Merge "openshift speculative containers"

This commit is contained in:
Zuul 2019-12-11 19:17:27 +00:00 committed by Gerrit Code Review
commit 8a8adfb58f
6 changed files with 93 additions and 2 deletions

View File

@ -25,6 +25,20 @@
state: absent
become: yes
- name: Ensure "docker" group exists
become: true
group:
name: docker
state: present
- name: Add user to docker group
become: true
user:
name: "{{ ansible_user }}"
groups:
- docker
append: yes
- name: Start docker service
service:
name: docker
@ -41,3 +55,12 @@
- origin-pod
- origin
become: yes
- name: Set group ownership of docker socket
become: true
file:
path: /var/run/docker.sock
group: docker
- name: Reset ssh connection to pick up docker group
meta: reset_connection

View File

@ -1,3 +1,12 @@
- name: Include OS-specific variables
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yaml"
- "{{ ansible_distribution }}.{{ ansible_architecture }}.yaml"
- "{{ ansible_distribution }}.yaml"
- "{{ ansible_os_family }}.yaml"
- "default.yaml"
# Docker doesn't understand docker push [1234:5678::]:5000/image/path:tag
# so we set up /etc/hosts with a registry alias name to support ipv6 and 4.
- name: Configure /etc/hosts for buildset_registry to workaround docker not understanding ipv6 addresses
@ -27,9 +36,9 @@
become: true
copy:
content: "{{ buildset_registry.cert }}"
dest: "/usr/local/share/ca-certificates/buildset-registry.crt"
dest: "{{ ca_dir }}/buildset-registry.crt"
- name: Update CA certs
command: update-ca-certificates
command: "{{ ca_command }}"
become: true
# Update daemon config

View File

@ -0,0 +1,2 @@
ca_dir: /etc/pki/ca-trust/source/anchors
ca_command: update-ca-trust

View File

@ -0,0 +1,2 @@
ca_dir: /usr/local/share/ca-certificates
ca_command: update-ca-certificates

View File

@ -0,0 +1,27 @@
- hosts: all
roles:
- role: clear-firewall
- role: install-openshift
- role: use-buildset-registry
buildset_registry_docker_user: root
- role: deploy-openshift
tasks:
- name: Wait for cluster to come up
command: kubectl cluster-info
register: result
until: result.rc == 0
retries: 5
delay: 30
- name: Run a local test pod
command: oc run --generator=run-pod/v1 --image=zuul/docker-testimage dockertest
- name: Wait for the pod to be ready
command: oc wait --for=condition=Ready pod/dockertest --timeout=60s
- name: Check the output of the pod
shell: "oc logs pod/dockertest | grep 'Zuul container test'"
- name: Run a remote test pod
command: oc run --generator=run-pod/v1 --image=debian:testing upstream-dockertest --command -- /bin/bash -c 'echo Upstream; sleep infinity'
- name: Wait for the pod to be ready
command: oc wait --for=condition=Ready pod/upstream-dockertest --timeout=60s
- name: Check the output of the pod
shell: "oc logs pod/upstream-dockertest | grep 'Upstream'"

View File

@ -111,6 +111,33 @@
vars:
container_command: docker
- job:
name: zuul-jobs-test-registry-buildset-registry-openshift-docker
dependencies: zuul-jobs-test-registry-buildset-registry
description: |
Test a buildset registry with openshift and docker
It is not meant to be used directly but rather run on changes
to roles in the zuul-jobs repo.
files:
- roles/pull-from-intermediate-registry/.*
- roles/push-to-intermediate-registry/.*
- roles/install-docker/.*
- roles/install-openshift/.*
- roles/build-docker-image/.*
- roles/run-buildset-registry/.*
- roles/use-buildset-registry/.*
- test-playbooks/registry/.*
run: test-playbooks/registry/buildset-registry-openshift-docker.yaml
post-run:
- test-playbooks/registry/test-registry-post.yaml
vars:
container_command: docker
nodeset:
nodes:
- name: controller
label: centos-7
- job:
name: zuul-jobs-test-install-kubernetes-docker
description: |
@ -166,6 +193,7 @@
- zuul-jobs-test-registry-podman
- zuul-jobs-test-registry-buildset-registry
- zuul-jobs-test-registry-buildset-registry-k8s-docker
- zuul-jobs-test-registry-buildset-registry-openshift-docker
- zuul-jobs-test-install-kubernetes-docker
- zuul-jobs-test-install-kubernetes-crio
- zuul-jobs-test-install-podman