Align cloudinit and salt.yaml
diff --git a/tcp_tests/templates/virtual-mcp11-k8s-calico/salt.yaml b/tcp_tests/templates/virtual-mcp11-k8s-calico/salt.yaml
index 6ca99cf..2172912 100644
--- a/tcp_tests/templates/virtual-mcp11-k8s-calico/salt.yaml
+++ b/tcp_tests/templates/virtual-mcp11-k8s-calico/salt.yaml
@@ -17,41 +17,12 @@
{% set IPV4_NET_CONTROL_PREFIX = '.'.join(IPV4_NET_CONTROL.split('.')[0:3]) %}
# Install salt to the config node
-
-
-- description: Configure repository on the cfg01 node
- cmd:
- echo "172.18.248.114 jenkins.mcp.mirantis.net gerrit.mcp.mirantis.net" >> /etc/hosts;
- echo "185.135.196.10 apt-mk.mirantis.com" >> /etc/hosts;
- echo "nameserver 172.18.208.44" >> /etc/resolv.conf;
- echo "nameserver 8.8.8.8" >> /etc/resolv.conf;
- which wget >/dev/null || (apt-get update; apt-get install -y wget);
- echo "deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
- wget -O - http://apt-mk.mirantis.com/public.gpg | apt-key add -;
- echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
- wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 1}
- skip_fail: false
-
-- description: Update packages on cfg01
- cmd: apt-get clean; apt-get update
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 1}
- skip_fail: false
-
- description: Installing salt master on cfg01
cmd: apt-get install -y reclass git; apt-get install -y salt-master
node_name: {{ HOSTNAME_CFG01 }}
retry: {count: 1, delay: 1}
skip_fail: false
-- description: Install common packages on cfg01
- cmd: apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 1}
- skip_fail: false
-
- description: Configure salt-master on cfg01
cmd: |
cat << 'EOF' >> /etc/salt/master.d/master.conf
@@ -86,12 +57,11 @@
retry: {count: 1, delay: 1}
skip_fail: false
-
- description: Clone reclass models with submodules
- cmd: |
+ cmd: |
ssh-keyscan -H github.com >> ~/.ssh/known_hosts;
- git clone --recursive https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab /srv/salt/reclass;
- git clone -b $reclass_branch --recurse-submodules https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab /srv/salt/reclass
+ git clone -b {{ SALT_MODELS_COMMIT }} --recurse-submodules {{ SALT_MODELS_REPOSITORY }} /srv/salt/reclass;
+
mkdir -p /srv/salt/reclass/classes/service;
# Replace firstly to an intermediate value to avoid intersection between
@@ -100,8 +70,8 @@
# 192.168.10 -> 10.16.0 (generated network for admin)
# 10.16.0 -> <external network>
# So let's replace constant networks to the keywords, and then keywords to the desired networks.
- find /srv/salt/reclass/ -type f -exec sed -i 's/172\.16\.10\./==IPV4_NET_ADMIN_PREFIX==/g' {} +
- find /srv/salt/reclass/ -type f -exec sed -i 's/192\.168\.10\./==IPV4_NET_CONTROL_PREFIX==/g' {} +
+ find /srv/salt/reclass/ -type f -exec sed -i 's/192\.168\.10\./==IPV4_NET_ADMIN_PREFIX==/g' {} +
+ find /srv/salt/reclass/ -type f -exec sed -i 's/172\.16\.10\./==IPV4_NET_CONTROL_PREFIX==/g' {} +
find /srv/salt/reclass/ -type f -exec sed -i 's/==IPV4_NET_ADMIN_PREFIX==/{{ IPV4_NET_ADMIN_PREFIX }}./g' {} +
find /srv/salt/reclass/ -type f -exec sed -i 's/==IPV4_NET_CONTROL_PREFIX==/{{ IPV4_NET_CONTROL_PREFIX }}./g' {} +
@@ -123,16 +93,16 @@
- description: Configure reclass
cmd: |
FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
- FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra};
+ FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt-mk.mirantis.com/xenial stable salt};
FORMULA_GPG=${FORMULA_GPG:-http://apt-mk.mirantis.com/public.gpg};
which wget > /dev/null || (apt-get update; apt-get install -y wget);
echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/mcp_salt.list;
wget -O - "${FORMULA_GPG}" | apt-key add -;
apt-get clean; apt-get update;
[ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
- declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon" "telegraf" "prometheus");
+ declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon");
echo -e "\nInstalling all required salt formulas\n";
- apt-get install -y "${formula_services[@]/#/salt-formula-}";
+ eatmydata apt-get install -y "${formula_services[@]/#/salt-formula-}";
for formula_service in "${formula_services[@]}"; do
echo -e "\nLink service metadata for formula ${formula_service} ...\n";
[ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
@@ -151,17 +121,35 @@
retry: {count: 1, delay: 1}
skip_fail: false
-- description: Configure salt-minion on cfg01
+- description: Restart salt-master service
+ cmd: |
+ systemctl restart salt-master;
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
+
+{% for ssh in config.underlay.ssh %}
+- description: Configure salt-minion on {{ ssh['node_name'] }}
cmd: |
[ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
cat << "EOF" >> /etc/salt/minion.d/minion.conf
- id: {{ HOSTNAME_CFG01 }}
- master: 127.0.0.1
+ id: {{ ssh['node_name'] }}
+ master: {{ config.salt.salt_master_host }}
EOF
- apt-get install -y salt-minion;
- node_name: {{ HOSTNAME_CFG01 }}
+ eatmydata apt-get install -y salt-minion;
+ echo "Check for system info and metadata availability ...";
+ salt-call --no-color grains.items;
+ salt-call --no-color pillar.items;
+ node_name: {{ ssh['node_name'] }}
retry: {count: 1, delay: 1}
skip_fail: false
+{% endfor %}
+
+- description: Accept salt keys from all the nodes
+ cmd: salt-key -A -y
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: true
- description: Configure salt adoptors on cfg01
cmd: |
@@ -171,17 +159,6 @@
retry: {count: 1, delay: 1}
skip_fail: false
-- description: Restart services
- cmd: |
- systemctl restart salt-master;
- systemctl restart salt-minion;
- echo "Showing system info and metadata ...";
- salt-call --no-color grains.items;
- salt-call --no-color pillar.data;
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 5}
- skip_fail: false
-
# Prepare salt services and nodes settings
- description: Run 'linux' formula on cfg01
cmd: salt --hard-crash --state-output=mixed --state-verbose=False
@@ -207,28 +184,20 @@
retry: {count: 1, delay: 1}
skip_fail: false
-- description: Run 'reclass' formula on cfg01
- cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
- -C 'I@salt:master' reclass;
- salt-call --no-color state.sls salt.master;
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 5}
- skip_fail: true
-
-
-- description: Run 'salt' formula on cfg01
+- description: Run 'salt.master' formula on cfg01
cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
-C 'I@salt:master' state.sls salt.master.service;
- salt-call --no-color state.sls salt.master,salt.api,salt.minion.ca;
- systemctl restart salt-minion;
node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 5}
- skip_fail: true
+ retry: {count: 2, delay: 5}
+ skip_fail: false
-- description: Accept salt keys from all the nodes
- cmd: salt-key -A -y
+- description: Run 'salt' formula on cfg01 with workaround proposed in PROD-10894
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@salt:master' state.sls salt;
+ salt --hard-crash --state-output=mixed --state-verbose=False
+ -C 'I@salt:master' saltutil.sync_all
node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 1, delay: 5}
+ retry: {count: 5, delay: 5}
skip_fail: false
- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
@@ -251,71 +220,38 @@
skip_fail: false
- description: Show reclass-salt --top
- cmd: reclass-salt --top; salt-call --no-color state.sls salt.minion.cert -l info;
+ cmd: reclass-salt --top
node_name: {{ HOSTNAME_CFG01 }}
retry: {count: 1, delay: 5}
skip_fail: false
+- description: Execute salt.minion.cert
+ cmd: salt-call --no-color state.sls salt.minion.cert -l info;
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 5}
+ skip_fail: false
# Bootstrap all nodes
-- description: Configure linux on controllers
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls
- linux
+- description: Configure linux on other nodes
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
+ cfg01*' state.sls linux
node_name: {{ HOSTNAME_CFG01 }}
retry: {count: 1, delay: 5}
skip_fail: false
-- description: Configure linux on cmp
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls
- linux
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 3, delay: 20}
- skip_fail: false
-
-- description: Configure linux on mon
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'mon*' state.sls
- linux
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 3, delay: 20}
- skip_fail: false
-
-- description: Configure linux on prx
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'prx*' state.sls
- linux
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 3, delay: 20}
- skip_fail: false
-
- description: Configure openssh on all nodes
cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
- cfg*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
+ cfg01*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
-C '* and not cfg*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
yes/' /etc/ssh/sshd_config && service ssh restart"
node_name: {{ HOSTNAME_CFG01 }}
retry: {count: 1, delay: 5}
skip_fail: false
-- description: Configure salt.minion on ctl
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls salt.minion
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 3, delay: 5}
- skip_fail: false
-
-- description: Configure salt.minion on cmp
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls salt.minion
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 3, delay: 5}
- skip_fail: false
-
-- description: Configure salt.minion on mon
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'mon*' state.sls salt.minion
- node_name: {{ HOSTNAME_CFG01 }}
- retry: {count: 3, delay: 5}
- skip_fail: false
-
-- description: Configure salt.minion on prx
- cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'prx*' state.sls salt.minion
+- description: Configure salt.minion on other nodes
+ cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
+ cfg01*' state.sls salt.minion
node_name: {{ HOSTNAME_CFG01 }}
retry: {count: 3, delay: 5}
skip_fail: false