blob: c3d81d851a048dfef2115ea7c458cfcce961e089 [file] [log] [blame]
Dennis Dmitrievab83ea42017-05-12 16:52:45 +03001{% from 'virtual-mcp10-dvr/map.jinja' import HOSTNAME_CFG01 with context %}
Tatyana Leontovich055b5062017-04-03 13:17:25 +03002
3# Install salt to the config node
4
5
Tatyana Leontovich5fd6ed62017-04-04 15:08:29 +03006- description: Configure repository on the cfg01 node
7 cmd:
8 echo "172.18.248.114 jenkins.mcp.mirantis.net gerrit.mcp.mirantis.net" >> /etc/hosts;
9 echo "185.135.196.10 apt-mk.mirantis.com" >> /etc/hosts;
Tatyana Leontovich3c6aa452017-04-25 15:04:40 +030010 echo "nameserver 172.18.208.44" >> /etc/resolv.conf;
11 echo "nameserver 8.8.8.8" >> /etc/resolv.conf;
Tatyana Leontovich5fd6ed62017-04-04 15:08:29 +030012 which wget >/dev/null || (apt-get update; apt-get install -y wget);
13 echo "deb [arch=amd64] http://apt-mk.mirantis.com/xenial nightly salt extra" > /etc/apt/sources.list.d/mcp_salt.list;
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030014 wget -O - http://apt-mk.mirantis.com/public.gpg | apt-key add -;
Tatyana Leontovich055b5062017-04-03 13:17:25 +030015 echo "deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3 xenial main" > /etc/apt/sources.list.d/saltstack.list;
16 wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.3/SALTSTACK-GPG-KEY.pub | apt-key add -;
Tatyana Leontovich055b5062017-04-03 13:17:25 +030017 node_name: {{ HOSTNAME_CFG01 }}
18 retry: {count: 1, delay: 1}
19 skip_fail: false
20
Tatyana Leontovich055b5062017-04-03 13:17:25 +030021- description: Update packages on cfg01
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030022 cmd: apt-get clean; apt-get update
Tatyana Leontovich055b5062017-04-03 13:17:25 +030023 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030024 retry: {count: 1, delay: 1}
Tatyana Leontovich055b5062017-04-03 13:17:25 +030025 skip_fail: false
26
Tatyana Leontovich5fd6ed62017-04-04 15:08:29 +030027- description: Installing salt master on cfg01
28 cmd: apt-get install -y reclass git; apt-get install -y salt-master
Tatyana Leontovich055b5062017-04-03 13:17:25 +030029 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030030 retry: {count: 1, delay: 1}
31 skip_fail: false
32
33- description: Install common packages on cfg01
34 cmd: apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
35 node_name: {{ HOSTNAME_CFG01 }}
36 retry: {count: 1, delay: 1}
Tatyana Leontovich055b5062017-04-03 13:17:25 +030037 skip_fail: false
38
Tatyana Leontovich055b5062017-04-03 13:17:25 +030039- description: Configure salt-master on cfg01
40 cmd: |
41 cat << 'EOF' >> /etc/salt/master.d/master.conf
42 file_roots:
43 base:
44 - /usr/share/salt-formulas/env
45 pillar_opts: False
46 open_mode: True
47 reclass: &reclass
48 storage_type: yaml_fs
49 inventory_base_uri: /srv/salt/reclass
50 ext_pillar:
51 - reclass: *reclass
52 master_tops:
53 reclass: *reclass
54 EOF
55 node_name: {{ HOSTNAME_CFG01 }}
56 retry: {count: 1, delay: 1}
57 skip_fail: false
58
Tatyana Leontovich30a9db12017-04-06 14:28:39 +030059- description: Configure GIT settings and certificates
60 cmd: touch /root/.git_trusted_certs.pem;
61 for server in git.tcpcloud.eu github.com; do
62 openssl s_client -showcerts -connect $server:443 </dev/null
63 | openssl x509 -outform PEM
64 >> /root/.git_trusted_certs.pem;
65 done;
66 HOME=/root git config --global http.sslCAInfo /root/.git_trusted_certs.pem;
67 HOME=/root git config --global user.email "tcp-qa@example.com";
68 HOME=/root git config --global user.name "TCP QA";
69 node_name: {{ HOSTNAME_CFG01 }}
70 retry: {count: 1, delay: 1}
71 skip_fail: false
72
73
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030074- description: Clone reclass models with submodules
Tatyana Leontovich055b5062017-04-03 13:17:25 +030075 cmd: |
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030076 ssh-keyscan -H github.com >> ~/.ssh/known_hosts;
Tatyana Leontovich5fd6ed62017-04-04 15:08:29 +030077 git clone -b master --recurse-submodules https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab /srv/salt/reclass;
78 mkdir -p /srv/salt/reclass/classes/service;
Tatyana Leontovich055b5062017-04-03 13:17:25 +030079 node_name: {{ HOSTNAME_CFG01 }}
80 retry: {count: 1, delay: 1}
81 skip_fail: false
82
83- description: Configure reclass
84 cmd: |
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030085 FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
Tatyana Leontovich543afa92017-04-21 14:48:03 +030086 FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt-mk.mirantis.com/xenial stable salt};
87 FORMULA_GPG=${FORMULA_GPG:-http://apt-mk.mirantis.com/public.gpg};
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030088 which wget > /dev/null || (apt-get update; apt-get install -y wget);
Tatyana Leontovich543afa92017-04-21 14:48:03 +030089 echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/mcp_salt.list;
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030090 wget -O - "${FORMULA_GPG}" | apt-key add -;
91 apt-get clean; apt-get update;
92 [ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
93 declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon");
94 echo -e "\nInstalling all required salt formulas\n";
95 apt-get install -y "${formula_services[@]/#/salt-formula-}";
Tatyana Leontovich14f6a1a2017-04-04 17:30:58 +030096 for formula_service in "${formula_services[@]}"; do
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +030097 echo -e "\nLink service metadata for formula ${formula_service} ...\n";
98 [ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
Tatyana Leontovich055b5062017-04-03 13:17:25 +030099 done;
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300100 [ ! -d /srv/salt/env ] && mkdir -p /srv/salt/env;
101 [ ! -L /srv/salt/env/prd ] && ln -s ${FORMULA_PATH}/env /srv/salt/env/prd;
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300102 [ ! -d /etc/reclass ] && mkdir /etc/reclass;
Tatyana Leontovich193554a2017-04-04 17:19:13 +0300103
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300104 cat << 'EOF' >> /etc/reclass/reclass-config.yml
105 storage_type: yaml_fs
106 pretty_print: True
107 output: yaml
108 inventory_base_uri: /srv/salt/reclass
109 EOF
110 node_name: {{ HOSTNAME_CFG01 }}
111 retry: {count: 1, delay: 1}
112 skip_fail: false
113
114- description: Configure salt-minion on cfg01
115 cmd: |
116 [ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
117 cat << "EOF" >> /etc/salt/minion.d/minion.conf
118 id: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich5fd6ed62017-04-04 15:08:29 +0300119 master: 127.0.0.1
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300120 EOF
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300121 apt-get install -y salt-minion;
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300122 node_name: {{ HOSTNAME_CFG01 }}
123 retry: {count: 1, delay: 1}
124 skip_fail: false
125
Tatyana Leontovich14f6a1a2017-04-04 17:30:58 +0300126- description: Configure salt adoptors on cfg01
127 cmd: |
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300128 ln -s /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py /usr/local/sbin/reclass-salt;
Tatyana Leontovich14f6a1a2017-04-04 17:30:58 +0300129 chmod +x /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py
130 node_name: {{ HOSTNAME_CFG01 }}
131 retry: {count: 1, delay: 1}
132 skip_fail: false
133
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300134- description: Restart services
135 cmd: |
136 systemctl restart salt-master;
137 systemctl restart salt-minion;
138 echo "Showing system info and metadata ...";
139 salt-call --no-color grains.items;
140 salt-call --no-color pillar.data;
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300141 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300142 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300143 skip_fail: false
144
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300145# Prepare salt services and nodes settings
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300146- description: Run 'linux' formula on cfg01
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300147 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300148 -C 'I@salt:master' state.sls linux;
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300149 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300150 retry: {count: 1, delay: 5}
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300151 skip_fail: false
152
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300153- description: Run 'openssh' formula on cfg01
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300154 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300155 -C 'I@salt:master' state.sls openssh;
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300156 salt --hard-crash --state-output=mixed --state-verbose=False
157 -C 'I@salt:master' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
158 yes/' /etc/ssh/sshd_config && service ssh restart";
159 node_name: {{ HOSTNAME_CFG01 }}
160 retry: {count: 3, delay: 5}
161 skip_fail: false
162
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300163- description: '*Workaround* of the bug https://mirantis.jira.com/browse/PROD-7962'
164 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
165 '*' cmd.run "echo ' StrictHostKeyChecking no' >> /root/.ssh/config"
166 node_name: {{ HOSTNAME_CFG01 }}
167 retry: {count: 1, delay: 1}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300168 skip_fail: false
169
Tatyana Leontovich30a9db12017-04-06 14:28:39 +0300170- description: Run 'reclass' formula on cfg01
171 cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
172 -C 'I@salt:master' reclass;
173 salt-call --no-color state.sls salt.master;
174 node_name: {{ HOSTNAME_CFG01 }}
175 retry: {count: 1, delay: 5}
176 skip_fail: true
177
178
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300179- description: Run 'salt' formula on cfg01
180 cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300181 -C 'I@salt:master' state.sls salt.master.service;
Tatyana Leontovich30a9db12017-04-06 14:28:39 +0300182 salt-call --no-color state.sls salt.master,salt.api,salt.minion.ca;
183 systemctl restart salt-minion;
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300184 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300185 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300186 skip_fail: true
187
188- description: Accept salt keys from all the nodes
189 cmd: salt-key -A -y
190 node_name: {{ HOSTNAME_CFG01 }}
191 retry: {count: 1, delay: 5}
192 skip_fail: false
193
194- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
195 cmd: salt --hard-crash --state-output=mixed --state-verbose=False
196 -C 'I@salt:master' state.sls reclass
197 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300198 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300199 skip_fail: false
200
201- description: Refresh pillars on all minions
202 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.refresh_pillar
203 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300204 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300205 skip_fail: false
206
207- description: Sync all salt resources
208 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.sync_all
209 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300210 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300211 skip_fail: false
212
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300213- description: Show reclass-salt --top
Tatyana Leontovich30a9db12017-04-06 14:28:39 +0300214 cmd: reclass-salt --top; salt-call --no-color state.sls salt.minion.cert -l info;
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300215 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300216 retry: {count: 1, delay: 5}
Tatyana Leontovich2dde4aa2017-04-04 13:06:10 +0300217 skip_fail: false
218
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300219
220# Bootstrap all nodes
221
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300222- description: Configure linux on controllers
223 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300224 linux
225 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300226 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300227 skip_fail: false
228
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300229- description: Configure linux on proxy
230 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'prx*' state.sls
231 linux
232 node_name: {{ HOSTNAME_CFG01 }}
233 retry: {count: 1, delay: 5}
234 skip_fail: false
235
236- description: Configure linux on gtw
237 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'gtw*' state.sls
238 linux
239 node_name: {{ HOSTNAME_CFG01 }}
240 retry: {count: 3, delay: 20}
241 skip_fail: false
242
243- description: Configure linux on cmp
244 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls
245 linux
246 node_name: {{ HOSTNAME_CFG01 }}
247 retry: {count: 3, delay: 20}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300248 skip_fail: false
249
250- description: Configure openssh on all nodes
251 cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
252 cfg*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
253 -C '* and not cfg*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
254 yes/' /etc/ssh/sshd_config && service ssh restart"
255 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300256 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300257 skip_fail: false
258
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300259- description: Configure salt.minion on ctl
260 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls salt.minion
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300261 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300262 retry: {count: 3, delay: 5}
263 skip_fail: false
264
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300265- description: Configure salt.minion on prx
266 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'prx*' state.sls salt.minion
267 node_name: {{ HOSTNAME_CFG01 }}
268 retry: {count: 3, delay: 5}
269 skip_fail: false
270
271
272- description: Configure salt.minion on gtw
273 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'gtw*' state.sls salt.minion
274 node_name: {{ HOSTNAME_CFG01 }}
275 retry: {count: 3, delay: 5}
276 skip_fail: false
277
278- description: Configure salt.minion on cmp
279 cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls salt.minion
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300280 node_name: {{ HOSTNAME_CFG01 }}
281 retry: {count: 3, delay: 5}
282 skip_fail: false
283
284- description: Check salt minion versions on slaves
285 cmd: salt '*' test.version
286 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300287 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300288 skip_fail: false
289
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300290- description: Check salt top states on nodes
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300291 cmd: salt '*' state.show_top
292 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300293 retry: {count: 1, delay: 5}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300294 skip_fail: false
295
Tatyana Leontovichdb84b992017-04-05 21:12:52 +0300296- description: Configure ntp and rsyslog on nodes
297 cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls ntp,rsyslog
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300298 node_name: {{ HOSTNAME_CFG01 }}
Tatyana Leontovich81128412017-04-05 18:46:29 +0300299 retry: {count: 1, delay: 10}
Tatyana Leontovich055b5062017-04-03 13:17:25 +0300300 skip_fail: false
301
Tatyana Leontovich4d0d8942017-04-06 19:10:56 +0300302- description: Hack gtw node
303 cmd: salt 'gtw*' cmd.run "ip addr del 172.16.10.110/24 dev ens4; ip addr flush dev ens4";
304 node_name: {{ HOSTNAME_CFG01 }}
305 retry: {count: 1, delay: 10}
306 skip_fail: false
307
308- description: Hack cmp01 node
309 cmd: salt 'cmp01*' cmd.run "ip addr del 172.16.10.105/24 dev ens4; ip addr flush dev ens4";
310 node_name: {{ HOSTNAME_CFG01 }}
311 retry: {count: 1, delay: 10}
312 skip_fail: false
313
314- description: Hack cmp02 node
315 cmd: salt 'cmp02*' cmd.run "ip addr del 172.16.10.106/24 dev ens4; ip addr flush dev ens4";
316 node_name: {{ HOSTNAME_CFG01 }}
317 retry: {count: 1, delay: 10}
318 skip_fail: false
319