airship/porthole
Code Issues Proposed changes

Switch to ceph rook deployment

Browse Source 
This change updates the deployment scripts to use
Ceph Rook instead of the previous Ceph deployment
method.

Change-Id: I9a913aee3191470d32bec3ae3ec9367da1c01f40
Signed-off-by: Arina Stebenkova <astebenkova@mirantis.com>
This commit is contained in:
Arina Stebenkova
2025-07-18 18:01:03 +03:00
committed by Sergiy Markin
parent 17b6a8e217
commit bbf2cae259
8 changed files with 185 additions and 269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -66,3 +66,4 @@ The recommended minimum system requirements for a full deployment are:
The PostgreSQL utility container needed Postgresql DB Pods for Testing. Please follow below Link.
`[PostgreSQL README](https://opendev.org/airship/porthole/src/branch/master/images/postgresql-utility/README.md).`

4
tools/deployment/003-prepare-k8s.sh
View File

@@ -31,7 +31,9 @@ kubectl label --overwrite nodes --all ceph-mgr=enabled
# and we don't need L2 overlay (will be implemented later).
kubectl label --overwrite nodes -l "node-role.kubernetes.io/control-plane" l3-agent=enabled
for NAMESPACE in ceph mariadb-operator utility ucp openstack osh-infra; do
kubectl label --overwrite nodes -l "node-role.kubernetes.io/control-plane" openstack-network-node=enabled
for NAMESPACE in mariadb-operator utility ucp ceph openstack osh-infra; do
tee /tmp/${NAMESPACE}-ns.yaml << EOF
apiVersion: v1
kind: Namespace

56
tools/deployment/010-ceph-utility.sh
View File

@@ -17,63 +17,25 @@ set -xe
CURRENT_DIR="$(pwd)"
# NOTE: Define variables
: ${OSH_PATH:="../openstack-helm"}
: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
: ${OSH_PATH:="../../openstack/openstack-helm"}
: ${NAMESPACE:=utility}
cd "${OSH_INFRA_PATH}" || exit
cd "${OSH_PATH}" || exit
# NOTE: Lint and package ceph helm charts
for CHART in ceph-mon ceph-osd ceph-client ceph-provisioners; do
make "${CHART}" SKIP_CHANGELOG=1
done
make ceph-adapter-rook SKIP_CHANGELOG=1
./tools/deployment/ceph/ceph.sh
cd "${OSH_INFRA_PATH}"
tee /tmp/ceph-utility-config.yaml <<EOF
endpoints:
identity:
namespace: openstack
object_store:
namespace: ceph
ceph_mon:
namespace: ceph
network:
public: 172.17.0.1/16
cluster: 172.17.0.1/16
deployment:
storage_secrets: false
ceph: false
rbd_provisioner: false
cephfs_provisioner: false
csi_rbd_provisioner: false
client_secrets: true
rgw_keystone_user_and_endpoints: false
bootstrap:
enabled: false
conf:
rgw_ks:
enabled: true
pod:
mandatory_access_control:
type: apparmor
ceph-utility-config-ceph-ns-key-generator :
ceph-storage-keys-generator: runtime/default
init: runtime/default
EOF
./tools/deployment/ceph/ceph-rook.sh
: ${OSH_EXTRA_HELM_ARGS:=""}
: ${OSH_INFRA_VALUES_OVERRIDES_PATH:="../openstack-helm-infra/values_overrides"}
: ${OSH_INFRA_EXTRA_HELM_ARGS_CEPH_DEPLOY:="$(helm osh get-values-overrides -p ${OSH_INFRA_VALUES_OVERRIDES_PATH} -c ceph-provisioners ${FEATURES})"}
: ${OSH_VALUES_OVERRIDES_PATH:="../openstack-helm/values_overrides"}
: ${OSH_EXTRA_HELM_ARGS_CEPH_DEPLOY:="$(helm osh get-values-overrides -p ${OSH_VALUES_OVERRIDES_PATH} -c ceph-rook-adapter ${FEATURES})"}
# NOTE: Deploy ceph-provisioners helm chart
helm upgrade --install ceph-utility-config ./ceph-provisioners \
# NOTE: Deploy ceph-adapter-rook helm chart
helm upgrade --install ceph-utility-config ./ceph-adapter-rook \
--namespace=${NAMESPACE} \
--values=/tmp/ceph-utility-config.yaml \
${OSH_EXTRA_HELM_ARGS} \
${OSH_INFRA_EXTRA_HELM_ARGS_CEPH_DEPLOY} \
${OSH_EXTRA_HELM_ARGS_CEPH_DEPLOY} \
${OSH_EXTRA_HELM_ARGS_CEPH_NS_ACTIVATE}
# NOTE: Wait for deploy

3
tools/gate/playbooks/make-functional-tests.yaml → tools/gate/playbooks/run-functional-tests.yaml
View File

@@ -10,7 +10,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- hosts: primary
- name: Run functional tests on primary host
hosts: primary
tasks:
- name: Execute the make target for unit testing

47
tools/gate/playbooks/run-tox-tests.yaml Normal file
View File

@@ -0,0 +1,47 @@
---
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Run tox tests on primary host
hosts: primary
gather_facts: true
become: false
roles:
- ensure-python
- ensure-pip
- role: ensure-tox
become: false
vars:
ensure_global_symlinks: true
tasks:
- name: Run tox tests
shell: |
whereis tox || pip3 install tox
tox --version || pip3 install tox
tox -e "$TOX_ENVLIST"
args:
chdir: "{{ zuul.project.src_dir | default(ansible_env.HOME + '/porthole') }}"
environment:
TOX_ENVLIST: "{{ tox_envlist }}"
register: tox_result
- name: Display tox result
debug:
var: tox_result
when: tox_result is defined
- name: Check for test failures
fail:
msg: "Tox tests failed for environment {{ tox_envlist }}"
when: tox_result.rc != 0

2
tools/helm_install.sh
View File

@@ -17,7 +17,7 @@
set -x
HELM=$1
HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://get.helm.sh/helm-v3.15.2-linux-amd64.tar.gz"}
HELM_ARTIFACT_URL=${HELM_ARTIFACT_URL:-"https://get.helm.sh/helm-v3.18.4-linux-amd64.tar.gz"}
function install_helm_binary {

277
zuul.d/base.yaml
View File

@@ -27,11 +27,10 @@
- airship-porthole-images-jammy-build-mysqlclient-utility
- airship-porthole-images-jammy-build-openstack-utility
- airship-porthole-images-jammy-build-postgresql-utility
# - airship-porthole-deploy-functional-tests-ubuntu_jammy
- airship-porthole-openstack-tox-py310-kubeadm
- airship-porthole-openstack-tox-cover-kubeadm
- airship-porthole-deploy-functional-tests-ubuntu_jammy-kubeadm
- airship-porthole-deploy-functional-tests-ubuntu_jammy-kubeadm
- airship-porthole-run-functional-tests-ubuntu_jammy-kubeadm-caracal
- airship-porthole-run-functional-tests-ubuntu_jammy-kubeadm-2023-2
gate:
@@ -63,187 +62,6 @@
- airship-porthole-images-jammy-publish-openstack-utility
- airship-porthole-images-jammy-publish-postgresql-utility
- nodeset:
name: airship-porthole-single-node
nodes:
- name: primary
label: ubuntu-bionic
- nodeset:
name: airship-porthole-jammy-single-node
nodes:
- name: primary
label: ubuntu-jammy
- job:
name: airship-porthole-openstack-tox-py310-kubeadm
parent: openstack-tox-py310
nodeset: treasuremap-airskiff-1node-ubuntu_jammy
roles:
- zuul: airship/kubernetes-entrypoint
- zuul: openstack/openstack-helm
- zuul: zuul/zuul-jobs
required-projects:
- name: openstack/openstack-helm
- name: openstack/openstack-helm-plugin
- name: airship/treasuremap
override-checkout: v1.9
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
- ^releasenotes/.*$
- ^site/seaworthy/.*$
- ^site/airsloop/.*$
- ^site/aiab/.*$
timeout: 10800
pre-run:
- tools/gate/playbooks/prepare-hosts.yaml
- tools/gate/playbooks/mount-volumes.yaml
- tools/gate/playbooks/deploy-env.yaml
- tools/gate/playbooks/airship-run-scripts.yaml
post-run:
- tools/gate/playbooks/osh-infra-collect-logs.yaml
vars:
treasuremap_ref: v1.9
extra_volume:
size: 80G
type: Linux
mount_point: /opt/ext_vol
docker:
root_path: "/opt/ext_vol/docker"
containerd:
root_path: "/opt/ext_vol/containerd"
kubeadm:
pod_network_cidr: "10.244.0.0/16"
service_cidr: "10.96.0.0/16"
osh_plugin_repo: "{{ zuul.project.src_dir }}/../../openstack/openstack-helm-plugin"
loopback_setup: true
loopback_device: /dev/loop100
loopback_image: "/opt/ext_vol/openstack-helm/ceph-loop.img"
ceph_osd_data_device: /dev/loop100
kube_version_repo: "v1.32"
kube_version: "1.32.1-1.1"
calico_setup: true
calico_version: "v3.27.4"
cilium_setup: false
cilium_version: "1.16.0"
flannel_setup: false
flannel_version: v0.25.4
metallb_setup: false
metallb_version: "0.13.12"
helm_version: "v3.14.0"
crictl_version: "v1.30.1"
zuul_osh_relative_path: ../../openstack/openstack-helm
zuul_osh_infra_relative_path: ../../openstack/openstack-helm
zuul_treasuremap_relative_path: ../../airship/treasuremap
gate_scripts_relative_path: .
run_helm_tests: "no"
distro_suffix: ubuntu_jammy
osh_params:
container_distro_name: ubuntu
container_distro_version: jammy
HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.16.4-linux-amd64.tar.gz
HTK_COMMIT: 49c117443391cec75e0bd52bb4a9d033325927ad
OSH_COMMIT: 49c117443391cec75e0bd52bb4a9d033325927ad
gate_scripts:
- ./tools/deployment/002-build-charts.sh
- ./tools/deployment/003-prepare-k8s.sh
- ./tools/deployment/004-make-images.sh
- ./tools/deployment/005-calicoctl-utility.sh
- ./tools/deployment/010-ceph-utility.sh
- ./tools/deployment/020-compute-utility.sh
- ./tools/deployment/030-etcdctl-utility.sh
- ./tools/deployment/040-mysqlclient-utility.sh
- ./tools/deployment/050-openstack-utility.sh
- ./tools/deployment/060-postgresql-utility.sh
- job:
name: airship-porthole-openstack-tox-cover-kubeadm
parent: openstack-tox-cover
nodeset: treasuremap-airskiff-1node-ubuntu_jammy
roles:
- zuul: airship/kubernetes-entrypoint
- zuul: openstack/openstack-helm
- zuul: zuul/zuul-jobs
required-projects:
- name: openstack/openstack-helm
- name: openstack/openstack-helm-plugin
- name: airship/treasuremap
override-checkout: v1.9
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
- ^releasenotes/.*$
- ^site/seaworthy/.*$
- ^site/airsloop/.*$
- ^site/aiab/.*$
timeout: 10800
pre-run:
- tools/gate/playbooks/prepare-hosts.yaml
- tools/gate/playbooks/mount-volumes.yaml
- tools/gate/playbooks/deploy-env.yaml
- tools/gate/playbooks/airship-run-scripts.yaml
post-run:
- tools/gate/playbooks/osh-infra-collect-logs.yaml
vars:
treasuremap_ref: v1.9
extra_volume:
size: 80G
type: Linux
mount_point: /opt/ext_vol
docker:
root_path: "/opt/ext_vol/docker"
containerd:
root_path: "/opt/ext_vol/containerd"
kubeadm:
pod_network_cidr: "10.244.0.0/16"
service_cidr: "10.96.0.0/16"
osh_plugin_repo: "{{ zuul.project.src_dir }}/../../openstack/openstack-helm-plugin"
loopback_setup: true
loopback_device: /dev/loop100
loopback_image: "/opt/ext_vol/openstack-helm/ceph-loop.img"
ceph_osd_data_device: /dev/loop100
kube_version_repo: "v1.32"
kube_version: "1.32.1-1.1"
calico_setup: true
calico_version: "v3.27.4"
cilium_setup: false
cilium_version: "1.16.0"
flannel_setup: false
flannel_version: v0.25.4
metallb_setup: false
metallb_version: "0.13.12"
helm_version: "v3.14.0"
crictl_version: "v1.30.1"
zuul_osh_relative_path: ../../openstack/openstack-helm
zuul_osh_infra_relative_path: ../../openstack/openstack-helm
zuul_treasuremap_relative_path: ../../airship/treasuremap
gate_scripts_relative_path: .
run_helm_tests: "no"
distro_suffix: ubuntu_jammy
osh_params:
container_distro_name: ubuntu
container_distro_version: jammy
HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.16.4-linux-amd64.tar.gz
HTK_COMMIT: 49c117443391cec75e0bd52bb4a9d033325927ad
OSH_COMMIT: 49c117443391cec75e0bd52bb4a9d033325927ad
gate_scripts:
- ./tools/deployment/002-build-charts.sh
- ./tools/deployment/003-prepare-k8s.sh
- ./tools/deployment/004-make-images.sh
- ./tools/deployment/005-calicoctl-utility.sh
- ./tools/deployment/010-ceph-utility.sh
- ./tools/deployment/020-compute-utility.sh
- ./tools/deployment/030-etcdctl-utility.sh
- ./tools/deployment/040-mysqlclient-utility.sh
- ./tools/deployment/050-openstack-utility.sh
- ./tools/deployment/060-postgresql-utility.sh
- job:
name: airship-porthole-images
abstract: true
@@ -274,10 +92,8 @@
chdir: ../porthole
- job:
name: airship-porthole-deploy-functional-tests-kubeadm
name: porthole-base
abstract: true
description: Deploys all UC's and Executes functional tests
nodeset: treasuremap-airskiff-1node-ubuntu_jammy
roles:
- zuul: airship/kubernetes-entrypoint
- zuul: openstack/openstack-helm
@@ -287,25 +103,23 @@
- name: openstack/openstack-helm-plugin
- name: airship/treasuremap
override-checkout: v1.9
irrelevant-files:
irrelevant-files: &irrelevant-files
- ^.*\.rst$
- ^doc/.*$
- ^etc/.*$
- ^releasenotes/.*$
- ^site/seaworthy/.*$
- ^site/airsloop/.*$
- ^site/aiab/.*$
- ^setup.cfg$
- ^deckhand/tests/unit/.*$
timeout: 10800
pre-run:
- tools/gate/playbooks/prepare-hosts.yaml
- tools/gate/playbooks/mount-volumes.yaml
run:
- tools/gate/playbooks/deploy-env.yaml
- tools/gate/playbooks/airship-run-scripts.yaml
- tools/gate/playbooks/make-functional-tests.yaml
post-run:
- tools/gate/playbooks/osh-infra-collect-logs.yaml
vars:
treasuremap_ref: v1.9
overlay_network_setup: true
extra_volume:
size: 80G
type: Linux
@@ -323,29 +137,29 @@
loopback_image: "/opt/ext_vol/openstack-helm/ceph-loop.img"
ceph_osd_data_device: /dev/loop100
kube_version_repo: "v1.32"
kube_version: "1.32.1-1.1"
kube_version: "1.32.5-1.1"
calico_setup: true
calico_version: "v3.27.4"
calico_version: "v3.30.1"
cilium_setup: false
cilium_version: "1.16.0"
cilium_version: "1.17.4"
flannel_setup: false
flannel_version: v0.25.4
metallb_setup: false
metallb_version: "0.13.12"
helm_version: "v3.14.0"
crictl_version: "v1.30.1"
flannel_version: v0.26.7
metallb_setup: true
metallb_version: "0.14.9"
coredns_resolver_setup: false
ingress_setup: true
helm_version: "v3.18.1"
crictl_version: "v1.33.0"
run_helm_tests: "no"
openstack_provider_gateway_setup: true
zuul_osh_relative_path: ../../openstack/openstack-helm
zuul_osh_infra_relative_path: ../../openstack/openstack-helm
zuul_treasuremap_relative_path: ../../airship/treasuremap
gate_scripts_relative_path: .
run_helm_tests: "no"
distro_suffix: ubuntu_jammy
osh_params:
container_distro_name: ubuntu
container_distro_version: jammy
HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.16.4-linux-amd64.tar.gz
HTK_COMMIT: 49c117443391cec75e0bd52bb4a9d033325927ad
OSH_COMMIT: 49c117443391cec75e0bd52bb4a9d033325927ad
HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.18.4-linux-amd64.tar.gz
HTK_COMMIT: 80041dfbb5c22aa67dcd8dfa3332a943aa0d366c
OSH_COMMIT: 80041dfbb5c22aa67dcd8dfa3332a943aa0d366c
gate_scripts:
- ./tools/deployment/002-build-charts.sh
- ./tools/deployment/003-prepare-k8s.sh
@@ -359,30 +173,55 @@
- ./tools/deployment/060-postgresql-utility.sh
- job:
name: airship-porthole-deploy-functional-tests-ubuntu_jammy-kubeadm
parent: airship-porthole-deploy-functional-tests-kubeadm
name: airship-porthole-run-functional-tests-ubuntu_jammy-kubeadm-caracal
parent: porthole-base
nodeset: porthole-5nodes-ubuntu_jammy
run: tools/gate/playbooks/run-functional-tests.yaml
vars:
distro_suffix: ubuntu_jammy
osh_params:
openstack_release: antelope
container_distro_name: ubuntu
container_distro_version: jammy
args:
chdir: ../porthole
osh_params:
openstack_release: caracal
container_distro_name: ubuntu
container_distro_version: jammy
irrelevant-files: *irrelevant-files
- job:
name: airship-porthole-deploy-functional-tests-ubuntu_jammy-kubeadm
parent: airship-porthole-deploy-functional-tests-kubeadm
name: airship-porthole-run-functional-tests-ubuntu_jammy-kubeadm-2023-2
parent: porthole-base
nodeset: porthole-5nodes-ubuntu_jammy
run: tools/gate/playbooks/run-functional-tests.yaml
vars:
distro_suffix: ubuntu_jammy
args:
chdir: ../porthole
osh_params:
openstack_release: "2023.2"
container_distro_name: ubuntu
container_distro_version: jammy
irrelevant-files: *irrelevant-files
- job:
name: airship-porthole-openstack-tox-py310-kubeadm
parent: porthole-base
nodeset: porthole-5nodes-ubuntu_jammy
run: tools/gate/playbooks/run-tox-tests.yaml
vars:
tox_envlist: py310
args:
chdir: ../porthole
irrelevant-files: *irrelevant-files
- job:
name: airship-porthole-openstack-tox-cover-kubeadm
parent: porthole-base
nodeset: porthole-5nodes-ubuntu_jammy
run: tools/gate/playbooks/run-tox-tests.yaml
vars:
tox_envlist: cover
args:
chdir: ../porthole
irrelevant-files: *irrelevant-files
- secret:
name: quay_credentials
data:

64
zuul.d/nodesets.yaml Normal file
View File

@@ -0,0 +1,64 @@
---
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- nodeset:
name: porthole-5nodes-ubuntu_jammy
nodes:
- name: primary
label: ubuntu-jammy
- name: node-1
label: ubuntu-jammy
- name: node-2
label: ubuntu-jammy
- name: node-3
label: ubuntu-jammy
- name: node-4
label: ubuntu-jammy
groups:
- name: primary
nodes:
- primary
- name: nodes
nodes:
- node-1
- node-2
- node-3
- node-4
- name: k8s_cluster
nodes:
- primary
- node-1
- node-2
- node-3
- node-4
- name: k8s_control_plane
nodes:
- primary
- name: k8s_nodes
nodes:
- node-1
- node-2
- node-3
- node-4
- nodeset:
name: airship-porthole-single-node
nodes:
- name: primary
label: ubuntu-bionic
- nodeset:
name: airship-porthole-jammy-single-node
nodes:
- name: primary
label: ubuntu-jammy