All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I79f68c467d48b9b50143fd3a11e176f91804e805
This repo is now testing only with Python 3, so let's make
a few cleanups:
- Remove setup.* files, these are not needed for this repo
- Cleanup */source/conf.py to remove now obsolete content.
- Remove install_command from tox.ini, the default is fine,
move constraints into deps, cleanup a bit
- Enable warnings for docs building
- Correct ansible search/match tests for ansible 2.9
Depends-On: https://review.opendev.org/726645
Change-Id: Ia5aaa8f41172fe200d1d7ce0c7b6f26f7834e38a
This change allows the deployer to specify lists of distro packages
which will be installed in addition to those specified by this role.
Change-Id: I35ac3be4ec61c432492871de80f6d7f29cca828d
The ARIA2 package is needed from EPEL so we install it inside
the role. Moreover, in order to minimize the potential EPEL vs RDO
package conflicts, we only allow a small subset of packages from the
EPEL repository. This also removes the 'debootstrap' package from
CentOS since it's not needed. Finally, we include the nodepool playbook
from the tests repository in order to populate the necessary CI facts.
Depends-On: https://review.openstack.org/#/c/574801/
Depends-On: https://review.openstack.org/#/c/575059/
Change-Id: Icd4d09a26cd95ecfefec26142723ddffe81aae74
Co-Authored-By: Markos Chandras <mchandras@suse.de>
Now that run_tests.sh handles the tests repo clone, we can
remove the use of the older tests-repo-clone.sh script.
Change-Id: I2da0609609e8f70671b0499f0a5911746985c917
For a very long time we've been parsing and using the lxc images as
provided by upstream lxc. While these images are functional there are by
no means optimal. In general they're quite a bit larger than they need
to be and contian a lot of little sharp edges that have cut us over
the years. This change removes all of the lxc image cache parsing and
meta-data linking and simply downloads the rootfs a given url. To
maintain compatibility with the legacy images a script has been created
to parse the image index and return the legacy image url.
The result of this change:
* Access to smaller more optimal base image which is well known by the
corresponding communities.
* Deployers now have the ability to set and forget the download url for an
internal image instead of having to create a cache infrastructure
compatible with the lxc download template.
* Any rootfs tarball will work as an image.
* Fewer tasks are executed and less memory is consumed resulting in faster
deployment times.
* The base cache has a uniform meta-data setup giving all container
types the same access to config, devices, and templating.
Change-Id: I1775e775bbb7fe86bdffdd8296c2cff5ebc5bac8
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The lookup() module no longer works with Ansible 2.4 for fetching the
root's SSH key as it fails with the following error:
fatal: [localhost]: FAILED! => {
"msg": "An unhandled exception occurred while running the lookup
plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>,
original message: could not locate file in lookup: ~/.ssh/id_rsa.pub"
}
Lets use the 'slurp' module which should work as expected.
Change-Id: If2127c8d4aacb37344f5c2435264aaa0669da618
With the merge of https://review.openstack.org/520177 in the
tests repo some ansible-lint failures which previously were
not being picked up are now detected.
This corrects them.
Change-Id: I3d762e1a2df0a39e2f9082d6c8650706b05b2236
This patch implements an initial set of jobs intended to match
the current job execution method. It does not intend to improve
how the jobs are executed - only to replicate what is currently
in openstack-infra/openstack-zuul-jobs and provide the platform
to iterate on.
Change-Id: I53dfb4f5c24c523d77f9f293d47b7b882aa77bf1
This patch adds an async task to download the LXC image using aria2
with retries and read timeouts.
Closes-Bug: 1709329
Change-Id: Ib9ec6195dcb7e0e4b18b8526f030e6738f9953e8
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The variable lxc_image_cache_server is shared between
the lxc_container_create role and the lxc_hosts role
in order to make it simpler to override the same value.
The value needs to be a DNS entry, not a URL. This patch
implements a new variable to allow the protocol used to
fetch the images to be set so that the value for
lxc_image_cache_server is uniform between the two roles.
The patch also overrides the value when in nodepool to
the DNS name + path so that the reverse proxy may be
used to improve test success inside nodepool. This is
needed due to poor networking performance when accessing
external sources.
Change-Id: Ia6b149f157e5697d36fdea3dc65cb2ac4815a1a4
OpenStack-Infra DNS resolution of images.linuxcontainers.org is failing
very often. This works around it by adding the appropriate entries into
/etc/hosts on the host.
Change-Id: I55a06c1903c4435db6d820e6919daa5f10362031
When executing the tests repo clone in OpenStack-CI,
use zuul-cloner instead of git to enable cross-repo
testing. This ensures that if a dependent patch from
the tests repo is noted using 'Depends-On: <change-id>'
in the commit message, that patch will be included.
Change-Id: I87314f8c46554a9b6856078bda61c4775e20243b
Depends-On: Idce7abebf32f24c356a27e099fbca954d917402b
Add support for SUSE based distributions. We also update the bindep.txt,
run_tests.sh and Vagrantfile files from the openstack-ansible-tests
repository except that we use Leap 42.1 because Leap 42.2 does not work
as expected with the currently released bindep (2.3.0).
Change-Id: I5fb94a7cedf9d28816184e3eadd88e42f93295c2
'ansible_become' defined as a host_var or in the inventory for a host
has a higher precedence than 'become' defined within a playbook.
In change Id5b76a87809f03951c954fc3d752419a673403f7, 'become' was
defined explicitly for each play running against localhost so
'ansible_become' should be removed from its host_vars.
Change-Id: Ieb55a10e8148b0eb122caccf92702d24ff1a1d0b
Cc: Jimmy McCrory <jimmy.mccrory@gmail.com>
This patch consumes the test scripts implemented by
https://review.openstack.org/375061 to ensure that
the tests and test preparation is consistent and
more maintainable.
Change-Id: I8ad59bdb2dab0e79bc73d7e4cdb63ef49cbdddba
Currently the container cache preparation process uses a pre-prepared
LXC base image which includes its own package repository configuration.
This presents a few problems:
- The first packages installed will make use of the base image's
package repo configuration, resulting in a bypass of local mirrors
to install the first set of packages.
- A set of vars need to be set in order to have the containers use a
local mirror, otherwise it'll use the mirrors set in the role's vars
files. This is counterintuitive.
Another problem introduced by I95c210c83ca968d11ba6f6a36b634bb798fa291f
as a result of the package repository vars moving from the role defaults
to the vars files is that the precedence has changed. The change in
precedence means that a task which sets a fact can't be used to override
the defaults set in the vars file. This method is used in all the role
tests to ensure that the OpenStack-CI repositories can be discovered from
the host and then used.
This patch changes the image cache preparation process to ensure that
the container package repository configuration matches the host
configuration. This is simpler and more intuitive.
Additionally the copy task from the deployment host into the container
cache is set to assume the same destination in the container as the
source (to reduce configuration verbosity), appropriately sets the
leading '0' for the mode (to prevent unexpected surprises), and
appropriately quotes the variable (to ensure forward compatibility
with Ansible 2.0).
Finally, the use of lxc_container_caches in the test configuration
has been removed as it is no longer used.
Change-Id: I420382fd3bbbb5fcae90ae0c6160233202a1a51a
This change updates the lxc-host setup role to build the lxc cache using the
download template based on default images found here:[0]. These images are
upsteam builds from the greater LXC/D community.
This update adds support for Ubuntu 14.04, 16.04 and RHEL/CentOS 7 container
types and the cache will be generated from the host Operating system.
[0] - https://images.linuxcontainers.org/
Change-Id: Ie13be2322d28178760481c59805101d6aeef4f36
Co-Authored-By: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
In order to better make use of OpenStack-CI's resources (apt mirrors, etc)
we need to be able to copy configuration files which have been implemented
on the host image into the containers.
This patch provides a facility to do this in a way that provides a new
facility for deployers to use, doesn't affect existing production
environments and is easy for us to consume in gate testing.
A new variable called 'lxc_container_cache_files' is implemented, which
is a list of dictionaries specifying the location of the file on the
deployment system, where to put it in the container cache, and what
attributes to assign the file.
An example of how to use it is included in the role's defaults as a comment.
Change-Id: Ia76b3a791239a07db1cb93636b7d1e23a6a6851c
Drop the lxc bridge interface configuration file before checking for,
and bringing up, the lxc bridge interface. Also, put the
lxc-net.override file in place prior to lxc being installed. Without
this file, the lxcbr0 bridge will automatically be created and assigned
an address when the lxc service is started.
Tests has been added and updated to ensure that the lxc bridge interface
configuration file looks as expected and the bridge interface itself
has the expected IP address when overriding the role's default
lxc_net_address variable.
Change-Id: Ie135adf0e458bd964c2d43a645d65907c0a6eac6
This change adjusts a few of the modifications made to the
lxc-net-bridge.cfg.j2 template file in change
I3c8225124a5f18db81259e1d52d0168ef52c3c17.
The minus signs have been removed from if and endif blocks so that
whitespace is kept intact between sections. The ordering of post-up and
post-down commands has also been changed so that iptables rules are
created before the dnsmasq service is started, as they were previously.
The default value of lxc_net_gateway has also been changed to null so
that it's evaluated as expected. Its current value, none, is evaluated
as a string.
A test has been added to compare the contents of the deployed lxc bridge
interface file with its expected contents.
Change-Id: I39d7b3f40de6ac691550c11d71bb6a182b3452f4
Workarounding the upstream ansible apt module bug
documented here:
https://github.com/ansible/ansible-modules-core/pull/1517
For the next versions of ansible we'll be using, we should
check if the apt bug is fixed. When it's fixed, we could
abandon this change and use the standard apt module
with correct cache handling.
Change-Id: I6c1b27ce5479faf96d1dcd30942230fc89fd6451
This patch updates the tox.ini the same bashate exceptions as are
currently in the OpenStack-Ansible playbook repo.
It also ensures that the linters and all lint targets work
appropriately and normalises the tox.ini configuration to use
uniform formatting.
The use of ansible.cfg is removed as there is no way of being
certain which paths can be used without reverting to an ugly
sed hack in the commands. This is why it is preferred to make
use of environment variables which make use of tox's default
substitutions instead. It's a more reliable way of achieving
the goal for the purpose of gating and testing.
The switch to using a git clone instead of ansible-galaxy to
download the plugins is due to the path spec not being able to
work in Ansible 2.x. [1]
[1] https://github.com/ansible/ansible/issues/13563
Change-Id: I1df29fe1f9c2ee2e5370c4dd9f733ae2c697608e
This change updates a few things that were missed when the role
was cut over.
Change-Id: I38824f82f884958b554b1618fc059a67a03aabdc
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
There are 2 ways to realize the privilege escalation
needed for the gate jobs.
1) Editing the playbooks (and hope to not forget to
write the sudo/become lines for every role)
2) Editing the inventory and set the variable there.
I'm taking the second approach with the minimum set
of variables (become_method is sudo by default and
become_user is root by default).
Change-Id: I066ac778f7bf3d3f569791e30067bcab4e8eef6b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The change moves the role out from the main repo lxc_host
repository and into its own standalone repository.
Items within this change:
* The role has been updated to ensure it runs standalone.
* Tests added to the role within tox.
* Functional tests added to the role that can either be run
via the run_tests.sh script or using tox.
* dev requirements have been updated for testing usecases.
* Docs added to both the README.rst file as well as the docs
folder.
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>