diff options
author | James Slagle <jslagle@redhat.com> | 2017-06-16 11:13:25 -0400 |
---|---|---|
committer | James Slagle <jslagle@redhat.com> | 2017-06-16 11:13:25 -0400 |
commit | d6c0979eb3de79b8c3a79ea5798498f0241eb32d (patch) | |
tree | 808607f65fe92d9e57b20c62b48159123818da0b | |
parent | 0354927a1143dd766cab4b9a88d4af84e404d6d9 (diff) |
Blacklist support for ExtraConfig
Commit I46941e54a476c7cc8645cd1aff391c9c6c5434de added support for
blacklisting servers from triggered Heat deployments.
This commit adds that functionality to the remaining Deployments in
tripleo-heat-templates for the ExtraConfig interfaces.
Since we can not (should not) change the interface to ExtraConfig, Heat
conditions are used on the actual <role>ExtraConfigPre and
NodeExtraConfig resources instead of using the actions approach on
Deployments.
Change-Id: I38fdb50d1d966a6c3651980c52298317fa3bece4
-rw-r--r-- | extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml | 25 | ||||
-rw-r--r-- | extraconfig/pre_network/config_then_reboot.yaml | 24 | ||||
-rw-r--r-- | extraconfig/pre_network/host_config_and_reboot.role.j2.yaml | 23 | ||||
-rw-r--r-- | extraconfig/pre_network/host_config_and_reboot.yaml | 23 | ||||
-rw-r--r-- | extraconfig/tasks/ssh/host_public_key.yaml | 8 | ||||
-rw-r--r-- | puppet/blockstorage-role.yaml | 14 | ||||
-rw-r--r-- | puppet/cephstorage-role.yaml | 17 | ||||
-rw-r--r-- | puppet/compute-role.yaml | 17 | ||||
-rw-r--r-- | puppet/controller-role.yaml | 17 | ||||
-rw-r--r-- | puppet/objectstorage-role.yaml | 14 | ||||
-rw-r--r-- | puppet/role.role.j2.yaml | 17 |
11 files changed, 192 insertions, 7 deletions
diff --git a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml index 96632bc2..fb0d1699 100644 --- a/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml +++ b/extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml @@ -59,6 +59,19 @@ parameters: description: | When enabled, the system will perform a yum update after performing the RHEL Registration process. + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. + +conditions: + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: @@ -136,7 +149,11 @@ resources: name: RHELUnregistrationDeployment server: {get_param: server} config: {get_resource: RHELUnregistration} - actions: ['DELETE'] # Only do this on DELETE + actions: + if: + - deployment_actions_empty + - [] + - ['DELETE'] # Only do this on DELETE input_values: REG_METHOD: {get_param: rhel_reg_method} @@ -169,7 +186,11 @@ resources: name: UpdateDeploymentAfterRHELRegistration config: {get_resource: YumUpdateConfigurationAfterRHELRegistration} server: {get_param: server} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE outputs: deploy_stdout: diff --git a/extraconfig/pre_network/config_then_reboot.yaml b/extraconfig/pre_network/config_then_reboot.yaml index 48ba5263..79cb7cbc 100644 --- a/extraconfig/pre_network/config_then_reboot.yaml +++ b/extraconfig/pre_network/config_then_reboot.yaml @@ -7,6 +7,19 @@ description: > parameters: server: type: string + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. + +conditions: + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: @@ -24,6 +37,11 @@ resources: name: SomeDeployment server: {get_param: server} config: {get_resource: SomeConfig} + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE actions: ['CREATE'] # Only do this on CREATE RebootConfig: @@ -44,5 +62,9 @@ resources: name: RebootDeployment server: {get_param: server} config: {get_resource: RebootConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE signal_transport: NO_SIGNAL diff --git a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml index 41d8f4f6..fe52ef7e 100644 --- a/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml +++ b/extraconfig/pre_network/host_config_and_reboot.role.j2.yaml @@ -19,6 +19,13 @@ parameters: {{role}}HostCpusList: type: string default: "" + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. parameter_group: - label: deprecated @@ -38,6 +45,10 @@ conditions: equals: - get_param: {{role}}TunedProfileName - "" + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: @@ -62,7 +73,11 @@ resources: name: HostParametersDeployment server: {get_param: server} config: {get_resource: HostParametersConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE input_values: _KERNEL_ARGS_: {get_param: {{role}}KernelArgs} _TUNED_PROFILE_NAME_: {get_param: {{role}}TunedProfileName} @@ -88,7 +103,11 @@ resources: name: RebootDeployment server: {get_param: server} config: {get_resource: RebootConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE signal_transport: NO_SIGNAL outputs: diff --git a/extraconfig/pre_network/host_config_and_reboot.yaml b/extraconfig/pre_network/host_config_and_reboot.yaml index 74e716ad..21309dd5 100644 --- a/extraconfig/pre_network/host_config_and_reboot.yaml +++ b/extraconfig/pre_network/host_config_and_reboot.yaml @@ -11,9 +11,20 @@ parameters: type: json description: Role Specific parameters default: {} + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. conditions: is_host_config_required: {not: {equals: [{get_param: [RoleParameters, KernelArgs]}, ""]}} + deployment_actions_empty: + equals: + - {get_param: deployment_actions} + - [] resources: HostParametersConfig: @@ -37,7 +48,11 @@ resources: name: HostParametersDeployment server: {get_param: server} config: {get_resource: HostParametersConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE input_values: _KERNEL_ARGS_: {get_param: [RoleParameters, KernelArgs]} _TUNED_PROFILE_NAME_: {get_param: [RoleParameters, TunedProfileName]} @@ -63,7 +78,11 @@ resources: name: RebootDeployment server: {get_param: server} config: {get_resource: RebootConfig} - actions: ['CREATE'] # Only do this on CREATE + actions: + if: + - deployment_actions_empty + - [] + - ['CREATE'] # Only do this on CREATE signal_transport: NO_SIGNAL outputs: diff --git a/extraconfig/tasks/ssh/host_public_key.yaml b/extraconfig/tasks/ssh/host_public_key.yaml index e4ba0cc4..02fdbf1c 100644 --- a/extraconfig/tasks/ssh/host_public_key.yaml +++ b/extraconfig/tasks/ssh/host_public_key.yaml @@ -7,6 +7,13 @@ parameters: server: description: ID of the node to apply this config to type: string + deployment_actions: + default: ['CREATE', 'UPDATE'] + type: comma_delimited_list + description: > + List of stack actions that will trigger any deployments in this + templates. The actions will be an empty list of the server is in the + toplevel DeploymentServerBlacklist parameter's value. resources: SshHostPubKeyConfig: @@ -28,6 +35,7 @@ resources: properties: config: {get_resource: SshHostPubKeyConfig} server: {get_param: server} + actions: {get_param: deployment_actions} outputs: diff --git a/puppet/blockstorage-role.yaml b/puppet/blockstorage-role.yaml index 08bc03a5..18f8d960 100644 --- a/puppet/blockstorage-role.yaml +++ b/puppet/blockstorage-role.yaml @@ -377,6 +377,7 @@ resources: properties: server: {get_resource: BlockStorage} RoleParameters: {get_param: RoleParameters} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -485,6 +486,9 @@ resources: NodeExtraConfig: depends_on: NodeTLSCAData type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: BlockStorage} @@ -507,11 +511,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: BlockStorageDeployment properties: server: {get_resource: BlockStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: diff --git a/puppet/cephstorage-role.yaml b/puppet/cephstorage-role.yaml index 3f596423..d63b60b1 100644 --- a/puppet/cephstorage-role.yaml +++ b/puppet/cephstorage-role.yaml @@ -383,6 +383,7 @@ resources: properties: server: {get_resource: CephStorage} RoleParameters: {get_param: RoleParameters} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -489,6 +490,9 @@ resources: CephStorageExtraConfigPre: depends_on: CephStorageDeployment type: OS::TripleO::CephStorageExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: CephStorage} @@ -497,6 +501,9 @@ resources: NodeExtraConfig: depends_on: [CephStorageExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: CephStorage} @@ -518,11 +525,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: CephStorageDeployment properties: server: {get_resource: CephStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: diff --git a/puppet/compute-role.yaml b/puppet/compute-role.yaml index 8a3c487a..c86183ac 100644 --- a/puppet/compute-role.yaml +++ b/puppet/compute-role.yaml @@ -386,6 +386,7 @@ resources: properties: server: {get_resource: NovaCompute} RoleParameters: {get_param: RoleParameters} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkConfig: type: OS::TripleO::Compute::Net::SoftwareConfig @@ -512,6 +513,9 @@ resources: ComputeExtraConfigPre: depends_on: NovaComputeDeployment type: OS::TripleO::ComputeExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: NovaCompute} @@ -520,6 +524,9 @@ resources: NodeExtraConfig: depends_on: [ComputeExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: NovaCompute} @@ -542,11 +549,21 @@ resources: update_identifier: get_param: UpdateIdentifier + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: NovaComputeDeployment properties: server: {get_resource: NovaCompute} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml index 6bc23669..156758b2 100644 --- a/puppet/controller-role.yaml +++ b/puppet/controller-role.yaml @@ -406,6 +406,7 @@ resources: properties: server: {get_resource: Controller} RoleParameters: {get_param: RoleParameters} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkConfig: type: OS::TripleO::Controller::Net::SoftwareConfig @@ -552,6 +553,9 @@ resources: ControllerExtraConfigPre: depends_on: ControllerDeployment type: OS::TripleO::ControllerExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: Controller} @@ -560,6 +564,9 @@ resources: NodeExtraConfig: depends_on: [ControllerExtraConfigPre, NodeTLSData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: Controller} @@ -582,11 +589,21 @@ resources: update_identifier: get_param: UpdateIdentifier + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: ControllerDeployment properties: server: {get_resource: Controller} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: diff --git a/puppet/objectstorage-role.yaml b/puppet/objectstorage-role.yaml index c35bb250..47032a83 100644 --- a/puppet/objectstorage-role.yaml +++ b/puppet/objectstorage-role.yaml @@ -377,6 +377,7 @@ resources: properties: server: {get_resource: SwiftStorage} RoleParameters: {get_param: RoleParameters} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -485,6 +486,9 @@ resources: NodeExtraConfig: depends_on: NodeTLSCAData type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: SwiftStorage} @@ -506,11 +510,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: SwiftStorageHieraDeploy properties: server: {get_resource: SwiftStorage} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: diff --git a/puppet/role.role.j2.yaml b/puppet/role.role.j2.yaml index b7f47594..266657c8 100644 --- a/puppet/role.role.j2.yaml +++ b/puppet/role.role.j2.yaml @@ -399,6 +399,7 @@ resources: properties: server: {get_resource: {{role}}} RoleParameters: {get_param: RoleParameters} + deployment_actions: {get_attr: [DeploymentActions, value]} NetworkDeployment: type: OS::TripleO::SoftwareDeployment @@ -511,6 +512,9 @@ resources: {{role}}ExtraConfigPre: depends_on: {{role}}Deployment type: OS::TripleO::{{role}}ExtraConfigPre + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: {{role}}} @@ -519,6 +523,9 @@ resources: NodeExtraConfig: depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData] type: OS::TripleO::NodeExtraConfig + # We have to use conditions here so that we don't break backwards + # compatibility with templates everywhere + condition: server_not_blacklisted properties: server: {get_resource: {{role}}} @@ -541,11 +548,21 @@ resources: - ['CREATE', 'UPDATE'] - [] + DeploymentActions: + type: OS::Heat::Value + properties: + value: + if: + - server_not_blacklisted + - ['CREATE', 'UPDATE'] + - [] + SshHostPubKey: type: OS::TripleO::Ssh::HostPubKey depends_on: {{role}}Deployment properties: server: {get_resource: {{role}}} + deployment_actions: {get_attr: [DeploymentActions, value]} outputs: ip_address: |