openstack
/
tripleo-ansible
Code Issues Proposed changes

tripleo_compute_node: add for standalone roles 

The tripleo_compute_node is a "meta" role that imports the compute node
standalone playbooks for the purposes of molecule testing. The molecule
default scenario executes the standalone playbooks against a podman in
podman container with systemd as the process, in order to simulate a
compute node.

Change-Id: I14408ad4d2e4fb4ae265a105af18a876158200dc
Signed-off-by: James Slagle <jslagle@redhat.com>
This commit is contained in:
James Slagle 2022-09-27 10:32:17 -04:00
parent c5f3ebb81f
commit 6fd92814f0
17 changed files with 479 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/source/roles/role-tripleo_compute_node.rst Normal file
View File

@ -0,0 +1,6 @@
===========================
Role - tripleo_compute_node
===========================
.. ansibleautoplugin::
:role: tripleo_ansible/roles/tripleo_compute_node

15
scripts/run-local-test
View File

@ -40,6 +40,8 @@ function run_pip {
-r "${PROJECT_DIR}/requirements.txt" \
-r "${PROJECT_DIR}/test-requirements.txt" \
-r "${PROJECT_DIR}/molecule-requirements.txt" ${@:-}
# Required by authorized_key module used in tripleo_ansible/playbooks/prepare-test-host.yml
"${HOME}/test-python/bin/ansible-galaxy" collection install ansible.posix
}
## Main ----------------------------------------------------------------------
@ -49,10 +51,17 @@ source /etc/os-release || source /usr/lib/os-release
RHT_PKG_MGR=$(command -v dnf || command -v yum)
PYTHON_EXEC=$(command -v python3 || command -v python)
# Install the one requirement we need to run any local test
# Install the requirements we need to run local tests
sudo dnf -y install gcc
case "${ID,,}" in
amzn|rhel|centos|fedora)
sudo "${RHT_PKG_MGR}" install -y gcc python*-virtualenv
amzn|fedora)
sudo "${RHT_PKG_MGR}" install -y python*-virtualenv
;;
rhel|centos)
# Virtualenv no longer packaged for RHEL/CentOS 9. We will have to use
# system pip to install it.
sudo dnf -y install python*-pip
sudo pip install virtualenv
;;
esac

9
tox.ini
View File

@ -26,6 +26,7 @@ setenv =
# paramiko CryptographyDeprecationWarning: https://github.com/ansible/ansible/issues/52598
PYTHONWARNINGS=ignore:DEPRECATION::pip._internal.cli.base_command,ignore::UserWarning
PIP_DISABLE_PIP_VERSION_CHECK=1
TRIPLEO_ANSIBLE_COMPUTE_NODE_MOLECULE_VOLUMES=['${HOME}/.cache/containers:/var/lib/containers:rw','/sys/fs/cgroup:/sys/fs/cgroup:rw']
sitepackages = True
deps =
-r {toxinidir}/test-requirements.txt
@ -118,3 +119,11 @@ deps=
commands =
bash -c "cd {toxinidir}/tripleo_ansible/ansible_plugins/tests; molecule test --all;"
{[testenv:linters]commands}
[testenv:molecule-compute-node]
deps =
{[testenv:linters]deps}
commands =
ansible-galaxy install -fr {toxinidir}/tripleo_ansible/requirements.yml
pip install -r {toxinidir}/molecule-requirements.txt
bash -c "cd {toxinidir}/tripleo_ansible/roles/tripleo_compute_node; molecule test --all;"

6
tripleo_ansible/requirements.yml
View File

@ -28,6 +28,12 @@ roles:
version: master
trackbranch: master
- name: chrony
scm: git
src: https://opendev.org/openstack/ansible-role-chrony
version: master
trackbranch: master
collections:
- ansible.netcommon
- ansible.posix

19
tripleo_ansible/ansible-role-requirements.yml → tripleo_ansible/roles/tripleo_compute_node/defaults/main.yml
View File

@ -1,5 +1,5 @@
---
# Copyright 2019 Red Hat, Inc.
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
@ -14,18 +14,9 @@
# License for the specific language governing permissions and limitations
# under the License.
# DEPRECATED, the official location for dependencies is now
# /requirements.yaml file.
- name: openstack-operations
scm: git
src: https://opendev.org/openstack/ansible-role-openstack-operations
version: master
trackbranch: master
# All variables intended for modification should be placed in this file.
# ansible-config_template action plugin
- name: config_template
scm: git
src: https://opendev.org/openstack/ansible-config_template
version: master
trackbranch: master
# All variables within this role should have a prefix of "tripleo_compute_node"
tripleo_compute_node_debug: "{{ (ansible_verbosity | int) >= 2 | bool }}"
tripleo_compute_node_hide_sensitive_logs: true

0
tripleo_ansible/roles/tripleo_compute_node/files/.gitkeep Normal file
View File

15
tripleo_ansible/roles/tripleo_compute_node/handlers/main.yml Normal file
View File

@ -0,0 +1,15 @@
---
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

43
tripleo_ansible/roles/tripleo_compute_node/meta/main.yml Normal file
View File

@ -0,0 +1,43 @@
---
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
galaxy_info:
author: OpenStack
description: TripleO OpenStack Role -- tripleo_compute_node
company: Red Hat
license: Apache-2.0
min_ansible_version: 2.7
namespace: openstack
#
# Provide a list of supported platforms, and for each platform a list of versions.
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
platforms:
- name: CentOS
versions:
- 8
- 9
galaxy_tags:
- tripleo
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
dependencies: []

59
tripleo_ansible/roles/tripleo_compute_node/molecule/default/Dockerfile.j2 Normal file
View File

@ -0,0 +1,59 @@
# Molecule managed
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash python*setuptools systemd {{ item.pkg_extras | default('') }} && dnf clean all;
RUN dnf -y update && \
rpm --setcaps shadow-utils 2>/dev/null && \
dnf -y install podman fuse-overlayfs \
--exclude container-selinux && \
dnf clean all && \
rm -rf /var/cache /var/log/dnf* /var/log/yum.*
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
ARG _REPO_URL="https://raw.githubusercontent.com/containers/podman/main/contrib/podmanimage/stable"
ADD $_REPO_URL/containers.conf /etc/containers/containers.conf
RUN sed -i -e 's|^#mount_program|mount_program|g' \
-e '/additionalimage.*/a "/var/lib/shared",' \
-e 's|^mountopt[[:space:]]*=.*$|mountopt = "nodev,fsync=0"|g' \
/etc/containers/storage.conf
VOLUME /var/lib/containers
RUN mkdir -p /var/lib/shared/overlay-images \
/var/lib/shared/overlay-layers \
/var/lib/shared/vfs-images \
/var/lib/shared/vfs-layers && \
touch /var/lib/shared/overlay-images/images.lock && \
touch /var/lib/shared/overlay-layers/layers.lock && \
touch /var/lib/shared/vfs-images/images.lock && \
touch /var/lib/shared/vfs-layers/layers.lock
ENV _CONTAINERS_USERNS_CONFIGURED=""
CMD {{ item.command }}

175
tripleo_ansible/roles/tripleo_compute_node/molecule/default/converge.yml Normal file
View File

@ -0,0 +1,175 @@
---
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
gather_facts: true
tasks:
# The openvswitch kernel module needs to be loaded on the host, since
# tripleo_bootstrap assumes it can start the service.
- name: install and modprobe openvswitch
shell: |
sudo dnf -y install openvswitch
sudo modprobe openvswitch
delegate_to: localhost
run_once: true
- name: Set ulimit limits for nproc
pam_limits:
domain: '*'
limit_item: nproc
limit_type: '-'
value: 126966
delegate_to: localhost
run_once: true
become: true
# Needed by tripleo_ssh_known_hosts role which expects the allovercloud
# group in the inventory.
- name: Create allovercloud inventory group and add hosts
ansible.builtin.add_host:
groups:
- allovercloud
name: "{{ item }}"
loop: "{{ ansible_play_hosts_all }}"
tags:
- always
- name: Set needed vars for deploy playbooks
set_fact:
service_net_map:
nova_api_network: internal_api
nova_libvirt_network: internal_api
internal_api_ip: 192.168.24.100
tenant_ip: 192.168.24.100
tripleo_ovn_dbs:
- 192.168.24.10
tripleo_selinux_mode: disabled
fqdn_internal_api: centos
deploy_target_host: all
tripleo_nova_compute_docker_ulimit: []
tags:
- always
- name: Mock items when not running podman as root
when: ansible_user_id != 0
block:
- name: Install packages that would otherwise be installed or needing to be mocked
package:
name:
- cronie
- rsyslog
- procps-ng
- systemd-udev
state: present
- name: Mock systemd-modules-load.service service
shell: |
sed -i 's/ExecStart=.*/ExecStart=\/bin\/true/' /lib/systemd/system/systemd-modules-load.service
systemctl daemon-reload
- name: Mock sysctl
shell: |
cat >/usr/local/sbin/sysctl<<EOF
#!/bin/bash
/usr/sbin/sysctl.save \$@
exit 0
EOF
chmod +x /usr/local/sbin/sysctl
if [ ! -f /usr/sbin/sysctl.save ]; then
mv /usr/sbin/sysctl /usr/sbin/sysctl.save
fi
ln -f -s /usr/local/sbin/sysctl /usr/sbin/sysctl
- name: Mock chrony
shell: |
dnf -y install chrony
cat >/etc/sysconfig/chronyd<<EOF
# Command-line options for chronyd
OPTIONS="-F 2 -x"
EOF
cat >/usr/local/bin/chronyc<<EOF
#!/bin/bash
/usr/bin/chronyc.save \$@
exit 0
EOF
chmod +x /usr/local/bin/chronyc
if [ ! -f /usr/bin/chronyc.save ]; then
mv /usr/bin/chronyc /usr/bin/chronyc.save
fi
ln -s -f /usr/local/bin/chronyc /usr/bin/chronyc
- import_playbook: ../../../../playbooks/deploy-tripleo-facts.yml
name: deploy-tripleo-facts.yml
vars:
deploy_target_host: all
tags:
- facts
- import_playbook: ../../../../playbooks/deploy-tripleo-os-install.yml
name: deploy-tripleo-os-install.yml
vars:
deploy_target_host: all
tags:
- os_install
- import_playbook: ../../../../playbooks/deploy-tripleo-os-configure.yml
name: deploy-tripleo-os-configure.yml
vars:
deploy_target_host: all
tags:
- os_configure
- import_playbook: ../../../../playbooks/deploy-tripleo-os-run.yml
name: deploy-tripleo-os-run.yml
vars:
deploy_target_host: all
tags:
- os_run
- import_playbook: ../../../../playbooks/deploy-tripleo-openstack-install.yml
name: deploy-tripleo-openstack-install.yml
vars:
deploy_target_host: all
tags:
- openstack_install
- import_playbook: ../../../../playbooks/deploy-tripleo-openstack-configure.yml
name: deploy-tripleo-openstack-configure.yml
vars:
deploy_target_host: all
tripleo_nova_compute_config_overrides:
default:
transport_url: rabbit://
oslo_messaging_notifications:
transport_url: rabbit://
tags:
- openstack_configure
- import_playbook: ../../../../playbooks/deploy-tripleo-openstack-run.yml
name: deploy-tripleo-openstack-run.yml
vars:
deploy_target_host: all
tripleo_logrotate_crond_podman_pid: private
tripleo_nova_libvirt_container_pid: private
tags:
- openstack_run

49
tripleo_ansible/roles/tripleo_compute_node/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,49 @@
---
driver:
name: podman
platforms:
- name: centos
hostname: centos
image: centos/centos:stream9
registry:
url: quay.io
dockerfile: Dockerfile.j2
command: /sbin/init
volumes: ${TRIPLEO_ANSIBLE_COMPUTE_NODE_MOLECULE_VOLUMES:-['/sys/fs/cgroup:/sys/fs/cgroup:rw','/etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro','/etc/pki/rpm-gpg:/etc/pki/rpm-gpg:O','/opt/yum.repos.d:/etc/yum.repos.d:O','/etc/dnf/vars:/etc/dnf/vars:O']}
privileged: true
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
ulimits: &ulimit
- host
provisioner:
inventory:
hosts:
all:
hosts:
centos:
ansible_python_interpreter: /usr/bin/python3
name: ansible
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH}:${HOME}/zuul-jobs/roles:${MOLECULE_PROJECT_DIRECTORY}/../../roles.galaxy"
ANSIBLE_LIBRARY: "${ANSIBLE_LIBRARY}:${MOLECULE_PROJECT_DIRECTORY}/../../ansible_plugins/modules"
ANSIBLE_ACTION_PLUGINS: "${ANSIBLE_ACTION_PLUGINS}:${MOLECULE_PROJECT_DIRECTORY}/../../ansible_plugins/action"
ANSIBLE_FILTER_PLUGINS: "${ANSIBLE_FILTER_PLUGINS}:${MOLECULE_PROJECT_DIRECTORY}/../../ansible_plugins/filter"
ANSIBLE_STRATEGY_PLUGINS: "${ANSIBLE_STRATEGY_PLUGINS}:${MOLECULE_PROJECT_DIRECTORY}/../../ansible_plugins/strategy"
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- check
- verify
- destroy
verifier:
name: ansible

29
tripleo_ansible/roles/tripleo_compute_node/molecule/default/prepare.yml Normal file
View File

@ -0,0 +1,29 @@
---
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
tasks:
- name: test_deps
include_role:
name: test_deps
vars:
test_deps_setup_tripleo: true
test_deps_tripleo_packages: []
- name: env_data
include_role:
name: env_data

33
tripleo_ansible/roles/tripleo_compute_node/tasks/main.yml Normal file
View File

@ -0,0 +1,33 @@
---
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# "tripleo_compute_node" will search for and load any operating system variable file
# found within the "vars/" path. If no OS files are found the task will skip.
- name: Gather variables for each operating system
include_vars: "{{ item }}"
with_first_found:
- skip: true
files:
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_major_version'] | lower }}.yml"
- "{{ ansible_facts['distribution'] | lower }}.yml"
- "{{ ansible_facts['os_family'] | lower }}-{{ ansible_facts['distribution_version'].split('.')[0] }}.yml"
- "{{ ansible_facts['os_family'] | lower }}.yml"
tags:
- always

22
tripleo_ansible/roles/tripleo_compute_node/vars/main.yml Normal file
View File

@ -0,0 +1,22 @@
---
# Copyright 2022 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# While options found within the vars/ path can be overridden using extra
# vars, items within this path are considered part of the role and not
# intended to be modified.
# All variables within this role should have a prefix of "tripleo_compute_node"

11
zuul.d/molecule.yaml
View File

@ -21,6 +21,7 @@
- tripleo-ansible-centos-stream-molecule-tripleo_cephadm
- tripleo-ansible-centos-stream-molecule-tripleo_clients_install
- tripleo-ansible-centos-stream-molecule-tripleo_collectd
- tripleo-ansible-centos-stream-molecule-tripleo_compute_node
- tripleo-ansible-centos-stream-molecule-tripleo_config
- tripleo-ansible-centos-stream-molecule-tripleo_container_image_build
- tripleo-ansible-centos-stream-molecule-tripleo_container_image_prepare
@ -94,6 +95,7 @@
- tripleo-ansible-centos-stream-molecule-tripleo_cephadm
- tripleo-ansible-centos-stream-molecule-tripleo_clients_install
- tripleo-ansible-centos-stream-molecule-tripleo_collectd
- tripleo-ansible-centos-stream-molecule-tripleo_compute_node
- tripleo-ansible-centos-stream-molecule-tripleo_config
- tripleo-ansible-centos-stream-molecule-tripleo_container_image_build
- tripleo-ansible-centos-stream-molecule-tripleo_container_image_prepare
@ -167,6 +169,7 @@
- tripleo-ansible-centos-stream-molecule-tripleo_cephadm
- tripleo-ansible-centos-stream-molecule-tripleo_clients_install
- tripleo-ansible-centos-stream-molecule-tripleo_collectd
- tripleo-ansible-centos-stream-molecule-tripleo_compute_node
- tripleo-ansible-centos-stream-molecule-tripleo_config
- tripleo-ansible-centos-stream-molecule-tripleo_container_image_build
- tripleo-ansible-centos-stream-molecule-tripleo_container_image_prepare
@ -355,6 +358,14 @@
nslookup_target: opendev.org
tripleo_role_name: tripleo_collectd
voting: false
- job:
files:
- ^tripleo_ansible/roles/tripleo_compute_node/(?!meta).*
- ^tripleo_ansible/playbooks/.*
name: tripleo-ansible-centos-stream-molecule-tripleo_compute_node
parent: tripleo-ansible-centos-stream-base
vars:
tripleo_role_name: tripleo_compute_node
- job:
files:
- ^tripleo_ansible/roles/tripleo_config/(?!meta).*

2
zuul.d/playbooks/pre.yml
View File

@ -87,7 +87,7 @@
command: >-
{{ ansible_user_dir }}/test-python/bin/ansible-galaxy install
-fr
{{ tripleo_ansible_project_path }}/tripleo_ansible/ansible-role-requirements.yml
{{ tripleo_ansible_project_path }}/tripleo_ansible/requirements.yml
environment:
ANSIBLE_ROLES_PATH: "{{ tripleo_ansible_project_path }}/tripleo_ansible/roles.galaxy"

10
zuul.d/playbooks/run.yml
View File

@ -11,26 +11,24 @@
- name: Set role or plugin path fact
set_fact:
triple_ansible_testdir: "{{ tripleo_ansible_project_path }}/tripleo_ansible/roles/{{ tripleo_role_name }}"
tripleo_ansible_testdir: "{{ tripleo_ansible_project_path }}/tripleo_ansible/roles/{{ tripleo_role_name }}"
when: tripleo_role_name is defined and tripleo_role_name
- name: Set role or plugin path fact
set_fact:
triple_ansible_testdir: "{{ tripleo_ansible_project_path }}/tripleo_ansible/ansible_plugins/tests"
tripleo_ansible_testdir: "{{ tripleo_ansible_project_path }}/tripleo_ansible/ansible_plugins/tests"
when: tripleo_role_name is not defined
tasks:
# Remove 'systemd-run --scope --user' when podman has version >2.0.5
# see issue: https://github.com/containers/podman/issues/8965
- name: Run role test job
shell: |-
. {{ ansible_user_dir }}/test-python/bin/activate
. {{ tripleo_ansible_project_path }}/ansible-test-env.rc
systemd-run --scope --user pytest --color=no \
pytest --color=no \
--html={{ ansible_user_dir }}/zuul-output/logs/reports.html \
--self-contained-html \
--ansible-args='{{ tripleo_job_ansible_args | default('') }}' \
{{ tripleo_ansible_project_path }}/tests/test_molecule.py
args:
chdir: "{{ triple_ansible_testdir }}"
chdir: "{{ tripleo_ansible_testdir }}"
executable: /bin/bash