craton

Client definition of workflows

Registered by Jim Baker

Operators should be able to easily define a new workflow, based on existing workflow logic; this bottoms out to the supporting plugin support.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Jim Baker
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Configurable aspects for each workflow:

* roles for this workflow (coresponds to keys, but also includes r/w permissions)
* keys used by this workflow - input/output - defaults to the name of the workflow
* scheduling strategy - example: 'aisle,cabinet'
* some sort of packaging, including specific support for OSA; as well as things we need to push down to tooling like Ansible, eg
* the user do the OSA security audit ('root')
* packaging config variables
* (optional) performance data to help scheduling strategy

We should consider how to make this streamlined for one-off examples, such as running a bash script; and ensuring all necessary dependencies are packaged.

from cratonclient.v1 import make_session, inventory

session = make_session(...) # or use CRATON_* environ variables...
osa_base = inventory.Workflow(session).get('openstack-ansible')
wf = osa_base.define_workflow('osa-audit') # fails if this workflow name already exists
wf.strategy = 'aisle,cabinet'
wf.isolate_host_failure = True
wf.repo = 'git://git.openstack.org/openstack/openstack-ansible-security'
wf.ansible_playbook = {
    'name': 'Run openstack-ansible-security'
    'user': 'root',
    'roles': ['openstack-ansible-security']}
# From
# http://docs.openstack.org/developer/openstack-ansible-security/configuration.html
wf.variables['security_ntp_bind_local_interfaces_only'] = False
wf.save()

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.