Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp / mcp-common-scripts / 6fa40f1fe26d46b53cfde5455b990a4901eb17ae / . / config-drive / master_config.yaml
blob: 240b717dc6aa3a49269a764e4969c5705d33f832 [file] [log] [blame]
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]1#cloud-config
Ivan Berezovskiy39fa6562018-10-09 12:58:55 +0400[diff] [blame]2output:
3 all: '| tee -a /var/log/cloud-init-output.log /dev/tty0'
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]4write_files:
5 - owner: root:root
6 path: /etc/cloud/master_environment
7 permissions: '0644'
8 content: |
Dennis Dmitriev8fa33f92018-10-10 01:13:48 +0300[diff] [blame]9 [ -f /etc/cloud/master_environment_override ] && . /etc/cloud/master_environment_override
10 export SALT_MASTER_DEPLOY_IP=${SALT_MASTER_DEPLOY_IP:-"172.16.164.15"}
11 export SALT_MASTER_MINION_ID=${SALT_MASTER_MINION_ID:-"cfg01.deploy-name.local"}
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]12
Dennis Dmitriev8fa33f92018-10-10 01:13:48 +0300[diff] [blame]13 export http_proxy=${http_proxy:-""}
14 export https_proxy=${https_proxy:-""}
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]15
16 export MCP_VERSION=${MCP_VERSION:-"stable"}
17
Dennis Dmitriev8fa33f92018-10-10 01:13:48 +0300[diff] [blame]18 export PIPELINES_FROM_ISO=${PIPELINES_FROM_ISO:-"true"}
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]19 export MK_PIPELINES_URL=${MK_PIPELINES_URL:-"https://gerrit.mcp.mirantis.com/mk/mk-pipelines.git"}
20 export PIPELINE_LIB_URL=${PIPELINE_LIB_URL:-"https://gerrit.mcp.mirantis.com/mcp-ci/pipeline-library.git"}
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]21
22 export MCP_SALT_REPO_URL=${MCP_SALT_REPO_URL:-"http://mirror.mirantis.com/"}
23 export MCP_SALT_REPO=${MCP_SALT_REPO:-"deb [arch=amd64] $MCP_SALT_REPO_URL/$MCP_VERSION/salt-formulas/xenial xenial main"}
azvyagintsevaa0c4842019-05-16 12:30:25 +0300[diff] [blame]24
25 export ENABLE_MCP_SALT_REPO_UPDATES=${ENABLE_MCP_SALT_REPO_UPDATES:-"true"}
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]26 export MCP_SALT_REPO_UPDATES=${MCP_SALT_REPO_UPDATES:-"deb [arch=amd64] $MCP_SALT_REPO_URL/update/$MCP_VERSION/salt-formulas/xenial xenial main"}
27 export MCP_SALT_REPO_KEY=${MCP_SALT_REPO_KEY:-"${MCP_SALT_REPO_URL}/${MCP_VERSION}/salt-formulas/xenial/archive-salt-formulas.key"}
28
Dennis Dmitriev8fa33f92018-10-10 01:13:48 +0300[diff] [blame]29 export FORMULAS=${FORMULAS:-"salt-formula-*"}
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]30 export SALT_OPTS=${SALT_OPTS:-"-l debug -t 30 --retcode-passthrough --no-color"}
Dennis Dmitriev8fa33f92018-10-10 01:13:48 +0300[diff] [blame]31 export CFG_BOOTSTRAP_DRIVE_URL=${CFG_BOOTSTRAP_DRIVE_URL:-""}
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]32
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]33master_config:
34 - &master_config |
35 function _post_maas_cfg() {
azvyagintseva126bf12019-05-16 12:55:35 +0300[diff] [blame]36 # In newer maas version, apache2 disabled, so API avaible on direct service port only
37 if [[ ! $(systemctl is-active --quiet apache2) ]] ; then
38 sed -i 's/API_SERVER=.*/API_SERVER=localhost:5240/g' /var/lib/maas/.maas_login.sh
39 fi
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]40 source /var/lib/maas/.maas_login.sh
41 # disable backports for maas enlist pkg repo. Those operation enforce maas
42 # to re-create sources.list and drop [source] fetch-definition from it.
43 main_arch_id=$(maas ${PROFILE} package-repositories read | jq -r ".[] | select(.name==\"main_archive\") | .id")
44 maas ${PROFILE} package-repository update ${main_arch_id} "disabled_pockets=backports" || true
45 maas ${PROFILE} package-repository update ${main_arch_id} "disabled_components=multiverse" || true
46 maas ${PROFILE} package-repository update ${main_arch_id} "arches=amd64" || true
47 # Remove stale notifications, which appear during sources configuration.
48 for i in $(maas ${PROFILE} notifications read | jq ".[]| .id"); do
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]49 maas ${PROFILE} notification delete ${i} || true
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]50 done
51 }
52
53 function process_formulas(){
54 local RECLASS_ROOT=${RECLASS_ROOT:-/srv/salt/reclass/}
55 local FORMULAS_PATH=${FORMULAS_PATH:-/usr/share/salt-formulas}
56
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]57 curl -s ${MCP_SALT_REPO_KEY} | apt-key add -
58 echo "${MCP_SALT_REPO}" > /etc/apt/sources.list.d/mcp_salt.list
azvyagintsevaa0c4842019-05-16 12:30:25 +0300[diff] [blame]59 if [[ "${ENABLE_MCP_SALT_REPO_UPDATES}" == "true" ]] ; then
60 echo "${MCP_SALT_REPO_UPDATES}" >> /etc/apt/sources.list.d/mcp_salt.list
61 fi
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]62 apt update && apt install -y "${FORMULAS}"
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]63
64 [ ! -d ${RECLASS_ROOT}/classes/service ] && mkdir -p ${RECLASS_ROOT}/classes/service
65 for formula_service in $(ls /usr/share/salt-formulas/reclass/service/); do
66 #Since some salt formula names contain "-" and in symlinks they should contain "_" adding replacement
67 formula_service=${formula_service//-/$"_"}
68 if [ ! -L "${RECLASS_ROOT}/classes/service/${formula_service}" ]; then
69 ln -sf ${FORMULAS_PATH}/reclass/service/${formula_service} ${RECLASS_ROOT}/classes/service/${formula_service}
70 fi
71 done
72 }
73
74 function enable_services(){
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]75 local services="salt-api salt-master salt-minion"
76 if [ ! -f /opt/postgresql_in_docker ]; then
77 local services="${services} postgresql.service"
78 fi
79 for s in ${services} ; do
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]80 systemctl enable ${s} || true
81 systemctl restart ${s} || true
82 done
83 }
84
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]85 function process_maas(){
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]86 maas_cluster_enabled=$(salt-call --out=newline_values_only pillar.get maas:cluster:enabled | tr "[:upper:]" "[:lower:]" )
87 _region=$(salt-call --out=newline_values_only pillar.get maas:region:enabled | tr "[:upper:]" "[:lower:]" )
Stanislav Riazanov450ceaa2018-12-18 20:17:07 +0400[diff] [blame]88 if ([ -f /opt/postgresql_in_docker ] && ([[ "${maas_cluster_enabled}" == "true" ]] || [[ "${_region}" == "true" ]])); then
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]89 systemctl disable postgresql.service
90 wait_for_postgresql
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]91 salt-call ${SALT_OPTS} state.apply postgresql.client
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]92 else
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]93 postgres_enabled=$(salt-call --out=newline_values_only pillar.get postgresql:server:enabled | tr "[:upper:]" "[:lower:]")
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]94 if [[ "${postgres_enabled}" == "true" ]]; then
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]95 salt-call ${SALT_OPTS} state.apply postgresql.server
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]96 fi
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]97 fi
98
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]99 if [[ "${maas_cluster_enabled}" == "true" ]]; then
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]100 salt-call ${SALT_OPTS} state.apply maas.cluster
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]101 else
102 echo "WARNING: maas.cluster skipped!"
103 fi
104 if [[ "$_region" == "true" ]]; then
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]105 salt-call ${SALT_OPTS} state.apply maas.region
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]106 else
107 echo "WARNING: maas.region skipped!"
108 fi
109 # Do not move it under first cluster-only check!
110 if [[ "${maas_cluster_enabled}" == "true" ]]; then
111 _post_maas_cfg
112 fi
113 }
114
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]115 function wait_for_postgresql() {
116 salt_string="salt-call --out=text pillar.get postgresql:client:server:server01:admin"
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]117 local pg_port=$(${salt_string}:port | awk '{print $2}')
118 local pg_host=$(${salt_string}:host | awk '{print $2}')
119 local wait_time=0
120 until [[ $(/usr/bin/pg_isready -h ${pg_host} -p ${pg_port} | awk '{ print $3 }' ) == 'accepting' ]]; do
121 if [[ $wait_time -gt 20 ]]; then
122 echo "ERROR: wait_for_postgresql failed" ; exit 1
123 fi
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]124 echo "Waiting for postgres at: ${pg_host}:${pg_port}"
125 sleep $(( wait_time++ ));
126 done
127 }
128
Ivan Berezovskiy11d374b2018-11-26 18:00:23 +0400[diff] [blame]129 function wait_for_jenkins() {
130 # Wait for jenkins to be functional
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]131 local j_host=$(salt-call --out=newline_values_only pillar.get jenkins:client:master:host)
132 local j_host=${j_host:-"localhost"}
133 local j_port=$(salt-call --out=newline_values_only pillar.get jenkins:client:master:port)
134 local j_port=${j_port:-"8081"}
135 local j_prefix=$(salt-call --out=newline_values_only pillar.get jenkins:client:master:url_prefix)
136 local j_prefix=${j_prefix:-""}
137 local wait_time=0
138 until [[ $(curl -sL -w "%{http_code}" ${j_host}:${j_port}${j_prefix} -o /dev/null) == 200 ]]; do
139 if [[ $wait_time -gt 20 ]]; then
140 echo "ERROR: wait_for_jenkins failed" ; exit 1
141 fi
Ivan Berezovskiy11d374b2018-11-26 18:00:23 +0400[diff] [blame]142 sleep $(( wait_time++ ))
143 done
144 }
145
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]146 function process_swarm() {
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]147 local _swarm=$(salt-call --out=newline_values_only pillar.get docker:swarm:advertise_addr)
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]148 if [[ "${_swarm}" != "" ]]; then
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]149 salt-call ${SALT_OPTS} state.apply docker.swarm
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]150 fi
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]151 _docker_enabled=$(salt-call --out=newline_values_only pillar.get docker:client:enabled | tr "[:upper:]" "[:lower:]")
152 if [[ "${_docker_enabled}" == "true" ]]; then
153 salt-call ${SALT_OPTS} state.apply docker.client.images
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]154 salt-call ${SALT_OPTS} state.apply docker.client
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]155 fi
Ivan Berezovskiy5f7a80f2018-12-17 18:08:31 +0400[diff] [blame]156 }
157
Ivan Berezovskiyfba80942018-11-16 13:11:44 +0400[diff] [blame]158 function process_jenkins() {
159 # INFO: jenkins is in docker in 2019.x releases
Ivan Berezovskiy040c3c62018-11-30 16:48:49 +0400[diff] [blame]160 if [ -f /opt/jenkins_in_docker ]; then
161 rm -v /opt/jenkins_in_docker
Ivan Berezovskiyfba80942018-11-16 13:11:44 +0400[diff] [blame]162 export JENKINS_HOME=/srv/volumes/jenkins
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]163 _jenkins_enabled=$(salt-call --out=newline_values_only pillar.get jenkins:client:enabled | tr "[:upper:]" "[:lower:]")
164 if [[ "${_jenkins_enabled}" == "true" ]]; then
Ivan Berezovskiy11d374b2018-11-26 18:00:23 +0400[diff] [blame]165 wait_for_jenkins
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]166 salt-call ${SALT_OPTS} state.apply jenkins.client
Ivan Berezovskiyfba80942018-11-16 13:11:44 +0400[diff] [blame]167 fi
168 else
169 export JENKINS_HOME=/var/lib/jenkins
170 systemctl enable jenkins
171 systemctl start jenkins
Ivan Berezovskiy11d374b2018-11-26 18:00:23 +0400[diff] [blame]172 wait_for_jenkins
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]173 _jenkins_enabled=$(salt-call --out=newline_values_only pillar.get jenkins:client:enabled | tr "[:upper:]" "[:lower:]")
174 if [[ "${_jenkins_enabled}" == "true" ]]; then
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]175 salt-call ${SALT_OPTS} state.apply jenkins.client
Ivan Berezovskiyfba80942018-11-16 13:11:44 +0400[diff] [blame]176 fi
177 systemctl stop jenkins
178 find ${JENKINS_HOME}/jenkins.model.JenkinsLocationConfiguration.xml -type f -print0 | xargs -0 sed -i -e "s/10.167.4.15/$SALT_MASTER_DEPLOY_IP/g"
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]179 fi
Ivan Berezovskiyfba80942018-11-16 13:11:44 +0400[diff] [blame]180
Ivan Berezovskiy73cad8e2018-11-23 18:53:13 +0400[diff] [blame]181 ssh-keyscan cfg01 > ${JENKINS_HOME}/.ssh/known_hosts && chmod a+r ${JENKINS_HOME}/.ssh/known_hosts || true
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]182 }
183
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]184 function wait_for_salt(){
185 local wait_time=0
186 until $(salt-call --timeout=30 test.ping &> /dev/null ); do
187 if [[ $wait_time -gt 15 ]]; then
188 echo "ERROR: wait_for_salt failed" ; exit 1
189 fi
190 sleep $(( wait_time++ ))
191 done
192 }
193
azvyagintsev9a0d7e52018-10-17 20:15:22 +0300[diff] [blame]194 function process_salt_base(){
195 # PROD-21179| PROD-21792 : To describe such trick's around salt.XX state ordering
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]196 salt-call ${SALT_OPTS} state.apply salt.master
azvyagintsev9a0d7e52018-10-17 20:15:22 +0300[diff] [blame]197 # Wait for salt-master to wake up after restart
198 sleep 5
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]199 wait_for_salt
azvyagintsev9a0d7e52018-10-17 20:15:22 +0300[diff] [blame]200 # Run salt.minion.ca to prepare CA certificate before salt.minion.cert is used
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]201 salt-call ${SALT_OPTS} state.apply salt.minion.ca
Ann Taraday5a63afc2018-12-20 23:00:11 +0400[diff] [blame]202 # Add sleep for completion of postponed restart of salt-minion. PROD-25986
203 sleep 15
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]204 salt-call ${SALT_OPTS} state.apply salt.minion
azvyagintsev9a0d7e52018-10-17 20:15:22 +0300[diff] [blame]205 # Wait for salt-minion to wake up after restart
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]206 wait_for_salt
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]207 salt-call ${SALT_OPTS} state.apply salt
208 salt-call ${SALT_OPTS} state.apply reclass
azvyagintsev9a0d7e52018-10-17 20:15:22 +0300[diff] [blame]209 }
210 #== Body ==================================================================#
211
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]212 . /etc/cloud/master_environment
213 printenv | sort -u
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]214 # WA for https://gerrit.mcp.mirantis.com/#/c/34514/
215 echo "INFO: stopping orphaned maas"
216 systemctl stop maas-rackd.service maas-dhcpd.service maas-dhcpd6.service || true
217 systemctl disable maas-rackd.service maas-dhcpd.service maas-dhcpd6.service || true
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]218
219 echo "Preparing metadata model"
220 if [[ -n "${CFG_BOOTSTRAP_DRIVE_URL}" ]]; then
azvyagintsev829bfd82018-12-19 12:58:17 +0200[diff] [blame]221 echo "CFG_BOOTSTRAP_DRIVE_URL detected,downloading..."
222 _tname="cfg01_${RANDOM}.iso"
223 _wget_opts="--progress=dot:mega --waitretry=15 --retry-connrefused"
224 wget ${_wget_opts} -O /${_tname} "${CFG_BOOTSTRAP_DRIVE_URL}"
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]225 mount -o loop /${_tname} /mnt
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]226 else
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]227 mount $(blkid -t TYPE=iso9660 -o device) /mnt
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]228 fi
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]229 rsync -av /mnt/mcp/model/ /srv/salt/reclass/
230 chown -R root:root /srv/salt/reclass/ || true
231 find /srv/salt/reclass/classes/ -type d -exec chmod 0755 {} \;
232 find /srv/salt/reclass/classes/ -type f -exec chmod 0644 {} \;
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]233
234 echo "Configuring salt"
235 envsubst < /root/minion.conf > /etc/salt/minion.d/minion.conf
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]236 if [ -f /mnt/mcp/gpg/salt_master_pillar.asc ]; then
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]237 mkdir -p /etc/salt/gpgkeys
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]238 chmod 0700 /etc/salt/gpgkeys
239 GNUPGHOME=/etc/salt/gpgkeys gpg --import /mnt/mcp/gpg/salt_master_pillar.asc
Dmitry Pyzhov15c0ac42018-12-11 17:10:08 +0300[diff] [blame]240 fi
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]241 enable_services
242
243 # Wait for salt-master and salt-minion to wake up after restart
azvyagintsevf2576472019-05-21 20:06:34 +0300[diff] [blame]244 wait_for_salt
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]245
246 while true; do
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]247 salt-key | grep -w "$SALT_MASTER_MINION_ID" && break
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]248 sleep 5
249 done
250
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]251 echo "updating local git repos"
252 if [[ "$PIPELINES_FROM_ISO" == "true" ]] ; then
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]253 rsync -av /mnt/mcp/mk-pipelines/ /home/repo/mk/mk-pipelines/
254 rsync -av /mnt/mcp/pipeline-library/ /home/repo/mcp-ci/pipeline-library/
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]255 umount /mnt || true
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]256 chown -R git:www-data /home/repo/mk/mk-pipelines /home/repo/mcp-ci/pipeline-library
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]257 else
258 umount /mnt || true
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]259 git clone --mirror "${MK_PIPELINES_URL}" /home/repo/mk/mk-pipelines/
260 git clone --mirror "${PIPELINE_LIB_URL}" /home/repo/mcp-ci/pipeline-library/
261 chown -R git:www-data /home/repo/mk/mk-pipelines /home/repo/mcp-ci/pipeline-library
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]262 fi
263
264 process_formulas
265
266 salt-call saltutil.refresh_pillar
267 salt-call saltutil.sync_all
268 if ! $(reclass -n ${SALT_MASTER_MINION_ID} > /dev/null ) ; then
269 echo "ERROR: Reclass render failed!"
270 exit 1
271 fi
272
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]273 salt-call ${SALT_OPTS} state.apply linux.system.repo,linux.network,linux.system,linux,openssh
azvyagintsev9a0d7e52018-10-17 20:15:22 +0300[diff] [blame]274 process_salt_base
Stanislav Riazanov450ceaa2018-12-18 20:17:07 +0400[diff] [blame]275
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]276 systemctl stop apache2 || true
277 systemctl disable apache2 || true
278 chmod 0 /etc/init.d/apache2
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]279
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]280 _kfg_enabled=$(salt-call --out=newline_values_only pillar.get kubernetes:master:enabled | tr "[:upper:]" "[:lower:]")
281 if [ "${_kfg_enabled}" != "true" ]; then
Martin Polreich6a64e542019-05-29 15:02:32 +0200[diff] [blame]282 _nginx_enabled=$(salt-call --out=newline_values_only pillar.get nginx:server:enabled | tr "[:upper:]" "[:lower:]")
283 if [[ "${_nginx_enabled}" == "true" ]]; then
284 salt-call ${SALT_OPTS} state.apply nginx.server
285 fi
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]286 if [ -f /opt/jenkins_in_docker ] || [ -f /opt/postgresql_in_docker ]; then
287 process_swarm
288 fi
289 if [ -f /opt/jenkins_in_docker ] && [ ! -f /opt/postgresql_in_docker ]; then
290 docker stack rm postgresql || true
291 fi
292 else
Ivan Berezovskiya4691402019-03-12 14:18:01 +0400[diff] [blame]293 salt-call ${SALT_OPTS} state.apply etcd.server.service
294 salt-call ${SALT_OPTS} state.apply kubernetes.master.kube-addons
295 _images=$(salt-call --out=newline_values_only pillar.get kubernetes:pool:images)
296 if [ -n "${_images}" ]; then
297 salt-call ${SALT_OPTS} state.apply kubernetes.pool.images
298 fi
299 salt-call ${SALT_OPTS} state.apply kubernetes exclude=kubernetes.master.setup,kubernetes.client
300 salt-call ${SALT_OPTS} state.apply kubernetes.master
301 salt-call ${SALT_OPTS} state.apply nginx.server
302 _ldap_enabled=$(salt-call --out=newline_values_only pillar.get openldap:client:enabled | tr "[:upper:]" "[:lower:]")
303 if [ "${_ldap_enabled}" == "true" ]; then
304 salt-call ${SALT_OPTS} state.apply openldap.client
305 fi
306 _gerrit_enabled=$(salt-call --out=newline_values_only pillar.get gerrit:client:enabled | tr "[:upper:]" "[:lower:]")
307 if [ "${_gerrit_enabled}" == "true" ]; then
308 salt-call ${SALT_OPTS} state.apply gerrit.client
309 fi
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]310 fi
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]311
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]312 process_jenkins
Stanislav Riazanovc69bfc02018-12-07 16:52:14 +0400[diff] [blame]313 process_maas
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]314
Ivan Berezovskiyfba80942018-11-16 13:11:44 +0400[diff] [blame]315 stop_services="salt-api salt-master salt-minion maas-rackd.service maas-regiond.service postgresql.service"
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]316 for s in ${stop_services} ; do
317 systemctl stop ${s} || true
318 sleep 1
319 done
azvyagintsevc1c62042018-09-26 11:47:49 +0300[diff] [blame]320 # Set bootstrap-done flag for future
321 mkdir -p /var/log/mcp/
322 touch /var/log/mcp/.bootstrap_done
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]323 sync
Dzmitry Stremkouski9dd6a1b2019-01-24 12:03:58 +0100[diff] [blame]324 shutdown -r now
Ivan Berezovskiy77187172018-09-14 15:47:36 +0400[diff] [blame]325runcmd:
azvyagintsevc1c62042018-09-26 11:47:49 +0300[diff] [blame]326 - [bash, -cex, *master_config]