From 83586cb66de869966c7178492466a3566f751d9c Mon Sep 17 00:00:00 2001 From: Travis Truman Date: Fri, 18 Mar 2016 11:01:17 -0400 Subject: [PATCH] Functional test uploading an image We should ensure that an image can be uploaded to Glance before considering the role fully functional. Change-Id: Iff2c84ef29de698d67010e7acb23f8f90d4b8eaf Closes-Bug: #1553960 --- tests/test-glance-functional.yml | 53 +++++ tests/test-install-glance.yml | 99 +++++++++ tests/test-install-infra.yml | 32 +++ tests/test-install-keystone.yml | 83 ++++++++ tests/test-prepare-containers.yml | 33 +++ tests/test-prepare-host.yml | 95 +++++++++ tests/test-prepare-keys.yml | 31 +++ tests/test.yml | 336 ++---------------------------- 8 files changed, 438 insertions(+), 324 deletions(-) create mode 100644 tests/test-glance-functional.yml create mode 100644 tests/test-install-glance.yml create mode 100644 tests/test-install-infra.yml create mode 100644 tests/test-install-keystone.yml create mode 100644 tests/test-prepare-containers.yml create mode 100644 tests/test-prepare-host.yml create mode 100644 tests/test-prepare-keys.yml diff --git a/tests/test-glance-functional.yml b/tests/test-glance-functional.yml new file mode 100644 index 00000000..be6d5c8c --- /dev/null +++ b/tests/test-glance-functional.yml @@ -0,0 +1,53 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Packages need to be installed outside +# of venv to be usable by Ansible +- name: Install testing pip packages + pip: + name: "{{ item }}" + with_items: + - python-glanceclient + - python-keystoneclient + - httplib2 + +- name: Check the glance-api + uri: + url: "http://localhost:9292" + status_code: 300 + +- name: Check the glance-registry + uri: + url: "http://localhost:9191" + status_code: 401 + +- name: Upload the Cirros image + glance: + command: 'image-create' + openrc_path: /root/openrc + image_name: cirros + image_url: "http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-uec.tar.gz" + image_container_format: bare + image_disk_format: qcow2 + image_is_public: True + register: cirros_image_create + until: cirros_image_create | success + retries: 5 + delay: 15 + +- name: Ensure image uploaded + fail: + msg: "Image upload failed" + when: (glance_images is not defined) or (glance_images.cirros is not defined) or (glance_images.cirros.id is not defined) \ No newline at end of file diff --git a/tests/test-install-glance.yml b/tests/test-install-glance.yml new file mode 100644 index 00000000..3bce55e3 --- /dev/null +++ b/tests/test-install-glance.yml @@ -0,0 +1,99 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for deploying glance + hosts: glance_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ glance_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['glance_all'][0] + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ glance_rabbitmq_userid }}" + password: "{{ glance_rabbitmq_password }}" + vhost: "{{ glance_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['glance_all'][0] + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ glance_galera_database }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['glance_all'][0] + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ glance_galera_database }}" + password: "{{ glance_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ glance_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['glance_all'][0] + roles: + - role: "{{ rolename | basename }}" + post_tasks: + - include: test-glance-functional.yml + vars: + external_lb_vip_address: 10.100.100.3 + internal_lb_vip_address: 10.100.100.3 + glance_galera_address: 10.100.100.2 + glance_galera_database: glance + glance_container_mysql_password: "SuperSecrete" + galera_client_drop_config_file: false + galera_root_password: "secrete" + glance_rabbitmq_password: "secrete" + glance_rabbitmq_userid: glance + glance_rabbitmq_vhost: /glance + rabbitmq_servers: 10.100.100.2 + rabbitmq_use_ssl: true + rabbitmq_port: 5671 + keystone_admin_user_name: admin + keystone_admin_tenant_name: admin + keystone_auth_admin_password: "SuperSecretePassword" + keystone_service_adminuri_insecure: false + keystone_service_internaluri_insecure: false + keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" + keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" + keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" + keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" + glance_venv_tag: "testing" + glance_developer_mode: true + glance_git_install_branch: 7d5c3710ce2739a8ac356208d4e104f2ce3ec9ab + glance_requirements_git_install_branch: 332278d456e06870150835564342570ec9d5f5a0 + glance_service_password: "secrete" + glance_profiler_hmac_key: "secrete" + openrc_os_auth_url: "http://127.0.0.1:5000/v3" + openrc_os_password: "{{ keystone_auth_admin_password }}" + openrc_os_domain_name: "Default" + memcached_servers: 127.0.0.1 + memcached_encryption_key: "secrete" \ No newline at end of file diff --git a/tests/test-install-infra.yml b/tests/test-install-infra.yml new file mode 100644 index 00000000..77a90bd0 --- /dev/null +++ b/tests/test-install-infra.yml @@ -0,0 +1,32 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Deploy infra services + hosts: service_all + user: root + gather_facts: true + roles: + - role: "rabbitmq_server" + rabbitmq_cookie_token: secrete + - role: "galera_server" + galera_root_password: secrete + galera_root_user: root + galera_innodb_buffer_pool_size: 512M + galera_innodb_log_buffer_size: 32M + galera_server_id: "{{ inventory_hostname | string_2_int }}" + galera_wsrep_node_name: "{{ inventory_hostname }}" + galera_wsrep_provider_options: + - { option: "gcache.size", value: "32M" } + galera_server_id: "{{ inventory_hostname | string_2_int }}" \ No newline at end of file diff --git a/tests/test-install-keystone.yml b/tests/test-install-keystone.yml new file mode 100644 index 00000000..4b3af745 --- /dev/null +++ b/tests/test-install-keystone.yml @@ -0,0 +1,83 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Deploy keystone + hosts: keystone_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ keystone_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ keystone_rabbitmq_userid }}" + password: "{{ keystone_rabbitmq_password }}" + vhost: "{{ keystone_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + password: "{{ keystone_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ keystone_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + roles: + - role: os_keystone + vars: + external_lb_vip_address: 10.100.100.3 + internal_lb_vip_address: 10.100.100.3 + keystone_galera_address: 10.100.100.2 + keystone_galera_database: keystone + keystone_venv_tag: "testing" + keystone_developer_mode: true + keystone_git_install_branch: a55128044f763f5cfe2fdc57c738eaca97636448 + keystone_requirements_git_install_branch: 332278d456e06870150835564342570ec9d5f5a0 + keystone_auth_admin_token: "SuperSecreteTestToken" + keystone_auth_admin_password: "SuperSecretePassword" + keystone_service_password: "secrete" + keystone_rabbitmq_password: "secrete" + keystone_container_mysql_password: "SuperSecrete" + keystone_rabbitmq_port: 5671 + keystone_rabbitmq_userid: keystone + keystone_rabbitmq_vhost: /keystone + keystone_rabbitmq_servers: 10.100.100.2 + keystone_rabbitmq_use_ssl: true + galera_client_drop_config_file: false \ No newline at end of file diff --git a/tests/test-prepare-containers.yml b/tests/test-prepare-containers.yml new file mode 100644 index 00000000..ccb40af9 --- /dev/null +++ b/tests/test-prepare-containers.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create test containers + hosts: all_containers + connection: local + gather_facts: false + roles: + - role: "lxc_container_create" + lxc_container_release: trusty + lxc_container_backing_store: dir + global_environment_variables: + PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + post_tasks: + - name: Wait for ssh to be available + local_action: + module: wait_for + port: "{{ ansible_ssh_port | default('22') }}" + host: "{{ ansible_ssh_host | default(inventory_hostname) }}" + search_regex: OpenSSH + delay: 1 \ No newline at end of file diff --git a/tests/test-prepare-host.yml b/tests/test-prepare-host.yml new file mode 100644 index 00000000..b83aa636 --- /dev/null +++ b/tests/test-prepare-host.yml @@ -0,0 +1,95 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Perform baisc LXC host setup + hosts: localhost + connection: local + become: yes + pre_tasks: + - name: Ensure root's new public ssh key is in authorized_keys + authorized_key: + user: root + key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" + manage_dir: no + - set_fact: + lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" + - name: Check if this is an OpenStack-CI nodepool instance + stat: + path: /etc/nodepool/provider + register: nodepool + - name: Set the files to copy into the container cache for OpenStack-CI instances + set_fact: + lxc_container_cache_files: + - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } + - { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' } + when: nodepool.stat.exists | bool + - name: Determine the existing Ubuntu repo configuration + shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' + register: ubuntu_repo + changed_when: false + - name: Set apt repo facts based on discovered information + set_fact: + lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}" + lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}" + roles: + - role: "lxc_hosts" + lxc_net_address: 10.100.100.1 + lxc_net_dhcp_range: 10.100.100.8,10.100.100.253 + lxc_net_bridge: lxcbr0 + lxc_kernel_options: + - { key: 'fs.inotify.max_user_instances', value: 1024 } + lxc_container_caches: + - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" + name: "trusty.tgz" + sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" + chroot_path: trusty/rootfs-amd64 + # The $HOME directory is mocked to work with tox + # by defining the 'ansible_env' hash. This should + # NEVER be done outside of testing. + ansible_env: ## NEVER DO THIS OUTSIDE OF TESTING + HOME: "/tmp" + - role: "py_from_git" + git_repo: "https://github.com/lxc/python2-lxc" + git_dest: "/opt/lxc_python2" + git_install_branch: "master" + post_tasks: + # THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A + # HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV. + - name: Ensure the lxc lib is on the host + command: /usr/local/bin/pip install /opt/lxc_python2 + # Inventory is being pre-loaded using a post tasks instead of through a dynamic + # inventory system. While this is not a usual method for deployment it's being + # done for functional testing. + - name: Create container hosts + add_host: + groups: "{{ item.groups }}" + hostname: "{{ item.name }}" + inventory_hostname: "{{ item.name }}" + ansible_ssh_host: "{{ item.address }}" + ansible_become: true + properties: + service_name: "{{ item.service }}" + container_networks: + management_address: + address: "{{ item.address }}" + bridge: "lxcbr0" + interface: "eth1" + netmask: "255.255.252.0" + type: "veth" + physical_host: localhost + container_name: "{{ item.name }}" + with_items: + - { name: "infra1", service: "infra1", address: "10.100.100.2", groups: "all,all_containers,rabbitmq_all,galera_all,service_all" } + - { name: "openstack1", service: "openstack1", address: "10.100.100.3", groups: "all,all_containers,keystone_all,glance_all" } \ No newline at end of file diff --git a/tests/test-prepare-keys.yml b/tests/test-prepare-keys.yml new file mode 100644 index 00000000..a580764e --- /dev/null +++ b/tests/test-prepare-keys.yml @@ -0,0 +1,31 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create ssh key pairs for use with containers + hosts: 127.0.0.1 + connection: local + become: false + pre_tasks: + - name: Create ssh key pair for root + user: + name: "{{ ansible_ssh_user }}" + generate_ssh_key: "yes" + ssh_key_bits: 2048 + ssh_key_file: ".ssh/id_rsa" + - name: Get the calling user's key + command: cat ~/.ssh/id_rsa.pub + register: key_get + - set_fact: + lxc_container_ssh_key: "{{ key_get.stdout }}" \ No newline at end of file diff --git a/tests/test.yml b/tests/test.yml index 88612a5b..f79188dc 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -13,332 +13,20 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Playbook for establishing ssh keys - hosts: 127.0.0.1 - connection: local - become: false - pre_tasks: - - name: Create ssh key pair for root - user: - name: "{{ ansible_ssh_user }}" - generate_ssh_key: "yes" - ssh_key_bits: 2048 - ssh_key_file: ".ssh/id_rsa" - - name: Get the calling user's key - command: cat ~/.ssh/id_rsa.pub - register: key_get - - set_fact: - lxc_container_ssh_key: "{{ key_get.stdout }}" +# Prepare the user ssh keys +- include: test-prepare-keys.yml -- name: Playbook for configuring the LXC host - hosts: localhost - connection: local - become: yes - pre_tasks: - # Make sure OS does not have a stale package cache. - - name: Update apt cache - apt: - update_cache: yes - when: ansible_os_family == 'Debian' - - name: Ensure root's new public ssh key is in authorized_keys - authorized_key: - user: root - key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" - manage_dir: no - - set_fact: - lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" - - name: Check if this is an OpenStack-CI nodepool instance - stat: - path: /etc/nodepool/provider - register: nodepool - - name: Set the files to copy into the container cache for OpenStack-CI instances - set_fact: - lxc_container_cache_files: - - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } - - { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' } - when: nodepool.stat.exists | bool - - name: Determine the existing Ubuntu repo configuration - shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' - register: ubuntu_repo - changed_when: false - - name: Set apt repo facts based on discovered information - set_fact: - lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}" - lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}" - roles: - - role: "lxc_hosts" - lxc_net_address: 10.100.100.1 - lxc_net_dhcp_range: 10.100.100.8,10.100.100.253 - lxc_net_bridge: lxcbr0 - lxc_kernel_options: - - { key: 'fs.inotify.max_user_instances', value: 1024 } - lxc_container_caches: - - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" - name: "trusty.tgz" - sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" - chroot_path: trusty/rootfs-amd64 - # The $HOME directory is mocked to work with tox - # by defining the 'ansible_env' hash. This should - # NEVER be done outside of testing. - ansible_env: ## NEVER DO THIS OUTSIDE OF TESTING - HOME: "/tmp" - - role: "py_from_git" - git_repo: "https://github.com/lxc/python2-lxc" - git_dest: "/opt/lxc_python2" - git_install_branch: "master" - post_tasks: - # THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A - # HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV. - - name: Ensure the lxc lib is on the host - command: /usr/local/bin/pip install /opt/lxc_python2 - # Inventory is being pre-loaded using a post tasks instead of through a dynamic - # inventory system. While this is not a usual method for deployment it's being - # done for functional testing. - - name: Create container hosts - add_host: - groups: "{{ item.groups }}" - hostname: "{{ item.name }}" - inventory_hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.address }}" - ansible_become: true - properties: - service_name: "{{ item.service }}" - container_networks: - management_address: - address: "{{ item.address }}" - bridge: "lxcbr0" - interface: "eth1" - netmask: "255.255.252.0" - type: "veth" - physical_host: localhost - container_name: "{{ item.name }}" - with_items: - - { name: "infra1", service: "infra1", address: "10.100.100.2", groups: "all,all_containers,rabbitmq_all,galera_all,service_all" } - - { name: "openstack1", service: "openstack1", address: "10.100.100.3", groups: "all,all_containers,keystone_all,glance_all" } +# Prepare the host +- include: test-prepare-host.yml -- name: Playbook for creating containers - hosts: all_containers - connection: local - gather_facts: false - roles: - - role: "lxc_container_create" - lxc_container_release: trusty - lxc_container_backing_store: dir - global_environment_variables: - PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - post_tasks: - - name: Wait for ssh to be available - local_action: - module: wait_for - port: "{{ ansible_ssh_port | default('22') }}" - host: "{{ ansible_ssh_host | default(inventory_hostname) }}" - search_regex: OpenSSH - delay: 1 +# Prepare the containers +- include: test-prepare-containers.yml -- name: Playbook for deploying infra services - hosts: service_all - user: root - gather_facts: true - roles: - - role: "rabbitmq_server" - rabbitmq_cookie_token: secrete - - role: "galera_server" - galera_root_password: secrete - galera_root_user: root - galera_innodb_buffer_pool_size: 512M - galera_innodb_log_buffer_size: 32M - galera_server_id: "{{ inventory_hostname | string_2_int }}" - galera_wsrep_node_name: "{{ inventory_hostname }}" - galera_wsrep_provider_options: - - { option: "gcache.size", value: "32M" } - galera_server_id: "{{ inventory_hostname | string_2_int }}" +# Install RabbitMQ/MariaDB +- include: test-install-infra.yml -- name: Playbook for deploying keystone - hosts: keystone_all - user: root - gather_facts: true - pre_tasks: - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ keystone_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-vhost - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ keystone_rabbitmq_userid }}" - password: "{{ keystone_rabbitmq_password }}" - vhost: "{{ keystone_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-user - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - state: "present" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - mysql-db-setup - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - password: "{{ keystone_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ keystone_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - mysql-db-setup - roles: - - role: os_keystone - vars: - external_lb_vip_address: 10.100.100.3 - internal_lb_vip_address: 10.100.100.3 - keystone_galera_address: 10.100.100.2 - keystone_galera_database: keystone - keystone_venv_tag: "testing" - keystone_developer_mode: true - keystone_git_install_branch: a55128044f763f5cfe2fdc57c738eaca97636448 - keystone_requirements_git_install_branch: 332278d456e06870150835564342570ec9d5f5a0 - keystone_auth_admin_token: "SuperSecreteTestToken" - keystone_auth_admin_password: "SuperSecretePassword" - keystone_service_password: "secrete" - keystone_rabbitmq_password: "secrete" - keystone_container_mysql_password: "SuperSecrete" - keystone_rabbitmq_port: 5671 - keystone_rabbitmq_userid: keystone - keystone_rabbitmq_vhost: /keystone - keystone_rabbitmq_servers: 10.100.100.2 - keystone_rabbitmq_use_ssl: true - galera_client_drop_config_file: false +# Install Keystone +- include: test-install-keystone.yml -- name: Playbook for deploying glance - hosts: glance_all - user: root - gather_facts: true - pre_tasks: - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ glance_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['glance_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-vhost - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ glance_rabbitmq_userid }}" - password: "{{ glance_rabbitmq_password }}" - vhost: "{{ glance_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['glance_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-user - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ glance_galera_database }}" - state: "present" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['glance_all'][0] - tags: - - mysql-db-setup - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ glance_galera_database }}" - password: "{{ glance_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ glance_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.100.2" - when: inventory_hostname == groups['glance_all'][0] - tags: - - mysql-db-setup - roles: - - role: "{{ rolename | basename }}" - tasks: - # needed by the functional test playbook below - - name: Install httplib2 so we can use the uri module - pip: - name: httplib2 - vars: - external_lb_vip_address: 10.100.100.3 - internal_lb_vip_address: 10.100.100.3 - glance_galera_address: 10.100.100.2 - glance_galera_database: glance - glance_container_mysql_password: "SuperSecrete" - galera_client_drop_config_file: false - galera_root_password: "secrete" - glance_rabbitmq_password: "secrete" - glance_rabbitmq_userid: glance - glance_rabbitmq_vhost: /glance - rabbitmq_servers: 10.100.100.2 - rabbitmq_use_ssl: true - rabbitmq_port: 5671 - keystone_admin_user_name: admin - keystone_admin_tenant_name: admin - keystone_auth_admin_password: "SuperSecretePassword" - keystone_service_adminuri_insecure: false - keystone_service_internaluri_insecure: false - keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" - keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" - keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" - keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" - glance_venv_tag: "testing" - glance_developer_mode: true - glance_git_install_branch: 7d5c3710ce2739a8ac356208d4e104f2ce3ec9ab - glance_requirements_git_install_branch: 332278d456e06870150835564342570ec9d5f5a0 - glance_service_password: "secrete" - glance_profiler_hmac_key: "secrete" - openrc_os_password: "{{ keystone_auth_admin_password }}" - openrc_os_domain_name: "Default" - memcached_servers: 127.0.0.1 - memcached_encryption_key: "secrete" - -- name: Playbook for functional testing glance - hosts: glance_all - user: root - gather_facts: false - tasks: - - name: Check the glance-api - uri: - url: "http://localhost:9292" - status_code: 300 - - name: Check the glance-registry - uri: - url: "http://localhost:9191" - status_code: 401 +# Install Glance +- include: test-install-glance.yml \ No newline at end of file