From 23f25f425e9a13f91436a4008a3ad9b0ef2066ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fl=C3=A1vio=20Ramalho?= Date: Thu, 12 May 2016 10:28:58 -0300 Subject: [PATCH] Initial import --- .gitignore | 68 +++++ .gitreview | 5 + CONTRIBUTING.rst | 100 +++++++ LICENSE | 202 ++++++++++++++ README.rst | 23 ++ Vagrantfile | 13 + defaults/main.yml | 173 ++++++++++++ doc/Makefile | 195 +++++++++++++ doc/source/conf.py | 290 ++++++++++++++++++++ doc/source/index.rst | 1 + handlers/main.yml | 33 +++ meta/main.yml | 29 ++ other-requirements.txt | 16 ++ releasenotes/notes/.placeholder | 0 releasenotes/source/_static/.placeholder | 0 releasenotes/source/_templates/.placeholder | 0 releasenotes/source/conf.py | 274 ++++++++++++++++++ releasenotes/source/index.rst | 9 + releasenotes/source/mitaka.rst | 6 + releasenotes/source/unreleased.rst | 5 + run_tests.sh | 43 +++ setup.cfg | 24 ++ setup.py | 22 ++ tasks/main.yml | 25 ++ tasks/sahara_db_setup.yml | 36 +++ tasks/sahara_install.yml | 207 ++++++++++++++ tasks/sahara_install_apt.yml | 23 ++ tasks/sahara_post_install.yml | 44 +++ tasks/sahara_pre_install.yml | 73 +++++ tasks/sahara_service_setup.yml | 93 +++++++ tasks/sahara_upstart_common_init.yml | 32 +++ tasks/sahara_upstart_init.yml | 16 ++ templates/api-paste.ini.j2 | 33 +++ templates/policy.json.j2 | 72 +++++ templates/sahara-upstart-init.j2 | 44 +++ templates/sahara.conf.j2 | 74 +++++ test-requirements.txt | 9 + tests/ansible-role-requirements.yml | 52 ++++ tests/group_vars/all_containers.yml | 27 ++ tests/inventory | 24 ++ tests/test-install-infra.yml | 32 +++ tests/test-install-keystone.yml | 65 +++++ tests/test-install-sahara.yml | 67 +++++ tests/test-prepare-containers.yml | 33 +++ tests/test-prepare-host.yml | 55 ++++ tests/test-prepare-keys.yml | 33 +++ tests/test-sahara-functional.yml | 29 ++ tests/test-vars.yml | 62 +++++ tests/test.yml | 32 +++ tox.ini | 129 +++++++++ vars/ubuntu-14.04.yml | 23 ++ 51 files changed, 2975 insertions(+) create mode 100644 .gitignore create mode 100644 .gitreview create mode 100644 CONTRIBUTING.rst create mode 100644 LICENSE create mode 100644 README.rst create mode 100644 Vagrantfile create mode 100644 defaults/main.yml create mode 100644 doc/Makefile create mode 100644 doc/source/conf.py create mode 100644 doc/source/index.rst create mode 100644 handlers/main.yml create mode 100644 meta/main.yml create mode 100644 other-requirements.txt create mode 100644 releasenotes/notes/.placeholder create mode 100644 releasenotes/source/_static/.placeholder create mode 100644 releasenotes/source/_templates/.placeholder create mode 100644 releasenotes/source/conf.py create mode 100644 releasenotes/source/index.rst create mode 100644 releasenotes/source/mitaka.rst create mode 100644 releasenotes/source/unreleased.rst create mode 100755 run_tests.sh create mode 100644 setup.cfg create mode 100644 setup.py create mode 100644 tasks/main.yml create mode 100644 tasks/sahara_db_setup.yml create mode 100644 tasks/sahara_install.yml create mode 100644 tasks/sahara_install_apt.yml create mode 100644 tasks/sahara_post_install.yml create mode 100644 tasks/sahara_pre_install.yml create mode 100644 tasks/sahara_service_setup.yml create mode 100644 tasks/sahara_upstart_common_init.yml create mode 100644 tasks/sahara_upstart_init.yml create mode 100644 templates/api-paste.ini.j2 create mode 100644 templates/policy.json.j2 create mode 100644 templates/sahara-upstart-init.j2 create mode 100644 templates/sahara.conf.j2 create mode 100644 test-requirements.txt create mode 100644 tests/ansible-role-requirements.yml create mode 100644 tests/group_vars/all_containers.yml create mode 100644 tests/inventory create mode 100644 tests/test-install-infra.yml create mode 100644 tests/test-install-keystone.yml create mode 100644 tests/test-install-sahara.yml create mode 100644 tests/test-prepare-containers.yml create mode 100644 tests/test-prepare-host.yml create mode 100644 tests/test-prepare-keys.yml create mode 100644 tests/test-sahara-functional.yml create mode 100644 tests/test-vars.yml create mode 100644 tests/test.yml create mode 100644 tox.ini create mode 100644 vars/ubuntu-14.04.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..85dd134 --- /dev/null +++ b/.gitignore @@ -0,0 +1,68 @@ +# Compiled source # +################### +*.com +*.class +*.dll +*.exe +*.o +*.so +*.pyc +build/ +dist/ +doc/build/ + +# Packages # +############ +# it's better to unpack these files and commit the raw source +# git has its own built in compression methods +*.7z +*.dmg +*.gz +*.iso +*.jar +*.rar +*.tar +*.zip + +# Logs and databases # +###################### +*.log +*.sql +*.sqlite + +# OS generated files # +###################### +.DS_Store +.DS_Store? +._* +.Spotlight-V100 +.Trashes +.idea +.tox +*.sublime* +*.egg-info +Icon? +ehthumbs.db +Thumbs.db +.eggs + +# User driven backup files # +############################ +*.bak + +# Generated by pbr while building docs +###################################### +AUTHORS +ChangeLog + +# Files created by releasenotes build +releasenotes/build + +# Test temp files +tests/plugins + +# Vagrant testing artifacts +.vagrant + +# Files created by releasenotes build +releasenotes/build diff --git a/.gitreview b/.gitreview new file mode 100644 index 0000000..89d0ec6 --- /dev/null +++ b/.gitreview @@ -0,0 +1,5 @@ +[gerrit] +host=review.openstack.org +port=29418 +project=openstack/openstack-ansible-os_sahara.git +defaultbranch=stable/mitaka diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst new file mode 100644 index 0000000..6cc0800 --- /dev/null +++ b/CONTRIBUTING.rst @@ -0,0 +1,100 @@ +OpenStack-Ansible Glance +######################## +:tags: openstack, sahara, cloud, ansible +:category: \*nix + +contributor guidelines +^^^^^^^^^^^^^^^^^^^^^^ + +Filing Bugs +----------- + +Bugs should be filed on Launchpad, not GitHub: "https://bugs.launchpad.net +/openstack-ansible" + + +When submitting a bug, or working on a bug, please ensure the following +criteria are met: + * The description clearly states or describes the original problem or root + cause of the problem. + * Include historical information on how the problem was identified. + * Any relevant logs are included. + * The provided information should be totally self-contained. External + access to web services/sites should not be needed. + * Steps to reproduce the problem if possible. + + +Submitting Code +--------------- + +Changes to the project should be submitted for review via the Gerrit tool, +following the workflow documented at: +"http://docs.openstack.org/infra/manual/developers.html#development-workflow" + +Pull requests submitted through GitHub will be ignored and closed without +regard. + + +Extra +----- + +Tags: If it's a bug that needs fixing in a branch in addition to Master, add a + '\-backport-potential' tag (eg ``juno-backport-potential``). + There are predefined tags that will autocomplete. + +Status: + Please leave this alone, it should be New till someone triages the issue. + +Importance: + Should only be touched if it is a Blocker/Gating issue. If it is, please + set to High, and only use Critical if you have found a bug that can take + down whole infrastructures. + + +Style guide +----------- + +When creating tasks and other roles for use in Ansible please create then +using the YAML dictionary format. + +Example YAML dictionary format: + .. code-block:: yaml + + - name: The name of the tasks + module_name: + thing1: "some-stuff" + thing2: "some-other-stuff" + tags: + - some-tag + - some-other-tag + + +Example **NOT** in YAML dictionary format: + .. code-block:: yaml + + - name: The name of the tasks + module_name: thing1="some-stuff" thing2="some-other-stuff" + tags: + - some-tag + - some-other-tag + + +Usage of the ">" and "|" operators should be limited to Ansible conditionals +and command modules such as the ansible ``shell`` module. + + +Issues +------ + +When submitting an issue, or working on an issue please ensure the following +criteria are met: + * The description clearly states or describes the original problem or root + cause of the problem. + * Include historical information on how the problem was identified. + * Any relevant logs are included. + * If the issue is a bug that needs fixing in a branch other than Master, + add the ‘backport potential’ tag TO THE ISSUE (not the PR). + * The provided information should be totally self-contained. External + access to web services/sites should not be needed. + * If the issue is needed for a hotfix release, add the 'expedite' label. + * Steps to reproduce the problem if possible. diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e06d208 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/README.rst b/README.rst new file mode 100644 index 0000000..57b5d8f --- /dev/null +++ b/README.rst @@ -0,0 +1,23 @@ +OpenStack-Ansible Sahara +######################## +:tags: openstack, sahara, cloud, ansible +:category: \*nix + +This Ansible role installs and configures OpenStack sahara and sahara +engine. + +This role will install the following Upstart services: + * sahara-api + * sahara-engine + +.. code-block:: yaml + + - name: Install sahara server + hosts: sahara_all + user: root + roles: + - { role: "os_sahara", tags: [ "os-sahara" ] } + vars: + external_lb_vip_address: 172.16.24.1 + internal_lb_vip_address: 192.168.0.1 + sahara_galera_address: "{{ internal_lb_vip_address }}" diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..d09fc56 --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,13 @@ +Vagrant.configure(2) do |config| + config.vm.box = "ubuntu/trusty64" + config.vm.provider "virtualbox" do |v| + v.memory = 2048 + v.cpus = 2 + end + config.vm.provision "shell", inline: <<-SHELL + sudo su - + cd /vagrant + apt-get update + ./run_tests.sh + SHELL +end \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..03eab8f --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,173 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## Verbosity Options +debug: False +verbose: True + +sahara-dashboard_git_repo: https://git.openstack.org/openstack/sahara-dashboard +sahara-dashboard_git_install_branch: stable/mitaka +sahara-dashboard_requirements_git_repo: https://git.openstack.org/openstack/requirements +sahara_requirements_git_install_branch: stable/mitaka + +sahara_git_repo: https://git.openstack.org/openstack/sahara +sahara_git_install_branch: stable/mitaka +sahara_requirements_git_repo: https://git.openstack.org/openstack/requirements +sahara_requirements_git_install_branch: stable/mitaka +sahara_developer_mode: false +sahara_developer_constraints: + - "git+{{ sahara_git_repo }}@{{ sahara_git_install_branch }}#egg=sahara" + +# Name of the virtual env to deploy into +sahara_venv_tag: untagged +sahara_venv_bin: "/openstack/venvs/sahara-{{ sahara_venv_tag }}/bin" + +# Set this to enable or disable installing in a venv +sahara_venv_enabled: true + +# The bin path defaults to the venv path however if installation in a +# venv is disabled the bin path will be dynamically set based on the +# system path used when the installing. +sahara_bin: "{{ sahara_venv_bin }}" + +# Set the etc dir path where sahara is installed. +# This is used for role access to the db migrations. +# Example: +# sahara_etc_dir: "/usr/local/etc/sahara" +sahara_venv_etc_dir: "{{ sahara_bin | dirname }}/etc/sahara" +sahara_non_venv_etc_dir: "/usr/local/etc/sahara" +sahara_etc_dir: "{{ (sahara_venv_enabled | bool) | ternary(sahara_venv_etc_dir, sahara_non_venv_etc_dir) }}" + +sahara_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/sahara.tgz + +sahara_db_config: /etc/sahara/sahara.conf + +# Enable/Disable Ceilometer +sahara_ceilometer_enabled: False + +sahara_profiler_enabled: False +sahara_fatal_deprecations: False + +## System info +sahara_system_user_name: sahara +sahara_system_group_name: sahara +sahara_system_shell: /bin/false +sahara_system_comment: sahara system user +sahara_system_user_home: "/var/lib/{{ sahara_system_user_name }}" + +sahara_engine_host: "{{ internal_lb_vip_address }}" +sahara_rpc_backend: sahara.openstack.common.rpc.impl_kombu + +## RabbitMQ info +sahara_rabbitmq_userid: sahara +sahara_rabbitmq_vhost: /sahara + +## DB info +sahara_galera_database: sahara +sahara_galera_user: sahara + +sahara_role_name: admin +sahara_api_bind_address: 0.0.0.0 +sahara_api_service_port: 8386 +sahara_api_program_name: sahara-api +sahara_engine_program_name: sahara-engine + +## Service Type and Data +sahara_service_region: RegionOne +sahara_service_name: sahara +sahara_service_port: 8386 +sahara_service_proto: http +sahara_service_engine_proto: "{{ sahara_service_proto }}" +sahara_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(sahara_service_proto) }}" +sahara_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(sahara_service_proto) }}" +sahara_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(sahara_service_proto) }}" +sahara_service_type: data-processing +sahara_service_description: "Sahara Data Processing Service" +sahara_service_user_name: sahara +sahara_service_project_name: service +sahara_service_project_domain_id: default +sahara_service_user_domain_id: default +sahara_service_publicuri: "{{ sahara_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ sahara_service_port }}" +sahara_service_publicurl: "{{ sahara_service_publicuri }}/v1.1/%(tenant_id)s" +sahara_service_internaluri: "{{ sahara_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ sahara_service_port }}" +sahara_service_internalurl: "{{ sahara_service_internaluri }}/v1.1/%(tenant_id)s" +sahara_service_adminuri: "{{ sahara_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ sahara_service_port }}" +sahara_service_adminurl: "{{ sahara_service_adminuri }}/v1.1/%(tenant_id)s" + +## Keystone authentication middleware +sahara_keystone_auth_plugin: password + +## Sahara config +sahara_use_floating_ips: False +sahara_use_neutron: True +sahara_use_namespaces: False +sahara_plugins: vanilla,spark,cdh,ambari +sahara_global_remote_threshold: 100 +sahara_cluster_remote_threshold: 70 +sahara_os_region_name: "{{ sahara_service_region }}" + +# If ``sahara_api_workers`` is unset the system will use half the number of available VCPUS to +# compute the number of api workers to use. +# sahara_api_workers: 16 + +# If ``sahara_engine_workers`` is unset the system will use half the number of available VCPUS to +# compute the number of api workers to use. +# sahara_engine_workers: 16 + +sahara_task_executor: taskflow +sahara_digest_algorithm: sha256 +sahara_http_keepalive: True + +## Sahara policy +sahara_policy_file: policy.json +sahara_policy_default_rule: default +sahara_policy_dirs: policy.d + +## Policy vars +# Provide a list of access controls to update the default policy.json with. These changes will be merged +# with the access controls in the default policy.json. E.g. +#sahara_policy_overrides: +# "clusters:get_all": "" +# "clusters:create": "" + +sahara_service_in_ldap: False + +# Sahara packages that must be installed before anything else +sahara_required_pip_packages: + - virtualenv + - virtualenv-tools + - python-keystoneclient # Keystoneclient needed to OSA keystone lib + - httplib2 + +# Common pip packages +sahara_pip_packages: + - sahara + - keystonemiddleware + - PyMySQL + - python-memcached + - pycrypto + - python-saharaclient + - python-keystoneclient + - warlock + +## Service Names +sahara_service_names: + - "sahara-api" + - "sahara-engine" + +## Tunable overrides +sahara_api_paste_ini_overrides: {} +sahara_conf_overrides: {} +sahara_policy_overrides: {} diff --git a/doc/Makefile b/doc/Makefile new file mode 100644 index 0000000..8c7a4ec --- /dev/null +++ b/doc/Makefile @@ -0,0 +1,195 @@ +# Makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +PAPER = +BUILDDIR = build + +# User-friendly check for sphinx-build +ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) +$(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/) +endif + +# Internal variables. +PAPEROPT_a4 = -D latex_paper_size=a4 +PAPEROPT_letter = -D latex_paper_size=letter +ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source +# the i18n builder cannot share the environment and doctrees with the others +I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source + +.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest coverage gettext + +help: + @echo "Please use \`make ' where is one of" + @echo " html to make standalone HTML files" + @echo " dirhtml to make HTML files named index.html in directories" + @echo " singlehtml to make a single large HTML file" + @echo " pickle to make pickle files" + @echo " json to make JSON files" + @echo " htmlhelp to make HTML files and a HTML help project" + @echo " qthelp to make HTML files and a qthelp project" + @echo " applehelp to make an Apple Help Book" + @echo " devhelp to make HTML files and a Devhelp project" + @echo " epub to make an epub" + @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" + @echo " latexpdf to make LaTeX files and run them through pdflatex" + @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" + @echo " text to make text files" + @echo " man to make manual pages" + @echo " texinfo to make Texinfo files" + @echo " info to make Texinfo files and run them through makeinfo" + @echo " gettext to make PO message catalogs" + @echo " changes to make an overview of all changed/added/deprecated items" + @echo " xml to make Docutils-native XML files" + @echo " pseudoxml to make pseudoxml-XML files for display purposes" + @echo " linkcheck to check all external links for integrity" + @echo " doctest to run all doctests embedded in the documentation (if enabled)" + @echo " coverage to run coverage check of the documentation (if enabled)" + +clean: + rm -rf $(BUILDDIR)/* + +html: + $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." + +dirhtml: + $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." + +singlehtml: + $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml + @echo + @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." + +pickle: + $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle + @echo + @echo "Build finished; now you can process the pickle files." + +json: + $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json + @echo + @echo "Build finished; now you can process the JSON files." + +htmlhelp: + $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp + @echo + @echo "Build finished; now you can run HTML Help Workshop with the" \ + ".hhp project file in $(BUILDDIR)/htmlhelp." + +qthelp: + $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp + @echo + @echo "Build finished; now you can run "qcollectiongenerator" with the" \ + ".qhcp project file in $(BUILDDIR)/qthelp, like this:" + @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/openstack-ansible-os_sahara.qhcp" + @echo "To view the help file:" + @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/openstack-ansible-os_sahara.qhc" + +applehelp: + $(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp + @echo + @echo "Build finished. The help book is in $(BUILDDIR)/applehelp." + @echo "N.B. You won't be able to view it unless you put it in" \ + "~/Library/Documentation/Help or install it in your application" \ + "bundle." + +devhelp: + $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp + @echo + @echo "Build finished." + @echo "To view the help file:" + @echo "# mkdir -p $$HOME/.local/share/devhelp/openstack-ansible-os_sahara" + @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/openstack-ansible-os_sahara" + @echo "# devhelp" + +epub: + $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub + @echo + @echo "Build finished. The epub file is in $(BUILDDIR)/epub." + +latex: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo + @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." + @echo "Run \`make' in that directory to run these through (pdf)latex" \ + "(use \`make latexpdf' here to do that automatically)." + +latexpdf: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through pdflatex..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +latexpdfja: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through platex and dvipdfmx..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +text: + $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text + @echo + @echo "Build finished. The text files are in $(BUILDDIR)/text." + +man: + $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man + @echo + @echo "Build finished. The manual pages are in $(BUILDDIR)/man." + +texinfo: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo + @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." + @echo "Run \`make' in that directory to run these through makeinfo" \ + "(use \`make info' here to do that automatically)." + +info: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo "Running Texinfo files through makeinfo..." + make -C $(BUILDDIR)/texinfo info + @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." + +gettext: + $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale + @echo + @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." + +changes: + $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes + @echo + @echo "The overview file is in $(BUILDDIR)/changes." + +linkcheck: + $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck + @echo + @echo "Link check complete; look for any errors in the above output " \ + "or in $(BUILDDIR)/linkcheck/output.txt." + +doctest: + $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest + @echo "Testing of doctests in the sources finished, look at the " \ + "results in $(BUILDDIR)/doctest/output.txt." + +coverage: + $(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage + @echo "Testing of coverage in the sources finished, look at the " \ + "results in $(BUILDDIR)/coverage/python.txt." + +xml: + $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml + @echo + @echo "Build finished. The XML files are in $(BUILDDIR)/xml." + +pseudoxml: + $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml + @echo + @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." + +livehtml: html + sphinx-autobuild -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html diff --git a/doc/source/conf.py b/doc/source/conf.py new file mode 100644 index 0000000..270be55 --- /dev/null +++ b/doc/source/conf.py @@ -0,0 +1,290 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- +# +# openstack-ansible-os_sahara documentation build configuration file, created by +# sphinx-quickstart on Mon Apr 13 20:42:26 2015. +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'sphinx.ext.autodoc', + 'oslosphinx' +] + +# The link to the browsable source code (for the left hand menu) +oslosphinx_cgit_link = 'http://git.openstack.org/cgit/openstack/openstack-ansible-os_sahara' + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# source_suffix = ['.rst', '.md'] +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = 'openstack-ansible-os_sahara' +copyright = '2015, openstack-ansible-os_sahara contributors' +author = 'openstack-ansible-os_sahara contributors' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = 'master' +# The full version, including alpha/beta/rc tags. +release = 'master' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + +# If true, `todo` and `todoList` produce output, else they produce nothing. +todo_include_todos = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# html_theme = 'alabaster' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Language to be used for generating the HTML full-text search index. +# Sphinx supports the following languages: +# 'da', 'de', 'en', 'es', 'fi', 'fr', 'h', 'it', 'ja' +# 'nl', 'no', 'pt', 'ro', 'r', 'sv', 'tr' +# html_search_language = 'en' + +# A dictionary with options for the search language support, empty by default. +# Now only 'ja' uses this config value +# html_search_options = {'type': 'default'} + +# The name of a javascript file (relative to the configuration directory) that +# implements a search results scorer. If empty, the default will be used. +# html_search_scorer = 'scorer.js' + +# Output file base name for HTML help builder. +htmlhelp_basename = 'openstack-ansible-os_saharadoc' + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', + + # Latex figure (float) alignment + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'openstack-ansible-os_sahara.tex', + 'openstack-ansible-os_sahara Documentation', + 'openstack-ansible-os_sahara contributors', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, 'openstack-ansible-os_sahara', + 'openstack-ansible-os_sahara Documentation', + [author], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, 'openstack-ansible-os_sahara', + 'openstack-ansible-os_sahara Documentation', + author, 'openstack-ansible-os_sahara', 'One line description of project.', + 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False diff --git a/doc/source/index.rst b/doc/source/index.rst new file mode 100644 index 0000000..38ba804 --- /dev/null +++ b/doc/source/index.rst @@ -0,0 +1 @@ +.. include:: ../../README.rst \ No newline at end of file diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..7734e2a --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2014, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Restart sahara api + service: + name: "sahara-api" + state: "restarted" + pattern: "sahara-api" + +- name: Restart sahara engine + service: + name: "sahara-engine" + state: "restarted" + pattern: "sahara-engine" + +- name: Restart sahara services + service: + name: "{{ item }}" + state: "restarted" + pattern: "{{ item }}" + with_items: sahara_service_names diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..ee8f4a9 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,29 @@ +--- +galaxy_info: + author: flaviodsr + description: Installation and setup of sahara + company: LSD/UFCG + license: Apache2 + min_ansible_version: 1.6.6 + platforms: + - name: Ubuntu + versions: + - trusty + categories: + - cloud + - python + - sahara + - development + - openstack +dependencies: + - role: pip_lock_down + when: + - not sahara_developer_mode | bool + - role: pip_install + when: + - sahara_developer_mode | bool + - role: apt_package_pinning + when: + - ansible_pkg_mgr == 'apt' + - galera_client + - openstack_openrc diff --git a/other-requirements.txt b/other-requirements.txt new file mode 100644 index 0000000..6eac5c2 --- /dev/null +++ b/other-requirements.txt @@ -0,0 +1,16 @@ +# This file facilitates OpenStack-CI package installation +# before the execution of any tests. +# +# See the following for details: +# - http://docs.openstack.org/infra/bindep/ +# - https://github.com/openstack-infra/bindep +# +# Even if the role does not make use of this facility, it +# is better to have this file empty, otherwise OpenStack-CI +# will fall back to installing its default packages which +# will potentially be detrimental to the tests executed. + +# OpenStack-CI's Jenkins needs curl +# TODO(odyssey4me) remove this once https://review.openstack.org/288634 has merged +# and the disk images are rebuilt and redeployed. +curl diff --git a/releasenotes/notes/.placeholder b/releasenotes/notes/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/releasenotes/source/_static/.placeholder b/releasenotes/source/_static/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/releasenotes/source/_templates/.placeholder b/releasenotes/source/_templates/.placeholder new file mode 100644 index 0000000..e69de29 diff --git a/releasenotes/source/conf.py b/releasenotes/source/conf.py new file mode 100644 index 0000000..ee0bf3c --- /dev/null +++ b/releasenotes/source/conf.py @@ -0,0 +1,274 @@ +# -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# PROJECT_NAME Release Notes documentation build configuration file, created by +# sphinx-quickstart on Tue Nov 3 17:40:50 2015. +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'oslosphinx', + 'reno.sphinxext', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'OpenStack-Ansible Release Notes' +copyright = u'2015, OpenStack-Ansible Developers' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +import pbr.version +version_info = pbr.version.VersionInfo('openstack-ansible-os_sahara') +# The full version, including alpha/beta/rc tags. +release = version_info.version_string_with_vcs() +# The short X.Y version. +version = version_info.canonical_version_string() + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'default' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'OpenStackAnsibleReleaseNotesdoc' + + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ('index', 'OpenStackAnsibleReleaseNotes.tex', u'OpenStack-Ansible Release Notes Documentation', + u'OpenStack-Ansible Developers', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'openstackansiblereleasenotes', u'OpenStack-Ansible Release Notes Documentation', + [u'OpenStack-Ansible Developers'], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'OpenStackAnsibleReleaseNotes', u'OpenStack-Ansible Release Notes Documentation', + u'OpenStack-Ansible Developers', 'OpenStackAnsibleReleaseNotes', + 'One line description of project.', + 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False diff --git a/releasenotes/source/index.rst b/releasenotes/source/index.rst new file mode 100644 index 0000000..51c775b --- /dev/null +++ b/releasenotes/source/index.rst @@ -0,0 +1,9 @@ +================================ + OpenStack-Ansible Release Notes +================================ + +.. toctree:: + :maxdepth: 1 + + mitaka + unreleased diff --git a/releasenotes/source/mitaka.rst b/releasenotes/source/mitaka.rst new file mode 100644 index 0000000..0dc585c --- /dev/null +++ b/releasenotes/source/mitaka.rst @@ -0,0 +1,6 @@ +============================= + Mitaka Series Release Notes +============================= + +.. release-notes:: + :branch: origin/stable/mitaka diff --git a/releasenotes/source/unreleased.rst b/releasenotes/source/unreleased.rst new file mode 100644 index 0000000..cd22aab --- /dev/null +++ b/releasenotes/source/unreleased.rst @@ -0,0 +1,5 @@ +============================== + Current Series Release Notes +============================== + +.. release-notes:: diff --git a/run_tests.sh b/run_tests.sh new file mode 100755 index 0000000..d9d15b8 --- /dev/null +++ b/run_tests.sh @@ -0,0 +1,43 @@ +#!/usr/bin/env bash +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -euov + +FUNCTIONAL_TEST=${FUNCTIONAL_TEST:-true} + +# prep the host +if [ "$(which apt-get)" ]; then + apt-get install -y build-essential python2.7 python-dev git-core libssl-dev libffi-dev +fi + +# get pip, if necessary +if [ ! "$(which pip)" ]; then + curl --silent --show-error --retry 5 \ + https://bootstrap.pypa.io/get-pip.py | sudo python2.7 +fi + +# install tox +pip install tox + +# run through each tox env and execute the test +for tox_env in $(awk -F= '/envlist/ {print $2}' tox.ini | sed 's/,/ /g'); do + if [ "${tox_env}" != "functional" ]; then + tox -e ${tox_env} + elif [ "${tox_env}" == "functional" ]; then + if ${FUNCTIONAL_TEST}; then + tox -e ${tox_env} + fi + fi +done diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 0000000..28dc713 --- /dev/null +++ b/setup.cfg @@ -0,0 +1,24 @@ +[metadata] +name = openstack-ansible-os_sahara +summary = os_sahara for OpenStack Ansible +description-file = + README.rst +author = OpenStack +author-email = openstack-dev@lists.openstack.org +home-page = http://www.openstack.org/ +classifier = + Intended Audience :: Developers + Intended Audience :: System Administrators + License :: OSI Approved :: Apache Software License + Operating System :: POSIX :: Linux + +[build_sphinx] +all_files = 1 +build-dir = doc/build +source-dir = doc/source + +[pbr] +warnerrors = True + +[wheel] +universal = 1 diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..70c2b3f --- /dev/null +++ b/setup.py @@ -0,0 +1,22 @@ +#!/usr/bin/env python +# Copyright (c) 2013 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT +import setuptools + +setuptools.setup( + setup_requires=['pbr'], + pbr=True) diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..33c08b3 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,25 @@ +--- +- name: Gather variables for each operating system + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml" + - "{{ ansible_distribution | lower }}.yml" + - "{{ ansible_os_family | lower }}.yml" + tags: + - always + +- include: sahara_pre_install.yml +- include: sahara_install.yml +- include: sahara_post_install.yml +- include: sahara_upstart_init.yml + +- include: sahara_db_setup.yml + when: > + inventory_hostname == groups['sahara_all'][0] + +- include: sahara_service_setup.yml + when: > + inventory_hostname == groups['sahara_all'][0] + +- name: Flush handlers + meta: flush_handlers diff --git a/tasks/sahara_db_setup.yml b/tasks/sahara_db_setup.yml new file mode 100644 index 0000000..b632a02 --- /dev/null +++ b/tasks/sahara_db_setup.yml @@ -0,0 +1,36 @@ +--- +- name: Create DB for service + mysql_db: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "{{ sahara_galera_address }}" + name: "{{ sahara_galera_database }}" + state: "present" + tags: + - sahara-db-setup + +- name: Grant access to the DB for the service + mysql_user: + login_user: "{{ galera_root_user }}" + login_password: "{{ galera_root_password }}" + login_host: "{{ sahara_galera_address }}" + name: "{{ sahara_galera_user }}" + password: "{{ sahara_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ sahara_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + tags: + - sahara-db-setup + +- name: Perform a Sahara DB sync + command: "{{ sahara_bin }}/sahara-db-manage + --config-file {{ sahara_db_config }} upgrade head" + become: yes + become_user: "{{ sahara_system_user_name }}" + tags: + - sahara-db-sync + - sahara-setup + - sahara-command-bin diff --git a/tasks/sahara_install.yml b/tasks/sahara_install.yml new file mode 100644 index 0000000..9778841 --- /dev/null +++ b/tasks/sahara_install.yml @@ -0,0 +1,207 @@ +--- +- include: sahara_install_apt.yml + when: + - ansible_pkg_mgr == 'apt' + tags: + - sahara-install + - sahara-apt-packages + +- name: Create developer mode constraint file + copy: + dest: "/opt/developer-pip-constraints.txt" + content: | + {% for item in sahara_developer_constraints %} + {{ item }} + {% endfor %} + when: + - sahara_developer_mode | bool + tags: + - sahara-install + - sahara-pip-packages + +- name: Clone requirements git repository + git: + repo: "{{ sahara_requirements_git_repo }}" + dest: "/opt/requirements" + clone: yes + update: yes + version: "{{ sahara_requirements_git_install_branch }}" + when: + - sahara_developer_mode | bool + tags: + - sahara-install + - sahara-pip-packages + +- name: Add constraints to pip_install_options fact for developer mode + set_fact: + pip_install_options_fact: "{{ pip_install_options|default('') }} --constraint /opt/developer-pip-constraints.txt --constraint /opt/requirements/upper-constraints.txt" + when: + - sahara_developer_mode | bool + tags: + - sahara-install + - sahara-pip-packages + +- name: Set pip_install_options_fact when not in developer mode + set_fact: + pip_install_options_fact: "{{ pip_install_options|default('') }}" + when: + - not sahara_developer_mode | bool + tags: + - sahara-install + - sahara-pip-packages + +- name: Install required pip packages + pip: + name: "{{ item }}" + state: present + extra_args: "{{ pip_install_options_fact }}" + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: sahara_required_pip_packages + tags: + - sahara-install + - sahara-pip-packages + +- name: Get local venv checksum + stat: + path: "/var/cache/{{ sahara_venv_download_url | basename }}" + get_md5: False + when: + - not sahara_developer_mode | bool + - sahara_venv_enabled | bool + register: local_venv_stat + tags: + - sahara-install + - sahara-pip-packages + +- name: Get remote venv checksum + uri: + url: "{{ sahara_venv_download_url | replace('tgz', 'checksum') }}" + return_content: True + when: + - not sahara_developer_mode | bool + - sahara_venv_enabled | bool + register: remote_venv_checksum + tags: + - sahara-install + - sahara-pip-packages + +# TODO: When project moves to ansible 2 we can pass this a sha256sum which will: +# a) allow us to remove force: yes +# b) allow the module to calculate the checksum of dest file which would +# result in file being downloaded only if provided and dest sha256sum +# checksums differ +- name: Attempt venv download + get_url: + url: "{{ sahara_venv_download_url }}" + dest: "/var/cache/{{ sahara_venv_download_url | basename }}" + force: yes + ignore_errors: true + register: get_venv + when: + - not sahara_developer_mode | bool + - sahara_venv_enabled | bool + - (local_venv_stat.stat.exists == False or + {{ local_venv_stat.stat.checksum is defined and local_venv_stat.stat.checksum != remote_venv_checksum.content | trim }}) + tags: + - sahara-install + - sahara-pip-packages + +- name: Set sahara get_venv fact + set_fact: + sahara_get_venv: "{{ get_venv }}" + when: sahara_venv_enabled | bool + tags: + - sahara-install + - sahara-pip-packages + +- name: Remove existing venv + file: + path: "{{ sahara_venv_bin | dirname }}" + state: absent + when: + - sahara_venv_enabled | bool + - sahara_get_venv | changed + tags: + - sahara-install + - sahara-pip-packages + +- name: Create sahara venv dir + file: + path: "{{ sahara_venv_bin | dirname }}" + state: directory + when: + - not sahara_developer_mode | bool + - sahara_venv_enabled | bool + - sahara_get_venv | changed + tags: + - sahara-install + - sahara-pip-packages + +- name: Unarchive pre-built venv + unarchive: + src: "/var/cache/{{ sahara_venv_download_url | basename }}" + dest: "{{ sahara_venv_bin | dirname }}" + copy: "no" + when: + - not sahara_developer_mode | bool + - sahara_venv_enabled | bool + - sahara_get_venv | changed + notify: + - Restart sahara services + tags: + - sahara-install + - sahara-pip-packages + +- name: Update virtualenv path + command: > + virtualenv-tools --update-path=auto {{ sahara_venv_bin | dirname }} + when: + - not sahara_developer_mode | bool + - sahara_venv_enabled | bool + - sahara_get_venv | success + tags: + - sahara-install + - sahara-pip-packages + +- name: Install pip packages (venv) + pip: + name: "{{ item }}" + state: present + virtualenv: "{{ sahara_venv_bin | dirname }}" + virtualenv_site_packages: "no" + extra_args: "{{ pip_install_options_fact }}" + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: sahara_pip_packages + when: + - sahara_venv_enabled | bool + - sahara_get_venv | failed or sahara_developer_mode | bool + notify: + - Restart sahara services + tags: + - sahara-install + - sahara-pip-packages + +- name: Install pip packages (no venv) + pip: + name: "{{ item }}" + state: present + extra_args: "{{ pip_install_options_fact }}" + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: sahara_pip_packages + when: + - not sahara_venv_enabled | bool + - not sahara_developer_mode | bool + notify: + - Restart sahara services + tags: + - sahara-install + - sahara-pip-packages diff --git a/tasks/sahara_install_apt.yml b/tasks/sahara_install_apt.yml new file mode 100644 index 0000000..4b3ba25 --- /dev/null +++ b/tasks/sahara_install_apt.yml @@ -0,0 +1,23 @@ +#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache +#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged +#in 1.9.x or we move to 2.0 (if tested working) + +- name: Check apt last update file + stat: + path: /var/cache/apt + register: apt_cache_stat + +- name: Update apt if needed + apt: + update_cache: yes + when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}" + +- name: Install apt packages + apt: + pkg: "{{ item }}" + state: latest + register: install_packages + until: install_packages|success + retries: 5 + delay: 2 + with_items: sahara_apt_packages diff --git a/tasks/sahara_post_install.yml b/tasks/sahara_post_install.yml new file mode 100644 index 0000000..34f1df0 --- /dev/null +++ b/tasks/sahara_post_install.yml @@ -0,0 +1,44 @@ +--- +- name: Drop Sahara Config(s) + config_template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ sahara_system_user_name }}" + group: "{{ sahara_system_group_name }}" + mode: "0644" + config_overrides: "{{ item.config_overrides }}" + config_type: "{{ item.config_type }}" + with_items: + - src: "api-paste.ini.j2" + dest: "/etc/sahara/api-paste.ini" + config_overrides: "{{ sahara_api_paste_ini_overrides }}" + config_type: "ini" + - src: "sahara.conf.j2" + dest: "/etc/sahara/sahara.conf" + config_overrides: "{{ sahara_conf_overrides }}" + config_type: "ini" + - src: "policy.json.j2" + dest: "/etc/sahara/policy.json" + config_overrides: "{{ sahara_policy_overrides }}" + config_type: "json" + notify: + - Restart sahara api + - Restart sahara engine + tags: + - sahara-config + +- name: Get sahara command path + command: which sahara + register: sahara_command_path + when: + - not sahara_venv_enabled | bool + tags: + - sahara-command-bin + +- name: Set sahara command path + set_fact: + sahara_bin: "{{ sahara_command_path.stdout | dirname }}" + when: + - not sahara_venv_enabled | bool + tags: + - sahara-command-bin diff --git a/tasks/sahara_pre_install.yml b/tasks/sahara_pre_install.yml new file mode 100644 index 0000000..85a657a --- /dev/null +++ b/tasks/sahara_pre_install.yml @@ -0,0 +1,73 @@ +--- +- name: create the system group + group: + name: "{{ sahara_system_group_name }}" + state: "present" + system: "yes" + tags: + - sahara-group + +- name: Create the sahara system user + user: + name: "{{ sahara_system_user_name }}" + group: "{{ sahara_system_group_name }}" + comment: "{{ sahara_system_comment }}" + shell: "{{ sahara_system_shell }}" + system: "yes" + createhome: "yes" + home: "{{ sahara_system_user_home }}" + tags: + - sahara-user + +- name: Create sahara dir + file: + path: "{{ item.path }}" + state: directory + owner: "{{ item.owner|default(sahara_system_user_name) }}" + group: "{{ item.group|default(sahara_system_group_name) }}" + mode: "{{ item.mode|default('0755') }}" + with_items: + - { path: "/openstack", mode: "0755", owner: "root", group: "root" } + - { path: "/etc/sahara" } + - { path: "/var/cache/sahara" } + - { path: "{{ sahara_system_user_home }}" } + tags: + - sahara-dirs + +- name: Create sahara venv dir + file: + path: "{{ item.path }}" + state: directory + with_items: + - { path: "/openstack/venvs" } + - { path: "{{ sahara_venv_bin }}" } + when: sahara_venv_enabled | bool + tags: + - sahara-dirs + +- name: Test for log directory or link + shell: | + if [ -h "/var/log/sahara" ]; then + chown -h {{ sahara_system_user_name }}:{{ sahara_system_group_name }} "/var/log/sahara" + chown -R {{ sahara_system_user_name }}:{{ sahara_system_group_name }} "$(readlink /var/log/sahara)" + else + exit 1 + fi + register: log_dir + failed_when: false + changed_when: log_dir.rc != 0 + tags: + - sahara-dirs + - sahara-logs + +- name: Create sahara log dir + file: + path: "/var/log/sahara" + state: directory + owner: "{{ sahara_system_user_name }}" + group: "{{ sahara_system_group_name }}" + mode: "0755" + when: log_dir.rc != 0 + tags: + - sahara-dirs + - sahara-logs diff --git a/tasks/sahara_service_setup.yml b/tasks/sahara_service_setup.yml new file mode 100644 index 0000000..3eca9a2 --- /dev/null +++ b/tasks/sahara_service_setup.yml @@ -0,0 +1,93 @@ +--- +# Create a service +- name: Ensure sahara service + keystone: + command: "ensure_service" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + service_name: "{{ sahara_service_name }}" + service_type: "{{ sahara_service_type }}" + description: "{{ sahara_service_description }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + register: add_service + until: add_service|success + retries: 5 + delay: 2 + tags: + - sahara-api-setup + - sahara-service-add + - sahara-setup + +# Create an admin user +- name: Ensure sahara user + keystone: + command: "ensure_user" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + user_name: "{{ sahara_service_user_name }}" + tenant_name: "{{ sahara_service_project_name }}" + password: "{{ sahara_service_password }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + register: add_service + when: not sahara_service_in_ldap | bool + until: add_service|success + retries: 5 + delay: 10 + tags: + - sahara-api-setup + - sahara-service-add + - sahara-setup + +# Add a role to the user +- name: Ensure sahara user to admin role + keystone: + command: "ensure_user_role" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + user_name: "{{ sahara_service_user_name }}" + tenant_name: "{{ sahara_service_project_name }}" + role_name: "{{ sahara_role_name }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + register: add_service + when: not sahara_service_in_ldap | bool + until: add_service|success + retries: 5 + delay: 10 + tags: + - sahara-api-setup + - sahara-service-add + - sahara-setup + +# Create an endpoint +- name: Ensure sahara endpoint + keystone: + command: "ensure_endpoint" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + region_name: "{{ sahara_service_region }}" + service_name: "{{ sahara_service_name }}" + service_type: "{{ sahara_service_type }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + endpoint_list: + - url: "{{ sahara_service_publicurl }}" + interface: "public" + - url: "{{ sahara_service_internalurl }}" + interface: "internal" + - url: "{{ sahara_service_adminurl }}" + interface: "admin" + register: add_service + until: add_service|success + retries: 5 + delay: 10 + tags: + - sahara-api-setup + - sahara-service-add + - sahara-setup diff --git a/tasks/sahara_upstart_common_init.yml b/tasks/sahara_upstart_common_init.yml new file mode 100644 index 0000000..d1077f0 --- /dev/null +++ b/tasks/sahara_upstart_common_init.yml @@ -0,0 +1,32 @@ +--- +- name: Place the init script + template: + src: "sahara-upstart-init.j2" + dest: "/etc/init/{{ program_name }}.conf" + mode: "0644" + owner: "root" + group: "root" + notify: + - Restart sahara services + tags: + - upstart-init + - sahara-init + +- name: Reload init scripts + shell: | + initctl reload-configuration + notify: + - Restart sahara services + tags: + - upstart-init + - sahara-init + +- name: Load service + service: + name: "{{ program_name }}" + enabled: "yes" + notify: + - Restart sahara services + tags: + - upstart-init + - sahara-init diff --git a/tasks/sahara_upstart_init.yml b/tasks/sahara_upstart_init.yml new file mode 100644 index 0000000..4670c0e --- /dev/null +++ b/tasks/sahara_upstart_init.yml @@ -0,0 +1,16 @@ +--- +- include: sahara_upstart_common_init.yml + vars: + program_name: "{{ sahara_api_program_name }}" + service_name: "{{ sahara_service_name }}" + system_user: "{{ sahara_system_user_name }}" + system_group: "{{ sahara_system_group_name }}" + service_home: "{{ sahara_system_user_home }}" + +- include: sahara_upstart_common_init.yml + vars: + program_name: "{{ sahara_engine_program_name }}" + service_name: "{{ sahara_service_name }}" + system_user: "{{ sahara_system_user_name }}" + system_group: "{{ sahara_system_group_name }}" + service_home: "{{ sahara_system_user_home }}" diff --git a/templates/api-paste.ini.j2 b/templates/api-paste.ini.j2 new file mode 100644 index 0000000..5601274 --- /dev/null +++ b/templates/api-paste.ini.j2 @@ -0,0 +1,33 @@ +[pipeline:sahara] +pipeline = cors request_id acl auth_validator sahara_api + +[composite:sahara_api] +use = egg:Paste#urlmap +/: sahara_apiv11 + +[app:sahara_apiv11] +paste.app_factory = sahara.api.middleware.sahara_middleware:Router.factory + +# this app is only for use with the experimental v2 API +# [app:sahara_apiv2] +# paste.app_factory = sahara.api.middleware.sahara_middleware:RouterV2.factory + +[filter:cors] +paste.filter_factory = oslo_middleware.cors:filter_factory +oslo_config_project = sahara + +[filter:request_id] +paste.filter_factory = oslo_middleware.request_id:RequestId.factory + +[filter:acl] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory + +[filter:auth_validator] +paste.filter_factory = sahara.api.middleware.auth_valid:AuthValidator.factory + +# this filter is only for use with the experimental v2 API +# [filter:auth_validator_v2] +# paste.filter_factory = sahara.api.middleware.auth_valid:AuthValidatorV2.factory + +[filter:debug] +paste.filter_factory = oslo_middleware.debug:Debug.factory diff --git a/templates/policy.json.j2 b/templates/policy.json.j2 new file mode 100644 index 0000000..e3d2d30 --- /dev/null +++ b/templates/policy.json.j2 @@ -0,0 +1,72 @@ +{ + "context_is_admin": "role:admin", + "default": "", + + "data-processing:clusters:get_all": "", + "data-processing:clusters:create": "", + "data-processing:clusters:scale": "", + "data-processing:clusters:get": "", + "data-processing:clusters:delete": "", + "data-processing:clusters:modify": "", + + "data-processing:cluster-templates:get_all": "", + "data-processing:cluster-templates:create": "", + "data-processing:cluster-templates:get": "", + "data-processing:cluster-templates:modify": "", + "data-processing:cluster-templates:delete": "", + + "data-processing:node-group-templates:get_all": "", + "data-processing:node-group-templates:create": "", + "data-processing:node-group-templates:get": "", + "data-processing:node-group-templates:modify": "", + "data-processing:node-group-templates:delete": "", + + "data-processing:plugins:get_all": "", + "data-processing:plugins:get": "", + "data-processing:plugins:get_version": "", + "data-processing:plugins:convert_config": "", + + "data-processing:images:get_all": "", + "data-processing:images:get": "", + "data-processing:images:register": "", + "data-processing:images:unregister": "", + "data-processing:images:add_tags": "", + "data-processing:images:remove_tags": "", + + "data-processing:job-executions:get_all": "", + "data-processing:job-executions:get": "", + "data-processing:job-executions:refresh_status": "", + "data-processing:job-executions:cancel": "", + "data-processing:job-executions:delete": "", + "data-processing:job-executions:modify": "", + + "data-processing:data-sources:get_all": "", + "data-processing:data-sources:get": "", + "data-processing:data-sources:register": "", + "data-processing:data-sources:delete": "", + "data-processing:data-sources:modify": "", + + "data-processing:jobs:get_all": "", + "data-processing:jobs:create": "", + "data-processing:jobs:get": "", + "data-processing:jobs:delete": "", + "data-processing:jobs:get_config_hints": "", + "data-processing:jobs:execute": "", + "data-processing:jobs:modify": "", + + "data-processing:job-binaries:get_all": "", + "data-processing:job-binaries:create": "", + "data-processing:job-binaries:get": "", + "data-processing:job-binaries:delete": "", + "data-processing:job-binaries:get_data": "", + "data-processing:job-binaries:modify": "", + + "data-processing:job-binary-internals:get_all": "", + "data-processing:job-binary-internals:create": "", + "data-processing:job-binary-internals:get": "", + "data-processing:job-binary-internals:delete": "", + "data-processing:job-binary-internals:get_data": "", + "data-processing:job-binary-internals:modify": "", + + "data-processing:job-types:get_all": "" +} diff --git a/templates/sahara-upstart-init.j2 b/templates/sahara-upstart-init.j2 new file mode 100644 index 0000000..d9c079c --- /dev/null +++ b/templates/sahara-upstart-init.j2 @@ -0,0 +1,44 @@ +# {{ ansible_managed }} + +description "{{ program_name }}" +author "Kevin Carter " + +start on runlevel [2345] +stop on runlevel [016] + +respawn +respawn limit 10 5 + +# Set the RUNBIN environment variable +env RUNBIN="{{ sahara_bin }}/{{ program_name }}" + +# Change directory to service users home +chdir "{{ service_home }}" + +# Pre start actions +pre-start script + mkdir -p "/var/run/{{ program_name }}" + chown {{ system_user }}:{{ system_group }} "/var/run/{{ program_name }}" + + mkdir -p "/var/lock/{{ program_name }}" + chown {{ system_user }}:{{ system_group }} "/var/lock/{{ program_name }}" + + {% if sahara_venv_enabled | bool -%} + . {{ sahara_venv_bin }}/activate + {%- endif %} + +end script + +# Post stop actions +post-stop script + rm "/var/run/{{ program_name }}/{{ program_name }}.pid" +end script + +# Run the start up job +exec start-stop-daemon --start \ + --chuid {{ system_user }} \ + --make-pidfile \ + --pidfile /var/run/{{ program_name }}/{{ program_name }}.pid \ + --exec "{{ program_override|default('$RUNBIN') }}" \ + -- {{ program_config_options|default('') }} \ + --log-file=/var/log/sahara/{{ program_name }}.log diff --git a/templates/sahara.conf.j2 b/templates/sahara.conf.j2 new file mode 100644 index 0000000..75939bb --- /dev/null +++ b/templates/sahara.conf.j2 @@ -0,0 +1,74 @@ +# {{ ansible_managed }} + +{% set _api_threads = ansible_processor_vcpus|default(2) // 2 %} +{% set api_threads = _api_threads if _api_threads > 0 else 1 %} + +[DEFAULT] +verbose = {{ verbose }} +debug = {{ debug }} +log_file = /var/log/sahara/sahara.log +fatal_deprecations = {{ sahara_fatal_deprecations }} +host = {{ sahara_api_bind_address }} +port = {{ sahara_api_service_port }} +workers = {{ sahara_api_workers | default(api_threads) }} +use_floating_ips = {{ sahara_use_floating_ips }} +use_neutron = {{ sahara_use_neutron }} +use_namespaces = {{ sahara_use_namespaces }} +plugins = {{ sahara_plugins }} +global_remote_threshold = {{ sahara_global_remote_threshold }} +cluster_remote_threshold = {{ sahara_cluster_remote_threshold }} +os_region_name = {{ sahara_os_region_name }} + + +[database] +connection = mysql+pymysql://{{ sahara_galera_user }}:{{ sahara_container_mysql_password }}@{{ sahara_galera_address }}/{{ sahara_galera_database }}?charset=utf8 + + +[keystone_authtoken] +insecure = {{ keystone_service_internaluri_insecure | bool }} +auth_type = {{ sahara_keystone_auth_plugin }} +signing_dir = {{ sahara_system_user_home }}/cache/api +auth_url = {{ keystone_service_adminurl }} +auth_uri = {{ keystone_service_internaluri }} +project_domain_id = {{ sahara_service_project_domain_id }} +user_domain_id = {{ sahara_service_user_domain_id }} +project_name = {{ sahara_service_project_name }} +username = {{ sahara_service_user_name }} +password = {{ sahara_service_password }} + +memcached_servers = {{ memcached_servers }} + +token_cache_time = 300 +revocation_cache_time = 60 + +# if your memcached server is shared, use these settings to avoid cache poisoning +memcache_security_strategy = ENCRYPT +memcache_secret_key = {{ memcached_encryption_key }} + +# if your keystone deployment uses PKI, and you value security over performance: +check_revocations_for_cached = False + + +[oslo_policy] +policy_file = {{ sahara_policy_file }} +policy_default_rule = {{ sahara_policy_default_rule }} +policy_dirs = {{ sahara_policy_dirs }} + +{% if sahara_ceilometer_enabled %} +[oslo_messaging_notifications] +driver = messagingv2 +{% endif %} + + +[oslo_messaging_rabbit] +rabbit_hosts = {{ rabbitmq_servers }} +rabbit_port = {{ rabbitmq_port }} +rabbit_userid = {{ sahara_rabbitmq_userid }} +rabbit_password = {{ sahara_rabbitmq_password }} +rabbit_virtual_host = {{ sahara_rabbitmq_vhost }} +rabbit_use_ssl = {{ rabbitmq_use_ssl }} +rabbit_notification_exchange = sahara +rabbit_notification_topic = notifications + +[profiler] +enabled = {{ sahara_profiler_enabled }} diff --git a/test-requirements.txt b/test-requirements.txt new file mode 100644 index 0000000..a6cce40 --- /dev/null +++ b/test-requirements.txt @@ -0,0 +1,9 @@ +ansible-lint<=2.3.9 +ansible>=1.9.1,<2.0.0,!=1.9.6 +bashate +flake8 + +# this is required for the docs build jobs +sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 +oslosphinx>=2.5.0 # Apache-2.0 +reno>=0.1.1 # Apache-2.0 diff --git a/tests/ansible-role-requirements.yml b/tests/ansible-role-requirements.yml new file mode 100644 index 0000000..2de241f --- /dev/null +++ b/tests/ansible-role-requirements.yml @@ -0,0 +1,52 @@ +- name: apt_package_pinning + src: https://git.openstack.org/openstack/openstack-ansible-apt_package_pinning + scm: git + version: origin/stable/mitaka +- name: pip_install + src: https://git.openstack.org/openstack/openstack-ansible-pip_install + scm: git + version: origin/stable/mitaka +- name: pip_lock_down + src: https://git.openstack.org/openstack/openstack-ansible-pip_lock_down + scm: git + version: origin/stable/mitaka +- name: memcached_server + src: https://git.openstack.org/openstack/openstack-ansible-memcached_server + scm: git + version: origin/stable/mitaka +- name: py_from_git + src: https://git.openstack.org/openstack/openstack-ansible-py_from_git + scm: git + version: origin/stable/mitaka +- name: lxc_hosts + src: https://git.openstack.org/openstack/openstack-ansible-lxc_hosts + scm: git + version: origin/stable/mitaka +- name: lxc_container_create + src: https://git.openstack.org/openstack/openstack-ansible-lxc_container_create + scm: git + version: origin/stable/mitaka +- name: openstack_hosts + src: https://git.openstack.org/openstack/openstack-ansible-openstack_hosts + scm: git + version: origin/stable/mitaka +- name: galera_client + src: https://git.openstack.org/openstack/openstack-ansible-galera_client + scm: git + version: origin/stable/mitaka +- name: galera_server + src: https://git.openstack.org/openstack/openstack-ansible-galera_server + scm: git + version: origin/stable/mitaka +- name: rabbitmq_server + src: https://git.openstack.org/openstack/openstack-ansible-rabbitmq_server + scm: git + version: origin/stable/mitaka +- name: os_keystone + src: https://git.openstack.org/openstack/openstack-ansible-os_keystone + scm: git + version: origin/stable/mitaka +- name: openstack_openrc + src: https://git.openstack.org/openstack/openstack-ansible-openstack_openrc + scm: git + version: origin/stable/mitaka diff --git a/tests/group_vars/all_containers.yml b/tests/group_vars/all_containers.yml new file mode 100644 index 0000000..4cc9794 --- /dev/null +++ b/tests/group_vars/all_containers.yml @@ -0,0 +1,27 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ansible_ssh_host: "{{ ansible_host }}" +container_name: "{{ inventory_hostname }}" +container_networks: + management_address: + address: "{{ ansible_host }}" + bridge: "lxcbr0" + interface: "eth1" + netmask: "255.255.252.0" + type: "veth" +physical_host: localhost +properties: + service_name: "{{ inventory_hostname }}" diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 0000000..36cbf3a --- /dev/null +++ b/tests/inventory @@ -0,0 +1,24 @@ +[all] +localhost ansible_connection=local ansible_become=True +infra1 ansible_host=10.100.100.2 ansible_become=True ansible_user=root +openstack1 ansible_host=10.100.100.3 ansible_become=True ansible_user=root + +[all_containers] +infra1 +openstack1 + +[rabbitmq_all] +infra1 + +[galera_all] +infra1 + +[service_all:children] +rabbitmq_all +galera_all + +[keystone_all] +openstack1 + +[sahara_all] +openstack1 diff --git a/tests/test-install-infra.yml b/tests/test-install-infra.yml new file mode 100644 index 0000000..77a90bd --- /dev/null +++ b/tests/test-install-infra.yml @@ -0,0 +1,32 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Deploy infra services + hosts: service_all + user: root + gather_facts: true + roles: + - role: "rabbitmq_server" + rabbitmq_cookie_token: secrete + - role: "galera_server" + galera_root_password: secrete + galera_root_user: root + galera_innodb_buffer_pool_size: 512M + galera_innodb_log_buffer_size: 32M + galera_server_id: "{{ inventory_hostname | string_2_int }}" + galera_wsrep_node_name: "{{ inventory_hostname }}" + galera_wsrep_provider_options: + - { option: "gcache.size", value: "32M" } + galera_server_id: "{{ inventory_hostname | string_2_int }}" \ No newline at end of file diff --git a/tests/test-install-keystone.yml b/tests/test-install-keystone.yml new file mode 100644 index 0000000..c353636 --- /dev/null +++ b/tests/test-install-keystone.yml @@ -0,0 +1,65 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Deploy keystone + hosts: keystone_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ keystone_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ keystone_rabbitmq_userid }}" + password: "{{ keystone_rabbitmq_password }}" + vhost: "{{ keystone_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ keystone_galera_database }}" + password: "{{ keystone_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ keystone_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['keystone_all'][0] + roles: + - role: os_keystone + vars_files: + - test-vars.yml diff --git a/tests/test-install-sahara.yml b/tests/test-install-sahara.yml new file mode 100644 index 0000000..8e4ab92 --- /dev/null +++ b/tests/test-install-sahara.yml @@ -0,0 +1,67 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for deploying sahara + hosts: sahara_all + user: root + gather_facts: true + pre_tasks: + - name: Ensure rabbitmq vhost + rabbitmq_vhost: + name: "{{ sahara_rabbitmq_vhost }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['sahara_all'][0] + - name: Ensure rabbitmq user + rabbitmq_user: + user: "{{ sahara_rabbitmq_userid }}" + password: "{{ e_rabbitmq_password }}" + vhost: "{{ sahara_rabbitmq_vhost }}" + configure_priv: ".*" + read_priv: ".*" + write_priv: ".*" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['sahara_all'][0] + - name: Create DB for service + mysql_db: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ sahara_galera_database }}" + state: "present" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['sahara_all'][0] + - name: Grant access to the DB for the service + mysql_user: + login_user: "root" + login_password: "secrete" + login_host: "localhost" + name: "{{ sahara_galera_database }}" + password: "{{ sahara_container_mysql_password }}" + host: "{{ item }}" + state: "present" + priv: "{{ sahara_galera_database }}.*:ALL" + with_items: + - "localhost" + - "%" + delegate_to: "10.100.100.2" + when: inventory_hostname == groups['sahara_all'][0] + roles: + - role: "{{ rolename | basename }}" + post_tasks: + - include: test-sahara-functional.yml + vars_files: + - test-vars.yml diff --git a/tests/test-prepare-containers.yml b/tests/test-prepare-containers.yml new file mode 100644 index 0000000..ccb40af --- /dev/null +++ b/tests/test-prepare-containers.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Create test containers + hosts: all_containers + connection: local + gather_facts: false + roles: + - role: "lxc_container_create" + lxc_container_release: trusty + lxc_container_backing_store: dir + global_environment_variables: + PATH: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + post_tasks: + - name: Wait for ssh to be available + local_action: + module: wait_for + port: "{{ ansible_ssh_port | default('22') }}" + host: "{{ ansible_ssh_host | default(inventory_hostname) }}" + search_regex: OpenSSH + delay: 1 \ No newline at end of file diff --git a/tests/test-prepare-host.yml b/tests/test-prepare-host.yml new file mode 100644 index 0000000..7269940 --- /dev/null +++ b/tests/test-prepare-host.yml @@ -0,0 +1,55 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Perform baisc LXC host setup + hosts: localhost + pre_tasks: + - name: Ensure root's new public ssh key is in authorized_keys + authorized_key: + user: root + key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" + manage_dir: no + - set_fact: + lxc_container_ssh_key: "{{ hostvars['localhost']['lxc_container_ssh_key'] }}" + - name: Check if this is an OpenStack-CI nodepool instance + stat: + path: /etc/nodepool/provider + register: nodepool + - name: Set the files to copy into the container cache for OpenStack-CI instances + set_fact: + lxc_container_cache_files: + - { src: '/etc/pip.conf', dest: '/etc/pip.conf' } + - { src: '/etc/apt/apt.conf.d/99unauthenticated', dest: '/etc/apt/apt.conf.d/99unauthenticated' } + when: nodepool.stat.exists | bool + - name: Determine the existing Ubuntu repo configuration + shell: 'awk "/^deb .*ubuntu\/? {{ ansible_distribution_release }} main/ {print \$2; exit}" /etc/apt/sources.list' + register: ubuntu_repo + changed_when: false + - name: Set apt repo facts based on discovered information + set_fact: + lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}" + lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}" + roles: + - role: "lxc_hosts" + lxc_net_address: 10.100.100.1 + lxc_net_dhcp_range: 10.100.100.8,10.100.100.253 + lxc_net_bridge: lxcbr0 + lxc_kernel_options: + - { key: 'fs.inotify.max_user_instances', value: 1024 } + lxc_container_caches: + - url: "https://rpc-repo.rackspace.com/container_images/rpc-trusty-container.tgz" + name: "trusty.tgz" + sha256sum: "56c6a6e132ea7d10be2f3e8104f47136ccf408b30e362133f0dc4a0a9adb4d0c" + chroot_path: trusty/rootfs-amd64 diff --git a/tests/test-prepare-keys.yml b/tests/test-prepare-keys.yml new file mode 100644 index 0000000..d9c9636 --- /dev/null +++ b/tests/test-prepare-keys.yml @@ -0,0 +1,33 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# NOTE: we use become_user because setting become: no or become: false +# doesn't seem to override the ansible_become=true in the +# inventory +- name: Create ssh key pairs for use with containers + hosts: localhost + become_user: "{{ ansible_ssh_user }}" + pre_tasks: + - name: Create ssh key pair for root + user: + name: "{{ ansible_ssh_user }}" + generate_ssh_key: "yes" + ssh_key_bits: 2048 + ssh_key_file: ".ssh/id_rsa" + - name: Get the calling user's key + command: cat ~/.ssh/id_rsa.pub + register: key_get + - set_fact: + lxc_container_ssh_key: "{{ key_get.stdout }}" diff --git a/tests/test-sahara-functional.yml b/tests/test-sahara-functional.yml new file mode 100644 index 0000000..76bbb29 --- /dev/null +++ b/tests/test-sahara-functional.yml @@ -0,0 +1,29 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Packages need to be installed outside +# of venv to be usable by Ansible +- name: Install testing pip packages + pip: + name: "{{ item }}" + with_items: + - python-saharaclient + - python-keystoneclient + - httplib2 + +- name: Check the sahara-api + uri: + url: "http://localhost:8386" + status_code: 300 diff --git a/tests/test-vars.yml b/tests/test-vars.yml new file mode 100644 index 0000000..9bf8cf5 --- /dev/null +++ b/tests/test-vars.yml @@ -0,0 +1,62 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +external_lb_vip_address: 10.100.100.3 +galera_client_drop_config_file: false +galera_root_password: "secrete" +sahara_container_mysql_password: "SuperSecrete" +sahara_developer_mode: true +sahara_galera_address: 10.100.100.2 +sahara_galera_database: sahara +sahara_git_install_branch: stable/mitaka +sahara_profiler_hmac_key: "secrete" +sahara_rabbitmq_password: "secrete" +sahara_rabbitmq_userid: sahara +sahara_rabbitmq_vhost: /sahara +sahara_requirements_git_install_branch: stable/mitaka +sahara_service_password: "secrete" +sahara_venv_tag: "testing" +internal_lb_vip_address: 10.100.100.3 +keystone_admin_tenant_name: admin +keystone_admin_user_name: admin +keystone_auth_admin_password: "SuperSecretePassword" +keystone_container_mysql_password: "SuperSecrete" +keystone_developer_mode: true +keystone_galera_address: 10.100.100.2 +keystone_galera_database: keystone +keystone_git_install_branch: stable/mitaka +keystone_rabbitmq_password: "secrete" +keystone_rabbitmq_port: 5671 +keystone_rabbitmq_servers: 10.100.100.2 +keystone_rabbitmq_use_ssl: true +keystone_rabbitmq_userid: keystone +keystone_rabbitmq_vhost: /keystone +keystone_requirements_git_install_branch: stable/mitaka +keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357" +keystone_service_adminuri_insecure: false +keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" +keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000" +keystone_service_internaluri_insecure: false +keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" +keystone_service_password: "secrete" +keystone_venv_tag: "testing" +memcached_encryption_key: "secrete" +memcached_servers: 127.0.0.1 +openrc_os_auth_url: "http://127.0.0.1:5000/v3" +openrc_os_domain_name: "Default" +openrc_os_password: "{{ keystone_auth_admin_password }}" +rabbitmq_port: 5671 +rabbitmq_servers: 10.100.100.2 +rabbitmq_use_ssl: true diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..6876027 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,32 @@ +--- +# Copyright 2015, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Prepare the user ssh keys +- include: test-prepare-keys.yml + +# Prepare the host +- include: test-prepare-host.yml + +# Prepare the containers +- include: test-prepare-containers.yml + +# Install RabbitMQ/MariaDB +- include: test-install-infra.yml + +# Install Keystone +- include: test-install-keystone.yml + +# Install Glance +- include: test-install-sahara.yml diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..21c52cd --- /dev/null +++ b/tox.ini @@ -0,0 +1,129 @@ +[tox] +minversion = 1.6 +skipsdist = True +envlist = docs,linters,functional + + +[testenv] +usedevelop = True +install_command = pip install -U {opts} {packages} +deps = -r{toxinidir}/test-requirements.txt +commands = /usr/bin/find . -type f -name "*.pyc" -delete +passenv = + HOME +whitelist_externals = + bash + git + rm +setenv = + VIRTUAL_ENV={envdir} + ANSIBLE_HOST_KEY_CHECKING = False + ANSIBLE_SSH_CONTROL_PATH = /tmp/%%h-%%r + # TODO (odyssey4me) These are only here as they are non-standard folder + # names for Ansible 1.9.x. We are using the standard folder names for + # Ansible v2.x. We can remove this when we move to Ansible 2.x. + ANSIBLE_ACTION_PLUGINS = {homedir}/.ansible/plugins/action + ANSIBLE_CALLBACK_PLUGINS = {homedir}/.ansible/plugins/callback + ANSIBLE_FILTER_PLUGINS = {homedir}/.ansible/plugins/filter + ANSIBLE_LOOKUP_PLUGINS = {homedir}/.ansible/plugins/lookup + # This is required as the default is the current path or a path specified + # in ansible.cfg + ANSIBLE_LIBRARY = {homedir}/.ansible/plugins/library + # This is required as the default is '/etc/ansible/roles' or a path + # specified in ansible.cfg + ANSIBLE_ROLES_PATH = {homedir}/.ansible/roles:{toxinidir}/.. + + +[testenv:docs] +commands= + python setup.py build_sphinx + + +# environment used by the -infra templated docs job +[testenv:venv] +deps = -r{toxinidir}/test-requirements.txt +commands = {posargs} + + +[testenv:pep8] +commands = + # Run hacking/flake8 check for all python files + bash -c "grep --recursive --binary-files=without-match \ + --files-with-match '^.!.*python$' \ + --exclude-dir .eggs \ + --exclude-dir .git \ + --exclude-dir .tox \ + --exclude-dir *.egg-info \ + --exclude-dir doc \ + {toxinidir} | xargs flake8 --verbose" + +[flake8] +# Ignores the following rules due to how ansible modules work in general +# F403 'from ansible.module_utils.basic import *' used; +# unable to detect undefined names +# H303 No wildcard (*) import. +ignore=F403,H303 + + +[testenv:bashate] +commands = + # Run bashate check for all bash scripts + # Ignores the following rules: + # E003: Indent not multiple of 4 (we prefer to use multiples of 2) + # E006: Line longer than 79 columns (as many scripts use jinja + # templating, this is very difficult) + # E040: Syntax error determined using `bash -n` (as many scripts + # use jinja templating, this will often fail and the syntax + # error will be discovered in execution anyway) + bash -c "grep --recursive --binary-files=without-match \ + --files-with-match '^.!.*\(ba\)\?sh$' \ + --exclude-dir .tox \ + --exclude-dir .git \ + {toxinidir} | xargs bashate --error . --verbose --ignore=E003,E006,E040" + + +[testenv:ansible-syntax] +commands = + rm -rf {homedir}/.ansible + git clone https://git.openstack.org/openstack/openstack-ansible-plugins \ + {homedir}/.ansible/plugins + ansible-galaxy install \ + --role-file={toxinidir}/tests/ansible-role-requirements.yml \ + --ignore-errors \ + --force + ansible-playbook -i {toxinidir}/tests/inventory \ + --syntax-check \ + --list-tasks \ + -e "rolename={toxinidir}" \ + {toxinidir}/tests/test.yml + + +[testenv:ansible-lint] +commands = + ansible-lint {toxinidir}/tests/test.yml + + +[testenv:functional] +commands = + rm -rf {homedir}/.ansible + git clone https://git.openstack.org/openstack/openstack-ansible-plugins \ + {homedir}/.ansible/plugins + ansible-galaxy install \ + --role-file={toxinidir}/tests/ansible-role-requirements.yml \ + --ignore-errors \ + --force + ansible-playbook -i {toxinidir}/tests/inventory \ + -e "rolename={toxinidir}" \ + -vv \ + {toxinidir}/tests/test.yml + + +[testenv:linters] +commands = + {[testenv:pep8]commands} + {[testenv:bashate]commands} + {[testenv:ansible-lint]commands} + {[testenv:ansible-syntax]commands} + +[testenv:releasenotes] +commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html diff --git a/vars/ubuntu-14.04.yml b/vars/ubuntu-14.04.yml new file mode 100644 index 0000000..0afde09 --- /dev/null +++ b/vars/ubuntu-14.04.yml @@ -0,0 +1,23 @@ +# Copyright 2016, Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## APT Cache options +cache_timeout: 600 + +# Common apt packages +sahara_apt_packages: + - rpcbind + - rsync + - git + - nfs-common