nodes) or changed($.get('corosync_roles'))"
|
|
parameters:
|
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/astute/enable_quorum.rb
|
|
timeout: 180
|
|
|
|
- id: upload_cirros
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-keystone]
|
|
requires: [enable_quorum]
|
|
required_for: [post_deployment_end]
|
|
cross-depends:
|
|
- name: enable_quorum
|
|
- name: primary-keystone
|
|
cross-depended-by:
|
|
- name: post_deployment_end
|
|
role: self
|
|
condition:
|
|
yaql_exp: >
|
|
changedAny($.test_vm_image, $.glance, $.network_metadata.vips,
|
|
$.get('region', 'RegionOne'), $.get('use_ssl'))
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/astute/upload_cirros.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 300
|
|
cwd: /
|
|
|
|
- id: upload_nodes_info
|
|
type: skipped
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
requires: [post_deployment_start]
|
|
|
|
- id: upload_configuration
|
|
type: upload_file
|
|
version: 2.1.0
|
|
role: ['master', '/.*/']
|
|
condition:
|
|
yaql_exp: 'changed($)'
|
|
requires: [override_configuration]
|
|
required_for: [pre_deployment_start]
|
|
refresh_on: ['*']
|
|
parameters:
|
|
path: /etc/fuel/cluster/{CLUSTER_ID}/astute.yaml
|
|
permissions: '0640'
|
|
dir_permissions: '0750'
|
|
timeout: 180
|
|
data:
|
|
yaql_exp: '$.toYaml()'
|
|
|
|
- id: configuration_symlink
|
|
type: shell
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: '$.uid in added($.network_metadata.nodes.values()).uid'
|
|
requires: [upload_configuration]
|
|
required_for: [pre_deployment_start]
|
|
parameters:
|
|
cmd: ln -sf /etc/fuel/cluster/{CLUSTER_ID}/astute.yaml /etc/astute.yaml
|
|
timeout: 180
|
|
|
|
- id: update_hosts
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
required_for: [post_deployment_end]
|
|
requires: [upload_nodes_info, copy_deleted_nodes]
|
|
condition:
|
|
yaql_exp: 'changed($.network_metadata)'
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/hosts/hosts.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
cwd: /
|
|
|
|
- id: disable_keystone_service_token
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-keystone, keystone]
|
|
requires: [upload_cirros]
|
|
required_for: [post_deployment_end]
|
|
cross-depends:
|
|
- name: upload_cirros
|
|
condition:
|
|
yaql_exp: >
|
|
changed($.keystone.get('service_token_off')) and
|
|
$.keystone.get('service_token_off')
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/astute/service_token_off.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 180
|
|
cwd: /
|
|
|
|
- id: primary_public_vip_ping
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: [primary-controller]
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
condition:
|
|
yaql_exp: &pub_viping "changed($.network_scheme) or changed($.get('run_ping_checker'))"
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/virtual_ips/public_vip_ping.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
cwd: /
|
|
|
|
- id: public_vip_ping
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: [controller]
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
condition:
|
|
yaql_exp: *pub_viping
|
|
cross-depends:
|
|
- name: primary_public_vip_ping
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/virtual_ips/public_vip_ping.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
cwd: /
|
|
|
|
- id: configure_default_route
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: [primary-mongo, mongo]
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
condition:
|
|
yaql_exp: "changedAny($.network_scheme,
|
|
$.network_metadata.get('vips',{}).get('management'))"
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/netconfig/configure_default_route.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
cwd: /
|
|
|
|
#PRE DEPLOYMENT
|
|
- id: rsync_core_puppet
|
|
type: sync
|
|
version: 2.0.0
|
|
role: ['/.*/']
|
|
requires: []
|
|
required_for: [pre_deployment_start]
|
|
parameters:
|
|
src: rsync://{MASTER_IP}:/puppet/{OPENSTACK_VERSION}/modules/
|
|
dst: /etc/puppet/modules
|
|
timeout: 180
|
|
|
|
|
|
- id: clear_nodes_info
|
|
type: skipped
|
|
version: 2.0.0
|
|
role: ['/.*/']
|
|
requires: [pre_deployment_start]
|
|
required_for: [pre_deployment_end]
|
|
parameters:
|
|
cmd: rm -f /etc/hiera/nodes.yaml
|
|
retries: 1
|
|
|
|
- id: copy_keys
|
|
type: copy_files
|
|
version: 2.0.0
|
|
role: ['/.*/']
|
|
required_for: [pre_deployment_end]
|
|
requires: [generate_keys]
|
|
cross-depends:
|
|
- name: generate_keys
|
|
role: master
|
|
parameters:
|
|
files:
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/nova/nova.pub
|
|
dst: /var/lib/astute/nova/nova.pub
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/nova/nova
|
|
dst: /var/lib/astute/nova/nova
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/mysql/mysql.pub
|
|
dst: /var/lib/astute/mysql/mysql.pub
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/mysql/mysql
|
|
dst: /var/lib/astute/mysql/mysql
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/mongodb/mongodb.key
|
|
dst: /var/lib/astute/mongodb/mongodb.key
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/fernet-keys/0
|
|
dst: /var/lib/astute/keystone/0
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/fernet-keys/1
|
|
dst: /var/lib/astute/keystone/1
|
|
permissions: '0600'
|
|
dir_permissions: '0700'
|
|
|
|
- id: generate_keys
|
|
type: shell
|
|
version: 2.0.0
|
|
role: master
|
|
requires: [pre_deployment_start]
|
|
required_for: [copy_keys]
|
|
parameters:
|
|
cmd: sh /etc/puppet/modules/osnailyfacter/modular/astute/generate_keys.sh -p /var/lib/fuel/keys/ -i {CLUSTER_ID} -o 'mongodb' -s 'nova mysql' -f '0 1'
|
|
timeout: 180
|
|
|
|
- id: generate_haproxy_keys
|
|
type: shell
|
|
version: 2.1.0
|
|
role: master
|
|
requires: [pre_deployment_start]
|
|
condition:
|
|
yaql_exp: &public_ssl >
|
|
(changedAny($.public_ssl.horizon, $.public_ssl.services,
|
|
$.public_ssl.hostname)) and
|
|
($.public_ssl.horizon or $.public_ssl.services) and
|
|
$.public_ssl.cert_source = 'self_signed'
|
|
required_for: [copy_haproxy_keys]
|
|
parameters:
|
|
cmd: sh /etc/puppet/modules/osnailyfacter/modular/astute/generate_haproxy_keys.sh -i {CLUSTER_ID} -h {CN_HOSTNAME} -o 'haproxy' -p /var/lib/fuel/keys/
|
|
timeout: 180
|
|
|
|
- id: copy_haproxy_keys
|
|
type: copy_files
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: >
|
|
(((changedAny($.public_ssl.horizon, $.public_ssl.services,
|
|
$.public_ssl.hostname)) and
|
|
($.public_ssl.horizon or $.public_ssl.services) and
|
|
(not (old($.public_ssl.horizon) or old($.public_ssl.services)))) or
|
|
(($.public_ssl.horizon or $.public_ssl.services) and
|
|
(($.uid in added($.network_metadata.nodes.values()).uid) or (
|
|
changed($.public_ssl.hostname))))) and
|
|
$.public_ssl.cert_source = 'self_signed'
|
|
required_for: [pre_deployment_end]
|
|
requires: [generate_haproxy_keys]
|
|
cross-depends:
|
|
- name: generate_haproxy_keys
|
|
role: master
|
|
parameters:
|
|
files:
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/haproxy/public_haproxy.pem
|
|
dst: /var/lib/astute/haproxy/public_haproxy.pem
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/haproxy/public_haproxy.crt
|
|
dst: /etc/pki/tls/certs/public_haproxy.pem
|
|
permissions: '0600'
|
|
dir_permissions: '0700'
|
|
|
|
- id: sync_time
|
|
type: shell
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: '$.uid in added($.network_metadata.nodes.values()).uid'
|
|
requires: [pre_deployment_start]
|
|
required_for: [pre_deployment_end]
|
|
parameters:
|
|
cmd: timeout -s9 40 ntpdate -u -v -s $(awk '/^server/ { if ($2 !~ /127\.127\.[0-9]+\.[0-9]+/) {ORS=" "; print $2}}' /etc/ntp.conf)
|
|
retries: 10
|
|
interval: 30
|
|
timeout: 300
|
|
|
|
- id: pre_hiera_config
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: '$.uid in added($.network_metadata.nodes.values()).uid'
|
|
requires: [rsync_core_puppet]
|
|
required_for: [pre_deployment_start]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/hiera/hiera.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
cwd: /
|
|
|
|
- id: override_configuration
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: '$.uid in added($.network_metadata.nodes.values()).uid'
|
|
requires: [pre_hiera_config]
|
|
required_for: [pre_deployment_start]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/hiera/override_configuration.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 180
|
|
cwd: /
|
|
|
|
- id: dump_rabbitmq_definitions
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-rabbitmq, rabbitmq]
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
condition:
|
|
yaql_exp: >
|
|
changedAny($.rabbit, $.get('management_bind_ip_address'),
|
|
$.get('rabbit_management_port'))
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/astute/dump_rabbitmq_definitions.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 180
|
|
cwd: /
|
|
|
|
- id: ironic_post_swift_key
|
|
type: shell
|
|
version: 2.1.0
|
|
role: [primary-controller]
|
|
condition:
|
|
yaql_exp: &ironic_enabled '$.ironic.enabled and changed($.ironic.enabled)'
|
|
requires: [enable_quorum, ceph-radosgw]
|
|
required_for: [post_deployment_end]
|
|
parameters:
|
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/astute/ironic_post_swift_key.rb
|
|
retries: 3
|
|
interval: 20
|
|
timeout: 180
|
|
|
|
- id: ironic_upload_images
|
|
type: shell
|
|
version: 2.2.0
|
|
tags: [primary-keystone]
|
|
cross-depends:
|
|
- name: enable_quorum
|
|
- name: ceph-radosgw
|
|
cross-depended-by:
|
|
- name: post_deployment_end
|
|
role: self
|
|
condition:
|
|
yaql_exp: *ironic_enabled
|
|
required_for: [post_deployment_end]
|
|
requires: [enable_quorum, ceph-radosgw]
|
|
parameters:
|
|
cmd: ruby /etc/puppet/modules/openstack_tasks/examples/ironic/upload_images.rb {CLUSTER_ID}
|
|
retries: 3
|
|
interval: 20
|
|
timeout: 180
|
|
|
|
- id: ironic_copy_bootstrap_key
|
|
type: copy_files
|
|
version: 2.1.0
|
|
role: [ironic]
|
|
condition:
|
|
yaql_exp: >
|
|
($.ironic.enabled and
|
|
(changed($.ironic.enabled) or ('ironic' in added($.roles))))
|
|
required_for: [pre_deployment_end]
|
|
requires: [pre_deployment_start]
|
|
parameters:
|
|
files:
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/ironic/ironic.pub
|
|
dst: /var/lib/astute/ironic/ironic.pub
|
|
- src: /var/lib/fuel/keys/{CLUSTER_ID}/ironic/ironic
|
|
dst: /var/lib/astute/ironic/ironic
|
|
permissions: '0600'
|
|
dir_permissions: '0700'
|
|
|
|
- id: generate_deleted_nodes
|
|
version: 2.1.0
|
|
type: upload_file
|
|
role: master
|
|
condition:
|
|
yaql_exp: &deleted_nodes 'changed($.network_metadata.nodes)'
|
|
requires: [upload_configuration]
|
|
required_for: [pre_deployment_end]
|
|
parameters:
|
|
path: /etc/fuel/cluster/{CLUSTER_ID}/deleted_nodes.yaml
|
|
permissions: '0640'
|
|
dir_permissions: '0750'
|
|
data:
|
|
yaql_exp: '{"deleted_nodes" => coalesce(deleted($.network_metadata.nodes.values().fqdn), [])}.toYaml()'
|
|
|
|
- id: copy_deleted_nodes
|
|
type: copy_files
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: *deleted_nodes
|
|
required_for: [pre_deployment_end]
|
|
requires: [generate_deleted_nodes]
|
|
cross-depends:
|
|
- name: generate_deleted_nodes
|
|
role: master
|
|
parameters:
|
|
files:
|
|
- src: /etc/fuel/cluster/{CLUSTER_ID}/deleted_nodes.yaml
|
|
dst: /etc/hiera/deleted_nodes.yaml
|
|
permissions: '0640'
|
|
dir_permissions: '0750'
|
|
|
|
- id: purge_service_entries
|
|
version: 2.2.0
|
|
type: puppet
|
|
tags: [primary-keystone]
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
condition:
|
|
yaql_exp: *deleted_nodes
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/astute/purge_service_entries.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 180
|
|
cwd: /
|
|
|
|
- id: create_resources
|
|
type: puppet
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
requires: [post_deployment_start]
|
|
required_for: [post_deployment_end]
|
|
cross-depends:
|
|
- name: post_deployment_start
|
|
role: self
|
|
cross-depended-by:
|
|
- name: post_deployment_end
|
|
role: self
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/astute/create_resources.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 300
|
|
cwd: /
|