1 # certain initialization steps (run in a container) will occur
2 # on the role marked as primary controller or the first role listed
3 {%- if enabled_roles is not defined -%}
4 # On upgrade certain roles can be disabled for operator driven upgrades
5 # See major_upgrade_steps.j2.yaml and post-upgrade.j2.yaml
6 {%- set enabled_roles = roles -%}
7 {%- set is_upgrade = false -%}
9 {%- set is_upgrade = true -%}
11 {%- set primary_role = [enabled_roles[0]] -%}
12 {%- for role in enabled_roles -%}
13 {%- if 'primary' in role.tags and 'controller' in role.tags -%}
14 {%- set _ = primary_role.pop() -%}
15 {%- set _ = primary_role.append(role) -%}
18 {%- set primary_role_name = primary_role[0].name -%}
19 # primary role is: {{primary_role_name}}
20 {% set deploy_steps_max = 6 -%}
21 {% set update_steps_max = 6 -%}
22 {% set upgrade_steps_max = 6 -%}
24 heat_template_version: pike
27 Post-deploy configuration steps via puppet for all roles,
28 as defined in ../roles_data.yaml
33 description: Mapping of Role name e.g Controller to a list of servers
36 description: Name of the topmost stack
39 description: Mapping of Role name e.g Controller to the per-role data
44 Setting this to a unique value will re-run any deployment tasks which
45 perform configuration on a Heat stack-update.
48 description: Mapping of service endpoint -> protocol. Typically set
49 via parameter_defaults in the resource registry.
53 description: Whether to run config management (e.g. Puppet) in debug mode.
58 description: Set to True to enable debug logging with docker-puppet.py
59 DockerPuppetProcessCount:
62 description: Number of concurrent processes to use when running docker-puppet to generate config files.
67 {% for step in range(1, deploy_steps_max) %}
68 WorkflowTasks_Step{{step}}_Enabled:
70 {%- for role in enabled_roles %}
73 - get_param: [role_data, {{role.name}}, workflow_tasks, step{{step}}]
82 type: OS::Heat::SoftwareConfig
86 modulepath: /usr/share/ansible-modules
90 - name: update_identifier
91 - name: bootstrap_server_id
93 - name: docker_puppet_debug
94 - name: docker_puppet_process_count
103 _TASKS: {get_file: deploy-steps-tasks.yaml}
105 {%- for step in range(1, deploy_steps_max) %}
106 # BEGIN workflow_tasks handling
107 WorkflowTasks_Step{{step}}:
108 type: OS::Mistral::Workflow
109 condition: WorkflowTasks_Step{{step}}_Enabled
112 {%- for dep in enabled_roles %}
113 - {{dep.name}}PreConfig
114 - {{dep.name}}ArtifactsDeploy
117 {%- for dep in enabled_roles %}
118 - {{dep.name}}Deployment_Step{{step -1}}
122 name: {list_join: [".", ["tripleo", {get_param: stack_name}, "workflow_tasks", "step{{step}}"]]}
126 expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten()
128 {%- for role in enabled_roles %}
129 - get_param: [role_data, {{role.name}}, workflow_tasks]
132 WorkflowTasks_Step{{step}}_Execution:
133 type: OS::Mistral::ExternalResource
134 condition: WorkflowTasks_Step{{step}}_Enabled
135 depends_on: WorkflowTasks_Step{{step}}
139 workflow: { get_resource: WorkflowTasks_Step{{step}} }
142 service_ips: { get_param: ctlplane_service_ips }
144 {%- for r in roles %}
145 {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
149 workflow: { get_resource: WorkflowTasks_Step{{step}} }
152 service_ips: { get_param: ctlplane_service_ips }
154 {%- for r in roles %}
155 {{r.name}}: {get_param: [role_data, {{r.name}}, merged_config_settings]}
159 # END workflow_tasks handling
162 # Artifacts config and HostPrepConfig is done on all roles, not only
163 # enabled_roles, because on upgrade we need to write the json files
164 # for the operator driven upgrade scripts (the ansible steps consume them)
165 {% for role in roles %}
166 # Prepare host tasks for {{role.name}}
167 {{role.name}}ArtifactsConfig:
168 type: ../puppet/deploy-artifacts.yaml
170 {{role.name}}ArtifactsDeploy:
171 type: OS::Heat::StructuredDeploymentGroup
173 servers: {get_param: [servers, {{role.name}}]}
174 config: {get_resource: {{role.name}}ArtifactsConfig}
176 {{role.name}}HostPrepConfig:
177 type: OS::Heat::SoftwareConfig
181 modulepath: /usr/share/ansible-modules
190 puppet_config: {get_param: [role_data, {{role.name}}, puppet_config]}
191 docker_puppet_script: {get_file: ../docker/docker-puppet.py}
192 docker_puppet_tasks: {get_param: [role_data, {{role.name}}, docker_puppet_tasks]}
193 docker_startup_configs: {get_param: [role_data, {{role.name}}, docker_config]}
194 kolla_config: {get_param: [role_data, {{role.name}}, kolla_config]}
195 bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
196 puppet_step_config: {get_param: [role_data, {{role.name}}, step_config]}
197 docker_config_scripts: {get_param: [role_data, {{role.name}}, docker_config_scripts]}
199 # Join host_prep_tasks with the other per-host configuration
201 {%- if is_upgrade|default(false) and role.disable_upgrade_deployment|default(false) %}
204 - {get_param: [role_data, {{role.name}}, host_prep_tasks]}
208 # Write the manifest for baremetal puppet configuration
209 - name: Create /var/lib/tripleo-config directory
210 file: path=/var/lib/tripleo-config state=directory
211 - name: Write the puppet step_config manifest
212 copy: content="{{puppet_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes mode=0600
213 # this creates a JSON config file for our docker-puppet.py script
214 - name: Create /var/lib/docker-puppet
215 file: path=/var/lib/docker-puppet state=directory
216 - name: Write docker-puppet-tasks json files
217 copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes mode=0600
218 # FIXME: can we move docker-puppet somewhere so it's installed via a package?
219 - name: Write docker-puppet.py
220 copy: content="{{docker_puppet_script}}" dest=/var/lib/docker-puppet/docker-puppet.py force=yes mode=0600
221 - name: Create /var/lib/docker-config-scripts
222 file: path=/var/lib/docker-config-scripts state=directory
223 - name: Write docker config scripts
224 copy: content="{{item.value.content}}" dest="/var/lib/docker-config-scripts/{{item.key}}" force=yes mode="{{item.value.mode|default('0600', true)}}"
225 with_dict: "{{docker_config_scripts}}"
226 # Here we are dumping all the docker container startup configuration data
227 # so that we can have access to how they are started outside of heat
228 # and docker-cmd. This lets us create command line tools to test containers.
229 # FIXME do we need the docker-container-startup-configs.json or is the new per-step
230 # data consumed by paunch enough?
231 - name: Write docker-container-startup-configs
232 copy: content="{{docker_startup_configs | to_json}}" dest=/var/lib/docker-container-startup-configs.json force=yes mode=0600
233 - name: Write per-step docker-container-startup-configs
234 copy: content="{{item.value|to_json}}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{item.key}}.json" force=yes mode=0600
235 with_dict: "{{docker_startup_configs}}"
236 - name: Create /var/lib/kolla/config_files directory
237 file: path=/var/lib/kolla/config_files state=directory
238 - name: Write kolla config json files
239 copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes mode=0600
240 with_dict: "{{kolla_config}}"
241 ########################################################
242 # Bootstrap tasks, only performed on bootstrap_server_id
243 ########################################################
244 - name: Clean /var/lib/docker-puppet/docker-puppet-tasks*.json files
249 - /var/lib/docker-puppet/docker-puppet-tasks*.json
250 when: deploy_server_id == bootstrap_server_id
251 - name: Write docker-puppet-tasks json files
252 copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes mode=0600
253 with_dict: "{{docker_puppet_tasks}}"
254 when: deploy_server_id == bootstrap_server_id
257 {{role.name}}HostPrepDeployment:
258 type: OS::Heat::SoftwareDeploymentGroup
260 servers: {get_param: [servers, {{role.name}}]}
261 config: {get_resource: {{role.name}}HostPrepConfig}
264 # BEGIN CONFIG STEPS, only on enabled_roles
265 {%- for role in enabled_roles %}
266 {{role.name}}PreConfig:
267 type: OS::TripleO::Tasks::{{role.name}}PreConfig
268 depends_on: {{role.name}}HostPrepDeployment
270 servers: {get_param: [servers, {{role.name}}]}
272 update_identifier: {get_param: DeployIdentifier}
274 # Deployment steps for {{role.name}}
275 # A single config is re-applied with an incrementing step number
276 {% for step in range(1, deploy_steps_max) %}
277 {{role.name}}Deployment_Step{{step}}:
278 type: OS::TripleO::DeploymentSteps
280 - WorkflowTasks_Step{{step}}_Execution
281 # TODO(gfidente): the following if/else condition
282 # replicates what is already defined for the
283 # WorkflowTasks_StepX resource and can be remove
284 # if https://bugs.launchpad.net/heat/+bug/1700569
287 {%- for dep in enabled_roles %}
288 - {{dep.name}}PreConfig
289 - {{dep.name}}ArtifactsDeploy
292 {%- for dep in enabled_roles %}
293 - {{dep.name}}Deployment_Step{{step -1}}
297 name: {{role.name}}Deployment_Step{{step}}
298 servers: {get_param: [servers, {{role.name}}]}
299 config: {get_resource: RoleConfig}
302 role_name: {{role.name}}
303 update_identifier: {get_param: DeployIdentifier}
304 bootstrap_server_id: {get_param: [servers, {{primary_role_name}}, '0']}
305 enable_debug: {get_param: ConfigDebug}
306 docker_puppet_debug: {get_param: DockerPuppetDebug}
307 docker_puppet_process_count: {get_param: DockerPuppetProcessCount}
311 # Note, this should be the last step to execute configuration changes.
312 # Ensure that all {{role.name}}ExtraConfigPost steps are executed
313 # after all the previous deployment steps.
314 {{role.name}}ExtraConfigPost:
316 {%- for dep in enabled_roles %}
317 - {{dep.name}}Deployment_Step5
319 type: OS::TripleO::NodeExtraConfigPost
321 servers: {get_param: [servers, {{role.name}}]}
323 # The {{role.name}}PostConfig steps are in charge of
324 # quiescing all services, i.e. in the Controller case,
325 # we should run a full service reload.
326 {{role.name}}PostConfig:
327 type: OS::TripleO::Tasks::{{role.name}}PostConfig
329 {%- for dep in enabled_roles %}
330 - {{dep.name}}ExtraConfigPost
333 servers: {get_param: servers}
335 update_identifier: {get_param: DeployIdentifier}
342 description: Mapping of config data for all roles
344 deploy_steps_tasks: {get_file: deploy-steps-tasks.yaml}
345 deploy_steps_playbook: |
348 {%- for role in roles %}
349 - include: {{role.name}}/host_prep_tasks.yaml
350 when: role_name == '{{role.name}}'
352 - include: deploy_steps_tasks.yaml
353 with_sequence: start=0 end={{deploy_steps_max-1}}
356 update_steps_tasks: |
357 {%- for role in roles %}
358 - include: {{role.name}}/update_tasks.yaml
359 when: role_name == '{{role.name}}'
361 update_steps_playbook: |
365 - include: update_steps_tasks.yaml
366 with_sequence: start=0 end={{update_steps_max-1}}
369 - include: deploy_steps_tasks.yaml
370 with_sequence: start=0 end={{deploy_steps_max-1}}
373 upgrade_steps_tasks: |
374 {%- for role in roles %}
375 - include: {{role.name}}/upgrade_tasks.yaml
376 when: role_name == '{{role.name}}'
378 upgrade_steps_playbook: |
381 - include: upgrade_steps_tasks.yaml
382 with_sequence: start=0 end={{upgrade_steps_max-1}}