This repository has been archived by the owner on Feb 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 39
/
main.yml
326 lines (292 loc) · 12.5 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
---
- name: Gather ansible distribution
setup:
gather_subset: "!min,distribution"
when: ansible_distribution is not defined
- name: Cache tempest network cidr
set_fact:
tempest_cidr: "{{ undercloud_network_cidr }}"
when: use_os_tempest is defined
# tasks file for all_in_one
- name: Set hostname
hostname:
name: "{{ standalone_hostname }}"
become: true
when: not enable_tls|default(false)|bool
- name: set virtual-control-ip for TLS deployments
set_fact:
standalone_control_virtual_ip: "{{ undercloud_network_cidr|nthhost(210) }}"
cacheable: true
when: enable_tls|default(false)|bool
- name: Add DNS and NTP server settings for TLS deployments
become: true
blockinfile:
path: "{{ overcloud_templates_path }}/ci/environments/standalone-ipa.yaml"
insertafter: " HAProxyExternalNetwork: ctlplane"
block: |
# Custom IPA params
DnsServers: ["{{ subnode_1_ip }}"]
NtpServer: "{{ job.standalone_ntp_servers|default(['clock.redhat.com']) }}"
when: enable_tls|default(false)|bool
# standalone params
- name: Create the standalone params
template:
src: "{{ standalone_config }}"
dest: "{{ working_dir }}/standalone_parameters.yaml"
mode: 0755
- name: Remove settings that will be added with TLS
lineinfile:
path: "{{ working_dir }}/standalone_parameters.yaml"
regexp: "{{ item }}"
state: absent
backup: true
with_items:
- ' CloudName: 192.168.24.1'
- ' CertmongerCA: local'
- ' DnsServers: (.*)'
when: enable_tls|default(false)|bool
- name: Build and push containers into a local registry
when:
- job.build_container_images|default(false)|bool
include_role:
name: container-build
vars:
container_registry_namespace: "{{ docker_registry_namespace }}"
container_tag: "{{ container_build_id }}"
- name: Run container prepare legacy
when:
- release in ['queens', 'rocky', 'stein', 'train']
block:
- name: Create container parameters script
template:
src: "{{ standalone_container_prep_script }}"
dest: "{{ working_dir }}/standalone-container-prep.sh"
mode: "0755"
- name: Run container prepare
shell: >
set -o pipefail &&
{{ working_dir }}/standalone-container-prep.sh 2>&1 {{ timestamper_cmd }} > {{ working_dir }}/{{ standalone_container_prep_log }}
changed_when: true
- name: Run container prepare via tripleo-operator-ansible
when:
- release not in ['queens', 'rocky', 'stein', 'train']
collections:
- tripleo.operator
include_role:
name: tripleo_container_image_prepare_default
vars:
tripleo_container_image_prepare_default_debug: true
tripleo_container_image_prepare_default_output_env_file: "{{ working_dir }}/containers-prepare-parameters.yaml"
# update the registry to rdo or docker.io
- name: update registry if needed in container-prepare-parameters.yaml
when:
- docker_registry_host != '' and docker_registry_namespace != ''
replace:
path: "{{ working_dir }}/containers-prepare-parameters.yaml"
regexp: " namespace: (.*)"
replace: " namespace: {{ docker_registry_host }}/{{ docker_registry_namespace }}"
backup: true
# update the container tag to match dlrn hash
- name: update container tag if needed in container-prepare-parameters.yaml
when:
- container_build_id != ''
replace:
path: "{{ working_dir }}/containers-prepare-parameters.yaml"
regexp: " tag: (.*)"
replace: " tag: {{ container_build_id }}"
backup: true
# in extra-common/defaults
# docker_prep_prefix: "{{ ansible_distribution | lower }}-binary-"
- name: update container name_prefix for the appropriate distro
replace:
path: "{{ working_dir }}/containers-prepare-parameters.yaml"
regexp: " name_prefix: (.*)"
replace: " name_prefix: {{ docker_prep_prefix }}"
backup: true
# ceph parameters
- name: update container ceph parameters
when:
- standalone_container_ceph_updates|default(false)|bool
replace:
path: "{{ working_dir }}/containers-prepare-parameters.yaml"
regexp: " {{ item.original }}: (.*)"
replace: " {{ item.replace }}"
backup: true
with_items:
- { original: "ceph_namespace", replace: "ceph_namespace: {{ docker_ceph_namespace }}" }
- { original: "ceph_image", replace: "ceph_image: {{ docker_ceph_image }}" }
- { original: "ceph_tag", replace: "ceph_tag: {{ docker_ceph_tag }}" }
- name: update container custom ceph parameters, if required
when:
- standalone_container_ceph_updates|default(false)|bool
- custom_ceph_parameters|default(false)|bool
replace:
path: "{{ working_dir }}/containers-prepare-parameters.yaml"
regexp: " {{ item.original }}: (.*)"
replace: " {{ item.replace }}"
backup: true
with_items:
- { original: "ceph_alertmanager_image", replace: "ceph_alertmanager_image: {{ custom_ceph_alertmanager_image }}" }
- { original: "ceph_alertmanager_namespace", replace: "ceph_alertmanager_namespace: {{ custom_ceph_alertmanager_namespace }}" }
- { original: "ceph_alertmanager_tag", replace: "ceph_alertmanager_tag: {{ custom_ceph_alertmanager_tag }}" }
- { original: "ceph_grafana_image", replace: "ceph_grafana_image: {{ custom_ceph_grafana_image }}" }
- { original: "ceph_grafana_namespace", replace: "ceph_grafana_namespace: {{ custom_ceph_grafana_namespace }}" }
- { original: "ceph_grafana_tag", replace: "ceph_grafana_tag: {{ custom_ceph_grafana_tag }}" }
- { original: "ceph_node_exporter_image", replace: "ceph_node_exporter_image: {{ custom_ceph_node_exporter_image }}" }
- { original: "ceph_node_exporter_namespace", replace: "ceph_node_exporter_namespace: {{ custom_ceph_node_exporter_namespace }}" }
- { original: "ceph_node_exporter_tag", replace: "ceph_node_exporter_tag: {{ custom_ceph_node_exporter_tag }}" }
- { original: "ceph_prometheus_image", replace: "ceph_prometheus_image: {{ custom_ceph_prometheus_image }}" }
- { original: "ceph_prometheus_namespace", replace: "ceph_prometheus_namespace: {{ custom_ceph_prometheus_namespace }}" }
- { original: "ceph_prometheus_tag", replace: "ceph_prometheus_tag: {{ custom_ceph_prometheus_tag }}" }
- name: Set repos defined in the job to update
when:
- job.add_repos is defined
- job.add_repos != []
- standalone_container_prep_updates
block:
- name: Create string of repos to update
set_fact:
add_repo_update_list: >-
{% if job.add_repos[item|int].update_container|default(false) -%}
{{ job.add_repos[item|int].reponame }}
{% endif -%}
with_sequence: start=0 end="{{ (job.add_repos|length -1)|int }}"
register: add_repo_update_list_result
- debug:
var: add_repo_update_list
- name: Add repos to update_repo
set_fact:
add_repos_update: "{{ add_repo_update_list_result.results | map(attribute='ansible_facts.add_repo_update_list') | list }}"
cacheable: true
when: add_repo_update_list_result|length > 0
- debug:
var: add_repos_update
- name: Create string from list
set_fact:
add_repos_update: ",{{ add_repos_update | join(',') }}"
when: add_repos_update|length > 0
- name: Load the container params file data
slurp:
src: "{{ working_dir }}/containers-prepare-parameters.yaml"
register: containers_prepare_parameters
- name: Parse container params
set_fact:
containers_prepare_parameters_yaml: "{{ containers_prepare_parameters['content'] | b64decode | from_yaml }}"
# update params for container update
- name: Add updates to container-prepare-parameters.yaml
when:
- standalone_container_prep_updates
- not job.build_container_images|default(false)|bool
block:
- name: Generate modified containers file
set_fact:
containers_prepare_parameters_yaml: |-
{% set imageParams = [] %}
{% for item in containers_prepare_parameters_yaml['parameter_defaults']['ContainerImagePrepare'] %}
{% set _ = item.__setitem__("push_destination", local_docker_registry_host ~ ":8787") %}
{% set _ = item.__setitem__("modify_role", "tripleo-modify-image") %}
{% set _ = item.__setitem__("modify_append_tag", update_containers_append_tag) %}
{% if not (osp_release is defined) %}
{% set _ = item.__setitem__("modify_only_with_labels", ["kolla_version", "tcib_managed"]) %}
{% endif %}
{% set _ = item.__setitem__(
"modify_vars",
{
"tasks_from": "yum_update.yml",
"yum_repos_dir_path": "/etc/yum.repos.d",
"update_repo": standalone_container_prep_update_repo ~ add_repos_update | default('')
}
)
%}
{% set _ = item.pop("tag_from_label", "") %}
{% set _ = imageParams.append(item) %}
{% endfor %}
{% set defaults = {"ContainerImagePrepare": imageParams} %}
{{ {"parameter_defaults": defaults} }}
- name: Update rhel_containers value
when:
- ansible_distribution == 'RedHat'
set_fact:
containers_prepare_parameters_yaml: |-
{% set imageParams = [] %}
{% for item in (containers_prepare_parameters_yaml | from_yaml)['parameter_defaults']['ContainerImagePrepare'] %}
{% if "set" in item %}
{% set _ = item['set'].__setitem__("rhel_containers", true) %}
{% endif %}
{% set _ = imageParams.append(item) %}
{% endfor %}
{% set defaults = {"ContainerImagePrepare": imageParams} %}
{{ {"parameter_defaults": defaults} }}
- name: Write containers-prepare-parameters.yaml
copy:
content: "{{ containers_prepare_parameters_yaml | to_nice_yaml }}"
dest: "{{ working_dir }}/containers-prepare-parameters.yaml"
- name: Modify the insecure registry value when using podman
when:
- standalone_container_prep_updates
- ansible_distribution == 'RedHat'
- ansible_distribution_major_version|int >= 8
- release not in ['newton', 'ocata', 'pike', 'queens', 'rocky']
replace:
path: "{{ working_dir }}/standalone_parameters.yaml"
regexp: " - 192.168.24.1:8787"
replace: " - 192.168.24.1"
backup: true
- name: Run dstat on the standalone prior to standalone deploy
include_role:
name: validate-perf
- name: Check whether control plane defaults to HA
set_fact:
tripleo_deploy_ha_control_plane: "{{ release not in ['newton', 'ocata', 'pike', 'queens', 'rocky', 'stein', 'train'] }}"
- name: Run standalone via tripleo-operator-ansible
collections:
- tripleo.operator
include_role:
name: tripleo_deploy
vars:
tripleo_deploy_debug: true
tripleo_deploy_debug_arg: "{{ standalone_tripleo_deploy_debug_arg }}"
tripleo_deploy_local_ip: "{{ standalone_ip }}/{{ standalone_network_prefix }}"
tripleo_deploy_control_virtual_ip: "{{ standalone_control_virtual_ip|default() or \
(standalone_ha_control_virtual_ip|default() if tripleo_deploy_ha_control_plane) }}"
tripleo_deploy_roles_file: "{{ overcloud_templates_path }}/roles/{{ standalone_role }}"
tripleo_deploy_output_dir: "{{ working_dir }}"
tripleo_deploy_environment_files: |-
{% set env_files = [overcloud_templates_path + '/environments/standalone/standalone-tripleo.yaml',
working_dir + '/containers-prepare-parameters.yaml',
working_dir + '/standalone_parameters.yaml']%}
{% if standalone_custom_env_files %}
{% set env_files = env_files + standalone_custom_env_files %}
{% endif %}
{{ env_files }}
- when: standalone_ansible_lint|default(false)|bool
vars:
quickstart_venv: "{{ lookup('env','OPT_WORKDIR') }}"
block:
- name: Install ansible-lint
# noqa 403
pip:
name: ansible-lint
state: latest
virtualenv: "{{ quickstart_venv }}"
- name: List playbooks
shell: "find $(ls -rtd {{ working_dir }}/undercloud-ansible-* | tail -1)/ -name '*playbook*.yaml'"
register: playbooks
# We ignore (for now) the lint (rc==2), only catch syntax error
# (rc==1).
- name: Lint playbooks
shell: >
source {{ quickstart_venv }}/bin/activate;
exec 1>>{{ working_dir }}/{{ standalone_ansible_lint_log }};
exec 2>&1;
echo LINTING {{ item }};
ansible-lint -v {{ item }};
rc=$?;
echo DONE rc=$rc;
exit $rc
register: lint_result
environment:
ANSIBLE_LIBRARY: |
/usr/share/ansible-modules/:{{ lookup('env', 'ANSIBLE_LIBRARY') }}
with_items: "{{ playbooks.stdout_lines }}"
failed_when: lint_result.rc == 1