| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 1 | def common = new com.mirantis.mk.Common() |
| 2 | def salt = new com.mirantis.mk.Salt() |
| 3 | def python = new com.mirantis.mk.Python() |
| Pavel Cizinsky | 32d8bc8 | 2019-04-24 10:24:30 +0200 | [diff] [blame] | 4 | def pepperEnv = "pepperEnv" |
| Denis Egorenko | 7c06606 | 2019-07-25 16:57:48 +0400 | [diff] [blame] | 5 | def askConfirmation = (env.getProperty('ASK_CONFIRMATION') ?: true).toBoolean() |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 6 | def backupSaltMasterAndMaas = (env.getProperty('BACKUP_SALTMASTER_AND_MAAS') ?: true).toBoolean() |
| 7 | def backupDogtag = (env.getProperty('BACKUP_DOGTAG') ?: true).toBoolean() |
| Oleksii Molchanov | 8d8bf17 | 2020-11-10 21:31:15 +0200 | [diff] [blame] | 8 | def backupKeystone = (env.getProperty('BACKUP_KEYSTONE_CREDENTIAL_KEYS') ?: true).toBoolean() |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 9 | def saltMasterTargetMatcher = "I@backupninja:client and I@salt:master" |
| 10 | def dogtagTagetMatcher = "I@backupninja:client and I@dogtag:server" |
| Oleksii Molchanov | 8d8bf17 | 2020-11-10 21:31:15 +0200 | [diff] [blame] | 11 | def keystoneTargetMatcher = "I@backupninja:client and I@keystone:server" |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 12 | logBackupSuccess = [] |
| 13 | logBackupFailure = [] |
| 14 | |
| 15 | def checkBackupninjaLog(output, backupName='', terminateOnFailure=true) { |
| Martin Polreich | 8706c02 | 2019-09-30 16:51:13 +0200 | [diff] [blame] | 16 | def common = new com.mirantis.mk.Common() |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 17 | def outputPattern = java.util.regex.Pattern.compile("\\d+") |
| 18 | def outputMatcher = outputPattern.matcher(output) |
| 19 | if (outputMatcher.find()) { |
| 20 | try { |
| 21 | result = outputMatcher.getAt([0, 1, 2, 3]) |
| 22 | if (result[1] != null && result[1] instanceof String && result[1].isInteger() && (result[1].toInteger() < 1)) { |
| 23 | common.successMsg("[${backupName}] - Backup successfully finished " + result[1] + " fatals, " + result[2] + " errors " + result[3] + " warnings.") |
| 24 | logBackupSuccess.add(backupName) |
| 25 | } else { |
| 26 | common.errorMsg("[${backupName}] - Backup failed. Found " + result[1] + " fatals, " + result[2] + " errors " + result[3] + " warnings.") |
| 27 | logBackupFailure.add(backupName) |
| 28 | } |
| 29 | } |
| 30 | catch (Exception e) { |
| 31 | common.errorMsg(e.getMessage()) |
| 32 | common.errorMsg("[${backupName}] - Backupninja log parsing failed.") |
| 33 | logBackupFailure.add(backupName) |
| 34 | } |
| 35 | } |
| 36 | } |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 37 | |
| 38 | timeout(time: 12, unit: 'HOURS') { |
| 39 | node() { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 40 | def saltMasterBackupNode = '' |
| 41 | def dogtagBackupNode = '' |
| Oleksii Molchanov | 8d8bf17 | 2020-11-10 21:31:15 +0200 | [diff] [blame] | 42 | def keystoneBackupNode = '' |
| Denis Egorenko | 1542bf2 | 2019-07-24 17:05:24 +0400 | [diff] [blame] | 43 | def backupServer = '' |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 44 | stage('Setup virtualenv for Pepper') { |
| 45 | python.setupPepperVirtualenv(pepperEnv, SALT_MASTER_URL, SALT_MASTER_CREDENTIALS) |
| 46 | } |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 47 | stage('Verify pillar for backups') { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 48 | if (backupSaltMasterAndMaas) { |
| 49 | try { |
| Denis Egorenko | ad3e830 | 2019-10-31 16:41:53 +0400 | [diff] [blame] | 50 | def masterPillar = salt.getPillar(pepperEnv, "I@salt:master", 'salt:master:initial_data').get('return')[0].values()[0] |
| 51 | if (masterPillar.isEmpty()) { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 52 | throw new Exception("Problem with salt-master pillar on 'I@salt:master' node.") |
| 53 | } |
| Denis Egorenko | ad3e830 | 2019-10-31 16:41:53 +0400 | [diff] [blame] | 54 | def minionPillar = salt.getPillar(pepperEnv, "I@salt:master", 'salt:minion:initial_data').get('return')[0].values()[0] |
| 55 | if (minionPillar.isEmpty()) { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 56 | throw new Exception("Problem with salt-minion pillar on I@salt:master node.") |
| 57 | } |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 58 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 59 | catch (Exception e) { |
| 60 | common.errorMsg(e.getMessage()) |
| 61 | common.errorMsg('Please fix your pillar. For more information check docs: https://docs.mirantis.com/mcp/latest/mcp-operations-guide/backup-restore/salt-master.html') |
| Denis Egorenko | ad3e830 | 2019-10-31 16:41:53 +0400 | [diff] [blame] | 62 | throw e |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 63 | } |
| 64 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 65 | if (backupDogtag) { |
| Denis Egorenko | 5b6cdd9 | 2019-11-07 15:48:43 +0400 | [diff] [blame] | 66 | def barbicanBackendPresent = salt.getPillar(pepperEnv, "I@salt:master", "_param:barbican_backend").get('return')[0].values()[0] |
| 67 | if (barbicanBackendPresent == 'dogtag') { |
| 68 | try { |
| 69 | def dogtagPillar = salt.getPillar(pepperEnv, "I@dogtag:server", "dogtag:server").get('return')[0].values()[0] |
| 70 | if (dogtagPillar.isEmpty()) { |
| 71 | throw new Exception("Problem with dogtag pillar on I@dogtag:server node.") |
| 72 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 73 | } |
| Denis Egorenko | 5b6cdd9 | 2019-11-07 15:48:43 +0400 | [diff] [blame] | 74 | catch (Exception e) { |
| 75 | common.errorMsg(e.getMessage()) |
| 76 | common.errorMsg("Looks like dogtag pillar is not defined. Fix your pillar or disable dogtag backup by setting the BACKUP_DOGTAG parameter to False if you're using different barbican backend.") |
| 77 | throw e |
| 78 | } |
| 79 | } else { |
| 80 | backupDogtag = false |
| 81 | common.warningMsg('Backup for Dogtag is enabled, but service itself is not present. Skipping...') |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 82 | } |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 83 | } |
| 84 | } |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 85 | stage('Check backup location') { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 86 | if (backupSaltMasterAndMaas) { |
| 87 | try { |
| 88 | saltMasterBackupNode = salt.getMinionsSorted(pepperEnv, saltMasterTargetMatcher)[0] |
| 89 | salt.minionsReachable(pepperEnv, "I@salt:master", saltMasterBackupNode) |
| 90 | } |
| 91 | catch (Exception e) { |
| 92 | common.errorMsg(e.getMessage()) |
| 93 | common.errorMsg("Pipeline wasn't able to detect backupninja:client pillar on Salt master node or the minion is not reachable") |
| 94 | currentBuild.result = "FAILURE" |
| Denis Egorenko | ad3e830 | 2019-10-31 16:41:53 +0400 | [diff] [blame] | 95 | throw e |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 96 | } |
| Denis Egorenko | 1542bf2 | 2019-07-24 17:05:24 +0400 | [diff] [blame] | 97 | |
| Ivan Berezovskiy | e57361c | 2019-10-29 18:55:17 +0400 | [diff] [blame] | 98 | def maasNodes = salt.getMinions(pepperEnv, 'I@maas:region') |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 99 | if (!maasNodes.isEmpty()) { |
| 100 | def postgresqlMajorVersion = salt.getPillar(pepperEnv, 'I@salt:master', '_param:postgresql_major_version').get('return')[0].values()[0] |
| 101 | if (! postgresqlMajorVersion) { |
| 102 | common.errorMsg("Can't get _param:postgresql_major_version parameter, which is required to determine postgresql-client version. Is it defined in pillar?") |
| Martin Polreich | de3066a | 2019-08-02 15:33:18 +0200 | [diff] [blame] | 103 | if (askConfirmation) { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 104 | input message: "Confirm to proceed anyway." |
| Martin Polreich | de3066a | 2019-08-02 15:33:18 +0200 | [diff] [blame] | 105 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 106 | } else { |
| Ivan Berezovskiy | e57361c | 2019-10-29 18:55:17 +0400 | [diff] [blame] | 107 | def postgresqlClientPackages = "postgresql-client-${postgresqlMajorVersion}" |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 108 | try { |
| Ivan Berezovskiy | e57361c | 2019-10-29 18:55:17 +0400 | [diff] [blame] | 109 | if (!salt.isPackageInstalled(['saltId': pepperEnv, 'target': saltMasterBackupNode, 'packageName': postgresqlClientPackages, 'output': false])) { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 110 | if (askConfirmation) { |
| 111 | input message: "Do you want to install ${postgresqlClientPackages} package on targeted nodes: ${saltMasterBackupNode}? It's required to make backup. Click to confirm." |
| 112 | } else { |
| 113 | common.infoMsg("Package ${postgresqlClientPackages} will be installed. It's required to make backup.") |
| 114 | } |
| 115 | // update also common fake package |
| Ivan Berezovskiy | e57361c | 2019-10-29 18:55:17 +0400 | [diff] [blame] | 116 | salt.runSaltProcessStep(pepperEnv, saltMasterBackupNode, 'pkg.install', ["postgresql-client,${postgresqlClientPackages}"]) |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 117 | } |
| 118 | } catch (Exception e) { |
| 119 | common.errorMsg("Unable to determine status of ${postgresqlClientPackages} packages on target nodes: ${saltMasterBackupNode}.") |
| 120 | if (askConfirmation) { |
| 121 | input message: "Do you want to continue? Click to confirm" |
| 122 | } |
| Martin Polreich | de3066a | 2019-08-02 15:33:18 +0200 | [diff] [blame] | 123 | } |
| Denis Egorenko | 1542bf2 | 2019-07-24 17:05:24 +0400 | [diff] [blame] | 124 | } |
| 125 | } |
| 126 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 127 | if (backupDogtag) { |
| 128 | try { |
| 129 | dogtagBackupNode = salt.getMinionsSorted(pepperEnv, dogtagTagetMatcher)[0] |
| 130 | salt.minionsReachable(pepperEnv, "I@salt:master", dogtagBackupNode) |
| 131 | } |
| 132 | catch (Exception e) { |
| 133 | common.errorMsg(e.getMessage()) |
| 134 | common.errorMsg("Pipeline wasn't able to detect node with backupninja:client and dogtag:server pillars defined or the minion is not reachable") |
| 135 | currentBuild.result = "FAILURE" |
| Denis Egorenko | ad3e830 | 2019-10-31 16:41:53 +0400 | [diff] [blame] | 136 | throw e |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 137 | } |
| 138 | } |
| Denis Egorenko | 1542bf2 | 2019-07-24 17:05:24 +0400 | [diff] [blame] | 139 | |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 140 | try { |
| 141 | backupServer = salt.getMinions(pepperEnv, "I@backupninja:server")[0] |
| 142 | salt.minionsReachable(pepperEnv, "I@salt:master", backupServer) |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 143 | } |
| 144 | catch (Exception e) { |
| 145 | common.errorMsg(e.getMessage()) |
| 146 | common.errorMsg("Pipeline wasn't able to detect backupninja:server pillar or the minion is not reachable") |
| 147 | currentBuild.result = "FAILURE" |
| Denis Egorenko | ad3e830 | 2019-10-31 16:41:53 +0400 | [diff] [blame] | 148 | throw e |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 149 | } |
| Oleksii Molchanov | 8d8bf17 | 2020-11-10 21:31:15 +0200 | [diff] [blame] | 150 | if (backupKeystone) { |
| 151 | try { |
| 152 | keystoneBackupNode = salt.getMinionsSorted(pepperEnv, keystoneTargetMatcher)[0] |
| 153 | salt.minionsReachable(pepperEnv, "I@salt:master", keystoneBackupNode) |
| 154 | } |
| 155 | catch (Exception e) { |
| 156 | common.errorMsg(e.getMessage()) |
| 157 | common.errorMsg("Pipeline wasn't able to detect node with backupninja:client and keystone:server pillars defined or the minion is not reachable") |
| 158 | currentBuild.result = "FAILURE" |
| 159 | throw e |
| 160 | } |
| 161 | } |
| 162 | |
| 163 | try { |
| 164 | backupServer = salt.getMinions(pepperEnv, "I@backupninja:server")[0] |
| 165 | salt.minionsReachable(pepperEnv, "I@salt:master", backupServer) |
| 166 | } |
| 167 | catch (Exception e) { |
| 168 | common.errorMsg(e.getMessage()) |
| 169 | common.errorMsg("Pipeline wasn't able to detect backupninja:server pillar or the minion is not reachable") |
| 170 | currentBuild.result = "FAILURE" |
| 171 | throw e |
| 172 | } |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 173 | } |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 174 | stage('Prepare for backup') { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 175 | if (backupSaltMasterAndMaas) { |
| 176 | salt.enforceState(['saltId': pepperEnv, 'target': 'I@backupninja:server', 'state': 'backupninja']) |
| 177 | salt.enforceState(['saltId': pepperEnv, 'target': saltMasterTargetMatcher, 'state': 'backupninja']) |
| 178 | def backupMasterSource = salt.getReturnValues(salt.getPillar(pepperEnv, saltMasterBackupNode, 'salt:master:initial_data:source')) |
| 179 | def backupMinionSource = salt.getReturnValues(salt.getPillar(pepperEnv, saltMasterBackupNode, 'salt:minion:initial_data:source')) |
| 180 | // TODO: Remove ssh-keyscan once we have openssh meta for backupninja implemented |
| 181 | [backupServer, backupMasterSource, backupMinionSource].unique().each { |
| 182 | salt.cmdRun(pepperEnv, saltMasterBackupNode, "ssh-keygen -F ${it} || ssh-keyscan -H ${it} >> /root/.ssh/known_hosts") |
| 183 | } |
| 184 | def maasNodes = salt.getMinions(pepperEnv, 'I@maas:region') |
| 185 | if (!maasNodes.isEmpty()) { |
| 186 | common.infoMsg("Trying to save maas file permissions on ${maasNodes} if possible") |
| Ivan Berezovskiy | aa4a0ee | 2019-11-26 19:07:07 +0400 | [diff] [blame] | 187 | salt.cmdRun(pepperEnv, 'I@maas:region', 'which getfacl && ' + |
| 188 | 'getfacl -pR /var/lib/maas/ > /var/lib/maas/file_permissions.txt &&' + |
| 189 | 'getfacl -pR /etc/maas/ > /etc/maas/file_permissions.txt || true') |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 190 | } |
| Ivan Berezovskiy | 8428b8d | 2019-07-22 16:54:06 +0400 | [diff] [blame] | 191 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 192 | if (backupDogtag) { |
| 193 | salt.enforceState(['saltId': pepperEnv, 'target': 'I@backupninja:server', 'state': 'backupninja']) |
| 194 | salt.enforceState(['saltId': pepperEnv, 'target': dogtagTagetMatcher, 'state': 'backupninja']) |
| Ivan Berezovskiy | c5a153c | 2019-08-09 21:07:37 +0400 | [diff] [blame] | 195 | } |
| Oleksii Molchanov | 8d8bf17 | 2020-11-10 21:31:15 +0200 | [diff] [blame] | 196 | if (backupKeystone) { |
| 197 | salt.enforceState(['saltId': pepperEnv, 'target': keystoneTargetMatcher, 'state': 'backupninja']) |
| 198 | salt.enforceState(['saltId': pepperEnv, 'target': 'I@backupninja:server', 'state': 'backupninja']) |
| 199 | } |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 200 | } |
| 201 | stage('Backup') { |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 202 | if (backupSaltMasterAndMaas) { |
| 203 | def output = salt.getReturnValues(salt.cmdRun(pepperEnv, saltMasterBackupNode, "su root -c 'backupninja --now -d'")).readLines()[-2] |
| 204 | checkBackupninjaLog(output, "Salt Master/MAAS") |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 205 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 206 | if (backupDogtag) { |
| 207 | def output = salt.getReturnValues(salt.cmdRun(pepperEnv, dogtagBackupNode, "su root -c 'backupninja --now -d'")).readLines()[-2] |
| 208 | checkBackupninjaLog(output, "Dogtag") |
| 209 | } |
| Oleksii Molchanov | 8d8bf17 | 2020-11-10 21:31:15 +0200 | [diff] [blame] | 210 | if (backupKeystone) { |
| 211 | def output = salt.getReturnValues(salt.cmdRun(pepperEnv, keystoneBackupNode, "su root -c 'backupninja --now -d'")).readLines()[-2] |
| 212 | checkBackupninjaLog(output, "Keystone") |
| 213 | } |
| Martin Polreich | d60c86d | 2019-08-23 15:47:37 +0200 | [diff] [blame] | 214 | } |
| 215 | stage('Results') { |
| 216 | if (logBackupSuccess.size() > 0) { |
| 217 | common.infoMsg("Following backups finished successfully: ${logBackupSuccess.join(",")}") |
| 218 | } |
| 219 | if (logBackupFailure.size() > 0) { |
| 220 | common.errorMsg("Following backups has failed: ${logBackupFailure.join(",")}. Make sure to check the logs.") |
| Martin Polreich | 30a37cf | 2019-05-14 10:16:34 +0200 | [diff] [blame] | 221 | currentBuild.result = "FAILURE" |
| Pavel Cizinsky | aa2d21b | 2019-03-19 11:08:05 +0100 | [diff] [blame] | 222 | } |
| 223 | } |
| 224 | } |
| 225 | } |