Merge "Add SUSE support"

This commit is contained in:
Jenkins 2017-04-25 16:57:21 +00:00 committed by Gerrit Code Review
commit 338c31ef3b
12 changed files with 276 additions and 69 deletions

1
.gitignore vendored
View File

@ -61,6 +61,7 @@ ChangeLog
releasenotes/build
# Test temp files
tests/common
tests/plugins
tests/playbooks
tests/test.retry

20
Vagrantfile vendored
View File

@ -1,12 +1,26 @@
Vagrant.configure(2) do |config|
config.vm.box = "ubuntu/xenial64"
config.vm.provider "virtualbox" do |v|
v.memory = 2048
v.cpus = 2
end
config.vm.provision "shell", inline: <<-SHELL
sudo su -
config.vm.provision "shell",
privileged: false,
inline: <<-SHELL
cd /vagrant
./run_tests.sh
SHELL
config.vm.define "ubuntu1604" do |xenial|
xenial.vm.box = "ubuntu/xenial64"
end
config.vm.define "opensuse421" do |leap421|
leap421.vm.box = "opensuse/openSUSE-42.1-x86_64"
end
config.vm.define "centos7" do |centos7|
centos7.vm.box = "centos/7"
end
end

View File

@ -3,12 +3,24 @@
#
# See the following for details:
# - http://docs.openstack.org/infra/bindep/
# - https://github.com/openstack-infra/bindep
# - https://git.openstack.org/cgit/openstack-infra/bindep
#
# Even if the role does not make use of this facility, it
# is better to have this file empty, otherwise OpenStack-CI
# will fall back to installing its default packages which
# will potentially be detrimental to the tests executed.
#
# Note:
# This file is maintained in the openstack-ansible-tests repository.
# https://git.openstack.org/cgit/openstack/openstack-ansible-tests/tree/bindep.txt
# If you need to remove or add extra dependencies, you should modify
# the central file instead and once your change is accepted then update
# this file as well. The purpose of this file is to ensure that Python and
# Ansible have all their necessary binary requirements on the test host before
# tox executes. Any binary requirements needed by services/roles should be
# installed by those roles in their applicable package install tasks, not through
# using this file.
#
# Base requirements for Ubuntu
build-essential [platform:dpkg]
@ -18,24 +30,26 @@ libffi-dev [platform:dpkg]
python2.7 [platform:dpkg]
python-dev [platform:dpkg]
# Base requirements for CentOS
# Base requirements for RPM distros
gcc [platform:rpm]
gcc-c++ [platform:rpm]
git [platform:rpm]
python-devel [platform:rpm]
libffi-devel [platform:rpm]
openssl-devel [platform:rpm]
python-devel [platform:rpm]
# For SELinux
libselinux-python [platform:rpm]
libselinux-python [platform:centos]
libsemanage-python [platform:centos]
# For SSL SNI support
python-pyasn1 [platform:dpkg]
python-openssl [platform:dpkg]
python-pyasn1 [platform:dpkg platform:suselinux]
python-openssl [platform:dpkg platform:suselinux]
python-ndg-httpsclient [platform:ubuntu]
python2-pyasn1 [platform:rpm]
python2-pyOpenSSL [platform:rpm]
python-ndg_httpsclient [platform:rpm]
python2-pyasn1 [platform:centos]
python2-pyOpenSSL [platform:centos]
python-pyOpenSSL [platform:suselinux]
python-ndg_httpsclient [platform:centos]
# Required for compressing collected log files in CI
gzip

View File

@ -26,6 +26,11 @@ galaxy_info:
- name: EL
versions:
- 7
- name: opensuse
versions:
- 42.1
- 42.2
- 42.3
categories:
- cloud
- lxc

View File

@ -13,63 +13,35 @@
# See the License for the specific language governing permissions and
# limitations under the License.
set -xeuo pipefail
set -xeu
FUNCTIONAL_TEST=${FUNCTIONAL_TEST:-true}
source /etc/os-release || source /usr/lib/os-release
# Install python2 for Ubuntu 16.04 and CentOS 7
install_pkg_deps() {
pkg_deps="git"
if which apt-get; then
sudo apt-get update && sudo apt-get install -y python
fi
case ${ID,,} in
*suse*) pkg_mgr_cmd="zypper -n in" ;;
centos|rhel) pkg_mgr_cmd="yum install -y" ;;
fedora) pkg_mgr_cmd="dnf -y install" ;;
ubuntu|debian) pkg_mgr_cmd="apt-get install -y" ;;
*) echo "unsupported distribution: ${ID,,}"; exit 1 ;;
esac
if which yum; then
sudo yum install -y python
fi
eval sudo $pkg_mgr_cmd $pkg_deps
}
# Install pip.
if ! which pip; then
curl --silent --show-error --retry 5 \
https://bootstrap.pypa.io/get-pip.py | sudo python2.7
fi
# Install bindep and tox with pip.
sudo pip install bindep tox
# CentOS 7 requires two additional packages:
# redhat-lsb-core - for bindep profile support
# epel-release - required to install python-ndg_httpsclient/python2-pyasn1
if which yum; then
sudo yum -y install redhat-lsb-core epel-release
fi
# Get a list of packages to install with bindep. If packages need to be
# installed, bindep exits with an exit code of 1.
BINDEP_PKGS=$(bindep -b -f bindep.txt test || true)
echo "Packages to install: ${BINDEP_PKGS}"
# Install a list of OS packages provided by bindep.
if which apt-get; then
sudo apt-get update
DEBIAN_FRONTEND=noninteractive \
sudo apt-get -q --option "Dpkg::Options::=--force-confold" \
--assume-yes install $BINDEP_PKGS
elif which yum; then
# Don't run yum with an empty list of packages.
# It will fail and cause the script to exit with an error.
if [[ ${#BINDEP_PKGS} > 0 ]]; then
sudo yum install -y $BINDEP_PKGS
git_clone_repo() {
if [[ ! -d tests/common ]]; then
git clone https://git.openstack.org/openstack/openstack-ansible-tests tests/common
fi
fi
}
# Loop through each tox environment and run tests.
for tox_env in $(awk -F= '/envlist/ { gsub(",", " "); print $2 }' tox.ini); do
echo "Executing tox environment: ${tox_env}"
if [[ ${tox_env} == ansible-functional ]]; then
if ${FUNCTIONAL_TEST}; then
tox -e ${tox_env}
fi
else
tox -e ${tox_env}
fi
done
install_pkg_deps
git_clone_repo
# start executing the main test script
source tests/common/run_tests.sh
# vim: set ts=4 sw=4 expandtab:

View File

@ -17,6 +17,7 @@
tags:
- install-apt
- install-yum
- install-zypper
- name: Install pip packages
pip:

View File

@ -0,0 +1,88 @@
---
# Copyright 2017, SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install zypper packages
zypper:
name: "{{ item }}"
state: present
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items:
- "{{ lxc_hosts_distro_packages }}"
tags:
- lxc-packages
- name: Drop lxc-openstack apparmor profile
template:
src: "lxc-openstack.apparmor.j2"
dest: "/etc/apparmor.d/lxc/lxc-openstack"
owner: "root"
group: "root"
mode: "0644"
notify:
- Start apparmor
- Reload apparmor
tags:
- lxc-files
- lxc-apparmor
- lxc_hosts-config
- name: Drop post up script
copy:
content: |
#!/usr/bin/env bash
if [ "${1}" == "{{ lxc_net_bridge }}" ];then
if [ "{{ lxc_net_nat }}" == "True" ];then
/usr/local/bin/lxc-system-manage iptables-create
/usr/local/bin/lxc-system-manage dnsmasq-start || true
fi
fi
dest: "/etc/sysconfig/network/scripts/ifup-post-{{ lxc_net_bridge }}"
owner: "root"
group: "root"
mode: "0755"
tags:
- lxc-post-up
- lxc_hosts-config
- name: Drop post down script
copy:
content: |
#!/usr/bin/env bash
if [ "${1}" == "{{ lxc_net_bridge }}" ];then
if [ "{{ lxc_net_nat }}" == "True" ];then
/usr/local/bin/lxc-system-manage dnsmasq-stop
/usr/local/bin/lxc-system-manage iptables-remove
fi
fi
dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}"
owner: "root"
group: "root"
mode: "0755"
tags:
- lxc-post-down
- lxc_hosts-config
- name: Flush handler to reload apparmor profiles
meta: flush_handlers
- name: Enable lxc service
service:
name: lxc
enabled: "yes"
tags:
- lxc_hosts-config

View File

@ -0,0 +1,18 @@
# {{ ansible_managed }}
DEVICE={{ lxc_net_bridge }}
BRIDGE='yes'
IPADDR={{ lxc_net_address }}
NETMASK={{ lxc_net_netmask }}
{% if lxc_net_gateway is not none %}
GATEWAY={{ lxc_net_gateway }}
{% endif %}
{% if lxc_net_mtu is defined %}
MTU={{ lxc_net_mtu }}
{% endif %}
BOOTPROTO=static
BRIDGE_STP='on'
# POST_UP script
POST_UP_SCRIPT="compat:suse:ifup-post-{{ lxc_net_bridge }}"
# POST_DOWN script
POST_DOWN_SCRIPT="compat:suse:ifdown-post-{{ lxc_net_bridge }}"

View File

@ -75,6 +75,15 @@
set_fact:
interface_file: "{{ _rhel_interface_file.stdout }}"
when: ansible_os_family | lower == "redhat"
- name: SUSE - Get deployed interface file contents, without Ansible managed line
shell: |
cat /etc/sysconfig/network/ifcfg-lxcbr0 | tail -n +3
register: _suse_interface_file
when: ansible_os_family | lower == "suse"
- name: SUSE - interface file fact
set_fact:
interface_file: "{{ _suse_interface_file.stdout }}"
when: ansible_os_family | lower == "suse"
- name: Get bridge interface facts
setup:
filter: ansible_lxcbr0

View File

@ -92,7 +92,7 @@ lxc_cache_distro_packages:
- yum-utils
lxc_cached_network_interfaces:
- src: "lxc-net-ifcfg-bridge.cfg.j2"
- src: "lxc-net-redhat-bridge.cfg.j2"
dest: "/etc/sysconfig/network-scripts/ifcfg-lxcbr0"
lxc_container_default_interfaces: |

85
vars/suse-42.yml Normal file
View File

@ -0,0 +1,85 @@
---
# Copyright 2016, Rackspace US, Inc.
# Copyright 2017, SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
system_config_dir: "/etc/sysconfig"
systemd_utils_prefix: "/usr/lib/systemd"
# Required rpm packages.
lxc_hosts_distro_packages:
- apparmor-parser
- apparmor-utils
- bridge-utils
- dnsmasq
- git-core
- libseccomp2
- lxc
- lxc-devel
- xz
lxc_xz_bin: xz
lxc_cache_map:
distro: opensuse
arch: amd64
# NOTE(hwoarang): Ideally we would like to match the container version with
# that of the running host but images.linuxcontainers.org does not have a
# 42.1 images so our only option is to always use 42.2 for LXCs. As such we
# can't share many files with the host.
release: "42.2"
copy_from_host:
- /etc/environment
- /etc/localtime
cache_prep_commands: |
{{ lxc_cache_prep_pre_commands }}
mkdir -p /etc/ansible/facts.d/
if [ -a /etc/resolv.conf ]; then
mv /etc/resolv.conf /etc/resolv.conf.org
fi
{% for resolver in lxc_cache_prep_dns %}
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
{% endfor %}
# Do a complete refresh and fetch the keys without asking
zypper --gpg-auto-import-keys -n ref -f
zypper -n in -l {{ lxc_cache_distro_packages | join(' ') }}
mkdir -p /var/backup
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network/ifcfg-eth0
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
if [ -a /etc/resolv.conf.org ]; then
mv /etc/resolv.conf.org /etc/resolv.conf
else
rm -f /etc/resolv.conf
fi
{{ lxc_cache_prep_post_commands }}
lxc_cache_distro_packages:
- ca-certificates
- git-core
- openssh
- python-devel
- python
- rsync
- sudo
- wget
- tar
- which
lxc_cached_network_interfaces:
- src: "lxc-net-suse-bridge.cfg.j2"
dest: "/etc/sysconfig/network/ifcfg-lxcbr0"
lxc_container_default_interfaces: |
DEVICE=eth0
BOOTPROTO=dhcp