From a879e2a54e0641b692202d417021f1824032b123 Mon Sep 17 00:00:00 2001 From: Pawel Wieczorek Date: Mon, 15 Jun 2020 16:29:35 +0200 Subject: Add Ansible roles for OpenStack network This patch also adds Vagrant provisioners for creating and destroying OpenStack infrastructure. These are set to never run (unless explicitly called by the operator) because DevStack instance on a separate machine might not be ready to provide OpenStack API. This patch is based on previous work by: Krzysztof Opasiak Test harness is based on blog post [1] by: Chris Morgan [1] https://chrismorgan.info/blog/make-and-git-diff-test-harness Issue-ID: INT-1601 Change-Id: I031ca7a5a43cca0258dc0dc9e0339182c431898a Signed-off-by: Pawel Wieczorek --- deployment/noheat/infra-openstack/HACKING | 1 + .../noheat/infra-openstack/ansible/create.yml | 7 +++++ .../noheat/infra-openstack/ansible/destroy.yml | 7 +++++ .../infra-openstack/ansible/group_vars/all.yml | 4 +++ .../tasks/create_network.yml | 20 ++++++++++++++ .../create_devstack_network/tasks/main.yml | 4 +++ .../tasks/destroy_network.yml | 10 +++++++ .../destroy_devstack_network/tasks/main.yml | 4 +++ .../noheat/infra-openstack/vagrant/Vagrantfile | 26 +++++++++++++++++- .../infra-openstack/vagrant/config/clouds.yaml | 1 + .../noheat/infra-openstack/vagrant/test/Makefile | 12 +++++++++ .../noheat/infra-openstack/vagrant/test/README | 31 ++++++++++++++++++++++ .../noheat/infra-openstack/vagrant/test/README.rst | 1 + .../vagrant/test/create_network.stderr | 0 .../vagrant/test/create_network.stdout | 1 + .../vagrant/test/create_network.test | 21 +++++++++++++++ .../vagrant/test/destroy_network.stderr | 0 .../vagrant/test/destroy_network.stdout | 1 + .../vagrant/test/destroy_network.test | 21 +++++++++++++++ 19 files changed, 171 insertions(+), 1 deletion(-) create mode 100644 deployment/noheat/infra-openstack/ansible/create.yml create mode 100644 deployment/noheat/infra-openstack/ansible/destroy.yml create mode 100644 deployment/noheat/infra-openstack/ansible/group_vars/all.yml create mode 100644 deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/create_network.yml create mode 100644 deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/main.yml create mode 100644 deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/destroy_network.yml create mode 100644 deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/main.yml create mode 100644 deployment/noheat/infra-openstack/vagrant/test/Makefile create mode 100644 deployment/noheat/infra-openstack/vagrant/test/README create mode 120000 deployment/noheat/infra-openstack/vagrant/test/README.rst create mode 100644 deployment/noheat/infra-openstack/vagrant/test/create_network.stderr create mode 100644 deployment/noheat/infra-openstack/vagrant/test/create_network.stdout create mode 100755 deployment/noheat/infra-openstack/vagrant/test/create_network.test create mode 100644 deployment/noheat/infra-openstack/vagrant/test/destroy_network.stderr create mode 100644 deployment/noheat/infra-openstack/vagrant/test/destroy_network.stdout create mode 100755 deployment/noheat/infra-openstack/vagrant/test/destroy_network.test (limited to 'deployment') diff --git a/deployment/noheat/infra-openstack/HACKING b/deployment/noheat/infra-openstack/HACKING index d0c1edcc1..dcdc2062e 100644 --- a/deployment/noheat/infra-openstack/HACKING +++ b/deployment/noheat/infra-openstack/HACKING @@ -23,6 +23,7 @@ Summary of changes: - Added password from ``local.conf`` file (used in DevStack instance setup) - Removed ``project_id`` which might change on a new DevStack instance - Replaced ``auth_url`` based on machine's dynamic IP with the static private address +- Added ``project_domain_name`` needed to run Ansible playbooks Installed Python package ``python-openstackclient`` includes key package ``openstacksdk`` as a dependency and provides additional CLI tools. Tool ``pip`` for Python 3 was used for installing diff --git a/deployment/noheat/infra-openstack/ansible/create.yml b/deployment/noheat/infra-openstack/ansible/create.yml new file mode 100644 index 000000000..dd21271b2 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/create.yml @@ -0,0 +1,7 @@ +--- +- name: Create infrastructure + hosts: localhost + connection: local + gather_facts: False + roles: + - openstack/create_devstack_network diff --git a/deployment/noheat/infra-openstack/ansible/destroy.yml b/deployment/noheat/infra-openstack/ansible/destroy.yml new file mode 100644 index 000000000..b63e07088 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/destroy.yml @@ -0,0 +1,7 @@ +--- +- name: Destroy infrastructure + hosts: localhost + connection: local + gather_facts: False + roles: + - openstack/destroy_devstack_network diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml new file mode 100644 index 000000000..68497a0a5 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml @@ -0,0 +1,4 @@ +--- +network: + name: "onap_ci_lab" + cidr: "192.168.1.0/24" diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/create_network.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/create_network.yml new file mode 100644 index 000000000..5d86858c1 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/create_network.yml @@ -0,0 +1,20 @@ +--- +- name: "Create {{ net.name }} network" + os_network: + name: "{{ net.name }}" + state: present + +- name: "Create {{ net.name }} subnet" + os_subnet: + name: "{{ net.name }}_subnet" + network_name: "{{ net.name }}" + cidr: "{{ net.cidr }}" + state: present + +- name: "Create {{ net.name }} router" + os_router: + name: "{{ net.name }}_router" + network: public + interfaces: + - "{{ net.name }}_subnet" + state: present diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/main.yml new file mode 100644 index 000000000..5c8af745f --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_network/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- include: create_network.yml net={{ item }} + with_items: + - "{{ network }}" diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/destroy_network.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/destroy_network.yml new file mode 100644 index 000000000..8f97d9507 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/destroy_network.yml @@ -0,0 +1,10 @@ +--- +- name: "Destroy {{ net.name }} router" + os_router: + name: "{{ net.name }}_router" + state: absent + +- name: "Destroy {{ net.name }} network and its subnets" + os_network: + name: "{{ net.name }}" + state: absent diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/main.yml new file mode 100644 index 000000000..1bfab0d00 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_network/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- include: destroy_network.yml net={{ item }} + with_items: + - "{{ network }}" diff --git a/deployment/noheat/infra-openstack/vagrant/Vagrantfile b/deployment/noheat/infra-openstack/vagrant/Vagrantfile index f797675ae..c3b5d9819 100644 --- a/deployment/noheat/infra-openstack/vagrant/Vagrantfile +++ b/deployment/noheat/infra-openstack/vagrant/Vagrantfile @@ -1,6 +1,8 @@ # -*- mode: ruby -*- # -*- coding: utf-8 -*- +host_folder_ansible = "../ansible" +synced_folder_ansible = "/ansible" synced_folder_main = "/vagrant" synced_folder_config = "#{synced_folder_main}/config" os_config = "#{synced_folder_config}/local.conf" @@ -33,6 +35,8 @@ devstack = { all = [] << operation << devstack +operation_post_msg = "Run: \"vagrant provision #{operation[:name]} --provision-with=run_playbook_create\" to complete infrastructure deployment" + $enable_ipv6 = <<-SCRIPT sed -i'' 's/net.ipv6.conf.all.disable_ipv6.*$/net.ipv6.conf.all.disable_ipv6 = 0/' /etc/sysctl.conf sysctl -p @@ -53,7 +57,7 @@ $setup_py = <<-SCRIPT curl -fsSL https://bootstrap.pypa.io/get-pip.py -o get-pip.py sudo -H python3 get-pip.py - pip install python-openstackclient + pip install ansible python-openstackclient mkdir -p #{os_clouds_dir} SCRIPT @@ -64,6 +68,13 @@ $link_file = <<-SCRIPT ln -sf "$src" "$dst" SCRIPT +$run_playbook = <<-SCRIPT + PLAYBOOK="$1" + export OS_CLOUD=openstack + cd #{synced_folder_ansible} + ansible-playbook "$PLAYBOOK" +SCRIPT + Vagrant.configure("2") do |config| all.each do |machine| config.vm.define machine[:name] do |config| @@ -95,6 +106,7 @@ Vagrant.configure("2") do |config| if machine[:name] == 'operator' config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile" + config.vm.synced_folder host_folder_ansible, synced_folder_ansible, type: "rsync" config.vm.provision "setup_openstacksdk", type: :shell, privileged: false, inline: $setup_py config.vm.provision "link_os_clouds", type: :shell, run: "always" do |s| @@ -102,6 +114,18 @@ Vagrant.configure("2") do |config| s.inline = $link_file s.args = [os_clouds, os_clouds_dir] end + + config.vm.post_up_message = operation_post_msg + config.vm.provision "run_playbook_create", type: :shell, run: "never" do |s| + s.privileged = false + s.inline = $run_playbook + s.args = "create.yml" + end + config.vm.provision "run_playbook_destroy", type: :shell, run: "never" do |s| + s.privileged = false + s.inline = $run_playbook + s.args = "destroy.yml" + end end end end diff --git a/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml b/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml index 6dab24a35..2763c896e 100644 --- a/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml +++ b/deployment/noheat/infra-openstack/vagrant/config/clouds.yaml @@ -5,6 +5,7 @@ clouds: username: "demo" password: "default123456!" project_name: "demo" + project_domain_name: "Default" user_domain_name: "Default" region_name: "RegionOne" interface: "public" diff --git a/deployment/noheat/infra-openstack/vagrant/test/Makefile b/deployment/noheat/infra-openstack/vagrant/test/Makefile new file mode 100644 index 000000000..403263dfc --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/Makefile @@ -0,0 +1,12 @@ +rwildcard = $(foreach d,$(wildcard $1*),$(call rwildcard,$d/,$2) $(filter $2,$d)) + +.PHONY: test +test: $(patsubst %.test,%.stdout,$(call rwildcard,,%.test)) + +%.stdout: %.test + ./$< > $@ 2> $(patsubst %.stdout,%.stderr,$@) \ + || (touch --date=@0 $@; false) + git diff --exit-code --src-prefix=expected/ --dst-prefix=actual/ \ + $@ $(patsubst %.stdout,%.stderr,$@) \ + || (touch --date=@0 $@; false) + diff --git a/deployment/noheat/infra-openstack/vagrant/test/README b/deployment/noheat/infra-openstack/vagrant/test/README new file mode 100644 index 000000000..36cf36f38 --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/README @@ -0,0 +1,31 @@ +============================== + Vagrant: simple test harness +============================== + +Use ``make`` and ``git diff`` for a simple test harness for Vagrant-based environment. + +Prerequisites +------------- + +Dependencies +~~~~~~~~~~~~ + +- make +- git + + +Running +------- + +Command +~~~~~~~ + +.. code-block:: shell + + $ make test + + +Credit +------ + +This is based on https://chrismorgan.info/blog/make-and-git-diff-test-harness blog post. diff --git a/deployment/noheat/infra-openstack/vagrant/test/README.rst b/deployment/noheat/infra-openstack/vagrant/test/README.rst new file mode 120000 index 000000000..100b93820 --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/README.rst @@ -0,0 +1 @@ +README \ No newline at end of file diff --git a/deployment/noheat/infra-openstack/vagrant/test/create_network.stderr b/deployment/noheat/infra-openstack/vagrant/test/create_network.stderr new file mode 100644 index 000000000..e69de29bb diff --git a/deployment/noheat/infra-openstack/vagrant/test/create_network.stdout b/deployment/noheat/infra-openstack/vagrant/test/create_network.stdout new file mode 100644 index 000000000..363825389 --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/create_network.stdout @@ -0,0 +1 @@ +"onap_ci_lab" diff --git a/deployment/noheat/infra-openstack/vagrant/test/create_network.test b/deployment/noheat/infra-openstack/vagrant/test/create_network.test new file mode 100755 index 000000000..7124f707e --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/create_network.test @@ -0,0 +1,21 @@ +#!/bin/sh + +export NETWORK_NAME='onap_ci_lab' + +export VAGRANT_CWD='..' + +set_up() { + vagrant up --provision-with=run_playbook_destroy + vagrant up --provision-with=run_playbook_create +} + +check() { + local net="$1" + vagrant ssh operator --no-tty -c \ + "export OS_CLOUD=openstack; openstack network list -fcsv" \ + | grep "$net" \ + | cut -d',' -f2 +} + +set_up >/dev/null # drop provisioning output +check "$NETWORK_NAME" diff --git a/deployment/noheat/infra-openstack/vagrant/test/destroy_network.stderr b/deployment/noheat/infra-openstack/vagrant/test/destroy_network.stderr new file mode 100644 index 000000000..e69de29bb diff --git a/deployment/noheat/infra-openstack/vagrant/test/destroy_network.stdout b/deployment/noheat/infra-openstack/vagrant/test/destroy_network.stdout new file mode 100644 index 000000000..d48081495 --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/destroy_network.stdout @@ -0,0 +1 @@ +Network onap_ci_lab not found. diff --git a/deployment/noheat/infra-openstack/vagrant/test/destroy_network.test b/deployment/noheat/infra-openstack/vagrant/test/destroy_network.test new file mode 100755 index 000000000..173b3ecca --- /dev/null +++ b/deployment/noheat/infra-openstack/vagrant/test/destroy_network.test @@ -0,0 +1,21 @@ +#!/bin/sh + +export NETWORK_NAME='onap_ci_lab' + +export VAGRANT_CWD='..' + +set_up() { + vagrant up --provision-with=run_playbook_create + vagrant up --provision-with=run_playbook_destroy +} + +check() { + local net="$1" + vagrant ssh operator --no-tty -c \ + "export OS_CLOUD=openstack; openstack network list -fcsv" \ + | grep "$net" \ + || echo "Network ${net} not found." +} + +set_up >/dev/null # drop provisioning output +check "$NETWORK_NAME" -- cgit 1.2.3-korg