Collection of scripts and manifests for module testing
Go to file
Alfredo Moralejo e40e6d934b Fix ipv6 certificate to make it compliant with IDNA
Currently we are setting "DNS.0 = ::1", but ::1 is not a valid
A-Label for IDNA so the certificate is not correct.

Additionally, we are setting wrong value for DNS.0 = 127.0.0.1
in the ipv4 certificate.

Finally, removing issuerAltName from both ipv4 and ipv6 certificates
as they are not needed for the jobs.

New versions of python-cryptography are more strict to check
certificates content and does not allow to have not compliant
DNS names so we need to fix the certificate to bump python-cryptography.

Note that horizont tempest plugin does not support ipaddress SANs based
certificate validation so I'm disablint certificate validation for
dashboard in this patch.

Depends-On: Iea7a4b85ac64572fac0f0ad871649a79fbc1c0f5

Change-Id: Ib519d222e07e26d3683b24359e2f67728cdd8029
2018-03-20 22:38:03 +01:00
contrib Fix ipv6 certificate to make it compliant with IDNA 2018-03-20 22:38:03 +01:00
files Fix ipv6 certificate to make it compliant with IDNA 2018-03-20 22:38:03 +01:00
fixtures Try enabling and fix comments 2018-03-11 16:06:59 +01:00
hiera Remove leftovers from mongodb 2018-01-25 12:27:36 +01:00
manifests Fix ipv6 certificate to make it compliant with IDNA 2018-03-20 22:38:03 +01:00
playbooks Switch libraries jobs to Zuul v3 2018-02-12 16:41:32 +08:00
templates Re-enable Designate on CentOS7 2017-02-02 22:15:04 +00:00
.gitignore Update SSL certificates with SubjectAltNames 2016-09-29 00:20:08 -04:00
.gitreview Added .gitreview 2015-06-23 19:27:13 +00:00
.zuul.yaml Don't run beaker and integration jobs when patching document 2018-03-12 13:48:37 +08:00
Gemfile Load puppet-openstack_spec_helper locally during tests 2018-02-12 10:55:06 +08:00
LICENSE Add LICENSE file 2015-07-13 14:58:14 -04:00
Puppetfile Updated from Puppet OpenStack modules constraints 2018-03-14 06:48:24 +00:00
README.md keystone: enable fernet across all CI 2018-02-07 11:04:39 -07:00
Rakefile Align the stars 2017-02-01 22:36:10 -05:00
all-in-one.sh apt-get install lsb-release curl 2018-03-13 14:06:49 +01:00
bindep.txt Move other-requirements.txt to bindep.txt 2016-08-12 21:10:15 +02:00
configure_facts.sh Remove trailing slash in NODEPOOL_PUPPETLABS_MIRROR 2018-02-07 14:18:20 +01:00
copy_logs.sh Add ironic-inspector and iptables to captured logs 2018-01-31 10:37:49 +11:00
external_modules.txt Remove leftovers from mongodb 2018-01-25 12:27:36 +01:00
functions Revert "Remove r10k env vars with proper args" 2018-02-06 03:34:38 +00:00
install_modules.sh Revert "Remove r10k env vars with proper args" 2018-02-06 03:34:38 +00:00
install_modules_unit.sh Remove PUPPET_MAJ_VERSION check for unit modules 2018-02-06 15:55:43 +01:00
openstack_modules.txt add vitrage 2017-02-14 16:55:08 +02:00
run_tests.sh Merge "Switch to stestr for generating subunit results" 2018-02-25 08:40:35 +00:00

README.md

Team and repository tags

Team and repository tags

puppet-openstack-integration

Table of Contents

  1. Overview - What is Puppet OpenStack Integration?
  2. Description - What does the project do?
  3. Development - Guide for contributing
  4. All-in-one - How to deploy a cloud with Puppet
  5. Contributors - Those with commits

Overview

Puppet OpenStack Integration makes sure we can continuously test and validate OpenStack setups deployed with Puppet modules. The repository itself contains some scripts and Puppet manifests that help to deploy OpenStack in OpenStack Infrastructure environment.

Description

OpenStack Infrastructure is deploying four jobs per supported Operating System (Ubuntu and CentOS): scenario001, scenario002, scenario003 and scenario004.

OpenStack services are balanced between four scenarios because OpenStack Infastructure Jenkins slaves can not afford the load of running everything on the same node. One manifest (scenario-aio) is used for people who want to run a simple All-In-One scenario.

- scenario001 scenario002 scenario003 scenario004 scenario-aio
ssl yes yes yes yes no
ipv6 centos7 centos7 centos7 centos7 no
keystone X X X X X
glance rbd swift file swift+rgw file
nova rbd X X rbd X
neutron ovs ovs linuxbridge ovs ovs
lbaas v2 v2 v2 v2
cinder rbd iscsi iscsi
ceilometer X
aodh X
panko X
designate bind
backup swift
gnocchi rbd
ec2api X
heat X X
swift X
sahara X
trove X
horizon X X
ironic X
zaqar X
murano X
mistral X
barbican X
ceph X X
ceph rgw X
vitrage X
watcher X
bgpvpn-api X
redis X
l2gw X
om rpc amqp1 rabbit rabbit rabbit rabbit
om notify rabbit rabbit rabbit rabbit rabbit

When the Jenkins slave is created, the run_tests.sh script will be executed. This script will execute install_modules.sh that prepare /etc/puppet/modules with all Puppet modules dependencies.

Then, it will execute Puppet a first time by applying a scenario manifest. If the first run executes without error, a second Puppet run will be executed to verify there is no change in the catalog and make sure the Puppet run is idempotent.

If Puppet runs are successful, the script will run Tempest Smoke tests, that will execute some scenarios & API tests. It covers what we want to validate, and does not take too much time.

Development

Developer documentation for the entire Puppet OpenStack project:

Note: SSL Certificates

puppet-openstack-integration ships it's own SSL keys and certificates in order to be able to test implementations secured over SSL/TLS.

It doesn't re-generate new ones every time for the sake of simplicity: we're not testing that we can generate certificates properly, we're testing services.

The configuration as well as the commands used to generate these keys and certificates are stored in the contrib directory.

All-In-One

If you're new in Puppet OpenStack and you want to deploy an All-In-One setup of an OpenStack Cloud with the Puppet modules, please follow the steps:

git clone git://git.openstack.org/openstack/puppet-openstack-integration
cd puppet-openstack-integration
./all-in-one.sh

Look at Description to see which services it will install (scenario-aio).

Contributors