aboutsummaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
authorDan Prince <dprince@redhat.com>2017-01-29 08:01:46 -0500
committerDan Prince <dprince@redhat.com>2017-02-15 13:09:59 -0500
commit84626c82cc54a0b1de595cbac06336045947dc4a (patch)
treea290af3c02f2f14eb451319aace0d5d903df2374 /docker
parentad2ea290bed17bff9b53ac225d3604ed642ee8bc (diff)
Add docker_puppet_tasks initialization on primary node
This patch adds a new (optional) section to the docker post.j2.yaml that collects any 'docker_puppet_tasks' data from enabled services and applies it on the primary role node (the first node in the primary (first) role). The use case for this is although we are generally only using puppet for configuration there are several exceptions that we desire to make use of today for parity with baremetal. This includes things like database creation and keystone endpoint initialization which we rely on configuration via hiera variables controlled by the puppet services. Change-Id: Ic14ef48f26de761b0d0eabd0e1c0eae52d90e68a
Diffstat (limited to 'docker')
-rwxr-xr-xdocker/docker-puppet.py4
-rw-r--r--docker/post.j2.yaml71
-rw-r--r--docker/services/README.rst7
-rw-r--r--docker/services/services.yaml2
4 files changed, 79 insertions, 5 deletions
diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py
index 2d560819..fe87ce7a 100755
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@@ -72,7 +72,9 @@ with open(config_file) as f:
configs = {}
-for service in json_data:
+for service in (json_data or []):
+ if service is None:
+ continue
config_volume = service[0] or ''
puppet_tags = service[1] or ''
manifest = service[2] or ''
diff --git a/docker/post.j2.yaml b/docker/post.j2.yaml
index c125423d..3473f4ca 100644
--- a/docker/post.j2.yaml
+++ b/docker/post.j2.yaml
@@ -29,6 +29,66 @@ parameters:
resources:
+ # These utility tasks use docker-puppet.py to execute tasks via puppet
+ # We only execute these on the first node in the primary role
+ {{primary_role_name}}DockerPuppetTasks:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ yaql:
+ expression:
+ dict($.data.docker_puppet_tasks.where($1 != null).selectMany($.items()).groupBy($[0], $[1]))
+ data:
+ docker_puppet_tasks: {get_param: [role_data, {{primary_role_name}}, docker_puppet_tasks]}
+
+# BEGIN primary_role_name docker-puppet-tasks (run only on a single node)
+{% for step in range(1, 6) %}
+
+ {{primary_role_name}}DockerPuppetJsonConfig{{step}}:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: json-file
+ config:
+ /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json:
+ {get_attr: [{{primary_role_name}}DockerPuppetTasks, value, 'step_{{step}}']}
+
+ {{primary_role_name}}DockerPuppetJsonDeployment{{step}}:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ server: {get_param: [servers, {{primary_role_name}}, '0']}
+ config: {get_resource: {{primary_role_name}}DockerPuppetJsonConfig{{step}}}
+
+ {{primary_role_name}}DockerPuppetTasksConfig{{step}}:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: docker-puppet.py}
+ inputs:
+ - name: CONFIG
+ - name: NET_HOST
+ - name: NO_ARCHIVE
+
+ {{primary_role_name}}DockerPuppetTasksDeployment{{step}}:
+ type: OS::Heat::SoftwareDeployment
+ depends_on:
+ {% for dep in roles %}
+ - {{dep.name}}Deployment_Step{{step}}
+ - {{dep.name}}ContainersDeployment_Step{{step}}
+ {% endfor %}
+ - {{primary_role_name}}DockerPuppetJsonDeployment{{step}}
+ properties:
+ name: {{primary_role_name}}DockerPuppetJsonDeployment{{step}}
+ server: {get_param: [servers, {{primary_role_name}}, '0']}
+ config: {get_resource: {{primary_role_name}}DockerPuppetTasksConfig{{step}}}
+ input_values:
+ CONFIG: /var/lib/docker-puppet/docker-puppet-tasks{{step}}.json
+ NET_HOST: 'true'
+ NO_ARCHIVE: 'true'
+
+{% endfor %}
+# END primary_role_name docker-puppet-tasks
+
{% for role in roles %}
# Post deployment steps for all roles
# A single config is re-applied with an incrementing step number
@@ -165,10 +225,11 @@ resources:
depends_on: [{{role.name}}PreConfig, {{role.name}}ArtifactsDeploy]
{% else %}
depends_on:
- {% for dep in roles %}
+ {% for dep in roles %}
- {{dep.name}}Deployment_Step{{step -1}}
- {{dep.name}}ContainersDeployment_Step{{step -1}}
- {% endfor %}
+ {% endfor %}
+ - {{primary_role_name}}DockerPuppetTasksDeployment{{step -1}}
{% endif %}
properties:
name: {{role.name}}Deployment_Step{{step}}
@@ -201,11 +262,12 @@ resources:
- {{role.name}}GenerateConfigDeployment
{% else %}
depends_on:
- {% for dep in roles %}
+ {% for dep in roles %}
- {{dep.name}}ContainersDeployment_Step{{step -1}}
- {{dep.name}}Deployment_Step{{step}} # baremetal steps of the same level run first
- {{dep.name}}Deployment_Step{{step -1}}
- {% endfor %}
+ {% endfor %}
+ - {{primary_role_name}}DockerPuppetTasksDeployment{{step -1}}
{% endif %}
properties:
name: {{role.name}}ContainersDeployment_Step{{step}}
@@ -220,6 +282,7 @@ resources:
depends_on:
{% for dep in roles %}
- {{dep.name}}Deployment_Step5
+ - {{primary_role_name}}DockerPuppetTasksDeployment5
{% endfor %}
properties:
servers: {get_param: servers}
diff --git a/docker/services/README.rst b/docker/services/README.rst
index edaa5ee9..c054e8c0 100644
--- a/docker/services/README.rst
+++ b/docker/services/README.rst
@@ -76,6 +76,13 @@ are re-asserted when applying latter ones.
'docker_image' above but some containers share a common set of
config files which are generated in a common base container.
+ * docker_puppet_tasks: This section provides data to drive the
+ docker-puppet.py tool directly. The task is executed only once
+ within the cluster (not on each node) and is useful for several
+ puppet snippets we require for initialization of things like
+ keystone endpoints, database users, etc. See docker-puppet.py
+ for formatting.
+
Docker steps
------------
Similar to baremetal docker containers are brought up in a stepwise manner.
diff --git a/docker/services/services.yaml b/docker/services/services.yaml
index 8e899024..cd9f4cb5 100644
--- a/docker/services/services.yaml
+++ b/docker/services/services.yaml
@@ -75,3 +75,5 @@ outputs:
map_merge: {get_attr: [ServiceChain, role_data, kolla_config]}
docker_config:
{get_attr: [ServiceChain, role_data, docker_config]}
+ docker_puppet_tasks:
+ {get_attr: [ServiceChain, role_data, docker_puppet_tasks]}