Add container-aware connection plugin tests

- Test the container awareness of the connection plugin (the lxc-attach
  execution functionality when container_name is set on a host).

- Test delegation to containers

Depends-On: Idb186a061a396713a0e449d47ec262b30d5006ca
Change-Id: I2331d5d5c9cf3d4f8fc83639f6047092232f5887

tests/ansible-role-requirements.yml

@@ -0,0 +1,20 @@
+- name: apt_package_pinning
+  src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning
+  scm: git
+  version: master
+- name: pip_install
+  src: https://git.openstack.org/openstack/openstack-ansible-pip_install
+  scm: git
+  version: master
+- name: openstack_hosts
+  src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts
+  scm: git
+  version: master
+- name: lxc_hosts
+  src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts
+  scm: git
+  version: master
+- name: lxc_container_create
+  src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create
+  scm: git
+  version: master

tests/group_vars/all_containers.yml

@@ -0,0 +1,31 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+container_name: "{{ inventory_hostname }}"
+
+container_networks:
+  management_address:
+    address: "{{ ansible_host }}"
+    bridge: "br-mgmt"
+    interface: "eth1"
+    netmask: "255.255.252.0"
+    type: "veth"
+    static_routes:
+      - cidr: 10.100.100.0/24
+        gateway: 10.100.100.1
+
+properties: {}
+
+physical_host: localhost

tests/group_vars/hosts.yml

@@ -0,0 +1,25 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Disable the installation of OpenSSH packages in the LXC cache
+lxc_cache_distro_packages: "{{ _lxc_cache_distro_packages |
+                               reject('match', '^openssh.*') |
+                               list }}"
+lxc_cache_sshd_configuration: []
+# OpenSUSE has sshd installed and enabled by default. The other container
+# caches do not. We will just drop a systemd mask file to make sure it never
+# starts in suse.
+lxc_cache_prep_post_commands: |
+  ln -s /dev/null /etc/systemd/system/sshd.service

tests/host_vars/container1.yml

@@ -0,0 +1,18 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ansible_host: 10.100.100.2
+ansible_become: True
+ansible_user: root

tests/host_vars/container2.yml

@@ -0,0 +1,18 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ansible_host: 10.100.100.3
+ansible_become: True
+ansible_user: root

tests/host_vars/container3.yml

@@ -0,0 +1,18 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ansible_host: 10.100.100.4
+ansible_become: True
+ansible_user: root

tests/host_vars/localhost.yml

@@ -0,0 +1,17 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+bridges:
+  - "br-mgmt"

tests/inventory

@@ -1,2 +1,20 @@
-[all]
-localhost ansible_connection=local ansible_become=True
+[hosts]
+localhost
+
+[all_containers]
+container1
+container2
+
+# This is used to test I75f9d0f55ecd875caa1bf608a77c92f950b679a1
+[hosts]
+localhost_alt ansible_host=localhost
+[all_containers]
+container3 physical_host=localhost_alt
+
+# This is meant to test If594914df53efacc6d5bba148f4f46280f5a117d
+[fake_hosts]
+fakehost ansible_host=1.1.1.1
+[hosts:children]
+fake_hosts
+[fake_containers]
+fakecontainer container_name="{{ inventory_hostname }}" physical_host=fakehost

tests/test-connection-plugin.yml

@@ -0,0 +1,69 @@
+---
+# Copyright 2017, Logan Vig <logan2211@gmail.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Fail if sshd is running in the containers
+  hosts: all_containers:alt_containers
+  gather_facts: no
+  user: root
+  become: True
+  tasks:
+    - name: Ensure sshd is not running
+      command: pgrep sshd
+      register: sshd_pgrep
+      failed_when: "sshd_pgrep.rc == 0"
+      changed_when: false
+
+# The container3 ping validates I75f9d0f55ecd875caa1bf608a77c92f950b679a1
+- name: Test the connection plugin container awareness functions
+  hosts: all_containers:alt_containers
+  gather_facts: no
+  user: root
+  become: True
+  tasks:
+    - name: Test container ping
+      action:
+        module: ping
+
+# Test for I56d8afddbccf01f2944d2fdd505b601a4b048374
+- name: Test delegation in the container aware connection plugin
+  hosts: localhost
+  gather_facts: no
+  user: root
+  become: True
+  tasks:
+    - name: Test container delegation without templating
+      command: cat /etc/hostname
+      delegate_to: container1
+      register: delegated
+      failed_when: delegated.stdout != 'container1'
+      changed_when: false
+    - name: Test container delegation using templating
+      command: cat /etc/hostname
+      delegate_to: "{{ groups['all_containers'][1] }}"
+      register: delegated
+      failed_when: delegated.stdout != 'container2'
+      changed_when: false
+
+# Test for If594914df53efacc6d5bba148f4f46280f5a117d
+- name: Test delegation between container physical_hosts
+  hosts: fakecontainer
+  gather_facts: no
+  user: root
+  become: True
+  tasks:
+    - name: Test delegation between containers on different hosts
+      action:
+        module: ping
+      delegate_to: "{{ groups['all_containers'][0] }}"

tests/test.yml

@@ -13,6 +13,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+- name: Collect facts for all hosts
+  hosts: hosts:!fake_hosts
+  gather_facts: yes
+
+- include: common/test-setup-host.yml
 
 - include: test-config_template.yml
 
@@ -21,3 +26,5 @@
 - include: test-lookups.yml
 
 - include: test-strategy-tagfilter.yml
+
+- include: test-connection-plugin.yml