This repository has been archived by the owner on Feb 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 180
/
deploy-steps.j2
1313 lines (1290 loc) · 56 KB
/
deploy-steps.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# certain initialization steps (run in a container) will occur
# on the role marked as primary controller or the first role listed
{%- set primary_role_name = roles[0].name -%}
{%- for role in roles if ('primary' in role.tags and 'controller' in role.tags) -%}
{%- if loop.first -%}
{%- set primary_role_name = role.name -%}
{%- endif -%}
{%- endfor -%}
# primary role is: {{primary_role_name}}
{% set deploy_steps_max = 6 -%}
{% set update_steps_max = 6 -%}
{% set external_update_steps_max = 2 -%}
{% set pre_upgrade_rolling_steps_max = 1 -%}
{% set upgrade_steps_max = 6 -%}
{% set external_upgrade_steps_max = 3 -%}
{% set post_upgrade_steps_max = 4 -%}
{% set post_update_steps_max = 4 -%}
{% set scale_steps_max = 1 -%}
heat_template_version: wallaby
description: >
Post-deploy configuration steps via puppet for all roles,
as defined in ../roles_data.yaml
parameters:
servers:
type: json
description: Mapping of Role name e.g Controller to a list of servers
role_data:
type: json
description: Mapping of Role name e.g Controller to the per-role data
DeployIdentifier:
default: ''
type: string
description: >
Setting this to a unique value will re-run any deployment tasks which
perform configuration on a Heat stack-update.
deployment_source_hosts:
default: 'Undercloud'
type: string
description: Host or hostgroup that runs the deployment
deployment_target_hosts:
default: ''
type: string
description: >
Host or hostgroup that consists of the target systems for the deployment.
Defaults to all hosts in the current Heat stack if not set.
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
ConfigDebug:
default: false
description: Whether to run config management (e.g. Puppet) in debug mode.
type: boolean
HideSensitiveLogs:
default: true
type: boolean
description: >
Set it to false if you don't want to activate the no_log feature within
ansible modules.
EnablePuppet:
default: true
description: Whether to run the puppet (baremetal) deployment tasks.
type: boolean
EnablePaunch:
default: false
description: >
(DEPRECATED) Whether to run paunch during container deployment tasks.
type: boolean
DockerPuppetDebug:
type: boolean
default: false
description: Set to True to enable debug logging with Puppet Containers
DockerPuppetProcessCount:
type: number
default: 6
description: Number of concurrent processes to use when running container-puppet to generate config files.
ContainerCli:
type: string
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['podman']
DockerPuppetMountHostPuppet:
type: boolean
default: true
description: Whether containerized puppet executions use modules from the baremetal host. Defaults to true. Can be set to false to consume puppet modules from containers directly.
ContainerLogStdoutPath:
type: string
description: Absolute path for container stdout output (Podman only)
default: /var/log/containers/stdouts
ContainerHealthcheckDisabled:
type: boolean
description: Whether or not we disable the container healthcheck.
default: false
SELinuxMode:
default: 'enforcing'
description: Configures SELinux mode
type: string
constraints:
- allowed_values: [ 'enforcing', 'permissive', 'disabled' ]
{% for role in roles %}
{{role.name}}Count:
description: Number of {{role.name}} nodes to deploy
type: number
default: {{role.CountDefault|default(0)}}
{% endfor %}
ServiceNetMapLower:
description: Mapping of service name to network name
type: json
default: {}
ValidateControllersIcmp:
default: true
description: Validation to ensure that all controllers can be reached with ICMP
type: boolean
ValidateGatewaysIcmp:
default: true
description: Validation to ensure that all gateways can be reached with ICMP
type: boolean
ValidateFqdn:
default: false
description: Optional validation to ensure FQDN as set by Nova matches the name set in /etc/hosts.
type: boolean
PingTestGatewayIPsMap:
default: {}
description: A map of role name to list of gateway IP addresses for each network, used to ping test each gateway.
type: json
PingTestIpsMap:
default: ''
description: A map of role name to a space separated list of IP addresses used to ping test each available network interface.
type: json
NetworkSafeDefaults:
default: true
description: Allow to enable/disable safe networking defaults if os-net-config would fail to run with the provided config.
type: boolean
DeployArtifactURLs:
default: []
description: A list of HTTP URLs containing deployment artifacts to be pulled.
Currently supports tarballs and RPM packages.
type: comma_delimited_list
DeployArtifactFILEs:
default: []
description: A list of files containing deployment artifacts to be pushed.
Currently supports tarballs and RPM packages.
type: comma_delimited_list
HostsEntry:
default: []
type: comma_delimited_list
description: A list of entries to be added to /etc/hosts on each node.
AnsibleHostVarsMap:
type: json
default: {}
ContainerCli:
type: string
default: 'podman'
description: CLI tool used to manage containers.
constraints:
- allowed_values: ['podman']
EnabledServices:
default: []
type: comma_delimited_list
ControlVirtualIP:
type: string
EnabledNetworks:
type: comma_delimited_list
NetVipMap:
type: json
{%- for network in networks if network.enabled|default(true) %}
{{network.name}}NetName:
default: {{network.name_lower}}
description: The name of the {{network.name_lower}} network.
type: string
{%- endfor %}
CloudNames:
type: json
EnableInternalTLS:
type: boolean
default: false
CloudDomain:
default: 'localdomain'
type: string
description: >
The DNS domain used for the hosts. This must match the
overcloud_domain_name configured on the undercloud.
NovaAdditionalCell:
default: false
description: Whether this is an cell additional to the default cell.
type: boolean
AllNodesExtraMapData:
default: {}
type: json
description: Map of extra data (hieradata) to set on each node.
UndercloudHostsEntries:
default: []
description: >
List of undercloud hosts entries to be appended to /etc/hosts. The
value is populated with the HEAT_HOSTS entries on the undercloud by
tripleoclient when running deploy.
type: comma_delimited_list
ExtraHostsEntries:
default: []
description: List of extra hosts entries to be appended to /etc/hosts
type: comma_delimited_list
VipHostsEntries:
default: []
description: List of VIP (virtual IP) hosts entries to be appended to /etc/hosts
type: comma_delimited_list
KeystoneResourcesConfigs:
description: The keystone resources config.
type: json
default: {}
RootStackName:
description: The name of the stack/plan.
type: string
NetCidrMap:
description: Mapping of CIDRs to network name
type: json
default: {}
parameter_groups:
- label: deprecated
description: |
The following parameters are deprecated and will be removed. They should not
be relied on for new deployments. If you have concerns regarding deprecated
parameters, please contact the TripleO development team on IRC or the
OpenStack mailing list.
parameters:
- EnablePaunch
conditions:
{% for role in roles %}
{{role.name}}NonZero:
not:
equals:
- {get_param: {{role.name}}Count}
- 0
{% endfor %}
resources:
PreDeployStepTasks:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
{%- for role in roles %}
- if:
- {{role.name}}NonZero
- get_param: [role_data, {{role.name}}, pre_deploy_step_tasks]
- []
{%- endfor %}
ExternalDeployTasks:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
{%- for role in roles %}
- if:
- {{role.name}}NonZero
- get_param: [role_data, {{role.name}}, external_deploy_tasks]
- []
{%- endfor %}
ExternalPostDeployTasks:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
{%- for role in roles %}
- if:
- {{role.name}}NonZero
- get_param: [role_data, {{role.name}}, external_post_deploy_tasks]
- []
{%- endfor %}
ScaleTasks:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
{%- for role in roles %}
- get_param: [role_data, {{role.name}}, scale_tasks]
{%- endfor %}
ExternalUpdateTasks:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
{%- for role in roles %}
- if:
- {{role.name}}NonZero
- get_param: [role_data, {{role.name}}, external_update_tasks]
- []
{%- endfor %}
ExternalUpgradeTasks:
type: OS::Heat::Value
properties:
type: comma_delimited_list
value:
list_concat_unique:
{%- for role in roles %}
- if:
- {{role.name}}NonZero
- get_param: [role_data, {{role.name}}, external_upgrade_tasks]
- []
{%- endfor %}
BootstrapServerId:
type: OS::Heat::Value
properties:
value:
yaql:
# Use a constant string of "bootstrap_server_id" when there are no
# servers in the primary role, such as in the case when all
# Controllers are blacklisted. No server id's will match the string
# which is what we want when all are blacklisted.
expression: switch($.data = {} => "no_bootstrap_server", $.data != {} => $.data.items().orderBy($[0]).first()[1])
data: {get_param: [servers, {{primary_role_name}}]}
# Note, this should be the last step to execute configuration changes.
# Ensure that all ExtraConfigPost steps are executed
# after all the previous deployment steps.
ExtraConfigPost:
type: OS::TripleO::NodeExtraConfigPost
properties:
servers:
map_merge:
{%- for role in roles %}
- if:
- {{role.name}}NonZero
- {get_param: [servers, {{role.name}}]}
- {}
{%- endfor %}
EndpointMap: {get_param: EndpointMap}
# BEGIN CONFIG STEPS, only on roles
{%- for role in roles %}
# The {{role.name}}PostConfig steps are in charge of
# quiescing all services, i.e. in the Controller case,
# we should run a full service reload.
{{role.name}}PostConfig:
condition: {{role.name}}NonZero
type: OS::TripleO::Tasks::{{role.name}}PostConfig
depends_on: ExtraConfigPost
properties:
servers: {get_param: servers}
input_values:
deploy_identifier: {get_param: DeployIdentifier}
{% endfor %}
outputs:
RoleConfig:
description: Mapping of config data for all roles
value:
global_vars:
deploy_steps_max: {{deploy_steps_max}}
service_net_map: {get_param: ServiceNetMapLower}
validate_controllers_icmp: {get_param: ValidateControllersIcmp}
validate_gateways_icmp: {get_param: ValidateGatewaysIcmp}
validate_fqdn: {get_param: ValidateFqdn}
ping_test_gateway_ips: {get_param: PingTestGatewayIPsMap}
ping_test_ips: {get_param: PingTestIpsMap}
network_safe_defaults: {get_param: NetworkSafeDefaults}
deploy_artifact_urls: {get_param: DeployArtifactURLs}
deploy_artifact_files: {get_param: DeployArtifactFILEs}
hosts_entry: {get_param: HostsEntry}
primary_role_name: {{ primary_role_name }}
deploy_identifier: {get_param: DeployIdentifier}
container_cli: {get_param: ContainerCli}
enabled_services: {get_param: EnabledServices}
control_virtual_ip: {get_param: ControlVirtualIP}
enabled_networks: {get_param: EnabledNetworks}
net_vip_map: {get_param: NetVipMap}
nova_additional_cell: {get_param: NovaAdditionalCell}
hide_sensitive_logs: {get_param: HideSensitiveLogs}
{%- for network in networks if network.enabled|default(true) %}
{{network.name_lower}}_net_name: {get_param: {{network.name}}NetName}
{%- endfor %}
networks:
{%- for network in networks if network.enabled|default(true) %}
{{network.name}}:
name: {get_param: {{network.name}}NetName}
name_lower: {{ network.name_lower }}
{%- endfor %}
network_virtual_ips:
ctlplane:
ip_address: {get_param: [NetVipMap, ctlplane]}
index: 1
{%- for network in networks if network.vip|default(false) and network.enabled|default(true) %}
{{network.name_lower}}:
ip_address: {get_param: [NetVipMap, {get_param: {{network.name}}NetName}]}
index: {{loop.index + 1}}
{%- endfor %}
cloud_names: {get_param: CloudNames}
enable_internal_tls: {get_param: EnableInternalTLS}
cloud_domain: {get_param: CloudDomain}
all_nodes_extra_map_data: {get_param: AllNodesExtraMapData}
undercloud_hosts_entries: {get_param: UndercloudHostsEntries}
extra_hosts_entries: {get_param: ExtraHostsEntries}
vip_hosts_entries: {get_param: VipHostsEntries}
keystone_resources: {get_param: KeystoneResourcesConfigs}
net_cidr_map: {get_param: NetCidrMap}
common_deploy_steps_playbooks: {get_file: deploy-steps-playbooks-common.yaml}
common_deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml}
common_container_config_scripts: {get_file: common-container-config-scripts.yaml}
hiera_steps_tasks: {get_file: hiera-steps-tasks.yaml}
deploy_steps_tasks_step_0: {get_file: deploy-steps-tasks-step-0.yaml}
common_container_setup_tasks: {get_file: common-container-setup-tasks.yaml}
common_deploy_steps_tasks_step_1: {get_file: deploy-steps-tasks-step-1.yaml}
container_puppet_script: {get_file: ./container-puppet.sh}
generate-config-tasks: {get_file: generate-config-tasks.yaml}
host-container-puppet-tasks: {get_file: host-container-puppet-tasks.yaml}
deploy_steps_0_playbook:
{% block deploy_steps_str_replace_params %}
str_replace:
params:
BOOTSTRAP_SERVER_ID: {get_attr: [BootstrapServerId, value]}
DEPLOY_SOURCE_HOST: {get_param: deployment_source_hosts}
DEPLOY_TARGET_HOST:
if:
- equals:
- {get_param: deployment_target_hosts}
- ""
- {get_param: RootStackName}
- {get_param: deployment_target_hosts}
DEPLOY_IDENTIFIER: {get_param: DeployIdentifier}
ENABLE_DEBUG: {get_param: ConfigDebug}
ENABLE_PUPPET: {get_param: EnablePuppet}
CONTAINER_CLI: {get_param: ContainerCli}
CONTAINER_LOG_STDOUT_PATH: {get_param: ContainerLogStdoutPath}
CONTAINER_HEALTHCHECK_DISABLED: {get_param: ContainerHealthcheckDisabled}
DOCKER_PUPPET_DEBUG: {get_param: DockerPuppetDebug}
DOCKER_PUPPET_PROCESS_COUNT: {get_param: DockerPuppetProcessCount}
DOCKER_PUPPET_MOUNT_HOST_PUPPET: {get_param: DockerPuppetMountHostPuppet}
SELINUX_MODE: {get_param: SELinuxMode}
{% endblock %}
template: |
- hosts: DEPLOY_SOURCE_HOST
strategy: tripleo_free
name: External deployment step 0
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
become: false
vars:
step: 0
enable_debug: ENABLE_DEBUG
tasks:
- name: External deployment step 0
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'External deployment step 0' to resume from this task
- include_tasks: "external_deploy_steps_tasks_step0.yaml"
when:
- playbook_dir ~ '/external_deploy_steps_tasks_step0.yaml' is exists
tags:
- external
- external_deploy_steps
- step0
- import_playbook: common_deploy_steps_playbooks.yaml
vars:
deploy_source_host: "DEPLOY_SOURCE_HOST"
deploy_target_host: "DEPLOY_TARGET_HOST"
deploy_steps_selinux_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: DEPLOY_TARGET_HOST
strategy: tripleo_linear
name: Manage SELinux
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
tasks:
- name: Set selinux state
become: true
selinux:
policy: targeted
state: SELINUX_MODE
- hosts: all
strategy: tripleo_linear
name: Generate /etc/hosts
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
tasks:
{% raw %}
- name: Configure Hosts Entries
include_role:
name: tripleo_hosts_entries
vars:
tripleo_hosts_entries_undercloud_hosts_entries: "{{ undercloud_hosts_entries }}"
tripleo_hosts_entries_extra_hosts_entries: "{{ extra_hosts_entries }}"
tripleo_hosts_entries_vip_hosts_entries: "{{ vip_hosts_entries }}"
{% endraw %}
deploy_steps_common_roles_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: DEPLOY_TARGET_HOST
strategy: tripleo_linear
name: Common roles for TripleO servers
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
# pre_tasks run before any roles in a play, so we use it for the
# named debug task for --start-at-task.
pre_tasks:
- name: Common roles for TripleO servers
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Common roles for TripleO servers' to resume from this task
tasks:
- include_role:
name: tripleo_bootstrap
- include_role:
name: tripleo_ssh_known_hosts
tags:
- common_roles
deploy_steps_0_tasks_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Deploy step tasks for step 0
become: true
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
step: 0
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
- import_tasks: deploy_steps_tasks_step_0.yaml
tags:
- overcloud
- deploy_steps
- step0
deploy_steps_pre_network_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Server pre network steps
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
deploy_source_host: "DEPLOY_SOURCE_HOST"
tasks:
{% raw %}
- name: Server pre-network deployments
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Server pre-network deployments' to resume from this task
- import_tasks: hiera_steps_tasks.yaml
- include_tasks: deployments.yaml
vars:
force: false
with_items: "{{ hostvars[inventory_hostname]['pre_network_' ~ tripleo_role_name]|default([]) }}"
{% endraw %}
tags:
- overcloud
- pre_deploy_steps
deploy_steps_network_deployments_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Server network deployments
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
tasks:
{% raw %}
- name: Network Configuration
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Network Configuration' to resume from this task
- name: Check NetworkConfig script existence
delegate_to: localhost
stat:
path: "{{ tripleo_role_name ~ '/NetworkConfig' }}"
register: NetworkConfig_stat
when: not tripleo_network_config_with_ansible
- name: Run Network Config
import_role:
name: tripleo_network_config
vars:
tripleo_network_config_script_path: "{{ NetworkConfig_stat.stat.path }}"
tripleo_network_config_update: "{{ network_config_update }}"
tripleo_network_config_async_timeout: "{{ async_timeout | default(300) }}"
tripleo_network_config_async_poll: "{{ async_poll | default(3) }}"
tripleo_network_config_hide_sensitive_logs: false
tripleo_network_config_legacy_script: false
tripleo_network_config_safe_defaults: "{{ network_safe_defaults }}|bool"
when:
- tripleo_network_config_with_ansible or NetworkConfig_stat.stat.exists
tags:
- overcloud
- pre_deploy_steps
- network_deploy_steps
{% endraw %}
deploy_steps_network_validation_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Server network validation
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
tasks:
{% raw %}
- name: Basic Network Validation
include_role:
name: tripleo_nodes_validation
vars:
tripleo_nodes_validation_validate_controllers_icmp: "{{ validate_controllers_icmp }}"
tripleo_nodes_validation_validate_gateway_icmp: "{{ validate_gateways_icmp }}"
tripleo_nodes_validation_validate_fqdn: "{{ validate_fqdn }}"
tripleo_nodes_validation_ping_test_ips: "{{ ping_test_ips.get(tripleo_role_name, '').split() | list | unique }}"
tripleo_nodes_validation_ping_test_gateway_ips: "{{ ping_test_gateway_ips.get(tripleo_role_name, []) }}"
tags:
- overcloud
- pre_deploy_steps
- network_deploy_steps
{% endraw %}
deploy_steps_pre_deployment_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Server pre deployment steps
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
tasks:
- name: Server pre deployments
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Server pre deployments' to resume from this task
{% raw %}
- import_tasks: hiera_steps_tasks.yaml
- include_tasks: deployments.yaml
vars:
force: false
with_items: "{{ hostvars[inventory_hostname]['pre_deployments_' ~ tripleo_role_name]|default([]) }}"
{% endraw %}
tags:
- overcloud
- pre_deploy_steps
deploy_steps_host_prep_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Host prep steps
become: true
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
{% raw %}
- name: Host prep steps
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Host prep steps' to resume from this task
- name: Deploy Artifacts
tripleo_push_artifacts:
artifact_urls: "{{ deploy_artifact_urls | default([]) }}"
artifact_paths: "{{ deploy_artifact_files | default([]) }}"
when:
- ((deploy_artifact_urls | default([]) | length) > 0) or
((deploy_artifact_files | default([]) | length) > 0)
- include_tasks: "{{ _task_file_path }}"
vars:
_task_file_path: "{{ tripleo_role_name }}/host_prep_tasks.yaml"
when: "'{{ playbook_dir }}/{{ _task_file_path }}' is exists"
tags:
- overcloud
- host_prep_steps
{% endraw %}
deploy_steps_container_setup_tasks_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Overcloud container setup tasks
become: true
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
- name: Overcloud container setup tasks
block:
- name: Overcloud container setup tasks
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Overcloud container setup tasks' to resume from this task
- name: Write config data
include_tasks: common_container_setup_tasks.yaml
when:
- (deploy_identifier is defined and deploy_identifier != "" and deploy_identifier is not none)
tags:
- overcloud
- container_setup_tasks
deploy_steps_pre_deployment_tasks_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Pre Deployment Step Tasks
become: true
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
{% raw %}
- name: Pre Deployment Step Tasks
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Pre Deployment Step Tasks' to resume from this task
- include_tasks: "{{ _task_file_path }}"
vars:
_task_file_path: "{{ tripleo_role_name }}/pre_deploy_step_tasks.yaml"
when: "'{{ playbook_dir }}/{{ _task_file_path }}' is exists"
tags:
- overcloud
- pre_deploy_steps_tasks
{% endraw %}
deploy_steps_external_deployment_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
{%- for step in range(1,deploy_steps_max) %}
- hosts: DEPLOY_SOURCE_HOST
strategy: tripleo_free
name: External deployment step {{step}}
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
become: false
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
step: '{{step}}'
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
- name: External deployment step {{step}}
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'External deployment step {{step}}' to resume from this task
- include_tasks: "external_deploy_steps_tasks_step{{step}}.yaml"
when:
- playbook_dir ~ '/external_deploy_steps_tasks_step{{step}}.yaml' is exists
tags:
- external
- external_deploy_steps
- step{{step}}
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Deploy step tasks for {{step}}
become: true
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
step: '{{step}}'
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
- name: Deploy step tasks for {{step}}
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Deploy step tasks for {{step}}' to resume from this task
- name: Write the config_step hieradata for the deploy step {{step}} tasks
{% raw %}
copy:
content: "{{ dict(step=step | int) | to_json }}"
dest: /etc/puppet/hieradata/config_step.json
force: true
mode: '0600'
{% endraw %}
{% if step == 1 %}
- name: Overcloud common bootstrap tasks for step 1
block:
- name: "Check if /var/lib/tripleo-config/container-startup-config/step_{{step}} already exists"
stat:
path: "/var/lib/tripleo-config/container-startup-config/step_{{step}}"
register: container_startup_configs_json_stat
- name: Write config data at the start of step 1
include_tasks: common_deploy_steps_tasks_step_1.yaml
when:
- ((deploy_identifier is defined and deploy_identifier != "" and deploy_identifier is not none) or
not container_startup_configs_json_stat.stat.exists)
{% endif %}
{% raw %}
- include_tasks: "{{ _task_file_path }}"
vars:
_task_file_path: "{{ tripleo_role_name }}/deploy_steps_tasks_step{{ step }}.yaml"
when: "'{{ playbook_dir }}/{{ _task_file_path }}' is exists"
{% endraw %}
- name: Overcloud common deploy step tasks {{step}}
block:
- name: "Check if /var/lib/tripleo-config/container-startup-config/step_{{step}} already exists"
stat:
path: "/var/lib/tripleo-config/container-startup-config/step_{{step}}"
register: container_startup_configs_json_stat
- include_tasks: common_deploy_steps_tasks.yaml
when: (deploy_identifier is defined and deploy_identifier != "" and deploy_identifier is not none) or
(container_startup_configs_json_stat is defined and not container_startup_configs_json_stat.stat.exists)
tags:
- overcloud
- deploy_steps
- step{{step}}
{%- endfor %}
deploy_steps_post_deployment_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: {{primary_role_name}}:DEPLOY_TARGET_HOST
strategy: tripleo_free
name: Server Post Deployments
become: true
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
tasks:
- name: Server Post Deployments
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'Server Post Deployments' to resume from this task
{% raw %}
- include_tasks: deployments.yaml
vars:
force: false
with_items: "{{ hostvars[inventory_hostname]['post_deployments_' ~ tripleo_role_name]|default([]) }}"
tags:
- overcloud
- post_deploy_steps
{% endraw %}
deploy_steps_post_deploy_tasks_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- hosts: DEPLOY_SOURCE_HOST
strategy: tripleo_linear
name: External deployment Post Deploy tasks
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
become: false
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tasks:
- name: External deployment Post Deploy tasks
delegate_to: localhost
run_once: true
debug:
msg: Use --start-at-task 'External deployment Post Deploy tasks' to resume from this task
- import_tasks: external_post_deploy_steps_tasks.yaml
tags:
- external
- external_deploy_steps
- external_post_deploy_steps
deploy_steps_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- import_playbook: deploy_steps_0_playbook.yaml
- import_playbook: deploy_steps_selinux_playbook.yaml
- import_playbook: deploy_steps_common_roles_playbook.yaml
- import_playbook: deploy_steps_0_tasks_playbook.yaml
- import_playbook: deploy_steps_pre_network_playbook.yaml
- import_playbook: deploy_steps_network_deployments_playbook.yaml
- import_playbook: deploy_steps_network_validation_playbook.yaml
- import_playbook: deploy_steps_pre_deployment_playbook.yaml
- import_playbook: deploy_steps_host_prep_playbook.yaml
- import_playbook: deploy_steps_container_setup_tasks_playbook.yaml
- import_playbook: deploy_steps_pre_deployment_tasks_playbook.yaml
- import_playbook: deploy_steps_external_deployment_playbook.yaml
- import_playbook: deploy_steps_post_deployment_playbook.yaml
- import_playbook: deploy_steps_post_deploy_tasks_playbook.yaml
external_deploy_steps_tasks: {get_attr: [ExternalDeployTasks, value]}
external_post_deploy_steps_tasks: {get_attr: [ExternalPostDeployTasks, value]}
pre_deploy_step_tasks: {get_attr: [PreDeployStepTasks, value]}
update_steps_playbook:
{{ self.deploy_steps_str_replace_params() }}
template: |
- import_playbook: common_deploy_steps_playbooks.yaml
vars:
deploy_source_host: "DEPLOY_SOURCE_HOST"
deploy_target_host: "DEPLOY_TARGET_HOST"
{%- for role in roles %}
- hosts: {{role.name}}
name: Run update
become: true
serial: "{% raw %}{{ update_serial | default({% endraw %}{{ role.update_serial | default(1) }}{% raw %})}}{% endraw %}"
gather_facts: "{% raw %}{{ gather_facts | default(false) }}{% endraw %}"
any_errors_fatal: true
vars:
bootstrap_server_id: BOOTSTRAP_SERVER_ID
deploy_identifier: DEPLOY_IDENTIFIER
enable_debug: ENABLE_DEBUG
enable_puppet: ENABLE_PUPPET
container_cli: CONTAINER_CLI
container_log_stdout_path: CONTAINER_LOG_STDOUT_PATH
container_healthcheck_disabled: CONTAINER_HEALTHCHECK_DISABLED
docker_puppet_debug: DOCKER_PUPPET_DEBUG
docker_puppet_process_count: DOCKER_PUPPET_PROCESS_COUNT
docker_puppet_mount_host_puppet: DOCKER_PUPPET_MOUNT_HOST_PUPPET
tripleo_minor_update: true
tripleo_redhat_enforce: {{role.rhsm_enforce|default("true")}}
tasks:
- import_tasks: hiera_steps_tasks.yaml
- import_tasks: common_container_config_scripts.yaml
{%- for step in range(0,update_steps_max) %}
- import_tasks: "{{ role.name }}/update_tasks_step{{ step }}.yaml"
vars:
step: "{{ step }}"
{%- endfor %}
{% raw %}
- include_tasks: "{{ _task_file_path }}"
vars:
_task_file_path: "{{ tripleo_role_name }}/host_prep_tasks.yaml"
when: "'{{ playbook_dir }}/{{ _task_file_path }}' is exists"
{% endraw %}
- import_tasks: deploy_steps_tasks_step_0.yaml