openstack/tripleo-validations
Code Issues Proposed changes

remove using containers-prepare-parameter.yaml

Browse Source 
1. Stop using DockerInsecureRegistryAddress from
   containers-prepare-parameter.yaml
2. Instead, use:
   'openstack stack environment show qe-Cloud-0'

Co-authored-by: Daniel Bengtsson <dbengt@redhat.com>
Change-Id: I8b30574fcc769b4ee39a0c24f3a5a982b80f6c0a
This commit is contained in:
omcgonag 2021-06-11 16:16:24 -04:00
parent 560065b534
commit 8492bf8e35
7 changed files with 332 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
doc/source/roles/role-check_uc_hostname.rst
View File

@ -2,7 +2,71 @@
check_uc_hostname
=================
.. literalinclude:: ../../../roles/check_uc_hostname/README.md
--------------
About the role
--------------
Ansible role to check ``DockerInsecureRegistryAddress`` matches the UC hostname.
The purpose of this validation is mostly target for the FFWD 13 to 16.X procedure.
Customer is expected to follow the step `9.3. Configuring access to the
undercloud registry
<https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html-single/framework_for_upgrades_13_to_16.1/index#configuring-access-to-the-undercloud-registry-composable-services>`_
The customer needs to retrieve the control plane host name on the
undercloud and add it into the ``DockerInsecureRegistryAddress``.
It might happen that the user misses this step or doesn't really add
the right control plan host name and then ``podman`` fails to retrieve the
containers.
To summarize what customer is expected to do:
- Run ``sudo hiera container_image_prepare_node_names`` to get host name(s)
- Edit the containers-prepare-parameter.yaml file and the ``DockerInsecureRegistryAddress`` parameter with
host name and IP of the undercloud.
This validation will:
- Pull ``DockerInsecureRegistryAddress`` (list) from the Openstack environment
- Run ``sudo hiera container_image_prepare_node_names``
- Verify the container_image_prepare_node_names returned from ``hiera`` is contained in the ``DockerInsecureRegistryAddress`` list.
Requirements
============
This role will be executed pre Overcloud Update.
Dependencies
============
No Dependencies
Example Playbook
================
.. code-block:: yaml
- hosts: servers
vars:
check_uc_hostname_debug: true
roles:
- check_uc_hostname
License
=======
Apache
Author Information
==================
**Red Hat TripleO DFG:Upgrades**
----------------
Full Description
----------------
.. ansibleautoplugin::
:role: roles/check_uc_hostname

39
roles/check_uc_hostname/README.md
View File

@ -1,39 +0,0 @@
Check-uc-hostname
=================
Add Ansible role to check DockerInsecureRegistryAddress matches the UC hostname.
Requirements
------------
This role will be executed pre Overcloud Update, and post Update
Role Variables
--------------
* `check_uc_hostname_debug`: <'false'> -- debugging mode.
* `check_uc_hostname_containers`: <'{{ansible_env.HOME}}/containers-prepare-parameter.yaml'> -- Sets the default path to the `containers-prepare-parameters.yaml` file on the Undercloud.
* `check_uc_hostname_undercloud`: <'{{ ansible_env.HOME }}/undercloud.conf'> -- Sets the default path to the `undercloud.conf` file on the Undercloud.
Dependencies
------------
No Dependencies
Example Playbook
----------------
- hosts: servers
roles:
- { role: check_uc_hostname, check_uc_hostname_debug: true }
License
-------
Apache
Author Information
------------------
Red Hat TripleO DFG:Upgrades

8
roles/check_uc_hostname/defaults/main.yml
View File

@ -18,6 +18,10 @@
# All variables intended for modification should place placed in this file.
# All variables within this role should have a prefix of "check_uc_hostname"
# Debugging mode
check_uc_hostname_debug: false
check_uc_hostname_containers: "{{ ansible_env.HOME }}/containers-prepare-parameter.yaml"
check_uc_hostname_undercloud: "{{ ansible_env.HOME }}/undercloud.conf"
# Contains the ansible inventory hosts variable,
# which is used to get the hostvars stack (plan) name
check_uc_hostname_inventory_host: undercloud

218
roles/check_uc_hostname/molecule/default/converge.yml
View File

@ -18,35 +18,215 @@
- name: Converge
hosts: all
tasks:
- name: Test working
- name: Working 1 - openstack one entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"undercloud-0.ctlplane.redhat.local:8787\""
echo " ]"
echo " }"
echo "}"
- name: Working 1 - hiera one entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo [\"undercloud-0.ctlplane.redhat.local\"]
exit 0
- name: Test Working 1
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: ubi8
- name: Working 2 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"undercloud-0.ctlplane.redhat.local:8787\","
echo " \"undercloud-1.ctlplane.redhat.local:8787\","
echo " \"undercloud-2.ctlplane.redhat.local:8787\""
echo " ]"
echo " }"
echo "}"
- name: Working 2 - hiera multiple entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "["
echo " \"undercloud-0.ctlplane.redhat.local\","
echo " \"undercloud-1.ctlplane.redhat.local\","
echo " \"undercloud-2.ctlplane.redhat.local\""
echo "]"
exit 0
- name: Test Working 2
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: ubi8
- name: Working 3 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"undercloud-0.ctlplane.redhat.local:8787\","
echo " \"redhat.registry.io:8787\","
echo " \"mysuper-registry.io\","
echo " ]"
echo " }"
echo "}"
- name: Working 3 - hiera single entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "["
echo " \"undercloud-0.ctlplane.redhat.local\","
echo "]"
exit 0
- name: Test Working 3
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: ubi8
- name: Working 4 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"BROKENCLOUD-0.ctlplane.redhat.local:8787\","
echo " \"redhat.registry.io:8787\","
echo " \"mysuper-registry.io\","
echo " ]"
echo " }"
echo "}"
- name: Working 4 - we do not fail if hiera returns empty list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "[]"
exit 0
- name: Test Working 4
include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: ubi8
- name: Failing 1 - we fail if DockerInsecureRegistryAddress is not found
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " }"
echo "}"
- name: Failing 1 - hiera no entry found
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
exit 0
- name: Failing 1
block:
- include_role:
name: check_uc_hostname
vars:
check_uc_hostname_undercloud: "/tmp/undercloud.conf"
check_uc_hostname_containers: "/tmp/containers-prepare-parameter.yaml"
- name: Test failing
block:
- name: populate undercloud.conf
copy:
dest: "/tmp/undercloud.conf"
content: |
[DEFAULT]
undercloud_public_host = 192.168.24.2
- include_role:
name: check_uc_hostname
vars:
check_uc_hostname_undercloud: "/tmp/undercloud.conf"
check_uc_hostname_containers: "/tmp/containers-prepare-parameter.yaml"
check_uc_hostname_inventory_host: ubi8
rescue:
- name: Clear host errors
meta: clear_host_errors
- debug:
msg: The validation works! End the playbook run
msg: The validation Case Failing 1 works! Continuing playbook run...
- name: Failing 2 - openstack multiple entry in list
copy:
dest: /usr/bin/openstack
mode: 0755
content: |
#!/bin/bash
echo "{"
echo " \"parameters\": {},"
echo " \"parameter_defaults\": {"
echo " \"DockerInsecureRegistryAddress\": ["
echo " \"BROKENCLOUD-0.ctlplane.redhat.local:8787\","
echo " \"redhat.registry.io:8787\","
echo " \"mysuper-registry.io\","
echo " ]"
echo " }"
echo "}"
- name: Failing 2 - hiera single entry in list
copy:
dest: /usr/bin/hiera
mode: 0755
content: |
#!/bin/bash
echo "["
echo " \"undercloud-0.ctlplane.redhat.local\","
echo "]"
exit 0
- name: Failing 2
block:
- include_role:
name: check_uc_hostname
vars:
check_uc_hostname_inventory_host: ubi8
rescue:
- name: Clear host errors
meta: clear_host_errors
- debug:
msg: The validation Case Failing 2 works! Ending playbook run
- name: End play
meta: end_play

19
roles/check_uc_hostname/molecule/default/molecule.yml
View File

@ -1,3 +1,22 @@
---
# inherits tripleo-validations/.config/molecule/config.yml
# To override default values, please take a look at the config.yml.
provisioner:
name: ansible
inventory:
hosts:
all:
hosts:
ubi8:
ansible_python_interpreter: /usr/bin/python3
vars:
plan: qe-Cloud-0
plans: [qe-Cloud-0]
log: true
options:
vvv: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH}:${HOME}/zuul-jobs/roles"
ANSIBLE_LIBRARY: "${ANSIBLE_LIBRARY:-/usr/share/ansible/plugins/modules}"

72
roles/check_uc_hostname/molecule/default/prepare.yml
View File

@ -1,72 +0,0 @@
---
# Copyright 2021 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Prepare
hosts: all
gather_facts: false
tasks:
- name: populate undercloud.conf
copy:
dest: "/tmp/undercloud.conf"
content: |
[DEFAULT]
undercloud_public_host = 192.168.24.1
- name: populate containers-prepare-parameter.yaml
copy:
dest: "/tmp/containers-prepare-parameter.yaml"
content: |
parameter_defaults:
DockerInsecureRegistryAddress:
- 192.168.24.1:8787
- docker.io
ContainerImagePrepare:
- push_destination: "192.168.24.1:8787"
set:
tag: "current-tripleo"
namespace: "docker.io/tripleomaster"
name_prefix: "openstack"
name_suffix: ""
rhel_containers: "false"
ceph_namespace: "quay.ceph.io/ceph-ci"
ceph_image: "daemon"
ceph_tag: "v5.0.7-stable-5.0-octopus-centos-8-x86_64"
openshift_tag: "v3.11.0"
- name: Prepare localhost
hosts: localhost
gather_facts: false
tasks:
- name: populate containers-prepare-parameter.yaml
copy:
dest: "/tmp/containers-prepare-parameter.yaml"
content: |
parameter_defaults:
DockerInsecureRegistryAddress:
- 192.168.24.1:8787
- docker.io
ContainerImagePrepare:
- push_destination: "192.168.24.1:8787"
set:
tag: "current-tripleo"
namespace: "docker.io/tripleomaster"
name_prefix: "openstack"
name_suffix: ""
rhel_containers: "false"
ceph_namespace: "quay.ceph.io/ceph-ci"
ceph_image: "daemon"
ceph_tag: "v5.0.7-stable-5.0-octopus-centos-8-x86_64"
openshift_tag: "v3.11.0"

88
roles/check_uc_hostname/tasks/main.yml
View File

@ -14,59 +14,57 @@
# License for the specific language governing permissions and limitations
# under the License.
- name: Ensure we get needed facts
setup:
gather_subset:
- '!all'
- '!any'
- '!min'
- env
- name: Check undercloud.conf
stat:
path: "{{ check_uc_hostname_undercloud }}"
register: stat_result_uc_hostname_undercloud
- name: Check containers-prepare-parameter
stat:
path: "{{ check_uc_hostname_containers }}"
register: stat_result_uc_hostname_containers
- name: Fail if one of those files is missing
- name: Make sure stack plan is in the inventory
fail:
msg: |
The following configuration file(s) is/are missing:
{% if not stat_result_uc_hostname_undercloud.stat.exists %}
- "{{ check_uc_hostname_undercloud }}"
{% endif %}
{% if not stat_result_uc_hostname_containers.stat.exists %}
- "{{ check_uc_hostname_containers }}"
{% endif %}
when: not stat_result_uc_hostname_undercloud.stat.exists or not stat_result_uc_hostname_containers.stat.exists
Stack plan not found
Check your ansible inventory to make sure your plan attribute is defined
when: hostvars[ check_uc_hostname_inventory_host ].plan is not defined
- name: Get stack plan from inventory
set_fact:
plan: "{{ hostvars[ check_uc_hostname_inventory_host ].plan }}"
- name: Retrieve stack environment
command: "openstack stack environment show -f yaml {{ plan }}"
register: stack_env
- name: Fail if we can't find DockerInsecureRegistryAddress
fail:
msg: |
DockerInsecureRegistryAddress not defined
when: stack_env.stdout.find("DockerInsecureRegistryAddress") == -1
- when:
- stat_result_uc_hostname_undercloud.stat.exists
- stat_result_uc_hostname_containers.stat.exists
- stack_env.stdout.find("DockerInsecureRegistryAddress") != -1
block:
- name: Get undercloud_public_host value from undercloud.conf file
validations_read_ini:
path: "{{ check_uc_hostname_undercloud }}"
section: DEFAULT
key: undercloud_public_host
register: uc_hostname_undercloud
- name: Query stack for DockerInsecureRegistryAddress
become: true
hiera:
name: container_image_prepare_node_names
- name: Get DockerInsecureRegistryAddress value from containers file
- name: Get DockerInsecureRegistryAddress value from stack's environment
set_fact:
uc_hostname_containers: "{{ item.split(':')[0] }}"
with_items: "{{ (lookup('template', '{{ check_uc_hostname_containers }}')
| from_yaml).parameter_defaults.DockerInsecureRegistryAddress
| list
| first }}"
uc_hostname_parameter_defaults: "{{ dict(stack_env.get('stdout', default_stdout)
| from_yaml).parameter_defaults.DockerInsecureRegistryAddress
| regex_replace(':\\w+', '') }}"
- name: Get UC hostname (DockerInsecureRegistryAddress) from hiera
set_fact:
uc_hostname_stack: "{{ ansible_facts.container_image_prepare_node_names }}"
- name: Get Intersect between UC hostname from stack and parameter_defaults
set_fact:
intersect: "{{ uc_hostname_stack | intersect(uc_hostname_parameter_defaults) }}"
- name: An Intersect match means parameter_defaults was updated by customer correctly
set_fact:
mismatch: "{{ uc_hostname_stack | difference(intersect) }}"
- name: Verify UC hostnames match
fail:
msg: |
The UC hostnames from undercloud.conf and containers-prepare-parameter.yaml must match
UC hostname from undercloud.conf is {{ uc_hostname_undercloud.value }}
UC hostname from containers-prepare-parameter.yaml is {{ uc_hostname_containers }}
failed_when: uc_hostname_undercloud.value != uc_hostname_containers
The UC hostnames from stack and containers-prepare-parameter.yaml must match
UC hostname from parameter_defaults is {{ uc_hostname_parameter_defaults }}
UC hostname from stack (hiera) is {{ uc_hostname_stack }}
failed_when: mismatch != []