From e4b7ae1787b3919c49d07841ff08e3344076a965 Mon Sep 17 00:00:00 2001 From: Jimmy McCrory Date: Fri, 4 Mar 2016 09:04:36 -0800 Subject: [PATCH] Upgrade RabbitMQ Server to 3.6.1-1 Change the default install version of RabbitMQ Server to 3.6.1-1. Additionally, the functional test playbook file has been split into multiple, more focused, files. Tests to ensure that the expected version of RabbitMQ Server is running and to upgrade from 3.5.7 to 3.6.1 have been added. Change-Id: I8907a3a71334be7b89ad743c3f2031e0a42a00f2 --- defaults/main.yml | 4 +- tests/test-container-create.yml | 54 ++++++++++++ tests/test-functional.yml | 63 ++++++++++++++ tests/test-prep.yml | 89 ++++++++++++++++++++ tests/test-upgrade.yml | 44 ++++++++++ tests/test.yml | 145 +++----------------------------- 6 files changed, 262 insertions(+), 137 deletions(-) create mode 100644 tests/test-container-create.yml create mode 100644 tests/test-functional.yml create mode 100644 tests/test-prep.yml create mode 100644 tests/test-upgrade.yml diff --git a/defaults/main.yml b/defaults/main.yml index 347dff2a..dc1b08ae 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -29,9 +29,9 @@ rabbitmq_upgrade: false # upgrade/version state can be ignored by setting `rabbitmq_ignore_version_state=true` rabbitmq_ignore_version_state: false -rabbitmq_package_url: "https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.0/rabbitmq-server_3.6.0-1_all.deb" +rabbitmq_package_url: "https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.1/rabbitmq-server_3.6.1-1_all.deb" rabbitmq_package_version: "{{ rabbitmq_package_url.split('/')[-1].split('_')[1] }}" -rabbitmq_package_sha256: "fb1e3705d9bea34da31b5857171f476119389da322e687deb3d725bdf6188d1e" +rabbitmq_package_sha256: "0728fbdb14ec62712c6f931a7d91648cafbc6c30d8d4da790832e784b4d2e956" rabbitmq_package_path: "/opt/rabbitmq-server.deb" rabbitmq_apt_packages: diff --git a/tests/test-container-create.yml b/tests/test-container-create.yml new file mode 100644 index 00000000..efca943a --- /dev/null +++ b/tests/test-container-create.yml @@ -0,0 +1,54 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create test containers + hosts: all_containers + connection: local + gather_facts: false + pre_tasks: + - name: Destroy test containers + lxc_container: + name: "{{ container_name }}" + state: "absent" + delegate_to: "{{ physical_host }}" + tags: + - container-destroy + - name: Destroy container service directories + file: + path: "{{ item }}" + state: "absent" + with_items: + - "/openstack/{{ container_name }}" + - "/openstack/backup/{{ container_name }}" + - "/openstack/log/{{ container_name }}" + - "/var/lib/lxc/{{ container_name }}" + - "{{ lxc_container_directory|default('/var/lib/lxc') }}/{{ container_name }}" + delegate_to: "{{ physical_host }}" + tags: + - container-directories + roles: + - role: "lxc_container_create" + lxc_container_release: trusty + lxc_container_backing_store: dir + global_environment_variables: + PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + post_tasks: + - name: Wait for ssh to be available + local_action: + module: wait_for + port: "{{ ansible_ssh_port | default('22') }}" + host: "{{ ansible_ssh_host | default(inventory_hostname) }}" + search_regex: OpenSSH + delay: 1 diff --git a/tests/test-functional.yml b/tests/test-functional.yml new file mode 100644 index 00000000..4eec0f35 --- /dev/null +++ b/tests/test-functional.yml @@ -0,0 +1,63 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + - name: Check rabbitmq is running + command: "pgrep rabbit" + delegate_to: "{{ item }}" + when: ansible_ssh_host == item + with_items: + - 10.100.100.101 + - 10.100.100.102 + - 10.100.100.103 + - name: Open rabbitmq.config + slurp: + src: "/etc/rabbitmq/rabbitmq.config" + register: rabbitmq_config + - name: Open enabled_plugins + slurp: + src: "/etc/rabbitmq/enabled_plugins" + register: enabled_plugins + - name: Read rabbitmq_ssl_cert + stat: + path: "{{ rabbitmq_ssl_cert }}" + register: rabbitmq_ssl_cert_stat + - name: Read rabbitmq_ssl_key + stat: + path: "{{ rabbitmq_ssl_key }}" + register: rabbitmq_ssl_key_stat + - name: Read rabbit files + set_fact: + enabled_plugins_contents: "{{ enabled_plugins.content | b64decode }}" + rabbitmq_config_contents: "{{ rabbitmq_config.content | b64decode }}" + rabbitmq_ssl_cert_checksum: "{{ rabbitmq_ssl_cert_stat.stat.checksum }}" + rabbitmq_ssl_key_checksum: "{{ rabbitmq_ssl_key_stat.stat.checksum }}" + - name: Check files contents + assert: + that: + - "'rabbitmq_management' in enabled_plugins_contents" + - "'rabbit@10.100.100.101' in rabbitmq_config_contents" + - "'rabbit@10.100.100.102' in rabbitmq_config_contents" + - "'rabbit@10.100.100.103' in rabbitmq_config_contents" + - name: Get status of rabbitmq + command: rabbitmqctl status + register: rabbitmqctl_status + - name: Ensure SSL cert/key checksums are identical across cluster + assert: + that: + - hostvars['container1']['rabbitmq_ssl_cert_checksum'] == hostvars['container2']['rabbitmq_ssl_cert_checksum'] == hostvars['container3']['rabbitmq_ssl_cert_checksum'] + - hostvars['container1']['rabbitmq_ssl_key_checksum'] == hostvars['container2']['rabbitmq_ssl_key_checksum'] == hostvars['container3']['rabbitmq_ssl_key_checksum'] + - name: Ensure expected version of rabbitmq is running + assert: + that: rabbitmqctl_status.stdout | search ("rabbit,\"RabbitMQ\",\"{{ rabbitmq_package_version.split('-')[0] }}\"") diff --git a/tests/test-prep.yml b/tests/test-prep.yml new file mode 100644 index 00000000..341f1877 --- /dev/null +++ b/tests/test-prep.yml @@ -0,0 +1,89 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create ssh key pairs for use with containers + hosts: 127.0.0.1 + connection: local + become: false + pre_tasks: + - name: Create ssh key pair for root + user: + name: "{{ ansible_ssh_user }}" + generate_ssh_key: "yes" + ssh_key_bits: 2048 + ssh_key_file: ".ssh/id_rsa" + - name: get the calling users key + command: cat ~/.ssh/id_rsa.pub + register: key_get + - set_fact: + lxc_container_ssh_key: "{{ key_get.stdout }}" + +- name: Perform basic LXC host setup + hosts: localhost + connection: local + pre_tasks: + - name: Ensure root's new public ssh key is in authorized_keys + authorized_key: + user: root + key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" + manage_dir: no + - set_fact: + lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" + roles: + - role: "lxc_hosts" + lxc_net_address: 10.100.100.1 + lxc_net_dhcp_range: 10.100.100.2,10.100.100.253 + lxc_net_bridge: lxcbr0 + lxc_kernel_options: + - { key: 'fs.inotify.max_user_instances', value: 1024 } + lxc_container_caches: + - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" + name: "trusty.tgz" + sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" + chroot_path: trusty/rootfs-amd64 + - role: "py_from_git" + git_repo: "https://github.com/lxc/python2-lxc" + git_dest: "/opt/lxc_python2" + git_install_branch: "master" + post_tasks: + # THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A + # HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV. + - name: Ensure the lxc lib is on the host + command: /usr/local/bin/pip install /opt/lxc_python2 + # Inventory is being pre-loaded using a post tasks instead of through a dynamic + # inventory system. While this is not a usual method for deployment it's being + # done for functional testing. + - name: Create container hosts + add_host: + groups: "all,all_containers,rabbitmq_all" + hostname: "{{ item.name }}" + inventory_hostname: "{{ item.name }}" + ansible_ssh_host: "{{ item.address }}" + ansible_become: true + properties: + service_name: "{{ item.service }}" + container_networks: + management_address: + address: "{{ item.address }}" + bridge: "lxcbr0" + interface: "eth1" + netmask: "255.255.252.0" + type: "veth" + physical_host: localhost + container_name: "{{ item.name }}" + with_items: + - { name: "container1", service: "service1", address: "10.100.100.101" } + - { name: "container2", service: "service2", address: "10.100.100.102" } + - { name: "container3", service: "service3", address: "10.100.100.103" } diff --git a/tests/test-upgrade.yml b/tests/test-upgrade.yml new file mode 100644 index 00000000..7b85fb3a --- /dev/null +++ b/tests/test-upgrade.yml @@ -0,0 +1,44 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Run container clean up and build +- include: test-container-create.yml + +# Deploy the environment +- name: Install previous rabbitmq version + hosts: rabbitmq_all + user: root + gather_facts: true + vars: + rabbitmq_package_url: "https://www.rabbitmq.com/releases/rabbitmq-server/v3.5.7/rabbitmq-server_3.5.7-1_all.deb" + rabbitmq_package_version: "{{ rabbitmq_package_url.split('/')[-1].split('_')[1] }}" + rabbitmq_package_sha256: "b8a42321c2f2689dc579911fbb583bd9c4d2ce2f20003d7050d5a324a6d2de42" + roles: + - role: "{{ rolename | basename }}" + rabbitmq_cookie_token: secrete + post_tasks: + - include: test-functional.yml + +# Upgrade the environment +- name: Upgrade to current role default rabbitmq version + hosts: rabbitmq_all + user: root + gather_facts: true + roles: + - role: "{{ rolename | basename }}" + rabbitmq_cookie_token: secrete + rabbitmq_upgrade: true + post_tasks: + - include: test-functional.yml diff --git a/tests/test.yml b/tests/test.yml index 8d094942..ba9d1f04 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -13,101 +13,14 @@ # See the License for the specific language governing permissions and # limitations under the License. -- name: Playbook for pre-role testing 1of3 - hosts: 127.0.0.1 - connection: local - become: false - pre_tasks: - - name: Create ssh key pair for root - user: - name: "{{ ansible_ssh_user }}" - generate_ssh_key: "yes" - ssh_key_bits: 2048 - ssh_key_file: ".ssh/id_rsa" - - name: get the calling users key - command: cat ~/.ssh/id_rsa.pub - register: key_get - - set_fact: - lxc_container_ssh_key: "{{ key_get.stdout }}" +# Run basic prep +- include: test-prep.yml -- name: Playbook for pre-role testing 2of3 - hosts: localhost - connection: local - pre_tasks: - - name: Ensure root's new public ssh key is in authorized_keys - authorized_key: - user: root - key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" - manage_dir: no - - set_fact: - lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}" - roles: - - role: "lxc_hosts" - lxc_net_address: 10.100.100.1 - lxc_net_dhcp_range: 10.100.100.2,10.100.100.253 - lxc_net_bridge: lxcbr0 - lxc_kernel_options: - - { key: 'fs.inotify.max_user_instances', value: 1024 } - lxc_container_caches: - - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" - name: "trusty.tgz" - sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" - chroot_path: trusty/rootfs-amd64 - - role: "py_from_git" - git_repo: "https://github.com/lxc/python2-lxc" - git_dest: "/opt/lxc_python2" - git_install_branch: "master" - post_tasks: - # THIS TASK IS ONLY BEING DONE BECAUSE THE TOX SHARED LXC LIB IS NOT USABLE ON A - # HOST MACHINE THAT MAY NOT HAVE ACCESS TO THE VENV. - - name: Ensure the lxc lib is on the host - command: /usr/local/bin/pip install /opt/lxc_python2 - # Inventory is being pre-loaded using a post tasks instead of through a dynamic - # inventory system. While this is not a usual method for deployment it's being - # done for functional testing. - - name: Create container hosts - add_host: - groups: "all,all_containers,rabbitmq_all" - hostname: "{{ item.name }}" - inventory_hostname: "{{ item.name }}" - ansible_ssh_host: "{{ item.address }}" - ansible_become: true - properties: - service_name: "{{ item.service }}" - container_networks: - management_address: - address: "{{ item.address }}" - bridge: "lxcbr0" - interface: "eth1" - netmask: "255.255.252.0" - type: "veth" - physical_host: localhost - container_name: "{{ item.name }}" - with_items: - - { name: "container1", service: "service1", address: "10.100.100.101" } - - { name: "container2", service: "service2", address: "10.100.100.102" } - - { name: "container3", service: "service3", address: "10.100.100.103" } +# Run container clean up and build +- include: test-container-create.yml -- name: Playbook for pre-role testing 3of3 - hosts: all_containers - connection: local - gather_facts: false - roles: - - role: "lxc_container_create" - lxc_container_release: trusty - lxc_container_backing_store: dir - global_environment_variables: - PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - post_tasks: - - name: Wait for ssh to be available - local_action: - module: wait_for - port: "{{ ansible_ssh_port | default('22') }}" - host: "{{ ansible_ssh_host | default(inventory_hostname) }}" - search_regex: OpenSSH - delay: 1 - -- name: Playbook for role testing +# Deploy the environment +- name: Install role default rabbitmq version hosts: rabbitmq_all user: root gather_facts: true @@ -115,45 +28,7 @@ - role: "{{ rolename | basename }}" rabbitmq_cookie_token: secrete post_tasks: - - name: Check rabbitmq is running - command: "pgrep rabbit" - delegate_to: "{{ item }}" - when: ansible_ssh_host == item - with_items: - - 10.100.100.101 - - 10.100.100.102 - - 10.100.100.103 - - name: Open rabbitmq.config - slurp: - src: "/etc/rabbitmq/rabbitmq.config" - register: rabbitmq_config - - name: Open enabled_plugins - slurp: - src: "/etc/rabbitmq/enabled_plugins" - register: enabled_plugins - - name: Read rabbitmq_ssl_cert - stat: - path: "{{ rabbitmq_ssl_cert }}" - register: rabbitmq_ssl_cert - - name: Read rabbitmq_ssl_key - stat: - path: "{{ rabbitmq_ssl_key }}" - register: rabbitmq_ssl_key - - name: Read rabbit files - set_fact: - enabled_plugins_contents: "{{ enabled_plugins.content | b64decode }}" - rabbitmq_config_contents: "{{ rabbitmq_config.content | b64decode }}" - rabbitmq_ssl_cert_checksum: "{{ rabbitmq_ssl_cert.stat.checksum }}" - rabbitmq_ssl_key_checksum: "{{ rabbitmq_ssl_key.stat.checksum }}" - - name: Check files contents - assert: - that: - - "'rabbitmq_management' in enabled_plugins_contents" - - "'rabbit@10.100.100.101' in rabbitmq_config_contents" - - "'rabbit@10.100.100.102' in rabbitmq_config_contents" - - "'rabbit@10.100.100.103' in rabbitmq_config_contents" - - name: Ensure SSL cert/key checksums are identical across cluster - assert: - that: - - hostvars['container1']['rabbitmq_ssl_cert_checksum'] == hostvars['container2']['rabbitmq_ssl_cert_checksum'] == hostvars['container3']['rabbitmq_ssl_cert_checksum'] - - hostvars['container1']['rabbitmq_ssl_key_checksum'] == hostvars['container2']['rabbitmq_ssl_key_checksum'] == hostvars['container3']['rabbitmq_ssl_key_checksum'] + - include: test-functional.yml + +# Perform upgrade testing +- include: test-upgrade.yml