Blame - cicd-lab-pipeline.groovy - mk/mk-pipelines

2017-02-24 18:26:18 +0100

[diff] [blame]

1

/**

2

*

3

* Launch heat stack with CI/CD lab infrastructure

4

*

5

* Expected parameters:

6

* HEAT_TEMPLATE_URL URL to git repo with Heat templates

7

* HEAT_TEMPLATE_CREDENTIALS Credentials to the Heat templates repo

8

* HEAT_TEMPLATE_BRANCH Heat templates repo branch

9

* HEAT_STACK_NAME Heat stack name

10

* HEAT_STACK_TEMPLATE Heat stack HOT template

11

* HEAT_STACK_ENVIRONMENT Heat stack environmental parameters

12

* HEAT_STACK_ZONE Heat stack availability zone

13

* HEAT_STACK_PUBLIC_NET Heat stack floating IP pool

14

* HEAT_STACK_DELETE Delete Heat stack when finished (bool)

15

* HEAT_STACK_CLEANUP_JOB Name of job for deleting Heat stack

16

* HEAT_STACK_REUSE Reuse Heat stack (don't create one)

17

*

18

* SALT_MASTER_CREDENTIALS Credentials to the Salt API

Filip Pytloun

e32fda8

2017-02-24 18:26:18 +0100

[diff] [blame]

19

* SALT_MASTER_PORT Port of salt-api, defaults to 8000

Filip Pytloun

2017-02-24 18:26:18 +0100

[diff] [blame]

20

*

21

* OPENSTACK_API_URL OpenStack API address

22

* OPENSTACK_API_CREDENTIALS Credentials to the OpenStack API

23

* OPENSTACK_API_PROJECT OpenStack project to connect to

24

* OPENSTACK_API_CLIENT Versions of OpenStack python clients

25

* OPENSTACK_API_VERSION Version of the OpenStack API (2/3)

*

*/

Filip Pytloun

2017-03-04 20:33:41 +0100

[diff] [blame]

29

common = new com.mirantis.mk.Common()

Filip Pytloun

2017-02-24 18:26:18 +0100

[diff] [blame]

30

git = new com.mirantis.mk.Git()

31

openstack = new com.mirantis.mk.Openstack()

32

salt = new com.mirantis.mk.Salt()

33

orchestrate = new com.mirantis.mk.Orchestrate()

34

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

timestamps {

node {

try {

// connection objects

39

def openstackCloud

40

def saltMaster

Filip Pytloun

2017-02-24 18:26:18 +0100

[diff] [blame]

41

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

42

// value defaults

43

def openstackVersion = OPENSTACK_API_CLIENT ? OPENSTACK_API_CLIENT : 'liberty'

44

def openstackEnv = "${env.WORKSPACE}/venv"

Filip Pytloun

2017-02-24 18:26:18 +0100

[diff] [blame]

45

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

46

try {

47

sshPubKey = SSH_PUBLIC_KEY

48

} catch (MissingPropertyException e) {

sshPubKey = false

}

Filip Pytloun

2017-03-03 10:39:26 +0100

[diff] [blame]

52

if (HEAT_STACK_REUSE.toBoolean() == true && HEAT_STACK_NAME == '') {

53

error("If you want to reuse existing stack you need to provide it's name")

54

}

55

56

if (HEAT_STACK_REUSE.toBoolean() == false) {

57

// Don't allow to set custom heat stack name

58

wrap([$class: 'BuildUser']) {

Tomáš Kukrál

24d7fe6

2017-03-03 10:57:11 +0100

[diff] [blame]

59

if (env.BUILD_USER_ID) {

60

HEAT_STACK_NAME = "${env.BUILD_USER_ID}-${JOB_NAME}-${BUILD_NUMBER}"

61

} else {

62

HEAT_STACK_NAME = "jenkins-${JOB_NAME}-${BUILD_NUMBER}"

63

}

Filip Pytloun

2017-03-03 10:39:26 +0100

[diff] [blame]

64

currentBuild.description = HEAT_STACK_NAME

65

}

Filip Pytloun

fd6726a

2017-02-28 19:31:16 +0100

[diff] [blame]

66

}

Filip Pytloun

5b0954b

2017-03-01 10:10:18 +0100

[diff] [blame]

67

Filip Pytloun

2017-03-01 09:44:52 +0100

[diff] [blame]

68

//

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

69

// Bootstrap

Filip Pytloun

2017-03-01 09:44:52 +0100

[diff] [blame]

70

//

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

71

72

stage ('Download Heat templates') {

73

git.checkoutGitRepository('template', HEAT_TEMPLATE_URL, HEAT_TEMPLATE_BRANCH, HEAT_TEMPLATE_CREDENTIALS)

Filip Pytloun

2017-03-01 09:44:52 +0100

[diff] [blame]

74

}

Filip Pytloun

2017-03-01 09:44:52 +0100

[diff] [blame]

75

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

76

stage('Install OpenStack CLI') {

77

openstack.setupOpenstackVirtualenv(openstackEnv, openstackVersion)

78

}

Filip Pytloun

64123cd

2017-03-01 11:26:17 +0100

[diff] [blame]

79

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

80

stage('Connect to OpenStack cloud') {

81

openstackCloud = openstack.createOpenstackEnv(OPENSTACK_API_URL, OPENSTACK_API_CREDENTIALS, OPENSTACK_API_PROJECT)

82

openstack.getKeystoneToken(openstackCloud, openstackEnv)

83

}

84

Filip Pytloun

2017-03-03 10:39:26 +0100

[diff] [blame]

85

if (HEAT_STACK_REUSE.toBoolean() == false) {

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

86

stage('Launch new Heat stack') {

87

envParams = [

88

'instance_zone': HEAT_STACK_ZONE,

89

'public_net': HEAT_STACK_PUBLIC_NET

90

]

91

openstack.createHeatStack(openstackCloud, HEAT_STACK_NAME, HEAT_STACK_TEMPLATE, envParams, HEAT_STACK_ENVIRONMENT, openstackEnv)

}

}

stage('Connect to Salt master') {

96

def saltMasterPort

97

try {

98

saltMasterPort = SALT_MASTER_PORT

99

} catch (MissingPropertyException e) {

Filip Pytloun

2ef2613

2017-03-10 09:44:37 +0100

[diff] [blame]

100

saltMasterPort = 6969

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

101

}

102

saltMasterHost = openstack.getHeatStackOutputParam(openstackCloud, HEAT_STACK_NAME, 'salt_master_ip', openstackEnv)

103

saltMasterUrl = "http://${saltMasterHost}:${saltMasterPort}"

104

saltMaster = salt.connection(saltMasterUrl, SALT_MASTER_CREDENTIALS)

}

//

// Install

//

stage('Install core infra') {

112

// salt.master, reclass

113

// refresh_pillar

114

// sync_all

115

// linux,openssh,salt.minion.ntp

116

117

orchestrate.installFoundationInfra(saltMaster)

118

orchestrate.validateFoundationInfra(saltMaster)

119

}

120

121

stage("Deploy GlusterFS") {

122

salt.enforceState(saltMaster, 'I@glusterfs:server', 'glusterfs.server.service', true)

123

salt.enforceState(saltMaster, 'ci01*', 'glusterfs.server.setup', true)

124

sleep(5)

125

salt.enforceState(saltMaster, 'I@glusterfs:client', 'glusterfs.client', true)

126

print salt.cmdRun(saltMaster, 'I@glusterfs:client', 'mount|grep fuse.glusterfs || echo "Command failed"')

127

}

128

129

stage("Deploy GlusterFS") {

130

salt.enforceState(saltMaster, 'I@haproxy:proxy', 'haproxy,keepalived')

131

}

132

133

stage("Setup Docker Swarm") {

134

salt.enforceState(saltMaster, 'I@docker:host', 'docker.host', true)

135

salt.enforceState(saltMaster, 'I@docker:swarm:role:master', 'docker.swarm', true)

136

salt.enforceState(saltMaster, 'I@docker:swarm:role:master', 'salt', true)

137

salt.runSaltProcessStep(saltMaster, 'I@docker:swarm:role:master', 'mine.flush')

138

salt.runSaltProcessStep(saltMaster, 'I@docker:swarm:role:master', 'mine.update')

139

salt.enforceState(saltMaster, 'I@docker:swarm', 'docker.swarm', true)

140

print salt.cmdRun(saltMaster, 'I@docker:swarm:role:master', 'docker node ls')

141

}

142

143

stage("Deploy Docker services") {

144

salt.enforceState(saltMaster, 'I@docker:swarm:role:master', 'docker.client')

145

146

// XXX: Hack to fix dependency of gerrit on mysql

147

print salt.cmdRun(saltMaster, 'I@docker:swarm:role:master', "docker service rm gerrit; sleep 5; rm -rf /srv/volumes/gerrit/*")

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

148

149

timeout(10) {

150

salt.cmdRun(saltMaster, 'I@docker:swarm:role:master', 'apt-get install -y mysql-client')

151

println "Waiting for MySQL to come up.."

152

salt.cmdRun(saltMaster, 'I@docker:swarm:role:master', 'while true; do mysql -h172.16.10.254 -ppassword -e"show status;" >/dev/null && break; done')

153

}

154

salt.enforceState(saltMaster, 'I@docker:swarm:role:master', 'docker.client')

155

// ---- cut here (end of hack) ----

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

156

}

157

158

stage("Configure CI/CD services") {

Filip Pytloun

29d0bc1

2017-03-10 14:39:26 +0100

[diff] [blame]

159

salt.syncAll(saltMaster, '*')

160

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

161

// Aptly

162

salt.enforceState(saltMaster, 'I@aptly:server', 'aptly', true)

// Gerrit

timeout(10) {

println "Waiting for Gerrit to come up.."

167

salt.cmdRun(saltMaster, 'I@gerrit:client', 'while true; do curl -svf 172.16.10.254:8080 >/dev/null && break; done')

168

}

169

retry(2) {

170

// Needs to run twice to pass __virtual__ method of gerrit module

171

// after installation of dependencies

172

try {

173

salt.enforceState(saltMaster, 'I@gerrit:client', 'gerrit', true)

174

} catch (Exception e) {

Filip Pytloun

2017-03-03 16:31:43 +0100

[diff] [blame]

175

common.infoMsg("Restarting Salt minion")

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

176

salt.cmdRun(saltMaster, 'I@gerrit:client', "exec 0>&-; exec 1>&-; exec 2>&-; nohup /bin/sh -c 'salt-call --local service.restart salt-minion' &")

sleep(5)

throw e

}

}

// Jenkins

timeout(10) {

println "Waiting for Jenkins to come up.."

185

salt.cmdRun(saltMaster, 'I@jenkins:client', 'while true; do curl -svf 172.16.10.254:8081 >/dev/null && break; done')

}

retry(2) {

// Same for jenkins

try {

salt.enforceState(saltMaster, 'I@jenkins:client', 'jenkins', true)

191

} catch (Exception e) {

Filip Pytloun

2017-03-03 16:31:43 +0100

[diff] [blame]

192

common.infoMsg("Restarting Salt minion")

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

193

salt.cmdRun(saltMaster, 'I@jenkins:client', "exec 0>&-; exec 1>&-; exec 2>&-; nohup /bin/sh -c 'salt-call --local service.restart salt-minion' &")

sleep(5)

throw e

}

}

}

stage("Finalize") {

//

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

202

// Deploy user's ssh key

203

//

Filip Pytloun

0da421f

2017-03-03 18:50:45 +0100

[diff] [blame]

204

def adminUser

205

def authorizedKeysFile

Filip Pytloun

bfa918a

2017-03-04 10:01:30 +0100

[diff] [blame]

206

def adminUserCmdOut = salt.cmdRun(saltMaster, 'I@salt:master', "[ -d /home/ubuntu ] && echo 'ubuntu user exists'")

207

if (adminUserCmdOut =~ /ubuntu user exists/) {

Filip Pytloun

0da421f

2017-03-03 18:50:45 +0100

[diff] [blame]

208

adminUser = "ubuntu"

209

authorizedKeysFile = "/home/ubuntu/.ssh/authorized_keys"

210

} else {

211

adminUser = "root"

212

authorizedKeysFile = "/root/.ssh/authorized_keys"

213

}

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

214

Filip Pytloun

0da421f

2017-03-03 18:50:45 +0100

[diff] [blame]

215

if (sshPubKey) {

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

216

println "Deploying provided ssh key at ${authorizedKeysFile}"

Filip Pytloun

4a847d6

2017-03-03 15:54:56 +0100

[diff] [blame]

217

salt.cmdRun(saltMaster, '*', "echo '${sshPubKey}' | tee -a ${authorizedKeysFile}")

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

218

}

219

220

//

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

221

// Generate docs

222

//

223

try {

Filip Pytloun

64ff079

2017-03-07 16:47:46 +0100

[diff] [blame]

224

try {

225

// Run sphinx state to install sphinx-build needed in

226

// upcomming orchestrate

227

salt.enforceState(saltMaster, 'I@sphinx:server', 'sphinx')

228

} catch (Throwable e) {

229

true

230

}

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

231

retry(3) {

Filip Pytloun

27e8fa0

2017-03-01 20:02:46 +0100

[diff] [blame]

232

// TODO: fix salt.orchestrateSystem

233

// print salt.orchestrateSystem(saltMaster, ['expression': '*', 'type': 'compound'], 'sphinx.orch.generate_doc')

Filip Pytloun

c17161d

2017-03-03 09:50:54 +0100

[diff] [blame]

234

def out = salt.cmdRun(saltMaster, 'I@salt:master', 'salt-run state.orchestrate sphinx.orch.generate_doc || echo "Command execution failed"')

235

print out

236

if (out =~ /Command execution failed/) {

237

throw new Exception("Command execution failed")

238

}

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

239

}

240

} catch (Throwable e) {

241

// We don't want sphinx docs to ruin whole build, so possible

242

// errors are just ignored here

243

true

244

}

245

salt.enforceState(saltMaster, 'I@nginx:server', 'nginx')

246

Filip Pytloun

bd61927

2017-03-22 12:21:01 +0100

[diff] [blame^]

247

def failedSvc = salt.cmdRun(saltMaster, '*', """systemctl --failed | grep -E 'loaded[ \t]+failed' && echo 'Command execution failed'""")

248

print failedSvc

249

if (failedSvc =~ /Command execution failed/) {

250

common.errorMsg("Some services are not running. Environment may not be fully functional!")

251

}

252

Filip Pytloun

d942739

2017-03-04 13:58:08 +0100

[diff] [blame]

253

common.successMsg("""

Filip Pytloun

2017-03-03 10:39:26 +0100

[diff] [blame]

254

============================================================

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

255

Your CI/CD lab has been deployed and you can enjoy it:

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

256

Use sshuttle to connect to your private subnet:

257

Filip Pytloun

2017-03-03 16:31:43 +0100

[diff] [blame]

258

sshuttle -r ${adminUser}@${saltMasterHost} 172.16.10.0/24

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

259

260

And visit services running at 172.16.10.254 (vip address):

261

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

9600 haproxy stats

8080 gerrit

8081 jenkins

8091 Docker swarm visualizer

266

8090 Reclass-generated documentation

267

Filip Pytloun

2017-03-03 14:13:41 +0100

[diff] [blame]

268

If you provided SSH_PUBLIC_KEY, you can use it to login,

269

otherwise you need to get private key connected to this

270

heat template.

271

272

DON'T FORGET TO TERMINATE YOUR STACK WHEN YOU DON'T NEED IT!

Filip Pytloun

2017-03-03 16:31:43 +0100

[diff] [blame]

273

============================================================""")

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

274

}

275

} catch (Throwable e) {

276

// If there was an error or exception thrown, the build failed

277

currentBuild.result = "FAILURE"

278

throw e

279

} finally {

280

// Cleanup

Filip Pytloun

2017-03-03 10:39:26 +0100

[diff] [blame]

281

if (HEAT_STACK_DELETE.toBoolean() == true) {

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

282

stage('Trigger cleanup job') {

Filip Pytloun

592773c

2017-03-03 14:17:00 +0100

[diff] [blame]

283

build job: 'deploy-heat-cleanup', parameters: [[$class: 'StringParameterValue', name: 'HEAT_STACK_NAME', value: HEAT_STACK_NAME]]

Filip Pytloun

2017-03-01 19:00:43 +0100

[diff] [blame]

284

}

Filip Pytloun

fd6726a

2017-02-28 19:31:16 +0100

[diff] [blame]

285

}

Filip Pytloun

2374198

2017-02-27 17:43:00 +0100

[diff] [blame]

286

}

Filip Pytloun

f6e877f

2017-02-28 19:38:16 +0100

[diff] [blame]

287

}

Filip Pytloun