diff --git a/tools/deployment/component/common/openstack.sh b/tools/deployment/component/common/openstack.sh index a617f666b9..94221ebd72 100755 --- a/tools/deployment/component/common/openstack.sh +++ b/tools/deployment/component/common/openstack.sh @@ -123,11 +123,6 @@ helm upgrade --install $release ${OSH_HELM_REPO}/openstack \ --namespace=$namespace \ --timeout=1200s -# If compute kit installed using Tungsten Fubric, it will be alive when Tunsten Fabric become active. -if [[ "$FEATURE_GATES" =~ (,|^)tf(,|$) ]]; then - exit 0 -fi - #NOTE: Wait for deploy helm osh wait-for-pods $namespace 1800 diff --git a/tools/deployment/component/compute-kit/compute-kit.sh b/tools/deployment/component/compute-kit/compute-kit.sh index c85b7cd0f9..27d8569e86 100755 --- a/tools/deployment/component/compute-kit/compute-kit.sh +++ b/tools/deployment/component/compute-kit/compute-kit.sh @@ -96,10 +96,6 @@ helm upgrade --install neutron ${OSH_HELM_REPO}/neutron \ ${OSH_EXTRA_HELM_ARGS:=} \ ${OSH_EXTRA_HELM_ARGS_NEUTRON} -# If compute kit installed using Tungsten Fubric, it will be alive when Tunsten Fabric become active. -if [[ "$FEATURE_GATES" =~ (,|^)tf(,|$) ]]; then - exit 0 -fi #NOTE: Wait for deploy helm osh wait-for-pods openstack diff --git a/tools/deployment/component/compute-kit/tungsten-fabric.sh b/tools/deployment/component/compute-kit/tungsten-fabric.sh deleted file mode 100755 index 652a6cf62c..0000000000 --- a/tools/deployment/component/compute-kit/tungsten-fabric.sh +++ /dev/null @@ -1,249 +0,0 @@ -#!/bin/bash - -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -set -xe - -stages="prepare deploy checkdns setupdns" -OSH_INFRA_PATH=${OSH_INFRA_PATH:="../openstack-helm-infra"} -: ${RUN_HELM_TESTS:="yes"} - -function get_node_ip() { - local phys_int=$(ip route get 1 | grep -o 'dev.*' | awk '{print($2)}') - local node_ip=$(ip addr show dev $phys_int | grep -Pom1 "(?<=inet )([0-9]+\.{0,1}){4}") - echo $node_ip -} - -function nic_has_ip() { - local nic=$1 - if nic_ip=$(ip addr show $nic | grep -Pom1 "(?<=inet )([0-9]+\.{0,1}){4}"); then - printf "\n$nic has IP $nic_ip" - return 0 - else - return 1 - fi -} - -function wait_cmd_success() { - # silent mode = don't print output of input cmd for each attempt. - local cmd=$1 - local interval=${2:-3} - local max=${3:-300} - local silent_cmd=${4:-1} - - local state_save=$(set +o) - set +o xtrace - set -o pipefail - local i=0 - if [[ "$silent_cmd" != "0" ]]; then - local to_dev_null="&>/dev/null" - else - local to_dev_null="" - fi - while ! eval "$cmd" "$to_dev_null"; do - printf "." - i=$((i + 1)) - if (( i > max )) ; then - echo "" - echo "ERROR: wait failed in $((i*10))s" - eval "$cmd" - eval "$state_save" - return 1 - fi - sleep $interval - done - echo "" - echo "INFO: done in $((i*10))s" - eval "$state_save" -} - -function wait_nic_up() { - local nic=$1 - printf "INFO: wait for $nic is up" - if ! wait_cmd_success "nic_has_ip $nic" 10 60; then - echo "ERROR: $nic is not up" - echo "INFO: Start vrouter logs" - local agent_pod=$(kubectl get pods -n tungsten-fabric --no-headers -o custom-columns=NAME:.metadata.name) - kubectl describe pod $agent_pod -n tungsten-fabric - echo "INFO: vrouter-agent logs" - kubectl logs $agent_pod -n tungsten-fabric -c contrail-vrouter-agent - echo "INFO: vrouter-init-kernel logs" - kubectl logs $agent_pod -c contrail-vrouter-init-kernel -n tungsten-fabric - sudo docker image list - echo "INFO: End vrouter logs" - return 1 - fi - echo "INFO: $nic is up" -} - -function show_usage_tf(){ - cat < - -Possible stages are: - - 'setupdns' - configure DNS for use k8s using resolvconf service - - Install resolvconf service - - Add k8s cluster IP as a nameserver to the config - - 'prepare' - prepared host to deploy Tungsten fabric: - - add an tf.yaml file to libvirt/values_overrides - - comment lines in compute_kit.sh which wait nova and neutron is working and run tests - - check and add line to /etc/hosts file - Run 'preapare' stage after install kubernetes and before run libvirt.sh and compute_kit.sh - - 'deploy' - deploy Tungsten fabric: - - download tf Helm charts - - prepare tf config - - deploy Tungsten fabric to Kubernetes - - wait for tf pods - - wait for openstack pods - - run couple of openstack commands and nova tests - Run 'deploy' stage after compute_kit.sh -EOF -} - -# 'setupdns' stage implementation -function setupdns_tf() { - local distro=$(cat /etc/*release | egrep '^ID=' | awk -F= '{print $2}' | tr -d \") - if [[ $distro == 'ubuntu' ]] ; then - export DEBIAN_FRONTEND=noninteractive - sudo -E apt-get install -y resolvconf - dns_cluster_ip=`kubectl get svc kube-dns -n kube-system --no-headers -o custom-columns=":spec.clusterIP"` - echo "nameserver ${dns_cluster_ip}" | sudo tee -a /etc/resolvconf/resolv.conf.d/head > /dev/null - sudo systemctl restart resolvconf - fi -} - -# 'checkdns' stage -function checkdns_tf() { - cat /etc/resolv.conf -} - -# 'prepare' stage implementation -function prepare_tf(){ - # Linux kernel headers required to build vrouter kernel module on Ubuntu - local distro=$(cat /etc/*release | egrep '^ID=' | awk -F= '{print $2}' | tr -d \") - if [[ $distro == 'ubuntu' ]] ; then - sudo apt-get install -y linux-headers-$(uname -r) chrony - fi - # add an tf.yaml file to libvirt/values_overrides - cat < ${OSH_INFRA_PATH}/libvirt/values_overrides/tf.yaml ---- -network: - backend: - - tungstenfabric -dependencies: - dynamic: - targeted: - tungstenfabric: - libvirt: - daemonset: [] -conf: - qemu: - cgroup_device_acl: ["/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", "/dev/ptmx", "/dev/kvm", "/dev/kqemu", "/dev/rtc", "/dev/hpet", "/dev/net/tun"] -... - -EOF - - # check and add a line to /etc/hosts file - local node_ip=$(get_node_ip) - if ! cat /etc/hosts | grep "${node_ip}" ; then - local tf_hostname=$(hostname) - cat < ./tf-devstack-values.yaml -global: - contrail_env: - CONTAINER_REGISTRY: tungstenfabric - CONTRAIL_CONTAINER_TAG: "2020-06-08" - CONTROLLER_NODES: ${CONTROLLER_NODES} - JVM_EXTRA_OPTS: "-Xms1g -Xmx2g" - BGP_PORT: "1179" - CONFIG_DATABASE_NODEMGR__DEFAULTS__minimum_diskGB: "2" - DATABASE_NODEMGR__DEFAULTS__minimum_diskGB: "2" - LOG_LEVEL: SYS_DEBUG - VROUTER_ENCRYPTION: FALSE - ANALYTICS_ALARM_ENABLE: TRUE - ANALYTICS_SNMP_ENABLE: TRUE - ANALYTICSDB_ENABLE: TRUE - CLOUD_ORCHESTRATOR: ${CONTAINER_DISTRO_NAME} - node: - host_os: ubuntu -EOF - - # deploy Tungsten fabric to Kubernetes - sudo mkdir -p /var/log/contrail - kubectl create ns tungsten-fabric - helm upgrade --install --namespace tungsten-fabric tungsten-fabric tf-helm-deployer/contrail -f tf-devstack-values.yaml - kubectl label nodes --all opencontrail.org/vrouter-kernel=enabled - wait_nic_up vhost0 - kubectl label nodes --all opencontrail.org/controller=enabled - - # wait for tf pods - helm osh wait-for-pods tungsten-fabric - echo "INFO: Tungsten Fabric info" - # Display contrail state - sudo contrail-status - kubectl get pods -n tungsten-fabric - - # wait for openstack pods - helm osh wait-for-pods openstack - - # run couple of openstack commands and nova tests - openstack compute service list - openstack hypervisor list - if [ "x${RUN_HELM_TESTS}" != "xno" ]; then - ./tools/deployment/common/run-helm-tests.sh nova - ./tools/deployment/common/run-helm-tests.sh neutron - fi -} - -if [[ $# == 0 ]] ; then - echo "ERROR: You have to pass some stage in this script" - show_usage_tf - exit 1 -fi - -if [[ ! $stages =~ .*${1}.* ]] ; then - echo "ERROR: Not any valid stage has been found" - show_usage_tf - exit 1 -fi - -${1}_tf diff --git a/tools/gate/playbooks/inject-keys.yaml b/tools/gate/playbooks/inject-keys.yaml new file mode 100644 index 0000000000..59fec9d9ab --- /dev/null +++ b/tools/gate/playbooks/inject-keys.yaml @@ -0,0 +1,9 @@ +- hosts: all + tasks: + - name: Put keys to .ssh/authorized_keys + lineinfile: + path: /home/zuul/.ssh/authorized_keys + state: present + line: "{{ item }}" + loop: + - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMyM6sgu/Xgg+VaLJX5c6gy6ynYX7pO7XNobnKotYRulcEkmiLprvLSg+WP25VDAcSoif3rek3qiVnEYh6R2/Go= vlad@russell" diff --git a/zuul.d/2023.1.yaml b/zuul.d/2023.1.yaml index 78d4f1ba88..5656600c05 100644 --- a/zuul.d/2023.1.yaml +++ b/zuul.d/2023.1.yaml @@ -93,58 +93,3 @@ openstack_release: "2023.1" container_distro_name: ubuntu container_distro_version: focal - -- job: - name: openstack-helm-apparmor-compute-kit-2023-1-ubuntu_focal - parent: openstack-helm-compute-kit - nodeset: openstack-helm-1node-32GB-ubuntu_focal - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: apparmor - -- job: - name: openstack-helm-apparmor-cinder-2023-1-ubuntu_focal - parent: openstack-helm-cinder - nodeset: openstack-helm-1node-ubuntu_focal - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: apparmor - -- job: - name: openstack-helm-tungsten-fabric-2023-1-ubuntu_focal - parent: openstack-helm-tungsten-fabric - nodeset: openstack-helm-1node-32GB-ubuntu_focal - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: tf - -- job: - name: openstack-helm-netpol-compute-kit-2023-1-ubuntu_focal - parent: openstack-helm-netpol-compute-kit - nodeset: openstack-helm-1node-32GB-ubuntu_focal - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: netpol - -- job: - name: openstack-helm-netpol-cinder-2023-1-ubuntu_focal - parent: openstack-helm-netpol-cinder - nodeset: openstack-helm-1node-ubuntu_focal - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: netpol diff --git a/zuul.d/2024.1.yaml b/zuul.d/2024.1.yaml index eabdbfee9f..7c21647289 100644 --- a/zuul.d/2024.1.yaml +++ b/zuul.d/2024.1.yaml @@ -115,6 +115,11 @@ parent: openstack-helm-umbrella nodeset: openstack-helm-3nodes-ubuntu_jammy vars: + # FIXME: Newer versions of Helm include improved + # validation checks that might flag immutable field + # updates that were previously not strictly enforced + # or detected in older versions. + helm_version: "v3.6.3" osh_params: openstack_release: "2024.1" container_distro_name: ubuntu diff --git a/zuul.d/base.yaml b/zuul.d/base.yaml index 35449d8da0..7d3465368e 100644 --- a/zuul.d/base.yaml +++ b/zuul.d/base.yaml @@ -44,25 +44,25 @@ timeout: 7200 pre-run: - tools/gate/playbooks/prepare-hosts.yaml + - tools/gate/playbooks/inject-keys.yaml post-run: tools/gate/playbooks/osh-infra-collect-logs.yaml run: - tools/gate/playbooks/deploy-env.yaml - tools/gate/playbooks/run-scripts.yaml vars: kubeadm: - pod_network_cidr: "10.244.0.0/24" + pod_network_cidr: "10.244.0.0/16" service_cidr: "10.96.0.0/16" osh_plugin_repo: "{{ zuul.project.src_dir }}/../openstack-helm-plugin" loopback_setup: true loopback_device: /dev/loop100 loopback_image: "/var/lib/openstack-helm/ceph-loop.img" ceph_osd_data_device: /dev/loop100 - kube_version_repo: "v1.29" - kube_version: "1.29.5-1.1" - calico_version: "v3.27.0" - helm_version: "v3.6.3" - yq_version: "v4.6.0" - crictl_version: "v1.26.1" + kube_version_repo: "v1.30" + kube_version: "1.30.3-1.1" + calico_version: "v3.27.4" + helm_version: "v3.14.0" + crictl_version: "v1.30.1" zuul_osh_relative_path: ../openstack-helm zuul_osh_infra_relative_path: ../openstack-helm-infra gate_scripts_relative_path: ../openstack-helm @@ -358,89 +358,6 @@ - ./tools/deployment/common/use-it.sh - ./tools/deployment/common/force-cronjob-run.sh -- job: - name: openstack-helm-tungsten-fabric - parent: openstack-helm-deploy - abstract: true - timeout: 9600 - vars: - gate_scripts: - - ./tools/deployment/common/prepare-k8s.sh - - ./tools/deployment/common/prepare-charts.sh - - ./tools/deployment/common/setup-client.sh - - ./tools/deployment/common/ingress.sh - - - ./tools/deployment/component/common/mariadb.sh - - ./tools/deployment/component/common/memcached.sh - - ./tools/deployment/component/common/rabbitmq.sh - - - ./tools/deployment/component/compute-kit/tungsten-fabric.sh checkdns - - ./tools/deployment/component/compute-kit/tungsten-fabric.sh setupdns - - ./tools/deployment/component/keystone/keystone.sh - - - ./tools/deployment/component/heat/heat.sh - - export GLANCE_BACKEND=memory; ./tools/deployment/component/glance/glance.sh - - ./tools/deployment/component/compute-kit/tungsten-fabric.sh prepare - - ./tools/deployment/component/compute-kit/libvirt.sh - - ./tools/deployment/component/compute-kit/compute-kit.sh - - ./tools/deployment/component/compute-kit/tungsten-fabric.sh deploy - -- job: - name: openstack-helm-netpol-compute-kit - parent: openstack-helm-deploy - abstract: true - timeout: 7200 - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: netpol - gate_scripts: - - ./tools/deployment/common/prepare-k8s.sh - - ./tools/deployment/common/prepare-charts.sh - - ./tools/deployment/common/setup-client.sh - - ./tools/deployment/common/ingress.sh - - ./tools/deployment/common/lockdown-netpol.sh - - ./tools/deployment/component/common/mariadb.sh - - ./tools/deployment/component/common/memcached.sh - - ./tools/deployment/component/common/rabbitmq.sh - - ./tools/deployment/component/keystone/keystone.sh - - ./tools/deployment/component/heat/heat.sh - - export GLANCE_BACKEND=memory; ./tools/deployment/component/glance/glance.sh - - ./tools/deployment/component/compute-kit/openvswitch.sh - - ./tools/deployment/component/compute-kit/libvirt.sh - - ./tools/deployment/component/compute-kit/compute-kit.sh - - ./tools/deployment/component/horizon/horizon.sh - - ./tools/deployment/common/openstack-exporter.sh - - ./tools/deployment/common/use-it.sh - - ./tools/deployment/common/test-networkpolicy.sh - -- job: - name: openstack-helm-netpol-cinder - parent: openstack-helm-deploy - abstract: true - timeout: 7200 - vars: - osh_params: - openstack_release: "2023.1" - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: netpol - gate_scripts: - - ./tools/deployment/common/prepare-k8s.sh - - ./tools/deployment/common/prepare-charts.sh - - ./tools/deployment/common/setup-client.sh - - ./tools/deployment/component/ceph/ceph.sh - - ./tools/deployment/component/ceph/ceph-ns-activate.sh - - ./tools/deployment/common/lockdown-netpol.sh - - ./tools/deployment/common/ingress.sh - - ./tools/deployment/component/common/mariadb.sh - - ./tools/deployment/component/common/memcached.sh - - ./tools/deployment/component/common/rabbitmq.sh - - ./tools/deployment/component/keystone/keystone.sh - - ./tools/deployment/component/cinder/cinder.sh - - ./tools/deployment/component/horizon/horizon.sh - - ./tools/deployment/common/openstack-exporter.sh - - ./tools/deployment/common/test-networkpolicy.sh - - job: name: openstack-helm-tacker parent: openstack-helm-deploy diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index f231944c0a..ce903b82bc 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -23,9 +23,6 @@ jobs: - openstack-helm-lint - openstack-helm-bandit - # Zed - - openstack-helm-cinder-zed-ubuntu_jammy - - openstack-helm-compute-kit-zed-ubuntu_jammy # 2023.1 - openstack-helm-cinder-2023-1-ubuntu_focal # 3 nodes - openstack-helm-compute-kit-2023-1-ubuntu_focal # 3 nodes @@ -54,11 +51,6 @@ - publish-openstack-helm-charts experimental: jobs: - - openstack-helm-apparmor-compute-kit-2023-1-ubuntu_focal - - openstack-helm-apparmor-cinder-2023-1-ubuntu_focal - - openstack-helm-netpol-compute-kit-2023-1-ubuntu_focal - - openstack-helm-netpol-cinder-2023-1-ubuntu_focal - - openstack-helm-tungsten-fabric-2023-1-ubuntu_focal - openstack-helm-tacker-2023-1-ubuntu_focal periodic: jobs: diff --git a/zuul.d/yoga.yaml b/zuul.d/yoga.yaml deleted file mode 100644 index a153adf8c6..0000000000 --- a/zuul.d/yoga.yaml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- job: - name: openstack-helm-cinder-yoga-ubuntu_focal - parent: openstack-helm-cinder - nodeset: openstack-helm-1node-32GB-ubuntu_focal - vars: - osh_params: - openstack_release: yoga - container_distro_name: ubuntu - container_distro_version: focal - -- job: - name: openstack-helm-compute-kit-yoga-ubuntu_focal - parent: openstack-helm-compute-kit - nodeset: openstack-helm-1node-32GB-ubuntu_focal - vars: - osh_params: - openstack_release: yoga - container_distro_name: ubuntu - container_distro_version: focal - -- job: - name: openstack-helm-horizon-yoga-ubuntu_focal - parent: openstack-helm-horizon - nodeset: openstack-helm-1node-32GB-ubuntu_focal - vars: - osh_params: - openstack_release: yoga - container_distro_name: ubuntu - container_distro_version: focal diff --git a/zuul.d/zed.yaml b/zuul.d/zed.yaml deleted file mode 100644 index 30e64e6e26..0000000000 --- a/zuul.d/zed.yaml +++ /dev/null @@ -1,72 +0,0 @@ ---- -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- job: - name: openstack-helm-cinder-zed-ubuntu_focal - parent: openstack-helm-cinder - nodeset: openstack-helm-1node-ubuntu_focal - vars: - osh_params: - openstack_release: zed - container_distro_name: ubuntu - container_distro_version: focal - -- job: - name: openstack-helm-cinder-zed-ubuntu_jammy - parent: openstack-helm-cinder - nodeset: openstack-helm-1node-ubuntu_jammy - vars: - osh_params: - openstack_release: zed - container_distro_name: ubuntu - container_distro_version: jammy - -- job: - name: openstack-helm-horizon-zed-ubuntu_focal - parent: openstack-helm-horizon - nodeset: openstack-helm-1node-ubuntu_focal - vars: - osh_params: - openstack_release: zed - container_distro_name: ubuntu - container_distro_version: focal - -- job: - name: openstack-helm-horizon-zed-ubuntu_jammy - parent: openstack-helm-horizon - nodeset: openstack-helm-1node-ubuntu_jammy - vars: - osh_params: - openstack_release: zed - container_distro_name: ubuntu - container_distro_version: jammy - -- job: - name: openstack-helm-compute-kit-zed-ubuntu_focal - parent: openstack-helm-compute-kit - nodeset: openstack-helm-3nodes-ubuntu_focal - vars: - osh_params: - openstack_release: zed - container_distro_name: ubuntu - container_distro_version: focal - -- job: - name: openstack-helm-compute-kit-zed-ubuntu_jammy - parent: openstack-helm-compute-kit - nodeset: openstack-helm-3nodes-ubuntu_jammy - vars: - osh_params: - openstack_release: zed - container_distro_name: ubuntu - container_distro_version: jammy