openstack
/
openstack-ansible-os_trove
Code Issues Proposed changes

Add scaffolding for OpenStack-CI tests 

Change-Id: I768a5ece1417933248c76fe7e269b9248d0baed1
This commit is contained in:
Donovan Francesco 2016-08-26 11:32:15 +02:00
parent dbdedd7cd6
commit f12ecd2e83
33 changed files with 1198 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
.gitignore vendored Executable file
View File

@ -0,0 +1,66 @@
# Compiled source #
###################
*.com
*.class
*.dll
*.exe
*.o
*.so
*.pyc
build/
dist/
doc/build/
# Packages #
############
# it's better to unpack these files and commit the raw source
# git has its own built in compression methods
*.7z
*.dmg
*.gz
*.iso
*.jar
*.rar
*.tar
*.zip
# Logs and databases #
######################
*.log
*.sql
*.sqlite
# OS generated files #
######################
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
.idea
.tox
*.sublime*
*.egg-info
Icon?
ehthumbs.db
Thumbs.db
.eggs
# User driven backup files #
############################
*.bak
*.swp
# Generated by pbr while building docs
######################################
AUTHORS
ChangeLog
# Files created by releasenotes build
releasenotes/build
# Test temp files
tests/plugins
# Vagrant testing artifacts
.vagrant

4
.gitreview Executable file
View File

@ -0,0 +1,4 @@
[gerrit]
host=review.openstack.org
port=29418
project=openstack/openstack-ansible-os_trove.git

9
CHANGELOG
View File

@ -1 +1,8 @@
# CHANGELOG
CHANGES
=======
* Add scaffolding for OpenStack-CI tests
* Adding trove_extra_service_names and creating database on galera
* Updates
* Update
* Initial Commit

100
CONTRIBUTING.rst
View File

@ -1,4 +1,98 @@
# Authors
OpenStack-Ansible Trove
#########################
Donovan Francesco <donovan.francesco@is.co.za>
Paul Stevens <paul.stevens@is.co.za>
Contributor Guidelines
^^^^^^^^^^^^^^^^^^^^^^
Filing Bugs
-----------
Bugs should be filed on Launchpad, not GitHub: "https://bugs.launchpad.net
/openstack-ansible"
When submitting a bug, or working on a bug, please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* The provided information should be totally self-contained. External
access to web services/sites should not be needed.
* Steps to reproduce the problem if possible.
Submitting Code
---------------
Changes to the project should be submitted for review via the Gerrit tool,
following the workflow documented at:
"http://docs.openstack.org/infra/manual/developers.html#development-workflow"
Pull requests submitted through GitHub will be ignored and closed without
regard.
Extra
-----
Tags: If it's a bug that needs fixing in a branch in addition to Master, add a
'\<release\>-backport-potential' tag (eg ``juno-backport-potential``).
There are predefined tags that will autocomplete.
Status:
Please leave this alone, it should be New till someone triages the issue.
Importance:
Should only be touched if it is a Blocker/Gating issue. If it is, please
set to High, and only use Critical if you have found a bug that can take
down whole infrastructures.
Style guide
-----------
When creating tasks and other roles for use in Ansible please create them
using the YAML dictionary format.
Example YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name:
thing1: "some-stuff"
thing2: "some-other-stuff"
tags:
- some-tag
- some-other-tag
Example **NOT** in YAML dictionary format:
.. code-block:: yaml
- name: The name of the tasks
module_name: thing1="some-stuff" thing2="some-other-stuff"
tags:
- some-tag
- some-other-tag
Usage of the ">" and "|" operators should be limited to Ansible conditionals
and command modules such as the ansible ``shell`` module.
Issues
------
When submitting an issue, or working on an issue please ensure the following
criteria are met:
* The description clearly states or describes the original problem or root
cause of the problem.
* Include historical information on how the problem was identified.
* Any relevant logs are included.
* If the issue is a bug that needs fixing in a branch other than Master,
add the backport potential tag TO THE ISSUE (not the PR).
* The provided information should be totally self-contained. External
access to web services/sites should not be needed.
* If the issue is needed for a hotfix release, add the 'expedite' label.
* Steps to reproduce the problem if possible.

23
Vagrantfile vendored Executable file
View File

@ -0,0 +1,23 @@
Vagrant.configure(2) do |config|
config.vm.provider "virtualbox" do |v|
v.memory = 2048
v.cpus = 2
end
config.vm.define "ubuntu1404" do |trusty|
trusty.vm.box = "ubuntu/trusty64"
trusty.vm.provision "shell", inline: <<-SHELL
sudo su -
cd /vagrant
./run_tests.sh
SHELL
end
config.vm.define "ubuntu1604" do |xenial|
xenial.vm.box = "ubuntu/xenial64"
xenial.vm.provision "shell", inline: <<-SHELL
sudo su -
cd /vagrant
./run_tests.sh
SHELL
end
end

38
bindep.txt Executable file
View File

@ -0,0 +1,38 @@
# This file facilitates OpenStack-CI package installation
# before the execution of any tests.
#
# See the following for details:
# - http://docs.openstack.org/infra/bindep/
# - https://github.com/openstack-infra/bindep
#
# Even if the role does not make use of this facility, it
# is better to have this file empty, otherwise OpenStack-CI
# will fall back to installing its default packages which
# will potentially be detrimental to the tests executed.
# Base requirements for Ubuntu
build-essential [platform:dpkg]
git-core [platform:dpkg]
libssl-dev [platform:dpkg]
libffi-dev [platform:dpkg]
python2.7 [platform:dpkg]
python-dev [platform:dpkg]
# Base requirements for CentOS
gcc [platform:rpm]
gcc-c++ [platform:rpm]
git [platform:rpm]
python-devel [platform:rpm]
libffi-devel [platform:rpm]
openssl-devel [platform:rpm]
# For SELinux
libselinux-python [platform:rpm]
# For SSL SNI support
python-pyasn1 [platform:dpkg]
python-openssl [platform:dpkg]
python-ndg-httpsclient [platform:ubuntu !platform:ubuntu-trusty]
python2-pyasn1 [platform:rpm]
pyOpenSSL [platform:rpm]
python-ndg_httpsclient [platform:rpm]

11
defaults/main.yml
View File

@ -46,11 +46,6 @@ trove_service_internalurl: "{{ trove_service_internaluri_proto }}://{{ internal_
trove_service_adminuri_proto: http
trove_service_adminurl: "{{ trove_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ trove_bind_port }}"
trove_config_overrides: {}
trove_api_paste_ini_overrides: {}
trove_conductor_config_overrides: {}
trove_taskmanager_config_overrides: {}
# Name of the virtual env to deploy into
trove_venv_tag: untagged
trove_bin: "/openstack/venvs/trove-{{ trove_venv_tag }}/bin"
@ -133,3 +128,9 @@ trove_pip_packages:
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
trove_role_project_group: trove_all
## Tunable overrides
trove_config_overrides: {}
trove_api_paste_ini_overrides: {}
trove_conductor_config_overrides: {}
trove_taskmanager_config_overrides: {}

29
doc/source/index.rst
View File

@ -1 +1,28 @@
.. include:: ../../README.rst
=======================
OpenStack-Ansible Trove
=======================
This Ansible role installs Trove.
Default variables
~~~~~~~~~~~~~~~~~
.. literalinclude:: ../../defaults/main.yml
:language: yaml
:start-after: under the License.
Required variables
~~~~~~~~~~~~~~~~~~
None.
Dependencies
~~~~~~~~~~~~
None.
Example playbook
~~~~~~~~~~~~~~~~
.. literalinclude:: ../../examples/playbook.yml
:language: yaml

5
examples/playbook.yml Executable file
View File

@ -0,0 +1,5 @@
- name: Install trove
hosts: all
user: root
roles:
- role: "openstack-ansible-os_trove"

66
library/config_template Executable file
View File

@ -0,0 +1,66 @@
# this is a virtual module that is entirely implemented server side
DOCUMENTATION = """
---
module: config_template
version_added: 1.9.2
short_description: Renders template files providing a create/update override interface
description:
- The module contains the template functionality with the ability to override items
in config, in transit, though the use of an simple dictionary without having to
write out various temp files on target machines. The module renders all of the
potential jinja a user could provide in both the template file and in the override
dictionary which is ideal for deployers whom may have lots of different configs
using a similar code base.
- The module is an extension of the **copy** module and all of attributes that can be
set there are available to be set here.
options:
src:
description:
- Path of a Jinja2 formatted template on the local server. This can be a relative
or absolute path.
required: true
default: null
dest:
description:
- Location to render the template to on the remote machine.
required: true
default: null
config_overrides:
description:
- A dictionary used to update or override items within a configuration template.
The dictionary data structure may be nested. If the target config file is an ini
file the nested keys in the ``config_overrides`` will be used as section
headers.
config_type:
description:
- A string value describing the target config type.
choices:
- ini
- json
- yaml
author: Kevin Carter
"""
EXAMPLES = """
- name: run config template ini
config_template:
src: templates/test.ini.j2
dest: /tmp/test.ini
config_overrides: {}
config_type: ini
- name: run config template json
config_template:
src: templates/test.json.j2
dest: /tmp/test.json
config_overrides: {}
config_type: json
- name: run config template yaml
config_template:
src: templates/test.yaml.j2
dest: /tmp/test.yaml
config_overrides: {}
config_type: yaml
"""

8
meta/main.yml
View File

@ -17,4 +17,10 @@ galaxy_info:
- python
- trove
dependencies: []
dependencies:
- pip_install
- role: apt_package_pinning
when:
- ansible_pkg_mgr == 'apt'
- galera_client
- openstack_openrc

55
run_tests.sh Executable file
View File

@ -0,0 +1,55 @@
#!/usr/bin/env bash
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -euov
FUNCTIONAL_TEST=${FUNCTIONAL_TEST:-true}
# Install pip
if [ ! "$(which pip)" ]; then
curl --silent --show-error --retry 5 \
https://bootstrap.pypa.io/get-pip.py | sudo python2.7
fi
# Install bindep and tox
pip install bindep tox
# CentOS 7 requires two additional packages:
# redhat-lsb-core - for bindep profile support
# epel-release - required to install python-ndg_httpsclient/python2-pyasn1
if [ "$(which yum)" ]; then
yum -y install redhat-lsb-core epel-release
fi
# Install OS packages using bindep
if apt-get -v >/dev/null 2>&1 ; then
apt-get update
DEBIAN_FRONTEND=noninteractive \
apt-get -q --option "Dpkg::Options::=--force-confold" \
--assume-yes install `bindep -b -f bindep.txt test`
else
yum install -y `bindep -b -f bindep.txt test`
fi
# run through each tox env and execute the test
for tox_env in $(awk -F= '/envlist/ {print $2}' tox.ini | sed 's/,/ /g'); do
if [ "${tox_env}" != "ansible-functional" ]; then
tox -e ${tox_env}
elif [ "${tox_env}" == "ansible-functional" ]; then
if ${FUNCTIONAL_TEST}; then
tox -e ${tox_env}
fi
fi
done

8
setup.cfg
View File

@ -1,11 +1,11 @@
[metadata]
name = openstack-ansible-os_trove
summary = Trove for OpenStack Ansible
summary = os_trove role for OpenStack-Ansible
description-file =
README.rst
author = IS Open Cloud
author-email = is.cloud.infrastructure.opencloud@is.co.za
home-page = http://www.is.co.za/
author = OpenStack
author-email = openstack-dev@lists.openstack.org
home-page = http://docs.openstack.org/developer/openstack-ansible-os_trove
classifier =
Intended Audience :: Developers
Intended Audience :: System Administrators

2
tasks/trove_install.yml
View File

@ -51,7 +51,7 @@
- name: Install required pip packages
pip:
name: "{{ trove_required_pip_packages | join(' ') }}"
name: "{{ trove_requires_pip_packages | join(' ') }}"
state: latest
extra_args: "{{ pip_install_options_fact }}"
register: install_packages

10
tasks/trove_post_install.yml
View File

@ -29,7 +29,15 @@
config_type: "ini"
- src: "trove.conf.j2"
dest: "/etc/trove/trove.conf"
config_overrides: "{{ trove_conf_overrides }}"
config_overrides: "{{ trove_config_overrides }}"
config_type: "ini"
- src: "trove-conductor.conf.j2"
dest: "/etc/trove/trove-conductor.conf"
config_overrides: "{{ trove_conductor_config_overrides }}"
config_type: "ini"
- src: "trove-taskmanager.conf.j2"
dest: "/etc/trove/trove-taskmanager.conf"
config_overrides: "{{ trove_taskmanager_config_overrides }}"
config_type: "ini"
notify:
- Restart Apache

4
tasks/trove_pre_install.yml
View File

@ -23,8 +23,8 @@
user:
name: "{{ trove_system_user_name }}"
group: "{{ trove_system_group_name }}"
comment: "{{ trove_system_comment }}"
shell: "{{ trove_system_shell }}"
comment: "{{ trove_system_user_comment }}"
shell: "{{ trove_system_user_shell }}"
system: "yes"
createhome: "yes"
home: "{{ trove_system_user_home }}"

15
test-requirements.txt Executable file
View File

@ -0,0 +1,15 @@
# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
bashate>=0.2 # Apache-2.0
flake8<2.6.0,>=2.5.4 # MIT
pyasn1 # BSD
pyOpenSSL>=0.14 # Apache-2.0
requests>=2.10.0 # Apache-2.0
ndg-httpsclient>=0.4.2;python_version<'3.0' # BSD
# this is required for the docs build jobs
sphinx!=1.3b1,<1.3,>=1.2.1 # BSD
oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0
doc8 # Apache-2.0
reno>=1.8.0 # Apache2

40
tests/ansible-role-requirements.yml Normal file
View File

@ -0,0 +1,40 @@
- name: apt_package_pinning
src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning
scm: git
version: master
- name: pip_install
src: https://git.openstack.org/openstack/openstack-ansible-pip_install
scm: git
version: master
- name: memcached_server
src: https://git.openstack.org/openstack/openstack-ansible-memcached_server
scm: git
version: master
- name: lxc_hosts
src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts
scm: git
version: master
- name: lxc_container_create
src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create
scm: git
version: master
- name: galera_client
src: https://git.openstack.org/openstack/openstack-ansible-galera_client
scm: git
version: master
- name: galera_server
src: https://git.openstack.org/openstack/openstack-ansible-galera_server
scm: git
version: master
- name: rabbitmq_server
src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server
scm: git
version: master
- name: os_keystone
src: https://git.openstack.org/openstack/openstack-ansible-os_keystone
scm: git
version: master
- name: openstack_openrc
src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc
scm: git
version: master

27
tests/group_vars/all_containers.yml Normal file
View File

@ -0,0 +1,27 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_ssh_host: "{{ ansible_host }}"
container_name: "{{ inventory_hostname }}"
container_networks:
management_address:
address: "{{ ansible_host }}"
bridge: "br-mgmt"
interface: "eth1"
netmask: "255.255.255.0"
type: "veth"
physical_host: localhost
properties:
service_name: "{{ inventory_hostname }}"

35
tests/inventory Normal file
View File

@ -0,0 +1,35 @@
[all]
localhost ansible_connection=local ansible_become=True neutron_local_ip=10.100.101.1
infra1 ansible_host=10.100.102.101 ansible_become=True ansible_user=root tunnel_address=10.100.101.101
openstack1 ansible_host=10.100.102.102 ansible_become=True ansible_user=root tunnel_address=10.100.101.102 neutron_local_ip=10.100.101.102
[all_containers]
infra1
openstack1
[rabbitmq_all]
infra1
[galera_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
[keystone_all]
openstack1
[trove_api]
openstack1
[trove_conductor]
openstack1
[trove_taskmanager]
openstack1
[trove_all:children]
trove_api
trove_conductor
trove_taskmanager

26
tests/iptables-clear.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/bash
#
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

31
tests/test-install-infra.yml Normal file
View File

@ -0,0 +1,31 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying infra services
hosts: service_all
user: root
gather_facts: true
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"

65
tests/test-install-keystone.yml Normal file
View File

@ -0,0 +1,65 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['keystone_all'][0]
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['keystone_all'][0]
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['keystone_all'][0]
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['keystone_all'][0]
roles:
- role: os_keystone
vars_files:
- test-vars.yml

81
tests/test-install-trove.yml Normal file
View File

@ -0,0 +1,81 @@
---
# Copyright 2016 Internet Solutions (Pty) Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
- name: Playbook for deploying trove
hosts: trove_all
user: root
gather_facts: true
pre_tasks:
# NOTE: These are typically installed in the repo server where we build the
# trove wheel
- name: Install packages required to build trove python package
apt:
name: "{{ item }}"
with_items:
- libxml2-dev
- libxslt-dev
- libffi-dev
- pkg-config
- libvirt-dev
when: inventory_hostname in groups['trove_all']
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ trove_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['trove_all'][0]
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ trove_rabbitmq_userid }}"
password: "{{ trove_rabbitmq_password }}"
vhost: "{{ trove_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['trove_all'][0]
- name: Create DB for service
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ trove_galera_address }}"
name: "{{ trove_galera_database }}"
state: "present"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['trove_all'][0]
- name: Grant access to the DB for the service
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "{{ trove_galera_address }}"
name: "{{ trove_galera_database }}"
password: "{{ trove_galera_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ trove_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.102.101"
when: inventory_hostname == groups['trove_all'][0]
roles:
- role: "{{ rolename | basename }}"
vars_files:
- test-vars.yml

10
tests/test-nova-interfaces.cfg.j2 Normal file
View File

@ -0,0 +1,10 @@
auto br-mgmt
iface br-mgmt inet static
bridge_stp off
bridge_waitport 0
bridge_fd 0
# Notice the bridge port is the vlan tagged interface
bridge_ports none
address 10.100.102.1
netmask 255.255.255.0
offload-sg off

31
tests/test-prepare-containers.yml Normal file
View File

@ -0,0 +1,31 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for creating containers
hosts: all_containers
gather_facts: false
roles:
- role: "lxc_container_create"
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1

89
tests/test-prepare-host.yml Normal file
View File

@ -0,0 +1,89 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for configuring the LXC host
hosts: localhost
pre_tasks:
- name: Clear iptables rules
shell: "{{ playbook_dir }}/iptables-clear.sh"
# Make sure OS does not have a stale package cache.
- name: Update apt cache
apt:
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
- name: Check if this is an OpenStack-CI nodepool instance
stat:
path: /etc/nodepool/provider
register: nodepool
- name: Set the files to copy into the container cache for OpenStack-CI instances
set_fact:
lxc_container_cache_files:
- { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
when: nodepool.stat.exists | bool
post_tasks:
- name: Ensure that /etc/network/interfaces.d/ exists
file:
path: /etc/network/interfaces.d/
state: directory
tags:
- networking-dir-create
- name: Copy network configuration
template:
src: test-nova-interfaces.cfg.j2
dest: /etc/network/interfaces.d/nova_interfaces.cfg
register: nova_interfaces
tags:
- networking-interfaces-file
- name: Ensure our interfaces.d configuration files are loaded automatically
lineinfile:
dest: /etc/network/interfaces
line: "source /etc/network/interfaces.d/*.cfg"
tags:
- networking-interfaces-load
- name: Shut down the network interfaces
command: "ifdown {{ item }}"
when: nova_interfaces | changed
with_items:
- br-mgmt
tags:
- networking-interfaces-stop
- name: Start the network interfaces
command: "ifup {{ item }}"
when: nova_interfaces | changed
with_items:
- br-mgmt
tags:
- networking-interfaces-start
- name: Add iptables rules for lxc natting
command: /usr/local/bin/lxc-system-manage iptables-create
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_netmask: 255.255.255.0
lxc_net_dhcp_range: 10.100.100.2,10.100.100.99
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }

33
tests/test-prepare-keys.yml Normal file
View File

@ -0,0 +1,33 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# NOTE: we use become_user because setting become: no or become: false
# doesn't seem to override the ansible_become=true in the
# inventory
- name: Playbook for establishing ssh keys
hosts: localhost
become_user: "{{ ansible_ssh_user }}"
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: Get the calling user's key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"

78
tests/test-vars.yml Normal file
View File

@ -0,0 +1,78 @@
---
# Copyright 2016 Internet Solutions (Pty) Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
debug: true
external_lb_vip_address: 10.100.102.102
galera_client_drop_config_file: false
galera_root_user: root
galera_root_password: secrete
internal_lb_vip_address: 10.100.102.102
keystone_admin_tenant_name: admin
keystone_admin_user_name: admin
keystone_auth_admin_password: SuperSecretePassword
keystone_container_mysql_password: "SuperSecrete"
keystone_developer_mode: true
keystone_galera_address: 10.100.102.101
keystone_galera_database: keystone
keystone_git_install_branch: master
keystone_rabbitmq_password: "secrete"
keystone_rabbitmq_port: "{{ rabbitmq_port }}"
keystone_rabbitmq_servers: "{{ rabbitmq_servers }}"
keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_requirements_git_install_branch: master
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
keystone_service_adminuri_insecure: false
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
keystone_service_internaluri_insecure: false
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_password: "secrete"
keystone_service_region: RegionOne
keystone_venv_tag: "testing"
memcached_encryption_key: "secrete"
memcached_servers: 127.0.0.1
trove_developer_mode: True
trove_galera_address: 10.100.102.101
trove_galera_database: trove
trove_galera_user: trove
trove_galera_password: "secrete"
trove_rabbitmq_port: "{{ rabbitmq_port }}"
trove_rabbitmq_servers: "{{ rabbitmq_servers }}"
trove_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
trove_rabbitmq_password: "secrete"
trove_rabbitmq_userid: trove
trove_rabbitmq_vhost: /trove
trove_requirements_git_install_branch: master
trove_service_adminurl: "http://{{ internal_lb_vip_address }}:8779"
trove_service_password: "secrete"
trove_service_project_domain_id: default
trove_service_project_name: service
trove_service_region: RegionOne
trove_service_user_domain_id: default
trove_service_user_name: trove
trove_bin: "/openstack/venvs/trove-{{ trove_venv_tag }}/bin"
trove_venv_tag: "testing"
openrc_os_auth_url: "http://127.0.0.1:5000/v3"
openrc_os_domain_name: "Default"
openrc_os_password: "{{ keystone_auth_admin_password }}"
rabbitmq_port: 5672
rabbitmq_servers: 10.100.102.101
rabbitmq_use_ssl: False

35
tests/test.yml Normal file
View File

@ -0,0 +1,35 @@
---
# Copyright 2016 Internet Solutions (Pty) Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# (c) 2016 Donovan Francesco <donovan.francesco@is.co.za>
# (c) 2016 Paul Stevens <paul.stevens@is.co.za>
# Prepare the user ssh keys
- include: test-prepare-keys.yml
# Prepare the host
- include: test-prepare-host.yml
# Prepare the containers
- include: test-prepare-containers.yml
# Install RabbitMQ/MariaDB
- include: test-install-infra.yml
# Install keystone
- include: test-install-keystone.yml
# Install trove
- include: test-install-trove.yml

183
tox.ini Executable file
View File

@ -0,0 +1,183 @@
[tox]
minversion = 2.0
skipsdist = True
envlist = docs,linters,functional
[testenv]
usedevelop = True
install_command =
pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
deps =
-r{toxinidir}/test-requirements.txt
commands =
/usr/bin/find . -type f -name "*.pyc" -delete
passenv =
HOME
http_proxy
HTTP_PROXY
https_proxy
HTTPS_PROXY
no_proxy
NO_PROXY
whitelist_externals =
bash
echo
git
rm
wget
setenv =
VIRTUAL_ENV={envdir}
[testenv:docs]
commands=
bash -c "rm -rf doc/build"
doc8 doc
python setup.py build_sphinx
[doc8]
# Settings for doc8:
extensions = .rst
[testenv:releasenotes]
commands =
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
# environment used by the -infra templated docs job
[testenv:venv]
commands =
{posargs}
[testenv:pep8]
commands =
# Run hacking/flake8 check for all python files
bash -c "grep --recursive --binary-files=without-match \
--files-with-match '^.!.*python$' \
--exclude-dir .eggs \
--exclude-dir .git \
--exclude-dir .tox \
--exclude-dir *.egg-info \
--exclude-dir doc \
{toxinidir} | xargs flake8 --verbose"
[flake8]
# Ignores the following rules due to how ansible modules work in general
# F403 'from ansible.module_utils.basic import *' used;
# unable to detect undefined names
# H303 No wildcard (*) import.
ignore=F403,H303
[testenv:bashate]
commands =
# Run bashate check for all bash scripts
# Ignores the following rules:
# E003: Indent not multiple of 4 (we prefer to use multiples of 2)
# E006: Line longer than 79 columns (as many scripts use jinja
# templating, this is very difficult)
# E040: Syntax error determined using `bash -n` (as many scripts
# use jinja templating, this will often fail and the syntax
# error will be discovered in execution anyway)
bash -c "grep --recursive --binary-files=without-match \
--files-with-match '^.!.*\(ba\)\?sh$' \
--exclude-dir .tox \
--exclude-dir .git \
{toxinidir} | xargs bashate --error . --verbose --ignore=E003,E006,E040"
[testenv:ansible]
deps =
{[testenv]deps}
ansible==2.1.1.0
ansible-lint>=2.7.0,<3.0.0
setenv =
{[testenv]setenv}
ANSIBLE_HOST_KEY_CHECKING = False
ANSIBLE_SSH_CONTROL_PATH = /tmp/%%h-%%r
# TODO (odyssey4me) These are only here as they are non-standard folder
# names for Ansible 1.9.x. We are using the standard folder names for
# Ansible v2.x. We can remove this when we move to Ansible 2.x.
ANSIBLE_ACTION_PLUGINS = {homedir}/.ansible/plugins/action
ANSIBLE_CALLBACK_PLUGINS = {homedir}/.ansible/plugins/callback
ANSIBLE_FILTER_PLUGINS = {homedir}/.ansible/plugins/filter
ANSIBLE_LOOKUP_PLUGINS = {homedir}/.ansible/plugins/lookup
# This is required as the default is the current path or a path specified
# in ansible.cfg
ANSIBLE_LIBRARY = {homedir}/.ansible/plugins/library
# This is required as the default is '/etc/ansible/roles' or a path
# specified in ansible.cfg
ANSIBLE_ROLES_PATH = {homedir}/.ansible/roles:{toxinidir}/..
commands =
rm -rf {homedir}/.ansible/plugins
git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
{homedir}/.ansible/plugins
rm -rf {homedir}/.ansible/roles
ansible-galaxy install \
--role-file={toxinidir}/tests/ansible-role-requirements.yml \
--force
[testenv:ansible-syntax]
deps =
{[testenv:ansible]deps}
setenv =
{[testenv:ansible]setenv}
commands =
{[testenv:ansible]commands}
ansible-playbook -i {toxinidir}/tests/inventory \
--syntax-check \
--list-tasks \
-e "rolename={toxinidir}" \
{toxinidir}/tests/test.yml
[testenv:ansible-lint]
deps =
{[testenv:ansible]deps}
commands =
{[testenv:ansible]commands}
ansible-lint {toxinidir}
[testenv:functional]
# NOTE(odyssey4me): this target does not use constraints because
# it doesn't work in OpenStack-CI yet. Once that's fixed, we can
# drop the install_command.
install_command =
pip install -U --force-reinstall {opts} {packages}
deps =
{[testenv:ansible]deps}
setenv =
{[testenv:ansible]setenv}
commands =
echo -e "\n *******************************************************\n" \
"**** Functional Testing is still to be implemented ****\n" \
"**** TODO: Write tests here ****\n" \
"*******************************************************\n"
# As a temporary measure, while functional testing is being worked on, we
# will not execute the functional test. This allows other patches to be
# worked on while the functional testing is being worked out.
#{[testenv:ansible]commands}
#ansible-playbook -i {toxinidir}/tests/inventory \
# -e "rolename={toxinidir}" \
# -e "install_test_packages=True" \
# {toxinidir}/tests/test.yml -vvvv
[testenv:linters]
deps =
{[testenv:ansible]deps}
setenv =
{[testenv:ansible]setenv}
commands =
{[testenv:pep8]commands}
{[testenv:bashate]commands}
{[testenv:ansible-lint]commands}
{[testenv:ansible-syntax]commands}
{[testenv:docs]commands}

1
vars/ubuntu-14.04.yml
View File

@ -29,4 +29,3 @@ trove_apt_packages:
- mysql-client
- libxslt1-dev
- qemu-utils
- libmysqlclient-dev

1
vars/ubuntu-16.04.yml
View File

@ -29,4 +29,3 @@ trove_apt_packages:
- mysql-client
- libxslt1-dev
- qemu-utils
- libmysqlclient-dev