diff --git a/meta/main.yml b/meta/main.yml index f08284b7..83327907 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -33,4 +33,4 @@ dependencies: - openstack_openrc - role: pip_lock_down when: - - not ceilometer_developer_mode | bool \ No newline at end of file + - not ceilometer_developer_mode | bool diff --git a/tests/ansible-role-requirements.yml b/tests/ansible-role-requirements.yml index 2a9c26f5..3f188ee7 100644 --- a/tests/ansible-role-requirements.yml +++ b/tests/ansible-role-requirements.yml @@ -1,5 +1,5 @@ -- name: openstack_openrc - src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc +- name: apt_package_pinning + src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning scm: git version: master - name: pip_install @@ -10,3 +10,43 @@ src: https://git.openstack.org/openstack/openstack-ansible-pip_lock_down scm: git version: master +- name: memcached_server + src: https://git.openstack.org/openstack/openstack-ansible-memcached_server + scm: git + version: master +- name: py_from_git + src: https://git.openstack.org/openstack/openstack-ansible-py_from_git + scm: git + version: master +- name: lxc_hosts + src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts + scm: git + version: master +- name: lxc_container_create + src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create + scm: git + version: master +- name: openstack_hosts + src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts + scm: git + version: master +- name: galera_client + src: https://git.openstack.org/openstack/openstack-ansible-galera_client + scm: git + version: master +- name: galera_server + src: https://git.openstack.org/openstack/openstack-ansible-galera_server + scm: git + version: master +- name: rabbitmq_server + src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server + scm: git + version: master +- name: os_keystone + src: https://git.openstack.org/openstack/openstack-ansible-os_keystone + scm: git + version: master +- name: openstack_openrc + src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc + scm: git + version: master diff --git a/tests/test.yml b/tests/test.yml index 50086e5d..45cde0c3 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -13,8 +13,308 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Playbook for role testing +- name: Playbook for establish ssh keys + hosts: 127.0.0.1 + connection: local + become: false + pre_tasks: + - name: Create ssh key pair for root + user: + name: "{{ ansible_ssh_user }}" + generate_ssh_key: "yes" + ssh_key_bits: 2048 + ssh_key_file: ".ssh/id_rsa" + - name: Get the calling user's key + command: cat ~/.ssh/id_rsa.pub + register: key_get + - set_fact: + lxc_container_ssh_key: "{{ key_get.stdout }}" + +- name: Playbook for configuring the LXC host hosts: localhost connection: local + become: yes + pre_tasks: + # Make sure OS does not have a stale package cache. + - name: Update apt cache + apt: + update_cache: yes + when: ansible_os_family == 'Debian' + - name: Ensure root's new public ssh key is in authorized_keys + authorized_key: + user: root + key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" + manage_dir: no + - set_fact: + lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" + roles: + - role: "lxc_hosts" + lxc_net_address: 10.100.100.1 + lxc_net_dhcp_range: 10.100.100.2,10.100.100.253 + lxc_net_bridge: lxcbr0 + lxc_kernel_options: + - { key: 'fs.inotify.max_user_instances', value: 1024 } + lxc_container_caches: + - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" + name: "trusty.tgz" + sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" + chroot_path: trusty/rootfs-amd64 + # The $HOME directory is mocked to work with tox + # by defining the 'ansible_env' hash. This should + # NEVER be done outside of testing. + ansible_env: ## NEVER DO THIS OUTSIDE OF TESTING + HOME: "/tmp" + - role: "py_from_git" + git_repo: "https://github.com/lxc/python2-lxc" + git_dest: "/opt/lxc_python2" + git_install_branch: "master" + post_tasks: + # THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A + # HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV. + - name: Ensure the lxc lib is on the host + command: /usr/local/bin/pip install /opt/lxc_python2 + # Inventory is being pre-loaded using a post tasks instead of through a dynamic + # inventory system. While this is not a usual method for deployment it's being + # done for functional testing. + - name: Create container hosts + add_host: + groups: "{{ item.groups }}" + hostname: "{{ item.name }}" + inventory_hostname: "{{ item.name }}" + ansible_ssh_host: "{{ item.address }}" + ansible_become: true + properties: + service_name: "{{ item.service }}" + container_networks: + management_address: + address: "{{ item.address }}" + bridge: "lxcbr0" + interface: "eth1" + netmask: "255.255.252.0" + type: "veth" + physical_host: localhost + container_name: "{{ item.name }}" + with_items: + - { name: "infra1", service: "infra1", address: "10.100.100.101", groups: "all,all_containers,rabbitmq_all,galera_all,service_all" } + - { name: "openstack1", service: "openstack1", address: "10.100.100.102", groups: "all,all_containers,keystone_all,ceilometer_api,ceilometer_collector,ceilometer_agent_central,ceilometer_agent_notification,ceilometer_agent_compute,ceilometer_all" } + +- name: Playbook for creating containers + hosts: all_containers + connection: local + gather_facts: false + roles: + - role: "lxc_container_create" + lxc_container_release: trusty + lxc_container_backing_store: dir + global_environment_variables: + PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + post_tasks: + - name: Wait for ssh to be available + local_action: + module: wait_for + port: "{{ ansible_ssh_port | default('22') }}" + host: "{{ ansible_ssh_host | default(inventory_hostname) }}" + search_regex: OpenSSH + delay: 1 + +- name: Playbook for deploying infra services + hosts: service_all + user: root + gather_facts: true + pre_tasks: + - name: Install MongoDB packages + apt: + name: "{{ item }}" + state: present + with_items: packages_mongodb + - name: Configure the MongoDB bind address + lineinfile: + dest: /etc/mongodb.conf + regexp: "^(#)?bind_ip" + line: "bind_ip = 10.100.100.101" + register: mongodb_bind + - name: Enable the MongoDB smallfiles option + lineinfile: + dest: /etc/mongodb.conf + regexp: "^(#)?smallfiles" + line: "smallfiles = true" + register: mongodb_smallfiles + - name: Restart mongodb + service: + name: mongodb + state: restarted + when: + - mongodb_bind | changed or mongodb_smallfiles | changed + register: mongodb_restart + - name: Wait for mongodb to come back online after the restart + wait_for: + host: "10.100.100.101" + port: 27017 + delay: 5 + timeout: 30 + when: + - mongodb_restart is defined + - mongodb_restart | changed + - name: Test mongodb connectivity + command: "mongo --host 10.100.100.101 --eval ' '" + changed_when: False + - name: Add ceilometer database user + mongodb_user: + login_host: "10.100.100.101" + database: ceilometer + name: ceilometer + password: secrete + roles: 'readWrite,dbAdmin' + state: present + roles: + - role: "rabbitmq_server" + rabbitmq_cookie_token: secrete + - role: "galera_server" + galera_root_password: secrete + galera_root_user: root + galera_innodb_buffer_pool_size: 512M + galera_innodb_log_buffer_size: 32M + galera_server_id: "{{ inventory_hostname | string_2_int }}" + galera_wsrep_node_name: "{{ inventory_hostname }}" + galera_wsrep_provider_options: + - { option: "gcache.size", value: "32M" } + galera_server_id: "{{ inventory_hostname | string_2_int }}" + vars: + packages_mongodb: + - mongodb-clients + - mongodb-server + - python-pymongo + +- name: Playbook for deploying keystone + hosts: keystone_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ keystone_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ keystone_rabbitmq_userid }}" + password: "{{ keystone_rabbitmq_password }}" + vhost: "{{ keystone_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + state: "present" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + password: "{{ keystone_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ keystone_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.101" + when: inventory_hostname == groups['keystone_all'][0] + roles: + - role: os_keystone + vars: + external_lb_vip_address: 10.100.100.102 + internal_lb_vip_address: 10.100.100.102 + keystone_galera_address: 10.100.100.101 + keystone_galera_database: keystone + keystone_venv_tag: "testing" + keystone_developer_mode: true + keystone_git_install_branch: a55128044f763f5cfe2fdc57c738eaca97636448 + keystone_auth_admin_token: "SuperSecreteTestToken" + keystone_auth_admin_password: "SuperSecretePassword" + keystone_service_password: "secrete" + keystone_rabbitmq_password: "secrete" + keystone_container_mysql_password: "SuperSecrete" + keystone_rabbitmq_port: 5671 + keystone_rabbitmq_userid: keystone + keystone_rabbitmq_vhost: /keystone + keystone_rabbitmq_servers: 10.100.100.101 + keystone_rabbitmq_use_ssl: false + galera_client_drop_config_file: false + +- name: Playbook for deploying Ceilometer + hosts: ceilometer_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure Rabbitmq vhost + rabbitmq_vhost: + name: "{{ ceilometer_rabbitmq_vhost }}" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + when: + - inventory_hostname == groups['ceilometer_api'][0] + - groups['rabbitmq_all']|length > 0 + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ ceilometer_rabbitmq_userid }}" + password: "{{ ceilometer_rabbitmq_password }}" + vhost: "{{ ceilometer_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "{{ groups['rabbitmq_all'][0] }}" + when: + - inventory_hostname == groups['ceilometer_api'][0] + - groups['rabbitmq_all']|length > 0 roles: - role: "{{ rolename | basename }}" + vars: + is_metal: "{{ properties.is_metal|default(false) }}" + external_lb_vip_address: 10.100.100.102 + internal_lb_vip_address: 10.100.100.102 + rabbitmq_servers: 10.100.100.101 + rabbitmq_use_ssl: true + rabbitmq_port: 5671 + memcached_servers: 127.0.0.1 + memcached_encryption_key: "secrete" + ceilometer_db_ip: 10.100.100.101 + keystone_auth_admin_token: "SuperSecreteTestToken" + keystone_auth_admin_password: "SuperSecretePassword" + keystone_service_adminuri_insecure: false + keystone_service_internaluri_insecure: false + keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" + keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" + keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" + keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" + swift_system_user_name: swift + swift_system_shell: /bin/false + swift_system_comment: swift test user + swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}" + ceilometer_rabbitmq_userid: ceilometer + ceilometer_rabbitmq_password: secrete + ceilometer_rabbitmq_vhost: /ceilometer + ceilometer_rabbitmq_servers: "{{ rabbitmq_servers }}" + ceilometer_rabbitmq_port: "{{ rabbitmq_port }}" + ceilometer_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" + ceilometer_venv_tag: "testing" + ceilometer_developer_mode: true + ceilometer_git_install_branch: 333024b69aa7810e78aef85e5171cfd6dbd6b740 # HEAD of "master" as of 17.01.2016 + ceilometer_service_password: secrete + ceilometer_telemetry_secret: secrete + ceilometer_container_db_password: secrete + openrc_os_password: "{{ keystone_auth_admin_password }}" + openrc_os_domain_name: "Default" + diff --git a/tox.ini b/tox.ini index 2273cc8f..e726e796 100644 --- a/tox.ini +++ b/tox.ini @@ -15,7 +15,7 @@ whitelist_externals = bash git rm - echo + setenv = VIRTUAL_ENV={envdir} ANSIBLE_HOST_KEY_CHECKING = False @@ -106,24 +106,17 @@ commands = [testenv:functional] commands = - echo -e "\n *******************************************************\n" \ - "**** Functional Testing is still to be implemented ****\n" \ - "**** TODO: Write tests here ****\n" \ - "*******************************************************\n" - # As a temporary measure, while functional testing is being worked on, we - # will not execute the functional test. This allows other patches to be - # worked on while the functional testing is being worked out. - #rm -rf {homedir}/.ansible - #git clone https://git.openstack.org/openstack/openstack-ansible-plugins \ - # {homedir}/.ansible/plugins - #ansible-galaxy install \ - # --role-file={toxinidir}/tests/ansible-role-requirements.yml \ - # --ignore-errors \ - # --force - #ansible-playbook -i {toxinidir}/tests/inventory \ - # -e "rolename={toxinidir}" \ - # -vv \ - # {toxinidir}/tests/test.yml + rm -rf {homedir}/.ansible + git clone https://git.openstack.org/openstack/openstack-ansible-plugins \ + {homedir}/.ansible/plugins + ansible-galaxy install \ + --role-file={toxinidir}/tests/ansible-role-requirements.yml \ + --ignore-errors \ + --force + ansible-playbook -i {toxinidir}/tests/inventory \ + -e "rolename={toxinidir}" \ + -vv \ + {toxinidir}/tests/test.yml [testenv:linters]