openstack/openstack-ansible-os_ironic
Code Issues Proposed changes

Implement initial test inventory/plays

Browse Source 
This patch implements an initial set of inventory and playbooks
which results in the successful convergence of a standalone
build of Ironic.

It also adds the rootwrap filters, implement config_template
for all the conf files appropriately and ensures that the sudoers
is implemented in the right order of execution.

All content is based from the head of stable/mitaka on
24 Mar 2016.

Change-Id: I9182951c394a8c52826480aba7bc7e4d437988c5
This commit is contained in:
Jesse Pretorius 2016-03-24 22:41:04 +00:00
parent ca6c26da0e
commit b5d7b7986c
22 changed files with 1254 additions and 361 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
defaults/main.yml
View File

@ -23,9 +23,9 @@ verbose: True
# to build an environment directly from a git source without the presence
# of an OpenStack-Ansible repo_server.
ironic_git_repo: https://git.openstack.org/openstack/ironic
ironic_git_install_branch: master
ironic_git_install_branch: stable/mitaka
ironic_requirements_git_repo: https://git.openstack.org/openstack/requirements
ironic_requirements_git_install_branch: master
ironic_requirements_git_install_branch: stable/mitaka
ironic_developer_mode: false
ironic_developer_constraints:
- "git+{{ ironic_git_repo }}@{{ ironic_git_install_branch }}#egg=ironic"
@ -85,7 +85,6 @@ ironic_standalone: False
# Database
ironic_galera_user: ironic
ironic_galera_database: ironic
ironic_galera_password: "gu1d0" # TODO(mrda): Manage secrets
# Integrated Openstack configuration
ironic_openstack_driver_list: agent_ipmitool
@ -149,12 +148,25 @@ ironic_conductor_standalone_apt_packages:
## RabbitMQ info
ironic_rabbitmq_userid: ironic
ironic_rabbitmq_vhost: /ironic
ironic_rabbitmq_password: ch4rl0tt3 # TODO(mrda): Manage secrets
# Auth
ironic_service_user_name: "ironic"
ironic_service_password: "4nn3" # TODO(mrda): Manage secrets
# Apache settings
ironic_wsgi_threads: 1
ironic_wsgi_processes: "{{ ansible_processor_vcpus | default (1) * 2 }}"
### OpenStack Services to integrate with
# Glance
# ironic_glance_host: x.x.x.x
ironic_glance_auth_strategy: "{{ ironic_openstack_auth_strategy }}"
# Neutron
# neutron_service_adminurl:
ironic_neutron_auth_strategy: "{{ ironic_openstack_auth_strategy }}"
### Config Overrides
ironic_ironic_conf_overrides: {}
ironic_rootwrap_conf_overrides: {}
ironic_policy_overrides: {}

6
files/rootwrap.d/ironic-images.filters Normal file
View File

@ -0,0 +1,6 @@
# ironic-rootwrap command filters to manipulate images
# This file should be owned by (and only-writeable by) the root user
[Filters]
# ironic/common/images.py: 'qemu-img'
qemu-img: CommandFilter, qemu-img, root

25
files/rootwrap.d/ironic-lib.filters Normal file
View File

@ -0,0 +1,25 @@
# An ironic-lib.filters to be used with rootwrap command.
# The following commands should be used in filters for disk manipulation.
# This file should be owned by (and only-writeable by) the root user.
# NOTE: this file is a copy of ironic-lib.filters from the ironic-lib
# repository that should ultimately be remove. At this point, we still
# need it to avoid gate breakage and preserve compatibily with existing
# installation.
[Filters]
# ironic_lib/disk_utils.py
blkid: CommandFilter, blkid, root
blockdev: CommandFilter, blockdev, root
hexdump: CommandFilter, hexdump, root
qemu-img: CommandFilter, qemu-img, root
wipefs: CommandFilter, wipefs, root
# ironic_lib/utils.py
mkswap: CommandFilter, mkswap, root
mkfs: CommandFilter, mkfs, root
dd: CommandFilter, dd, root
# ironic_lib/disk_partitioner.py
fuser: CommandFilter, fuser, root
parted: CommandFilter, parted, root

10
files/rootwrap.d/ironic-utils.filters Normal file
View File

@ -0,0 +1,10 @@
# ironic-rootwrap command filters for disk manipulation
# This file should be owned by (and only-writeable by) the root user
[Filters]
# ironic/drivers/modules/deploy_utils.py
iscsiadm: CommandFilter, iscsiadm, root
# ironic/common/utils.py
mount: CommandFilter, mount, root
umount: CommandFilter, umount, root

9
meta/main.yml
View File

@ -27,8 +27,9 @@ galaxy_info:
- baremetal
- system
dependencies:
- apt_package_pinning
- galera_client
- pip_install
# TODO(mrda): Add in openstack_openrc once this role is split out
# from openstack-ansible, as it's useful for standalone use.
# - openstack_openrc
- openstack_openrc
- role: pip_lock_down
when:
- not ironic_developer_mode | bool

81
tasks/ironic_post_install.yml
View File

@ -33,26 +33,73 @@
ironic_db_connection_string: "{{ ironic_openstack_db_connection_string }}"
when: not ironic_standalone
- name: Build the ironic.conf configuration file
template:
src: "ironic.conf.j2"
dest: "/etc/ironic/ironic.conf"
mode: "0644"
owner: "root"
group: "root"
notify:
- Restart ironic services
- name: Get ironic command path
command: which ironic
register: ironic_command_path
when:
- not ironic_venv_enabled | bool
tags:
- ironic-init
- ironic-command-bin
- name: Build the policy.json file
template:
src: "policy.json.j2"
dest: "/etc/ironic/policy.json"
- name: Set ironic command path
set_fact:
ironic_bin: "{{ ironic_command_path.stdout | dirname }}"
when:
- not ironic_venv_enabled | bool
tags:
- ironic-command-bin
- name: Generate ironic config
config_template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner|default(ironic_system_user_name) }}"
group: "{{ item.group|default(ironic_system_group_name) }}"
mode: "0644"
config_overrides: "{{ item.config_overrides }}"
config_type: "{{ item.config_type }}"
with_items:
- src: "ironic.conf.j2"
dest: "/etc/ironic/ironic.conf"
config_overrides: "{{ ironic_ironic_conf_overrides }}"
config_type: "ini"
- src: "rootwrap.conf.j2"
dest: "/etc/ironic/rootwrap.conf"
owner: "root"
group: "root"
notify:
- Restart ironic services
config_overrides: "{{ ironic_rootwrap_conf_overrides }}"
config_type: "ini"
- src: "policy.json.j2"
dest: "/etc/ironic/policy.json"
config_overrides: "{{ ironic_policy_overrides }}"
config_type: "json"
notify: Restart ironic services
tags:
- ironic-init
- ironic-config
- ironic-post-install
- name: Copy ironic rootwrap filter config
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
group: "root"
with_items:
- { src: "rootwrap.d/ironic-images.filters", dest: "/etc/ironic/rootwrap.d/ironic-images.filters" }
- { src: "rootwrap.d/ironic-lib.filters", dest: "/etc/ironic/rootwrap.d/ironic-lib.filters" }
- { src: "rootwrap.d/ironic-utils.filters", dest: "/etc/ironic/rootwrap.d/ironic-utils.filters" }
notify: Restart ironic services
tags:
- ironic-config
- ironic-post-install
- name: Include sudoers file
template:
src: "sudoers.j2"
dest: "/etc/sudoers.d/{{ ironic_system_user_name }}_sudoers"
mode: "0440"
owner: "root"
group: "root"
tags:
- ironic-api
- ironic-conductor

11
tasks/ironic_pre_install.yml
View File

@ -114,14 +114,3 @@
tags:
- ironic-api
- ironic-conductor
- name: Include sudoers file
template:
src: "sudoers.j2"
dest: "/etc/sudoers.d/{{ ironic_system_user_name }}_sudoers"
mode: "0440"
owner: "root"
group: "root"
tags:
- ironic-api
- ironic-conductor

861
templates/ironic.conf.j2
View File

File diff suppressed because it is too large Load Diff

27
templates/rootwrap.conf.j2 Normal file
View File

@ -0,0 +1,27 @@
# Configuration for ironic-rootwrap
# This file should be owned by (and only-writeable by) the root user
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=/etc/ironic/rootwrap.d,/usr/share/ironic/rootwrap
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs={{ ironic_bin }},/sbin,/usr/sbin,/bin,/usr/bin
# Enable logging to syslog
# Default value is False
use_syslog=False
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, user0, user1...
# Default value is 'syslog'
syslog_log_facility=syslog
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR

48
tests/ansible-role-requirements.yml
View File

@ -1,8 +1,52 @@
- name: galera_client
src: https://git.openstack.org/openstack/openstack-ansible-galera_client
- name: apt_package_pinning
src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning
scm: git
version: master
- name: pip_install
src: https://git.openstack.org/openstack/openstack-ansible-pip_install
scm: git
version: master
- name: pip_lock_down
src: https://git.openstack.org/openstack/openstack-ansible-pip_lock_down
scm: git
version: master
- name: memcached_server
src: https://git.openstack.org/openstack/openstack-ansible-memcached_server
scm: git
version: master
- name: py_from_git
src: https://git.openstack.org/openstack/openstack-ansible-py_from_git
scm: git
version: master
- name: lxc_hosts
src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts
scm: git
version: master
- name: lxc_container_create
src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create
scm: git
version: master
- name: openstack_hosts
src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts
scm: git
version: master
- name: galera_client
src: https://git.openstack.org/openstack/openstack-ansible-galera_client
scm: git
version: master
- name: galera_server
src: https://git.openstack.org/openstack/openstack-ansible-galera_server
scm: git
version: master
- name: rabbitmq_server
src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server
scm: git
version: master
- name: os_keystone
src: https://git.openstack.org/openstack/openstack-ansible-os_keystone
scm: git
version: master
- name: openstack_openrc
src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc
scm: git
version: master

27
tests/group_vars/all_containers.yml Normal file
View File

@ -0,0 +1,27 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ansible_ssh_host: "{{ ansible_host }}"
container_name: "{{ inventory_hostname }}"
container_networks:
management_address:
address: "{{ ansible_host }}"
bridge: "lxcbr0"
interface: "eth1"
netmask: "255.255.252.0"
type: "veth"
physical_host: localhost
properties:
service_name: "{{ inventory_hostname }}"

17
tests/group_vars/ironic_all.yml Normal file
View File

@ -0,0 +1,17 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
properties:
service_name: ironic

41
tests/inventory
View File

@ -1,8 +1,47 @@
[all]
localhost ansible_connection=local ansible_become=True
localhost ansible_connection=local ansible_become=True ansible_user=root
infra1 ansible_host=10.100.100.101 ansible_become=True ansible_user=root
ironic1 ansible_host=10.100.100.102 ansible_become=True ansible_user=root
# Note(mrda): 'ironicinstallhost' will need to externally resolve to where
# you want to do an 'allinone' install, and the root account will need to have
# your ssh public_key in it's /root/.ssh/authorized_keys file
[installhost]
installhost ansible_user=root ansible_ssh_port=22 ansible_ssh_host=ironicinstallhost
[ironic_all:children]
ironic_api
ironic_conductor
ironic_server
[ironic_api]
ironic1
[ironic_conductor]
ironic1
[ironic_server]
ironic1
[hosts]
localhost
[all_containers]
infra1
ironic1
[keystone_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
[rabbitmq_all]
infra1
[galera_all]
infra1
[utility_all]
localhost

32
tests/test-install-infra.yml Normal file
View File

@ -0,0 +1,32 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying infra services
hosts: service_all
user: root
gather_facts: true
roles:
- role: "rabbitmq_server"
rabbitmq_cookie_token: secrete
- role: "galera_server"
galera_root_password: secrete
galera_root_user: root
galera_innodb_buffer_pool_size: 512M
galera_innodb_log_buffer_size: 32M
galera_server_id: "{{ inventory_hostname | string_2_int }}"
galera_wsrep_node_name: "{{ inventory_hostname }}"
galera_wsrep_provider_options:
- { option: "gcache.size", value: "32M" }
galera_server_id: "{{ inventory_hostname | string_2_int }}"

62
tests/test-install-ironic.yml Normal file
View File

@ -0,0 +1,62 @@
---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for installing Ironic
hosts: ironic_all
remote_user: root
pre_tasks:
- name: Ensure Rabbitmq vhost
rabbitmq_vhost:
name: "{{ ironic_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ ironic_rabbitmq_userid }}"
password: "{{ ironic_rabbitmq_password }}"
vhost: "{{ ironic_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
- name: Create database for ironic
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "localhost"
name: "{{ ironic_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
run_once: true
- name: Grant access to the DB
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "localhost"
name: "{{ ironic_galera_user }}"
password: "{{ ironic_galera_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ ironic_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
run_once: true
roles:
- role: "{{ rolename | basename }}"
vars_files:
- test-vars.yml

65
tests/test-install-keystone.yml Normal file
View File

@ -0,0 +1,65 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for deploying keystone
hosts: keystone_all
user: root
gather_facts: true
pre_tasks:
- name: Ensure rabbitmq vhost
rabbitmq_vhost:
name: "{{ keystone_rabbitmq_vhost }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
- name: Ensure rabbitmq user
rabbitmq_user:
user: "{{ keystone_rabbitmq_userid }}"
password: "{{ keystone_rabbitmq_password }}"
vhost: "{{ keystone_rabbitmq_vhost }}"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
- name: Create DB for service
mysql_db:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "localhost"
name: "{{ keystone_galera_database }}"
state: "present"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
- name: Grant access to the DB for the service
mysql_user:
login_user: "{{ galera_root_user }}"
login_password: "{{ galera_root_password }}"
login_host: "localhost"
name: "{{ keystone_galera_user }}"
password: "{{ keystone_container_mysql_password }}"
host: "{{ item }}"
state: "present"
priv: "{{ keystone_galera_database }}.*:ALL"
with_items:
- "localhost"
- "%"
delegate_to: "10.100.100.101"
when: inventory_hostname == groups['keystone_all'][0]
roles:
- role: os_keystone
vars_files:
- test-vars.yml

33
tests/test-prepare-containers.yml Normal file
View File

@ -0,0 +1,33 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for creating containers
hosts: all_containers
connection: local
gather_facts: false
roles:
- role: "lxc_container_create"
lxc_container_release: trusty
lxc_container_backing_store: dir
global_environment_variables:
PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
post_tasks:
- name: Wait for ssh to be available
local_action:
module: wait_for
port: "{{ ansible_ssh_port | default('22') }}"
host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
search_regex: OpenSSH
delay: 1

77
tests/test-prepare-host.yml Normal file
View File

@ -0,0 +1,77 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for configuring the LXC host
hosts: localhost
pre_tasks:
# Make sure OS does not have a stale package cache.
- name: Update apt cache
apt:
update_cache: yes
when: ansible_os_family == 'Debian'
- name: Ensure root's new public ssh key is in authorized_keys
authorized_key:
user: root
key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
manage_dir: no
- set_fact:
lxc_container_ssh_key: "{{ hostvars['127.0.0.1']['lxc_container_ssh_key'] }}"
- name: Check if this is an OpenStack-CI nodepool instance
stat:
path: /etc/nodepool/provider
register: nodepool
- name: Set the files to copy into the container cache for OpenStack-CI instances
set_fact:
lxc_container_cache_files:
- { src: '/etc/pip.conf', dest: '/etc/pip.conf' }
- { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' }
when: nodepool.stat.exists | bool
- name: Determine the existing Ubuntu repo configuration
shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list'
register: ubuntu_repo
changed_when: false
- name: Set apt repo facts based on discovered information
set_fact:
lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}"
lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}"
roles:
- role: "lxc_hosts"
lxc_net_address: 10.100.100.1
lxc_net_dhcp_range: 10.100.100.200,10.100.100.250
lxc_net_bridge: lxcbr0
lxc_kernel_options:
- { key: 'fs.inotify.max_user_instances', value: 1024 }
lxc_container_caches:
- url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz"
name: "trusty.tgz"
sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c"
chroot_path: trusty/rootfs-amd64
- role: "openstack_openrc"
post_tasks:
# In the gate these packages get installed into .tox/functional, which is
# not where we need them to be. If we can figure out how to override this
# we can revert to using the pip module instead.
- name: Install pip packages
command: /usr/local/bin/pip install {{ item }}
register: install_packages
until: install_packages|success
retries: 5
delay: 2
with_items:
- lxc-python2
- python-openstackclient
- python-ironicclient
vars_files:
- test-vars.yml

31
tests/test-prepare-keys.yml Normal file
View File

@ -0,0 +1,31 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for establishing ssh keys
hosts: 127.0.0.1
connection: local
become: false
pre_tasks:
- name: Create ssh key pair for root
user:
name: "{{ ansible_ssh_user }}"
generate_ssh_key: "yes"
ssh_key_bits: 2048
ssh_key_file: ".ssh/id_rsa"
- name: Get the calling user's key
command: cat ~/.ssh/id_rsa.pub
register: key_get
- set_fact:
lxc_container_ssh_key: "{{ key_get.stdout }}"

69
tests/test-vars.yml Normal file
View File

@ -0,0 +1,69 @@
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
debug: True
galera_client_drop_config_file: false
galera_root_user: root
galera_root_password: "secrete"
rabbitmq_servers: 10.100.100.101:5672
rabbitmq_use_ssl: False
memcached_servers: 127.0.0.1
memcached_encryption_key: "secrete"
keystone_venv_tag: "testing"
keystone_developer_mode: true
keystone_git_install_branch: stable/mitaka
keystone_requirements_git_install_branch: stable/mitaka
keystone_service_password: "secrete"
keystone_galera_address: 10.100.100.101
keystone_galera_database: keystone
keystone_galera_user: keystone
keystone_container_mysql_password: "SuperSecrete"
keystone_auth_admin_token: "SuperSecreteTestToken"
keystone_admin_user_name: admin
keystone_admin_tenant_name: admin
keystone_auth_admin_password: "SuperSecretePassword"
keystone_service_internaluri: "http://10.100.100.101:5000"
keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
keystone_service_internaluri_insecure: false
keystone_service_adminuri: "http://10.100.100.101:35357"
keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
keystone_service_adminuri_insecure: false
keystone_service_publicuri: "{{ keystone_service_internaluri }}"
keystone_service_publicurl: "{{ keystone_service_internalurl }}"
keystone_rabbitmq_vhost: /keystone
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_password: "secrete"
keystone_rabbitmq_use_ssl: false
keystone_rabbitmq_port: 5672
keystone_rabbitmq_servers: 10.100.100.101
openrc_os_auth_url: "{{ keystone_service_internalurl }}"
openrc_os_password: "{{ keystone_auth_admin_password }}"
openrc_os_domain_name: "Default"
ironic_venv_tag: "testing"
ironic_developer_mode: true
ironic_git_install_branch: stable/mitaka
ironic_requirements_git_install_branch: stable/mitaka
ironic_service_publicuri: "http://10.100.100.102:6385"
ironic_service_adminuri: "{{ ironic_service_publicuri }}"
ironic_service_internaluri: "{{ ironic_service_publicuri }}"
ironic_service_password: "secrete"
ironic_galera_address: 10.100.100.101
ironic_galera_database: ironic
ironic_galera_user: ironic
ironic_galera_password: "SuperSecrete"
ironic_rabbitmq_password: "secrete"
ironic_rabbitmq_userid: ironic
ironic_rabbitmq_vhost: /ironic
ironic_standalone: True

24
tests/test.yml
View File

@ -1,5 +1,5 @@
---
# Copyright 2015, Rackspace US, Inc.
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -13,8 +13,20 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Playbook for role testing
hosts: localhost
remote_user: root
roles:
- role: "{{ rolename | basename }}"
# Prepare the user ssh keys
- include: test-prepare-keys.yml
# Prepare the host
- include: test-prepare-host.yml
# Prepare the containers
- include: test-prepare-containers.yml
# Install RabbitMQ/MariaDB
- include: test-install-infra.yml
# Install Keystone
- include: test-install-keystone.yml
# Install Ironic
- include: test-install-ironic.yml

35
tox.ini
View File

@ -15,7 +15,7 @@ whitelist_externals =
bash
git
rm
echo
wget
setenv =
VIRTUAL_ENV={envdir}
ANSIBLE_HOST_KEY_CHECKING = False
@ -106,25 +106,20 @@ commands =
[testenv:functional]
commands =
echo -e "\n *******************************************************\n" \
"**** Functional Testing is still to be implemented ****\n" \
"**** TODO: Write tests here ****\n" \
"*******************************************************\n"
# As a temporary measure, while functional testing is being worked on, we
# will not execute the functional test. This allows other patches to be
# worked on while the functional testing is being worked out.
#rm -rf {homedir}/.ansible
#git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
# {homedir}/.ansible/plugins
#ansible-galaxy install \
# --role-file={toxinidir}/tests/ansible-role-requirements.yml \
# --ignore-errors \
# --force
#ansible-playbook -i {toxinidir}/tests/inventory \
# -e "rolename={toxinidir}" \
# -vv \
# {toxinidir}/tests/test.yml
rm -rf {homedir}/.ansible
git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
{homedir}/.ansible/plugins
# This plugin makes the ansible-playbook output easier to read
wget -O {homedir}/.ansible/plugins/callback/human_log.py \
https://gist.githubusercontent.com/cliffano/9868180/raw/f360f306b3c6d689734a6aa8773a00edf16a0054/human_log.py
ansible-galaxy install \
--role-file={toxinidir}/tests/ansible-role-requirements.yml \
--ignore-errors \
--force
ansible-playbook -i {toxinidir}/tests/inventory \
-e "rolename={toxinidir}" \
-vv \
{toxinidir}/tests/test.yml
[testenv:linters]
commands =