Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / mcp / tcp-qa / 57bb8e7e2f305dda0e726cd4c8df9ff2b17de4b3 / . / tcp_tests / templates / virtual-mcp11-k8s-calico / salt.yaml
blob: 2c00949817e42a929a71a49ee1c338de6345351c [file] [log] [blame]
Sergii Golovatiuk57bb8e72017-05-16 19:49:49 +0200[diff] [blame^]1{% from 'virtual-mcp11-k8s-calico/map.jinja' import HOSTNAME_CFG01 with context %}
2
3# Install salt to the config node
4
5
6- description: Configure repository on the cfg01 node
7 cmd:
8 echo "172.18.248.114 jenkins.mcp.mirantis.net gerrit.mcp.mirantis.net" >> /etc/hosts;
9 echo "185.135.196.10 apt-mk.mirantis.com" >> /etc/hosts;
10 echo "nameserver 172.18.208.44" >> /etc/resolv.conf;
11 echo "nameserver 8.8.8.8" >> /etc/resolv.conf;
12 which wget >/dev/null || (apt-get update; apt-get install -y wget);
13 echo "deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
14 wget -O - http://apt-mk.mirantis.com/public.gpg | apt-key add -;
15 echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
16 wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
17 node_name: {{ HOSTNAME_CFG01 }}
18 retry: {count: 1, delay: 1}
19 skip_fail: false
20
21- description: Update packages on cfg01
22 cmd: apt-get clean; apt-get update
23 node_name: {{ HOSTNAME_CFG01 }}
24 retry: {count: 1, delay: 1}
25 skip_fail: false
26
27- description: Installing salt master on cfg01
28 cmd: apt-get install -y reclass git; apt-get install -y salt-master
29 node_name: {{ HOSTNAME_CFG01 }}
30 retry: {count: 1, delay: 1}
31 skip_fail: false
32
33- description: Install common packages on cfg01
34 cmd: apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
35 node_name: {{ HOSTNAME_CFG01 }}
36 retry: {count: 1, delay: 1}
37 skip_fail: false
38
39- description: Configure salt-master on cfg01
40 cmd: |
41 cat << 'EOF' >> /etc/salt/master.d/master.conf
42 file_roots:
43 base:
44 - /usr/share/salt-formulas/env
45 pillar_opts: False
46 open_mode: True
47 reclass: &reclass
48 storage_type: yaml_fs
49 inventory_base_uri: /srv/salt/reclass
50 ext_pillar:
51 - reclass: *reclass
52 master_tops:
53 reclass: *reclass
54 EOF
55 node_name: {{ HOSTNAME_CFG01 }}
56 retry: {count: 1, delay: 1}
57 skip_fail: false
58
59- description: Configure GIT settings and certificates
60 cmd: touch /root/.git_trusted_certs.pem;
61 for server in git.tcpcloud.eu github.com; do
62 openssl s_client -showcerts -connect $server:443 </dev/null
63 | openssl x509 -outform PEM
64 >> /root/.git_trusted_certs.pem;
65 done;
66 HOME=/root git config --global http.sslCAInfo /root/.git_trusted_certs.pem;
67 HOME=/root git config --global user.email "tcp-qa@example.com";
68 HOME=/root git config --global user.name "TCP QA";
69 node_name: {{ HOSTNAME_CFG01 }}
70 retry: {count: 1, delay: 1}
71 skip_fail: false
72
73
74- description: Clone reclass models with submodules
75 cmd: |
76 ssh-keyscan -H github.com >> ~/.ssh/known_hosts;
77 git clone --recursive https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab /srv/salt/reclass;
78 git clone -b $reclass_branch --recurse-submodules https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab /srv/salt/reclass
79 mkdir -p /srv/salt/reclass/classes/service;
80 node_name: {{ HOSTNAME_CFG01 }}
81 retry: {count: 1, delay: 1}
82 skip_fail: false
83
84- description: Configure reclass
85 cmd: |
86 FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
87 FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra};
88 FORMULA_GPG=${FORMULA_GPG:-http://apt-mk.mirantis.com/public.gpg};
89 which wget > /dev/null || (apt-get update; apt-get install -y wget);
90 echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/mcp_salt.list;
91 wget -O - "${FORMULA_GPG}" | apt-key add -;
92 apt-get clean; apt-get update;
93 [ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
94 declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon" "telegraf" "prometheus");
95 echo -e "\nInstalling all required salt formulas\n";
96 apt-get install -y "${formula_services[@]/#/salt-formula-}";
97 for formula_service in "${formula_services[@]}"; do
98 echo -e "\nLink service metadata for formula ${formula_service} ...\n";
99 [ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
100 done;
101 [ ! -d /srv/salt/env ] && mkdir -p /srv/salt/env;
102 [ ! -L /srv/salt/env/prd ] && ln -s ${FORMULA_PATH}/env /srv/salt/env/prd;
103 [ ! -d /etc/reclass ] && mkdir /etc/reclass;
104
105 cat << 'EOF' >> /etc/reclass/reclass-config.yml
106 storage_type: yaml_fs
107 pretty_print: True
108 output: yaml
109 inventory_base_uri: /srv/salt/reclass
110 EOF
111 node_name: {{ HOSTNAME_CFG01 }}
112 retry: {count: 1, delay: 1}
113 skip_fail: false
114
115- description: Configure salt-minion on cfg01
116 cmd: |
117 [ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
118 cat << "EOF" >> /etc/salt/minion.d/minion.conf
119 id: {{ HOSTNAME_CFG01 }}
120 master: 127.0.0.1
121 EOF
122 apt-get install -y salt-minion;
123 node_name: {{ HOSTNAME_CFG01 }}
124 retry: {count: 1, delay: 1}
125 skip_fail: false
126
127- description: Configure salt adoptors on cfg01
128 cmd: |
129 ln -s /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py /usr/local/sbin/reclass-salt;
130 chmod +x /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py
131 node_name: {{ HOSTNAME_CFG01 }}
132 retry: {count: 1, delay: 1}
133 skip_fail: false
134
135- description: Restart services
136 cmd: |
137 systemctl restart salt-master;
138 systemctl restart salt-minion;
139 echo "Showing system info and metadata ...";
140 salt-call --no-color grains.items;
141 salt-call --no-color pillar.data;
142 node_name: {{ HOSTNAME_CFG01 }}
143 retry: {count: 1, delay: 5}
144 skip_fail: false
145
146# Prepare salt services and nodes settings
147- description: Run 'linux' formula on cfg01
148 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
149 -C 'I@salt:master' state.sls linux;
150 node_name: {{ HOSTNAME_CFG01 }}
151 retry: {count: 1, delay: 5}
152 skip_fail: false
153
154- description: Run 'openssh' formula on cfg01
155 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
156 -C 'I@salt:master' state.sls openssh;
157 salt --hard-crash --state-output=mixed --state-verbose=False
158 -C 'I@salt:master' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
159 yes/' /etc/ssh/sshd_config && service ssh restart";
160 node_name: {{ HOSTNAME_CFG01 }}
161 retry: {count: 3, delay: 5}
162 skip_fail: false
163
164- description: '*Workaround* of the bug https://mirantis.jira.com/browse/PROD-7962'
165 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
166 '*' cmd.run "echo ' StrictHostKeyChecking no' >> /root/.ssh/config"
167 node_name: {{ HOSTNAME_CFG01 }}
168 retry: {count: 1, delay: 1}
169 skip_fail: false
170
171- description: Run 'reclass' formula on cfg01
172 cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
173 -C 'I@salt:master' reclass;
174 salt-call --no-color state.sls salt.master;
175 node_name: {{ HOSTNAME_CFG01 }}
176 retry: {count: 1, delay: 5}
177 skip_fail: true
178
179
180- description: Run 'salt' formula on cfg01
181 cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
182 -C 'I@salt:master' state.sls salt.master.service;
183 salt-call --no-color state.sls salt.master,salt.api,salt.minion.ca;
184 systemctl restart salt-minion;
185 node_name: {{ HOSTNAME_CFG01 }}
186 retry: {count: 1, delay: 5}
187 skip_fail: true
188
189- description: Accept salt keys from all the nodes
190 cmd: salt-key -A -y
191 node_name: {{ HOSTNAME_CFG01 }}
192 retry: {count: 1, delay: 5}
193 skip_fail: false
194
195- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
196 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
197 -C 'I@salt:master' state.sls reclass
198 node_name: {{ HOSTNAME_CFG01 }}
199 retry: {count: 1, delay: 5}
200 skip_fail: false
201
202- description: Refresh pillars on all minions
203 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.refresh_pillar
204 node_name: {{ HOSTNAME_CFG01 }}
205 retry: {count: 1, delay: 5}
206 skip_fail: false
207
208- description: Sync all salt resources
209 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.sync_all
210 node_name: {{ HOSTNAME_CFG01 }}
211 retry: {count: 1, delay: 5}
212 skip_fail: false
213
214- description: Show reclass-salt --top
215 cmd: reclass-salt --top; salt-call --no-color state.sls salt.minion.cert -l info;
216 node_name: {{ HOSTNAME_CFG01 }}
217 retry: {count: 1, delay: 5}
218 skip_fail: false
219
220
221# Bootstrap all nodes
222
223- description: Configure linux on controllers
224 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls
225 linux
226 node_name: {{ HOSTNAME_CFG01 }}
227 retry: {count: 1, delay: 5}
228 skip_fail: false
229
230- description: Configure linux on cmp
231 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls
232 linux
233 node_name: {{ HOSTNAME_CFG01 }}
234 retry: {count: 3, delay: 20}
235 skip_fail: false
236
237- description: Configure linux on mon
238 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'mon*' state.sls
239 linux
240 node_name: {{ HOSTNAME_CFG01 }}
241 retry: {count: 3, delay: 20}
242 skip_fail: false
243
244- description: Configure linux on prx
245 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'prx*' state.sls
246 linux
247 node_name: {{ HOSTNAME_CFG01 }}
248 retry: {count: 3, delay: 20}
249 skip_fail: false
250
251- description: Configure openssh on all nodes
252 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
253 cfg*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
254 -C '* and not cfg*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
255 yes/' /etc/ssh/sshd_config && service ssh restart"
256 node_name: {{ HOSTNAME_CFG01 }}
257 retry: {count: 1, delay: 5}
258 skip_fail: false
259
260- description: Configure salt.minion on ctl
261 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls salt.minion
262 node_name: {{ HOSTNAME_CFG01 }}
263 retry: {count: 3, delay: 5}
264 skip_fail: false
265
266- description: Configure salt.minion on cmp
267 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls salt.minion
268 node_name: {{ HOSTNAME_CFG01 }}
269 retry: {count: 3, delay: 5}
270 skip_fail: false
271
272- description: Configure salt.minion on mon
273 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'mon*' state.sls salt.minion
274 node_name: {{ HOSTNAME_CFG01 }}
275 retry: {count: 3, delay: 5}
276 skip_fail: false
277
278- description: Configure salt.minion on prx
279 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'prx*' state.sls salt.minion
280 node_name: {{ HOSTNAME_CFG01 }}
281 retry: {count: 3, delay: 5}
282 skip_fail: false
283
284- description: Check salt minion versions on slaves
285 cmd: salt '*' test.version
286 node_name: {{ HOSTNAME_CFG01 }}
287 retry: {count: 1, delay: 5}
288 skip_fail: false
289
290- description: Check salt top states on nodes
291 cmd: salt '*' state.show_top
292 node_name: {{ HOSTNAME_CFG01 }}
293 retry: {count: 1, delay: 5}
294 skip_fail: false
295
296- description: Configure ntp and rsyslog on nodes
297 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls ntp,rsyslog
298 node_name: {{ HOSTNAME_CFG01 }}
299 retry: {count: 1, delay: 10}
300 skip_fail: false