Adding role convergence test

Functional testing will follow in another patch
but we should have convergence testing in the meantime.

Change-Id: Ib3d596eea7f6ded233a3b1f9a06e3e893764c0e5
This commit is contained in:
Travis Truman 2016-03-29 14:11:24 -04:00
parent 72a3b5da89
commit 6c79f1cde1
13 changed files with 383 additions and 33 deletions

4
Vagrantfile vendored
View File

@ -1,5 +1,9 @@
Vagrant.configure(2) do |config|
config.vm.box = "ubuntu/trusty64"
config.vm.provider "virtualbox" do |v|
v.memory = 2048
v.cpus = 2
end
config.vm.provision "shell", inline: <<-SHELL
sudo su -
cd /vagrant

View File

@ -29,7 +29,7 @@
# at boot time. Here is just for testing purpose.
- name: Run uwsgi service
command: >
/usr/local/bin/uwsgi
{{ zaqar_bin }}/uwsgi
--socket /tmp/zaqar.sock
--pythonpath /var/www/cgi-bin/zaqar/
--module app

View File

@ -10,7 +10,36 @@
src: https://git.openstack.org/openstack/openstack-ansible-pip_lock_down
scm: git
version: master
- name: lxc_hosts
src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts
scm: git
version: master
- name: lxc_container_create
src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create
scm: git
version: master
- name: openstack_hosts
src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts
scm: git
version: master
- name: rabbitmq_server
src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server
scm: git
version: master
- name: galera_client
src: https://git.openstack.org/openstack/openstack-ansible-galera_client
scm: git
version: master
- name: galera_server
src: https://git.openstack.org/openstack/openstack-ansible-galera_server
scm: git
version: master
- name: memcached_server
src: https://git.openstack.org/openstack/openstack-ansible-memcached_server
scm: git
version: master
- name: os_keystone
src: https://git.openstack.org/openstack/openstack-ansible-os_keystone
scm: git
version: master

View File

@ -0,0 +1,27 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_ssh_host: "{{ ansible_host }}"
container_name: "{{ inventory_hostname }}"
container_networks:
management_address:
address: "{{ ansible_host }}"
bridge: "lxcbr0"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
physical_host: localhost
properties:
service_name: "{{ inventory_hostname }}"

View File

@ -1,2 +1,27 @@
[all]
localhost ansible_connection=local ansible_become=True
infra1 ansible_host=10.100.100.2 ansible_become=True
openstack1 ansible_host=10.100.100.3 ansible_become=True
[hosts]
localhost
[all_containers]
infra1
openstack1
[keystone_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
[rabbitmq_all]
infra1
[galera_all]
infra1
[zaqar_all]
openstack1

View File

@ -0,0 +1,32 @@
---
# Copyright 2016, Comcast Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy infra services
hosts: galera_all
user: root
gather_facts: true
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"

View File

@ -0,0 +1,81 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Deploy keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
- name: Create DB for service
mysql_db:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
- name: Grant access to the DB for the service
mysql_user:
login_user: "root"
login_password: "secrete"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.2"
when: inventory_hostname == groups['keystone_all'][0]
roles:
- role: os_keystone
vars:
external_lb_vip_address: 10.100.100.2
internal_lb_vip_address: 10.100.100.2
keystone_galera_address: 10.100.100.2
keystone_galera_database: keystone
keystone_venv_tag: testing
keystone_developer_mode: true
keystone_auth_admin_token: SuperSecreteTestToken
keystone_auth_admin_password: SuperSecretePassword
keystone_service_password: secrete
keystone_rabbitmq_password: secrete
keystone_container_mysql_password: SuperSecrete
keystone_rabbitmq_port: 5671
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_rabbitmq_servers: 10.100.100.2
keystone_rabbitmq_use_ssl: false
galera_client_drop_config_file: false

View File

@ -0,0 +1,35 @@
---
# Copyright 2016, Catalyst IT Limited
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install zaqar server
hosts: zaqar_all
user: root
roles:
- role: "{{ rolename | basename }}"
zaqar_developer_mode: true
zaqar_install_nginx: true
zaqar_mgmt_db_connection_string: 'sqlite:////tmp/zaqar.db'
external_lb_vip_address: 10.100.100.2
internal_lb_vip_address: 10.100.100.2
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
keystone_auth_admin_password: SuperSecretePassword
keystone_service_adminuri_insecure: false
keystone_service_internaluri_insecure: false
keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
keystone_service_region: RegionOne

View File

@ -0,0 +1,33 @@
---
# Copyright 2016, Comcast Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create test containers
hosts: all_containers
connection: local
gather_facts: false
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1

View File

@ -0,0 +1,56 @@
---
# Copyright 2016, Comcast Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Perform basic LXC host setup
hosts: localhost
become: yes
pre_tasks:
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}"
- name: Check if this is an OpenStack-CI nodepool instance
stat:
path: /etc/nodepool/provider
register: nodepool
- name: Set the files to copy into the container cache for OpenStack-CI instances
set_fact:
lxc_container_cache_files:
- { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
- { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' }
when: nodepool.stat.exists | bool
- name: Determine the existing Ubuntu repo configuration
shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list'
register: ubuntu_repo
changed_when: false
- name: Set apt repo facts based on discovered information
set_fact:
lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}"
lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}"
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.8,10.100.100.253
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
lxc_container_caches:
- url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
name: "trusty.tgz"
sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
chroot_path: trusty/rootfs-amd64

View File

@ -0,0 +1,30 @@
---
# Copyright 2016, Comcast Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Create ssh key pairs for use with containers
hosts: localhost
become_user: "{{ ansible_ssh_user }}"
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: Get the calling user's key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"

View File

@ -1,5 +1,5 @@
---
# Copyright 2016, Catalyst IT Limited
# Copyright 2016, Comcast Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -13,15 +13,20 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install zaqar server
hosts: zaqar_all
user: root
roles:
- role: "{{ rolename | basename }}"
zaqar_local_mode: true
zaqar_install_nginx: true
zaqar_api_bind_address: 192.168.33.11
zaqar_mgmt_db_connection_string: 'sqlite:////tmp/zaqar.db'
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
keystone_auth_admin_password: "SuperSecretePassword"
# Prepare the user ssh keys
- include: test-prepare-keys.yml
# Prepare the host
- include: test-prepare-host.yml
# Prepare the containers
- include: test-prepare-containers.yml
# Install RabbitMQ/MariaDB
- include: test-install-infra.yml
# Install Keystone
- include: test-install-keystone.yml
# Install Zaqar
- include: test-install-zaqar.yml

31
tox.ini
View File

@ -106,26 +106,19 @@ commands =
[testenv:functional]
commands =
echo -e "\n *******************************************************\n" \
"**** Functional Testing is still to be implemented ****\n" \
"**** TODO: Write tests here ****\n" \
"*******************************************************\n"
# As a temporary measure, while functional testing is being worked on, we
# will not execute the functional test. This allows other patches to be
# worked on while the functional testing is being worked out.
#rm -rf {homedir}/.ansible
#git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
# {homedir}/.ansible/plugins
rm -rf {homedir}/.ansible
git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
{homedir}/.ansible/plugins
# This plugin makes the ansible-playbook output easier to read
#wget -O {homedir}/.ansible/plugins/callback/human_log.py \
# https://gist.githubusercontent.com/cliffano/9868180/raw/f360f306b3c6d689734a6aa8773a00edf16a0054/human_log.py
#ansible-galaxy install \
# --role-file={toxinidir}/tests/ansible-role-requirements.yml \
# --ignore-errors \
# --force
#ansible-playbook -i {toxinidir}/tests/inventory \
# -e "rolename={toxinidir}" \
# {toxinidir}/tests/test.yml
wget -O {homedir}/.ansible/plugins/callback/human_log.py \
https://gist.githubusercontent.com/cliffano/9868180/raw/f360f306b3c6d689734a6aa8773a00edf16a0054/human_log.py
ansible-galaxy install \
--role-file={toxinidir}/tests/ansible-role-requirements.yml \
--ignore-errors \
--force
ansible-playbook -i {toxinidir}/tests/inventory \
-e "rolename={toxinidir}" \
{toxinidir}/tests/test.yml
[testenv:linters]