diff options
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/major_upgrade_steps.j2.yaml | 107 | ||||
-rw-r--r-- | puppet/post.j2.yaml | 6 |
2 files changed, 85 insertions, 28 deletions
diff --git a/puppet/major_upgrade_steps.j2.yaml b/puppet/major_upgrade_steps.j2.yaml index b879fafa..e0dac6a1 100644 --- a/puppet/major_upgrade_steps.j2.yaml +++ b/puppet/major_upgrade_steps.j2.yaml @@ -1,6 +1,7 @@ {% set enabled_roles = roles|rejectattr('disable_upgrade_deployment')|list -%} {% set batch_upgrade_steps_max = 3 -%} {% set upgrade_steps_max = 6 -%} +{% set deliver_script = {'deliver': False} -%} heat_template_version: ocata description: 'Upgrade steps for all roles' @@ -17,6 +18,19 @@ parameters: description: > Setting to a previously unused value during stack-update will trigger the Upgrade resources to re-run on all roles. + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + NovaPassword: + description: The password for the nova service and db account, used by nova-api. + type: string + hidden: true conditions: # Conditions to disable any steps where the task list is empty @@ -35,6 +49,43 @@ conditions: resources: +{% for role in roles if role.disable_upgrade_deployment|default(false) %} + {{role.name}}DeliverUpgradeScriptConfig: + type: OS::Heat::SoftwareConfig + properties: + group: script + config: + list_join: + - '' + - - "#!/bin/bash\n\n" + - "set -eu\n\n" + - "if hiera -c /etc/puppet/hiera.yaml service_names | grep nova_compute ; then\n\n" + - " crudini --set /etc/nova/nova.conf placement auth_type password\n\n" + - " crudini --set /etc/nova/nova.conf placement username placement\n\n" + - " crudini --set /etc/nova/nova.conf placement project_domain_name Default\n\n" + - " crudini --set /etc/nova/nova.conf placement user_domain_name Default\n\n" + - " crudini --set /etc/nova/nova.conf placement project_name service\n\n" + - " systemctl restart openstack-nova-compute\n\n" + - "fi\n\n" + - str_replace: + template: | + crudini --set /etc/nova/nova.conf placement password 'SERVICE_PASSWORD' + crudini --set /etc/nova/nova.conf placement region_name 'REGION_NAME' + crudini --set /etc/nova/nova.conf placement auth_url 'AUTH_URL' + params: + SERVICE_PASSWORD: { get_param: NovaPassword } + REGION_NAME: { get_param: KeystoneRegion } + AUTH_URL: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + - get_file: ../extraconfig/tasks/pacemaker_common_functions.sh + - get_file: ../extraconfig/tasks/tripleo_upgrade_node.sh + + {{role.name}}DeliverUpgradeScriptDeployment: + type: OS::Heat::SoftwareDeploymentGroup + properties: + servers: {get_param: [servers, {{role.name}}]} + config: {get_resource: {{role.name}}DeliverUpgradeScriptConfig} +{% endfor %} + # Upgrade Steps for all roles, batched updates # The UpgradeConfig resources could actually be created without # serialization, but the event output is easier to follow if we @@ -46,11 +97,22 @@ resources: {{role.name}}UpgradeBatchConfig_Step{{step}}: type: OS::TripleO::UpgradeConfig {%- if step > 0 %} + condition: {{role.name}}UpgradeBatchConfigEnabled + {% if role.name in enabled_roles %} depends_on: - {%- for dep in enabled_roles %} - - {{dep.name}}UpgradeBatch_Step{{step -1}} - {%- endfor %} - {%- endif %} + - {{role.name}}UpgradeBatch_Step{{step -1}} + {%- endif %} + {% else %} + {% for role in roles if role.disable_upgrade_deployment|default(false) %} + {% if deliver_script.update({'deliver': True}) %} {% endif %} + {% endfor %} + {% if deliver_script.deliver %} + depends_on: + {% endif %} + {% for dep in roles if dep.disable_upgrade_deployment|default(false) %} + - {{dep.name}}DeliverUpgradeScriptDeployment + {% endfor %} + {% endif %} properties: UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_batch_tasks]} step: {{step}} @@ -61,12 +123,13 @@ resources: {{role.name}}UpgradeBatch_Step{{step}}: type: OS::Heat::SoftwareDeploymentGroup condition: {{role.name}}UpgradeBatchConfigEnabled - {%- if step > 0 %} + {%- if step > 0 %} depends_on: - {%- for dep in enabled_roles %} - - {{dep.name}}UpgradeBatch_Step{{step -1}} - {%- endfor %} - {%- endif %} + - {{role.name}}UpgradeBatch_Step{{step -1}} + {% else %} + depends_on: + - {{role.name}}UpgradeBatchConfig_Step{{step}} + {%- endif %} update_policy: batch_create: max_batch_size: {{role.upgrade_batch_size|default(1)}} @@ -92,15 +155,12 @@ resources: # serialization, but the event output is easier to follow if we # do, and there should be minimal performance hit (creating the # config is cheap compared to the time to apply the deployment). - depends_on: {%- if step > 0 %} - {%- for dep in enabled_roles %} - - {{dep.name}}Upgrade_Step{{step -1}} - {%- endfor %} - {%- else %} - {%- for dep in enabled_roles %} - - {{dep.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}} - {%- endfor %} + condition: {{role.name}}UpgradeConfigEnabled + {% if role.name in enabled_roles %} + depends_on: + - {{role.name}}Upgrade_Step{{step -1}} + {% endif %} {%- endif %} properties: UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_tasks]} @@ -111,17 +171,11 @@ resources: {%- for role in enabled_roles %} {{role.name}}Upgrade_Step{{step}}: type: OS::Heat::SoftwareDeploymentGroup + {%- if step > 0 %} condition: {{role.name}}UpgradeConfigEnabled depends_on: - {%- if step > 0 %} - {%- for dep in enabled_roles %} - - {{dep.name}}Upgrade_Step{{step -1}} - {%- endfor %} - {%- else %} - {%- for dep in enabled_roles %} - - {{dep.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}} - {%- endfor %} - {%- endif %} + - {{role.name}}Upgrade_Step{{step -1}} + {%- endif %} properties: name: {{role.name}}Upgrade_Step{{step}} servers: {get_param: [servers, {{role.name}}]} @@ -154,4 +208,3 @@ outputs: {% for role in roles %} {{role.name.lower()}}: {get_attr: [{{role.name}}UpgradeConfig_Step1, upgrade_config]} {% endfor %} - diff --git a/puppet/post.j2.yaml b/puppet/post.j2.yaml index 39155c36..21202775 100644 --- a/puppet/post.j2.yaml +++ b/puppet/post.j2.yaml @@ -12,7 +12,11 @@ parameters: role_data: type: json description: Mapping of Role name e.g Controller to the per-role data - + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json DeployIdentifier: default: '' type: string |