From c8187582607473f8a8b5f0eed9631c2be2f357ec Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Mon, 20 Nov 2017 09:10:45 +0000 Subject: [PATCH 1/7] Remove support for colocated kolla & kolla-ansible Kolla-ansible python code was moved to the kolla-ansible repo in ocata. --- ansible/roles/kolla-ansible/tasks/main.yml | 1 - ansible/roles/kolla-ansible/vars/main.yml | 8 +------- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/ansible/roles/kolla-ansible/tasks/main.yml b/ansible/roles/kolla-ansible/tasks/main.yml index 54bf9286a..969f7a192 100644 --- a/ansible/roles/kolla-ansible/tasks/main.yml +++ b/ansible/roles/kolla-ansible/tasks/main.yml @@ -1,6 +1,5 @@ --- - include: install.yml - when: kolla_ansible_is_standalone | bool tags: - install diff --git a/ansible/roles/kolla-ansible/vars/main.yml b/ansible/roles/kolla-ansible/vars/main.yml index f612a0161..4d963c18f 100644 --- a/ansible/roles/kolla-ansible/vars/main.yml +++ b/ansible/roles/kolla-ansible/vars/main.yml @@ -1,12 +1,6 @@ --- -# kolla-ansible was bundled with kolla prior to Ocata (4.0.0). -kolla_ansible_is_standalone: "{{ kolla_ansible_source_version | version_compare('4.0.0', '>=') }}" - -# Name of the kolla-ansible python module. -kolla_ansible_module: "{% if kolla_ansible_is_standalone | bool %}kolla-ansible{% else %}kolla{% endif %}" - # Path to Kolla Ansible installation directory. -kolla_ansible_install_dir: "{{ kolla_ansible_venv }}/share/{{ kolla_ansible_module }}" +kolla_ansible_install_dir: "{{ kolla_ansible_venv }}/share/kolla-ansible" ############################################################################### # Inventory configuration. From 84e8ba948b780afec04c76c2a3043c0680c1724f Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 16 Nov 2017 16:39:46 +0000 Subject: [PATCH 2/7] Allow controllers and seed groups to be non-existent in kolla-ansible role --- ansible/roles/kolla-ansible/templates/overcloud-services.j2 | 2 +- ansible/roles/kolla-ansible/templates/seed.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/kolla-ansible/templates/overcloud-services.j2 b/ansible/roles/kolla-ansible/templates/overcloud-services.j2 index 3b9f9f4e4..a616d3cb7 100644 --- a/ansible/roles/kolla-ansible/templates/overcloud-services.j2 +++ b/ansible/roles/kolla-ansible/templates/overcloud-services.j2 @@ -193,7 +193,7 @@ ironic # FIXME: Ideally we wouldn't reference controllers in here directly, but only # one inspector service should exist, and groups can't be indexed in an # inventory (e.g. ironic[0]). -{% if groups['controllers'] | length > 0 %} +{% if groups.get('controllers', []) | length > 0 %} {{ groups['controllers'][0] }} {% endif %} diff --git a/ansible/roles/kolla-ansible/templates/seed.j2 b/ansible/roles/kolla-ansible/templates/seed.j2 index 6fa1609a8..2d0e80ab6 100644 --- a/ansible/roles/kolla-ansible/templates/seed.j2 +++ b/ansible/roles/kolla-ansible/templates/seed.j2 @@ -1,6 +1,6 @@ # Simple inventory for bootstrapping Kolla seed node. [seed] -{% for seed in groups['seed'] %} +{% for seed in groups.get('seed', []) %} {% set seed_hv=hostvars[seed] %} {{ seed }}{% if "ansible_host" in seed_hv %} ansible_host={{ seed_hv["ansible_host"] }}{% endif %} {% endfor %} From 817df37bf9d1ffdf564efe28c42e3d93293ddd66 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 16 Nov 2017 16:39:22 +0000 Subject: [PATCH 3/7] Don't quote a boolean value in globals.yml --- ansible/roles/kolla-ansible/tasks/install.yml | 4 ++-- ansible/roles/kolla-ansible/templates/globals.yml.j2 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/kolla-ansible/tasks/install.yml b/ansible/roles/kolla-ansible/tasks/install.yml index f1c0bb14f..19b161e40 100644 --- a/ansible/roles/kolla-ansible/tasks/install.yml +++ b/ansible/roles/kolla-ansible/tasks/install.yml @@ -47,10 +47,10 @@ state: present virtualenv: "{{ kolla_ansible_venv }}" with_items: - # Intall Kolla Ansible from source. + # Install Kolla Ansible from source. - name: "{{ kolla_ansible_source_path }}" install: "{{ kolla_ansible_ctl_install_type == 'source' }}" - # Intall Kolla Ansible from PyPI. + # Install Kolla Ansible from PyPI. - name: "kolla-ansible" version: "{{ kolla_openstack_release }}" install: "{{ kolla_ansible_ctl_install_type == 'binary' }}" diff --git a/ansible/roles/kolla-ansible/templates/globals.yml.j2 b/ansible/roles/kolla-ansible/templates/globals.yml.j2 index 48a137e73..f510b4aa8 100644 --- a/ansible/roles/kolla-ansible/templates/globals.yml.j2 +++ b/ansible/roles/kolla-ansible/templates/globals.yml.j2 @@ -135,7 +135,7 @@ neutron_tenant_network_types: {{ kolla_neutron_ml2_tenant_network_types | join(' # To provide encryption and authentication on the kolla_external_vip_interface, # TLS can be enabled. When TLS is enabled, certificates must be provided to # allow clients to perform authentication. -kolla_enable_tls_external: "{{ kolla_enable_tls_external }}" +kolla_enable_tls_external: {{ kolla_enable_tls_external | bool }} kolla_external_fqdn_cert: "{{ kolla_external_fqdn_cert }}" @@ -144,7 +144,7 @@ kolla_external_fqdn_cert: "{{ kolla_external_fqdn_cert }}" #################### # Use these options to set the various log levels across all OpenStack projects # Valid options are [ True, False ] -openstack_logging_debug: {{ kolla_openstack_logging_debug }} +openstack_logging_debug: {{ kolla_openstack_logging_debug | bool }} # Valid options are [ novnc, spice ] #nova_console: "novnc" From 10212674acb2f76182fc29dc806a1e46dda81a78 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 16 Nov 2017 16:38:42 +0000 Subject: [PATCH 4/7] Use ansible_user_id rather than ansible_user The former is a fact, the latter is used to configure the remote connection user for a host. --- ansible/roles/kolla-ansible/tasks/config.yml | 4 ++-- ansible/roles/kolla-ansible/tasks/install.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/kolla-ansible/tasks/config.yml b/ansible/roles/kolla-ansible/tasks/config.yml index 1a2686c98..e0dddff9c 100644 --- a/ansible/roles/kolla-ansible/tasks/config.yml +++ b/ansible/roles/kolla-ansible/tasks/config.yml @@ -3,8 +3,8 @@ file: path: "{{ item }}" state: directory - owner: "{{ ansible_user }}" - group: "{{ ansible_user }}" + owner: "{{ ansible_user_id }}" + group: "{{ ansible_user_id }}" mode: 0750 become: True with_items: diff --git a/ansible/roles/kolla-ansible/tasks/install.yml b/ansible/roles/kolla-ansible/tasks/install.yml index 19b161e40..0b0e93284 100644 --- a/ansible/roles/kolla-ansible/tasks/install.yml +++ b/ansible/roles/kolla-ansible/tasks/install.yml @@ -20,8 +20,8 @@ file: path: "{{ kolla_ansible_source_path | dirname }}" state: directory - owner: "{{ ansible_user }}" - group: "{{ ansible_user }}" + owner: "{{ ansible_user_id }}" + group: "{{ ansible_user_id }}" become: True when: kolla_ansible_ctl_install_type == 'source' From 6aef98b142db1bf8d08f0566f7f26a39e5c34069 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 16 Nov 2017 16:37:43 +0000 Subject: [PATCH 5/7] Add a variable to kolla-ansible role for path to passwords.yml This is the input file kept in $KAYOBE_CONFIG_PATH, rather than the generated file in . --- ansible/kolla-ansible.yml | 1 + ansible/roles/kolla-ansible/defaults/main.yml | 3 +++ ansible/roles/kolla-ansible/tasks/config.yml | 6 +++--- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ansible/kolla-ansible.yml b/ansible/kolla-ansible.yml index 3a14dc8f1..c3fd6e51b 100644 --- a/ansible/kolla-ansible.yml +++ b/ansible/kolla-ansible.yml @@ -198,3 +198,4 @@ roles: - role: kolla-ansible + kolla_ansible_passwords_path: "{{ kayobe_config_path }}/kolla/passwords.yml" diff --git a/ansible/roles/kolla-ansible/defaults/main.yml b/ansible/roles/kolla-ansible/defaults/main.yml index da88e5f45..246b68cea 100644 --- a/ansible/roles/kolla-ansible/defaults/main.yml +++ b/ansible/roles/kolla-ansible/defaults/main.yml @@ -24,6 +24,9 @@ kolla_config_path: # Directory where Kolla custom configuration files will be installed. kolla_node_custom_config_path: +# Path to kolla-ansible passwords.yml input file. +kolla_ansible_passwords_path: + ############################################################################### # Kolla-ansible inventory configuration. diff --git a/ansible/roles/kolla-ansible/tasks/config.yml b/ansible/roles/kolla-ansible/tasks/config.yml index e0dddff9c..e3c2e587a 100644 --- a/ansible/roles/kolla-ansible/tasks/config.yml +++ b/ansible/roles/kolla-ansible/tasks/config.yml @@ -35,8 +35,8 @@ - name: Ensure the Kolla passwords file exists kolla_passwords: - src: "{{ kayobe_config_path }}/kolla/passwords.yml" - dest: "{{ kayobe_config_path }}/kolla/passwords.yml" + src: "{{ kolla_ansible_passwords_path }}" + dest: "{{ kolla_ansible_passwords_path }}" mode: 0640 sample: "{{ kolla_ansible_install_dir }}/etc_examples/kolla/passwords.yml" overrides: "{{ kolla_ansible_custom_passwords }}" @@ -45,6 +45,6 @@ - name: Ensure the Kolla passwords file is copied into place copy: - src: "{{ kayobe_config_path }}/kolla/passwords.yml" + src: "{{ kolla_ansible_passwords_path }}" dest: "{{ kolla_config_path }}/passwords.yml" remote_src: True From 91c341ad3e844673c27aa40c9e0fe95555fba328 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 15 Nov 2017 08:29:23 +0000 Subject: [PATCH 6/7] Add missing defaults for kolla-ansible docker configuration --- ansible/roles/kolla-ansible/defaults/main.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ansible/roles/kolla-ansible/defaults/main.yml b/ansible/roles/kolla-ansible/defaults/main.yml index 246b68cea..6d40e4f4a 100644 --- a/ansible/roles/kolla-ansible/defaults/main.yml +++ b/ansible/roles/kolla-ansible/defaults/main.yml @@ -78,6 +78,15 @@ kolla_install_type: # Docker namespace to use for Kolla images. kolla_docker_namespace: +# Url of docker registry to use for Kolla images. +kolla_docker_registry: + +# Username to use to access a docker registry. +kolla_docker_registry_username: + +# Password to use to access a docker registry. +kolla_docker_registry_password: + # Valid option is Docker repository tag kolla_openstack_release: From 76309988ffee62461b072c598885f5886c303e80 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Fri, 17 Nov 2017 09:57:28 +0000 Subject: [PATCH 7/7] Initial unit testing of ansible - kolla-ansible role Adds a new tox environment, ansible, which runs ansible unit tests. One such test has been implemented so far, for the kolla-ansible role. --- .gitignore | 1 + .travis.yml | 14 +- ansible/roles/kolla-ansible/tests/main.yml | 21 ++ .../kolla-ansible/tests/test-defaults.yml | 162 +++++++++ .../roles/kolla-ansible/tests/test-extras.yml | 321 ++++++++++++++++++ tox.ini | 17 + 6 files changed, 532 insertions(+), 4 deletions(-) create mode 100644 ansible/roles/kolla-ansible/tests/main.yml create mode 100644 ansible/roles/kolla-ansible/tests/test-defaults.yml create mode 100644 ansible/roles/kolla-ansible/tests/test-extras.yml diff --git a/.gitignore b/.gitignore index 4ab711b97..14039fc2c 100644 --- a/.gitignore +++ b/.gitignore @@ -47,6 +47,7 @@ doc/build # Files generated by Ansible ansible/*.retry +ansible/roles/*/tests/*.retry # Ansible Galaxy roles ansible/roles/ahuffman.resolv/ diff --git a/.travis.yml b/.travis.yml index 82a64f6ae..c0efc10c1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,14 +2,15 @@ language: python python: "2.7" -# Run jobs in containers. -sudo: false +# Run jobs in VMs - sudo is required by ansible tests. +sudo: required # Install ansible addons: apt: packages: - gcc + - python-apt - python-virtualenv - realpath @@ -24,10 +25,15 @@ env: - TOX_ENV=py27 # Run ansible syntax checks. - TOX_ENV=ansible-syntax + # Run ansible tests. + - TOX_ENV=ansible install: - - pip install tox + # Install tox in a virtualenv to ensure we have an up to date version. + - virtualenv venv + - venv/bin/pip install -U pip + - venv/bin/pip install tox script: # Run the tox environment. - - tox -e ${TOX_ENV} + - venv/bin/tox -e ${TOX_ENV} diff --git a/ansible/roles/kolla-ansible/tests/main.yml b/ansible/roles/kolla-ansible/tests/main.yml new file mode 100644 index 000000000..b3fa61a6b --- /dev/null +++ b/ansible/roles/kolla-ansible/tests/main.yml @@ -0,0 +1,21 @@ +--- +# TODO: +# - Check inventory file. +# - Add hosts to inventory. +# - Seed custom inventory +# - Overcloud custom inventory +# - Group map +# - Pass through variables +# - Nova ironic compute host + +- include: test-defaults.yml +- include: test-extras.yml + +- hosts: localhost + connection: local + tasks: + - name: Fail if any tests failed + fail: + msg: > + Test failures: {{ test_failures }} + when: test_failures is defined diff --git a/ansible/roles/kolla-ansible/tests/test-defaults.yml b/ansible/roles/kolla-ansible/tests/test-defaults.yml new file mode 100644 index 000000000..814db2502 --- /dev/null +++ b/ansible/roles/kolla-ansible/tests/test-defaults.yml @@ -0,0 +1,162 @@ +--- +- hosts: localhost + connection: local + tasks: + - name: Create a temporary directory + tempfile: + state: directory + register: tempfile_result + + - block: + - name: Test the kolla-ansible role with default values + include_role: + name: ../../kolla-ansible + vars: + kolla_ansible_source_path: "{{ temp_path }}/src" + kolla_ansible_ctl_install_type: "source" + kolla_ansible_source_url: "http://github.com/openstack/kolla-ansible" + kolla_ansible_source_version: "master" + kolla_ansible_venv: "{{ temp_path }}/venv" + kolla_config_path: "{{ temp_path }}/etc/kolla" + kolla_node_custom_config_path: "{{ temp_path }}/etc/kolla/config" + kolla_ansible_passwords_path: "{{ temp_path }}/passwords.yml" + # Required config. + kolla_base_distro: "fake-distro" + kolla_install_type: "fake-install-type" + kolla_docker_namespace: "fake-namespace" + kolla_openstack_release: "fake-release" + kolla_internal_vip_address: "10.0.0.1" + kolla_internal_fqdn: "fake.internal.fqdn" + kolla_external_vip_address: "10.0.0.2" + kolla_external_fqdn: "fake.external.fqdn" + kolla_network_interface: "eth0" + kolla_external_vip_interface: "eth1" + kolla_api_interface: "eth2" + kolla_storage_interface: "eth3" + kolla_cluster_interface: "eth4" + kolla_dns_interface: "eth5" + kolla_neutron_external_interfaces: + - "eth6" + - "eth7" + kolla_neutron_bridge_names: + - "br0" + - "br1" + kolla_bifrost_network_interface: "eth8" + kolla_provision_interface: "eth9" + kolla_inspector_dnsmasq_interface: "eth10" + kolla_enable_tls_external: False + kolla_external_fqdn_cert: "fake-cert" + kolla_openstack_logging_debug: False + + - name: Verify kolla-ansible installation + command: "{{ temp_path }}/venv/bin/kolla-ansible -h" + changed_when: False + + - name: Verify ansible installation + command: "{{ temp_path }}/venv/bin/ansible -h" + changed_when: False + + - name: Validate globals.yml contents + assert: + that: + - item.key in globals_yml + - globals_yml[item.key] == item.value + msg: > + Unexpected value for variable "{{ item.key }}" in globals.yml. + Expected "{{ item.value }}", actual + "{{ globals_yml.get(item.key, '') }}". + with_dict: "{{ expected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}" + expected_variables: + config_strategy: "COPY_ALWAYS" + kolla_base_distro: "fake-distro" + kolla_install_type: "fake-install-type" + openstack_release: "fake-release" + kolla_internal_vip_address: "10.0.0.1" + kolla_internal_fqdn: "fake.internal.fqdn" + kolla_external_vip_address: "10.0.0.2" + kolla_external_fqdn: "fake.external.fqdn" + node_custom_config: "{{ temp_path }}/etc/kolla/config" + docker_namespace: "fake-namespace" + network_interface: "eth0" + kolla_external_vip_interface: "eth1" + api_interface: "eth2" + storage_interface: "eth3" + cluster_interface: "eth4" + dns_interface: "eth5" + neutron_external_interface: "eth6,eth7" + neutron_bridge_name: "br0,br1" + bifrost_network_interface: "eth8" + provision_interface: "eth9" + ironic_dnsmasq_interface: "eth10" + neutron_plugin_agent: "openvswitch" + kolla_enable_tls_external: False + kolla_external_fqdn_cert: "fake-cert" + openstack_logging_debug: False + + - name: Validate variables are absent from globals.yml + assert: + that: item not in globals_yml + msg: > + Unexpected variable "{{ item }}" found in globals.yml, value + "{{ globals_yml.get(item) }}". + with_items: "{{ unexpected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}" + unexpected_variables: + - docker_registry + - docker_registry_username + - docker_registry_password + - neutron_type_drivers + - neutron_tenant_network_types + - enable_glance + - enable_ironic + - enable_neutron + - enable_nova + + - name: Check whether inventory files exist + stat: + path: "{{ temp_path ~ '/etc/kolla/inventory/' ~ item }}" + with_items: + - seed + - overcloud + register: inventory_stat + + - name: Validate inventory files + assert: + that: + - item.stat.exists + - item.stat.size > 0 + msg: > + Inventory file {{ item.item }} was not found. + with_items: "{{ inventory_stat.results }}" + + - name: Validate passwords.yml contents + assert: + that: item in passwords_yml + msg: > + Expected variable "{{ item }}" not present in passwords.yml. + with_items: "{{ expected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + passwords_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/passwords.yml') | from_yaml }}" + expected_variables: + - database_password + + always: + - name: Ensure the temporary directory is removed + file: + path: "{{ temp_path }}" + state: absent + rescue: + - name: Flag that a failure occurred + set_fact: + test_failures: "{{ test_failures | default(0) | int + 1 }}" + vars: + temp_path: "{{ tempfile_result.path }}" diff --git a/ansible/roles/kolla-ansible/tests/test-extras.yml b/ansible/roles/kolla-ansible/tests/test-extras.yml new file mode 100644 index 000000000..bdc821a3c --- /dev/null +++ b/ansible/roles/kolla-ansible/tests/test-extras.yml @@ -0,0 +1,321 @@ +--- +- hosts: localhost + connection: local + tasks: + - name: Create a temporary directory + tempfile: + state: directory + register: tempfile_result + + - block: + - name: Test the kolla-ansible role with default values + include_role: + name: ../../kolla-ansible + static: False + vars: + kolla_ansible_source_path: "{{ temp_path }}/src" + kolla_ansible_ctl_install_type: "source" + kolla_ansible_source_url: "http://github.com/openstack/kolla-ansible" + kolla_ansible_source_version: "master" + kolla_ansible_venv: "{{ temp_path }}/venv" + kolla_ansible_vault_password: "fake-password" + kolla_config_path: "{{ temp_path }}/etc/kolla" + kolla_node_custom_config_path: "{{ temp_path }}/etc/kolla/config" + kolla_ansible_passwords_path: "{{ temp_path }}/passwords.yml" + # Config. + kolla_base_distro: "fake-distro" + kolla_install_type: "fake-install-type" + kolla_docker_namespace: "fake-namespace" + kolla_openstack_release: "fake-release" + kolla_internal_vip_address: "10.0.0.1" + kolla_internal_fqdn: "fake.internal.fqdn" + kolla_external_vip_address: "10.0.0.2" + kolla_external_fqdn: "fake.external.fqdn" + kolla_network_interface: "eth0" + kolla_external_vip_interface: "eth1" + kolla_api_interface: "eth2" + kolla_storage_interface: "eth3" + kolla_cluster_interface: "eth4" + kolla_dns_interface: "eth5" + kolla_neutron_external_interfaces: + - "eth6" + - "eth7" + kolla_neutron_bridge_names: + - "br0" + - "br1" + kolla_bifrost_network_interface: "eth8" + kolla_provision_interface: "eth9" + kolla_inspector_dnsmasq_interface: "eth10" + kolla_neutron_ml2_type_drivers: + - "fake-ml2-type-1" + - "fake-ml2-type-2" + kolla_neutron_ml2_tenant_network_types: + - "fake-ml2-tenant-type-1" + - "fake-ml2-tenant-type-2" + kolla_enable_tls_external: False + kolla_external_fqdn_cert: "fake-cert" + kolla_openstack_logging_debug: True + # Enable everything. + kolla_enable_aodh: True + kolla_enable_barbican: True + kolla_enable_ceilometer: True + kolla_enable_central_logging: True + kolla_enable_ceph: True + kolla_enable_ceph_rgw: True + kolla_enable_cinder: True + kolla_enable_cinder_backend_hnas_iscsi: True + kolla_enable_cinder_backend_hnas_nfs: True + kolla_enable_cinder_backend_iscsi: True + kolla_enable_cinder_backend_lvm: True + kolla_enable_cinder_backend_nfs: True + kolla_enable_cloudkitty: True + kolla_enable_congress: True + kolla_enable_designate: True + kolla_enable_elasticsearch: True + kolla_enable_etcd: True + kolla_enable_freezer: True + kolla_enable_gnocchi: True + kolla_enable_grafana: True + kolla_enable_haproxy: True + kolla_enable_heat: True + kolla_enable_horizon: True + kolla_enable_influxdb: True + kolla_enable_ironic: True + kolla_enable_karbor: True + kolla_enable_kibana: True + kolla_enable_kuryr: True + kolla_enable_magnum: True + kolla_enable_manila: True + kolla_enable_manila_backend_generic: True + kolla_enable_manila_backend_hnas: True + kolla_enable_mistral: True + kolla_enable_mongodb: True + kolla_enable_murano: True + kolla_enable_multipathd: True + kolla_enable_neutron_agent_ha: True + kolla_enable_neutron_bgp_dragent: True + kolla_enable_neutron_dvr: True + kolla_enable_neutron_fwaas: True + kolla_enable_neutron_lbaas: True + kolla_enable_neutron_provider_networks: True + kolla_enable_neutron_qos: True + kolla_enable_neutron_vpnaas: True + kolla_enable_nova_serialconsole_proxy: True + kolla_enable_octavia: True + kolla_enable_osprofiler: True + kolla_enable_panko: True + kolla_enable_rally: True + kolla_enable_searchlight: True + kolla_enable_sahara: True + kolla_enable_senlin: True + kolla_enable_skydive: True + kolla_enable_solum: True + kolla_enable_swift: True + kolla_enable_tacker: True + kolla_enable_telegraf: True + kolla_enable_tempest: True + kolla_enable_trove: True + kolla_enable_watcher: True + kolla_enable_zun: True + kolla_extra_globals: + extra-global-1: "extra-val-1" + extra-global-2: "extra-val-2" + kolla_ansible_custom_passwords: + custom-password-1: "custom-password-1" + custom-password-2: "custom-password-2" + kolla_nova_compute_ironic_host: "controller1" + + - name: Verify kolla-ansible installation + command: "{{ temp_path }}/venv/bin/kolla-ansible -h" + changed_when: False + + - name: Verify ansible installation + command: "{{ temp_path }}/venv/bin/ansible -h" + changed_when: False + + - name: Validate variables are absent from globals.yml + debug: + var: globals_yml + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}" + + - name: Validate globals.yml contents + assert: + that: + - item.key in globals_yml + - globals_yml[item.key] == item.value + msg: > + Unexpected value for variable "{{ item.key }}" in globals.yml. + Expected "{{ item.value }}", actual + "{{ globals_yml.get(item.key, '') }}". + with_dict: "{{ expected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}" + expected_variables: + config_strategy: "COPY_ALWAYS" + kolla_base_distro: "fake-distro" + kolla_install_type: "fake-install-type" + openstack_release: "fake-release" + kolla_internal_vip_address: "10.0.0.1" + kolla_internal_fqdn: "fake.internal.fqdn" + kolla_external_vip_address: "10.0.0.2" + kolla_external_fqdn: "fake.external.fqdn" + node_custom_config: "{{ temp_path }}/etc/kolla/config" + docker_namespace: "fake-namespace" + network_interface: "eth0" + kolla_external_vip_interface: "eth1" + api_interface: "eth2" + storage_interface: "eth3" + cluster_interface: "eth4" + dns_interface: "eth5" + neutron_external_interface: "eth6,eth7" + neutron_bridge_name: "br0,br1" + bifrost_network_interface: "eth8" + provision_interface: "eth9" + ironic_dnsmasq_interface: "eth10" + neutron_plugin_agent: "openvswitch" + kolla_enable_tls_external: False + kolla_external_fqdn_cert: "fake-cert" + openstack_logging_debug: True + # NOTE: The following options are not present in globals.yml. + # It's possible this is related to the use of hostvars and + # include_role, caused by something like + # https://github.com/ansible/ansible/issues/19305. + #enable_aodh: True + #enable_barbican: True + #enable_ceilometer: True + #enable_central_logging: True + #enable_ceph: True + #enable_ceph_rgw: True + #enable_cinder: True + #enable_cinder_backend_iscsi: True + #enable_cinder_backend_hnas_iscsi: True + #enable_cinder_backend_hnas_nfs: True + #enable_cinder_backend_lvm: True + #enable_cinder_backend_nfs: True + #enable_cloudkitty: True + #enable_congress: True + #enable_designate: True + #enable_elasticsearch: True + #enable_etcd: True + #enable_freezer: True + #enable_gnocchi: True + #enable_grafana: True + #enable_haproxy: True + #enable_heat: True + #enable_horizon: True + #enable_influxdb: True + #enable_ironic: True + #enable_karbor: True + #enable_kibana: True + #enable_kuryr: True + #enable_magnum: True + #enable_manila: True + #enable_manila_backend_generic: True + #enable_manila_backend_hnas: True + #enable_mistral: True + #enable_mongodb: True + #enable_murano: True + #enable_multipathd: True + #enable_neutron_agent_ha: True + #enable_neutron_bgp_dragent: True + #enable_neutron_dvr: True + #enable_neutron_fwaas: True + #enable_neutron_lbaas: True + #enable_neutron_provider_networks: True + #enable_neutron_qos: True + #enable_neutron_vpnaas: True + #enable_nova_serialconsole_proxy: True + #enable_octavia: True + #enable_osprofiler: True + #enable_panko: True + #enable_rally: True + #enable_sahara: True + #enable_searchlight: True + #enable_skydive: True + #enable_solum: True + #enable_senlin: True + #enable_swift: True + #enable_tacker: True + #enable_telegraf: True + #enable_tempest: True + #enable_trove: True + #enable_watcher: True + #enable_zun: True + extra-global-1: "extra-val-1" + extra-global-2: "extra-val-2" + + - name: Validate variables are absent from globals.yml + assert: + that: item not in globals_yml + msg: > + Unexpected variable "{{ item }}" found in globals.yml, value + "{{ globals_yml.get(item) }}". + with_items: "{{ unexpected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}" + unexpected_variables: + - docker_registry + - docker_registry_username + - docker_registry_password + - enable_glance + - enable_ironic + - enable_neutron + - enable_nova + + - name: Create a vault password file + copy: + content: "fake-password" + dest: "{{ temp_path ~ '/vault-pass' }}" + + - name: Decrypt passwords.yml + command: ansible-vault decrypt --vault-password-file {{ temp_path ~ '/vault-pass' }} {{ temp_path ~ '/etc/kolla/passwords.yml' }} + changed_when: False + + - name: Validate passwords.yml contents + assert: + that: item in passwords_yml + msg: > + Expected variable "{{ item }}" not present in passwords.yml. + with_items: "{{ expected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + passwords_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/passwords.yml') | from_yaml }}" + expected_variables: + - database_password + - custom-password-1 + - custom-password-2 + + - name: Validate passwords.yml custom passwords + assert: + that: + - item.key in passwords_yml + - passwords_yml[item.key] == item.value + msg: > + Expected custom password "{{ item.key }}" not present in passwords.yml. + with_dict: "{{ expected_variables }}" + vars: + # NOTE: Can't use set_fact for this, as it causes kolla-ansible + # Jinja expressions to be evaluated. + passwords_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/passwords.yml') | from_yaml }}" + expected_variables: + custom-password-1: custom-password-1 + custom-password-2: custom-password-2 + always: + - name: Ensure the temporary directory is removed + file: + path: "{{ temp_path }}" + state: absent + rescue: + - name: Flag that a failure occurred + set_fact: + test_failures: "{{ test_failures | default(0) | int + 1 }}" + vars: + temp_path: "{{ tempfile_result.path }}" diff --git a/tox.ini b/tox.ini index 68270674a..6819d60d6 100644 --- a/tox.ini +++ b/tox.ini @@ -6,6 +6,10 @@ skipsdist = True [testenv] usedevelop = True install_command = pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/pike} {opts} {packages} +passenv = + HOME +whitelist_externals = + bash setenv = VIRTUAL_ENV={envdir} PYTHONWARNINGS=default::DeprecationWarning @@ -34,6 +38,19 @@ commands = python setup.py build_sphinx [testenv:debug] commands = oslo_debug_helper {posargs} +[testenv:ansible] +usedevelop = True +# Create the virtualenv with access to system site packages, as this is +# required to use the python and apt modules, which are not available via PyPI. +sitepackages = True +install_command = pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/pike} {opts} {packages} +commands = + bash -c \ + "ansible-playbook \ + --connection=local \ + {toxinidir}/ansible/roles/*/tests/main.yml \ + {posargs}" + [testenv:alint] commands = ansible-lint ansible/*.yaml