From 7d4c8eb588b1b74573b2f41218b07e9bec211356 Mon Sep 17 00:00:00 2001 From: Dmitrii Shcherbakov Date: Mon, 6 Sep 2021 14:54:46 +0300 Subject: [PATCH] [WIP] Use microstack-support interface, drop devmode With https://github.com/snapcore/snapd/pull/8926 merged (edge snapd for now) we can now test changes without devmode. This is a WIP change since we need a stable release of snapd in order to merge it. Change-Id: I9980b171e537530d67f0a7eed332147f06fe7c3c --- snap-overlay/bin/load-modules | 12 --- snapcraft.yaml | 138 ++++++++++++++++------------------ tests/framework.py | 20 +++-- tests/test_basic.py | 1 + tests/test_cluster.py | 12 +-- tools/lxd_build.sh | 2 - tools/make-a-microstack.sh | 5 +- 7 files changed, 90 insertions(+), 100 deletions(-) delete mode 100755 snap-overlay/bin/load-modules diff --git a/snap-overlay/bin/load-modules b/snap-overlay/bin/load-modules deleted file mode 100755 index e50d619..0000000 --- a/snap-overlay/bin/load-modules +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -set -ex - -# If we are not running in any type of a container, attempt to load the necessary kernel modules and -# expect them to be present based on external arrangements (e.g. they could be specified in a LXD profile). -# TODO: this file will go away when strict confinement gets implemented as snapd will load modules -# that are specified in the microstack-support interface. -if [[ `systemd-detect-virt --container` == 'none' ]] -then - modprobe -a vhost vhost-net vhost-scsi vhost-vsock vfio nbd dm-mod dm-thin-pool dm-snapshot iscsi-tcp target-core-mod -fi diff --git a/snapcraft.yaml b/snapcraft.yaml index 44887e0..1cad2d9 100644 --- a/snapcraft.yaml +++ b/snapcraft.yaml @@ -5,7 +5,7 @@ summary: OpenStack on your laptop. description: | Microstack gives you an easy way to develop and test OpenStack workloads on your laptop. -grade: devel +grade: stable confinement: strict environment: LC_ALL: C @@ -77,7 +77,7 @@ apps: command: bin/openstack-wrapper openstack plugs: - network - # TODO: - microstack-support + - microstack-support # A proxy command to avoid calling .. # TODO: potentially remove the individual commands completely in favor of this. @@ -92,7 +92,7 @@ apps: - ssh-keys - system-observe - hardware-observe - # TODO: - microstack-support + - microstack-support # OpenStack Service Configuration init: @@ -106,7 +106,8 @@ apps: - ssh-keys # write ssh key - system-observe # rabbitmq ? - hardware-observe # rabbitmq ? - # TODO: - microstack-support + - kvm # kvm presence checks need access to /dev/kvm + - microstack-support add-compute: command: bin/microstack_add_compute @@ -121,12 +122,12 @@ apps: - network-bind - network - network-control - # TODO: - microstack-support + - microstack-support keystone-manage: command: bin/snap-openstack launch keystone-manage plugs: - network - # TODO: - microstack-support + - microstack-support nova-api: command: bin/snap-openstack launch nova-api-os-compute @@ -135,14 +136,14 @@ apps: - network - network-bind - network-control - # TODO: - microstack-support + - microstack-support nova-conductor: command: bin/snap-openstack launch nova-conductor daemon: simple plugs: - network - network-control - # TODO: - microstack-support + - microstack-support nova-scheduler: command: bin/snap-openstack launch nova-scheduler daemon: simple @@ -150,7 +151,7 @@ apps: - network - network-bind - network-control - # TODO: - microstack-support + - microstack-support nova-compute: command: bin/snap-openstack launch nova-compute after: [libvirtd] @@ -161,7 +162,8 @@ apps: - network-control - firewall-control - hardware-observe - # TODO: - microstack-support + - kvm + - microstack-support # Needs access to block devices so that blockdev --flushbufs works. - block-devices nova-api-metadata: @@ -171,12 +173,12 @@ apps: - network - network-bind - firewall-control - # TODO: - microstack-support + - microstack-support nova-manage: command: bin/snap-openstack launch nova-manage plugs: - network - # TODO: - microstack-support + - microstack-support nova-spicehtml5proxy: command: bin/snap-openstack launch nova-spicehtml5proxy daemon: simple @@ -184,7 +186,7 @@ apps: - network - network-bind - network-control - # TODO: - microstack-support + - microstack-support # Neutron neutron-api: command: bin/snap-openstack launch neutron-server @@ -193,7 +195,7 @@ apps: - network - network-bind - network-control - # TODO: - microstack-support + - microstack-support neutron-ovn-metadata-agent: command: bin/snap-openstack launch neutron-ovn-metadata-agent daemon: simple @@ -202,13 +204,13 @@ apps: - network-bind - network-control - network-observe - # TODO: - microstack-support + - microstack-support neutron-ovs-cleanup: command: bin/snap-openstack launch neutron-ovs-cleanup plugs: - network - network-control - # TODO: - microstack-support + - microstack-support # NOTE(dmitriis): Upstream Neutron does not support cleaning up ovnmeta- namespaces # as of Ussuri which is a bug. neutron-netns-cleanup: @@ -216,12 +218,12 @@ apps: plugs: - network - network-control - # TODO: - microstack-support + - microstack-support neutron-db-manage: command: bin/snap-openstack launch neutron-db-manage plugs: - network - # TODO: - microstack-support + - microstack-support # Glance glance-api: @@ -232,12 +234,12 @@ apps: - network-bind - mount-observe - network-control - # TODO: - microstack-support + - microstack-support glance-manage: command: bin/snap-openstack launch glance-manage plugs: - network - # TODO: - microstack-support + - microstack-support # Placement placement-uwsgi: @@ -248,13 +250,13 @@ apps: - network-bind - mount-observe - network-control - # TODO: - microstack-support + - microstack-support placement-manage: command: bin/snap-openstack launch placement-manage plugs: - network - # TODO: - microstack-support + - microstack-support # Openstack Shared Services nginx: @@ -263,7 +265,7 @@ apps: plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support # Openvswitch ovs-vswitchd: @@ -282,7 +284,7 @@ apps: - system-trace - hardware-observe - hugepages-control - # TODO: - microstack-support + - microstack-support ovsdb-server: command: bin/ovs-wrapper $SNAP/usr/local/share/openvswitch/scripts/ovs-ctl --no-ovs-vswitchd --no-monitor start stop-command: bin/ovs-wrapper $SNAP/usr/local/share/openvswitch/scripts/ovs-ctl --no-ovs-vswitchd stop @@ -294,7 +296,7 @@ apps: - openvswitch-support - process-control - system-trace - # TODO: - microstack-support + - microstack-support ovn-ovsdb-server-nb: command: bin/ovn-wrapper $SNAP/usr/local/share/ovn/scripts/ovn-ctl start_nb_ovsdb stop-command: bin/ovn-wrapper $SNAP/usr/local/share/ovn/scripts/ovn-ctl stop_nb_ovsdb @@ -306,7 +308,7 @@ apps: - openvswitch-support - process-control - system-trace - # TODO: - microstack-support + - microstack-support ovn-ovsdb-server-sb: command: bin/ovn-wrapper $SNAP/usr/local/share/ovn/scripts/ovn-ctl start_sb_ovsdb stop-command: bin/ovn-wrapper $SNAP/usr/local/share/ovn/scripts/ovn-ctl stop_sb_ovsdb @@ -318,7 +320,7 @@ apps: - openvswitch-support - process-control - system-trace - # TODO: - microstack-support + - microstack-support ovn-northd: command: bin/ovn-wrapper $SNAP/usr/local/share/ovn/scripts/ovn-ctl start_northd stop-command: bin/ovn-wrapper $SNAP/usr/local/share/ovn/scripts/ovn-ctl stop_northd @@ -330,7 +332,7 @@ apps: - openvswitch-support - process-control - system-trace - # TODO: - microstack-support + - microstack-support after: - ovn-ovsdb-server-nb - ovn-ovsdb-server-sb @@ -345,7 +347,7 @@ apps: - openvswitch-support - process-control - system-trace - # TODO: - microstack-support + - microstack-support after: - ovsdb-server - ovs-vswitchd @@ -355,57 +357,57 @@ apps: plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support ovn-trace: command: bin/ovn-wrapper $SNAP/usr/local/bin/ovn-trace plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support ovn-detrace: command: bin/ovn-wrapper $SNAP/usr/local/bin/ovn-detrace plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support ovn-nbctl: command: bin/ovn-wrapper $SNAP/usr/local/bin/ovn-nbctl plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support ovn-sbctl: command: bin/ovn-wrapper $SNAP/usr/local/bin/ovn-sbctl plugs: - network - network-bind - process-control - # TODO: - microstack-support + - microstack-support ovs-vsctl: command: bin/ovs-wrapper $SNAP/usr/local/bin/ovs-vsctl plugs: - network - process-control - # TODO: - microstack-support + - microstack-support ovs-appctl: command: bin/ovs-wrapper $SNAP/usr/local/bin/ovs-appctl plugs: - network - process-control - # TODO: - microstack-support + - microstack-support ovs-ofctl: command: bin/ovs-wrapper $SNAP/usr/local/bin/ovs-ofctl plugs: - network - process-control - # TODO: - microstack-support + - microstack-support ovs-dpctl: command: bin/ovs-wrapper $SNAP/usr/local/bin/ovs-dpctl plugs: - network - process-control - # TODO: - microstack-support + - microstack-support external-bridge: command: bin/wait-on-init setup-br-ex @@ -415,7 +417,7 @@ apps: - network - network-control - process-control - # TODO: - microstack-support + - microstack-support # Libvirt/Qemu libvirtd: @@ -437,7 +439,7 @@ apps: - process-control - mount-observe - block-devices - # TODO: - microstack-support + - microstack-support # Make sure KillMode=process is set in the resulting systemd unit instead of # the default KillMode=control-group to avoid the situation where stopping # libvirtd causes the forced power off scenario for all VMs; it also affects @@ -453,12 +455,12 @@ apps: - network - network-bind - network-control - # TODO: - microstack-support + - microstack-support virsh: command: usr/bin/virsh plugs: - network - # TODO: - microstack-support + - microstack-support # MySQL mysqld: @@ -468,13 +470,13 @@ apps: - process-control - network - network-bind - # TODO: - microstack-support + - microstack-support mysql: command: bin/mysql-start-client plugs: - process-control - network - # TODO: - microstack-support + - microstack-support # RabbitMQ rabbitmq-server: @@ -485,7 +487,7 @@ apps: - network - mount-observe - log-observe - # TODO: - microstack-support + - microstack-support environment: HOME: $SNAP_COMMON/lib/rabbitmq rabbitmqctl: @@ -493,14 +495,15 @@ apps: plugs: - network - mount-observe - # TODO: - microstack-support + - microstack-support environment: HOME: $SNAP_COMMON/lib/rabbitmq rabbitmq-plugins: command: usr/sbin/rabbitmq-plugins environment: HOME: $SNAP_COMMON/lib/rabbitmq - # TODO: - microstack-support + plugs: + - microstack-support # Memcached memcached: @@ -509,7 +512,7 @@ apps: plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support # Cinder cinder-uwsgi: @@ -518,27 +521,27 @@ apps: plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support cinder-backup: command: bin/snap-openstack launch cinder-backup daemon: simple plugs: - network - mount-observe - # TODO: - microstack-support + - microstack-support cinder-manage: command: bin/snap-openstack launch cinder-manage plugs: - network - mount-observe - # TODO: - microstack-support + - microstack-support cinder-scheduler: command: bin/snap-openstack launch cinder-scheduler daemon: simple plugs: - network - mount-observe - # TODO: - microstack-support + - microstack-support cinder-volume: command: bin/snap-openstack launch cinder-volume daemon: simple @@ -549,7 +552,7 @@ apps: - block-devices # setpriority by LVM tools. - process-control - # TODO: - microstack-support + - microstack-support after: - setup-lvm-loopdev @@ -563,7 +566,7 @@ apps: - network-bind - mount-observe - block-devices - # TODO: - microstack-support + - microstack-support after: - setup-lvm-loopdev environment: @@ -577,20 +580,13 @@ apps: - network-bind # NETLINK_ISCSI protocol sockets - network-control - # TODO: - microstack-support + - microstack-support - block-devices - process-control after: # Make sure iscsid is stopped before target configuration is cleaned up. - target - # TODO: this is a --devmode workaround since the microstack-support interface is not merged yet. - load-modules: - command: bin/load-modules - daemon: oneshot - plugs: - - kernel-module-control - setup-lvm-loopdev: command: bin/setup-lvm-loopdev daemon: oneshot @@ -601,9 +597,7 @@ apps: # loop device control etc. # LVM tools use setpriority to set it to -18 which is prohibited in the default snapd templates. - process-control - # TODO: - microstack-support - after: - - load-modules + - microstack-support # Horizon horizon-uwsgi: @@ -612,7 +606,7 @@ apps: plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support # Utility to launch a vm. Creates security groups, floating ips, # and other necessities as well. @@ -621,7 +615,7 @@ apps: plugs: - network - network-control # could also be mount-observe - # TODO: - microstack-support + - microstack-support # Cluster cluster-uwsgi: @@ -630,7 +624,7 @@ apps: plugs: - network - network-bind - # TODO: - microstack-support + - microstack-support telegraf: command: bin/telegraf @@ -1587,11 +1581,11 @@ parts: hooks: install: - plugs: [ network ] # TODO: , microstack-support] + plugs: [ network, microstack-support] configure: - plugs: [ network ] # TODO:, microstack-support] + plugs: [ network, microstack-support] post-refresh: - plugs: [ network ] #, microstack-support] + plugs: [ network, microstack-support] remove: # NOTE: network-bind is here due to LP: #1644573. plugs: @@ -1600,5 +1594,5 @@ hooks: - network-control - firewall-control - hardware-observe - # TODO: - microstack-support + - microstack-support - block-devices diff --git a/tests/framework.py b/tests/framework.py index 8ded15b..39ab8a8 100644 --- a/tests/framework.py +++ b/tests/framework.py @@ -62,14 +62,16 @@ class TestHost: def install_snap(self, name, options): self.check_output(['sudo', 'snap', 'install', name, *options]) + def refresh_snap(self, name, options): + self.check_output(['sudo', 'snap', 'refresh', name, *options]) + def try_snap(self, name): try: self.check_output(['unsquashfs', name]) except subprocess.CalledProcessError: logger.warning("Re-using existing squashfs-root directory with " "'snap try squashfs-root'") - self.check_output(['sudo', 'snap', 'try', 'squashfs-root', - '--devmode']) + self.check_output(['sudo', 'snap', 'try', 'squashfs-root']) def remove_snap(self, name, options): self.check_output(['sudo', 'snap', 'remove', name, *options]) @@ -78,6 +80,12 @@ class TestHost: self.check_output(['sudo', 'snap', 'connect', f'{snap_name}:{plug_name}']) + def install_snapd(self, *, channel='edge'): + self.install_snap('snapd', [f'--{channel}']) + # In case snapd is already installed but with a different channel, + # refresh it to the right channel. + self.refresh_snap('snapd', [f'--{channel}']) + def install_microstack(self, *, channel='edge', path=None, snap_try=False): """Install MicroStack at this host and connect relevant plugs. """ @@ -85,11 +93,10 @@ class TestHost: self.try_snap(path) else: if path is not None: - self.install_snap(path, ['--devmode']) + self.install_snap(path, ['--dangerous']) else: - self.install_snap('microstack', [f'--{channel}', '--devmode']) + self.install_snap('microstack', [f'--{channel}']) - # TODO: add microstack-support once it is merged into snapd. plugs = [ 'libvirt', 'netlink-audit', 'firewall-control', 'hardware-observe', @@ -99,7 +106,8 @@ class TestHost: 'openvswitch-support', 'process-control', 'system-observe', 'network-control', 'system-trace', 'block-devices', - 'raw-usb' + 'raw-usb', 'microstack-support', + 'hugepages-control', ] for plug in plugs: self.snap_connect('microstack', plug) diff --git a/tests/test_basic.py b/tests/test_basic.py index eaa904d..42db149 100755 --- a/tests/test_basic.py +++ b/tests/test_basic.py @@ -36,6 +36,7 @@ class TestBasics(Framework): open the Horizon GUI. """ + self._localhost.install_snapd(channel='edge') self._localhost.install_microstack(path='microstack_ussuri_amd64.snap', snap_try=self.snap_try) init_args = ['--auto', '--control'] diff --git a/tests/test_cluster.py b/tests/test_cluster.py index 13cddb8..f9f2dc1 100755 --- a/tests/test_cluster.py +++ b/tests/test_cluster.py @@ -38,6 +38,7 @@ class TestCluster(Framework): def test_cluster(self): openstack_cmd = '/snap/bin/microstack.openstack' control_host = self._localhost + control_host.install_snapd(channel='edge') control_host.install_microstack(path='microstack_ussuri_amd64.snap', snap_try=self.snap_try) @@ -77,11 +78,12 @@ class TestCluster(Framework): wait_addr() - if self.snap_try: - # Note(coreycb): Work-around for https://pad.lv/1908424 - compute_host.check_call([ - 'sudo', 'apt', 'install', '--yes', '--allow-downgrades', - 'snapd=2.44.3+20.04']) + @tenacity.retry(wait=tenacity.wait_fixed(5), + stop=tenacity.stop_after_attempt(10)) + def install_snapd_on_compute(): + compute_host.install_snapd(channel='edge') + + install_snapd_on_compute() compute_host.install_microstack(path='microstack_ussuri_amd64.snap', snap_try=self.snap_try) diff --git a/tools/lxd_build.sh b/tools/lxd_build.sh index 592d875..ab04348 100755 --- a/tools/lxd_build.sh +++ b/tools/lxd_build.sh @@ -13,8 +13,6 @@ sudo apt install -y firefox-geckodriver python3-petname python3-selenium # Install snapd if it isn't installed yet (needed to install the snapd snap itself). sudo apt install -y snapd -sudo snap install snapd - sudo snap install --classic snapcraft # Purge the LXD apt package in case it is still there. sudo apt purge -y lxd lxd-client diff --git a/tools/make-a-microstack.sh b/tools/make-a-microstack.sh index 4c46d18..a8a220d 100755 --- a/tools/make-a-microstack.sh +++ b/tools/make-a-microstack.sh @@ -60,9 +60,8 @@ multipass exec $MACHINE -- \ sudo snap connect microstack:raw-usb multipass exec $MACHINE -- \ sudo snap connect microstack:hugepages-control -# TODO: add the below once the interface is merge into snapd. -# multipass exec $MACHINE -- \ -# sudo snap connect microstack:microstack-support +multipass exec $MACHINE -- \ + sudo snap connect microstack:microstack-support # Drop the user into a snap shell, as root. multipass exec $MACHINE -- \