Standardise nova functional tests and add actual tests

This commit breaks out the tests/test.yml file into sub task files and
deploys all the necessary components (keystone, glance, neutron) to
boot nova instances.  The functional test validates a few nova ports
and then proceeds to creating to a glance image and neutron network
bits before spinning up an instance.

Additionally, this change does the following:

- fully defines the inventory rather than having test-prepare-host.yml
  add containers to it
- removes installation of lxc_python2 library, since this is no longer
  necessary
- updates test-prepare-keys.yml to use localhost instead of 127.0.0.1,
  uses become_user=jenkins instead of become=false, and removes
  redundant connection
- updates test-prepare-host.yml by removing redundant become and
  connection options, changes 127.0.0.1 to localhost, and removes
  mocking ansible_env
- groups vars in defined in each individual file into a single
  test-vars.yml file

Change-Id: I80b1923cbf5c4375d2fb71bc71c326d43f1443b4
This commit is contained in:
Matt Thompson 2016-03-29 12:02:56 +01:00
parent 0ac4969334
commit 39505d2b8e
16 changed files with 839 additions and 304 deletions

View File

@ -59,7 +59,7 @@
with_items: nova_compute_pip_packages
when:
- nova_venv_enabled | bool
- nova_get_venv | failed
- nova_get_venv | failed or nova_developer_mode | bool
tags:
- nova-install
- nova-pip-packages

View File

@ -75,7 +75,7 @@
with_items: nova_novnc_pip_packages
when:
- nova_venv_enabled | bool
- nova_get_venv | failed
- nova_get_venv | failed or nova_developer_mode | bool
tags:
- nova-install
- nova-pip-packages

View File

@ -46,6 +46,14 @@
src: https://git.openstack.org/openstack/openstack-ansible-os_keystone
scm: git
version: master
- name: os_glance
src: https://git.openstack.org/openstack/openstack-ansible-os_glance
scm: git
version: master
- name: os_neutron
src: https://git.openstack.org/openstack/openstack-ansible-os_neutron
scm: git
version: master
- name: openstack_openrc
src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc
scm: git

View File

@ -0,0 +1,27 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_ssh_host: "{{ ansible_host }}"
container_name: "{{ inventory_hostname }}"
container_networks:
management_address:
address: "{{ ansible_host }}"
bridge: "lxcbr0"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
physical_host: localhost
properties:
service_name: "{{ inventory_hostname }}"

View File

@ -1,2 +1,96 @@
[all]
localhost ansible_connection=local ansible_become=True
infra1 ansible_host=10.100.100.101 ansible_become=True ansible_user=root
openstack1 ansible_host=10.100.100.102 ansible_become=True ansible_user=root
[all_containers]
infra1
openstack1
[rabbitmq_all]
infra1
[galera_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
[keystone_all]
openstack1
[glance_api]
openstack1
[glance_registry]
openstack1
[glance_all:children]
glance_api
glance_registry
[neutron_agent]
openstack1
[neutron_dhcp_agent]
openstack1
[neutron_linuxbridge_agent]
openstack1
localhost
[neutron_metering_agent]
openstack1
[neutron_l3_agent]
openstack1
[neutron_lbaas_agent]
openstack1
[neutron_metadata_agent]
openstack1
[neutron_server]
openstack1
[neutron_all:children]
neutron_agent
neutron_dhcp_agent
neutron_linuxbridge_agent
neutron_metering_agent
neutron_l3_agent
neutron_lbaas_agent
neutron_metadata_agent
neutron_server
[nova_api_metadata]
openstack1
[nova_api_os_compute]
openstack1
[nova_cert]
openstack1
[nova_compute]
localhost
[nova_conductor]
openstack1
[nova_console]
openstack1
[nova_scheduler]
openstack1
[nova_all:children]
nova_api_metadata
nova_api_os_compute
nova_cert
nova_compute
nova_conductor
nova_console
nova_scheduler

View File

@ -0,0 +1,65 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying glance
hosts: glance_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ glance_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['glance_all'][0]
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ glance_rabbitmq_userid }}"
password: "{{ glance_rabbitmq_password }}"
vhost: "{{ glance_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['glance_all'][0]
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ glance_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['glance_all'][0]
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ glance_galera_database }}"
password: "{{ glance_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ glance_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['glance_all'][0]
roles:
- role: "os_glance"
vars_files:
- test-vars.yml

View File

@ -0,0 +1,32 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying infra services
hosts: service_all
user: root
gather_facts: true
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"

View File

@ -0,0 +1,75 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- mysql-db-setup
roles:
- role: os_keystone
vars_files:
- test-vars.yml

View File

@ -0,0 +1,75 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy neutron
hosts: neutron_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ neutron_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- neutron-rabbitmq
- neutron-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ neutron_rabbitmq_userid }}"
password: "{{ neutron_rabbitmq_password }}"
vhost: "{{ neutron_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- neutron-rabbitmq
- neutron-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ neutron_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ neutron_galera_database }}"
password: "{{ neutron_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ neutron_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['neutron_all'][0]
tags:
- mysql-db-setup
roles:
- role: "os_neutron"
vars_files:
- test-vars.yml

View File

@ -0,0 +1,87 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying nova
hosts: nova_all
user: root
gather_facts: true
pre_tasks:
# NOTE: These are typically installed in the repo server where we build the
# nova wheel
- name: Install packages required to build nova python package
apt:
name: "{{ item }}"
with_items:
- libxml2-dev
- libxslt-dev
- libffi-dev
- pkg-config
- libvirt-dev
when: inventory_hostname in groups['nova_compute']
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ nova_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ nova_rabbitmq_userid }}"
password: "{{ nova_rabbitmq_password }}"
vhost: "{{ nova_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ nova_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ nova_galera_database }}"
password: "{{ nova_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ nova_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- mysql-db-setup
roles:
- role: "{{ rolename | basename }}"
vars_files:
- test-vars.yml

View File

@ -0,0 +1,111 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for functional testing of nova
hosts: nova_api_os_compute
user: root
gather_facts: false
tasks:
- name: Check the nova-api-os-compute service
uri:
url: "http://localhost:8774"
status_code: 200
register: nova_api_os_compute_status
until: nova_api_os_compute_status | success
retries: 5
delay: 5
- name: Check the nova-api-metadata service
uri:
url: "http://localhost:8775"
status_code: 200
register: nova_api_metadata_status
until: nova_api_metadata_status | success
retries: 5
delay: 5
- name: Check the nova-spicehtml5proxy service
uri:
url: "http://localhost:6082/spice_auto.html"
status_code: 200
register: nova_spice_status
until: nova_spice_status | success
retries: 5
delay: 5
- name: Install testing pip packages
pip:
name: "{{ item }}"
with_items:
- python-glanceclient
- python-neutronclient
- name: Set glance_image_name fact
set_fact:
glance_image_name: "functional-image-{{ 100|random }}"
- name: Set nova_instance_name fact
set_fact:
nova_instance_name: "functional-instance-{{ 100|random }}"
- name: Set neutron_net_name fact
set_fact:
neutron_net_name: "functional-net-{{ 100|random }}"
- name: Set neutron_subnet_name fact
set_fact:
neutron_subnet_name: "functional-subnet-{{ 100|random }}"
- name: Upload the Cirros image
glance:
command: 'image-create'
openrc_path: /root/openrc
image_name: "{{ glance_image_name }}"
image_url: "http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-uec.tar.gz"
image_container_format: bare
image_disk_format: qcow2
image_is_public: True
register: cirros_image_create
until: cirros_image_create | success
retries: 5
delay: 15
# NOTE: We need to ensure the image goes active before we attempt to boot
# from it below
- name: Verify image goes active
shell: |
. /root/openrc
{{ nova_venv_bin }}/glance image-show {{ glance_images[glance_image_name]['id'] }} | grep active
register: image_status
until: image_status|success
retries: 5
delay: 5
- name: Create test network
neutron:
command: create_network
openrc_path: /root/openrc
net_name: "{{ neutron_net_name }}"
- name: Create test subnet
neutron:
command: create_subnet
openrc_path: /root/openrc
net_name: "{{ neutron_net_name }}"
subnet_name: "{{ neutron_subnet_name }}"
cidr: "192.168.74.0/24"
- name: Create nova instance
shell: |
. /root/openrc
{{ nova_venv_bin }}/nova boot --image {{ glance_image_name }} --flavor 1 --nic net-id={{ neutron_networks[neutron_net_name]['id'] }} {{ nova_instance_name }}
- name: Verify nova instance goes active
shell: |
. /root/openrc
{{ nova_venv_bin }}/nova show {{ nova_instance_name }} | grep ACTIVE
register: instance_status
until: instance_status|success
retries: 5
delay: 5
vars_files:
- test-vars.yml

View File

@ -0,0 +1,33 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for creating containers
hosts: all_containers
connection: local
gather_facts: false
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1

View File

@ -0,0 +1,60 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for configuring the LXC host
hosts: localhost
pre_tasks:
# Make sure OS does not have a stale package cache.
- name: Update apt cache
apt:
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
- name: Check if this is an OpenStack-CI nodepool instance
stat:
path: /etc/nodepool/provider
register: nodepool
- name: Set the files to copy into the container cache for OpenStack-CI instances
set_fact:
lxc_container_cache_files:
- { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
- { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' }
when: nodepool.stat.exists | bool
- name: Determine the existing Ubuntu repo configuration
shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list'
register: ubuntu_repo
changed_when: false
- name: Set apt repo facts based on discovered information
set_fact:
lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}"
lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}"
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.2,10.100.100.99
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
lxc_container_caches:
- url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
name: "trusty.tgz"
sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
chroot_path: trusty/rootfs-amd64

View File

@ -0,0 +1,33 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTE: we use become_user because setting become: no or become: false
# doesn't seem to override the ansible_become=true in the
# inventory
- name: Playbook for establishing ssh keys
hosts: localhost
become_user: "{{ ansible_ssh_user }}"
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: Get the calling user's key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"

116
tests/test-vars.yml Normal file
View File

@ -0,0 +1,116 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
cinder_backends_rbd_inuse: false
cinder_ceph_client: cinder
debug: true
external_lb_vip_address: 10.100.100.102
galera_client_drop_config_file: false
galera_root_password: secrete
glance_container_mysql_password: "SuperSecrete"
glance_developer_mode: true
glance_galera_address: 10.100.100.101
glance_galera_database: glance
glance_git_install_branch: stable/mitaka
glance_host: "{{ internal_lb_vip_address }}"
glance_profiler_hmac_key: "secrete"
glance_rabbitmq_password: "secrete"
glance_rabbitmq_userid: glance
glance_rabbitmq_vhost: /glance
glance_requirements_git_install_branch: stable/mitaka
glance_service_password: "secrete"
glance_service_port: 9292
glance_venv_tag: "testing"
internal_lb_vip_address: 10.100.100.102
keystone_admin_tenant_name: admin
keystone_admin_user_name: admin
keystone_auth_admin_password: SuperSecretePassword
keystone_container_mysql_password: "SuperSecrete"
keystone_developer_mode: true
keystone_galera_address: 10.100.100.101
keystone_galera_database: keystone
keystone_git_install_branch: stable/mitaka
keystone_rabbitmq_password: "secrete"
keystone_rabbitmq_port: 5671
keystone_rabbitmq_servers: 10.100.100.101
keystone_rabbitmq_use_ssl: false
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_requirements_git_install_branch: stable/mitaka
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
keystone_service_adminuri_insecure: false
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
keystone_service_internaluri_insecure: false
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_password: "secrete"
keystone_service_region: RegionOne
keystone_venv_tag: "testing"
memcached_encryption_key: "secrete"
memcached_servers: 127.0.0.1
neutron_container_mysql_password: SuperSecrete
neutron_developer_mode: true
neutron_galera_address: 10.100.100.101
neutron_galera_database: neutron
neutron_git_install_branch: stable/mitaka
neutron_ha_vrrp_auth_password: secrete
neutron_management_address: "{{ internal_lb_vip_address }}"
neutron_provider_networks:
network_types: "vxlan"
network_vxlan_ranges: "1:1000"
neutron_rabbitmq_password: secrete
neutron_rabbitmq_userid: neutron
neutron_rabbitmq_vhost: /neutron
neutron_requirements_git_install_branch: stable/mitaka
neutron_service_adminurl: http://{{ internal_lb_vip_address }}:9696
neutron_service_password: "secrete"
neutron_service_project_name: service
neutron_service_region: RegionOne
neutron_service_user_name: neutron
neutron_venv_tag: testing
nova_api_container_mysql_password: "SuperSecrete"
nova_api_galera_address: 10.100.100.101
nova_container_mysql_password: "SuperSecrete"
nova_developer_mode: true
nova_galera_address: 10.100.100.101
nova_galera_database: nova
nova_git_install_branch: stable/mitaka
nova_keystone_auth_plugin: password
nova_management_address: "10.100.100.1"
nova_metadata_port: 8775
nova_metadata_proxy_secret: "secrete"
nova_novncproxy_vncserver_listen: localhost
nova_novncproxy_vncserver_proxyclient_address: localhost
nova_rabbitmq_password: "secrete"
nova_rabbitmq_userid: nova
nova_rabbitmq_vhost: /nova
nova_requirements_git_install_branch: stable/mitaka
nova_service_adminurl: "http://{{ internal_lb_vip_address }}:8774"
nova_service_password: "secrete"
nova_service_project_domain_id: default
nova_service_project_name: service
nova_service_region: RegionOne
nova_service_user_domain_id: default
nova_service_user_name: nova
nova_venv_bin: "/openstack/venvs/nova-{{ nova_venv_tag }}/bin"
nova_venv_tag: "testing"
nova_virt_type: qemu
openrc_os_auth_url: "http://127.0.0.1:5000/v3"
openrc_os_domain_name: "Default"
openrc_os_password: "{{ keystone_auth_admin_password }}"
rabbitmq_port: 5671
rabbitmq_servers: 10.100.100.101
rabbitmq_use_ssl: true
verbose: true

View File

@ -13,310 +13,29 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for establish ssh keys
hosts: 127.0.0.1
connection: local
become: false
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: Get the calling user's key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"
# Prepare the user ssh keys
- include: test-prepare-keys.yml
- name: Playbook for configuring the LXC host
hosts: localhost
connection: local
become: yes
pre_tasks:
# Make sure OS does not have a stale package cache.
- name: Update apt cache
apt:
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.2,10.100.100.99
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
lxc_container_caches:
- url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
name: "trusty.tgz"
sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
chroot_path: trusty/rootfs-amd64
# The $HOME directory is mocked to work with tox
# by defining the 'ansible_env' hash. This should
# NEVER be done outside of testing.
ansible_env: ## NEVER DO THIS OUTSIDE OF TESTING
HOME: "/tmp"
- role: "py_from_git"
git_repo: "https://github.com/lxc/python2-lxc"
git_dest: "/opt/lxc_python2"
git_install_branch: "master"
post_tasks:
# THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A
# HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV.
- name: Ensure the lxc lib is on the host
command: /usr/local/bin/pip install /opt/lxc_python2
# Inventory is being pre-loaded using a post tasks instead of through a dynamic
# inventory system. While this is not a usual method for deployment it's being
# done for functional testing.
- name: Create container hosts
add_host:
groups: "{{ item.groups }}"
hostname: "{{ item.name }}"
inventory_hostname: "{{ item.name }}"
ansible_ssh_host: "{{ item.address }}"
ansible_become: true
properties:
service_name: "{{ item.service }}"
container_networks:
management_address:
address: "{{ item.address }}"
bridge: "lxcbr0"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
physical_host: localhost
container_name: "{{ item.name }}"
with_items:
- { name: "infra1", service: "infra1", address: "10.100.100.101", groups: "all,all_containers,rabbitmq_all,galera_all,service_all" }
- { name: "openstack1", service: "openstack1", address: "10.100.100.102", groups: "all,all_containers,keystone_all,nova_api_metadata,nova_api_os_compute,nova_cert,nova_compute,nova_conductor,nova_console,nova_scheduler,nova_all" }
# Prepare the host
- include: test-prepare-host.yml
- name: Playbook for creating containers
hosts: all_containers
connection: local
gather_facts: false
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1
# Prepare the containers
- include: test-prepare-containers.yml
- name: Playbook for deploying infra services
hosts: service_all
user: root
gather_facts: true
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"
# Install RabbitMQ/MariaDB
- include: test-install-infra.yml
- name: Playbook for deploying keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
tags:
- mysql-db-setup
roles:
- role: os_keystone
vars:
external_lb_vip_address: 10.100.100.102
internal_lb_vip_address: 10.100.100.102
keystone_galera_address: 10.100.100.101
keystone_galera_database: keystone
keystone_venv_tag: "testing"
keystone_developer_mode: true
keystone_git_install_branch: stable/mitaka
keystone_requirements_git_install_branch: stable/mitaka
keystone_auth_admin_token: "SuperSecreteTestToken"
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_password: "secrete"
keystone_rabbitmq_password: "secrete"
keystone_container_mysql_password: "SuperSecrete"
keystone_rabbitmq_port: 5671
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_rabbitmq_servers: 10.100.100.101
keystone_rabbitmq_use_ssl: false
galera_client_drop_config_file: false
# Install Keystone
- include: test-install-keystone.yml
- name: Playbook for deploying nova
hosts: nova_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ nova_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-vhost
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ nova_rabbitmq_userid }}"
password: "{{ nova_rabbitmq_password }}"
vhost: "{{ nova_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- aodh-rabbitmq
- aodh-rabbitmq-user
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ nova_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- mysql-db-setup
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ nova_galera_database }}"
password: "{{ nova_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ nova_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['nova_all'][0]
tags:
- mysql-db-setup
roles:
- role: "{{ rolename | basename }}"
vars:
external_lb_vip_address: 10.100.100.102
internal_lb_vip_address: 10.100.100.102
nova_galera_address: 10.100.100.101
nova_api_galera_address: 10.100.100.101
nova_galera_database: nova
galera_root_password: "secrete"
galera_client_drop_config_file: false
nova_rabbitmq_password: "secrete"
nova_rabbitmq_userid: nova
nova_rabbitmq_vhost: /nova
rabbitmq_servers: 10.100.100.101
rabbitmq_use_ssl: true
rabbitmq_port: 5671
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_adminuri_insecure: false
keystone_service_internaluri_insecure: false
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
nova_venv_tag: "testing"
nova_developer_mode: true
nova_git_install_branch: stable/mitaka
nova_requirements_git_install_branch: stable/mitaka
nova_service_password: "secrete"
nova_container_mysql_password: "SuperSecrete"
nova_api_container_mysql_password: "SuperSecrete"
nova_management_address: "{{ internal_lb_vip_address }}"
nova_virt_type: qemu
cinder_ceph_client: cinder
cinder_backends_rbd_inuse: false
glance_host: "{{ internal_lb_vip_address }}"
glance_service_port: 9292
neutron_service_adminurl: http://{{ internal_lb_vip_address }}/9696
neutron_service_region: RegionOne
neutron_service_password: "secrete"
neutron_service_user_name: neutron
neutron_service_project_name: service
nova_metadata_proxy_secret: "secrete"
openrc_os_password: "{{ keystone_auth_admin_password }}"
openrc_os_domain_name: "Default"
memcached_servers: 127.0.0.1
memcached_encryption_key: "secrete"
debug: true
verbose: true
# Install Glance
- include: test-install-glance.yml
# Install Neutron
- include: test-install-neutron.yml
# Install Nova
- include: test-install-nova.yml
# Test Nova
- include: test-nova-functional.yml