From 35d85e953fe5119a18c4b5dafe0b568fc5531c35 Mon Sep 17 00:00:00 2001 From: Andy McCrae Date: Fri, 16 Sep 2016 16:59:31 +0100 Subject: [PATCH] Use openstack-ansible-tests for os-nova role Move Nova to use the central testing repository. Incorporate the Ansible 2.1.1 changes with the move to central testing repository. Change-Id: I98ba72fee246a87faaf54fa33181e6be04a912cd --- .gitignore | 5 +- defaults/main.yml | 4 +- manual-test.rc | 33 ++++ run_tests.sh | 10 +- tests/group_vars/all_containers.yml | 1 - .../infra1.yml} | 14 +- tests/host_vars/localhost.yml | 11 ++ tests/host_vars/openstack1.yml | 5 + tests/inventory | 10 +- ...st-vars-lxd.yml => nova-overrides-lxd.yml} | 0 .../{iptables-clear.sh => nova-overrides.yml} | 18 +-- tests/test-install-glance.yml | 65 -------- tests/test-install-infra.yml | 32 ---- tests/test-install-keystone.yml | 65 -------- tests/test-install-neutron.yml | 118 -------------- tests/test-install-nova.yml | 114 -------------- tests/test-nova-functional.yml | 4 +- tests/test-nova-interfaces.cfg.j2 | 58 ------- tests/test-prepare-containers.yml | 31 ---- tests/test-prepare-host.yml | 93 ----------- tests/test-prepare-keys.yml | 33 ---- tests/test-vars.yml | 147 ------------------ tests/test.yml | 18 +-- tox.ini | 32 ++-- 24 files changed, 108 insertions(+), 813 deletions(-) create mode 100644 manual-test.rc rename tests/{test-install-tempest.yml => host_vars/infra1.yml} (73%) rename tests/{test-vars-lxd.yml => nova-overrides-lxd.yml} (100%) rename tests/{iptables-clear.sh => nova-overrides.yml} (66%) mode change 100755 => 100644 delete mode 100644 tests/test-install-glance.yml delete mode 100644 tests/test-install-infra.yml delete mode 100644 tests/test-install-keystone.yml delete mode 100644 tests/test-install-neutron.yml delete mode 100644 tests/test-install-nova.yml delete mode 100644 tests/test-nova-interfaces.cfg.j2 delete mode 100644 tests/test-prepare-containers.yml delete mode 100644 tests/test-prepare-host.yml delete mode 100644 tests/test-prepare-keys.yml delete mode 100644 tests/test-vars.yml diff --git a/.gitignore b/.gitignore index 0fd5a6b2..53a7668e 100644 --- a/.gitignore +++ b/.gitignore @@ -29,6 +29,7 @@ doc/build/ *.log *.sql *.sqlite +logs/* # OS generated files # ###################### @@ -61,6 +62,8 @@ releasenotes/build # Test temp files tests/plugins +tests/playbooks +tests/test.retry -# Files created by vagrant testing +# Vagrant artifacts .vagrant diff --git a/defaults/main.yml b/defaults/main.yml index b35913f2..16e8c4cb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -210,8 +210,8 @@ nova_novncproxy_proto: http nova_novncproxy_port: 6080 nova_novncproxy_base_uri: "{{ nova_novncproxy_proto }}://{{ external_lb_vip_address }}:{{ nova_novncproxy_port }}" nova_novncproxy_base_url: "{{ nova_novncproxy_base_uri }}/vnc_auto.html" -nova_novncproxy_vncserver_proxyclient_address: "{{ ansible_ssh_host }}" -nova_novncproxy_vncserver_listen: "{{ ansible_ssh_host }}" +nova_novncproxy_vncserver_proxyclient_address: "{{ ansible_host }}" +nova_novncproxy_vncserver_listen: "{{ ansible_host }}" nova_novncproxy_agent_enabled: True nova_novncproxy_program_name: nova-novncproxy nova_novncproxy_git_repo: https://github.com/kanaka/novnc diff --git a/manual-test.rc b/manual-test.rc new file mode 100644 index 00000000..f7e77710 --- /dev/null +++ b/manual-test.rc @@ -0,0 +1,33 @@ +export VIRTUAL_ENV=$(pwd) +export ANSIBLE_HOST_KEY_CHECKING=False +export ANSIBLE_SSH_CONTROL_PATH=/tmp/%%h-%%r + +# TODO (odyssey4me) These are only here as they are non-standard folder +# names for Ansible 1.9.x. We are using the standard folder names for +# Ansible v2.x. We can remove this when we move to Ansible 2.x. +export ANSIBLE_ACTION_PLUGINS=${HOME}/.ansible/plugins/action +export ANSIBLE_CALLBACK_PLUGINS=${HOME}/.ansible/plugins/callback +export ANSIBLE_FILTER_PLUGINS=${HOME}/.ansible/plugins/filter +export ANSIBLE_LOOKUP_PLUGINS=${HOME}/.ansible/plugins/lookup + +# This is required as the default is the current path or a path specified +# in ansible.cfg +export ANSIBLE_LIBRARY=${HOME}/.ansible/plugins/library + +# This is required as the default is '/etc/ansible/roles' or a path +# specified in ansible.cfg +export ANSIBLE_ROLES_PATH=${HOME}/.ansible/roles:$(pwd)/.. + +export ANSIBLE_SSH_ARGS="-o ControlMaster=no \ + -o UserKnownHostsFile=/dev/null \ + -o StrictHostKeyChecking=no \ + -o ServerAliveInterval=64 \ + -o ServerAliveCountMax=1024 \ + -o Compression=no \ + -o TCPKeepAlive=yes \ + -o VerifyHostKeyDNS=no \ + -o ForwardX11=no \ + -o ForwardAgent=yes" + +echo "Run manual functional tests by executing the following:" +echo "# ./.tox/functional/bin/ansible-playbook -i tests/inventory tests/test.yml -e \"rolename=$(pwd)\"" diff --git a/run_tests.sh b/run_tests.sh index 0a49aa3e..482a3894 100755 --- a/run_tests.sh +++ b/run_tests.sh @@ -24,23 +24,23 @@ if [ ! "$(which pip)" ]; then fi # Install bindep and tox -pip install bindep tox +sudo pip install bindep tox # CentOS 7 requires two additional packages: # redhat-lsb-core - for bindep profile support # epel-release - required to install python-ndg_httpsclient/python2-pyasn1 if [ "$(which yum)" ]; then - yum -y install redhat-lsb-core epel-release + sudo yum -y install redhat-lsb-core epel-release fi # Install OS packages using bindep if apt-get -v >/dev/null 2>&1 ; then - apt-get update + sudo apt-get update DEBIAN_FRONTEND=noninteractive \ - apt-get -q --option "Dpkg::Options::=--force-confold" \ + sudo apt-get -q --option "Dpkg::Options::=--force-confold" \ --assume-yes install `bindep -b -f bindep.txt test` else - yum install -y `bindep -b -f bindep.txt test` + sudo yum install -y `bindep -b -f bindep.txt test` fi # run through each tox env and execute the test diff --git a/tests/group_vars/all_containers.yml b/tests/group_vars/all_containers.yml index dcd8b8ba..2245b745 100644 --- a/tests/group_vars/all_containers.yml +++ b/tests/group_vars/all_containers.yml @@ -13,7 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -ansible_ssh_host: "{{ ansible_host }}" container_name: "{{ inventory_hostname }}" container_networks: management_address: diff --git a/tests/test-install-tempest.yml b/tests/host_vars/infra1.yml similarity index 73% rename from tests/test-install-tempest.yml rename to tests/host_vars/infra1.yml index 201755ee..15318d86 100644 --- a/tests/test-install-tempest.yml +++ b/tests/host_vars/infra1.yml @@ -1,5 +1,5 @@ --- -# Copyright 2015, Rackspace US, Inc. +# Copyright 2016, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,11 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Playbook for deploying tempest - hosts: openstack1 - user: root - gather_facts: true - roles: - - role: "os_tempest" - vars_files: - - test-vars.yml +ansible_host: 10.1.1.101 +ansible_become: True +ansible_user: root +tunnel_address: 10.1.2.101 diff --git a/tests/host_vars/localhost.yml b/tests/host_vars/localhost.yml index 3b7e6665..863f3083 100644 --- a/tests/host_vars/localhost.yml +++ b/tests/host_vars/localhost.yml @@ -17,3 +17,14 @@ neutron_provider_networks: network_types: "vxlan,flat" network_mappings: "flat:eth12" network_vxlan_ranges: "1:1000" +ansible_become: True +neutron_local_ip: 10.1.2.1 +ansible_python_interpreter: "/usr/bin/python2" +bridges: + - name: "br-mgmt" + ip_addr: "10.1.1.1" + - name: "br-vxlan" + ip_addr: "10.1.2.1" + - name: "br-vlan" + ip_addr: "10.1.3.1" + veth_peer: "eth12" diff --git a/tests/host_vars/openstack1.yml b/tests/host_vars/openstack1.yml index 3b7e6665..e08a3c7a 100644 --- a/tests/host_vars/openstack1.yml +++ b/tests/host_vars/openstack1.yml @@ -17,3 +17,8 @@ neutron_provider_networks: network_types: "vxlan,flat" network_mappings: "flat:eth12" network_vxlan_ranges: "1:1000" +ansible_host: 10.1.1.102 +ansible_become: True +ansible_user: root +tunnel_address: 10.1.2.102 +neutron_local_ip: 10.1.2.102 diff --git a/tests/inventory b/tests/inventory index 4872dd2e..b7e7e78a 100644 --- a/tests/inventory +++ b/tests/inventory @@ -1,7 +1,7 @@ [all] -localhost ansible_connection=local ansible_become=True neutron_local_ip=10.100.101.1 -infra1 ansible_host=10.100.102.101 ansible_become=True ansible_user=root tunnel_address=10.100.101.101 -openstack1 ansible_host=10.100.102.102 ansible_become=True ansible_user=root tunnel_address=10.100.101.102 neutron_local_ip=10.100.101.102 +localhost +infra1 +openstack1 [all_containers] infra1 @@ -13,9 +13,13 @@ infra1 [galera_all] infra1 +[memcached_all] +infra1 + [service_all:children] rabbitmq_all galera_all +memcached_all [keystone_all] openstack1 diff --git a/tests/test-vars-lxd.yml b/tests/nova-overrides-lxd.yml similarity index 100% rename from tests/test-vars-lxd.yml rename to tests/nova-overrides-lxd.yml diff --git a/tests/iptables-clear.sh b/tests/nova-overrides.yml old mode 100755 new mode 100644 similarity index 66% rename from tests/iptables-clear.sh rename to tests/nova-overrides.yml index eb782c52..098c98c9 --- a/tests/iptables-clear.sh +++ b/tests/nova-overrides.yml @@ -1,5 +1,4 @@ -#!/bin/bash -# +--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -13,14 +12,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# -iptables -F -iptables -X -iptables -t nat -F -iptables -t nat -X -iptables -t mangle -F -iptables -t mangle -X -iptables -P INPUT ACCEPT -iptables -P FORWARD ACCEPT -iptables -P OUTPUT ACCEPT +# This ensures that libvirt-python is built from source. A pre-built wheel +# can be missing libvirt capabilities from the installed version of +# libvirt-bin, leading to nova-compute failing to start. +# TODO(jmccrory) Revisit this at some point +pip_install_options: "--no-binary libvirt-python" diff --git a/tests/test-install-glance.yml b/tests/test-install-glance.yml deleted file mode 100644 index ac8899a3..00000000 --- a/tests/test-install-glance.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Playbook for deploying glance - hosts: glance_all - user: root - gather_facts: true - pre_tasks: - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ glance_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['glance_all'][0] - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ glance_rabbitmq_userid }}" - password: "{{ glance_rabbitmq_password }}" - vhost: "{{ glance_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['glance_all'][0] - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ glance_galera_database }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['glance_all'][0] - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ glance_galera_database }}" - password: "{{ glance_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ glance_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['glance_all'][0] - roles: - - role: "os_glance" - vars_files: - - test-vars.yml diff --git a/tests/test-install-infra.yml b/tests/test-install-infra.yml deleted file mode 100644 index 86e8625e..00000000 --- a/tests/test-install-infra.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Playbook for deploying infra services - hosts: service_all - user: root - gather_facts: true - roles: - - role: "rabbitmq_server" - rabbitmq_cookie_token: secrete - - role: "galera_server" - galera_root_password: secrete - galera_root_user: root - galera_innodb_buffer_pool_size: 512M - galera_innodb_log_buffer_size: 32M - galera_server_id: "{{ inventory_hostname | string_2_int }}" - galera_wsrep_node_name: "{{ inventory_hostname }}" - galera_wsrep_provider_options: - - { option: "gcache.size", value: "32M" } - galera_server_id: "{{ inventory_hostname | string_2_int }}" diff --git a/tests/test-install-keystone.yml b/tests/test-install-keystone.yml deleted file mode 100644 index ef35b81b..00000000 --- a/tests/test-install-keystone.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Playbook for deploying keystone - hosts: keystone_all - user: root - gather_facts: true - pre_tasks: - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ keystone_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['keystone_all'][0] - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ keystone_rabbitmq_userid }}" - password: "{{ keystone_rabbitmq_password }}" - vhost: "{{ keystone_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['keystone_all'][0] - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['keystone_all'][0] - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - password: "{{ keystone_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ keystone_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['keystone_all'][0] - roles: - - role: os_keystone - vars_files: - - test-vars.yml diff --git a/tests/test-install-neutron.yml b/tests/test-install-neutron.yml deleted file mode 100644 index 8750f74d..00000000 --- a/tests/test-install-neutron.yml +++ /dev/null @@ -1,118 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Make /lib/modules accessible on neutron_agent containers - hosts: neutron_agent - user: root - gather_facts: true - tasks: - - name: Use the unconfined aa profile - lxc_container: - name: "{{ container_name }}" - container_config: - - "lxc.aa_profile=unconfined" - delegate_to: "{{ physical_host }}" - - name: Neutron extra lxc config - lxc_container: - name: "{{ container_name }}" - container_command: | - [[ ! -d "/lib/modules" ]] && mkdir -p "/lib/modules" - container_config: - - "lxc.cgroup.devices.allow=a *:* rmw" - - "lxc.mount.entry=/lib/modules lib/modules none bind 0 0" - delegate_to: "{{ physical_host }}" - - name: Wait for ssh to be available - local_action: - module: wait_for - port: "{{ ansible_ssh_port | default('22') }}" - host: "{{ ansible_ssh_host | default(inventory_hostname) }}" - search_regex: OpenSSH - delay: 1 - - name: Add iptables rule for communication w/ metadata agent - command: /sbin/iptables -t mangle -A POSTROUTING -p tcp --sport 80 -j CHECKSUM --checksum-fill - -- name: Deploy neutron - hosts: neutron_all - user: root - gather_facts: true - pre_tasks: - # NOTE: These are typically installed in the repo server where we build the - # neutron wheel - - name: Install packages required to build neutron python package - apt: - name: "{{ item }}" - with_items: - - libffi-dev - when: inventory_hostname in groups['neutron_all'] - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ neutron_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['neutron_all'][0] - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ neutron_rabbitmq_userid }}" - password: "{{ neutron_rabbitmq_password }}" - vhost: "{{ neutron_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['neutron_all'][0] - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ neutron_galera_database }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['neutron_all'][0] - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ neutron_galera_database }}" - password: "{{ neutron_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ neutron_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['neutron_all'][0] - - name: Check if this is an OpenStack-CI nodepool instance - stat: - path: /etc/nodepool/provider - register: nodepool - delegate_to: localhost - - name: Determine the existing Ubuntu repo URL (only on OpenStack-CI) - shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' - register: ubuntu_repo_url - changed_when: false - when: nodepool.stat.exists | bool - delegate_to: localhost - - name: Set Ubuntu Cloud Archive repo URL based on discovered information - set_fact: - uca_apt_repo_url: "{{ ubuntu_repo_url.stdout | netorigin }}/ubuntu-cloud-archive" - when: nodepool.stat.exists | bool - roles: - - role: "os_neutron" - vars_files: - - test-vars.yml diff --git a/tests/test-install-nova.yml b/tests/test-install-nova.yml deleted file mode 100644 index 76e97999..00000000 --- a/tests/test-install-nova.yml +++ /dev/null @@ -1,114 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Playbook for deploying nova - hosts: nova_all - user: root - gather_facts: true - pre_tasks: - # NOTE: These are typically installed in the repo server where we build the - # nova wheel - - name: Install packages required to build nova python package - apt: - name: "{{ item }}" - with_items: - - libxml2-dev - - libxslt-dev - - libffi-dev - - pkg-config - - libvirt-dev - when: inventory_hostname in groups['nova_all'] - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ nova_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['nova_all'][0] - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ nova_rabbitmq_userid }}" - password: "{{ nova_rabbitmq_password }}" - vhost: "{{ nova_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['nova_all'][0] - - name: Create DB for service - mysql_db: - login_user: "{{ galera_root_user }}" - login_password: "{{ galera_root_password }}" - login_host: "{{ nova_galera_address }}" - name: "{{ nova_galera_database }}" - state: "present" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['nova_all'][0] - - name: Grant access to the DB for the service - mysql_user: - login_user: "{{ galera_root_user }}" - login_password: "{{ galera_root_password }}" - login_host: "{{ nova_galera_address }}" - name: "{{ nova_galera_database }}" - password: "{{ nova_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ nova_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.102.101" - when: inventory_hostname == groups['nova_all'][0] - - name: Create API DB for service - mysql_db: - login_user: "{{ galera_root_user }}" - login_password: "{{ galera_root_password }}" - login_host: "{{ nova_api_galera_address }}" - name: "{{ nova_api_galera_database }}" - state: "present" - when: inventory_hostname == groups['nova_all'][0] - - name: Grant access to the API DB for the service - mysql_user: - login_user: "{{ galera_root_user }}" - login_password: "{{ galera_root_password }}" - login_host: "{{ nova_api_galera_address }}" - name: "{{ nova_api_galera_user }}" - password: "{{ nova_api_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ nova_api_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - when: inventory_hostname == groups['nova_all'][0] - - name: Check if this is an OpenStack-CI nodepool instance - stat: - path: /etc/nodepool/provider - register: nodepool - delegate_to: localhost - - name: Determine the existing Ubuntu repo URL (only on OpenStack-CI) - shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' - register: ubuntu_repo_url - changed_when: false - when: nodepool.stat.exists | bool - delegate_to: localhost - - name: Set Ubuntu Cloud Archive repo URL based on discovered information - set_fact: - uca_apt_repo_url: "{{ ubuntu_repo_url.stdout | netorigin }}/ubuntu-cloud-archive" - when: nodepool.stat.exists | bool - roles: - - role: "{{ rolename | basename }}" - vars_files: - - test-vars.yml diff --git a/tests/test-nova-functional.yml b/tests/test-nova-functional.yml index ebaa9c1a..01bbf0cd 100644 --- a/tests/test-nova-functional.yml +++ b/tests/test-nova-functional.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Playbook for functional testing of nova - hosts: nova_api_os_compute + hosts: utility_all[0] user: root gather_facts: false tasks: @@ -27,4 +27,4 @@ retries: 3 delay: 5 vars_files: - - test-vars.yml + - playbooks/test-vars.yml diff --git a/tests/test-nova-interfaces.cfg.j2 b/tests/test-nova-interfaces.cfg.j2 deleted file mode 100644 index 5ab09f21..00000000 --- a/tests/test-nova-interfaces.cfg.j2 +++ /dev/null @@ -1,58 +0,0 @@ -## The default networking requires several bridges. These bridges were named to be informative -## however they can be named what ever you like and is adaptable to any network infrastructure -## environment. This file serves as an example of how to setup basic networking and was ONLY -## built for the purpose of being an example and used expressly in the building of an ALL IN -## ONE development environment. - -auto br-mgmt -iface br-mgmt inet static - bridge_stp off - bridge_waitport 0 - bridge_fd 0 - # Notice the bridge port is the vlan tagged interface - bridge_ports none - address 10.100.102.1 - netmask 255.255.255.0 - offload-sg off - -auto br-vxlan -iface br-vxlan inet static - bridge_stp off - bridge_waitport 0 - bridge_fd 0 - bridge_ports none - address 10.100.101.1 - netmask 255.255.255.0 - offload-sg off - # To ensure ssh checksum is correct - up /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill - down /sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill - # To provide internet connectivity to instances - up /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE - down /sbin/iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE - -auto br-vlan -iface br-vlan inet static - bridge_stp off - bridge_waitport 0 - bridge_fd 0 - address 10.1.13.200 - netmask 255.255.254.0 - offload-sg off - # Create veth pair, don't bomb if already exists - pre-up ip link add br-vlan-veth type veth peer name eth12 || true - # Set both ends UP - pre-up ip link set br-vlan-veth up - pre-up ip link set eth12 up - # Delete veth pair on DOWN - post-down ip link del br-vlan-veth || true - bridge_ports br-vlan-veth - -# Add an additional address to br-vlan -iface br-vlan inet static - # Flat network default gateway - # -- This needs to exist somewhere for network reachability - # -- from the router namespace for floating IP paths. - # -- Putting this here is primarily for tempest to work. - address 10.1.13.1 - netmask 255.255.255.0 diff --git a/tests/test-prepare-containers.yml b/tests/test-prepare-containers.yml deleted file mode 100644 index f85472e4..00000000 --- a/tests/test-prepare-containers.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Playbook for creating containers - hosts: all_containers - gather_facts: false - roles: - - role: "lxc_container_create" - lxc_container_backing_store: dir - global_environment_variables: - PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - post_tasks: - - name: Wait for ssh to be available - local_action: - module: wait_for - port: "{{ ansible_ssh_port | default('22') }}" - host: "{{ ansible_ssh_host | default(inventory_hostname) }}" - search_regex: OpenSSH - delay: 1 diff --git a/tests/test-prepare-host.yml b/tests/test-prepare-host.yml deleted file mode 100644 index 223a1287..00000000 --- a/tests/test-prepare-host.yml +++ /dev/null @@ -1,93 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- name: Playbook for configuring the LXC host - hosts: localhost - pre_tasks: - - name: Clear iptables rules - shell: ./iptables-clear.sh - # Make sure OS does not have a stale package cache. - - name: Update apt cache - apt: - update_cache: yes - when: ansible_os_family == 'Debian' - - name: Ensure root's new public ssh key is in authorized_keys - authorized_key: - user: root - key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" - manage_dir: no - - set_fact: - lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" - - name: Check if this is an OpenStack-CI nodepool instance - stat: - path: /etc/nodepool/provider - register: nodepool - - name: Set the files to copy into the container cache for OpenStack-CI instances - set_fact: - lxc_container_cache_files: - - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } - when: nodepool.stat.exists | bool - post_tasks: - - name: Ensure that /etc/network/interfaces.d/ exists - file: - path: /etc/network/interfaces.d/ - state: directory - tags: - - networking-dir-create - - - name: Copy network configuration - template: - src: test-nova-interfaces.cfg.j2 - dest: /etc/network/interfaces.d/nova_interfaces.cfg - register: nova_interfaces - tags: - - networking-interfaces-file - - - name: Ensure our interfaces.d configuration files are loaded automatically - lineinfile: - dest: /etc/network/interfaces - line: "source /etc/network/interfaces.d/*.cfg" - tags: - - networking-interfaces-load - - - name: Shut down the network interfaces - command: "ifdown {{ item }}" - when: nova_interfaces | changed - with_items: - - br-mgmt - - br-vlan - - br-vxlan - tags: - - networking-interfaces-stop - - - name: Start the network interfaces - command: "ifup {{ item }}" - when: nova_interfaces | changed - with_items: - - br-mgmt - - br-vlan - - br-vxlan - tags: - - networking-interfaces-start - - name: Add iptables rules for lxc natting - command: /usr/local/bin/lxc-system-manage iptables-create - roles: - - role: "lxc_hosts" - lxc_net_address: 10.100.100.1 - lxc_net_netmask: 255.255.255.0 - lxc_net_dhcp_range: 10.100.100.2,10.100.100.99 - lxc_net_bridge: lxcbr0 - lxc_kernel_options: - - { key: 'fs.inotify.max_user_instances', value: 1024 } diff --git a/tests/test-prepare-keys.yml b/tests/test-prepare-keys.yml deleted file mode 100644 index a4fad4f5..00000000 --- a/tests/test-prepare-keys.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# NOTE: we use become_user because setting become: no or become: false -# doesn't seem to override the ansible_become=true in the -# inventory -- name: Playbook for establishing ssh keys - hosts: localhost - become_user: "{{ ansible_ssh_user }}" - pre_tasks: - - name: Create ssh key pair for root - user: - name: "{{ ansible_ssh_user }}" - generate_ssh_key: "yes" - ssh_key_bits: 2048 - ssh_key_file: ".ssh/id_rsa" - - name: Get the calling user's key - command: cat ~/.ssh/id_rsa.pub - register: key_get - - set_fact: - lxc_container_ssh_key: "{{ key_get.stdout }}" diff --git a/tests/test-vars.yml b/tests/test-vars.yml deleted file mode 100644 index 762aca87..00000000 --- a/tests/test-vars.yml +++ /dev/null @@ -1,147 +0,0 @@ ---- -# Copyright 2015, Rackspace US, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -cinder_backends_rbd_inuse: false -cinder_ceph_client: cinder -debug: true -external_lb_vip_address: 10.100.102.102 -galera_client_drop_config_file: false -galera_root_user: root -galera_root_password: secrete -glance_container_mysql_password: "SuperSecrete" -glance_developer_mode: true -glance_galera_address: 10.100.102.101 -glance_galera_database: glance -glance_git_install_branch: master -glance_host: "{{ internal_lb_vip_address }}" -glance_profiler_hmac_key: "secrete" -glance_rabbitmq_port: "{{ rabbitmq_port }}" -glance_rabbitmq_servers: "{{ rabbitmq_servers }}" -glance_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -glance_rabbitmq_password: "secrete" -glance_rabbitmq_userid: glance -glance_rabbitmq_vhost: /glance -glance_requirements_git_install_branch: master -glance_service_password: "secrete" -glance_service_port: 9292 -glance_venv_tag: "testing" -internal_lb_vip_address: 10.100.102.102 -keystone_admin_tenant_name: admin -keystone_admin_user_name: admin -keystone_auth_admin_password: SuperSecretePassword -keystone_container_mysql_password: "SuperSecrete" -keystone_developer_mode: true -keystone_galera_address: 10.100.102.101 -keystone_galera_database: keystone -keystone_git_install_branch: master -keystone_rabbitmq_password: "secrete" -keystone_rabbitmq_port: "{{ rabbitmq_port }}" -keystone_rabbitmq_servers: "{{ rabbitmq_servers }}" -keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -keystone_rabbitmq_userid: keystone -keystone_rabbitmq_vhost: /keystone -keystone_requirements_git_install_branch: master -keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" -keystone_service_adminuri_insecure: false -keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" -keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" -keystone_service_internaluri_insecure: false -keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" -keystone_service_password: "secrete" -keystone_service_region: RegionOne -keystone_venv_tag: "testing" -lxd_trust_password: "SuperSecrete" -memcached_encryption_key: "secrete" -memcached_servers: 127.0.0.1 -neutron_container_mysql_password: SuperSecrete -neutron_developer_mode: true -neutron_galera_address: 10.100.102.101 -neutron_galera_database: neutron -neutron_git_install_branch: master -neutron_ha_vrrp_auth_password: secrete -neutron_management_address: "{{ internal_lb_vip_address }}" -neutron_rabbitmq_port: "{{ rabbitmq_port }}" -neutron_rabbitmq_servers: "{{ rabbitmq_servers }}" -neutron_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -neutron_rabbitmq_password: secrete -neutron_rabbitmq_userid: neutron -neutron_rabbitmq_vhost: /neutron -neutron_requirements_git_install_branch: master -neutron_service_adminurl: http://{{ internal_lb_vip_address }}:9696 -neutron_service_password: "secrete" -neutron_service_project_name: service -neutron_service_region: RegionOne -neutron_service_user_name: neutron -neutron_venv_tag: testing -nova_api_container_mysql_password: "SuperSecrete" -nova_api_galera_address: 10.100.102.101 -nova_api_galera_database: nova_api -nova_api_galera_user: nova_api -nova_container_mysql_password: "SuperSecrete" -nova_developer_mode: true -nova_galera_address: 10.100.102.101 -nova_galera_database: nova -nova_git_install_branch: master -nova_glance_api_servers: "http://{{ glance_host }}:{{ glance_service_port }}" -nova_keystone_auth_plugin: password -nova_management_address: "10.100.102.1" -nova_metadata_port: 8775 -nova_metadata_proxy_secret: "secrete" -nova_novncproxy_vncserver_listen: localhost -nova_novncproxy_vncserver_proxyclient_address: localhost -nova_rabbitmq_port: "{{ rabbitmq_port }}" -nova_rabbitmq_servers: "{{ rabbitmq_servers }}" -nova_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" -nova_rabbitmq_password: "secrete" -nova_rabbitmq_userid: nova -nova_rabbitmq_vhost: /nova -nova_requirements_git_install_branch: master -nova_service_adminurl: "http://{{ internal_lb_vip_address }}:8774" -nova_service_password: "secrete" -nova_service_project_domain_id: default -nova_service_project_name: service -nova_service_region: RegionOne -nova_service_user_domain_id: default -nova_service_user_name: nova -nova_bin: "/openstack/venvs/nova-{{ nova_venv_tag }}/bin" -nova_venv_tag: "testing" -openrc_os_auth_url: "http://127.0.0.1:5000/v3" -openrc_os_domain_name: "Default" -openrc_os_password: "{{ keystone_auth_admin_password }}" -# This ensures that libvirt-python is built from source. A pre-built wheel -# can be missing libvirt capabilities from the installed version of -# libvirt-bin, leading to nova-compute failing to start. -# TODO(jmccrory) Revisit this at some point -pip_install_options: "--no-binary libvirt-python" -rabbitmq_port: 5672 -rabbitmq_servers: 10.100.102.101 -rabbitmq_use_ssl: False -tempest_developer_mode: True -tempest_git_install_branch: master -tempest_venv_tag: "{{ tempest_git_install_branch }}" -# tempest_venv_bin is the same as the default in os_tempest role, but we set -# it again here so we can refer to it in test-nova-functional.yml -tempest_venv_bin: "/opt/tempest_{{ tempest_venv_tag }}/bin" -tempest_log_dir: "/var/log/" -tempest_main_group: glance_all -tempest_service_available_aodh: False -tempest_service_available_ceilometer: False -tempest_service_available_cinder: False -tempest_service_available_glance: True -tempest_service_available_heat: False -tempest_service_available_horizon: False -tempest_service_available_neutron: True -tempest_service_available_nova: True -tempest_service_available_swift: False diff --git a/tests/test.yml b/tests/test.yml index 65422bc5..f7aaf32b 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -14,31 +14,31 @@ # limitations under the License. # Prepare the user ssh keys -- include: test-prepare-keys.yml +- include: playbooks/test-prepare-keys.yml # Prepare the host -- include: test-prepare-host.yml +- include: playbooks/test-prepare-host.yml # Prepare the containers -- include: test-prepare-containers.yml +- include: playbooks/test-prepare-containers.yml # Install RabbitMQ/MariaDB -- include: test-install-infra.yml +- include: playbooks/test-install-infra.yml # Install Keystone -- include: test-install-keystone.yml +- include: playbooks/test-install-keystone.yml # Install Glance -- include: test-install-glance.yml +- include: playbooks/test-install-glance.yml # Install Neutron -- include: test-install-neutron.yml +- include: playbooks/test-install-neutron.yml # Install Nova -- include: test-install-nova.yml +- include: playbooks/test-install-nova.yml # Install Tempest -- include: test-install-tempest.yml +- include: playbooks/test-install-tempest.yml # Test Nova - include: test-nova-functional.yml diff --git a/tox.ini b/tox.ini index 4e73a590..f0033acd 100644 --- a/tox.ini +++ b/tox.ini @@ -87,7 +87,7 @@ commands = [testenv:ansible] deps = {[testenv]deps} - ansible==1.9.4 + ansible==2.1.1 ansible-lint>=2.7.0,<3.0.0 setenv = {[testenv]setenv} @@ -106,6 +106,7 @@ setenv = # This is required as the default is '/etc/ansible/roles' or a path # specified in ansible.cfg ANSIBLE_ROLES_PATH = {homedir}/.ansible/roles:{toxinidir}/.. + ANSIBLE_TRANSPORT = "ssh" commands = rm -rf {homedir}/.ansible/plugins git clone https://git.openstack.org/openstack/openstack-ansible-plugins \ @@ -114,6 +115,9 @@ commands = ansible-galaxy install \ --role-file={toxinidir}/tests/ansible-role-requirements.yml \ --force + rm -rf {toxinidir}/tests/playbooks + git clone https://git.openstack.org/openstack/openstack-ansible-tests \ + {toxinidir}/tests/playbooks [testenv:ansible-syntax] @@ -126,7 +130,7 @@ commands = ansible-playbook -i {toxinidir}/tests/inventory \ --syntax-check \ --list-tasks \ - -e "rolename={toxinidir}" \ + -e "nova_rolename={toxinidir}" \ {toxinidir}/tests/test.yml @@ -172,7 +176,8 @@ setenv = commands = {[testenv:ansible]commands} ansible-playbook -i {toxinidir}/tests/inventory \ - -e "rolename={toxinidir}" \ + -e @{toxinidir}/tests/nova-overrides.yml \ + -e "nova_rolename={toxinidir}" \ -e "install_test_packages=True" \ {toxinidir}/tests/test.yml -vvvv {[testenv:func_logs]commands} @@ -186,19 +191,20 @@ commands = ignore_errors = True # NOTE(michaelgugino): this target tests nova with lxd install_command = - {[testenv:func_base]install_command} + {[testenv:func_base]install_command} deps = - {[testenv:ansible]deps} + {[testenv:ansible]deps} setenv = - {[testenv:ansible]setenv} + {[testenv:ansible]setenv} commands = - {[testenv:ansible]commands} - ansible-playbook -i {toxinidir}/tests/inventory \ - -e @{toxinidir}/tests/test-vars-lxd.yml \ - -e "rolename={toxinidir}" \ - -e "install_test_packages=True" \ - {toxinidir}/tests/test.yml -vvvv - {[testenv:func_logs]commands} + {[testenv:ansible]commands} + ansible-playbook -i {toxinidir}/tests/inventory \ + -e @{toxinidir}/tests/nova-overrides.yml \ + -e @{toxinidir}/tests/nova-overrides-lxd.yml \ + -e "nova_rolename={toxinidir}" \ + -e "install_test_packages=True" \ + {toxinidir}/tests/test.yml -vvvv + {[testenv:func_logs]commands} [testenv:linters]