1 # certain initialization steps (run in a container) will occur
2 # on the role marked as primary controller or the first role listed
3 {%- if enabled_roles is not defined -%}
4 # On upgrade certain roles can be disabled for operator driven upgrades
5 # See major_upgrade_steps.j2.yaml and post-upgrade.j2.yaml
6 {%- set enabled_roles = roles -%}
8 {%- set primary_role = [enabled_roles[0]] -%}
9 {%- for role in enabled_roles -%}
10 {%- if 'primary' in role.tags and 'controller' in role.tags -%}
11 {%- set _ = primary_role.pop() -%}
12 {%- set _ = primary_role.append(role) -%}
15 {%- set primary_role_name = primary_role[0].name -%}
16 # primary role is: {{primary_role_name}}
17 {% set deploy_steps_max = 6 -%}
18 {% set update_steps_max = 6 -%}
19 {% set upgrade_steps_max = 6 -%}
21 heat_template_version: pike
24 Post-deploy configuration steps via puppet for all roles,
25 as defined in ../roles_data.yaml
30 description: Mapping of Role name e.g Controller to a list of servers
33 description: Name of the topmost stack
36 description: Mapping of Role name e.g Controller to the per-role data
41 Setting this to a unique value will re-run any deployment tasks which
42 perform configuration on a Heat stack-update.
45 description: Mapping of service endpoint -> protocol. Typically set
46 via parameter_defaults in the resource registry.
51 description: Set to True to enable debug logging with docker-puppet.py
52 DockerPuppetProcessCount:
55 description: Number of concurrent processes to use when running docker-puppet to generate config files.
60 {% for step in range(1, deploy_steps_max) %}
61 WorkflowTasks_Step{{step}}_Enabled:
63 {%- for role in enabled_roles %}
66 - get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}]
75 type: OS::Heat::SoftwareConfig
79 modulepath: /usr/share/ansible-modules
83 - name: update_identifier
84 - name: bootstrap_server_id
85 - name: docker_puppet_debug
86 - name: docker_puppet_process_count
95 _TASKS: {get_file: deploy-steps-tasks.yaml}
97 {%- for step in range(1, deploy_steps_max) %}
98 # BEGIN service_workflow_tasks handling
99 WorkflowTasks_Step{{step}}:
100 type: OS::Mistral::Workflow
101 condition: WorkflowTasks_Step{{step}}_Enabled
104 {%- for dep in enabled_roles %}
105 - {{dep.name}}PreConfig
106 - {{dep.name}}ArtifactsDeploy
109 {%- for dep in enabled_roles %}
110 - {{dep.name}}Deployment_Step{{step -1}}
114 name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflowtasks", "step{{step}}"]]}
118 expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten()
120 {%- for role in enabled_roles %}
121 - get_param: [role_data, {{role.name}}, service_workflow_tasks]
124 WorkflowTasks_Step{{step}}_Execution:
125 type: OS::Mistral::ExternalResource
126 condition: WorkflowTasks_Step{{step}}_Enabled
127 depends_on: WorkflowTasks_Step{{step}}
131 workflow: { get_resource: WorkflowTasks_Step{{step}} }
134 service_ips: { get_param: ctlplane_service_ips }
136 {%- for r in roles %}
137 {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
141 workflow: { get_resource: WorkflowTasks_Step{{step}} }
144 service_ips: { get_param: ctlplane_service_ips }
146 {%- for r in roles %}
147 {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
151 # END service_workflow_tasks handling
154 # Artifacts config and HostPrepConfig is done on all roles, not only
155 # enabled_roles, because on upgrade we need to write the json files
156 # for the operator driven upgrade scripts (the ansible steps consume them)
157 {% for role in roles %}
158 # Prepare host tasks for {{role.name}}
159 {{role.name}}ArtifactsConfig:
160 type: ../puppet/deploy-artifacts.yaml
162 {{role.name}}ArtifactsDeploy:
163 type: OS::Heat::StructuredDeploymentGroup
165 servers: {get_param: [servers, {{role.name}}]}
166 config: {get_resource: {{role.name}}ArtifactsConfig}
168 {{role.name}}HostPrepConfig:
169 type: OS::Heat::SoftwareConfig
173 modulepath: /usr/share/ansible-modules
182 puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]}
183 docker_puppet_script: {get_file: ../docker/docker-puppet.py}
184 docker_puppet_tasks: {get_param: [role_data, {{role.name}}, docker_puppet_tasks]}
185 docker_startup_configs: {get_param: [role_data, {{role.name}}, docker_config]}
186 kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]}
187 bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
188 puppet_step_config: {get_param: [role_data, {{role.name}}, step_config]}
190 # Join host_prep_tasks with the other per-host configuration
192 - {get_param: [role_data, {{role.name}}, host_prep_tasks]}
195 # Write the manifest for baremetal puppet configuration
196 - name: Create /var/lib/tripleo-config directory
197 file: path=/var/lib/tripleo-config state=directory
198 - name: Write the puppet step_config manifest
199 copy: content="{{puppet_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes mode=0600
200 # this creates a JSON config file for our docker-puppet.py script
201 - name: Create /var/lib/docker-puppet
202 file: path=/var/lib/docker-puppet state=directory
203 - name: Write docker-puppet-tasks json files
204 copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes mode=0600
205 # FIXME: can we move docker-puppet somewhere so it's installed via a package?
206 - name: Write docker-puppet.py
207 copy: content="{{docker_puppet_script}}" dest=/var/lib/docker-puppet/docker-puppet.py force=yes mode=0600
208 # Here we are dumping all the docker container startup configuration data
209 # so that we can have access to how they are started outside of heat
210 # and docker-cmd. This lets us create command line tools to test containers.
211 # FIXME do we need the docker-container-startup-configs.json or is the new per-step
212 # data consumed by paunch enough?
213 - name: Write docker-container-startup-configs
214 copy: content="{{docker_startup_configs | to_json}}" dest=/var/lib/docker-container-startup-configs.json force=yes mode=0600
215 - name: Write per-step docker-container-startup-configs
216 copy: content="{{item.value|to_json}}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{item.key}}.json" force=yes mode=0600
217 with_dict: "{{docker_startup_configs}}"
218 - name: Create /var/lib/kolla/config_files directory
219 file: path=/var/lib/kolla/config_files state=directory
220 - name: Write kolla config json files
221 copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes mode=0600
222 with_dict: "{{kolla_config}}"
223 ########################################################
224 # Bootstrap tasks, only performed on bootstrap_server_id
225 ########################################################
226 - name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
231 - /var/lib/docker-puppet/docker-puppet-tasks*.json
232 when: deploy_server_id == bootstrap_server_id
233 - name: Write docker-puppet-tasks json files
234 copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes mode=0600
235 with_dict: "{{docker_puppet_tasks}}"
236 when: deploy_server_id == bootstrap_server_id
239 {{role.name}}HostPrepDeployment:
240 type: OS::Heat::SoftwareDeploymentGroup
242 servers: {get_param: [servers, {{role.name}}]}
243 config: {get_resource: {{role.name}}HostPrepConfig}
246 # BEGIN CONFIG STEPS, only on enabled_roles
247 {%- for role in enabled_roles %}
248 {{role.name}}PreConfig:
249 type: OS::TripleO::Tasks::{{role.name}}PreConfig
250 depends_on: {{role.name}}HostPrepDeployment
252 servers: {get_param: [servers, {{role.name}}]}
254 update_identifier: {get_param: DeployIdentifier}
256 # Deployment steps for {{role.name}}
257 # A single config is re-applied with an incrementing step number
258 {% for step in range(1, deploy_steps_max) %}
259 {{role.name}}Deployment_Step{{step}}:
260 type: OS::TripleO::DeploymentSteps
262 - WorkflowTasks_Step{{step}}_Execution
263 # TODO(gfidente): the following if/else condition
264 # replicates what is already defined for the
265 # WorkflowTasks_StepX resource and can be remove
266 # if https://bugs.launchpad.net/heat/+bug/1700569
269 {%- for dep in enabled_roles %}
270 - {{dep.name}}PreConfig
271 - {{dep.name}}ArtifactsDeploy
274 {%- for dep in enabled_roles %}
275 - {{dep.name}}Deployment_Step{{step -1}}
279 name: {{role.name}}Deployment_Step{{step}}
280 servers: {get_param: [servers, {{role.name}}]}
281 config: {get_resource: RoleConfig}
284 role_name: {{role.name}}
285 update_identifier: {get_param: DeployIdentifier}
286 bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
287 docker_puppet_debug: {get_param: DockerPuppetDebug}
288 docker_puppet_process_count: {get_param: DockerPuppetProcessCount}
292 # Note, this should be the last step to execute configuration changes.
293 # Ensure that all {{role.name}}ExtraConfigPost steps are executed
294 # after all the previous deployment steps.
295 {{role.name}}ExtraConfigPost:
297 {%- for dep in enabled_roles %}
298 - {{dep.name}}Deployment_Step5
300 type: OS::TripleO::NodeExtraConfigPost
302 servers: {get_param: [servers, {{role.name}}]}
304 # The {{role.name}}PostConfig steps are in charge of
305 # quiescing all services, i.e. in the Controller case,
306 # we should run a full service reload.
307 {{role.name}}PostConfig:
308 type: OS::TripleO::Tasks::{{role.name}}PostConfig
310 {%- for dep in enabled_roles %}
311 - {{dep.name}}ExtraConfigPost
314 servers: {get_param: servers}
316 update_identifier: {get_param: DeployIdentifier}
323 description: Mapping of config data for all roles
325 deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml}
326 deploy_steps_playbook: |
329 {%- for role in roles %}
330 - include: {{role.name}}/host_prep_tasks.yaml
331 when: role_name == '{{role.name}}'
333 - include: deploy_steps_tasks.yaml
334 with_sequence: start=0 end={{deploy_steps_max-1}}
337 update_steps_tasks: |
338 {%- for role in roles %}
339 - include: {{role.name}}/update_tasks.yaml
340 when: role_name == '{{role.name}}'
342 update_steps_playbook: |
346 - include: update_steps_tasks.yaml
347 with_sequence: start=0 end={{update_steps_max-1}}
350 - include: deploy_steps_tasks.yaml
351 with_sequence: start=0 end={{deploy_steps_max-1}}
354 upgrade_steps_tasks: |
355 {%- for role in roles %}
356 - include: {{role.name}}/upgrade_tasks.yaml
357 when: role_name == '{{role.name}}'
359 upgrade_steps_playbook: |
362 - include: upgrade_steps_tasks.yaml
363 with_sequence: start=0 end={{upgrade_steps_max-1}}