From 1979d6b16085a2361ff2a462f4adb0c71742d24e Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Tue, 3 Mar 2020 12:30:20 +1100 Subject: [PATCH] nodepool-builder: deploy from container This deploys the nodepool-builder container and verifies it has started in testinfra. Change-Id: I8a717d06f1291a4112b2753641ff88f074cf0b31 --- .zuul.yaml | 1 + .../roles/nodepool-base/defaults/main.yaml | 7 +++- playbooks/roles/nodepool-base/tasks/main.yaml | 2 + playbooks/roles/nodepool-builder/README.rst | 8 ++++ .../roles/nodepool-builder/defaults/main.yaml | 0 .../roles/nodepool-builder/tasks/main.yaml | 37 +++++++++++++++++++ .../templates/docker-compose.yaml.j2 | 28 ++++++++++++++ playbooks/service-nodepool.yaml | 4 ++ testinfra/test_nodepool.py | 14 ++++++- 9 files changed, 98 insertions(+), 3 deletions(-) create mode 100644 playbooks/roles/nodepool-builder/README.rst create mode 100644 playbooks/roles/nodepool-builder/defaults/main.yaml create mode 100644 playbooks/roles/nodepool-builder/tasks/main.yaml create mode 100644 playbooks/roles/nodepool-builder/templates/docker-compose.yaml.j2 diff --git a/.zuul.yaml b/.zuul.yaml index c89a05c039..1576f7fe20 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -849,6 +849,7 @@ - playbooks/group_vars/nodepool-builder.yaml - playbooks/group_vars/nodepool-launcher.yaml - playbooks/roles/configure-openstacksdk/ + - playbooks/roles/nodepool.* - playbooks/templates/clouds/ - testinfra/test_nodepool.py diff --git a/playbooks/roles/nodepool-base/defaults/main.yaml b/playbooks/roles/nodepool-base/defaults/main.yaml index 4f299f5df0..f6c7e9a391 100644 --- a/playbooks/roles/nodepool-base/defaults/main.yaml +++ b/playbooks/roles/nodepool-base/defaults/main.yaml @@ -1 +1,6 @@ -nodepool_base_install_zookeeper: False \ No newline at end of file +nodepool_base_install_zookeeper: False + +# Keep these in sync with the container uid's so containers can write +# to local bits and pieces. +nodepool_base_nodepool_uid: 10001 +nodepool_base_nodepool_gid: 10001 \ No newline at end of file diff --git a/playbooks/roles/nodepool-base/tasks/main.yaml b/playbooks/roles/nodepool-base/tasks/main.yaml index df43052c00..c0e1ebe740 100644 --- a/playbooks/roles/nodepool-base/tasks/main.yaml +++ b/playbooks/roles/nodepool-base/tasks/main.yaml @@ -2,6 +2,7 @@ group: name: nodepool state: present + gid: '{{ nodepool_base_nodepool_gid }}' - name: Add the nodepool user user: @@ -10,6 +11,7 @@ home: /home/nodepool create_home: yes shell: /bin/bash + uid: '{{ nodepool_base_nodepool_uid }}' - name: Install zookeeper include_role: diff --git a/playbooks/roles/nodepool-builder/README.rst b/playbooks/roles/nodepool-builder/README.rst new file mode 100644 index 0000000000..075a62e5bf --- /dev/null +++ b/playbooks/roles/nodepool-builder/README.rst @@ -0,0 +1,8 @@ +Deploy nodepool-builder container + +**Role Variables** + +.. zuul:rolevar:: nodepool_builder_container_tag + :default: unset + + Override tag for container deployment diff --git a/playbooks/roles/nodepool-builder/defaults/main.yaml b/playbooks/roles/nodepool-builder/defaults/main.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/playbooks/roles/nodepool-builder/tasks/main.yaml b/playbooks/roles/nodepool-builder/tasks/main.yaml new file mode 100644 index 0000000000..30d867387e --- /dev/null +++ b/playbooks/roles/nodepool-builder/tasks/main.yaml @@ -0,0 +1,37 @@ +- name: Ensure dib directories + file: + state: directory + path: '{{ item }}' + mode: 0755 + owner: nodepool + group: nodepool + loop: + - '/opt/dib_tmp' + - '/opt/nodepool_dib' + - '/var/log/nodepool/builds' + +- name: Ensure /etc/nodepool-builder-compose directory + file: + state: directory + path: /etc/nodepool-builder-compose + mode: 0755 + +- name: Put docker-compose file in place + template: + src: docker-compose.yaml.j2 + dest: /etc/nodepool-builder-compose/docker-compose.yaml + mode: 0644 + +- name: Install podman-compose + pip: + name: podman-compose + state: latest + # NOTE(mordred) Cannot use full path to pip3 here because it is + # different on zuul test nodes and in production. This is, of + # course, not stellar. + executable: pip3 + +- name: Run podman-compose up + shell: + cmd: podman-compose up -d + chdir: /etc/nodepool-builder-compose/ diff --git a/playbooks/roles/nodepool-builder/templates/docker-compose.yaml.j2 b/playbooks/roles/nodepool-builder/templates/docker-compose.yaml.j2 new file mode 100644 index 0000000000..ae46229323 --- /dev/null +++ b/playbooks/roles/nodepool-builder/templates/docker-compose.yaml.j2 @@ -0,0 +1,28 @@ +version: '3.0' +services: + nodepool-builder: + image: docker.io/zuul/nodepool-builder:{{ nodepool_builder_container_tag|default('latest') }} + user: nodepool + network_mode: host + restart: always + + privileged: true + + environment: + - DEBUG=1 + + volumes: + # NOTE(ianw): for non-containerised builds the base roles + # (configure-openstacksdk) have always deployed the cloud config + # in ~nodepool/.config. + - /home/nodepool/.config/openstack:/etc/openstack:ro + # nodepool config + - /etc/nodepool:/etc/nodepool:ro + # project-config + - /opt/project-config:/opt/project-config:ro + # dib temporary storage; see config in project-config + - /opt/dib_tmp:/opt/dib_tmp:rw + # dib image output; see config in project-config + - /opt/nodepool_dib:/opt/nodepool_dib:rw + # logs (builder + dib build logs under /build) + - /var/log/nodepool:/var/log/nodepool:rw \ No newline at end of file diff --git a/playbooks/service-nodepool.yaml b/playbooks/service-nodepool.yaml index f475b9cdb4..35d862462d 100644 --- a/playbooks/service-nodepool.yaml +++ b/playbooks/service-nodepool.yaml @@ -10,8 +10,12 @@ name: "Configure nodepool builders" strategy: free roles: + - pip3 + - install-podman - nodepool-base - configure-openstacksdk + - nodepool-builder + # TODO(ianw) 2020-03-03 : watch this space... #- hosts: nodepool-launcher_opendev:!disabled diff --git a/testinfra/test_nodepool.py b/testinfra/test_nodepool.py index 27d530eb93..a5e262d181 100644 --- a/testinfra/test_nodepool.py +++ b/testinfra/test_nodepool.py @@ -12,8 +12,10 @@ # License for the specific language governing permissions and limitations # under the License. +import pytest -testinfra_hosts = ['nl01.openstack.org', 'nb01.openstack.org'] +testinfra_hosts = ['nl01.openstack.org', 'nb01.openstack.org', + 'nb01-test.opendev.org'] def test_clouds_yaml(host): @@ -22,9 +24,17 @@ def test_clouds_yaml(host): assert b'password' in clouds_yaml.content - def test_kube_config(host): + if not host.backend.get_hostname().endswith('openstack.org'): + pytest.skip() kubeconfig = host.file('/home/nodepool/.kube/config') assert kubeconfig.exists assert b'nodepool_k8s_key' in kubeconfig.content + +def test_builder_container_running(host): + if host.backend.get_hostname() != 'nb01-test.opendev.org': + pytest.skip() + + cmd = host.run("podman ps -a --format '{{ .Names }}'") + assert 'nodepool-builder-compose_nodepool-builder_1' in cmd.stdout