Use openstack-ansible-tests and ansible 2.1.1

This PR incorporates the openstack-ansible-tests bits into
openstack-ansible-os_neutron as well as adjusting the settings to use
ansible 2.1.1.

Change-Id: I7174b920f20488a5e1d514a8f32754bb95bb60de
Co-Authored-By: Travis Truman <travis_truman@cable.comcast.com>
This commit is contained in:
Andy McCrae 2016-09-20 15:03:54 +01:00
parent 8bd11efd2a
commit 58bf83cd4c
22 changed files with 336 additions and 569 deletions

7
.gitignore vendored
View File

@ -29,6 +29,7 @@ doc/build/
*.log
*.sql
*.sqlite
logs/*
# OS generated files #
######################
@ -61,6 +62,8 @@ releasenotes/build
# Test temp files
tests/plugins
tests/playbooks
tests/test.retry
# Vagrant testing artifacts
.vagrant
# Vagrant artifacts
.vagrant

33
manual-test.rc Normal file
View File

@ -0,0 +1,33 @@
export VIRTUAL_ENV=$(pwd)
export ANSIBLE_HOST_KEY_CHECKING=False
export ANSIBLE_SSH_CONTROL_PATH=/tmp/%%h-%%r
# TODO (odyssey4me) These are only here as they are non-standard folder
# names for Ansible 1.9.x. We are using the standard folder names for
# Ansible v2.x. We can remove this when we move to Ansible 2.x.
export ANSIBLE_ACTION_PLUGINS=${HOME}/.ansible/plugins/action
export ANSIBLE_CALLBACK_PLUGINS=${HOME}/.ansible/plugins/callback
export ANSIBLE_FILTER_PLUGINS=${HOME}/.ansible/plugins/filter
export ANSIBLE_LOOKUP_PLUGINS=${HOME}/.ansible/plugins/lookup
# This is required as the default is the current path or a path specified
# in ansible.cfg
export ANSIBLE_LIBRARY=${HOME}/.ansible/plugins/library
# This is required as the default is '/etc/ansible/roles' or a path
# specified in ansible.cfg
export ANSIBLE_ROLES_PATH=${HOME}/.ansible/roles:$(pwd)/..
export ANSIBLE_SSH_ARGS="-o ControlMaster=no \
-o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \
-o ServerAliveInterval=64 \
-o ServerAliveCountMax=1024 \
-o Compression=no \
-o TCPKeepAlive=yes \
-o VerifyHostKeyDNS=no \
-o ForwardX11=no \
-o ForwardAgent=yes"
echo "Run manual functional tests by executing the following:"
echo "# ./.tox/functional/bin/ansible-playbook -i tests/inventory tests/test.yml -e \"rolename=$(pwd)\""

View File

@ -24,23 +24,23 @@ if [ ! "$(which pip)" ]; then
fi
# Install bindep and tox
pip install bindep tox
sudo pip install bindep tox
# CentOS 7 requires two additional packages:
# redhat-lsb-core - for bindep profile support
# epel-release - required to install python-ndg_httpsclient/python2-pyasn1
if [ "$(which yum)" ]; then
yum -y install redhat-lsb-core epel-release
sudo yum -y install redhat-lsb-core epel-release
fi
# Install OS packages using bindep
if apt-get -v >/dev/null 2>&1 ; then
apt-get update
sudo apt-get update
DEBIAN_FRONTEND=noninteractive \
apt-get -q --option "Dpkg::Options::=--force-confold" \
sudo apt-get -q --option "Dpkg::Options::=--force-confold" \
--assume-yes install `bindep -b -f bindep.txt test`
else
yum install -y `bindep -b -f bindep.txt test`
sudo yum install -y `bindep -b -f bindep.txt test`
fi
# run through each tox env and execute the test

View File

@ -1,7 +1,7 @@
[all]
localhost ansible_connection=local ansible_ssh_host=127.0.0.1 ansible_become=True
infra1 ansible_host=10.100.100.2 ansible_become=True ansible_user=root
openstack1 ansible_host=10.100.100.3 ansible_become=True ansible_user=root
localhost
infra1
openstack1
[physical_host]
localhost
@ -16,6 +16,9 @@ infra1
[galera_all]
infra1
[memcached_all]
infra1
[etcd_all]
infra1
@ -25,6 +28,7 @@ etcd_all
[service_all:children]
rabbitmq_all
galera_all
memcached_all
etcd_all
[keystone_all]
@ -56,3 +60,33 @@ neutron_lbaas_agent
neutron_metadata_agent
neutron_server
neutron_calico_dhcp_agent
[nova_api_metadata]
openstack1
[nova_api_os_compute]
openstack1
[nova_cert]
openstack1
[nova_compute]
localhost
[nova_conductor]
openstack1
[nova_console]
openstack1
[nova_scheduler]
openstack1
[nova_all:children]
nova_api_metadata
nova_api_os_compute
nova_cert
nova_compute
nova_conductor
nova_console
nova_scheduler

View File

@ -13,12 +13,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_ssh_host: "{{ ansible_host }}"
container_name: "{{ inventory_hostname }}"
container_networks:
management_address:
address: "{{ ansible_host }}"
bridge: "lxcbr0"
bridge: "br-mgmt"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
@ -27,4 +26,4 @@ properties:
service_name: "{{ inventory_hostname }}"
lxc_container_bind_mounts:
- host_directory: "/openstack/log/{{ inventory_hostname }}"
container_directory: "/var/log"
container_directory: "/var/log"

View File

@ -0,0 +1,18 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_host: 10.1.0.2
ansible_become: True
ansible_user: root

View File

@ -0,0 +1,21 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
bridges:
- name: "br-mgmt"
ip_addr: "10.1.0.1"
ansible_python_interpreter: "/usr/bin/python2"
ansible_become: True

View File

@ -0,0 +1,18 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_host: 10.1.0.3
ansible_become: True
ansible_user: root

View File

@ -1,7 +1,7 @@
[all]
localhost ansible_connection=local ansible_ssh_host=127.0.0.1 ansible_become=True
infra1 ansible_host=10.100.100.2 ansible_become=True ansible_user=root
openstack1 ansible_host=10.100.100.3 ansible_become=True ansible_user=root
localhost
infra1
openstack1
[physical_host]
localhost
@ -16,9 +16,13 @@ infra1
[galera_all]
infra1
[memcached_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
memcached_all
[keystone_all]
openstack1
@ -61,3 +65,33 @@ neutron_l3_agent
neutron_lbaas_agent
neutron_metadata_agent
neutron_server
[nova_api_metadata]
openstack1
[nova_api_os_compute]
openstack1
[nova_cert]
openstack1
[nova_compute]
localhost
[nova_conductor]
openstack1
[nova_console]
openstack1
[nova_scheduler]
openstack1
[nova_all:children]
nova_api_metadata
nova_api_os_compute
nova_cert
nova_compute
nova_conductor
nova_console
nova_scheduler

View File

@ -5,4 +5,4 @@ openstack_host_specific_kernel_modules:
group: "physical_host"
neutron_plugin_type: ml2.ovs
neutron_local_ip: "{{ ansible_ssh_host }}"
neutron_local_ip: "{{ ansible_host }}"

View File

@ -1,7 +1,7 @@
[all]
localhost ansible_connection=local ansible_ssh_host=127.0.0.1 ansible_become=True
infra1 ansible_host=10.100.100.2 ansible_become=True ansible_user=root
openstack1 ansible_host=10.100.100.3 ansible_become=True ansible_user=root
localhost
infra1
openstack1
[physical_host]
localhost
@ -16,9 +16,13 @@ infra1
[galera_all]
infra1
[memcached_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
memcached_all
[keystone_all]
openstack1
@ -61,3 +65,33 @@ neutron_l3_agent
neutron_lbaas_agent
neutron_metadata_agent
neutron_server
[nova_api_metadata]
openstack1
[nova_api_os_compute]
openstack1
[nova_cert]
openstack1
[nova_compute]
localhost
[nova_conductor]
openstack1
[nova_console]
openstack1
[nova_scheduler]
openstack1
[nova_all:children]
nova_api_metadata
nova_api_os_compute
nova_cert
nova_compute
nova_conductor
nova_console
nova_scheduler

View File

@ -1,40 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy infrastructure services
hosts: service_all
user: root
gather_facts: true
pre_tasks:
- name: Include Calico testing vars
include_vars: calico_test_vars.yml
when:
- groups['neutron_calico_dhcp_agent'] | length > 0
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"
- role: "etcd"
when:
- groups['neutron_calico_dhcp_agent'] | length > 0

View File

@ -1,83 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
# NOTE: These are typically installed in the repo server where we build the
# neutron wheel
- name: Install packages required to build neutron python package
apt:
name: "{{ item }}"
with_items:
- libffi-dev
when: inventory_hostname in groups['neutron_all']
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- keystone-rabbitmq
- keystone-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- keystone-rabbitmq
- keystone-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- mysql-db-setup
roles:
- role: os_keystone
vars_files:
- test-vars.yml

View File

@ -1,125 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy neutron
hosts: neutron_all
user: root
gather_facts: true
pre_tasks:
- name: Use the unconfined aa profile
lxc_container:
name: "{{ container_name }}"
container_config:
- "lxc.aa_profile=unconfined"
delegate_to: "{{ physical_host }}"
- name: Neutron extra lxc config
lxc_container:
name: "{{ container_name }}"
container_command: |
[[ ! -d "/lib/modules" ]] && mkdir -p "/lib/modules"
container_config:
- "lxc.cgroup.devices.allow=a *:* rmw"
- "lxc.mount.entry=/lib/modules lib/modules none bind 0 0"
delegate_to: "{{ physical_host }}"
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ neutron_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- neutron-rabbitmq
- neutron-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ neutron_rabbitmq_userid }}"
password: "{{ neutron_rabbitmq_password }}"
vhost: "{{ neutron_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- neutron-rabbitmq
- neutron-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ neutron_galera_database }}"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ neutron_galera_database }}"
password: "{{ neutron_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ neutron_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- mysql-db-setup
- name: Check if this is an OpenStack-CI nodepool instance
stat:
path: /etc/nodepool/provider
register: nodepool
delegate_to: localhost
- name: Determine the existing Ubuntu repo URL (only on OpenStack-CI)
shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list'
register: ubuntu_repo_url
changed_when: false
when: nodepool.stat.exists | bool
delegate_to: localhost
- name: Set Ubuntu Cloud Archive repo URL based on discovered information
set_fact:
uca_apt_repo_url: "{{ ubuntu_repo_url.stdout | netorigin }}/ubuntu-cloud-archive"
when: nodepool.stat.exists | bool
- name: Include OVS testing vars
include_vars: ovs_test_vars.yml
when:
- groups['neutron_openvswitch_agent'] | length > 0
- name: Include Calico testing vars
include_vars: calico_test_vars.yml
when:
- groups['neutron_calico_dhcp_agent'] | length > 0
roles:
- role: "{{ rolename | basename }}"
post_tasks:
- include: test-neutron-functional.yml
- include: test-calico-functional.yml
when:
- "{{ neutron_plugin_type == 'ml2.calico' }}"
vars_files:
- test-vars.yml

View File

@ -15,101 +15,114 @@
# Packages need to be installed outside
# of venv to be usable by Ansible
- name: Install testing pip packages
pip:
name: "{{ item }}"
with_items:
- python-neutronclient
- httplib2
- name: Check the neutron api
uri:
url: "http://localhost:9696"
status_code: 200
- name: Test neutron
hosts: neutron_all
user: root
gather_facts: true
tasks:
- name: Install testing pip packages
pip:
name: "{{ item }}"
with_items:
- python-neutronclient
- httplib2
# No assertion around this yet, just useful for debug purposes
# TODO(automagically) - Test for all expected agents and agent status
- name: Neutron agents status
shell: |
. /root/openrc
neutron agent-list
register: agent_list
- name: Check the neutron api
uri:
url: "http://localhost:9696"
status_code: 200
- name: Ensure that the DHCP agent is alive
shell: |
. /root/openrc
neutron agent-list | grep DHCP
register: neutron_dhcp_agent
until: neutron_dhcp_agent.stdout.find(':-)') != -1
when:
- groups['neutron_dhcp_agent'] | length > 0
retries: 5
delay: 10
# No assertion around this yet, just useful for debug purposes
# TODO(automagically) - Test for all expected agents and agent status
- name: Neutron agents status
shell: |
. /root/openrc
neutron agent-list
register: agent_list
- name: Create test network
neutron:
command: create_network
openrc_path: /root/openrc
net_name: test-network
- name: Ensure that the DHCP agent is alive
shell: |
. /root/openrc
neutron agent-list | grep DHCP
register: neutron_dhcp_agent
until: neutron_dhcp_agent.stdout.find(':-)') != -1
when:
- groups['neutron_dhcp_agent'] | length > 0
retries: 5
delay: 10
- name: Ensuring network is created correctly
shell: |
. /root/openrc
neutron net-list -c id -c name -f value | grep test-network
register: neutron_net_list
until: neutron_net_list.rc == 0
retries: 10
delay: 3
- name: Create test network
neutron:
command: create_network
openrc_path: /root/openrc
net_name: test-network
- name: Create test subnet
shell: |
. /root/openrc
neutron subnet-create --name test-subnet test-network 192.168.74.0/24
register: neutron_subnet_create
- name: Ensuring network is created correctly
shell: |
. /root/openrc
neutron net-list -c id -c name -f value | grep test-network
register: neutron_net_list
until: neutron_net_list.rc == 0
retries: 10
delay: 3
- name: Debug test subnet output
debug:
msg: "{{ neutron_subnet_create.stdout_lines }}"
- name: Create test subnet
shell: |
. /root/openrc
neutron subnet-create --name test-subnet test-network 192.168.74.0/24
register: neutron_subnet_create
- name: Ensuring subnet is created correctly
shell: |
. /root/openrc
neutron subnet-list -c id -c name -f value | grep test-subnet
register: neutron_subnet_list
until: neutron_subnet_list.rc == 0
retries: 10
delay: 3
- name: Debug test subnet output
debug:
msg: "{{ neutron_subnet_create.stdout_lines }}"
- name: Ensure the dhcp agent is on the net
shell: |
. /root/openrc
neutron dhcp-agent-list-hosting-net '{{ neutron_net_list.stdout_lines[0].split(' ')[0] }}' | grep ":-)"
register: neutron_dhcp_agent_list
until: neutron_dhcp_agent_list.rc == 0
retries: 10
delay: 3
- name: Ensuring subnet is created correctly
shell: |
. /root/openrc
neutron subnet-list -c id -c name -f value | grep test-subnet
register: neutron_subnet_list
until: neutron_subnet_list.rc == 0
retries: 10
delay: 3
- name: Check for dhcp network namespace
shell: ip netns ls
register: dhcp_namespace
- name: Ensure the dhcp agent is on the net
shell: |
. /root/openrc
neutron dhcp-agent-list-hosting-net '{{ neutron_net_list.stdout_lines[0].split(' ')[0] }}' | grep ":-)"
register: neutron_dhcp_agent_list
until: neutron_dhcp_agent_list.rc == 0
retries: 10
delay: 3
- name: List the namespaces
debug:
msg: "{{ dhcp_namespace }}"
- name: Check for dhcp network namespace
shell: ip netns ls
register: dhcp_namespace
- name: Make sure the dhcp namespace is present
assert:
that:
- "'qdhcp' in dhcp_namespace.stdout"
when:
- groups['neutron_dhcp_agent'] | length > 0
- name: List the namespaces
debug:
msg: "{{ dhcp_namespace }}"
- name: Check for iptables checksum rule
shell: |
ip netns exec {{ dhcp_namespace.stdout.split(' ')[0] }} iptables -C neutron-dhcp-age-POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM --checksum-fill
register: checksum_rule
until : checksum_rule.rc == 0
retries: 5
delay: 10
when:
- groups['neutron_linuxbridge_agent'] | length > 0
- name: Make sure the dhcp namespace is present
assert:
that:
- "'qdhcp' in dhcp_namespace.stdout"
when:
- groups['neutron_dhcp_agent'] | length > 0
- name: Check for iptables checksum rule
shell: |
ip netns exec {{ dhcp_namespace.stdout.split(' ')[0] }} iptables -C neutron-dhcp-age-POSTROUTING -t mangle -p udp --dport 68 -j CHECKSUM --checksum-fill
register: checksum_rule
until : checksum_rule.rc == 0
retries: 5
delay: 10
when:
- groups['neutron_linuxbridge_agent'] | length > 0
post_tasks:
- include: test-calico-functional.yml
when:
- "{{ neutron_plugin_type == 'ml2.calico' }}"
vars_files:
- playbooks/test-vars.yml

View File

@ -1,54 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create test containers
hosts: all_containers
connection: local
gather_facts: false
pre_tasks:
- name: Destroy test containers
lxc_container:
name: "{{ container_name }}"
state: "absent"
delegate_to: "{{ physical_host }}"
tags:
- container-destroy
- name: Destroy container service directories
file:
path: "{{ item }}"
state: "absent"
with_items:
- "/openstack/{{ container_name }}"
- "/openstack/backup/{{ container_name }}"
- "/openstack/log/{{ container_name }}"
- "/var/lib/lxc/{{ container_name }}"
- "{{ lxc_container_directory|default('/var/lib/lxc') }}/{{ container_name }}"
delegate_to: "{{ physical_host }}"
tags:
- container-directories
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1

View File

@ -1,46 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Perform basic LXC host setup
hosts: localhost
pre_tasks:
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
- name: Check if this is an OpenStack-CI nodepool instance
stat:
path: /etc/nodepool/provider
register: nodepool
- name: Set the files to copy into the container cache for OpenStack-CI instances
set_fact:
lxc_container_cache_files:
- { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
when: nodepool.stat.exists | bool
- name: Include OVS testing vars
include_vars: ovs_test_vars.yml
when:
- groups['neutron_openvswitch_agent'] | length > 0
roles:
- role: "openstack_hosts"
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.8,10.100.100.253
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }

View File

@ -1,33 +0,0 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTE: we use become_user because setting become: no or become: false
# doesn't seem to override the ansible_become=true in the
# inventory
- name: Create ssh key pairs for use with containers
hosts: localhost
become_user: "{{ ansible_ssh_user }}"
tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: get the calling users key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"

View File

@ -1,67 +0,0 @@
debug: true
external_lb_vip_address: 10.100.100.3
galera_client_drop_config_file: false
galera_client_drop_config_file: false
galera_root_password: secrete
internal_lb_vip_address: 10.100.100.3
keystone_admin_tenant_name: admin
keystone_admin_user_name: admin
keystone_auth_admin_password: SuperSecretePassword
keystone_container_mysql_password: SuperSecrete
keystone_developer_mode: true
keystone_galera_address: 10.100.100.2
keystone_galera_database: keystone
keystone_git_install_branch: master
keystone_rabbitmq_password: secrete
keystone_rabbitmq_port: "{{ rabbitmq_port }}"
keystone_rabbitmq_servers: "{{ rabbitmq_servers }}"
keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_requirements_git_install_branch: master
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
keystone_service_adminuri_insecure: false
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
keystone_service_internaluri_insecure: false
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_password: secrete
keystone_service_region: RegionOne
keystone_venv_tag: testing
memcached_encryption_key: secrete
memcached_servers: 127.0.0.1
neutron_container_mysql_password: SuperSecrete
neutron_developer_mode: true
neutron_galera_address: 10.100.100.2
neutron_galera_database: neutron
neutron_git_install_branch: master
neutron_ha_vrrp_auth_password: secrete
neutron_management_address: "{{ internal_lb_vip_address }}"
neutron_provider_networks:
network_types: "vxlan"
network_vxlan_ranges: "1:1000"
neutron_rabbitmq_password: secrete
neutron_rabbitmq_userid: neutron
neutron_rabbitmq_vhost: /neutron
neutron_rabbitmq_port: "{{ rabbitmq_port }}"
neutron_rabbitmq_servers: "{{ rabbitmq_servers }}"
neutron_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
neutron_requirements_git_install_branch: master
neutron_service_password: secrete
neutron_venv_tag: testing
nova_keystone_auth_plugin: password
nova_metadata_port: 8775
nova_metadata_proxy_secret: secrete
nova_service_adminurl: "http://{{ internal_lb_vip_address }}:8774"
nova_service_password: secrete
nova_service_project_domain_id: default
nova_service_project_name: service
nova_service_region: RegionOne
nova_service_user_domain_id: default
nova_service_user_name: nova
openrc_os_auth_url: "http://127.0.0.1:5000/v3"
openrc_os_domain_name: Default
openrc_os_password: "{{ keystone_auth_admin_password }}"
rabbitmq_port: 5672
rabbitmq_servers: 10.100.100.2
rabbitmq_use_ssl: False

View File

@ -13,20 +13,22 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# Prepare the user ssh keys
- include: test-prepare-keys.yml
# Prepare the host
- include: test-prepare-host.yml
# Prepare the containers
- include: test-prepare-containers.yml
# Setup the user ssh keys, host and containers
- include: playbooks/test-setup-host.yml
# Install RabbitMQ/MariaDB
- include: test-install-infra.yml
- include: playbooks/test-install-infra.yml
# Install etcd
- include: playbooks/test-install-etcd.yml
when:
- groups['neutron_calico_dhcp_agent'] | length > 0
# Install Keystone
- include: test-install-keystone.yml
- include: playbooks/test-install-keystone.yml
# Install Neutron
- include: test-install-neutron.yml
- include: playbooks/test-install-neutron.yml
# Run tests
- include: test-neutron-functional.yml

16
tox.ini
View File

@ -94,7 +94,7 @@ commands =
[testenv:ansible]
deps =
{[testenv]deps}
ansible==1.9.4
ansible==2.1.1
ansible-lint>=2.7.0,<3.0.0
setenv =
{[testenv]setenv}
@ -113,6 +113,7 @@ setenv =
# This is required as the default is '/etc/ansible/roles' or a path
# specified in ansible.cfg
ANSIBLE_ROLES_PATH = {homedir}/.ansible/roles:{toxinidir}/..
ANSIBLE_TRANSPORT = "ssh"
commands =
rm -rf {homedir}/.ansible/plugins
git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
@ -121,6 +122,9 @@ commands =
ansible-galaxy install \
--role-file={toxinidir}/tests/ansible-role-requirements.yml \
--force
rm -rf {toxinidir}/tests/playbooks
git clone https://git.openstack.org/openstack/openstack-ansible-tests \
{toxinidir}/tests/playbooks
[testenv:ansible-syntax]
@ -133,7 +137,7 @@ commands =
ansible-playbook -i {toxinidir}/tests/lxb_inventory \
--syntax-check \
--list-tasks \
-e "rolename={toxinidir}" \
-e "neutron_rolename={toxinidir}" \
{toxinidir}/tests/test.yml
@ -177,7 +181,7 @@ setenv =
commands =
{[testenv:ansible]commands}
ansible-playbook -i {toxinidir}/tests/lxb_inventory \
-e "rolename={toxinidir}" \
-e "neutron_rolename={toxinidir}" \
-e "install_test_packages=True" \
{toxinidir}/tests/test.yml -vvvv
{[testenv:func_logs]commands}
@ -199,7 +203,8 @@ setenv =
commands =
{[testenv:ansible]commands}
ansible-playbook -i {toxinidir}/tests/ovs_inventory \
-e "rolename={toxinidir}" \
-e @{toxinidir}/tests/neutron-overrides-ovs.yml \
-e "neutron_rolename={toxinidir}" \
-e "install_test_packages=True" \
{toxinidir}/tests/test.yml -vvvv
{[testenv:func_logs]commands}
@ -216,7 +221,8 @@ setenv =
commands =
{[testenv:ansible]commands}
ansible-playbook -i {toxinidir}/tests/calico_inventory \
-e "rolename={toxinidir}" \
-e @{toxinidir}/tests/neutron-overrides-calico.yml \
-e "neutron_rolename={toxinidir}" \
-e "install_test_packages=True" \
{toxinidir}/tests/test.yml -vvvv
{[testenv:func_logs]commands}