Blame - tcp_tests/templates/virtual-mcp11-k8s-contrail/salt.yaml - mcp/tcp-qa

blob: 0ee9739b1c1c73d28f58f366959ed6a241f0c01a [file] [log] [blame]

Tatyana Leontovich	bb6d1a7	2017-05-17 14:10:38 +0300	[diff] [blame^]	1	{% from 'virtual-mcp11-k8s-contrail/underlay.yaml' import HOSTNAME_CFG01 with context %}
				2	{% from 'virtual-mcp11-k8s-contrail/underlay.yaml' import REPOSITORY_SUITE with context %}
				3
				4	{% set SALT_MODELS_REPOSITORY = os_env('SALT_MODELS_REPOSITORY','https://gerrit.mcp.mirantis.net/salt-models/mcp-virtual-lab') %}
				5	{% set SALT_MODELS_COMMIT = os_env('SALT_MODELS_COMMIT','master') %}
				6
				7	# Address pools for reclass cluster model are taken in the following order:
				8	# 1. environment variables,
				9	# 2. config.underlay.address_pools based on fuel-devops address pools
				10	# (see generated '.ini' file after underlay is created),
				11	# 3. defaults
				12	{% set address_pools = config.underlay.address_pools %}
				13	{% set IPV4_NET_ADMIN = os_env('IPV4_NET_ADMIN', address_pools.get('admin-pool01', '192.168.10.0/24')) %}
				14	{% set IPV4_NET_CONTROL = os_env('IPV4_NET_CONTROL', address_pools.get('private-pool01', '172.16.10.0/24')) %}
				15
				16	{% set IPV4_NET_ADMIN_PREFIX = '.'.join(IPV4_NET_ADMIN.split('.')[0:3]) %}
				17	{% set IPV4_NET_CONTROL_PREFIX = '.'.join(IPV4_NET_CONTROL.split('.')[0:3]) %}
				18
				19	- description: Installing salt master on cfg01
				20	cmd: eatmydata apt-get install -y reclass git salt-master
				21	node_name: {{ HOSTNAME_CFG01 }}
				22	retry: {count: 1, delay: 1}
				23	skip_fail: false
				24
				25	#- description: (moved to cloud-init config) Install common packages on cfg01
				26	# cmd: eatmydata apt-get install -y python-pip wget curl tmux byobu iputils-ping traceroute htop tree
				27	# node_name: {{ HOSTNAME_CFG01 }}
				28	# retry: {count: 1, delay: 1}
				29	# skip_fail: false
				30
				31	- description: Configure salt-master on cfg01
				32	cmd: \|
				33	cat << 'EOF' >> /etc/salt/master.d/master.conf
				34	file_roots:
				35	base:
				36	- /usr/share/salt-formulas/env
				37	pillar_opts: False
				38	open_mode: True
				39	reclass: &reclass
				40	storage_type: yaml_fs
				41	inventory_base_uri: /srv/salt/reclass
				42	ext_pillar:
				43	- reclass: *reclass
				44	master_tops:
				45	reclass: *reclass
				46	EOF
				47	node_name: {{ HOSTNAME_CFG01 }}
				48	retry: {count: 1, delay: 1}
				49	skip_fail: false
				50
				51	- description: Configure GIT settings and certificates
				52	cmd: touch /root/.git_trusted_certs.pem;
				53	for server in git.tcpcloud.eu github.com; do
				54	openssl s_client -showcerts -connect $server:443 </dev/null
				55	\| openssl x509 -outform PEM
				56	>> /root/.git_trusted_certs.pem;
				57	done;
				58	HOME=/root git config --global http.sslCAInfo /root/.git_trusted_certs.pem;
				59	HOME=/root git config --global user.email "tcp-qa@example.com";
				60	HOME=/root git config --global user.name "TCP QA";
				61	node_name: {{ HOSTNAME_CFG01 }}
				62	retry: {count: 1, delay: 1}
				63	skip_fail: false
				64
				65
				66	- description: Clone reclass models with submodules
				67	cmd: \|
				68	ssh-keyscan -H github.com >> ~/.ssh/known_hosts;
				69	git clone -b {{ SALT_MODELS_COMMIT }} --recurse-submodules {{ SALT_MODELS_REPOSITORY }} /srv/salt/reclass;
				70
				71	mkdir -p /srv/salt/reclass/classes/service;
				72
				73	# Replace firstly to an intermediate value to avoid intersection between
				74	# already replaced and replacing networks.
				75	# For example, if generated IPV4_NET_ADMIN_PREFIX=10.16.0 , then there is a risk of replacing twice:
				76	# 192.168.10 -> 10.16.0 (generated network for admin)
				77	# 10.16.0 -> <external network>
				78	# So let's replace constant networks to the keywords, and then keywords to the desired networks.
				79	find /srv/salt/reclass/ -type f -exec sed -i 's/192\.168\.10\./==IPV4_NET_ADMIN_PREFIX==/g' {} +
				80	find /srv/salt/reclass/ -type f -exec sed -i 's/172\.16\.10\./==IPV4_NET_CONTROL_PREFIX==/g' {} +
				81
				82	find /srv/salt/reclass/ -type f -exec sed -i 's/==IPV4_NET_ADMIN_PREFIX==/{{ IPV4_NET_ADMIN_PREFIX }}./g' {} +
				83	find /srv/salt/reclass/ -type f -exec sed -i 's/==IPV4_NET_CONTROL_PREFIX==/{{ IPV4_NET_CONTROL_PREFIX }}./g' {} +
				84
				85	find /srv/salt/reclass/ -type f -exec sed -i 's/apt_mk_version:.*/apt_mk_version: {{ REPOSITORY_SUITE }}/g' {} +
				86
				87	# Disable checkouting the model from remote repository
				88	cat << 'EOF' >> /srv/salt/reclass/nodes/{{ HOSTNAME_CFG01 }}.yml
				89	# local storage
				90	reclass:
				91	storage:
				92	data_source:
				93	engine: local
				94	EOF
				95
				96	# Show the changes to the console
				97	cd /srv/salt/reclass/; git diff
				98	node_name: {{ HOSTNAME_CFG01 }}
				99	retry: {count: 1, delay: 1}
				100	skip_fail: false
				101
				102	- description: Configure reclass
				103	cmd: \|
				104	FORMULA_PATH=${FORMULA_PATH:-/usr/share/salt-formulas};
				105	FORMULA_REPOSITORY=${FORMULA_REPOSITORY:-deb [arch=amd64] http://apt-mk.mirantis.com/xenial stable salt};
				106	FORMULA_GPG=${FORMULA_GPG:-http://apt-mk.mirantis.com/public.gpg};
				107	which wget > /dev/null \|\| (apt-get update; apt-get install -y wget);
				108	echo "${FORMULA_REPOSITORY}" > /etc/apt/sources.list.d/mcp_salt.list;
				109	wget -O - "${FORMULA_GPG}" \| apt-key add -;
				110	apt-get clean; apt-get update;
				111	[ ! -d /srv/salt/reclass/classes/service ] && mkdir -p /srv/salt/reclass/classes/service;
				112	declare -a formula_services=("linux" "reclass" "salt" "openssh" "ntp" "git" "nginx" "collectd" "sensu" "heka" "sphinx" "keystone" "mysql" "grafana" "haproxy" "rsyslog" "horizon");
				113	echo -e "\nInstalling all required salt formulas\n";
				114	eatmydata apt-get install -y "${formula_services[@]/#/salt-formula-}";
				115	for formula_service in "${formula_services[@]}"; do
				116	echo -e "\nLink service metadata for formula ${formula_service} ...\n";
				117	[ ! -L "/srv/salt/reclass/classes/service/${formula_service}" ] && ln -s ${FORMULA_PATH}/reclass/service/${formula_service} /srv/salt/reclass/classes/service/${formula_service};
				118	done;
				119	[ ! -d /srv/salt/env ] && mkdir -p /srv/salt/env;
				120	[ ! -L /srv/salt/env/prd ] && ln -s ${FORMULA_PATH}/env /srv/salt/env/prd;
				121	[ ! -d /etc/reclass ] && mkdir /etc/reclass;
				122
				123	cat << 'EOF' >> /etc/reclass/reclass-config.yml
				124	storage_type: yaml_fs
				125	pretty_print: True
				126	output: yaml
				127	inventory_base_uri: /srv/salt/reclass
				128	EOF
				129	node_name: {{ HOSTNAME_CFG01 }}
				130	retry: {count: 1, delay: 1}
				131	skip_fail: false
				132
				133	- description: Restart salt-master service
				134	cmd: \|
				135	systemctl restart salt-master;
				136	node_name: {{ HOSTNAME_CFG01 }}
				137	retry: {count: 1, delay: 5}
				138	skip_fail: false
				139
				140	{% for ssh in config.underlay.ssh %}
				141	- description: Configure salt-minion on {{ ssh['node_name'] }}
				142	cmd: \|
				143	[ ! -d /etc/salt/minion.d ] && mkdir -p /etc/salt/minion.d;
				144	cat << "EOF" >> /etc/salt/minion.d/minion.conf
				145	id: {{ ssh['node_name'] }}
				146	master: {{ config.salt.salt_master_host }}
				147	EOF
				148	eatmydata apt-get install -y salt-minion;
				149	echo "Check for system info and metadata availability ...";
				150	salt-call --no-color grains.items;
				151	salt-call --no-color pillar.items;
				152	node_name: {{ ssh['node_name'] }}
				153	retry: {count: 1, delay: 1}
				154	skip_fail: false
				155	{% endfor %}
				156
				157
				158	- description: Accept salt keys from all the nodes
				159	cmd: salt-key -A -y
				160	node_name: {{ HOSTNAME_CFG01 }}
				161	retry: {count: 1, delay: 5}
				162	skip_fail: true
				163
				164
				165	- description: Configure salt adoptors on cfg01
				166	cmd: \|
				167	ln -s /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py /usr/local/sbin/reclass-salt;
				168	chmod +x /usr/lib/python2.7/dist-packages/reclass/adapters/salt.py
				169	node_name: {{ HOSTNAME_CFG01 }}
				170	retry: {count: 1, delay: 1}
				171	skip_fail: false
				172
				173
				174	# Prepare salt services and nodes settings
				175	- description: Run 'linux' formula on cfg01
				176	cmd: salt --hard-crash --state-output=mixed --state-verbose=False
				177	-C 'I@salt:master' state.sls linux;
				178	node_name: {{ HOSTNAME_CFG01 }}
				179	retry: {count: 1, delay: 5}
				180	skip_fail: false
				181
				182
				183	- description: Run 'openssh' formula on cfg01
				184	cmd: salt --hard-crash --state-output=mixed --state-verbose=False
				185	-C 'I@salt:master' state.sls openssh;
				186	salt --hard-crash --state-output=mixed --state-verbose=False
				187	-C 'I@salt:master' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
				188	yes/' /etc/ssh/sshd_config && service ssh restart";
				189	node_name: {{ HOSTNAME_CFG01 }}
				190	retry: {count: 3, delay: 5}
				191	skip_fail: false
				192
				193
				194	- description: 'Workaround of the bug https://mirantis.jira.com/browse/PROD-7962'
				195	cmd: salt --hard-crash --state-output=mixed --state-verbose=False
				196	'*' cmd.run "echo ' StrictHostKeyChecking no' >> /root/.ssh/config"
				197	node_name: {{ HOSTNAME_CFG01 }}
				198	retry: {count: 1, delay: 1}
				199	skip_fail: false
				200
				201	- description: Run 'salt.master' formula on cfg01
				202	cmd: timeout 120 salt --hard-crash --state-output=mixed --state-verbose=False
				203	-C 'I@salt:master' state.sls salt.master.service;
				204	node_name: {{ HOSTNAME_CFG01 }}
				205	retry: {count: 2, delay: 5}
				206	skip_fail: false
				207
				208	- description: Run 'salt' formula on cfg01 with workaround proposed in PROD-10894
				209	cmd: salt --hard-crash --state-output=mixed --state-verbose=False
				210	-C 'I@salt:master' state.sls salt;
				211	salt --hard-crash --state-output=mixed --state-verbose=False
				212	-C 'I@salt:master' saltutil.sync_all
				213	node_name: {{ HOSTNAME_CFG01 }}
				214	retry: {count: 5, delay: 5}
				215	skip_fail: false
				216
				217	- description: Generate inventory for all the nodes to the /srv/salt/reclass/nodes/_generated
				218	cmd: salt --hard-crash --state-output=mixed --state-verbose=False
				219	-C 'I@salt:master' state.sls reclass
				220	node_name: {{ HOSTNAME_CFG01 }}
				221	retry: {count: 1, delay: 5}
				222	skip_fail: false
				223
				224	- description: Refresh pillars on all minions
				225	cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.refresh_pillar
				226	node_name: {{ HOSTNAME_CFG01 }}
				227	retry: {count: 1, delay: 5}
				228	skip_fail: false
				229
				230	- description: Sync all salt resources
				231	cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' saltutil.sync_all
				232	node_name: {{ HOSTNAME_CFG01 }}
				233	retry: {count: 1, delay: 5}
				234	skip_fail: false
				235
				236	- description: Show reclass-salt --top
				237	cmd: reclass-salt --top
				238	node_name: {{ HOSTNAME_CFG01 }}
				239	retry: {count: 1, delay: 5}
				240	skip_fail: false
				241
				242	- description: Execute salt.minion.cert
				243	cmd: salt-call --no-color state.sls salt.minion.cert -l info;
				244	node_name: {{ HOSTNAME_CFG01 }}
				245	retry: {count: 1, delay: 5}
				246	skip_fail: false
				247
				248	# Bootstrap all nodes
				249
				250	- description: Configure linux on controllers
				251	cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls
				252	linux
				253	node_name: {{ HOSTNAME_CFG01 }}
				254	retry: {count: 1, delay: 5}
				255	skip_fail: false
				256
				257	- description: Configure linux on cmp
				258	cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls
				259	linux
				260	node_name: {{ HOSTNAME_CFG01 }}
				261	retry: {count: 3, delay: 20}
				262	skip_fail: false
				263
				264	- description: Configure openssh on all nodes
				265	cmd: salt --hard-crash --state-output=mixed --state-verbose=False -C '* and not
				266	cfg*' state.sls openssh;salt --hard-crash --state-output=mixed --state-verbose=False
				267	-C '* and not cfg*' cmd.run "sed -i 's/PasswordAuthentication no/PasswordAuthentication
				268	yes/' /etc/ssh/sshd_config && service ssh restart"
				269	node_name: {{ HOSTNAME_CFG01 }}
				270	retry: {count: 1, delay: 5}
				271	skip_fail: false
				272
				273	- description: Configure salt.minion on ctl
				274	cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'ctl*' state.sls salt.minion
				275	node_name: {{ HOSTNAME_CFG01 }}
				276	retry: {count: 3, delay: 5}
				277	skip_fail: false
				278
				279	- description: Configure salt.minion on cmp
				280	cmd: salt --hard-crash --state-output=mixed --state-verbose=False 'cmp*' state.sls salt.minion
				281	node_name: {{ HOSTNAME_CFG01 }}
				282	retry: {count: 3, delay: 5}
				283	skip_fail: false
				284
				285	- description: Check salt minion versions on slaves
				286	cmd: salt '*' test.version
				287	node_name: {{ HOSTNAME_CFG01 }}
				288	retry: {count: 1, delay: 5}
				289	skip_fail: false
				290
				291	- description: Check salt top states on nodes
				292	cmd: salt '*' state.show_top
				293	node_name: {{ HOSTNAME_CFG01 }}
				294	retry: {count: 1, delay: 5}
				295	skip_fail: false
				296
				297	- description: Configure ntp and rsyslog on nodes
				298	cmd: salt --hard-crash --state-output=mixed --state-verbose=False '*' state.sls ntp,rsyslog
				299	node_name: {{ HOSTNAME_CFG01 }}
				300	retry: {count: 1, delay: 10}
				301	skip_fail: false