openstack/puppet-openstack-integration
Code Issues Proposed changes
834ab8a5fb
puppet-openstack-integration/functions
Emilien Macchi 834ab8a5fb Align the stars to bring our CI back 
1) Add 2GB swap by default
Add some swap when running CI jobs, so we can reduce the number of
failures in CI related to missing memory.
By default 2GB, can be disabled or increased/decreased with parameters.

2) Promote RDO repository to have Oslo DB from master
python-oslo-db 4.13.x releases are known to break Gnocchi.
https://review.openstack.org/367221 will fix it, but it is not yet
in any release, so RDO unpinned oslo.db until that happens.

3) Disable Ironic testing on Ubuntu. Packages are broken in recent
   Newton upgrade. They are working on it.

4) Enable br_netfilter kernel module on Ubuntu.
See https://bugs.launchpad.net/cloud-archive/+bug/1621651
Even if it's not critical, it's a nice-to-have because it removed the
ERROR that we had in neutron logs. We'll see how the bug report evolve
and maybe remove this workaround.

5) Export lsmod in logs, easier for us to debug later.

6) Disable linuxbridge on scenario003 for Ubuntu
Also see https://bugs.launchpad.net/cloud-archive/+bug/1621651

7) Pin Puppetlabs release package.
Context: https://tickets.puppetlabs.com/browse/CPR-378

Change-Id: I732ef375a681f03af751ebb6ebd5b12df55a0ecc
2016-09-08 20:33:20 -04:00

209 lines
6.7 KiB
Bash
Raw Blame History

#!/bin/bash
#
# functions - puppet-openstack-integration specific functions
#
# Install external Puppet modules with r10k
# Uses the following variables:
#
# - ``SCRIPT_DIR`` must be set to script path
# - ``GEM_BIN_DIR`` must be set to Gem bin directory
install_external() {
PUPPETFILE=${SCRIPT_DIR}/Puppetfile1 r10k puppetfile install -v
}
# Install Puppet OpenStack modules with zuul-cloner
# Uses the following variables:
#
# - ``PUPPETFILE_DIR`` must be set to Puppet modules directory
# - ``SCRIPT_DIR`` must be set to script path
# - ``ZUUL_REF`` must be set to Zuul ref. Fallback to 'None'.
# - ``ZUUL_BRANCH`` must be set to Zuul branch. Fallback to 'master'.
# - ``ZUUL_URL`` must be set to Zuul URL
install_openstack() {
cat > clonemap.yaml <<EOF
clonemap:
- name: '(.*?)/puppet-(.*)'
dest: '$PUPPETFILE_DIR/\2'
EOF
# Workaround for puppet-ceph, where we need to checkout
# OpenStack modules from stable/mitaka when working on stable/hammer.
# Ceph Hammer works with Mitaka and before.
# Ceph Jewel works with Newton and beyond.
if [ "$ZUUL_BRANCH" == "stable/hammer" ] || [ "$ZUUL_BRANCH" == "stable/mitaka" ]; then
PUPPET_CEPH_ZUUL_BRANCH='stable/hammer'
ZUUL_BRANCH='stable/mitaka'
else
PUPPET_CEPH_ZUUL_BRANCH=$ZUUL_BRANCH
ZUUL_BRANCH=$ZUUL_BRANCH
fi
# Periodic jobs run without ref on master
ZUUL_REF=${ZUUL_REF:-None}
ZUUL_BRANCH=${ZUUL_BRANCH:-master}
local project_names=$(awk '{ if ($1 == ":git") print $3 }' \
${SCRIPT_DIR}/Puppetfile0 | tr -d "'," | cut -d '/' -f 4- | xargs
)
/usr/zuul-env/bin/zuul-cloner -m clonemap.yaml \
--cache-dir /opt/git \
--project-branch openstack/puppet-ceph=$PUPPET_CEPH_ZUUL_BRANCH \
--zuul-ref $ZUUL_REF \
--zuul-branch $ZUUL_BRANCH \
--zuul-url $ZUUL_URL \
git://git.openstack.org $project_names
# Because openstack-integration can't be a class name.
# https://projects.puppetlabs.com/issues/5268
mv $PUPPETFILE_DIR/openstack-integration $PUPPETFILE_DIR/openstack_integration
}
# Install all Puppet modules with r10k
# Uses the following variables:
#
# - ``SCRIPT_DIR`` must be set to script path
install_all() {
PUPPETFILE=${SCRIPT_DIR}/Puppetfile r10k puppetfile install -v
}
# Install Puppet OpenStack modules and dependencies by using
# zuul-cloner or r10k.
# Uses the following variables:
#
# - ``PUPPETFILE_DIR`` must be set to Puppet modules directory
# - ``SCRIPT_DIR`` must be set to script path
# - ``ZUUL_REF`` must be set to Zuul ref
# - ``ZUUL_BRANCH`` must be set to Zuul branch
# - ``ZUUL_URL`` must be set to Zuul URL
install_modules() {
# If zuul-cloner is there, have it install modules using zuul refs
if [ -e /usr/zuul-env/bin/zuul-cloner ] ; then
csplit ${SCRIPT_DIR}/Puppetfile /'External modules'/ \
--prefix ${SCRIPT_DIR}/Puppetfile \
--suffix '%d'
install_external
install_openstack
else
install_all
fi
}
# Write out basic hiera configuration
#
# Uses the following variables:
# - ``SCRIPT_DIR`` must be set to the dir that contains a /hiera folder to use
# - ``HIERA_CONFIG`` must be set to the hiera config file location
#
configure_hiera() {
cat <<EOF >$HIERA_CONFIG
---
:backends:
- yaml
:yaml:
:datadir: "${SCRIPT_DIR}/hiera"
:hierarchy:
- "%{::operatingsystem}"
- "%{::osfamily}"
- common
EOF
}
is_fedora() {
if [ -f /etc/os-release ]; then
source /etc/os-release
test "$ID" = "fedora" -o "$ID" = "centos"
else
return 1
fi
}
uses_debs() {
# check if apt-get is installed, valid for debian based
type "apt-get" 2>/dev/null
}
print_header() {
if [ -n "$(set | grep xtrace)" ]; then
set +x
local enable_xtrace='yes'
fi
local msg=$1
printf '%.0s-' {1..80}; echo
printf '| %-76s |\n' "${msg}"
printf '%.0s-' {1..80}; echo
if [ -n "${enable_xtrace}" ]; then
set -x
fi
}
install_puppet() {
if uses_debs; then
print_header 'Setup (Debian based)'
# Puppetlabs packaging:
# - trusty: puppet3 and puppet4
# - xenial: puppet4 only
if [[ ${DISTRO} == "trusty" ]] || [[ ${DISTRO} == "xenial" && ${PUPPET_MAJ_VERSION} == 4 ]]; then
if dpkg -l $PUPPET_RELEASE_FILE >/dev/null 2>&1; then
$SUDO apt-get purge -y $PUPPET_RELEASE_FILE
fi
$SUDO rm -f /tmp/puppet.deb
wget http://apt.puppetlabs.com/${PUPPET_RELEASE_FILE}-${DISTRO}.deb -O /tmp/puppet.deb
$SUDO dpkg -i /tmp/puppet.deb
# TODO(emilien): figure what installed /etc/default/puppet on the xenial nodepool image
# We have no problem on Trusty but on Xenial we need to remove /etc/default/puppet before
# trying to deploy puppet-agent from puppetlabs.com.
$SUDO rm -rf /etc/default/puppet
fi
$SUDO apt-get update
$SUDO apt-get install -y ${PUPPET_PKG}
elif is_fedora; then
print_header 'Setup (RedHat based)'
if rpm --quiet -q $PUPPET_RELEASE_FILE; then
$SUDO rpm -e $PUPPET_RELEASE_FILE
fi
# EPEL does not work fine with RDO, we need to make sure EPEL is really disabled
if rpm --quiet -q epel-release; then
$SUDO rpm -e epel-release
fi
$SUDO rm -f /tmp/puppet.rpm
# https://tickets.puppetlabs.com/browse/CPR-378
if [ $PUPPET_RELEASE_FILE == "puppetlabs-release" ]; then
RELEASE_URL='http://yum.puppetlabs.com/el/7Server/products/x86_64/puppetlabs-release-7-12.noarch.rpm'
else
RELEASE_URL='https://yum.puppetlabs.com/el/7Server/PC1/x86_64/puppetlabs-release-pc1-1.0.0-2.el7.noarch.rpm'
fi
wget $RELEASE_URL -O /tmp/puppet.rpm
$SUDO rpm -ivh /tmp/puppet.rpm
$SUDO yum install -y ${PUPPET_PKG}
fi
}
function run_puppet() {
local manifest=$1
$SUDO $PUPPET_FULL_PATH apply $PUPPET_ARGS fixtures/${manifest}.pp
local res=$?
return $res
}
function catch_selinux_alerts() {
if is_fedora; then
$SUDO sealert -a /var/log/audit/audit.log
if $SUDO grep -iq 'type=AVC' /var/log/audit/audit.log; then
echo "AVC detected in /var/log/audit/audit.log"
# TODO: figure why latest rabbitmq deployed with SSL tries to write in SSL pem file.
# https://bugzilla.redhat.com/show_bug.cgi?id=1341738
if $SUDO grep -iqE 'denied.*system_r:rabbitmq_t' /var/log/audit/audit.log; then
echo "non-critical RabbitMQ AVC, ignoring it now."
else
echo "Please file a bug on https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20OpenStack&component=openstack-selinux showing sealert output."
exit 1
fi
else
echo 'No AVC detected in /var/log/audit/audit.log'
fi
fi
}
View Git Blame Copy Permalink