From 39505d2b8e14c61a199ca3872c6222720a31ace3 Mon Sep 17 00:00:00 2001 From: Matt Thompson Date: Tue, 29 Mar 2016 12:02:56 +0100 Subject: [PATCH] Standardise nova functional tests and add actual tests This commit breaks out the tests/test.yml file into sub task files and deploys all the necessary components (keystone, glance, neutron) to boot nova instances. The functional test validates a few nova ports and then proceeds to creating to a glance image and neutron network bits before spinning up an instance. Additionally, this change does the following: - fully defines the inventory rather than having test-prepare-host.yml add containers to it - removes installation of lxc_python2 library, since this is no longer necessary - updates test-prepare-keys.yml to use localhost instead of 127.0.0.1, uses become_user=jenkins instead of become=false, and removes redundant connection - updates test-prepare-host.yml by removing redundant become and connection options, changes 127.0.0.1 to localhost, and removes mocking ansible_env - groups vars in defined in each individual file into a single test-vars.yml file Change-Id: I80b1923cbf5c4375d2fb71bc71c326d43f1443b4 --- tasks/nova_compute_kvm_install.yml | 2 +- tasks/nova_console_novnc_install.yml | 2 +- tests/ansible-role-requirements.yml | 8 + tests/group_vars/all_containers.yml | 27 +++ tests/inventory | 94 ++++++++ tests/test-install-glance.yml | 65 ++++++ tests/test-install-infra.yml | 32 +++ tests/test-install-keystone.yml | 75 +++++++ tests/test-install-neutron.yml | 75 +++++++ tests/test-install-nova.yml | 87 ++++++++ tests/test-nova-functional.yml | 111 +++++++++ tests/test-prepare-containers.yml | 33 +++ tests/test-prepare-host.yml | 60 +++++ tests/test-prepare-keys.yml | 33 +++ tests/test-vars.yml | 116 ++++++++++ tests/test.yml | 323 ++------------------------- 16 files changed, 839 insertions(+), 304 deletions(-) create mode 100644 tests/group_vars/all_containers.yml create mode 100644 tests/test-install-glance.yml create mode 100644 tests/test-install-infra.yml create mode 100644 tests/test-install-keystone.yml create mode 100644 tests/test-install-neutron.yml create mode 100644 tests/test-install-nova.yml create mode 100644 tests/test-nova-functional.yml create mode 100644 tests/test-prepare-containers.yml create mode 100644 tests/test-prepare-host.yml create mode 100644 tests/test-prepare-keys.yml create mode 100644 tests/test-vars.yml diff --git a/tasks/nova_compute_kvm_install.yml b/tasks/nova_compute_kvm_install.yml index 90ffcea5..b8fc1556 100644 --- a/tasks/nova_compute_kvm_install.yml +++ b/tasks/nova_compute_kvm_install.yml @@ -59,7 +59,7 @@ with_items: nova_compute_pip_packages when: - nova_venv_enabled | bool - - nova_get_venv | failed + - nova_get_venv | failed or nova_developer_mode | bool tags: - nova-install - nova-pip-packages diff --git a/tasks/nova_console_novnc_install.yml b/tasks/nova_console_novnc_install.yml index 08273eb5..5b3f419d 100644 --- a/tasks/nova_console_novnc_install.yml +++ b/tasks/nova_console_novnc_install.yml @@ -75,7 +75,7 @@ with_items: nova_novnc_pip_packages when: - nova_venv_enabled | bool - - nova_get_venv | failed + - nova_get_venv | failed or nova_developer_mode | bool tags: - nova-install - nova-pip-packages diff --git a/tests/ansible-role-requirements.yml b/tests/ansible-role-requirements.yml index 3f188ee7..bb515790 100644 --- a/tests/ansible-role-requirements.yml +++ b/tests/ansible-role-requirements.yml @@ -46,6 +46,14 @@ src: https://git.openstack.org/openstack/openstack-ansible-os_keystone scm: git version: master +- name: os_glance + src: https://git.openstack.org/openstack/openstack-ansible-os_glance + scm: git + version: master +- name: os_neutron + src: https://git.openstack.org/openstack/openstack-ansible-os_neutron + scm: git + version: master - name: openstack_openrc src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc scm: git diff --git a/tests/group_vars/all_containers.yml b/tests/group_vars/all_containers.yml new file mode 100644 index 00000000..4cc97942 --- /dev/null +++ b/tests/group_vars/all_containers.yml @@ -0,0 +1,27 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ansible_ssh_host: "{{ ansible_host }}" +container_name: "{{ inventory_hostname }}" +container_networks: + management_address: + address: "{{ ansible_host }}" + bridge: "lxcbr0" + interface: "eth1" + netmask: "255.255.252.0" + type: "veth" +physical_host: localhost +properties: + service_name: "{{ inventory_hostname }}" diff --git a/tests/inventory b/tests/inventory index 6c0833a9..59625844 100644 --- a/tests/inventory +++ b/tests/inventory @@ -1,2 +1,96 @@ [all] localhost ansible_connection=local ansible_become=True +infra1 ansible_host=10.100.100.101 ansible_become=True ansible_user=root +openstack1 ansible_host=10.100.100.102 ansible_become=True ansible_user=root + +[all_containers] +infra1 +openstack1 + +[rabbitmq_all] +infra1 + +[galera_all] +infra1 + +[service_all:children] +rabbitmq_all +galera_all + +[keystone_all] +openstack1 + +[glance_api] +openstack1 + +[glance_registry] +openstack1 + +[glance_all:children] +glance_api +glance_registry + +[neutron_agent] +openstack1 + +[neutron_dhcp_agent] +openstack1 + +[neutron_linuxbridge_agent] +openstack1 +localhost + +[neutron_metering_agent] +openstack1 + +[neutron_l3_agent] +openstack1 + +[neutron_lbaas_agent] +openstack1 + +[neutron_metadata_agent] +openstack1 + +[neutron_server] +openstack1 + +[neutron_all:children] +neutron_agent +neutron_dhcp_agent +neutron_linuxbridge_agent +neutron_metering_agent +neutron_l3_agent +neutron_lbaas_agent +neutron_metadata_agent +neutron_server + +[nova_api_metadata] +openstack1 + +[nova_api_os_compute] +openstack1 + +[nova_cert] +openstack1 + +[nova_compute] +localhost + +[nova_conductor] +openstack1 + +[nova_console] +openstack1 + +[nova_scheduler] +openstack1 + +[nova_all:children] +nova_api_metadata +nova_api_os_compute +nova_cert +nova_compute +nova_conductor +nova_console +nova_scheduler diff --git a/tests/test-install-glance.yml b/tests/test-install-glance.yml new file mode 100644 index 00000000..2e87797e --- /dev/null +++ b/tests/test-install-glance.yml @@ -0,0 +1,65 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for deploying glance + hosts: glance_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ glance_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['glance_all'][0] + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ glance_rabbitmq_userid }}" + password: "{{ glance_rabbitmq_password }}" + vhost: "{{ glance_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['glance_all'][0] + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ glance_galera_database }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['glance_all'][0] + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ glance_galera_database }}" + password: "{{ glance_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ glance_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['glance_all'][0] + roles: + - role: "os_glance" + vars_files: + - test-vars.yml diff --git a/tests/test-install-infra.yml b/tests/test-install-infra.yml new file mode 100644 index 00000000..86e8625e --- /dev/null +++ b/tests/test-install-infra.yml @@ -0,0 +1,32 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for deploying infra services + hosts: service_all + user: root + gather_facts: true + roles: + - role: "rabbitmq_server" + rabbitmq_cookie_token: secrete + - role: "galera_server" + galera_root_password: secrete + galera_root_user: root + galera_innodb_buffer_pool_size: 512M + galera_innodb_log_buffer_size: 32M + galera_server_id: "{{ inventory_hostname | string_2_int }}" + galera_wsrep_node_name: "{{ inventory_hostname }}" + galera_wsrep_provider_options: + - { option: "gcache.size", value: "32M" } + galera_server_id: "{{ inventory_hostname | string_2_int }}" diff --git a/tests/test-install-keystone.yml b/tests/test-install-keystone.yml new file mode 100644 index 00000000..a5f3d1ad --- /dev/null +++ b/tests/test-install-keystone.yml @@ -0,0 +1,75 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for deploying keystone + hosts: keystone_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ keystone_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + tags: + - aodh-rabbitmq + - aodh-rabbitmq-vhost + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ keystone_rabbitmq_userid }}" + password: "{{ keystone_rabbitmq_password }}" + vhost: "{{ keystone_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + tags: + - aodh-rabbitmq + - aodh-rabbitmq-user + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + tags: + - mysql-db-setup + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + password: "{{ keystone_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ keystone_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + tags: + - mysql-db-setup + roles: + - role: os_keystone + vars_files: + - test-vars.yml diff --git a/tests/test-install-neutron.yml b/tests/test-install-neutron.yml new file mode 100644 index 00000000..231c3515 --- /dev/null +++ b/tests/test-install-neutron.yml @@ -0,0 +1,75 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Deploy neutron + hosts: neutron_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ neutron_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['neutron_all'][0] + tags: + - neutron-rabbitmq + - neutron-rabbitmq-vhost + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ neutron_rabbitmq_userid }}" + password: "{{ neutron_rabbitmq_password }}" + vhost: "{{ neutron_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['neutron_all'][0] + tags: + - neutron-rabbitmq + - neutron-rabbitmq-user + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ neutron_galera_database }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['neutron_all'][0] + tags: + - mysql-db-setup + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ neutron_galera_database }}" + password: "{{ neutron_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ neutron_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['neutron_all'][0] + tags: + - mysql-db-setup + roles: + - role: "os_neutron" + vars_files: + - test-vars.yml diff --git a/tests/test-install-nova.yml b/tests/test-install-nova.yml new file mode 100644 index 00000000..4f3ceff2 --- /dev/null +++ b/tests/test-install-nova.yml @@ -0,0 +1,87 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for deploying nova + hosts: nova_all + user: root + gather_facts: true + pre_tasks: + # NOTE: These are typically installed in the repo server where we build the + # nova wheel + - name: Install packages required to build nova python package + apt: + name: "{{ item }}" + with_items: + - libxml2-dev + - libxslt-dev + - libffi-dev + - pkg-config + - libvirt-dev + when: inventory_hostname in groups['nova_compute'] + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ nova_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['nova_all'][0] + tags: + - aodh-rabbitmq + - aodh-rabbitmq-vhost + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ nova_rabbitmq_userid }}" + password: "{{ nova_rabbitmq_password }}" + vhost: "{{ nova_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['nova_all'][0] + tags: + - aodh-rabbitmq + - aodh-rabbitmq-user + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ nova_galera_database }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['nova_all'][0] + tags: + - mysql-db-setup + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ nova_galera_database }}" + password: "{{ nova_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ nova_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['nova_all'][0] + tags: + - mysql-db-setup + roles: + - role: "{{ rolename | basename }}" + vars_files: + - test-vars.yml diff --git a/tests/test-nova-functional.yml b/tests/test-nova-functional.yml new file mode 100644 index 00000000..0931e09a --- /dev/null +++ b/tests/test-nova-functional.yml @@ -0,0 +1,111 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for functional testing of nova + hosts: nova_api_os_compute + user: root + gather_facts: false + tasks: + - name: Check the nova-api-os-compute service + uri: + url: "http://localhost:8774" + status_code: 200 + register: nova_api_os_compute_status + until: nova_api_os_compute_status | success + retries: 5 + delay: 5 + - name: Check the nova-api-metadata service + uri: + url: "http://localhost:8775" + status_code: 200 + register: nova_api_metadata_status + until: nova_api_metadata_status | success + retries: 5 + delay: 5 + - name: Check the nova-spicehtml5proxy service + uri: + url: "http://localhost:6082/spice_auto.html" + status_code: 200 + register: nova_spice_status + until: nova_spice_status | success + retries: 5 + delay: 5 + - name: Install testing pip packages + pip: + name: "{{ item }}" + with_items: + - python-glanceclient + - python-neutronclient + - name: Set glance_image_name fact + set_fact: + glance_image_name: "functional-image-{{ 100|random }}" + - name: Set nova_instance_name fact + set_fact: + nova_instance_name: "functional-instance-{{ 100|random }}" + - name: Set neutron_net_name fact + set_fact: + neutron_net_name: "functional-net-{{ 100|random }}" + - name: Set neutron_subnet_name fact + set_fact: + neutron_subnet_name: "functional-subnet-{{ 100|random }}" + - name: Upload the Cirros image + glance: + command: 'image-create' + openrc_path: /root/openrc + image_name: "{{ glance_image_name }}" + image_url: "http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-uec.tar.gz" + image_container_format: bare + image_disk_format: qcow2 + image_is_public: True + register: cirros_image_create + until: cirros_image_create | success + retries: 5 + delay: 15 + # NOTE: We need to ensure the image goes active before we attempt to boot + # from it below + - name: Verify image goes active + shell: | + . /root/openrc + {{ nova_venv_bin }}/glance image-show {{ glance_images[glance_image_name]['id'] }} | grep active + register: image_status + until: image_status|success + retries: 5 + delay: 5 + - name: Create test network + neutron: + command: create_network + openrc_path: /root/openrc + net_name: "{{ neutron_net_name }}" + - name: Create test subnet + neutron: + command: create_subnet + openrc_path: /root/openrc + net_name: "{{ neutron_net_name }}" + subnet_name: "{{ neutron_subnet_name }}" + cidr: "192.168.74.0/24" + - name: Create nova instance + shell: | + . /root/openrc + {{ nova_venv_bin }}/nova boot --image {{ glance_image_name }} --flavor 1 --nic net-id={{ neutron_networks[neutron_net_name]['id'] }} {{ nova_instance_name }} + - name: Verify nova instance goes active + shell: | + . /root/openrc + {{ nova_venv_bin }}/nova show {{ nova_instance_name }} | grep ACTIVE + register: instance_status + until: instance_status|success + retries: 5 + delay: 5 + vars_files: + - test-vars.yml diff --git a/tests/test-prepare-containers.yml b/tests/test-prepare-containers.yml new file mode 100644 index 00000000..cf46e8ab --- /dev/null +++ b/tests/test-prepare-containers.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for creating containers + hosts: all_containers + connection: local + gather_facts: false + roles: + - role: "lxc_container_create" + lxc_container_release: trusty + lxc_container_backing_store: dir + global_environment_variables: + PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + post_tasks: + - name: Wait for ssh to be available + local_action: + module: wait_for + port: "{{ ansible_ssh_port | default('22') }}" + host: "{{ ansible_ssh_host | default(inventory_hostname) }}" + search_regex: OpenSSH + delay: 1 diff --git a/tests/test-prepare-host.yml b/tests/test-prepare-host.yml new file mode 100644 index 00000000..3d4d073c --- /dev/null +++ b/tests/test-prepare-host.yml @@ -0,0 +1,60 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for configuring the LXC host + hosts: localhost + pre_tasks: + # Make sure OS does not have a stale package cache. + - name: Update apt cache + apt: + update_cache: yes + when: ansible_os_family == 'Debian' + - name: Ensure root's new public ssh key is in authorized_keys + authorized_key: + user: root + key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" + manage_dir: no + - set_fact: + lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" + - name: Check if this is an OpenStack-CI nodepool instance + stat: + path: /etc/nodepool/provider + register: nodepool + - name: Set the files to copy into the container cache for OpenStack-CI instances + set_fact: + lxc_container_cache_files: + - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } + - { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' } + when: nodepool.stat.exists | bool + - name: Determine the existing Ubuntu repo configuration + shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' + register: ubuntu_repo + changed_when: false + - name: Set apt repo facts based on discovered information + set_fact: + lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}" + lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}" + roles: + - role: "lxc_hosts" + lxc_net_address: 10.100.100.1 + lxc_net_dhcp_range: 10.100.100.2,10.100.100.99 + lxc_net_bridge: lxcbr0 + lxc_kernel_options: + - { key: 'fs.inotify.max_user_instances', value: 1024 } + lxc_container_caches: + - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" + name: "trusty.tgz" + sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" + chroot_path: trusty/rootfs-amd64 diff --git a/tests/test-prepare-keys.yml b/tests/test-prepare-keys.yml new file mode 100644 index 00000000..a4fad4f5 --- /dev/null +++ b/tests/test-prepare-keys.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# NOTE: we use become_user because setting become: no or become: false +# doesn't seem to override the ansible_become=true in the +# inventory +- name: Playbook for establishing ssh keys + hosts: localhost + become_user: "{{ ansible_ssh_user }}" + pre_tasks: + - name: Create ssh key pair for root + user: + name: "{{ ansible_ssh_user }}" + generate_ssh_key: "yes" + ssh_key_bits: 2048 + ssh_key_file: ".ssh/id_rsa" + - name: Get the calling user's key + command: cat ~/.ssh/id_rsa.pub + register: key_get + - set_fact: + lxc_container_ssh_key: "{{ key_get.stdout }}" diff --git a/tests/test-vars.yml b/tests/test-vars.yml new file mode 100644 index 00000000..01f04945 --- /dev/null +++ b/tests/test-vars.yml @@ -0,0 +1,116 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +cinder_backends_rbd_inuse: false +cinder_ceph_client: cinder +debug: true +external_lb_vip_address: 10.100.100.102 +galera_client_drop_config_file: false +galera_root_password: secrete +glance_container_mysql_password: "SuperSecrete" +glance_developer_mode: true +glance_galera_address: 10.100.100.101 +glance_galera_database: glance +glance_git_install_branch: stable/mitaka +glance_host: "{{ internal_lb_vip_address }}" +glance_profiler_hmac_key: "secrete" +glance_rabbitmq_password: "secrete" +glance_rabbitmq_userid: glance +glance_rabbitmq_vhost: /glance +glance_requirements_git_install_branch: stable/mitaka +glance_service_password: "secrete" +glance_service_port: 9292 +glance_venv_tag: "testing" +internal_lb_vip_address: 10.100.100.102 +keystone_admin_tenant_name: admin +keystone_admin_user_name: admin +keystone_auth_admin_password: SuperSecretePassword +keystone_container_mysql_password: "SuperSecrete" +keystone_developer_mode: true +keystone_galera_address: 10.100.100.101 +keystone_galera_database: keystone +keystone_git_install_branch: stable/mitaka +keystone_rabbitmq_password: "secrete" +keystone_rabbitmq_port: 5671 +keystone_rabbitmq_servers: 10.100.100.101 +keystone_rabbitmq_use_ssl: false +keystone_rabbitmq_userid: keystone +keystone_rabbitmq_vhost: /keystone +keystone_requirements_git_install_branch: stable/mitaka +keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" +keystone_service_adminuri_insecure: false +keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" +keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" +keystone_service_internaluri_insecure: false +keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" +keystone_service_password: "secrete" +keystone_service_region: RegionOne +keystone_venv_tag: "testing" +memcached_encryption_key: "secrete" +memcached_servers: 127.0.0.1 +neutron_container_mysql_password: SuperSecrete +neutron_developer_mode: true +neutron_galera_address: 10.100.100.101 +neutron_galera_database: neutron +neutron_git_install_branch: stable/mitaka +neutron_ha_vrrp_auth_password: secrete +neutron_management_address: "{{ internal_lb_vip_address }}" +neutron_provider_networks: + network_types: "vxlan" + network_vxlan_ranges: "1:1000" +neutron_rabbitmq_password: secrete +neutron_rabbitmq_userid: neutron +neutron_rabbitmq_vhost: /neutron +neutron_requirements_git_install_branch: stable/mitaka +neutron_service_adminurl: http://{{ internal_lb_vip_address }}:9696 +neutron_service_password: "secrete" +neutron_service_project_name: service +neutron_service_region: RegionOne +neutron_service_user_name: neutron +neutron_venv_tag: testing +nova_api_container_mysql_password: "SuperSecrete" +nova_api_galera_address: 10.100.100.101 +nova_container_mysql_password: "SuperSecrete" +nova_developer_mode: true +nova_galera_address: 10.100.100.101 +nova_galera_database: nova +nova_git_install_branch: stable/mitaka +nova_keystone_auth_plugin: password +nova_management_address: "10.100.100.1" +nova_metadata_port: 8775 +nova_metadata_proxy_secret: "secrete" +nova_novncproxy_vncserver_listen: localhost +nova_novncproxy_vncserver_proxyclient_address: localhost +nova_rabbitmq_password: "secrete" +nova_rabbitmq_userid: nova +nova_rabbitmq_vhost: /nova +nova_requirements_git_install_branch: stable/mitaka +nova_service_adminurl: "http://{{ internal_lb_vip_address }}:8774" +nova_service_password: "secrete" +nova_service_project_domain_id: default +nova_service_project_name: service +nova_service_region: RegionOne +nova_service_user_domain_id: default +nova_service_user_name: nova +nova_venv_bin: "/openstack/venvs/nova-{{ nova_venv_tag }}/bin" +nova_venv_tag: "testing" +nova_virt_type: qemu +openrc_os_auth_url: "http://127.0.0.1:5000/v3" +openrc_os_domain_name: "Default" +openrc_os_password: "{{ keystone_auth_admin_password }}" +rabbitmq_port: 5671 +rabbitmq_servers: 10.100.100.101 +rabbitmq_use_ssl: true +verbose: true diff --git a/tests/test.yml b/tests/test.yml index f22091af..5e909c56 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -13,310 +13,29 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Playbook for establish ssh keys - hosts: 127.0.0.1 - connection: local - become: false - pre_tasks: - - name: Create ssh key pair for root - user: - name: "{{ ansible_ssh_user }}" - generate_ssh_key: "yes" - ssh_key_bits: 2048 - ssh_key_file: ".ssh/id_rsa" - - name: Get the calling user's key - command: cat ~/.ssh/id_rsa.pub - register: key_get - - set_fact: - lxc_container_ssh_key: "{{ key_get.stdout }}" +# Prepare the user ssh keys +- include: test-prepare-keys.yml -- name: Playbook for configuring the LXC host - hosts: localhost - connection: local - become: yes - pre_tasks: - # Make sure OS does not have a stale package cache. - - name: Update apt cache - apt: - update_cache: yes - when: ansible_os_family == 'Debian' - - name: Ensure root's new public ssh key is in authorized_keys - authorized_key: - user: root - key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" - manage_dir: no - - set_fact: - lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" - roles: - - role: "lxc_hosts" - lxc_net_address: 10.100.100.1 - lxc_net_dhcp_range: 10.100.100.2,10.100.100.99 - lxc_net_bridge: lxcbr0 - lxc_kernel_options: - - { key: 'fs.inotify.max_user_instances', value: 1024 } - lxc_container_caches: - - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" - name: "trusty.tgz" - sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" - chroot_path: trusty/rootfs-amd64 - # The $HOME directory is mocked to work with tox - # by defining the 'ansible_env' hash. This should - # NEVER be done outside of testing. - ansible_env: ## NEVER DO THIS OUTSIDE OF TESTING - HOME: "/tmp" - - role: "py_from_git" - git_repo: "https://github.com/lxc/python2-lxc" - git_dest: "/opt/lxc_python2" - git_install_branch: "master" - post_tasks: - # THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A - # HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV. - - name: Ensure the lxc lib is on the host - command: /usr/local/bin/pip install /opt/lxc_python2 - # Inventory is being pre-loaded using a post tasks instead of through a dynamic - # inventory system. While this is not a usual method for deployment it's being - # done for functional testing. - - name: Create container hosts - add_host: - groups: "{{ item.groups }}" - hostname: "{{ item.name }}" - inventory_hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.address }}" - ansible_become: true - properties: - service_name: "{{ item.service }}" - container_networks: - management_address: - address: "{{ item.address }}" - bridge: "lxcbr0" - interface: "eth1" - netmask: "255.255.252.0" - type: "veth" - physical_host: localhost - container_name: "{{ item.name }}" - with_items: - - { name: "infra1", service: "infra1", address: "10.100.100.101", groups: "all,all_containers,rabbitmq_all,galera_all,service_all" } - - { name: "openstack1", service: "openstack1", address: "10.100.100.102", groups: "all,all_containers,keystone_all,nova_api_metadata,nova_api_os_compute,nova_cert,nova_compute,nova_conductor,nova_console,nova_scheduler,nova_all" } +# Prepare the host +- include: test-prepare-host.yml -- name: Playbook for creating containers - hosts: all_containers - connection: local - gather_facts: false - roles: - - role: "lxc_container_create" - lxc_container_release: trusty - lxc_container_backing_store: dir - global_environment_variables: - PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - post_tasks: - - name: Wait for ssh to be available - local_action: - module: wait_for - port: "{{ ansible_ssh_port | default('22') }}" - host: "{{ ansible_ssh_host | default(inventory_hostname) }}" - search_regex: OpenSSH - delay: 1 +# Prepare the containers +- include: test-prepare-containers.yml -- name: Playbook for deploying infra services - hosts: service_all - user: root - gather_facts: true - roles: - - role: "rabbitmq_server" - rabbitmq_cookie_token: secrete - - role: "galera_server" - galera_root_password: secrete - galera_root_user: root - galera_innodb_buffer_pool_size: 512M - galera_innodb_log_buffer_size: 32M - galera_server_id: "{{ inventory_hostname | string_2_int }}" - galera_wsrep_node_name: "{{ inventory_hostname }}" - galera_wsrep_provider_options: - - { option: "gcache.size", value: "32M" } - galera_server_id: "{{ inventory_hostname | string_2_int }}" +# Install RabbitMQ/MariaDB +- include: test-install-infra.yml -- name: Playbook for deploying keystone - hosts: keystone_all - user: root - gather_facts: true - pre_tasks: - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ keystone_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-vhost - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ keystone_rabbitmq_userid }}" - password: "{{ keystone_rabbitmq_password }}" - vhost: "{{ keystone_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-user - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - state: "present" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - mysql-db-setup - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ keystone_galera_database }}" - password: "{{ keystone_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ keystone_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['keystone_all'][0] - tags: - - mysql-db-setup - roles: - - role: os_keystone - vars: - external_lb_vip_address: 10.100.100.102 - internal_lb_vip_address: 10.100.100.102 - keystone_galera_address: 10.100.100.101 - keystone_galera_database: keystone - keystone_venv_tag: "testing" - keystone_developer_mode: true - keystone_git_install_branch: stable/mitaka - keystone_requirements_git_install_branch: stable/mitaka - keystone_auth_admin_token: "SuperSecreteTestToken" - keystone_auth_admin_password: "SuperSecretePassword" - keystone_service_password: "secrete" - keystone_rabbitmq_password: "secrete" - keystone_container_mysql_password: "SuperSecrete" - keystone_rabbitmq_port: 5671 - keystone_rabbitmq_userid: keystone - keystone_rabbitmq_vhost: /keystone - keystone_rabbitmq_servers: 10.100.100.101 - keystone_rabbitmq_use_ssl: false - galera_client_drop_config_file: false +# Install Keystone +- include: test-install-keystone.yml -- name: Playbook for deploying nova - hosts: nova_all - user: root - gather_facts: true - pre_tasks: - - name: Ensure rabbitmq vhost - rabbitmq_vhost: - name: "{{ nova_rabbitmq_vhost }}" - state: "present" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['nova_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-vhost - - name: Ensure rabbitmq user - rabbitmq_user: - user: "{{ nova_rabbitmq_userid }}" - password: "{{ nova_rabbitmq_password }}" - vhost: "{{ nova_rabbitmq_vhost }}" - configure_priv: ".*" - read_priv: ".*" - write_priv: ".*" - state: "present" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['nova_all'][0] - tags: - - aodh-rabbitmq - - aodh-rabbitmq-user - - name: Create DB for service - mysql_db: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ nova_galera_database }}" - state: "present" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['nova_all'][0] - tags: - - mysql-db-setup - - name: Grant access to the DB for the service - mysql_user: - login_user: "root" - login_password: "secrete" - login_host: "localhost" - name: "{{ nova_galera_database }}" - password: "{{ nova_container_mysql_password }}" - host: "{{ item }}" - state: "present" - priv: "{{ nova_galera_database }}.*:ALL" - with_items: - - "localhost" - - "%" - delegate_to: "10.100.100.101" - when: inventory_hostname == groups['nova_all'][0] - tags: - - mysql-db-setup - roles: - - role: "{{ rolename | basename }}" - vars: - external_lb_vip_address: 10.100.100.102 - internal_lb_vip_address: 10.100.100.102 - nova_galera_address: 10.100.100.101 - nova_api_galera_address: 10.100.100.101 - nova_galera_database: nova - galera_root_password: "secrete" - galera_client_drop_config_file: false - nova_rabbitmq_password: "secrete" - nova_rabbitmq_userid: nova - nova_rabbitmq_vhost: /nova - rabbitmq_servers: 10.100.100.101 - rabbitmq_use_ssl: true - rabbitmq_port: 5671 - keystone_admin_user_name: admin - keystone_admin_tenant_name: admin - keystone_auth_admin_password: "SuperSecretePassword" - keystone_service_adminuri_insecure: false - keystone_service_internaluri_insecure: false - keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" - keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" - keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" - keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" - nova_venv_tag: "testing" - nova_developer_mode: true - nova_git_install_branch: stable/mitaka - nova_requirements_git_install_branch: stable/mitaka - nova_service_password: "secrete" - nova_container_mysql_password: "SuperSecrete" - nova_api_container_mysql_password: "SuperSecrete" - nova_management_address: "{{ internal_lb_vip_address }}" - nova_virt_type: qemu - cinder_ceph_client: cinder - cinder_backends_rbd_inuse: false - glance_host: "{{ internal_lb_vip_address }}" - glance_service_port: 9292 - neutron_service_adminurl: http://{{ internal_lb_vip_address }}/9696 - neutron_service_region: RegionOne - neutron_service_password: "secrete" - neutron_service_user_name: neutron - neutron_service_project_name: service - nova_metadata_proxy_secret: "secrete" - openrc_os_password: "{{ keystone_auth_admin_password }}" - openrc_os_domain_name: "Default" - memcached_servers: 127.0.0.1 - memcached_encryption_key: "secrete" - debug: true - verbose: true +# Install Glance +- include: test-install-glance.yml + +# Install Neutron +- include: test-install-neutron.yml + +# Install Nova +- include: test-install-nova.yml + +# Test Nova +- include: test-nova-functional.yml