openstack/openstack-ansible-galera_server
Code Issues Proposed changes
openstack-ansible-galera_se.../tests/test.yml
Kevin Carter cd11c5a56e Updated repo for new org 
The role was changed to make it compatible with the OpenStack
CI. The changes effect defaults, handlers, and the tests for 
the role and adds gitignore/review files. 

The changes essentially get the role to a state where its passing
the tests which are spinning up a galera cluster, adding users 
and databases, and then testing integrity from every node. The 
tests specifically ensure we're able to guarantee that after the
role runs everything works. Previously to these changes the role
assumed everything was working and nothing had been done to 
guarantee cluster state. 

In the handler changes, the temporary "sst" directory is cleaned up
should the handler restart fail. This ensure that a node is in a clean
state if a leftover sst directory was on the disk which would cause 
a node to fail to join a cluster or bootstrap. Additionally the 
environment variable "MYSQLD_STARTUP_TIMEOUT" is now being passed
into the init script because the defaults are not being sourced
at the init script runtime. 

In the task changes a new configuration file, that is part of the 
mariadb package, is being removed which has unforeseen options within
it causing no logs to be created.

the default option "galera_innodb_additional_mem_pool_size" was removed
because its no longer valid within MariaDB10 and we'd never caught that
error message until now.

The tests were updated to support running the role from a user which 
was not root.

Change-Id: I16af30c660790656fc2d59f9943c172b88098905
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2015-12-14 15:20:02 +00:00

206 lines
7.1 KiB
YAML
Raw Blame History

---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for pre-role testing 1of3
hosts: 127.0.0.1
connection: local
become: false
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: get the calling users key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"
- name: Playbook for pre-role testing 2of3
hosts: localhost
connection: local
pre_tasks:
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.2,10.100.100.100
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
lxc_container_caches:
- url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
name: "trusty.tgz"
sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
chroot_path: trusty/rootfs-amd64
# The $HOME directory is mocked to work with tox
# by defining the 'ansible_env' hash. This should
# NEVER be done outside of testing.
ansible_env: ## NEVER DO THIS OUTSIDE OF TESTING
HOME: "/tmp"
- role: "py_from_git"
git_repo: "https://github.com/lxc/python2-lxc"
git_dest: "/opt/lxc_python2"
git_install_branch: "master"
post_tasks:
# THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A
# HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV.
- name: Ensure the lxc lib is on the host
command: /usr/local/bin/pip install /opt/lxc_python2
# Inventory is being pre-loaded using a post tasks instead of through a dynamic
# inventory system. While this is not a usual method for deployment it's being
# done for functional testing.
- name: Create container hosts
add_host:
groups: "all,all_containers,galera_all"
hostname: "{{ item.name }}"
inventory_hostname: "{{ item.name }}"
ansible_ssh_host: "{{ item.address }}"
ansible_become: true
properties:
service_name: "{{ item.service }}"
container_networks:
management_address:
address: "{{ item.address }}"
bridge: "lxcbr0"
interface: "eth1"
netmask: "255.255.255.0"
type: "veth"
physical_host: localhost
container_name: "{{ item.name }}"
with_items:
- { name: "container1", service: "service1", address: "10.100.100.101" }
- { name: "container2", service: "service2", address: "10.100.100.102" }
- { name: "container3", service: "service3", address: "10.100.100.103" }
- name: Playbook for pre-role testing 2of2
hosts: localhost
connection: local
gather_facts: true
roles:
- role: "openstack_hosts"
- name: Playbook for pre-role testing 2of2
hosts: all_containers
connection: local
gather_facts: false
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1
- name: Playbook for role testing
hosts: galera_all
serial: 1
user: root
gather_facts: true
vars:
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
roles:
- role: "{{ rolename | basename }}"
galera_server_id: "{{ inventory_hostname | string_2_int }}"
- name: Playbook for testing
hosts: galera_all
user: root
gather_facts: true
vars:
galera_root_password: secrete
galera_root_user: root
tasks:
- name: Create DB for service on 10.100.100.101
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "10.100.100.101"
name: "OSA-test"
state: "present"
tags:
- neutron-db-setup
when: ansible_ssh_host == '10.100.100.101'
- name: Grant access to the DB on 10.100.100.102
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "10.100.100.102"
name: "osa-tester"
password: "tester-secrete"
host: "{{ item }}"
state: "present"
priv: "OSA-test.*:ALL"
with_items:
- "localhost"
- "%"
tags:
- neutron-db-setup
when: ansible_ssh_host == '10.100.100.102'
- name: check cluster state incoming addresses
command: |
mysql -h {{ ansible_ssh_host }} \
-p"{{ galera_root_password }}" \
-e "show status like 'wsrep_incoming_addresses';" \
--silent \
--skip-column-names
register: wsrep_incoming_addresses
- name: check cluster state
command: |
mysql -h {{ ansible_ssh_host }} \
-p"{{ galera_root_password }}" \
-e "show status like 'wsrep_local_state_comment';" \
--silent \
--skip-column-names
register: wsrep_local_state_comment
- name: check cluster state
command: |
mysql -h {{ ansible_ssh_host }} \
-p"{{ galera_root_password }}" \
-e "show status like 'wsrep_evs_state';" \
--silent \
--skip-column-names
register: wsrep_evs_state
- name: Check contents
assert:
that:
- "'Synced' in wsrep_local_state_comment.stdout"
- "'OPERATIONAL' in wsrep_evs_state.stdout"
- "'10.100.100.101' in wsrep_incoming_addresses.stdout"
- "'10.100.100.102' in wsrep_incoming_addresses.stdout"
- "'10.100.100.103' in wsrep_incoming_addresses.stdout"
View Git Blame Copy Permalink