Update zuul environment to support helm chart
This patch changes the following to support helm chart spec and to test instantiate/terminate cnf with helm chart. * Add `extra` field to vims db. * Add `setup-helm` task to ansible-playbook roles. [On controller-k8s node] * Create and setup helm user for executing helm command. * Install helm. * Create folder for putting local helm chart. * Enable password authentication in sshd_config and restart sshd. [On controller node] * Update Vims DB of vim-kubernetes to modify extra field that include helm access information. Implements: blueprint helmchart-k8s-vim Change-Id: Iaf7c11c5bedb77e9cd21074be2b4f73528aa2ce7
This commit is contained in:
parent
5eced54d7f
commit
d7a13ce18a
@ -472,6 +472,7 @@
|
||||
controller_worker:
|
||||
amp_active_retries: 9999
|
||||
kuryr_k8s_api_url: "http://{{ hostvars['controller-k8s']['nodepool']['private_ipv4'] }}:8080"
|
||||
helm_version: "3.5.4"
|
||||
test_matrix_configs: [neutron]
|
||||
zuul_work_dir: src/opendev.org/openstack/tacker
|
||||
zuul_copy_output:
|
||||
|
@ -4,6 +4,7 @@
|
||||
- orchestrate-devstack
|
||||
- modify-heat-policy
|
||||
- setup-default-vim
|
||||
- setup-helm
|
||||
- role: bindep
|
||||
bindep_profile: test
|
||||
bindep_dir: "{{ zuul_work_dir }}"
|
||||
|
4
roles/setup-helm/defaults/main.yaml
Normal file
4
roles/setup-helm/defaults/main.yaml
Normal file
@ -0,0 +1,4 @@
|
||||
helm_user_home_dir: /home/helm
|
||||
helm_user_password: helm_password
|
||||
helm_chart_dir: /var/tacker/helm
|
||||
vim_name: vim-kubernetes
|
1
roles/setup-helm/files/50_helm_sh
Normal file
1
roles/setup-helm/files/50_helm_sh
Normal file
@ -0,0 +1 @@
|
||||
helm ALL=(root) NOPASSWD:ALL
|
106
roles/setup-helm/tasks/main.yaml
Normal file
106
roles/setup-helm/tasks/main.yaml
Normal file
@ -0,0 +1,106 @@
|
||||
- block:
|
||||
- name: Create helm group
|
||||
group:
|
||||
name: helm
|
||||
become: yes
|
||||
|
||||
- name: Create the helm user home folder
|
||||
file:
|
||||
path: "{{ helm_user_home_dir }}"
|
||||
state: directory
|
||||
become: yes
|
||||
|
||||
- name: Create helm user
|
||||
user:
|
||||
name: helm
|
||||
password: "{{ helm_user_password | password_hash('sha512') }}"
|
||||
shell: /bin/bash
|
||||
home: "{{ helm_user_home_dir }}"
|
||||
group: helm
|
||||
become: yes
|
||||
|
||||
- name: Set helm user home directory permissions and ownership
|
||||
file:
|
||||
path: '{{ helm_user_home_dir }}'
|
||||
mode: 0755
|
||||
owner: helm
|
||||
group: helm
|
||||
become: yes
|
||||
|
||||
- name: Copy 50_helm_sh file to /etc/sudoers.d
|
||||
copy:
|
||||
src: 50_helm_sh
|
||||
dest: /etc/sudoers.d
|
||||
mode: 0440
|
||||
owner: root
|
||||
group: root
|
||||
become: yes
|
||||
|
||||
- name: Copy kube config to helm user home folder
|
||||
copy:
|
||||
src: "{{ devstack_base_dir }}/.kube"
|
||||
dest: "{{ helm_user_home_dir }}"
|
||||
mode: 0755
|
||||
owner: helm
|
||||
group: helm
|
||||
remote_src: yes
|
||||
become: yes
|
||||
|
||||
- name: Download Helm
|
||||
get_url:
|
||||
url: "https://get.helm.sh/helm-v{{ helm_version }}-linux-amd64.tar.gz"
|
||||
dest: "/tmp/helm-v{{ helm_version }}-linux-amd64.tar.gz"
|
||||
force: yes
|
||||
|
||||
- name: Unarchive Helm
|
||||
unarchive:
|
||||
src: "/tmp/helm-v{{ helm_version }}-linux-amd64.tar.gz"
|
||||
dest: "/tmp"
|
||||
remote_src: yes
|
||||
become: yes
|
||||
|
||||
- name: Move Helm binary
|
||||
shell: mv /tmp/linux-amd64/helm /usr/local/bin/helm
|
||||
become: yes
|
||||
|
||||
- name: Create folder to store helm charts
|
||||
file:
|
||||
path: "{{ helm_chart_dir }}"
|
||||
state: directory
|
||||
become: yes
|
||||
|
||||
- name: Enable PasswordAuthentication
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: "^PasswordAuthentication"
|
||||
insertafter: "^#PasswordAuthentication"
|
||||
line: "PasswordAuthentication yes"
|
||||
become: yes
|
||||
|
||||
- name: Restart sshd service
|
||||
service:
|
||||
name: sshd
|
||||
state: restarted
|
||||
become: yes
|
||||
|
||||
when:
|
||||
- inventory_hostname == 'controller-k8s'
|
||||
- helm_version is defined
|
||||
|
||||
- block:
|
||||
- name: Update extra field of k8s vim
|
||||
command: mysql -uroot -p{{ devstack_localrc['DATABASE_PASSWORD'] }} -hlocalhost tacker -e "update vims set extra='{\"helm_info\":\"{\'masternode_ip\':[\'{{ hostvars['controller-k8s']['nodepool']['private_ipv4'] }}\'],\'masternode_username\':\'helm\',\'masternode_password\':\'{{ helm_user_password }}\'}\"}' where name='{{ vim_name }}'"
|
||||
|
||||
- name: Get extra field of k8s vim after updating
|
||||
command: mysql -uroot -p{{ devstack_localrc['DATABASE_PASSWORD'] }} -hlocalhost tacker -e "select extra from vims where name='{{ vim_name }}'"
|
||||
register: result
|
||||
|
||||
- name: Print result
|
||||
debug:
|
||||
var: result.stdout
|
||||
when: result.rc == 0
|
||||
|
||||
when:
|
||||
- inventory_hostname == 'controller'
|
||||
- helm_version is defined
|
||||
|
@ -0,0 +1,36 @@
|
||||
# Copyright 2021 OpenStack Foundation
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
# flake8: noqa: E402
|
||||
|
||||
"""add extra field to vims db
|
||||
|
||||
Revision ID: 6dc60a5760e5
|
||||
Revises: c31f65e0d099
|
||||
Create Date: 2021-07-26 12:28:13.797458
|
||||
|
||||
"""
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = '6dc60a5760e5'
|
||||
down_revision = 'c31f65e0d099'
|
||||
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
|
||||
|
||||
def upgrade(active_plugins=None, options=None):
|
||||
op.add_column('vims',
|
||||
sa.Column('extra', sa.JSON(), nullable=True))
|
@ -1 +1 @@
|
||||
c31f65e0d099
|
||||
6dc60a5760e5
|
||||
|
Loading…
Reference in New Issue
Block a user