Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp / tcp-qa / 52037a4a47be9c88c2ee999bd10040da8322d73d / . / tcp_tests / templates / salt / mcp-fuel-aio-salt.yaml
blob: 328aafce77be40a9fa76726363526fdd2b2b70ef [file] [log] [blame]
Tatyana Leontovichb7404592017-04-07 11:52:28 +0300[diff] [blame]1{% from 'mcp-fuel-aio.jinja' import HOSTNAME_CFG01 with context %}
2
3# Install salt to the config node
4
5
6- description: Configure repository on the cfg01 node
7 cmd:
8 echo "172.18.248.114 jenkins.mcp.mirantis.net gerrit.mcp.mirantis.net" >> /etc/hosts;
9 echo "185.135.196.10 apt-mk.mirantis.com" >> /etc/hosts;
10 echo "nameserver 172.18.208.44 >> /etc/resolv.conf;
11 echo "nameserver 8.8.8.8 >> /etc/resolv.conf;
12 which wget >/dev/null || (apt-get update; apt-get install -y wget);
13 echo "deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
14 wget -O - http://apt-mk.mirantis.com/public.gpg | apt-key add -;
15 echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
16 wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
17 node_name: {{ HOSTNAME_CFG01 }}
18 retry: {count: 1, delay: 1}
19 skip_fail: false
20
21- description: Update packages on cfg01
22 cmd: apt-get clean; apt-get update
23 node_name: {{ HOSTNAME_CFG01 }}
24 retry: {count: 1, delay: 1}
25 skip_fail: false
26
27- description: Installing salt master on cfg01
28 cmd: apt-get install -y reclass git; apt-get install -y salt-master
29 node_name: {{ HOSTNAME_CFG01 }}
30 retry: {count: 1, delay: 1}
31 skip_fail: false
32
33- description: Install common packages on cfg01
34 cmd: apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
35 node_name: {{ HOSTNAME_CFG01 }}
36 retry: {count: 1, delay: 1}
37 skip_fail: false
38
39- description: Configure salt-master on cfg01
40 cmd: |
41 cat << 'EOF' >> /etc/salt/master.d/master.conf
42 file_roots:
43 base:
44 - /usr/share/salt-formulas/env
45 pillar_opts: False
46 open_mode: True
47 reclass: &reclass
48 storage_type: yaml_fs
49 inventory_base_uri: /srv/salt/reclass
50 ext_pillar:
51 - reclass: *reclass
52 master_tops:
53 reclass: *reclass
54 EOF
55 node_name: {{ HOSTNAME_CFG01 }}
56 retry: {count: 1, delay: 1}
57 skip_fail: false
58
59- description: Configure GIT settings and certificates
60 cmd: touch /root/.git_trusted_certs.pem;
61 for server in git.tcpcloud.eu github.com; do
62 openssl s_client -showcerts -connect $server:443 </dev/null
63 | openssl x509 -outform PEM
64 >> /root/.git_trusted_certs.pem;
65 done;
66 HOME=/root git config --global http.sslCAInfo /root/.git_trusted_certs.pem;
67 HOME=/root git config --global user.email "tcp-qa@example.com";
68 HOME=/root git config --global user.name "TCP QA";
69 node_name: {{ HOSTNAME_CFG01 }}
70 retry: {count: 1, delay: 1}
71 skip_fail: false
72
73
74- description: Clone reclass models with submodules
75 cmd: |
76 ssh-keyscan -H github.com >> ~/.ssh/known_hosts;
77 git clone -b docker_13 --recurse-submodules https://github.com/TatyankaLeontovich/k8s-salt-model/tree/docker_13 /srv/salt/reclass;
78 mkdir -p /srv/salt/reclass/classes/service;
79 node_name: {{ HOSTNAME_CFG01 }}
80 retry: {count: 1, delay: 1}
81 skip_fail: false
82
83- description: Configure reclass
84 cmd: |
85 FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
86 FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt.tcpcloud.eu/nightly xenial tcp-salt};
87 FORMULA_GPG=${FORMULA_GPG:-http://apt.tcpcloud.eu/public.gpg};
88 which wget > /dev/null || (apt-get update; apt-get install -y wget);
89 echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/tcpcloud_salt.list;
90 wget -O - "${FORMULA_GPG}" | apt-key add -;
91 apt-get clean; apt-get update;
92 [ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
93 declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon");
94 echo -e "\nInstalling all required salt formulas\n";
95 apt-get install -y "${formula_services[@]/#/salt-formula-}";
96 for formula_service in "${formula_services[@]}"; do
97 echo -e "\nLink service metadata for formula ${formula_service} ...\n";
98 [ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
99 done;
100 [ ! -d /srv/salt/env ] && mkdir -p /srv/salt/env;
101 [ ! -L /srv/salt/env/prd ] && ln -s ${FORMULA_PATH}/env /srv/salt/env/prd;
102 [ ! -d /etc/reclass ] && mkdir /etc/reclass;
103
104 cat << 'EOF' >> /etc/reclass/reclass-config.yml
105 storage_type: yaml_fs
106 pretty_print: True
107 output: yaml
108 inventory_base_uri: /srv/salt/reclass
109 EOF
110 node_name: {{ HOSTNAME_CFG01 }}
111 retry: {count: 1, delay: 1}
112 skip_fail: false
113
114- description: Configure salt-minion on cfg01
115 cmd: |
116 [ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
117 cat << "EOF" >> /etc/salt/minion.d/minion.conf
118 id: {{ HOSTNAME_CFG01 }}
119 master: 127.0.0.1
120 EOF
121 apt-get install -y salt-minion;
122 node_name: {{ HOSTNAME_CFG01 }}
123 retry: {count: 1, delay: 1}
124 skip_fail: false
125
126- description: Configure salt adoptors on cfg01
127 cmd: |
128 ln -s /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py /usr/local/sbin/reclass-salt;
129 chmod +x /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py
130 node_name: {{ HOSTNAME_CFG01 }}
131 retry: {count: 1, delay: 1}
132 skip_fail: false
133
134- description: Restart services
135 cmd: |
136 systemctl restart salt-master;
137 systemctl restart salt-minion;
138 echo "Showing system info and metadata ...";
139 salt-call --no-color grains.items;
140 salt-call --no-color pillar.data;
141 node_name: {{ HOSTNAME_CFG01 }}
142 retry: {count: 1, delay: 5}
143 skip_fail: false
144
145# Prepare salt services and nodes settings
146- description: Run 'linux' formula on cfg01
147 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
148 -C 'I@salt:master' state.sls linux;
149 node_name: {{ HOSTNAME_CFG01 }}
150 retry: {count: 1, delay: 5}
151 skip_fail: false
152
153- description: Run 'openssh' formula on cfg01
154 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
155 -C 'I@salt:master' state.sls openssh;
156 salt --hard-crash --state-output=mixed --state-verbose=False
157 -C 'I@salt:master' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
158 yes/' /etc/ssh/sshd_config && service ssh restart";
159 node_name: {{ HOSTNAME_CFG01 }}
160 retry: {count: 3, delay: 5}
161 skip_fail: false
162
163- description: '*Workaround* of the bug https://mirantis.jira.com/browse/PROD-7962'
164 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
165 '*' cmd.run "echo ' StrictHostKeyChecking no' >> /root/.ssh/config"
166 node_name: {{ HOSTNAME_CFG01 }}
167 retry: {count: 1, delay: 1}
168 skip_fail: false
169
170- description: Run 'reclass' formula on cfg01
171 cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
172 -C 'I@salt:master' reclass;
173 salt-call --no-color state.sls salt.master;
174 node_name: {{ HOSTNAME_CFG01 }}
175 retry: {count: 1, delay: 5}
176 skip_fail: true
177
178
179- description: Run 'salt' formula on cfg01
180 cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
181 -C 'I@salt:master' state.sls salt.master.service;
182 salt-call --no-color state.sls salt.master,salt.api,salt.minion.ca;
183 systemctl restart salt-minion;
184 node_name: {{ HOSTNAME_CFG01 }}
185 retry: {count: 1, delay: 5}
186 skip_fail: true
187
188- description: Accept salt keys from all the nodes
189 cmd: salt-key -A -y
190 node_name: {{ HOSTNAME_CFG01 }}
191 retry: {count: 1, delay: 5}
192 skip_fail: false
193
194- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
195 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
196 -C 'I@salt:master' state.sls reclass
197 node_name: {{ HOSTNAME_CFG01 }}
198 retry: {count: 1, delay: 5}
199 skip_fail: false
200
201- description: Refresh pillars on all minions
202 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.refresh_pillar
203 node_name: {{ HOSTNAME_CFG01 }}
204 retry: {count: 1, delay: 5}
205 skip_fail: false
206
207- description: Sync all salt resources
208 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.sync_all
209 node_name: {{ HOSTNAME_CFG01 }}
210 retry: {count: 1, delay: 5}
211 skip_fail: false
212
213- description: Show reclass-salt --top
214 cmd: reclass-salt --top; salt-call --no-color state.sls salt.minion.cert -l info;
215 node_name: {{ HOSTNAME_CFG01 }}
216 retry: {count: 1, delay: 5}
217 skip_fail: false
218
219
220# Bootstrap all nodes
221
222- description: Configure linux on controllers
223 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls
224 linux
225 node_name: {{ HOSTNAME_CFG01 }}
226 retry: {count: 1, delay: 5}
227 skip_fail: false
228
229- description: Configure linux on cmp
230 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls
231 linux
232 node_name: {{ HOSTNAME_CFG01 }}
233 retry: {count: 3, delay: 20}
234 skip_fail: false
235
236- description: Configure openssh on all nodes
237 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
238 cfg*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
239 -C '* and not cfg*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
240 yes/' /etc/ssh/sshd_config && service ssh restart"
241 node_name: {{ HOSTNAME_CFG01 }}
242 retry: {count: 1, delay: 5}
243 skip_fail: false
244
245- description: Configure salt.minion on ctl
246 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls salt.minion
247 node_name: {{ HOSTNAME_CFG01 }}
248 retry: {count: 3, delay: 5}
249 skip_fail: false
250
251- description: Configure salt.minion on cmp
252 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls salt.minion
253 node_name: {{ HOSTNAME_CFG01 }}
254 retry: {count: 3, delay: 5}
255 skip_fail: false
256
257- description: Check salt minion versions on slaves
258 cmd: salt '*' test.version
259 node_name: {{ HOSTNAME_CFG01 }}
260 retry: {count: 1, delay: 5}
261 skip_fail: false
262
263- description: Check salt top states on nodes
264 cmd: salt '*' state.show_top
265 node_name: {{ HOSTNAME_CFG01 }}
266 retry: {count: 1, delay: 5}
267 skip_fail: false
268
269- description: Configure ntp and rsyslog on nodes
270 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls ntp,rsyslog
271 node_name: {{ HOSTNAME_CFG01 }}
272 retry: {count: 1, delay: 10}
273 skip_fail: false