tcp_tests/templates/salt/virtual_mcp10_ovs-salt.yaml

{% from 'virtual_mcp10_ovs.jinja' import HOSTNAME_CFG01 with context %}

# Install salt to the config node


- description: Configure tcpcloud repository on the cfg01 node
  cmd: echo "deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
    wget -O - http://apt-mk.mirantis.com/public.gpg | apt-key add -;
    echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
    wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Update packages on cfg01
  cmd: apt-get clean; apt-get update
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Install common packages on cfg01
  cmd: apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Install common packages on cfg01
  cmd: apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Install salt formulas, master and minion on cfg01
  # cmd: apt-get install -y salt-formula-* salt-master salt-minion reclass
  cmd: apt-get install -y
    salt-master
    salt-minion
    reclass
    git
    salt-formula-linux
    salt-formula-reclass
    salt-formula-salt
    salt-formula-openssh
    salt-formula-ntp
    salt-formula-git
    salt-formula-nginx
    salt-formula-collectd
    salt-formula-sensu
    salt-formula-heka
    salt-formula-sphinx
    salt-formula-keystone
    salt-formula-mysql
    salt-formula-grafana
    salt-formula-haproxy
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Configure salt-master on cfg01
  cmd: |
    cat << 'EOF' >> /etc/salt/master.d/master.conf
    file_roots:
      base:
      - /usr/share/salt-formulas/env
    pillar_opts: False
    open_mode: True
    reclass: &reclass
      storage_type: yaml_fs
      inventory_base_uri: /srv/salt/reclass
    ext_pillar:
      - reclass: *reclass
    master_tops:
      reclass: *reclass
    EOF
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Clone reclass models with submodules
  cmd: |
    ssh-keyscan -H github.com >> ~/.ssh/known_hosts;
    git clone --recurse-submodules https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab /srv/salt/reclass;
    cd /srv/salt/reclass;
    git checkout master;
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Configure reclass
  cmd: |
    FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
    FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt.tcpcloud.eu/nightly xenial tcp-salt};
    FORMULA_GPG=${FORMULA_GPG:-http://apt.tcpcloud.eu/public.gpg};
    which wget > /dev/null || (apt-get update; apt-get install -y wget);
    echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/tcpcloud_salt.list;
    wget -O - "${FORMULA_GPG}" | apt-key add -;
    apt-get clean; apt-get update;
    [ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
    declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon");
    echo -e "\nInstalling all required salt formulas\n";
    apt-get install -y "${formula_services[@]/#/salt-formula-}";
    for formula_service in in "${formula_services[@]}"; do
      [ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
    done;
    [ ! -d /srv/salt/env ] && mkdir -p /srv/salt/env;
    [ ! -L /srv/salt/env/prd ] && ln -s ${FORMULA_PATH}/env /srv/salt/env/prd;
    [ ! -d /etc/reclass ] && mkdir /etc/reclass;
    cat << 'EOF' >> /etc/reclass/reclass-config.yml
    storage_type: yaml_fs
    pretty_print: True
    output: yaml
    inventory_base_uri: /srv/salt/reclass
    EOF
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Configure salt-minion on cfg01
  cmd: |
    [ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
    cat << "EOF" >> /etc/salt/minion.d/minion.conf
    id: {{ HOSTNAME_CFG01 }}
    master: localhost
    EOF
    apt-get install -y salt-minion;
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false

- description: Restart services
  cmd: |
     systemctl restart salt-master;
     systemctl restart salt-minion;
     echo "Showing system info and metadata ...";
     salt-call --no-color grains.items;
     salt-call --no-color pillar.data;
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

# Prepare salt services and nodes settings
- description: Run 'linux' and openssh formula on cfg01
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False
    -C 'I@salt:master' state.sls linux,openssh;
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Run 'reclass' formula on cfg01
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False
    -C 'I@salt:master' state.sls reclass;
    salt --hard-crash --state-output=mixed --state-verbose=False
    -C 'I@salt:master' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
    yes/' /etc/ssh/sshd_config && service ssh restart";
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Run 'salt' formula on cfg01
  cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
    -C 'I@salt:master' state.sls salt.master.service;
    salt-call --no-color state.sls salt.master,salt.api,salt.minion.ca -l info;
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: true

- description: Accept salt keys from all the nodes
  cmd: salt-key -A -y
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 5}
  skip_fail: false

- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False
    -C 'I@salt:master' state.sls reclass
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Refresh pillars on all minions
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.refresh_pillar
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Sync all salt resources
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.sync_all
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Show  reclass-salt --top
  cmd: salt-call --no-color state.sls salt.minion.cert -l info
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false


# Bootstrap all nodes

- description: Workaround for missing kernel modules
  cmd: salt '*' cmd.run "for module in nf_conntrack_ipv4 ip_tables
    x_tables nf_defrag_ipv4 nf_nat_ipv4 nf_nat
    iptable_filter iptable_mangle iptable_nat;
    do
    modprobe \$module;
    echo \$module >> /etc/modules;
    done"
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 1, delay: 1}
  skip_fail: false


- description: Configure linux on all nodes
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls
    linux
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 5, delay: 5}
  skip_fail: false

- description: Configure openssh on all nodes
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
    cfg*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
    -C '* and not cfg*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
    yes/' /etc/ssh/sshd_config && service ssh restart"
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: '*Workaround* for the bug https://mirantis.jira.com/browse/PROD-8021'
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' cmd.run 'apt-get
    -y install linux-image-extra-$(uname -r)'
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Configure salt.minion on controllers
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls salt.minion
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Check salt minion versions on slaves
  cmd: salt '*' test.version
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Check salt minion versions on slaves
  cmd: salt '*' state.show_top
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 3, delay: 5}
  skip_fail: false

- description: Configure ntp on controllers
  cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls ntp
  node_name: {{ HOSTNAME_CFG01 }}
  retry: {count: 5, delay: 10}
  skip_fail: false