aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--common/deploy-steps.j239
-rw-r--r--common/major_upgrade_steps.j2.yaml4
-rw-r--r--common/post-upgrade.j2.yaml2
-rw-r--r--docker/services/containers-common.yaml1
-rw-r--r--docker/services/nova-api.yaml2
5 files changed, 31 insertions, 17 deletions
diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2
index 1119fb60..2b004af1 100644
--- a/common/deploy-steps.j2
+++ b/common/deploy-steps.j2
@@ -1,7 +1,12 @@
# certain initialization steps (run in a container) will occur
# on the role marked as primary controller or the first role listed
-{%- set primary_role = [roles[0]] -%}
-{%- for role in roles -%}
+{%- if enabled_roles is not defined -%}
+ # On upgrade certain roles can be disabled for operator driven upgrades
+ # See major_upgrade_steps.j2.yaml and post-upgrade.j2.yaml
+ {%- set enabled_roles = roles -%}
+{%- endif -%}
+{%- set primary_role = [enabled_roles[0]] -%}
+{%- for role in enabled_roles -%}
{%- if 'primary' in role.tags and 'controller' in role.tags -%}
{%- set _ = primary_role.pop() -%}
{%- set _ = primary_role.append(role) -%}
@@ -55,7 +60,7 @@ conditions:
{% for step in range(1, deploy_steps_max) %}
WorkflowTasks_Step{{step}}_Enabled:
or:
- {%- for role in roles %}
+ {%- for role in enabled_roles %}
- not:
equals:
- get_param: [role_data, {{role.name}}, service_workflow_tasks, step{{step}}]
@@ -96,12 +101,12 @@ resources:
condition: WorkflowTasks_Step{{step}}_Enabled
depends_on:
{%- if step == 1 %}
- {%- for dep in roles %}
+ {%- for dep in enabled_roles %}
- {{dep.name}}PreConfig
- {{dep.name}}ArtifactsDeploy
{%- endfor %}
{%- else %}
- {%- for dep in roles %}
+ {%- for dep in enabled_roles %}
- {{dep.name}}Deployment_Step{{step -1}}
{%- endfor %}
{%- endif %}
@@ -112,7 +117,7 @@ resources:
yaql:
expression: $.data.where($ != '').select($.get('step{{step}}')).where($ != null).flatten()
data:
- {%- for role in roles %}
+ {%- for role in enabled_roles %}
- get_param: [role_data, {{role.name}}, service_workflow_tasks]
{%- endfor %}
@@ -146,10 +151,11 @@ resources:
# END service_workflow_tasks handling
{% endfor %}
+# Artifacts config and HostPrepConfig is done on all roles, not only
+# enabled_roles, because on upgrade we need to write the json files
+# for the operator driven upgrade scripts (the ansible steps consume them)
{% for role in roles %}
- # Post deployment steps for all roles
- # A single config is re-applied with an incrementing step number
- # {{role.name}} Role steps
+ # Prepare host tasks for {{role.name}}
{{role.name}}ArtifactsConfig:
type: ../puppet/deploy-artifacts.yaml
@@ -235,9 +241,10 @@ resources:
properties:
servers: {get_param: [servers, {{role.name}}]}
config: {get_resource: {{role.name}}HostPrepConfig}
+{% endfor %}
- # BEGIN CONFIG STEPS
-
+ # BEGIN CONFIG STEPS, only on enabled_roles
+{%- for role in enabled_roles %}
{{role.name}}PreConfig:
type: OS::TripleO::Tasks::{{role.name}}PreConfig
depends_on: {{role.name}}HostPrepDeployment
@@ -246,6 +253,8 @@ resources:
input_values:
update_identifier: {get_param: DeployIdentifier}
+ # Deployment steps for {{role.name}}
+ # A single config is re-applied with an incrementing step number
{% for step in range(1, deploy_steps_max) %}
{{role.name}}Deployment_Step{{step}}:
type: OS::TripleO::DeploymentSteps
@@ -257,12 +266,12 @@ resources:
# if https://bugs.launchpad.net/heat/+bug/1700569
# is fixed.
{%- if step == 1 %}
- {%- for dep in roles %}
+ {%- for dep in enabled_roles %}
- {{dep.name}}PreConfig
- {{dep.name}}ArtifactsDeploy
{%- endfor %}
{%- else %}
- {%- for dep in roles %}
+ {%- for dep in enabled_roles %}
- {{dep.name}}Deployment_Step{{step -1}}
{%- endfor %}
{%- endif %}
@@ -285,7 +294,7 @@ resources:
# after all the previous deployment steps.
{{role.name}}ExtraConfigPost:
depends_on:
- {%- for dep in roles %}
+ {%- for dep in enabled_roles %}
- {{dep.name}}Deployment_Step5
{%- endfor %}
type: OS::TripleO::NodeExtraConfigPost
@@ -298,7 +307,7 @@ resources:
{{role.name}}PostConfig:
type: OS::TripleO::Tasks::{{role.name}}PostConfig
depends_on:
- {%- for dep in roles %}
+ {%- for dep in enabled_roles %}
- {{dep.name}}ExtraConfigPost
{%- endfor %}
properties:
diff --git a/common/major_upgrade_steps.j2.yaml b/common/major_upgrade_steps.j2.yaml
index 7fc91153..5eb93d39 100644
--- a/common/major_upgrade_steps.j2.yaml
+++ b/common/major_upgrade_steps.j2.yaml
@@ -196,3 +196,7 @@ outputs:
{% for role in roles %}
{{role.name.lower()}}: {get_attr: [{{role.name}}UpgradeConfig_Step1, upgrade_config]}
{% endfor %}
+ RoleConfig:
+ description: Mapping of config data for all roles
+ value: {get_attr: [AllNodesPostUpgradeSteps, RoleConfig]}
+
diff --git a/common/post-upgrade.j2.yaml b/common/post-upgrade.j2.yaml
index 7cd6abdf..af47c6ea 100644
--- a/common/post-upgrade.j2.yaml
+++ b/common/post-upgrade.j2.yaml
@@ -1,4 +1,4 @@
# Note the include here is the same as post.j2.yaml but the data used at
# # the time of rendering is different if any roles disable upgrades
-{% set roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
+{% set enabled_roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
{% include 'deploy-steps.j2' %}
diff --git a/docker/services/containers-common.yaml b/docker/services/containers-common.yaml
index 2c894da5..9f982f8b 100644
--- a/docker/services/containers-common.yaml
+++ b/docker/services/containers-common.yaml
@@ -64,6 +64,7 @@ outputs:
# Syslog socket
- /dev/log:/dev/log
- /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro
+ - /sys/fs/selinux:/sys/fs/selinux
- if:
- internal_tls_enabled
- - list_join:
diff --git a/docker/services/nova-api.yaml b/docker/services/nova-api.yaml
index f46e27c0..9f1ae865 100644
--- a/docker/services/nova-api.yaml
+++ b/docker/services/nova-api.yaml
@@ -219,7 +219,7 @@ outputs:
detach: false
volumes: *nova_api_bootstrap_volumes
user: root
- command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts'"
+ command: "/usr/bin/bootstrap_host_exec nova_api su nova -s /bin/bash -c '/usr/bin/nova-manage cell_v2 discover_hosts --verbose'"
metadata_settings:
get_attr: [NovaApiBase, role_data, metadata_settings]
host_prep_tasks: