Ansible 2.1.1 role testing
Change-Id: I85bc20f2a52359ae6dab56124d5e6b56dd233c7d Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
		
							
								
								
									
										7
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										7
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -29,6 +29,7 @@ doc/build/ | ||||
| *.log | ||||
| *.sql | ||||
| *.sqlite | ||||
| logs/* | ||||
|  | ||||
| # OS generated files # | ||||
| ###################### | ||||
| @@ -61,6 +62,10 @@ releasenotes/build | ||||
|  | ||||
| # Test temp files | ||||
| tests/plugins | ||||
| tests/playbooks | ||||
| tests/test.retry | ||||
|  | ||||
| # Files created by vagrant testing | ||||
| # Vagrant artifacts | ||||
| .vagrant | ||||
|  | ||||
|  | ||||
|   | ||||
							
								
								
									
										33
									
								
								manual-test.rc
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								manual-test.rc
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | ||||
| export VIRTUAL_ENV=$(pwd) | ||||
| export ANSIBLE_HOST_KEY_CHECKING=False | ||||
| export ANSIBLE_SSH_CONTROL_PATH=/tmp/%%h-%%r | ||||
|  | ||||
| # TODO (odyssey4me) These are only here as they are non-standard folder | ||||
| # names for Ansible 1.9.x. We are using the standard folder names for | ||||
| # Ansible v2.x. We can remove this when we move to Ansible 2.x. | ||||
| export ANSIBLE_ACTION_PLUGINS=${HOME}/.ansible/plugins/action | ||||
| export ANSIBLE_CALLBACK_PLUGINS=${HOME}/.ansible/plugins/callback | ||||
| export ANSIBLE_FILTER_PLUGINS=${HOME}/.ansible/plugins/filter | ||||
| export ANSIBLE_LOOKUP_PLUGINS=${HOME}/.ansible/plugins/lookup | ||||
|  | ||||
| # This is required as the default is the current path or a path specified | ||||
| # in ansible.cfg | ||||
| export ANSIBLE_LIBRARY=${HOME}/.ansible/plugins/library | ||||
|  | ||||
| # This is required as the default is '/etc/ansible/roles' or a path | ||||
| # specified in ansible.cfg | ||||
| export ANSIBLE_ROLES_PATH=${HOME}/.ansible/roles:$(pwd)/.. | ||||
|  | ||||
| export ANSIBLE_SSH_ARGS="-o ControlMaster=no \ | ||||
|   -o UserKnownHostsFile=/dev/null \ | ||||
|   -o StrictHostKeyChecking=no \ | ||||
|   -o ServerAliveInterval=64 \ | ||||
|   -o ServerAliveCountMax=1024 \ | ||||
|   -o Compression=no \ | ||||
|   -o TCPKeepAlive=yes \ | ||||
|   -o VerifyHostKeyDNS=no \ | ||||
|   -o ForwardX11=no \ | ||||
|   -o ForwardAgent=yes" | ||||
|  | ||||
| echo "Run manual functional tests by executing the following:" | ||||
| echo "# ./.tox/functional/bin/ansible-playbook -i tests/inventory tests/test.yml -e \"rolename=$(pwd)\"" | ||||
							
								
								
									
										10
									
								
								run_tests.sh
									
									
									
									
									
								
							
							
						
						
									
										10
									
								
								run_tests.sh
									
									
									
									
									
								
							| @@ -24,23 +24,23 @@ if [ ! "$(which pip)" ]; then | ||||
| fi | ||||
|  | ||||
| # Install bindep and tox | ||||
| pip install bindep tox | ||||
| sudo pip install bindep tox | ||||
|  | ||||
| # CentOS 7 requires two additional packages: | ||||
| #   redhat-lsb-core - for bindep profile support | ||||
| #   epel-release    - required to install python-ndg_httpsclient/python2-pyasn1 | ||||
| if [ "$(which yum)" ]; then | ||||
|     yum -y install redhat-lsb-core epel-release | ||||
|     sudo yum -y install redhat-lsb-core epel-release | ||||
| fi | ||||
|  | ||||
| # Install OS packages using bindep | ||||
| if apt-get -v >/dev/null 2>&1 ; then | ||||
|     apt-get update | ||||
|     sudo apt-get update | ||||
|     DEBIAN_FRONTEND=noninteractive \ | ||||
|       apt-get -q --option "Dpkg::Options::=--force-confold" \ | ||||
|       sudo apt-get -q --option "Dpkg::Options::=--force-confold" \ | ||||
|       --assume-yes install `bindep -b -f bindep.txt test` | ||||
| else | ||||
|     yum install -y `bindep -b -f bindep.txt test` | ||||
|     sudo yum install -y `bindep -b -f bindep.txt test` | ||||
| fi | ||||
|  | ||||
| # run through each tox env and execute the test | ||||
|   | ||||
| @@ -13,14 +13,13 @@ | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| ansible_ssh_host: "{{ ansible_host }}" | ||||
| container_name: "{{ inventory_hostname }}" | ||||
| container_networks: | ||||
|   management_address: | ||||
|     address: "{{ ansible_host }}" | ||||
|     bridge: "br-mgmt" | ||||
|     interface: "eth1" | ||||
|     netmask: "255.255.255.0" | ||||
|     netmask: "255.255.252.0" | ||||
|     type: "veth" | ||||
| physical_host: localhost | ||||
| properties: | ||||
|   | ||||
							
								
								
									
										19
									
								
								tests/iptables-clear.sh → tests/host_vars/localhost.yml
									
									
									
									
									
										
										
										Executable file → Normal file
									
								
							
							
						
						
									
										19
									
								
								tests/iptables-clear.sh → tests/host_vars/localhost.yml
									
									
									
									
									
										
										
										Executable file → Normal file
									
								
							| @@ -1,6 +1,5 @@ | ||||
| #!/bin/bash | ||||
| # | ||||
| # Copyright 2015, Rackspace US, Inc. | ||||
| --- | ||||
| # Copyright 2016, Rackspace US, Inc. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| @@ -13,14 +12,8 @@ | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
| # | ||||
| 
 | ||||
| iptables -F | ||||
| iptables -X | ||||
| iptables -t nat -F | ||||
| iptables -t nat -X | ||||
| iptables -t mangle -F | ||||
| iptables -t mangle -X | ||||
| iptables -P INPUT ACCEPT | ||||
| iptables -P FORWARD ACCEPT | ||||
| iptables -P OUTPUT ACCEPT | ||||
| bridges: | ||||
|   - "br-mgmt" | ||||
| 
 | ||||
| ansible_python_interpreter: "/usr/bin/python2" | ||||
| @@ -1,7 +1,7 @@ | ||||
| [all] | ||||
| localhost ansible_connection=local ansible_become=True neutron_local_ip=10.100.101.1 | ||||
| infra1 ansible_host=10.100.102.101 ansible_become=True ansible_user=root tunnel_address=10.100.101.101 | ||||
| openstack1 ansible_host=10.100.102.102 ansible_become=True ansible_user=root tunnel_address=10.100.101.102 neutron_local_ip=10.100.101.102 | ||||
| localhost ansible_become=True | ||||
| infra1 ansible_host=10.100.100.2 ansible_become=True ansible_user=root | ||||
| openstack1 ansible_host=10.100.100.3 ansible_become=True ansible_user=root | ||||
|  | ||||
| [all_containers] | ||||
| infra1 | ||||
| @@ -13,9 +13,13 @@ infra1 | ||||
| [galera_all] | ||||
| infra1 | ||||
|  | ||||
| [memcached_all] | ||||
| infra1 | ||||
|  | ||||
| [service_all:children] | ||||
| rabbitmq_all | ||||
| galera_all | ||||
| memcached_all | ||||
|  | ||||
| [keystone_all] | ||||
| openstack1 | ||||
|   | ||||
| @@ -1,31 +0,0 @@ | ||||
| --- | ||||
| # Copyright 2015, Rackspace US, Inc. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| - name: Playbook for deploying infra services | ||||
|   hosts: service_all | ||||
|   user: root | ||||
|   gather_facts: true | ||||
|   roles: | ||||
|     - role: "rabbitmq_server" | ||||
|       rabbitmq_cookie_token: secrete | ||||
|     - role: "galera_server" | ||||
|       galera_root_password: secrete | ||||
|       galera_root_user: root | ||||
|       galera_innodb_buffer_pool_size: 512M | ||||
|       galera_innodb_log_buffer_size: 32M | ||||
|       galera_wsrep_node_name: "{{ inventory_hostname }}" | ||||
|       galera_wsrep_provider_options: | ||||
|         - { option: "gcache.size", value: "32M" } | ||||
|       galera_server_id: "{{ inventory_hostname | string_2_int }}" | ||||
| @@ -1,65 +0,0 @@ | ||||
| --- | ||||
| # Copyright 2015, Rackspace US, Inc. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| - name: Playbook for deploying keystone | ||||
|   hosts: keystone_all | ||||
|   user: root | ||||
|   gather_facts: true | ||||
|   pre_tasks: | ||||
|     - name: Ensure rabbitmq vhost | ||||
|       rabbitmq_vhost: | ||||
|         name: "{{ keystone_rabbitmq_vhost }}" | ||||
|         state: "present" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       when: inventory_hostname == groups['keystone_all'][0] | ||||
|     - name: Ensure rabbitmq user | ||||
|       rabbitmq_user: | ||||
|         user: "{{ keystone_rabbitmq_userid }}" | ||||
|         password: "{{ keystone_rabbitmq_password }}" | ||||
|         vhost: "{{ keystone_rabbitmq_vhost }}" | ||||
|         configure_priv: ".*" | ||||
|         read_priv: ".*" | ||||
|         write_priv: ".*" | ||||
|         state: "present" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       when: inventory_hostname == groups['keystone_all'][0] | ||||
|     - name: Create DB for service | ||||
|       mysql_db: | ||||
|         login_user: "root" | ||||
|         login_password: "secrete" | ||||
|         login_host: "localhost" | ||||
|         name: "{{ keystone_galera_database }}" | ||||
|         state: "present" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       when: inventory_hostname == groups['keystone_all'][0] | ||||
|     - name: Grant access to the DB for the service | ||||
|       mysql_user: | ||||
|         login_user: "root" | ||||
|         login_password: "secrete" | ||||
|         login_host: "localhost" | ||||
|         name: "{{ keystone_galera_database }}" | ||||
|         password: "{{ keystone_container_mysql_password }}" | ||||
|         host: "{{ item }}" | ||||
|         state: "present" | ||||
|         priv: "{{ keystone_galera_database }}.*:ALL" | ||||
|       with_items: | ||||
|         - "localhost" | ||||
|         - "%" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       when: inventory_hostname == groups['keystone_all'][0] | ||||
|   roles: | ||||
|     - role: os_keystone | ||||
|   vars_files: | ||||
|     - test-vars.yml | ||||
| @@ -37,7 +37,7 @@ | ||||
|       rabbitmq_vhost: | ||||
|         name: "{{ trove_rabbitmq_vhost }}" | ||||
|         state: "present" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}" | ||||
|       when: inventory_hostname == groups['trove_all'][0] | ||||
|     - name: Ensure rabbitmq user | ||||
|       rabbitmq_user: | ||||
| @@ -48,7 +48,7 @@ | ||||
|         read_priv: ".*" | ||||
|         write_priv: ".*" | ||||
|         state: "present" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       delegate_to: "{{ hostvars[groups['rabbitmq_all'][0]]['ansible_host'] }}" | ||||
|       when: inventory_hostname == groups['trove_all'][0] | ||||
|     - name: Create DB for service | ||||
|       mysql_db: | ||||
| @@ -57,7 +57,7 @@ | ||||
|         login_host: "{{ trove_galera_address }}" | ||||
|         name: "{{ trove_galera_database }}" | ||||
|         state: "present" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       delegate_to: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}" | ||||
|       when: inventory_hostname == groups['trove_all'][0] | ||||
|     - name: Grant access to the DB for the service | ||||
|       mysql_user: | ||||
| @@ -72,10 +72,11 @@ | ||||
|       with_items: | ||||
|         - "localhost" | ||||
|         - "%" | ||||
|       delegate_to: "10.100.102.101" | ||||
|       delegate_to: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}" | ||||
|       when: inventory_hostname == groups['trove_all'][0] | ||||
|  | ||||
|   roles: | ||||
|     - role: "{{ rolename | basename }}" | ||||
|   vars_files: | ||||
|     - playbooks/test-vars.yml | ||||
|     - test-vars.yml | ||||
|   | ||||
| @@ -1,10 +0,0 @@ | ||||
| auto br-mgmt | ||||
| iface br-mgmt inet static | ||||
|     bridge_stp off | ||||
|     bridge_waitport 0 | ||||
|     bridge_fd 0 | ||||
|     # Notice the bridge port is the vlan tagged interface | ||||
|     bridge_ports none | ||||
|     address 10.100.102.1 | ||||
|     netmask 255.255.255.0 | ||||
|     offload-sg off | ||||
| @@ -1,31 +0,0 @@ | ||||
| --- | ||||
| # Copyright 2015, Rackspace US, Inc. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| - name: Playbook for creating containers | ||||
|   hosts: all_containers | ||||
|   gather_facts: false | ||||
|   roles: | ||||
|     - role: "lxc_container_create" | ||||
|       lxc_container_backing_store: dir | ||||
|       global_environment_variables: | ||||
|         PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | ||||
|   post_tasks: | ||||
|     - name: Wait for ssh to be available | ||||
|       local_action: | ||||
|         module: wait_for | ||||
|         port: "{{ ansible_ssh_port | default('22') }}" | ||||
|         host: "{{ ansible_ssh_host | default(inventory_hostname) }}" | ||||
|         search_regex: OpenSSH | ||||
|         delay: 1 | ||||
| @@ -1,89 +0,0 @@ | ||||
| --- | ||||
| # Copyright 2015, Rackspace US, Inc. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| - name: Playbook for configuring the LXC host | ||||
|   hosts: localhost | ||||
|   pre_tasks: | ||||
|     - name: Clear iptables rules | ||||
|       shell: "{{ playbook_dir }}/iptables-clear.sh" | ||||
|     # Make sure OS does not have a stale package cache. | ||||
|     - name: Update apt cache | ||||
|       apt: | ||||
|         update_cache: yes | ||||
|       when: ansible_os_family == 'Debian' | ||||
|     - name: Ensure root's new public ssh key is in authorized_keys | ||||
|       authorized_key: | ||||
|         user: root | ||||
|         key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" | ||||
|         manage_dir: no | ||||
|     - set_fact: | ||||
|         lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" | ||||
|     - name: Check if this is an OpenStack-CI nodepool instance | ||||
|       stat: | ||||
|         path: /etc/nodepool/provider | ||||
|       register: nodepool | ||||
|     - name: Set the files to copy into the container cache for OpenStack-CI instances | ||||
|       set_fact: | ||||
|         lxc_container_cache_files: | ||||
|           - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } | ||||
|       when: nodepool.stat.exists | bool | ||||
|   post_tasks: | ||||
|     - name: Ensure that /etc/network/interfaces.d/ exists | ||||
|       file: | ||||
|         path: /etc/network/interfaces.d/ | ||||
|         state: directory | ||||
|       tags: | ||||
|         - networking-dir-create | ||||
|  | ||||
|     - name: Copy network configuration | ||||
|       template: | ||||
|         src: test-nova-interfaces.cfg.j2 | ||||
|         dest: /etc/network/interfaces.d/nova_interfaces.cfg | ||||
|       register: nova_interfaces | ||||
|       tags: | ||||
|         - networking-interfaces-file | ||||
|  | ||||
|     - name: Ensure our interfaces.d configuration files are loaded automatically | ||||
|       lineinfile: | ||||
|         dest: /etc/network/interfaces | ||||
|         line: "source /etc/network/interfaces.d/*.cfg" | ||||
|       tags: | ||||
|         - networking-interfaces-load | ||||
|  | ||||
|     - name: Shut down the network interfaces | ||||
|       command: "ifdown {{ item }}" | ||||
|       when: nova_interfaces | changed | ||||
|       with_items: | ||||
|         - br-mgmt | ||||
|       tags: | ||||
|         - networking-interfaces-stop | ||||
|  | ||||
|     - name: Start the network interfaces | ||||
|       command: "ifup {{ item }}" | ||||
|       when: nova_interfaces | changed | ||||
|       with_items: | ||||
|         - br-mgmt | ||||
|       tags: | ||||
|         - networking-interfaces-start | ||||
|     - name: Add iptables rules for lxc natting | ||||
|       command: /usr/local/bin/lxc-system-manage iptables-create | ||||
|   roles: | ||||
|     - role: "lxc_hosts" | ||||
|       lxc_net_address: 10.100.100.1 | ||||
|       lxc_net_netmask: 255.255.255.0 | ||||
|       lxc_net_dhcp_range: 10.100.100.2,10.100.100.99 | ||||
|       lxc_net_bridge: lxcbr0 | ||||
|       lxc_kernel_options: | ||||
|         - { key: 'fs.inotify.max_user_instances', value: 1024 } | ||||
| @@ -1,106 +0,0 @@ | ||||
| --- | ||||
| # Copyright 2015, Rackspace US, Inc. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| - name: Playbook for establishing ssh keys | ||||
|   hosts: localhost | ||||
|   connection: local | ||||
|   gather_facts: false | ||||
|   become: true | ||||
|   tasks: | ||||
|     - name: Ensure root has a .ssh directory | ||||
|       file: | ||||
|         path: /root/.ssh | ||||
|         state: directory | ||||
|         owner: root | ||||
|         group: root | ||||
|         mode: 0700 | ||||
|  | ||||
|     - name: Create ssh key pair for root | ||||
|       user: | ||||
|         name: root | ||||
|         generate_ssh_key: yes | ||||
|         ssh_key_bits: 2048 | ||||
|         ssh_key_file: /root/.ssh/id_rsa | ||||
|  | ||||
|     - name: Get root private key | ||||
|       command: cat /root/.ssh/id_rsa | ||||
|       register: private_key_get | ||||
|       changed_when: false | ||||
|  | ||||
|     - name: Get root public key | ||||
|       command: cat /root/.ssh/id_rsa.pub | ||||
|       register: public_key_get | ||||
|       changed_when: false | ||||
|  | ||||
|     - name: Set key facts | ||||
|       set_fact: | ||||
|         root_public_key: "{{ public_key_get.stdout }}" | ||||
|         root_private_key: "{{ private_key_get.stdout }}" | ||||
|         lxc_container_ssh_key: "{{ public_key_get.stdout }}" | ||||
|  | ||||
|     - name: Ensure root can ssh to localhost | ||||
|       authorized_key: | ||||
|         user: "root" | ||||
|         key: "{{ root_public_key }}" | ||||
|  | ||||
|  | ||||
| - name: Playbook for establishing user ssh keys | ||||
|   hosts: localhost | ||||
|   connection: local | ||||
|   gather_facts: false | ||||
|   become: false | ||||
|   tasks: | ||||
|     # Shell used because facts may not be ready yet | ||||
|     - name: Get user home directory | ||||
|       shell: "getent passwd '{{ ansible_ssh_user }}' | cut -d':' -f6" | ||||
|       register: user_home | ||||
|       changed_when: false | ||||
|  | ||||
|     - name: Set local user home fact | ||||
|       set_fact: | ||||
|         calling_user_home: "{{ user_home.stdout }}" | ||||
|  | ||||
|     - name: Ensure user has a .ssh directory | ||||
|       file: | ||||
|         path: "{{ calling_user_home }}/.ssh" | ||||
|         state: directory | ||||
|         owner: "{{ ansible_ssh_user }}" | ||||
|         group: "{{ ansible_ssh_user }}" | ||||
|         mode: 0700 | ||||
|       when: ansible_ssh_user != 'root' | ||||
|  | ||||
|     - name: Ensure user has the known private key | ||||
|       copy: | ||||
|         content: "{{ root_private_key }}" | ||||
|         dest: "{{ calling_user_home }}/.ssh/id_rsa" | ||||
|         owner: "{{ ansible_ssh_user }}" | ||||
|         group: "{{ ansible_ssh_user }}" | ||||
|         mode: "0600" | ||||
|       when: ansible_ssh_user != 'root' | ||||
|  | ||||
|     - name: Ensure user has the known public key | ||||
|       copy: | ||||
|         content: "{{ root_public_key }}" | ||||
|         dest: "{{ calling_user_home }}/.ssh/id_rsa.pub" | ||||
|         owner: "{{ ansible_ssh_user }}" | ||||
|         group: "{{ ansible_ssh_user }}" | ||||
|         mode: "0600" | ||||
|       when: ansible_ssh_user != 'root' | ||||
|  | ||||
|     - name: Ensure local user can ssh to localhost | ||||
|       authorized_key: | ||||
|         user: "{{ ansible_ssh_user }}" | ||||
|         key: "{{ root_public_key }}" | ||||
|       when: ansible_ssh_user != 'root' | ||||
| @@ -16,40 +16,8 @@ | ||||
| # (c) 2016 Donovan Francesco <donovan.francesco@is.co.za> | ||||
| # (c) 2016 Paul Stevens <paul.stevens@is.co.za> | ||||
|  | ||||
| debug: true | ||||
| external_lb_vip_address: 10.100.102.102 | ||||
| galera_client_drop_config_file: false | ||||
| galera_root_user: root | ||||
| galera_root_password: secrete | ||||
| internal_lb_vip_address: 10.100.102.102 | ||||
| keystone_admin_tenant_name: admin | ||||
| keystone_admin_user_name: admin | ||||
| keystone_auth_admin_password: SuperSecretePassword | ||||
| keystone_container_mysql_password: "SuperSecrete" | ||||
| keystone_developer_mode: true | ||||
| keystone_galera_address: 10.100.102.101 | ||||
| keystone_galera_database: keystone | ||||
| keystone_git_install_branch: master | ||||
| keystone_rabbitmq_password: "secrete" | ||||
| keystone_rabbitmq_port: "{{ rabbitmq_port }}" | ||||
| keystone_rabbitmq_servers: "{{ rabbitmq_servers }}" | ||||
| keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" | ||||
| keystone_rabbitmq_userid: keystone | ||||
| keystone_rabbitmq_vhost: /keystone | ||||
| keystone_requirements_git_install_branch: master | ||||
| keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" | ||||
| keystone_service_adminuri_insecure: false | ||||
| keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" | ||||
| keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" | ||||
| keystone_service_internaluri_insecure: false | ||||
| keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" | ||||
| keystone_service_password: "secrete" | ||||
| keystone_service_region: RegionOne | ||||
| keystone_venv_tag: "testing" | ||||
| memcached_encryption_key: "secrete" | ||||
| memcached_servers: 127.0.0.1 | ||||
| trove_developer_mode: True | ||||
| trove_galera_address: 10.100.102.101 | ||||
| trove_galera_address: "{{ hostvars[groups['galera_all'][0]]['ansible_host'] }}" | ||||
| trove_galera_database: trove | ||||
| trove_galera_user: trove | ||||
| trove_galera_password: "secrete" | ||||
| @@ -60,7 +28,6 @@ trove_rabbitmq_password: "secrete" | ||||
| trove_rabbitmq_userid: trove | ||||
| trove_rabbitmq_vhost: /trove | ||||
| trove_requirements_git_install_branch: master | ||||
| trove_service_adminurl: "http://{{ internal_lb_vip_address }}:8779" | ||||
| trove_service_password: "secrete" | ||||
| trove_service_project_domain_id: default | ||||
| trove_service_project_name: service | ||||
| @@ -69,14 +36,9 @@ trove_service_user_domain_id: default | ||||
| trove_service_user_name: trove | ||||
| trove_bin: "/openstack/venvs/trove-{{ trove_venv_tag }}/bin" | ||||
| trove_venv_tag: "testing" | ||||
| openrc_os_auth_url: "http://127.0.0.1:5000/v3" | ||||
| openrc_os_domain_name: "Default" | ||||
| openrc_os_password: "{{ keystone_auth_admin_password }}" | ||||
|  | ||||
| neutron_service_port: 9696 | ||||
| swift_proxy_port: 8080 | ||||
| cinder_service_port: 8776 | ||||
| nova_service_port: 8774 | ||||
|  | ||||
| rabbitmq_port: 5672 | ||||
| rabbitmq_servers: 10.100.102.101 | ||||
| rabbitmq_use_ssl: False | ||||
|   | ||||
| @@ -16,20 +16,14 @@ | ||||
| # (c) 2016 Donovan Francesco <donovan.francesco@is.co.za> | ||||
| # (c) 2016 Paul Stevens <paul.stevens@is.co.za> | ||||
|  | ||||
| # Prepare the user ssh keys | ||||
| - include: test-prepare-keys.yml | ||||
|  | ||||
| # Prepare the host | ||||
| - include: test-prepare-host.yml | ||||
|  | ||||
| # Prepare the containers | ||||
| - include: test-prepare-containers.yml | ||||
| # Setup the host | ||||
| - include: playbooks/test-setup-host.yml | ||||
|  | ||||
| # Install RabbitMQ/MariaDB | ||||
| - include: test-install-infra.yml | ||||
| - include: playbooks/test-install-infra.yml | ||||
|  | ||||
| # Install keystone | ||||
| - include: test-install-keystone.yml | ||||
| - include: playbooks/test-install-keystone.yml | ||||
|  | ||||
| # Install trove | ||||
| - include: test-install-trove.yml | ||||
|   | ||||
							
								
								
									
										31
									
								
								tox.ini
									
									
									
									
									
								
							
							
						
						
									
										31
									
								
								tox.ini
									
									
									
									
									
								
							| @@ -95,7 +95,7 @@ commands = | ||||
| [testenv:ansible] | ||||
| deps = | ||||
|     {[testenv]deps} | ||||
|     ansible==1.9.4 | ||||
|     ansible==2.1.1 | ||||
|     ansible-lint>=2.7.0,<3.0.0 | ||||
| setenv = | ||||
|     {[testenv]setenv} | ||||
| @@ -114,6 +114,7 @@ setenv = | ||||
|     # This is required as the default is '/etc/ansible/roles' or a path | ||||
|     # specified in ansible.cfg | ||||
|     ANSIBLE_ROLES_PATH = {homedir}/.ansible/roles:{toxinidir}/.. | ||||
|     ANSIBLE_TRANSPORT = "ssh" | ||||
| commands = | ||||
|     rm -rf {homedir}/.ansible/plugins | ||||
|     git clone https://git.openstack.org/openstack/openstack-ansible-plugins \ | ||||
| @@ -122,6 +123,11 @@ commands = | ||||
|     ansible-galaxy install \ | ||||
|                    --role-file={toxinidir}/tests/ansible-role-requirements.yml \ | ||||
|                    --force | ||||
|     rm -rf {homedir}/.ansible/roles/os_trove | ||||
|     bash -c "ln -s {toxinidir} {homedir}/.ansible/roles/os_trove" | ||||
|     rm -rf {toxinidir}/tests/playbooks | ||||
|     git clone https://git.openstack.org/openstack/openstack-ansible-tests \ | ||||
|               {toxinidir}/tests/playbooks | ||||
|  | ||||
|  | ||||
| [testenv:ansible-syntax] | ||||
| @@ -146,6 +152,22 @@ commands = | ||||
|     ansible-lint {toxinidir} | ||||
|  | ||||
|  | ||||
| [testenv:func_base] | ||||
| # NOTE(odyssey4me): this target does not use constraints because | ||||
| # it doesn't work in OpenStack-CI yet. Once that's fixed, we can | ||||
| # drop the install_command. | ||||
| install_command = | ||||
|     pip install -U --force-reinstall {opts} {packages} | ||||
|  | ||||
|  | ||||
| [testenv:func_logs] | ||||
| commands = | ||||
|     bash -c 'mkdir -p {toxinidir}/logs' | ||||
|     bash -c 'rsync --archive --verbose --ignore-errors /var/log/ /openstack/log/ {toxinidir}/logs/ || true' | ||||
|     bash -c 'find "{toxinidir}/logs/" -type f | sed "p;s|$|.txt|" | xargs -n2 mv' | ||||
|     bash -c 'command gzip --best --recursive "{toxinidir}/logs/"' | ||||
|  | ||||
|  | ||||
| [testenv:functional] | ||||
| # Ignore_errors is set to true so that the logs are collected at the | ||||
| #  end of the run. This will not produce a false positive. Any | ||||
| @@ -156,7 +178,7 @@ ignore_errors = True | ||||
| # it doesn't work in OpenStack-CI yet. Once that's fixed, we can | ||||
| # drop the install_command. | ||||
| install_command = | ||||
|     pip install -U --force-reinstall {opts} {packages} | ||||
|     {[testenv:func_base]install_command} | ||||
| deps = | ||||
|     {[testenv:ansible]deps} | ||||
| setenv = | ||||
| @@ -167,10 +189,7 @@ commands = | ||||
|                      -e "rolename={toxinidir}" \ | ||||
|                      -e "install_test_packages=True" \ | ||||
|                      {toxinidir}/tests/test.yml -vvvv | ||||
|     bash -c 'mkdir -p {toxinidir}/logs' | ||||
|     bash -c 'rsync --archive --verbose --ignore-errors /var/log/ /openstack/log/ {toxinidir}/logs/ || true' | ||||
|     bash -c 'find "{toxinidir}/logs/" -type f | sed "p;s|$|.txt|" | xargs -n2 mv' | ||||
|     bash -c 'command gzip --best --recursive "{toxinidir}/logs/"' | ||||
|     {[testenv:func_logs]commands} | ||||
|  | ||||
|  | ||||
| [testenv:linters] | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Travis Truman
					Travis Truman