Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp / tcp-qa / 513fdf7629a35aaaa5526ecd5ebcc7c663656ec3 / . / tcp_tests / templates / shared-salt-offline.yaml
blob: b4a9dab1aa64defb85042b5fc5eecfb7da53a05e [file] [log] [blame]
Tatyana Leontovichecd491d2017-09-13 13:51:12 +0300[diff] [blame]1{# Collection of common macroses shared across different deployments #}
2
3{% set SALT_MODELS_BRANCH = os_env('SALT_MODELS_BRANCH','master') %}
4{% set SALT_MODELS_COMMIT = os_env('SALT_MODELS_COMMIT','master') %}
5{# Reference to a patch that should be applied to the model if required, for example: export SALT_MODELS_REF_CHANGE=refs/changes/19/7219/12 #}
6{% set SALT_MODELS_REF_CHANGE = os_env('SALT_MODELS_REF_CHANGE', '') %}
7{# Pin to a specified commit in salt-models/reclass-system #}
8{% set SALT_MODELS_SYSTEM_REPOSITORY = os_env('SALT_MODELS_SYSTEM_REPOSITORY','https://gerrit.mcp.mirantis.local.test/salt-models/reclass-system') %}
9{% set SALT_MODELS_SYSTEM_COMMIT = os_env('SALT_MODELS_SYSTEM_COMMIT','') %}
10{% set SALT_MODELS_SYSTEM_REF_CHANGE = os_env('SALT_MODELS_SYSTEM_REF_CHANGE','') %}
11{% set LAB_CONFIG_NAME = os_env('LAB_CONFIG_NAME','mcp-ocata-local-repo-dvr') %}
12
13{% set REPOSITORY_SUITE = os_env('REPOSITORY_SUITE', 'testing') %}
14
15{# Address pools for reclass cluster model are taken in the following order:
16 # 1. environment variables,
17 # 2. config.underlay.address_pools based on fuel-devops address pools
18 # (see generated '.ini' file after underlay is created),
19 # 3. defaults #}
20{% set address_pools = config.underlay.address_pools %}
21{% set IPV4_NET_ADMIN = os_env('IPV4_NET_ADMIN', address_pools.get('admin-pool01', '192.168.10.0/24')) %}
22{% set IPV4_NET_CONTROL = os_env('IPV4_NET_CONTROL', address_pools.get('private-pool01', '172.16.10.0/24')) %}
23{% set IPV4_NET_TENANT = os_env('IPV4_NET_TENANT', address_pools.get('tenant-pool01', '10.1.0.0/24')) %}
24{% set IPV4_NET_EXTERNAL = os_env('IPV4_NET_EXTERNAL', address_pools.get('external-pool01', '10.16.0.0/24')) %}
25{% set IPV4_NET_ADMIN_PREFIX = '.'.join(IPV4_NET_ADMIN.split('.')[0:3]) %}
26{% set IPV4_NET_CONTROL_PREFIX = '.'.join(IPV4_NET_CONTROL.split('.')[0:3]) %}
27{% set IPV4_NET_TENANT_PREFIX = '.'.join(IPV4_NET_TENANT.split('.')[0:3]) %}
28{% set IPV4_NET_EXTERNAL_PREFIX = '.'.join(IPV4_NET_EXTERNAL.split('.')[0:3]) %}
29
30{# Format for formula replacement:
31 # space separated string:
32 # export SALT_FORMULAS_REFS='apache:refs/changes/xxxx kubernetes:refs/changes/xxxx' #}
33
34{% set SALT_FORMULAS_REFS = os_env('SALT_FORMULAS_REFS', '') %}
35{% set SALT_FORMULAS_REPO = os_env('SALT_FORMULAS_REPO', 'https://gerrit.mcp.mirantis.local.test/salt-formulas') %}
36
37{%- macro MACRO_INSTALL_PACKAGES_ON_NODES(NODE_NAME) %}
38{#########################################}
39
40- description: 'Configure key on nodes and install packages'
41 cmd: |
42 rm -rf trusted* ;
43 rm -rf /etc/apt/sources.list ;
44 echo "deb [arch=amd64] http://apt.mirantis.local.test/xenial {{ REPOSITORY_SUITE }} salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
45 wget -O - http://apt.mirantis.local.test/public.gpg | apt-key add -;
46 echo "deb http://repo.saltstack.local.test/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
47 wget -O - http://repo.saltstack.local.test/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
48 echo "deb http://mirror.mcp.mirantis.local.test/ubuntu xenial main" > /etc/apt/sources.list.d/ubuntu_main.list
49 echo "deb http://mirror.mcp.mirantis.local.test/ubuntu xenial universe" > /etc/apt/sources.list.d/ubuntu_universe.list
50 eatmydata apt-get clean && apt-get update;
51 node_name: {{ NODE_NAME }}
52 retry: {count: 1, delay: 5}
53 skip_fail: false
54
55{%- endmacro %}
56
57{%- macro MACRO_INSTALL_SALT_MASTER() %}
58{######################################}
59- description: Installing salt master on cfg01
60 cmd: eatmydata apt-get install -y --allow-unauthenticated reclass git salt-master
61 node_name: {{ HOSTNAME_CFG01 }}
62 retry: {count: 1, delay: 1}
63 skip_fail: false
64
65- description: Configure salt-master on cfg01
66 cmd: |
67 cat << 'EOF' >> /etc/salt/master.d/master.conf
68 file_roots:
69 base:
70 - /usr/share/salt-formulas/env
71 pillar_opts: False
72 open_mode: True
73 reclass: &reclass
74 storage_type: yaml_fs
75 inventory_base_uri: /srv/salt/reclass
76 ext_pillar:
77 - reclass: *reclass
78 master_tops:
79 reclass: *reclass
80 EOF
81 node_name: {{ HOSTNAME_CFG01 }}
82 retry: {count: 1, delay: 1}
83 skip_fail: false
84
85{%- endmacro %}
86
87
88{%- macro MACRO_CLONE_RECLASS_MODELS(IS_CONTRAIL_LAB=false) %}
89{############################################################}
90{# Creates a 'cluster' model from cookiecutter-templates and 'environment' model from uploaded template #}
91
92- description: Clone reclass models with submodules
93 cmd: |
94 set -e;
95 export GIT_SSL_NO_VERIFY=true; git clone -b {{ SALT_MODELS_BRANCH }} {{ SALT_MODELS_REPOSITORY }} /srv/salt/reclass;
96 pushd /srv/salt/reclass && \
97 git config submodule."classes/system".url "{{ SALT_MODELS_SYSTEM_REPOSITORY }}" ;
98 git submodule update --init --recursive && \
99 {%- if SALT_MODELS_REF_CHANGE != '' %}
100 {%- for item in SALT_MODELS_REF_CHANGE.split(" ") %}
101 git fetch {{ SALT_MODELS_REPOSITORY }} {{ item }} && git cherry-pick FETCH_HEAD && \
102 {%- endfor %}
103 {%- elif SALT_MODELS_COMMIT != 'master' %}
104 git checkout {{ SALT_MODELS_COMMIT }} && \
105 {%- endif %}
106 {%- if SALT_MODELS_SYSTEM_COMMIT != '' %}
107 pushd classes/system/ && \
108 git checkout {{ SALT_MODELS_SYSTEM_COMMIT }} && \
109 popd && \
110 {%- elif SALT_MODELS_SYSTEM_REF_CHANGE != '' -%}
111 pushd classes/system/ && \
112 {%- for item in SALT_MODELS_SYSTEM_REF_CHANGE.split(" ") %}
113 git fetch {{ SALT_MODELS_SYSTEM_REPOSITORY }} {{ item }} && git cherry-pick FETCH_HEAD && \
114 {%- endfor %}
115 popd && \
116 {%- else %}
117 git submodule update --init --recursive && \
118 {%- endif %}
119 popd;
120 mkdir -p /srv/salt/reclass/classes/service;
121 rm -rf /srv/salt/reclass/nodes/ # For backward compatibility. New cfg node will be regenerated here
122 mkdir -p /srv/salt/reclass/nodes/_generated/;
123
124 # Replace firstly to an intermediate value to avoid intersection between
125 # already replaced and replacing networks.
126 # For example, if generated IPV4_NET_ADMIN_PREFIX=10.16.0 , then there is a risk of replacing twice:
127 # 192.168.10 -> 10.16.0 (generated network for admin)
128 # 10.16.0 -> <external network>
129 # So let's replace constant networks to the keywords, and then keywords to the desired networks.
130 export REPLACE_DIRS="/srv/salt/reclass/classes/ /srv/salt/reclass/nodes/"
131 find ${REPLACE_DIRS} -type f -exec sed -i 's/192\.168\.10\./==IPV4_NET_ADMIN_PREFIX==/g' {} +
132 find ${REPLACE_DIRS} -type f -exec sed -i 's/172\.16\.10\./==IPV4_NET_CONTROL_PREFIX==/g' {} +
133 find ${REPLACE_DIRS} -type f -exec sed -i 's/10\.1\.0\./==IPV4_NET_TENANT_PREFIX==/g' {} +
134 find ${REPLACE_DIRS} -type f -exec sed -i 's/10\.16\.0\./==IPV4_NET_EXTERNAL_PREFIX==/g' {} +
135
136 find ${REPLACE_DIRS} -type f -exec sed -i 's/==IPV4_NET_ADMIN_PREFIX==/{{ IPV4_NET_ADMIN_PREFIX }}./g' {} +
137 find ${REPLACE_DIRS} -type f -exec sed -i 's/==IPV4_NET_CONTROL_PREFIX==/{{ IPV4_NET_CONTROL_PREFIX }}./g' {} +
138 find ${REPLACE_DIRS} -type f -exec sed -i 's/==IPV4_NET_TENANT_PREFIX==/{{ IPV4_NET_TENANT_PREFIX }}./g' {} +
139 find ${REPLACE_DIRS} -type f -exec sed -i 's/==IPV4_NET_EXTERNAL_PREFIX==/{{ IPV4_NET_EXTERNAL_PREFIX }}./g' {} +
140
141 find ${REPLACE_DIRS} -type f -exec sed -i 's/apt_mk_version:.*/apt_mk_version: {{ REPOSITORY_SUITE }}/g' {} +
142
143 {%- if IS_CONTRAIL_LAB %}
144 # vSRX IPs for tcp-qa images have 172.16.10.90 hardcoded
145 find ${REPLACE_DIRS} -type f -exec sed -i 's/opencontrail_router01_address:.*/opencontrail_router01_address: 172.16.10.90/g' {} +
146 find ${REPLACE_DIRS} -type f -exec sed -i 's/infra_config_deploy_address: 1.*/infra_config_deploy_address: {{ IPV4_NET_ADMIN_PREFIX }}.15/g' {} +
147 {%- endif %}
148
149 # Disable checkouting the model from remote repository
150 cat << 'EOF' >> /srv/salt/reclass/nodes/_generated/{{ HOSTNAME_CFG01 }}.yml
151 classes:
152 - cluster.{{ LAB_CONFIG_NAME }}.infra.config
153 parameters:
154 _param:
155 linux_system_codename: xenial
156 reclass_data_revision: master
157 linux:
158 system:
159 name: cfg01
160 domain: {{ DOMAIN_NAME }}
161 reclass:
162 storage:
163 data_source:
164 engine: local
165 EOF
166
167 # Show the changes to the console
168 cd /srv/salt/reclass/; git diff
169 node_name: {{ HOSTNAME_CFG01 }}
170 retry: {count: 1, delay: 1}
171 skip_fail: false
172{%- endmacro %}
173
174
175{%- macro MACRO_GENERATE_COOKIECUTTER_MODEL(IS_CONTRAIL_LAB=false, CONTROL_VLAN=None, TENANT_VLAN=None) %}
176{###################################################################}
177{%- set CLUSTER_CONTEXT_PATH = '/tmp/' + CLUSTER_CONTEXT_NAME %}
178- description: "[EXPERIMENTAL] Upload cookiecutter-templates context to {{ HOSTNAME_CFG01 }}"
179 upload:
180 local_path: {{ config.salt_deploy.templates_dir }}{{ LAB_CONFIG_NAME }}/
181 local_filename: {{ CLUSTER_CONTEXT_NAME }}
182 remote_path: /tmp/
183 node_name: {{ HOSTNAME_CFG01 }}
184
185- description: Create cluster model from cookiecutter templates
186 cmd: |
187 set -e;
188 pip install cookiecutter
189 export GIT_SSL_NO_VERIFY=true; git clone https://gerrit.mcp.mirantis.net/mk/cookiecutter-templates /tmp/cookiecutter-templates
190 mkdir -p /srv/salt/reclass/classes/cluster/
191 mkdir -p /srv/salt/reclass/classes/system/
192 mkdir -p /srv/salt/reclass/classes/service/
193 rm -rf /srv/salt/reclass/nodes/ # For backward compatibility. New cfg node will be regenerated here
194 mkdir -p /srv/salt/reclass/nodes/_generated
195
196 # Override some context parameters
197 sed -i 's/cluster_name:.*/cluster_name: {{ LAB_CONFIG_NAME }}/g' {{ CLUSTER_CONTEXT_PATH }}
198 sed -i 's/cluster_domain:.*/cluster_domain: {{ DOMAIN_NAME }}/g' {{ CLUSTER_CONTEXT_PATH }}
199 {%- if CONTROL_VLAN %}
200 sed -i 's/control_vlan:.*/control_vlan: {{ CONTROL_VLAN }}/g' {{ CLUSTER_CONTEXT_PATH }}
201 {%- endif %}
202 {%- if TENANT_VLAN %}
203 sed -i 's/tenant_vlan:.*/tenant_vlan: {{ TENANT_VLAN }}/g' {{ CLUSTER_CONTEXT_PATH }}
204 {%- endif %}
205
206 # Temporary workaround (with hardcoded address .90 -> .15) of bug https://mirantis.jira.com/browse/PROD-14377
207 # sed -i 's/salt_master_address:.*/salt_master_address: {{ IPV4_NET_CONTROL_PREFIX }}.15/g' {{ CLUSTER_CONTEXT_PATH }}
208 # sed -i 's/salt_master_management_address:.*/salt_master_management_address: {{ IPV4_NET_ADMIN_PREFIX }}.15/g' {{ CLUSTER_CONTEXT_PATH }}
209
210 # Replace firstly to an intermediate value to avoid intersection between
211 # already replaced and replacing networks.
212 # For example, if generated IPV4_NET_ADMIN_PREFIX=10.16.0 , then there is a risk of replacing twice:
213 # 192.168.10 -> 10.16.0 (generated network for admin)
214 # 10.16.0 -> <external network>
215 # So let's replace constant networks to the keywords, and then keywords to the desired networks.
216 sed -i 's/10\.167\.5/==IPV4_NET_ADMIN_PREFIX==/g' {{ CLUSTER_CONTEXT_PATH }}
217 sed -i 's/10\.167\.4/==IPV4_NET_CONTROL_PREFIX==/g' {{ CLUSTER_CONTEXT_PATH }}
218 sed -i 's/10\.167\.6/==IPV4_NET_TENANT_PREFIX==/g' {{ CLUSTER_CONTEXT_PATH }}
219 sed -i 's/172\.17\.16\./==IPV4_NET_EXTERNAL_PREFIX==/g' {{ CLUSTER_CONTEXT_PATH }}
220
221 sed -i 's/==IPV4_NET_ADMIN_PREFIX==/{{ IPV4_NET_ADMIN_PREFIX }}/g' {{ CLUSTER_CONTEXT_PATH }}
222 sed -i 's/==IPV4_NET_CONTROL_PREFIX==/{{ IPV4_NET_CONTROL_PREFIX }}/g' {{ CLUSTER_CONTEXT_PATH }}
223 sed -i 's/==IPV4_NET_TENANT_PREFIX==/{{ IPV4_NET_TENANT_PREFIX }}/g' {{ CLUSTER_CONTEXT_PATH }}
224 sed -i 's/==IPV4_NET_EXTERNAL_PREFIX==/{{ IPV4_NET_EXTERNAL_PREFIX }}./g' {{ CLUSTER_CONTEXT_PATH }}
225
226 for i in $(ls /tmp/cookiecutter-templates/cluster_product/); do
227 python /tmp/cookiecutter-templates/generate.py \
228 --template /tmp/cookiecutter-templates/cluster_product/$i \
229 --config-file {{ CLUSTER_CONTEXT_PATH }} \
230 --output-dir /srv/salt/reclass/classes/cluster/;
231 done
232
233 export GIT_SSL_NO_VERIFY=true; git clone https://gerrit.mcp.mirantis.net/salt-models/reclass-system /srv/salt/reclass/classes/system/
234
235 # Create the cfg01 node and disable checkouting the model from remote repository
236 cat << 'EOF' >> /srv/salt/reclass/nodes/_generated/{{ HOSTNAME_CFG01 }}.yml
237 classes:
238 - system.openssh.server.team.all
239 - cluster.{{ LAB_CONFIG_NAME }}.infra.config
240 EOF
241
242 node_name: {{ HOSTNAME_CFG01 }}
243 retry: {count: 1, delay: 1}
244 skip_fail: false
245
246- description: Modify generated model and reclass-system if necessary
247 cmd: |
248 set -e;
249 {%- if SALT_MODELS_SYSTEM_COMMIT != '' %}
250 pushd /srv/salt/reclass/classes/system/
251 git checkout {{ SALT_MODELS_SYSTEM_COMMIT }} && \
252 popd
253 {%- elif SALT_MODELS_SYSTEM_REF_CHANGE != '' -%}
254 pushd /srv/salt/reclass/classes/system/
255 {%- for item in SALT_MODELS_SYSTEM_REF_CHANGE.split(" ") %}
256 git fetch {{ SALT_MODELS_SYSTEM_REPOSITORY }} {{ item }} && git cherry-pick FETCH_HEAD
257 {%- endfor %}
258 popd
259 {%- endif %}
260
261 export REPLACE_DIRS="/srv/salt/reclass/classes/ /srv/salt/reclass/nodes/"
262 find ${REPLACE_DIRS} -type f -exec sed -i 's/apt_mk_version:.*/apt_mk_version: {{ REPOSITORY_SUITE }}/g' {} +
263
264 {%- if IS_CONTRAIL_LAB %}
265 # vSRX IPs for tcp-qa images have 172.16.10.90 hardcoded
266 find ${REPLACE_DIRS} -type f -exec sed -i 's/opencontrail_router01_address:.*/opencontrail_router01_address: 172.16.10.90/g' {} +
267 find ${REPLACE_DIRS} -type f -exec sed -i 's/infra_config_deploy_address: 1.*/infra_config_deploy_address: {{ IPV4_NET_ADMIN_PREFIX }}.15/g' {} +
268 {%- endif %}
269
270 node_name: {{ HOSTNAME_CFG01 }}
271 retry: {count: 1, delay: 1}
272 skip_fail: false
273{%- endmacro %}
274
275
276{%- macro MACRO_GENERATE_AND_ENABLE_ENVIRONMENT_MODEL() %}
277{########################################################}
278
279- description: "[EXPERIMENTAL] Clone 'environment-template' repository to {{ HOSTNAME_CFG01 }}"
280 cmd: |
281 set -e;
282 mkdir -p /tmp/environment/;
283 export GIT_SSL_NO_VERIFY=true; git clone https://github.com/Mirantis/environment-template /tmp/environment/environment_template
284 node_name: {{ HOSTNAME_CFG01 }}
285 skip_fail: false
286
287{%- for ENVIRONMENT_CONTEXT_NAME in ENVIRONMENT_CONTEXT_NAMES %}
288- description: "[EXPERIMENTAL] Upload environment inventory to {{ HOSTNAME_CFG01 }}"
289 upload:
290 local_path: {{ config.salt_deploy.templates_dir }}{{ LAB_CONFIG_NAME }}/
291 local_filename: {{ ENVIRONMENT_CONTEXT_NAME }}
292 remote_path: /tmp/environment/
293 node_name: {{ HOSTNAME_CFG01 }}
294{%- endfor %}
295
296- description: "[EXPERIMENTAL] Remove linux.network.interface object from the cluster/system models and use fixed 'environment' model instead"
297 cmd: |
298 set -e;
299 apt-get -y install python-virtualenv python-pip build-essential python-dev libssl-dev;
300 pip install git+https://github.com/dis-xcom/reclass-tools;
301 reclass-tools del-key parameters.linux.network.interface /srv/salt/reclass/classes/cluster/;
302 reclass-tools del-key parameters.linux.network.interface /srv/salt/reclass/classes/system/;
303 reclass-tools del-key parameters.linux.network.interface /usr/share/salt-formulas/reclass/;
304
305 if ! reclass-tools get-key 'classes' /srv/salt/reclass/nodes/{{ HOSTNAME_CFG01 }}.yml | grep -q "environment.{{ ENVIRONMENT_MODEL_INVENTORY_NAME }}$"; then
306 reclass-tools add-key 'classes' 'environment.{{ ENVIRONMENT_MODEL_INVENTORY_NAME }}.reclass_datasource_local' /srv/salt/reclass/nodes/_generated/{{ HOSTNAME_CFG01 }}.yml --merge ;
307 reclass-tools add-key 'classes' 'environment.{{ ENVIRONMENT_MODEL_INVENTORY_NAME }}' /srv/salt/reclass/nodes/_generated/{{ HOSTNAME_CFG01 }}.yml --merge ;
308 fi;
309
310 node_name: {{ HOSTNAME_CFG01 }}
311 retry: {count: 1, delay: 5}
312 skip_fail: false
313
314- description: "Workaround for PROD-14756: all roles must use service.keepalived.cluster.single with the default 'VIP' instance"
315 cmd: |
316 set -e;
317 find /srv/salt/reclass/classes/cluster/ -type f -exec sed -i 's/system.keepalived.*/service.keepalived.cluster.single/g' {} +
318 find /srv/salt/reclass/classes/system/ -type f -exec sed -i 's/system.keepalived.*/service.keepalived.cluster.single/g' {} +
319
320 node_name: {{ HOSTNAME_CFG01 }}
321 retry: {count: 1, delay: 5}
322 skip_fail: false
323
324- description: "[EXPERIMENTAL] Create environment model for virtual environment"
325 cmd: |
326 set -e;
327 reclass-tools render --template-dir /tmp/environment/environment_template/ \
328 --output-dir /srv/salt/reclass/classes/environment/ \
329 {% for ENVIRONMENT_CONTEXT_NAME in ENVIRONMENT_CONTEXT_NAMES %} --context /tmp/environment/{{ENVIRONMENT_CONTEXT_NAME}}{% endfor %} \
330 --env-name {{ ENVIRONMENT_MODEL_INVENTORY_NAME }}
331 node_name: {{ HOSTNAME_CFG01 }}
332 retry: {count: 1, delay: 5}
333 skip_fail: false
334
335- description: Modify generated model and reclass-system
336 cmd: |
337 export REPLACE_DIRS="/srv/salt/reclass/classes/ /srv/salt/reclass/nodes/"
338 find ${REPLACE_DIRS} -type f -exec sed -i 's/apt_mk_version:.*/apt_mk_version: {{ REPOSITORY_SUITE }}/g' {} +
339 node_name: {{ HOSTNAME_CFG01 }}
340 retry: {count: 1, delay: 1}
341 skip_fail: false
342
343{%- endmacro %}
344
345
346{%- macro MACRO_CONFIGURE_RECLASS(FORMULA_SERVICES='') %}
347{#######################################################}
348- description: Configure reclass
349 cmd: |
350 set -e;
351 FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
352 FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt.mirantis.local.test/xenial {{ REPOSITORY_SUITE }} salt};
353 FORMULA_GPG=${FORMULA_GPG:-http://apt.mirantis.local.test/public.gpg};
354 which wget > /dev/null || (apt-get update; apt-get install -y wget);
355 echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/mcp_salt.list;
356 wget -O - "${FORMULA_GPG}" | apt-key add -;
357 apt-get clean; apt-get update;
358 [ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
359 declare -a formula_services=({{ FORMULA_SERVICES }});
360 echo -e "\nInstalling all required salt formulas\n";
361 eatmydata apt-get install -y "${formula_services[@]/#/salt-formula-}";
362 for formula_service in "${formula_services[@]}"; do
363 echo -e "\nLink service metadata for formula ${formula_service} ...\n";
364 [ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
365 done;
366 [ ! -d /srv/salt/env ] && mkdir -p /srv/salt/env;
367 [ ! -L /srv/salt/env/prd ] && ln -s ${FORMULA_PATH}/env /srv/salt/env/prd;
368 [ ! -d /etc/reclass ] && mkdir /etc/reclass;
369
370 cat << 'EOF' >> /etc/reclass/reclass-config.yml
371 storage_type: yaml_fs
372 pretty_print: True
373 output: yaml
374 inventory_base_uri: /srv/salt/reclass
375 EOF
376 node_name: {{ HOSTNAME_CFG01 }}
377 retry: {count: 1, delay: 1}
378 skip_fail: false
379
380- description: "*Workaround* remove all cfg01 nodes except {{ HOSTNAME_CFG01 }} to not depend on other clusters in 'reclass --top'"
381 cmd: |
382 # Remove all other nodes except {{ HOSTNAME_CFG01 }} to not rely on them for 'reclass --top'
383 find /srv/salt/reclass/nodes/ -type f -not -name {{ HOSTNAME_CFG01 }}.yml -delete
384 node_name: {{ HOSTNAME_CFG01 }}
385 retry: {count: 1, delay: 5}
386 skip_fail: false
387
388- description: Configure salt adoptors on cfg01
389 cmd: |
390 ln -s /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py /usr/local/sbin/reclass-salt;
391 chmod +x /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py
392 node_name: {{ HOSTNAME_CFG01 }}
393 retry: {count: 1, delay: 1}
394 skip_fail: false
395
396- description: Show reclass-salt --top for cfg01 node
397 cmd: reclass-salt --top
398 node_name: {{ HOSTNAME_CFG01 }}
399 retry: {count: 1, delay: 5}
400 skip_fail: false
401
402- description: Restart salt-master service
403 cmd: systemctl restart salt-master;
404 node_name: {{ HOSTNAME_CFG01 }}
405 retry: {count: 1, delay: 5}
406 skip_fail: false
407{%- endmacro %}
408
409
410{%- macro MACRO_INSTALL_SALT_MINIONS() %}
411{#######################################}
412{% for ssh in config.underlay.ssh %}
413- description: Configure salt-minion on {{ ssh['node_name'] }}
414 cmd: |
415 [ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
416 cat << "EOF" >> /etc/salt/minion.d/minion.conf
417 id: {{ ssh['node_name'] }}
418 master: {{ config.salt.salt_master_host }}
419 EOF
420 eatmydata apt-get install -y salt-minion;
421 service salt-minion restart; # For case if salt-minion was already installed
422 node_name: {{ ssh['node_name'] }}
423 retry: {count: 1, delay: 1}
424 skip_fail: false
425{% endfor %}
426
427
428- description: Accept salt keys from all the nodes
429 cmd: salt-key -A -y
430 node_name: {{ HOSTNAME_CFG01 }}
431 retry: {count: 1, delay: 5}
432 skip_fail: true
433{%- endmacro %}
434
435
436{%- macro MACRO_RUN_SALT_MASTER_UNDERLAY_STATES() %}
437{##################################################}
438
439{# Prepare salt services and nodes settings #}
440
441- description: Run 'linux' formula on cfg01
442 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@salt:master' state.sls linux;
443 node_name: {{ HOSTNAME_CFG01 }}
444 retry: {count: 3, delay: 5}
445 skip_fail: false
446
447- description: Run 'openssh' formula on cfg01
448 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
449 -C 'I@salt:master' state.sls openssh &&
450 salt --hard-crash --state-output=mixed --state-verbose=False
451 -C 'I@salt:master' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
452 yes/' /etc/ssh/sshd_config && service ssh reload"
453 node_name: {{ HOSTNAME_CFG01 }}
454 retry: {count: 3, delay: 5}
455 skip_fail: false
456
457- description: '*Workaround* of the bug https://mirantis.jira.com/browse/PROD-7962'
458 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
459 '*' cmd.run "echo ' StrictHostKeyChecking no' >> /root/.ssh/config"
460 node_name: {{ HOSTNAME_CFG01 }}
461 retry: {count: 1, delay: 1}
462 skip_fail: false
463
464- description: Run 'salt.master' formula on cfg01
465 cmd: timeout 120 salt --timeout=120 --hard-crash --state-output=mixed --state-verbose=False -C 'I@salt:master' state.sls salt.master;
466 node_name: {{ HOSTNAME_CFG01 }}
467 retry: {count: 2, delay: 5}
468 skip_fail: false
469
470{%- if SALT_FORMULAS_REFS != '' %}
471- description: Replace needed formulas to desired version
472 cmd: |
473 set -e;
474 {%- for formula_set in SALT_FORMULAS_REFS.split(' ') %}
475 {% set formula = formula_set.split(':') %}
476 {% set formula_name = formula[0] %}
477 {% set formula_ref = formula[1] %}
478 {% set formula_dir = '/tmp/salt-formula-' + formula_name %}
479 git clone {{ SALT_FORMULAS_REPO }}/{{ formula_name }} {{ formula_dir }} &&
480 pushd {{ formula_dir }} &&
481 git fetch {{ SALT_FORMULAS_REPO }}/{{ formula_name }} {{ formula_ref }} &&
482 git checkout FETCH_HEAD &&
483 popd &&
484 if [ -d "{{ formula_dir }}" ]; then
485 echo "Going to replace packaged formula {{ formula_name }}" &&
486 rm -rfv /usr/share/salt-formulas/{env,reclass/service}/{{ formula_name }} &&
487 ln -v -s "{{ formula_dir }}/{{ formula_name }}" "/usr/share/salt-formulas/env/{{ formula_name }}" &&
488 ln -v -s "{{ formula_dir }}/metadata/service/" "/usr/share/salt-formulas/reclass/service/{{ formula_name }}";
489 else
490 echo "Stopped, directory /root/salt-formula-{{ formula_name }} does not exist!";
491 fi
492 {%- endfor %}
493 node_name: {{ HOSTNAME_CFG01 }}
494 retry: {count: 1, delay: 10}
495 skip_fail: false
496{%- endif %}
497
498- description: Refresh pillars on salt-master minion
499 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@salt:master' saltutil.refresh_pillar
500 node_name: {{ HOSTNAME_CFG01 }}
501 retry: {count: 1, delay: 5}
502 skip_fail: false
503
504- description: Show reclass-salt --top for salt-master node
505 cmd: reclass-salt --top
506 node_name: {{ HOSTNAME_CFG01 }}
507 retry: {count: 1, delay: 5}
508 skip_fail: false
509
510- description: Sync all salt resources on salt-master minion
511 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@salt:master' saltutil.sync_all && sleep 5
512 node_name: {{ HOSTNAME_CFG01 }}
513 retry: {count: 1, delay: 5}
514 skip_fail: false
515
516- description: Configure linux on master
517 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@salt:master' state.sls 'linux.system'
518 node_name: {{ HOSTNAME_CFG01 }}
519 retry: {count: 1, delay: 5}
520 skip_fail: false
521
522- description: Configure salt.minion on master
523 cmd: salt --timeout=120 --hard-crash --state-output=mixed --state-verbose=False
524 -C 'I@salt:master' state.sls salt.minion && sleep 10
525 node_name: {{ HOSTNAME_CFG01 }}
526 retry: {count: 3, delay: 10}
527 skip_fail: false
528
529- description: Run state 'salt' on master (for salt.api, etc)
530 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
531 -C 'I@salt:master' state.sls salt
532 node_name: {{ HOSTNAME_CFG01 }}
533 retry: {count: 3, delay: 10}
534 skip_fail: false
535{%- endmacro %}
536
537{%- macro MACRO_GENERATE_INVENTORY() %}
538{#####################################}
539- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
540 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
541 -C 'I@salt:master' state.sls reclass
542 node_name: {{ HOSTNAME_CFG01 }}
543 retry: {count: 1, delay: 5}
544 skip_fail: false
545
546- description: Refresh pillars on all minions
547 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.refresh_pillar
548 node_name: {{ HOSTNAME_CFG01 }}
549 retry: {count: 1, delay: 5}
550 skip_fail: false
551
552- description: Show reclass-salt --top for all generated nodes
553 cmd: |
554 set -e
555 if salt-call sys.doc reclass.validate_node_params | grep -q reclass.validate_node_params ; then salt-call reclass.validate_nodes_params ; fi
556 if salt-call sys.doc reclass.validate_pillar | grep -q reclass.validate_pillar ; then salt-call reclass.validate_pillar ; fi
557 reclass-salt --top
558 node_name: {{ HOSTNAME_CFG01 }}
559 retry: {count: 1, delay: 5}
560 skip_fail: false
561
562- description: Sync all salt resources
563 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.sync_all && sleep 5
564 node_name: {{ HOSTNAME_CFG01 }}
565 retry: {count: 1, delay: 5}
566 skip_fail: false
567{%- endmacro %}
568
569
570{%- macro MACRO_BOOTSTRAP_ALL_MINIONS() %}
571{########################################}
572# Bootstrap all nodes
573- description: Configure linux on other nodes
574 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@linux:system' state.sls linux
575 node_name: {{ HOSTNAME_CFG01 }}
576 retry: {count: 5, delay: 10}
577 skip_fail: false
578
579- description: Configure openssh on all nodes
580 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@linux:system and not cfg01*' state.sls openssh &&
581 salt --hard-crash --state-output=mixed --state-verbose=False
582 -C 'I@linux:system and not cfg01*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
583 yes/' /etc/ssh/sshd_config && service ssh reload"
584 node_name: {{ HOSTNAME_CFG01 }}
585 retry: {count: 1, delay: 5}
586 skip_fail: false
587
588- description: Configure salt.minion on other nodes
589 cmd: salt --timeout=120 --hard-crash --state-output=mixed --state-verbose=False -C 'I@linux:system and not cfg01*' state.sls salt.minion &&
590 sleep 10
591 node_name: {{ HOSTNAME_CFG01 }}
592 retry: {count: 3, delay: 15}
593 skip_fail: false
594
595- description: Check salt minion versions on slaves
596 cmd: salt '*' test.version
597 node_name: {{ HOSTNAME_CFG01 }}
598 retry: {count: 3, delay: 15}
599 skip_fail: false
600
601- description: Check salt top states on nodes
602 cmd: salt '*' state.show_top
603 node_name: {{ HOSTNAME_CFG01 }}
604 retry: {count: 1, delay: 5}
605 skip_fail: false
606
607- description: Configure ntp and rsyslog on nodes
608 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@linux:system' state.sls ntp,rsyslog
609 node_name: {{ HOSTNAME_CFG01 }}
610 retry: {count: 1, delay: 10}
611 skip_fail: false
612{%- endmacro %}
613
614
615{%- macro MACRO_NETWORKING_WORKAROUNDS() %}
616{#########################################}
617
618- description: '*Workaround 1/2* of the bug PROD-9576 to get bond0-connectivity *without* rebooting nodes'
619 cmd: salt-call --hard-crash --state-output=mixed --state-verbose=False cmd.run
620 "mkdir -p /tmp/PROD-9576; cd /tmp/PROD-9576; git clone https://gerrit.mcp.mirantis.net/salt-formulas/linux; cd linux;
621 git fetch https://gerrit.mcp.mirantis.net/salt-formulas/linux refs/changes/54/2354/16 && git checkout FETCH_HEAD;
622 cp -f linux/network/interface.sls /srv/salt/env/prd/linux/network/;
623 cp -f linux/map.jinja /srv/salt/env/prd/linux/;"
624 node_name: {{ HOSTNAME_CFG01 }}
625 retry: {count: 1, delay: 5}
626 skip_fail: false
627
628- description: '*Workaround: Load bonding module before call state.linux'
629 cmd: salt -C "I@linux:network:interface:*:type:bond" cmd.run 'modprobe bonding'
630 node_name: {{ HOSTNAME_CFG01 }}
631 retry: {count: 1, delay: 5}
632 skip_fail: true
633
634- description: '*Workaround* install bridge-utils before running linux formula'
635 # The formula removes default route and then tries to install the package, fails.
636 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
637 cfg01*' cmd.run 'sudo apt-get install -y bridge-utils'
638 node_name: {{ HOSTNAME_CFG01 }}
639 retry: {count: 1, delay: 5}
640 skip_fail: false
641
642{%- endmacro %}