diff options
42 files changed, 2117 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..93cfa9f --- /dev/null +++ b/.gitignore @@ -0,0 +1,22 @@ +### Ansible ### +*.retry + + +### Git ### +*.orig + + + +## Python ## +*.pyc +.env + +### Sensitive ### +.vault +id_rsa + + +### Visual Studio Code ### +.vscode +**/.DS_Store +.DS_Store
\ No newline at end of file diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..6c4b312 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,195 @@ +--- +################################################################################ +# +# !! DO NOT EDIT MANUALLY !! +# +# This file is generated by gitlab-ci-generator +# +################################################################################ + +stages: + - lint + - config + # - infra_install + # - virt_install + # - apps + # - check + +variables: + GIT_SUBMODULE_STRATEGY: recursive + VAULT_FILE: .vault + RUNNER_TAG: <SET ME> + +################################################################################ +# Shared parameters +################################################################################ +.runner_tags: &runner_tags + tags: + - $RUNNER_TAG + +.syntax_checking: &syntax_checking + only: + - pushes + stage: lint + +.artifacts_root: &artifacts_root + name: "$CI_JOB_NAME-$CI_COMMIT_REF_NAME" + paths: + - vars/ + - inventory/ + +.artifacts: &artifacts + artifacts: + <<: *artifacts_root + expire_in: 15 days + +.artifacts_longexpire: &artifacts_longexpire + artifacts: + <<: *artifacts_root + expire_in: 1 yrs + +.runner_env: &runner_env + CHAINED_CI_SRC: "<SET ME>" # Url to the gitlab chained ci project + # CHAINED_CI_SRC: "https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/chained-ci.git" + +################################################################################ +# Linting +################################################################################ + +yaml_checking: + <<: *syntax_checking + <<: *runner_tags + variables: + <<: *runner_env + image: sdesbure/yamllint:latest + script: + - > + yamllint -d "line-length: { + max: 80, + allow-non-breakable-words: true, + allow-non-breakable-inline-mappings: true}" + .gitlab-ci.yml + - yamllint *.yml + +ansible_linting: + <<: *syntax_checking + <<: *runner_tags + variables: + <<: *runner_env + image: sdesbure/ansible-lint:latest + script: + - ansible-lint -x ANSIBLE0010,ANSIBLE0013 run-ci.yml + +################################################################################ +# Pages +################################################################################ + +pages: + image: registry.gitlab.com/orange-opensource/lfn/ci_cd/docker_ansible:2.7.10-alpine + stage: lint + <<: *runner_tags + variables: + <<: *runner_env + script: + - ./chained-ci-vue/init.sh ./pod_inventory + artifacts: + paths: + - public + only: + - master + except: + - triggers + - api + - external + - pipelines + - schedules + - web + + +################################################################################ +# Jobs +################################################################################ + +.vault_mgmt: &vault_mgmt + before_script: + - echo ${ANSIBLE_VAULT_PASSWORD} > ${PWD}/${VAULT_FILE} + after_script: + - rm -f $PWD/.vault + +.set_config: &set_config + <<: *runner_tags + <<: *vault_mgmt + image: registry.gitlab.com/orange-opensource/lfn/ci_cd/docker_ansible:2.7.10-alpine + script: + - > + ansible-playbook -i pod_inventory/inventory --limit ${pod} + --vault-password-file ${PWD}/${VAULT_FILE} + ${ansible_verbose} artifacts_init.yml + +.run_ci: &run_ci + <<: *runner_tags + <<: *vault_mgmt + image: registry.gitlab.com/orange-opensource/lfn/ci_cd/docker_ansible:2.7.10-alpine + script: + - > + ansible-playbook -i pod_inventory/inventory --limit ${pod} + --extra-vars "step=${CI_JOB_NAME%:*}" + --vault-password-file ${PWD}/${VAULT_FILE} + ${ansible_verbose} run-ci.yml + +.trigger: &trigger + <<: *runner_tags + <<: *vault_mgmt + image: registry.gitlab.com/orange-opensource/lfn/ci_cd/docker_ansible:2.7.10-alpine + script: + - > + ansible-playbook -i pod_inventory/inventory --limit ${pod} + --vault-password-file ${PWD}/${VAULT_FILE} + ${ansible_verbose} --extra-vars "step=trigger" trigger_myself.yml + +################################################################################ +# onap-daily-unh-oom-master +################################################################################ + +.onap-daily-unh-oom-master_global: &onap-daily-unh-oom-master_global + variables: + pod: onap-daily-unh-oom-master + <<: *runner_env + environment: + name: unh/k8s8-8 + only: + variables: + - $POD == "onap-daily-unh-oom-master" + refs: + - web + - schedules + - triggers + +config:onap-daily-unh-oom-master: + stage: config + <<: *onap-daily-unh-oom-master_global + <<: *set_config + <<: *artifacts_longexpire +# infra_deploy:onap-daily-unh-oom-master: +# stage: infra_install +# <<: *onap-daily-unh-oom-master_global +# <<: *run_ci +# <<: *artifacts_longexpire +# virt_install:onap-daily-unh-oom-master: +# stage: virt_install +# <<: *onap-daily-unh-oom-master_global +# <<: *run_ci +# <<: *artifacts_longexpire +# apps_deploy:onap-daily-unh-oom-master: +# stage: apps +# <<: *onap-daily-unh-oom-master_global +# <<: *run_ci +# <<: *artifacts_longexpire +# apps_test:onap-daily-unh-oom-master: +# stage: check +# <<: *onap-daily-unh-oom-master_global +# <<: *run_ci + +## +# End of generated file +## diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..b0a82e6 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "chained-ci-vue"] + path = chained-ci-vue + url = https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-vue.git +[submodule "roles"] + path = roles + url = https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-roles.git @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2019 Orange-OpenSource / lfn / onap + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README.md b/README.md new file mode 100644 index 0000000..bacfde2 --- /dev/null +++ b/README.md @@ -0,0 +1,89 @@ +Chained-CI +========== + +Role +---- +Chained-CI is a way to run a set of projects, each one as a job in a top level +pipeline. + +This project, running on gitlab CE, is triggering configured projects one +after the other, or in parallele, sharing configuration through artifacts. This +allow to integrate projects managed by third parties, or running together +independent projects. + +This project is hosting the pipelines and the pipeline configuration. +See [Orange CI Roles](https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-roles "Orange CI Roles") to see the +roles needed to run thoses pipelines + +Input +----- + - Environment variables: + - __Required__: + - POD: + - role: pod name as defined in pod_inventory/inventory + - example: pod1 + - default: none + - Optional: + - RUNNER_TAG: + - override the default gitlab-runner tag (ta5_tnaplab) + - "old" lab runner tag: tnaplab2 + - USER_ROLE: + - overrides the name of the "member" role in Openstack + - default role: "Member" (used in "old" DT lab) + - AREYOUSURE: + - role: disable the deployment protection on some pods + - default: '' + - values: '' or 'MAIS OUI !!!' + - ansible_verbose: + - role: verbose option for ansible + - values: "", "-vvv" + - default: "" + - infra_branch: + - role: the branch for project infra_manager + - default: master + - os_infra_branch: + - role: the branch for project os_infra_manager + - default: master + - vim_branch: + - role: the branch for the VIMs projects (kolla, k8s) + - default: master + - kolla_branch: + - role: a value to pass to project kolla + - default: 'stable/queens' + - kolla_ansible_branch: + - role: a value to pass to project kolla + - default: 'stable/queens' + - functest_branch: + - role: the branch for project functest + - default: master + - acumos_branch: + - role: the branch for project acumos-installer + - default: master + +Output +------ + - artifacts: each step can fetch the artifact generate by the sub-project as + defined in the git_projects variables pull_artifacts + +Details +------- + - [Chained-CI intro](./doc/chained-ci-intro.md "Chained-CI intro") + +Quick Guide to create a pipeline +-------------------------------- + - Reuse or create a inventory file-pair under pod_config/config + - k8s*.yaml defining the VMs and their resource settings (RAM, Disk, CPUs) + - idf-k8s*.yaml defining the inventory setting (tenant, network, node roles...) + - Create pipeline definition file under pod_inventory/host_vars + - Add name of the pipeline in pod_inventory/inventory + - Update the submodules (git submodule init; git submodule update) + - Run ansible script to regenerate .gitlab-ci.yaml + - ansible-playbook -vvv --vault-password-file ./.vault -i ./pod_inventory/inventory ./gitlab-ci-generator.yml + - (Workarround) add RUNNER_TAG default variable in .gitlab-ci.yaml + ``` + variables: + GIT_SUBMODULE_STRATEGY: recursive + VAULT_FILE: .vault + RUNNER_TAG: ta5_tnaplab + ``` + - check-in code and create a pipeline diff --git a/artifacts_init.yml b/artifacts_init.yml new file mode 100644 index 0000000..0eabd23 --- /dev/null +++ b/artifacts_init.yml @@ -0,0 +1,12 @@ +--- +- hosts: all + connection: local + any_errors_fatal: true + vars: + step: "{{ lookup('env', 'CONFIG_NAME') | default('config', true )}}" + vars_files: + - .gitlab-ci.yml + roles: + - role: prepare + - role: get_artifacts + - role: artifact_init diff --git a/doc/chained-ci-install.md b/doc/chained-ci-install.md new file mode 100644 index 0000000..d27939d --- /dev/null +++ b/doc/chained-ci-install.md @@ -0,0 +1,136 @@ +# Creation of an own chained-ci project + +In our environment we want to use Chained-CI to automate the ONAP Lab +installation and testing. + +On an own development client host: +* install ansible + +``` + sudo apt-get install ansible +``` + +* Create a Git project (LabInstallation/chained-ci) in git.sdp.telekom.de +and checked it out. + +``` + git clone git@gitlab.devops.telekom.de:tnap/onapcommunity/integrationproject/onapdeployment/chained-ci.git +``` +* In my DevEnv I cloned the chained-ci example project: + +~~~~ + git clone https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-examples.git +~~~~ + +* Copy the example code to chained-ci + +~~~~ + cp -r chained-ci-examples/* chained-ci +~~~~ + +* Add submodules in chained-ci and checkin all + +~~~~ + cd chained-ci + git submodule add -b alpine-ansible https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-roles.git roles + git submodule add https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-vue.git chained-ci-vue + + git add * + ... + git commit -a + git push +~~~~ + +* Extract submodules + +~~~~ + git submodule init + git submodule update +~~~~ + +* Setup own chain + + * Create entry in ```pod_inventory/infrastructure``` (e.g. pod-test) + * Add ```pod_inventory/hostvars/pod-test.yml``` file for the chain-steps and jumphost + * Modify the ```pod_inventory/group_vars/all.yml``` + +* Modifications in ```pod_inventory/group_vars/all.yml``` + * add image and image_tag in runner section + * remove not needed git_projects + * add gitlab settings + * create project settings + * create a trigger token on the target project (in CI/CD settings) and copy token + * generate encrypted trigger_token password + + ``` + echo '...password...' > .vault + ``` + + ``` + ansible-vault encrypt_string --vault-password-file .vault '...token...' --name 'trigger-token' + ``` + + * add encrypted trigger_token to all.yml + + +Example: +~~~~ +runner: + tags: + - gitlab-org + env_vars: + CHAINED_CI_SRC: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/chained-ci.git + docker_proxy: + image: registry.gitlab.com/orange-opensource/lfn/ci_cd/docker_ansible + image_tag: latest + +gitlab: + pipeline: + delay: 15 + base_url: https://gitlab.devops.telekom.de + api_url: https://gitlab.devops.telekom.de/api/v4 + private_token: "{{ lookup('env','CI_private_token') }}" + + git_projects: + config: + stage: config + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/chained-ci.git + branch: "{{ lookup('env','config_branch')|default('master', true) }}" + path: pod_config + cloud-infra: + stage: infra_install + api: https://gitlab.devops.telekom.de/api/v4/project/32660 + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/cloud-infra + trigger_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66386364383232303832656238636130373430633539613566646337313164323733333138666163 + 3766623563303133393231663237353633353365633063350a653231393436313961613733643036 + 37393262363864393734323532383662663263663863646233366639633130323731343237653661 + 6265323237306634620a376166616564663135316363333136356135613336646665386532616263 + 64373537346235386438633130656363386633383337626337656234646361366263 + branch: "{{ lookup('env','cloud-infra_branch')|default('master', true) }}" + get_artifacts: config + pull_artifacts: + timeout: 300 + parameters: + ansible_verbose: "{{ lookup('env','ansible_verbose') }}" +~~~~ + +* Create .gitlab-ci.yml + +~~~~ + ansible-playbook -vvv --vault-password-file ~/git/LabInstallation/chained-ci/.vault -i ./pod_inventory/inventory ./gitlab-ci-generator.yml +~~~~ + +* Checkin all modified files + +* Add in chained-ci project CI/CD the following variables: + + ```ANSIBLE_VAULT_PASSWORD``` -> a secret for the Vault password + + ```CI_private_token``` -> API token to access Gitlab (see User-Settings-Access Tokens) + +How to create own project pipelines: + +* [DTs Chained-ci pipelines](chained-ci-pipeline.md) + diff --git a/doc/chained-ci-intro.md b/doc/chained-ci-intro.md new file mode 100644 index 0000000..01d74fe --- /dev/null +++ b/doc/chained-ci-intro.md @@ -0,0 +1,61 @@ +# Introduction to Chained-ci + +Chained-ci is a solution to chain CI/CD pipelines from different gilab projects. +It leverages gitlab APIs and features like the artifacts. + +![Chained-ci overview](img/chained-CI.png) + +As an example if you want to install a solution on an infrastructure, you can +chain the project pipeline in charge of infrastructure deployment then the +pipeline in charge of the deployment of the target solution thanks to +environment variables, configuration parameters provided as artifacts at the +end of the first pipeline. + +Chained-ci offers additional possibilities such as using static artifacts, +notifying third parties. + +## Why Chained-ci + +Historically involved in several Open Source projects, it was very hard to +harmonize CI/CD strategies as each project had its own way to manage it and +automation culture. +OPNFV XCI initiative was created to provide a way to create links between CI/CD +teams of different Open Source Networking communities. + +In parallel, internally we started having lots of projects on gitlab. +The goal was to be able to chain the pipelines of these different gitlab +projects. Each project remains responsible for its CI/CD strategy but may expose +artifacts and can be consumed by other projects. + +Thanks to Chained-ci, it is possible to easily mix and match pipelines and unify +CI/CD strategy leveraging gitlab capabilities. + +It is possible on the same infrastructure to automate the deployments and +testing of several projects in parallel. + +## Chained-ci project + +Chained-ci is composed of several sub-projects: + +* [Chained-ci](https://gitlab.forge.orange-labs.fr/osons/chained-ci): the part + where the chains will be created and configured +* [Chained-ci-roles](https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-roles): + the repository hosting the ansible roles +* [Chained-ci-tools](https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-tools): + some tooling to simplify the creation of the chains +* [Chained-ci-vue](https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-vue): + a web front end to easily visualise the different chains. + +![chained-ci-vue](img/chained-ci-ui.png) + +If you click on any element of the chain, you will see the corresponding gitlab +pipeline. You can also restart the chain in case of failure at the step it +failed. + +## Get started + +* [DTs Chained-ci installation](chained-ci-install.md) +* [DTs Chained-ci pipelines](chained-ci-pipeline.md) +* [Orange: Create your Chained-ci](./user-guide/configure.md) +* [Orange: Run your Chained-ci](./user-guide/run.md) +* [Orange: Examples](./example/example.md) diff --git a/doc/chained-ci-pipeline.md b/doc/chained-ci-pipeline.md new file mode 100644 index 0000000..8af10bf --- /dev/null +++ b/doc/chained-ci-pipeline.md @@ -0,0 +1,27 @@ +# Creation of an own Project Chain + +Inside of the Chained-CI project installation chains can be created +to automate the the Openstack tenant, network and VM creation, as +well as the installation of applications (e.g. ONAP) + +Currently the following projects are available supporting chaining: + +* cloud-infra -> Creation of Openstack tenant, network and VMs +* ... + +In order to define the pipelines the following steps need to be followed: + +* Projects need to be defined in all.yml (see [Chained-CI install](https://git.sdp.telekom.de/LabInstallation/chained-ci/blob/master/doc/chained-ci-install.md "Chained-CI installation")) +* in the directory chained-ci/pod_config the inventory and pod definitions + have to be created +* in the directory chained-ci/pod_inventory the pipeline definitions + have to be created + +The execution of the pipeline requires a Jumphost within the target cloud. +Requirements for the Jumphost: +* OS: e.g. Ubuntu 18.04 +* Packages: ansible, python-pip, python3-pip, jq +* Network must be able to reach and resolve the VIM Keystone interface +* To access the JH a RSA keypair needs to be created without passphrase +* The public key has to be added to the .ssh/authorized_keys of the + ansible user (e.g. ubuntu) diff --git a/doc/img/chained-CI.png b/doc/img/chained-CI.png Binary files differnew file mode 100644 index 0000000..ec096b8 --- /dev/null +++ b/doc/img/chained-CI.png diff --git a/doc/img/chained-ci-examples.png b/doc/img/chained-ci-examples.png Binary files differnew file mode 100644 index 0000000..c771cae --- /dev/null +++ b/doc/img/chained-ci-examples.png diff --git a/doc/img/chained-ci-ui.png b/doc/img/chained-ci-ui.png Binary files differnew file mode 100644 index 0000000..245f806 --- /dev/null +++ b/doc/img/chained-ci-ui.png diff --git a/doc/img/example1.png b/doc/img/example1.png Binary files differnew file mode 100644 index 0000000..e2ee28e --- /dev/null +++ b/doc/img/example1.png diff --git a/doc/img/example2.png b/doc/img/example2.png Binary files differnew file mode 100644 index 0000000..2f2fc94 --- /dev/null +++ b/doc/img/example2.png diff --git a/doc/img/example3.png b/doc/img/example3.png Binary files differnew file mode 100644 index 0000000..1eeaddc --- /dev/null +++ b/doc/img/example3.png diff --git a/doc/img/inpod.png b/doc/img/inpod.png Binary files differnew file mode 100644 index 0000000..dc95989 --- /dev/null +++ b/doc/img/inpod.png diff --git a/doc/img/pipeline_creation_1.jpg b/doc/img/pipeline_creation_1.jpg Binary files differnew file mode 100644 index 0000000..05b5178 --- /dev/null +++ b/doc/img/pipeline_creation_1.jpg diff --git a/doc/img/pipeline_creation_2.jpg b/doc/img/pipeline_creation_2.jpg Binary files differnew file mode 100644 index 0000000..d922476 --- /dev/null +++ b/doc/img/pipeline_creation_2.jpg diff --git a/doc/img/pipeline_creation_3.jpg b/doc/img/pipeline_creation_3.jpg Binary files differnew file mode 100644 index 0000000..1e7a915 --- /dev/null +++ b/doc/img/pipeline_creation_3.jpg diff --git a/doc/img/schedule_creation_1.jpg b/doc/img/schedule_creation_1.jpg Binary files differnew file mode 100644 index 0000000..48987c5 --- /dev/null +++ b/doc/img/schedule_creation_1.jpg diff --git a/doc/img/schedule_creation_2.jpg b/doc/img/schedule_creation_2.jpg Binary files differnew file mode 100644 index 0000000..f447f20 --- /dev/null +++ b/doc/img/schedule_creation_2.jpg diff --git a/doc/img/schedule_creation_3.jpg b/doc/img/schedule_creation_3.jpg Binary files differnew file mode 100644 index 0000000..5ff84ed --- /dev/null +++ b/doc/img/schedule_creation_3.jpg diff --git a/doc/user-guide/configure.md b/doc/user-guide/configure.md new file mode 100644 index 0000000..4d9e30e --- /dev/null +++ b/doc/user-guide/configure.md @@ -0,0 +1,280 @@ +# Create your chain + +You must clone the chained-ci project. + +```Shell + git clone https://gitlab.forge.orange-labs.fr/osons/chained-ci + cd chained-ci + git submodule init + git submodule update +``` + +The chained-ci repository can be shown as follows: + +```Ascii +. +├── pod_inventory +│  ├── group_vars +│  │  └── all.yml +│  ├── host_vars +│  │  ├── existing_chained.yml +│  │  ├── ... +│  │  └── vpod1.yml +│  └── inventory +└── roles + ├── artifact_init + │  ├── defaults + │  └── tasks + ├── get_artifacts + │  ├── defaults + │  └── tasks + ├── gitlab-ci-generator + │  ├── tasks + │  └── templates + ├── run-ci + │  └── tasks + └── trigger_myself + └── tasks +``` + +The ansible roles are retrieved through the git submodules. + +Note: It is recommended to create your branch to create your new chain. + +To create you chained-ci chain + +* Edit the **pod_inventory/inventory** file to declare your chain +* Create a file in **pod_inventory/host_vars** to configure your chain +* Edit **pod_inventory/group_vars/all.yaml** to reference some variables if + needed + +## Declare your chain + +You must first declare your chain name in the pod_inventory/inventory file. +Edit the file and add your chain name at the end of the file. +The chain name shall be self-explicit. + +Even if the naming is free, it is recommended to follow the syntax: + +`[target][_[infra]]_[[ci_option]]_[pod]]` + +e.g. + +* `pod2`: deployment of the pod2 infrastructure (GNU/Linux OS) +* `acumos_pod4`: deployment of acumos on POD4 +* `functest_pod4`: run functest tests on POD4 +* `k8s_pod1`: deployment of kubernetes on bare metal on pod1 +* ... +* `onap_k8s_daily_pod4`: daily deployment of onap on k8s infra installed on pod4 + +## Define your chain + +The second step consists in creating the ansible role for the new chain. + +Create a file in pod_inventory/host_vars. + +The file name shall correspond to the chain name you declared in the inventory +file e.g. acumos_pod4.yaml. + +This file describes the chain. It reference the different projects you want to +chain, indicating the expected artifacts to be re-used from one project to +another. + +```YAML +--- +jumphost: + server: <target POD jumphost IP> + user: <ansible user> +[option section] +scenario_steps: + step 1: + ... + step 2: + ... + step N: + ... +``` + +The chain will be run sequentially (e.g. config then step 1 until step N). +Each pipeline can however parallelize some stages. + +The option section is not mandatory. + +### jumphost Definition + +A jumphost is associated to a chained-ci even if the different steps can be +performed through projects hosted in different environements (public gitlab.com +and internal gitlab). The creator of the chain shall ensure that the projects +can be invoked from the referenced jumphost. + +### Chained-ci options + +The possible option fields are: + +* environment: this parameter is used and propagated as an environment variable + to all the projects involved in the chained-ci +* longlife_artifact: `true` (not present by default) +* inpod: `<other_chained_ci_reference>` +* healthchecks_id: `<uid>` + +#### longlife_artifact + +The longlife_artifact option is needed to store the artifacts over a long +period. As other chains may consume the artifacts, if the chained-ci is not run +frequently, the artifacts could be deleted after a while and become unavailable +for other chained-ci. + +Typically if you install an infrastructure once and run several chains +requesting the artifacts of the infrastructure installation, it makes sense to +set this option. + +#### inpod + +Chained-ci can be seen as matriochka, in fact you may trigger deployments once +a previous deployment has been completed. + +The inpod parameter allows to define a sort of heritage in the chained-ci +declaration. + +![inpod](../img/inpod.png) + +#### healthchecks + +The healthcheck option is used to reference your chained-ci to +[healthcheck](https://github.com/healthchecks/healthchecks). + +### Chained-ci steps + +Each step can be defined as follow: + +```YAML +[step name]: + project: [gitlab project reference] + get_artifacts: + - name: [project name for the artifact] + [static_src: true] + [extra parameters] + [infra] +``` + +#### gitlab project reference (mandatory) + +It shall correspond to a name of a gitlab project. + +#### get_artifacts (optional) + +The get_artifacts is to retrieved data (env variables, configuration files) +from a previous gitlab pipeline from a chained-ci. + +These artifacts can be retrieved: + +* dynamically (by Default): gitlab API will be called to retrieved the last + artifacts corresponding to the project referenced +* statically: if static_src parameter is set to True, you then must indicate + the path to the artifact + +By default Chained-ci will call gitlab APIs to retrieved the artifact. + +##### limit_to + +Please note that it is possible to retrieve only a subset of the files from +an artifact by using **limit_to**. + +```YAML +get_artifacts: + - name: infra_deploy + limit_to: + - vars/user_cloud.yml: vars/user_cloud.yml +``` + +##### in_pipeline=false + +It is also possible to indicate that the artifact cannot be retrieved from the +pipeline by setting in_pipeline=false in the get_artifact section. You then +have to add the name of the pipeline to fetch and the step in the pipeline. + +In the example, we retrieve artifacts from `config` step of last +`onap_k8s_ic_pod4` pipeline. + +```YAML + get_artifacts: + - name: config:onap_k8s_ic_pod4 + in_pipeline: false + limit_to: + - vars/pdf.yml: vars/pdf.yml + - vars/idf.yml: vars/idf.yml +``` + +#### extra parameters (optional) + +You may indicate here additional variables to configure your Chained-ci. These +variables will be given as environment variables for the run of the project. It +shall be configured as follows: + +```YAML +extra_parameters: + key 1: value 1 + key 2: value 2 + .... + key N: value N +``` + +#### infra (optional) + +This option can be specified if you want to use a specific resources of an +existing infra. This infra shall be declared in the Infrastructure Description +file. + +## Create your static artifacts + +It is possible to create a static artifact file. It consists in a zip file +containing all the files. + +For instance if you need to precise an inventory my_jumhost and a set of +vaiables declared in a foo.yml file, you will need to prepare your file. + +``` +├── inventory +│  └── my_jumphost +└── vars + └── foo.yml +``` + +Zip the different files in my_foo.zip and reference zoo in the chained-ci. + +``` +get_artifacts: + - name: my_foo + static_src: true +``` + +Note that my_foo must not be in the path once the archive unzipped. + +## Gitlab-ci generator + +The `.gitlab-ci.yml` of your Chaine-ci project may be a little be tricky to +generate. That is why a gitlab-ci generator has been introduced. + +You can run the gitlab-ci-generator ansible role locally on your machine. +Based on the chained-ci you created, it will re-generate the file properly. + +```Shell +ansible-playbook -i ./pod_inventory/inventory ./gitlab-ci-generator.yml +``` + +`<chain_id>` is the name of the chain you defined in *Declare your chain* step + +once you have generated `.gitlab-ci.yml`, you'll need to push your change to the +gitlab server (via a merge request or not, depending on you push policy) before +using it. + +## chained-ci tools + +It provides a set of tools to deal with Chained-ci: + +* Get artifacts from a projects +* set the configuration (ssh key and ssh config) +* Generate Vault key file + +See [README](https://gitlab.com/Orange-OpenSource/lfn/ci_cd/chained-ci-tools) +for details. diff --git a/doc/user-guide/run.md b/doc/user-guide/run.md new file mode 100644 index 0000000..2b77296 --- /dev/null +++ b/doc/user-guide/run.md @@ -0,0 +1,30 @@ +# Run your Chained-ci + +From the gitlab web page of your Chained-ci project, select the CI/CD menu + +![pipeline creation step 1](../img/pipeline_creation_1.jpg) + +* Click on the Run Pipeline button + + ![pipeline creation step 2](../img/pipeline_creation_2.jpg) + +* Select the acurate branch (Default: master) (orange in image) + + ![pipeline creation step 3](../img/pipeline_creation_3.jpg) + +* set variable POD, here POD is the identifier for your chained-CI (yellow in image) + + ![pipeline creation step 3](../img/pipeline_creation_3.jpg) + +* Click on Create pipeline i(green in image) + + ![pipeline creation step 3](../img/pipeline_creation_3.jpg) + +You can obviously also use the Schedules menu if you want to regularly run +your chain (cronjob defined). + +![schedule creation step 1](../img/schedule_creation_1.jpg) + +![schedule creation step 1](../img/schedule_creation_2.jpg) + +![schedule creation step 1](../img/schedule_creation_3.jpg)
\ No newline at end of file diff --git a/gitlab-ci-generator.yml b/gitlab-ci-generator.yml new file mode 100644 index 0000000..844b100 --- /dev/null +++ b/gitlab-ci-generator.yml @@ -0,0 +1,7 @@ +--- +- hosts: all + connection: local + gather_facts: false + any_errors_fatal: true + roles: + - role: gitlab-ci-generator diff --git a/logo.png b/logo.png Binary files differnew file mode 100644 index 0000000..afee8a8 --- /dev/null +++ b/logo.png diff --git a/logo.svg b/logo.svg new file mode 100644 index 0000000..a4dcc0b --- /dev/null +++ b/logo.svg @@ -0,0 +1,130 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="19.586046mm" + height="19.586046mm" + viewBox="0 0 19.586046 19.586046" + version="1.1" + id="svg8" + sodipodi:docname="logo.svg" + inkscape:version="0.92.3 (2405546, 2018-03-11)" + inkscape:export-filename="/home/edby8475/Dev/chained-ci/logo.png" + inkscape:export-xdpi="98" + inkscape:export-ydpi="98"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="6.5333333" + inkscape:cx="7.8188803" + inkscape:cy="30.617961" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="2560" + inkscape:window-height="1403" + inkscape:window-x="0" + inkscape:window-y="0" + inkscape:window-maximized="1" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" /> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title></dc:title> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Calque 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-76.099242,-143.22085)"> + <circle + style="opacity:1;vector-effect:none;fill:#ffffff;fill-opacity:1;stroke:#4d4d4d;stroke-width:0.50260705;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" + id="path921" + cx="85.892265" + cy="153.01387" + r="9.5417194" /> + <g + id="g933"> + <path + sodipodi:nodetypes="cccc" + inkscape:connector-curvature="0" + id="path919" + d="m 87.755086,149.65335 h -3.722685 c 3.722685,0 0.03786,6.84943 3.737003,6.84401 v 0" + style="fill:none;stroke:#666666;stroke-width:0.26458332px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" /> + <g + transform="translate(-2.1166667)" + id="g862"> + <circle + style="opacity:1;vector-effect:none;fill:#ffffff;fill-opacity:1;stroke:#44aa00;stroke-width:0.5291667;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" + id="path848" + cx="83.371094" + cy="149.57428" + r="2.7487407" /> + <path + style="fill:none;stroke:#44aa00;stroke-width:0.62900001;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" + d="m 82.386279,149.28284 0.715902,0.81612 1.267143,-1.24567" + id="path850" + inkscape:connector-curvature="0" /> + </g> + <g + transform="translate(-0.03559777,6.879167)" + id="g858"> + <circle + r="2.7487407" + cy="149.57428" + cx="90.565697" + id="circle852" + style="opacity:1;vector-effect:none;fill:#ffffff;fill-opacity:1;stroke:#2a7fff;stroke-width:0.5291667;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" /> + <path + style="opacity:1;vector-effect:none;fill:#2a7fff;fill-opacity:1;stroke:none;stroke-width:0.36824697;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" + id="circle854" + sodipodi:type="arc" + sodipodi:cx="90.415558" + sodipodi:cy="149.57428" + sodipodi:rx="1.9128479" + sodipodi:ry="1.9128479" + sodipodi:start="4.7106229" + sodipodi:end="2.5736704" + d="m 90.41218,147.66143 a 1.9128479,1.9128479 0 0 1 1.881627,1.55068 1.9128479,1.9128479 0 0 1 -1.17015,2.13913 1.9128479,1.9128479 0 0 1 -2.320669,-0.74807 l 1.61257,-1.02889 z" /> + </g> + <g + transform="translate(7.1590052)" + id="g868"> + <circle + r="2.7487407" + cy="149.57428" + cx="83.371094" + id="circle864" + style="opacity:1;vector-effect:none;fill:#ffffff;fill-opacity:1;stroke:#44aa00;stroke-width:0.5291667;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1" /> + <path + inkscape:connector-curvature="0" + id="path866" + d="m 82.386279,149.28284 0.715902,0.81612 1.267143,-1.24567" + style="fill:none;stroke:#44aa00;stroke-width:0.62900001;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" /> + </g> + </g> + </g> +</svg> diff --git a/pod_config/config/artifacts/vim_unh.zip b/pod_config/config/artifacts/vim_unh.zip Binary files differnew file mode 100644 index 0000000..2118fba --- /dev/null +++ b/pod_config/config/artifacts/vim_unh.zip diff --git a/pod_config/config/artifacts/vim_unh/inventory/host_vars/jumphost0.yml b/pod_config/config/artifacts/vim_unh/inventory/host_vars/jumphost0.yml new file mode 100644 index 0000000..d07a9b1 --- /dev/null +++ b/pod_config/config/artifacts/vim_unh/inventory/host_vars/jumphost0.yml @@ -0,0 +1,4 @@ +--- +ansible_host: 192.168.1.143 +ansible_user: ubuntu +public_fqdn: 192.168.1.143 diff --git a/pod_config/config/artifacts/vim_unh/inventory/jumphost0_inventory b/pod_config/config/artifacts/vim_unh/inventory/jumphost0_inventory new file mode 100644 index 0000000..60be9db --- /dev/null +++ b/pod_config/config/artifacts/vim_unh/inventory/jumphost0_inventory @@ -0,0 +1,2 @@ +[jumphost] +jumphost0 diff --git a/pod_config/config/artifacts/vim_unh/vars/openstack_openrc b/pod_config/config/artifacts/vim_unh/vars/openstack_openrc new file mode 100644 index 0000000..eb76830 --- /dev/null +++ b/pod_config/config/artifacts/vim_unh/vars/openstack_openrc @@ -0,0 +1,24 @@ +$ANSIBLE_VAULT;1.1;AES256 +33623232303362393864373865636261633438333936666538306530653064353961656330333132 +6534373535643465663732316538636363386664633838300a343730386439313133363438366365 +39653363306335656637356335366232396436636462363862373637343737393839323433613233 +3962383263336635300a376237323036613038633132656334306633393466343762613163363161 +63306335646533356465653964636430643862396164653035313038333138373162633263346533 +63356165373465613761333131343865613635653130353263646635326531323638646462623561 +34653062346666373066373431353763356439356337653964383065636532313165366338326235 +64336563333433303463663633646434643130616165653964376565366233353663613732643133 +32356465306635633131646437376562623362633530386333636433626139333130323438616435 +36643964613739343438663962346636313333643838383532356634373936653135346563613635 +34383038333562313764633533366136633332636662396338666163663431666332623966336562 +32346439373037393132393166633933613761363937633531636639356566303165303561326564 +33626462353566376132383836616262643563326331336364396665383034353566383333643134 +66373835363036663238373630643233633463623932643133646565623938653365363634616362 +37306637636631633231633138383135633861363230626464383030383334613864333561323838 +34306463633531396337326236376662376331336162333561643765623366633665633033386436 +65616137626435626230323665383764376561373632383736363034373862663034643231313161 +30306464393632616663643133383039633662663234663461353235303433663034646231363130 +62363832636433376161666164316439643965393537323066343332633037663262393439636630 +63646461343834373861646637633062313534366433356263363631383331393063393863366239 +35306561343031623135623665333738353236396365646566396362356164613239313066333361 +61616138393739643736303233656166623338343337326435333437663239646231353933343130 +613263363138613464376439356639333865 diff --git a/pod_config/config/artifacts/vim_unh/vars/vaulted_ssh_credentials.yml b/pod_config/config/artifacts/vim_unh/vars/vaulted_ssh_credentials.yml new file mode 100644 index 0000000..8f9f3f0 --- /dev/null +++ b/pod_config/config/artifacts/vim_unh/vars/vaulted_ssh_credentials.yml @@ -0,0 +1,116 @@ +vault_ssh_id_rsa: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62663765646566613264353264646535373939343563393666643439343839353730316161303835 + 3631653731636233653638323961393937336439616464390a646563306635663734656330623132 + 62623839656233303531306661643530663038323561383437643563366536346137643363313036 + 3139363561303266330a613834313366616634396139623237656135363134613661303961326238 + 38393030303461646432356339343338633064336464343366636266326263646136633239636530 + 65623433333137366266336238646362396239343539373864363932386361373162336635636166 + 64376337343564633930663334343937353938393966656136363263386536376539346433376466 + 35353163653332323466323061636566666437316339393962323233336238356437343765303130 + 36326338653762653030393631323964646162626437396337393633386362373833653935656464 + 65306565633333663066376665383835636334356336353839396339646565386431336536393561 + 37646434653738383734666266396430643332396233393235346265326565336435653136363764 + 62613435653334376232353763376365343762323231373134653163366238616535366436616138 + 33623736353831613230626134363766643739316436386164373263373065386332343665346165 + 30643966396366313566663133653739316439653265346634666236626434643434653362386130 + 38353239363634396362313938356365383939333736616361343062616462653163623533366630 + 30333365623265623164313635633363663964333830313264663265393432366364326436376632 + 38663130346536343164313333646434623138663662623165396166353439343463356134386531 + 65653532323230616631306330316339303864616163363934376262346664376636636161396564 + 62306233653433303031616131313965666264393239653238323939373635653534353233626565 + 31623538343033313831373732653830313034316166333162356562663035313934326533303335 + 66333138663865343933356637363061613236653864653739383537396538623333616336386535 + 38663234366337633464616439646561633436343763343130643665313633386362316565623833 + 66363232313262623431653736336234616566613166633862373462313564626538613765346134 + 65386335623639666633333939313832336439613135356263353537663236326661326266363136 + 66633335626137326266366339343435613437396335303662326435623435336662626332666130 + 35336330633733393464396134336561656261393734646433643335636664613633643339633063 + 34393366336162613339633030373934633363616434336537333466636437383765633332393433 + 61346465396635396631323938636261333038363738393363326235616334636636653762353038 + 39613564623638376137346664643632326362646436613361336133653337393363343836303835 + 65623334353163333732346531313262303965383738663363326336336566663364366236636563 + 62353062633930396637353637616433366431653335643233373436343434393435323339313762 + 39373937313364633731663466636664623237363030623434663932666136303530316533326433 + 61393238663431326636643061376264383738646633356462656531353030303965663138336664 + 37376239643132633133633662306461366265346332323632636563343930376166343066346536 + 66623737323666326634633036373830313562306133653635393161646431383563663737346135 + 36343631326234613861343261343462303063666337346436393833363436333361386237626462 + 35323132386165373337363031623736323363316237613266336165653635303932316139623662 + 32306664376235383739663032653633326235313065373365356433663262333432333730336264 + 39323462346430653437363331396361636464393364373235323732366664366638653935633435 + 66666138303930373539336361666464613865333937633832663064663264313033613431666631 + 34386666643338633035616136383332393530373938646339373735346235333834646165633534 + 35323463316265343162383933393735666538326563313036333933393666346165633336343065 + 30313730376635653837643962386439396463383430396437373831663936623263396264306131 + 38623933373565633162316436373066306666613233326337386261303235643738363763306161 + 32636231333630336637313362616466643063346530353631353733343836396330646566313639 + 39393664353835646534623531323232643063396363333733643531356438353566383236383839 + 32316635303035303030363866333161653763316532616164313165366363373961373561666436 + 37396564356234666435336464653363326133636631353362393734383437313465323762623134 + 63366662353764363664636639626338386130616639316333336639373730663132313366616266 + 61303235346637306362346334613664346163336238653131643035326534663534623636323630 + 30373562623736396632323936306231366236323262663962313534336338633638363034393661 + 31633761323139363530396333363230343031303265333731616339656565646336366230646636 + 33616539396531356236373931643835303664303735313930333466613031393164316665646336 + 63313762393861643431333936613936373566646235613462316538656137356139313062663937 + 39396233633266323666366463373834666338643863343832346234313166646632623764653331 + 34656334633865633764326162623764336430633439393662323430623466313039633938646632 + 33643037643435303236393130653936313635623637386533643962363361386235643433643530 + 62663965353564656536356530643032363832383932666232336538333235343162316438613763 + 66373963613437313932666138666630363332333031653437626134666639373231353438376663 + 39646335336230353635343932393664383635386462653432363630613131343536613731666135 + 33333931353666653732383836633334656234623332663863623733363265313865333230313436 + 66353361323938643136326337613532626337613631333564356538646432656235643463316135 + 65396464326431663563383432616634653465656361656662616564633933383332373366666166 + 33383632386663333232616536643035363633333938313435393862616633336535623433303234 + 35393262333565303665353332616335323331383865633831363433376431336666616163613461 + 33323035313962376366613031653665376566383063353066356332386564383937333131636233 + 62343931616534386633626434333534666430356436363230383963646262623438326261323333 + 30333731393931326565666133306630623837336463363361326562363637386435313031383562 + 36313261376465306435636261393532326363666461383930396633643332353936663839323761 + 36303836666264393034313163636337626434326265623237313430313533393562323061616333 + 32656263383663353731653731396633396162623836633837386364323833636139666433633164 + 36396533616366313962636437333231383764323236633832636464343135643966313033393131 + 36633164666330343031313565633136666166363265613831633635343062663933316463363030 + 34346165613538386365313330613537373838626338653565303663396335393537303936383736 + 37326134366435623363396432396465396565306563393163653766343235376563336664373764 + 36656161336538643931633838643564313561346637393430356263633539636132363637326633 + 61356138353235393636646233643166616435356264366166633139383863636362643562363833 + 39356535343836306530353539326132373264303731343638303662323738393666373562376261 + 30333637363462643134333335633233383830356239613531396330633432333439643865316264 + 35376565396437316261633331643865346661666663393933346633643836356266646661376165 + 35366634373064363833356332343866363430326139613436663737343761373533623062336661 + 36623730376465663433636637623836613533626438303231363531353165613839326263393161 + 34393362316638313065623262623064306565343063663535666163306130353166633632633962 + 39356434613538326364343230363063333737666137303364663539666437353736393066623932 + 61363766633037316666326162303730653666323834373738663263623033326136646633353462 + 38633566383538393461326337303232663532333735643663633230666634393338393138323362 + 34613935303231376464316665376266343734653965356362636239363331383335666133663234 + 65353637656439643133 +vault_ssh_id_rsa_pub: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35356135663762666264633836313933386664353538336337646438323339333461636364646636 + 3832313030623339656235316639633038636137646535300a663733633463333462356537616338 + 35376635613362303863333262363262633436363034393736333366366530643964393236326639 + 3437396235306663630a333066343261393565333734666332653162393932363066623432663335 + 35366333643930353361623337643334633935356463316130393635656534613533303436653330 + 36643762346534346463616464303331303834363361323263653630636630633032373632373632 + 30326339623139343365386130616432653239326636613236343365323630666563626631383461 + 62616332613062346133633834353162313634363639366234633061393130383166613933356534 + 66393039323632646562303437616432326135326266396239373165363865316262363436323662 + 30643631633837326461333639313964333938623835633131306536656564373134373266613836 + 36633863326662313462373738633132333437643366366131366231383938633334326338346462 + 64316332326339326130626333663738633536376230666164366138393763363030323463323761 + 36353636336262326139633130643562646431353437303033356436313963626530386162646337 + 62343439333937306431363361396634656165656538626330326634636135303436366262313730 + 61656637373536376263633430393561336237323636636161393931343563383334363531303965 + 65633262313861656665363461663432383739386132663264633239303062333465373030376538 + 65613833313132306639353161393265303736313366623666633965383237333965653834306265 + 34383633326664626231643733323362323837323835633262326132313136336532663738316632 + 30623663333664306630663066386562343165393463363765363064666633373531393633396163 + 61303366643135373363306464303731393535653434316536643336643132643231313661383436 + 35643139313262663138613862653432303766333037653435363336333963666661626437623362 + 64616230396533393361346236326432616133613462313263383736663230393639623530356138 + 64333462616133626637333034393464343261333039306465393930306661616365643132373364 + 34383039313663613531
\ No newline at end of file diff --git a/pod_config/config/artifacts/vim_unh/vars/vim.yml b/pod_config/config/artifacts/vim_unh/vars/vim.yml new file mode 100644 index 0000000..7adcbf0 --- /dev/null +++ b/pod_config/config/artifacts/vim_unh/vars/vim.yml @@ -0,0 +1,21 @@ +$ANSIBLE_VAULT;1.1;AES256 +30333865313137333064623264643530393433306430323065386238633937353766623631316331 +6135613137383434373166343835366565373331336534660a326532336133656430653033386362 +61323839396161633164346531373037393666336235626336306438626165393530623137646161 +3738346634303063320a663165653037373136363762353564393665333464653866313666656663 +63376261623834366562353634353135636661386631386235313466616632366462636131383061 +33343833613532383966303335613038383063386164343538643065383064366162363230363662 +64626463666536633133373830376435373436323066343637353837306538623661363162376634 +34376330323330333537616366336632393635353963653566646263313863643434613863376166 +33316534343564646661326336613638323533636538396237666466643131313331646435623966 +34323036346262643237323838626632663733333731396661366536643835363961653061326265 +33396335353164623863623839616337633135666261343964326262613731333662303866363134 +39663461326262613931613864373439376362623934363131303235353565393162623433653637 +31633433363733636233343034336637633765633231643139303263323661343931366437326432 +61316164663835353566616235306134386465666135613534323861653932306235613463666165 +39306564303861383538396334333165656333656664666364303734623462373236393439613834 +30656330633635663163336434383436626537343164383532646330303162306239333334306162 +32373931376338363935303462356232626631663031343631383236303634306133363962346333 +64353831653634366333393231313563356663376134633166653237313761393337613930653638 +62333234303632626466376466366635343832383136663834616532313463613664653037313939 +64646463366637383534 diff --git a/pod_config/config/idf-k8s8-8.yaml b/pod_config/config/idf-k8s8-8.yaml new file mode 100644 index 0000000..85ae700 --- /dev/null +++ b/pod_config/config/idf-k8s8-8.yaml @@ -0,0 +1,146 @@ +--- +idf: + net_config: &net_config + admin: + interface: 0 + network: 10.253.0.0 + mask: 24 + gateway: 10.253.0.1 + dns: 10.253.0.1 +os_infra: + net_config: *net_config + user: + name: onap-8 + is_admin: false + tenant: + name: onap-8 + public_net_name: external + flavor_prefix: k8s_rke + quotas: + cores: 100 + ram: 300000 + gigabytes: 1600 + floating_ips: 20 + instances: 20 + snapshots: 15 + volumes: 20 + server_group_members: 15 + images_to_push: + image_default: ubuntu-20.04.20220308-cloud-amd64 + image2user_mapping: + ubuntu-20.04.20220308-cloud-amd64: ubuntu + nodes_roles: + control01: [kube-master, etcd, monitoring, nfs-server] + compute01: [kube-node] + compute02: [kube-node] + compute03: [kube-node] + compute04: [kube-node] + compute05: [kube-node] + compute06: [kube-node] + compute07: [kube-node] + compute08: [kube-node] + jumphost1: [jumphost] + roles_group: + k8s-cluster: + - kube-master + - kube-node + k8s-full-cluster: + - k8s-cluster + - jumphost + - monitoring + - etcd + + dns: + update: true + provider: gandiv5 + zone: onap.eu + name: k8s8-external + master: control01 + + onap: + global_storage: + enabled: false + class: hdd + fast_class: ssd-fast + rwx_class: nfs + + kubernetes: + storage_classes: + - name: hdd + parameters: + availability: nova + type: public + provisioner: kubernetes.io/cinder + - name: ssd + parameters: + availability: nova + type: ssd + provisioner: kubernetes.io/cinder + - name: ssd-fast + parameters: + availability: nova + type: ssd-fast + provisioner: kubernetes.io/cinder + certmanager: + webhooks: + - name: letsencrypt-gandi + git: https://github.com/bwolf/cert-manager-webhook-gandi.git + namespaces: [] + certificates: [] + helm: + repositories: + - name: jetstack + url: https://charts.jetstack.io + - name: grafana + url: https://grafana.github.io/helm-charts + - name: timberio + url: https://packages.timber.io/helm/latest + charts: + cert-manager: + chart: jetstack/cert-manager + namespace: cert-manager + istioEnabled: false + content: | + --- + installCRDs: true + prometheus: + servicemonitor: + enabled: true + nfs-server-provisioner: + enabled: false + storageClass: ssd + + openstack: + cinder: true + lbaas: false + octavia: true + + ssh_pub_key_default: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqdtSqUClQ0SVgqk\ + 1c9yRvqBDk/AWkeodO5tzmYdBAAo0G9fQxaS7XY2sZqjTgoPf/YTbGmdAJN2Ho+5n8Q/65YuFf\ + vg7ROVcCRWLPO5rot+tqlflxM4G1cIu+e38vs9i6WqPrY+0HVtgKnnVvBztkXkZ7fWtdZZ/h0p\ + SWE0JFqx8CoF5KldqI9UX/qsgrCOKG5XFbE9M+AtG99wRb+wGlXVmDcyyYVaAQHkkjc3GpwzH4\ + /35OhjJwwFoASR8OpXp2ChnCTuj2Mlp20OK3QsyjhfTA09bP7oZbCvujoKpNa/ApoEGRV8hLg8\ + ak3t6kp2FOLoCYVnpGhmCD5fUYOOL5 Generated-by-Nova + + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA/6kqp3MNvYCajLYIunRG4w8aZFbfNZqFmh\ + OnvR/8h0vrTJAxSVPMZVETlEkIdZMB8wKHnvj75TepQVxP2dXtqlgrmVnCOrKDYNgCQsMoDr/E\ + aYXbv+ph/asWWFuIQ9wPVZG3+Qlf+Y5ne88WVnjlLOvqoB7UJYEqNnhqDR4OVgBVhnROlcnPZE\ + 4mh3TOxFXMDNctOQUr+4h4Cp7hBzXW7SbbpDMiQizIGSEFrzA/L0/peSK1f105KDdenWSfSxsb\ + qABuKL+2/68BheRqcXxhiXf3AUGMy2awhLRLPCmTbE10J2Ky6z1bNgB0Wnqb0bwWLerow0B3Ur\ + b+c/0Lv9EZ Michal.Jagiello@t-mobile.pl + + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCx/xA4zpJOXj03X3H8jNAZynKGOJvOkqnoRw\ + q1gEw46WDnZoElAkTojjCZSqBXYsmK48uLNMsys0FufL4XPjtYEvjrApooQBXsH+JdGKjm9M16\ + pvMSPjcxov0IQ+GuTrBFEbg6ismmLNgAGdXBvJa4q+Ne0yaPEh3WbffbPEShIUj6wiFFI7pdd4\ + je2Dka2kPrFBQUsJe6qUrQ3nbpXpNg3XGnKm3fqNfKWSw5Lc5UfvKxgLxU+9ur46O63LwgAyak\ + o2FYJ5dC6RkAe91fpqUNcM4JhjuqmeTrqpi8QEjX4t22Zr6W26Ueepd7uuKyiRnXYd27uwjvHC\ + gC41V0BGiB krzysztof.kuzmicki@nokia.com + + ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDGW9JWAgHvwB4xrbfjjn60X92gQpLeCxCNsh\ + 13jrtRVx8Ph5e0dpMX8fLsWAyY1JKj9w0xF6z1AWT4VbMJ+DkdjvIBDnZxVdjQkVtRdzSKpzBK\ + iodQcQu1unCby3iKUelY/qDDwoeqcZMvmTnjaEwHCTRbKSo+O8VWw4IpY8NhPPzDlYB7Y6d4Rd\ + FyLPiNc1vmFflEtu9Hle4JOYIisZFv7kaDihVXv+04YmwlfJQHu/BYlUTXGld41WsfXV8EM/8F\ + RUwlVLKrUNMOiPcmdYXNX9MVbLlwBlRNVAfKIFacYQ192Pwc0TokLujpEfUl6XsTV/c+Yznm79\ + 3LfjiH3/hMHteJywkKcQYSGnKD/KeN5UpBy8VYu1FwXkNIU4YSy8jW+mtvz5hDxQm7uTOIaMzv\ + 1pnv/hZK2n+Lt5cigdclvpWSn/rwo+PUFZJgvx5VLo8m3jh8J3yKlwhkhKe0CnCfwaNSDOtV3x\ + 0ftRscgwzn4HdTfRl83RQqo8ywwnK01fs= Lukasz.Rajewski@t-mobile.pl" diff --git a/pod_config/config/idf-pod-test.yaml b/pod_config/config/idf-pod-test.yaml new file mode 100644 index 0000000..be87309 --- /dev/null +++ b/pod_config/config/idf-pod-test.yaml @@ -0,0 +1,62 @@ +--- +idf: + net_config: &net_config + admin: + interface: 0 + network: 10.253.0.0 + mask: 24 + gateway: 10.253.0.1 + dns: 10.253.0.1 + +os_infra: + net_config: *net_config + user: + name: pod-test + is_admin: false + tenant: + name: pod-test + public_net_name: internet-nat-dl + flavor_prefix: pod-test + quotas: + cores: 112 + ram: 221184 + gigabytes: 1200 + floating_ips: 15 + instances: 15 + snapshots: 15 + volumes: 45 + server_group_members: 15 + images_to_push: + image_default: Ubuntu_1804 + image2user_mapping: + Ubuntu_1804: ubuntu + nodes_roles: + # control01: [kube-master, etcd, monitoring] + # compute01: [kube-node] + # compute02: [kube-node] + # compute03: [kube-node] + # compute04: [kube-node] + # compute05: [kube-node] + # compute06: [kube-node] + # compute07: [kube-node] + # compute08: [kube-node] + # compute09: [kube-node] + # compute10: [kube-node] + # compute11: [kube-node] + # compute12: [kube-node] + jumphost1: [jumphost] + roles_group: + # k8s-cluster: + # - kube-master + # - kube-node + # - monitoring + k8s-full-cluster: + # - k8s-cluster + - jumphost + + openstack: + cinder: false + lbaas: false + octavia: false + + ssh_pub_key_default: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAr0If62QHgf/xKzomkwBD9c1ol7edWpyG5+p9UBRE0D/bJcA5lyRpaYlcjxp3pfnN+WiVYfzjwHDjeDlyAOpH2o3yrBCA9U+sU6PjhIH/BXFVkVQBY4xAmtjQnN3QCzjn8BA6PbaEt53OvvaYqtgg0yc5OOA0nyDlcg/FU88I1MnhZvjTU90V4QEYKCMAyYcz6NdjGfC7PmpKIVmSWgHOdR59d5CGIRv6BnIWIBqXy+z+eldbSKBrRVo/dv/H8Q0uwS6/rA2gLXeXhsQmEFZXsxwovypWm6t5hWMK/4cXA88AwylMd9xSroic398RZiO3QygZ9L7aQN2rnuAQHHOOaw==" diff --git a/pod_config/config/k8s8-8.yaml b/pod_config/config/k8s8-8.yaml new file mode 100644 index 0000000..39f72e4 --- /dev/null +++ b/pod_config/config/k8s8-8.yaml @@ -0,0 +1,142 @@ +############################################################################## +# Copyright (c) 2017 Orange and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +### vPOD descriptor file ### + +details: + pod_owner: TNAP + contact: N/A + lab: ONAP Darmstadt + location: TA5 + type: testing + link: http://wiki.onap.org/ +############################################################################## + +nodes: + - name: jumphost1 + node: &nodeparams + flavor: "m1.medium" + model: ubuntu-20.04.20220308-cloud-amd64 + type: virtual + vendor: openstack + arch: x86_64 + cpus: 4 + cpu_cflags: host-model + cores: 4 + memory: 8G + disks: + - name: disk1 + disk_capacity: 40G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + remote_management: &remote_management + type: + - ipmi: NA + user: NA + pass: NA + address: NA + mac_address: NA + interfaces: &interfaces + - mac_address: + name: nic1 + speed: + features: + - name: control01 + node: &controlparams + flavor: "m1.xlarge" + type: virtual + vendor: openstack + model: ubuntu-20.04.20220308-cloud-amd64 + arch: x86_64 + cpus: 8 + cpu_cflags: host-model + cores: 8 + memory: 16G + disks: &disks + - name: disk1 + disk_capacity: 160G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + - name: disk-docker + disk_capacity: 100G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + - name: disk-nfs + disk_capacity: 100G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + - name: disk-db + disk_capacity: 40G + disk_type: qcow2 + disk_interface: ssd + disk_rotation: + remote_management: *remote_management + interfaces: *interfaces + - name: compute01 + node: &computeparams + flavor: "m2.large" + type: virtual + vendor: openstack + model: Ubuntu_2004_20220124 + arch: x86_64 + cpus: 8 + cpu_cflags: host-model + cores: 8 + memory: 40G + disks: &diskWorker + - name: disk1 + disk_capacity: 40G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + - name: disk-docker + disk_capacity: 100G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + remote_management: *remote_management + interfaces: *interfaces + - name: compute02 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces + - name: compute03 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces + - name: compute04 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces + - name: compute05 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces + - name: compute06 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces + - name: compute07 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces + - name: compute08 + node: *computeparams + disks: *diskWorker + remote_management: *remote_management + interfaces: *interfaces diff --git a/pod_config/config/pod-test.yaml b/pod_config/config/pod-test.yaml new file mode 100644 index 0000000..7dba712 --- /dev/null +++ b/pod_config/config/pod-test.yaml @@ -0,0 +1,78 @@ +############################################################################## +# Copyright (c) 2017 Orange and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +### vPOD descriptor file ### + +details: + pod_owner: ONAPatDT + contact: N/A + lab: ONAP Darmstadt + location: N/A + type: testing + link: http://wiki.onap.org/ +############################################################################## + +nodes: + - name: jumphost1 + node: &nodeparams + flavor: "m1.medium" + model: Ubuntu_1804 + type: virtual + vendor: openstack + arch: x86_64 + cpus: 4 + cpu_cflags: host-model + cores: 8 + memory: 8G + disks: &disks + - name: disk1 + disk_capacity: 40G + disk_type: qcow2 + disk_interface: ide + disk_rotation: + remote_management: &remote_management + type: + - ipmi: NA + user: NA + pass: NA + address: NA + mac_address: NA + interfaces: &interfaces + - mac_address: + name: nic1 + speed: + features: + +# - name: pod-test-jumphost +# node: &nodeparams +# type: virtual +# vendor: openstack +# model: Ubuntu_1804 +# arch: x86_64 +# cpus: 4 +# cpu_cflags: host-model +# cores: 8 +# memory: 8G +# disks: &disks +# - name: disk1 +# disk_capacity: 40G +# disk_type: qcow2 +# disk_interface: ide +# disk_rotation: +# remote_management: &remote_management +# type: +# - ipmi: NA +# user: NA +# pass: NA +# address: NA +# mac_address: NA +# interfaces: &interfaces +# - mac_address: +# name: nic1 +# speed: +# features: diff --git a/pod_inventory/group_vars/all.yml b/pod_inventory/group_vars/all.yml new file mode 100644 index 0000000..f31df15 --- /dev/null +++ b/pod_inventory/group_vars/all.yml @@ -0,0 +1,193 @@ +--- +disable_pages: false +protected_pods: [] +stages: + - lint + - config + - infra_install + - virt_install + - apps + - check + +#my_runner_tags: "{{ lookup('env','RUNNER_TAG')|default('ta5_tnaplab', true) }}" +runner: + tags: + - "$RUNNER_TAG" + env_vars: + CHAINED_CI_SRC: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/chained-ci.git #TODO: Chained CI on onap gitlab + docker_proxy: + image: registry.gitlab.com/orange-opensource/lfn/ci_cd/docker_ansible + image_tag: 2.7.10-alpine + +gitlab: + pipeline: + delay: 15 + base_url: https://gitlab.devops.telekom.de + api_url: https://gitlab.devops.telekom.de/api/v4 + private_token: "{{ lookup('env','CI_private_token') }}" + + git_projects: + config: + stage: config + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/chained-ci.git #TODO Chained CI on onap gitlab + api: https://gitlab.devops.telekom.de/api/v4/projects/36215 + branch: "{{ lookup('env','config_branch')|default('master', true) }}" + path: pod_config + + trigger: + stage: apps + trigger_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 64386138616464653132353964363032346464373363323366616436346263323230353961363263 + 3562653664303631323134313864393364636538643430640a363766316230633932376466643333 + 64386331633737623164313831633537666638623534663736313331313266396438306266636632 + 3532313263396532300a306661393438613734323064313064343361363763636664393231363934 + 37633335396563623462653935393236356139303864646135303935373937623739 + branch: "{{ lookup('env','CI_BUILD_REF_NAME')|default('master', true) }}" + parameters: + ansible_verbose: "{{ lookup('env','ansible_verbose') }}" + RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + + cloud-infra: + stage: infra_install + api: https://gitlab.devops.telekom.de/api/v4/projects/36227 #TODO cloud infra on onap gitlab + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/cloud-infra.git #TODO cloud infra on onap gitlab + trigger_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62376565306333613162653738343564313038383965316435633839306132326266366461346561 + 3939376632346134383837643437626465646531356632630a623565363461643235333161393036 + 62366564333133396330333438363130373437326364343562663562313336656636363333373163 + 3230323764363661320a613766636437316538353935346631373363623030666165626532623736 + 65393033386438303831653936613861646561363661353236626630386266366134 + branch: "{{ lookup('env','cloud-infra_branch')|default('master', true) }}" + get_artifacts: config + pull_artifacts: "create_servers" + timeout: 900 + parameters: + CLEAN: "{{ lookup('env','CLEAN') }}" + ansible_verbose: "{{ lookup('env','ansible_verbose') }}" + RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + USER_ROLE: "{{ lookup('env','USER_ROLE') }}" + + # rke-install: + # stage: virt_install + # api: https://gitlab.devops.telekom.de/api/v4/projects/36232 + # url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/rke-install.git + # trigger_token: !vault | + # $ANSIBLE_VAULT;1.1;AES256 + # 31366336336230663530613735643963626665633538643838353762386364363632393039623165 + # 3939326531333765393964373431633961656663303933340a393934326464646436313839666662 + # 33313662333662386362316666316232623364346134646165326562303439373861616162653938 + # 6130363366366634320a363231326234346530333665353134616435643136353638613332313061 + # 34353035336437306130396366343566376362366630613233613464663962626539 + # branch: "{{ lookup('env','vim_branch')|default('master', true) }}" + # get_artifacts: + # pull_artifacts: "postconfigure" + # timeout: 900 + # parameters: + # ANSIBLE_VERBOSE: "{{ lookup('env','ansible_verbose') }}" + # docker_version: "{{ lookup('env','docker_version') }}" + # kubernetes_release: "{{ lookup('env','kubernetes_release') }}" + # kubespray_version: "{{ lookup('env','kubespray_version') }}" + # helm_version: "{{ lookup('env','helm_version') }}" + # RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + + kubespray-install: + stage: virt_install + api: https://gitlab.devops.telekom.de/api/v4/projects/36231 #TODO k8s install on onap gitlab + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/k8s-install.git #TODO k8s install on onap gitlab + trigger_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 64376532616532636231396662336134396561643133323432393330623132353063643635336665 + 6232643832343133366333656438616463616336613331320a313166366234356537383639303133 + 64353338653639623034313735653561356362366236636363376431336264653332356134616335 + 3539626665613336350a313035636665383939656461306664386135623139346531343935373763 + 34323539663261363634373031383838376362623135386565643465376661616534 + branch: "{{ lookup('env','vim_branch')|default('master', true) }}" + get_artifacts: + pull_artifacts: "postconfigure" + timeout: 600 + get_bin: true + parameters: + ANSIBLE_VERBOSE: "{{ lookup('env','ansible_verbose') }}" + docker_version: "{{ lookup('env','docker_version') }}" + kubernetes_release: "{{ lookup('env','kubernetes_release') }}" + kubespray_version: "{{ lookup('env','kubespray_version') }}" + helm_version: "{{ lookup('env','helm_version') }}" + RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + + onap-install: + stage: apps + api: https://gitlab.devops.telekom.de/api/v4/projects/36235 #TODO onap oom install on onap gitlab + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/onap-oom-install.git #TODO onap oom install on onap gitlab + trigger_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 30346262393465333337343563343837356466356334626266383862616137653963383364353139 + 3730646464396266646663623736633737323263643763320a646439313638643765313864646164 + 61643831353735613734633164313562666366666336336364616562363962643435306362396339 + 3734376438386436330a653363383663653836626262626131656534656465383964383833373532 + 31343833633066613733653931316338393337303538326434306233373662326362 + branch: "{{ lookup('env','onap-oom-install_branch')|default('master', true) }}" + pull_artifacts: postinstallation + timeout: 1400 + get_encrypt: true + get_bin: true + parameters: + GERRIT_REVIEW: "{{ lookup('env','GERRIT_REVIEW') }}" + GERRIT_PATCHSET: "{{ lookup('env','GERRIT_PATCHSET') }}" + OOM_BRANCH: "{{ lookup('env','OOM_BRANCH') }}" + OOM_GIT_REPO: "{{ lookup('env','OOM_GIT_REPO') }}" + OOM_ON_GITLAB: "{{ lookup('env','OOM_ON_GITLAB') }}" + ANSIBLE_VERBOSE: "{{ lookup('env','ansible_verbose') }}" + OOM_VERSION: "{{ lookup('env','OOM_VERSION') }}" + PROJECT: "{{ lookup('env','PROJECT') }}" + RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + + onap-testing: + stage: check + api: https://gitlab.devops.telekom.de/api/v4/projects/36240 #TODO onap testing on onap gitlab + url: https://gitlab.devops.telekom.de/tnap/onapcommunity/integrationproject/onapdeployment/onap-testing.git #TODO onap testing on onap gitlab + trigger_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 39313634373432653932313531326233633237393535353530336663316365666432323163393366 + 3365336431646134623863363164343130393938353738390a626239643239636530633939343665 + 30316531346135333638313835356231643565393861616663386165306263323261613833643638 + 3965613533333064320a353561306634373430613364373962353532663039386164386263313338 + 63623638353935326361613730653737643463333538653762326637656133353839 + branch: "{{ lookup('env','onap-testing_branch')|default('master', true) }}" + get_artifacts: virt_install + pull_artifacts: + timeout: 600 + get_encrypt: true + get_bin: true + parameters: + GERRIT_REVIEW: "{{ lookup('env','GERRIT_REVIEW') }}" + GERRIT_PATCHSET: "{{ lookup('env','GERRIT_PATCHSET') }}" + DEPLOY_SCENARIO: os-nosdn-nofeature-ha + ansible_verbose: "{{ lookup('env','ansible_verbose') }}" + ONAP_VERSION: "{{ lookup('env','OOM_BRANCH') }}" + TEST_RESULT_DB_URL: + "http://testresults.opnfv.org/onap/api/v1/results" + PROJECT: "{{ lookup('env','PROJECT') }}" + DEBUG: true + RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + #EXT_NET: "admin-daily-{{ lookup('env','onap-testing_branch')|default('master', true) }}" + + # onap-operate: + # stage: check + # api: https://gitlab.devops.telekom.de/api/v4/projects/36337 + # url: https://gitlab.devops.telekom.de/tnap/onapcommunity/labtools/tenantaccess.git + # trigger_token: !vault | + # $ANSIBLE_VAULT;1.1;AES256 + # 31646539393535313462666661336239336234333436376438333165383264613535323534373665 + # 3737313238313139613564326639393239333839636531350a323735343565656665386666346237 + # 39663539393636653739343762613233363862393630336135656633333565393535366561613735 + # 3934393735383266650a326530636434633163363631316634323966383662623664316331343465 + # 32636161376133393765633130326134333661666239323835633164316433636431 + # branch: "{{ lookup('env','onap-operate_branch')|default('master', true) }}" + # pull_artifacts: + # timeout: 300 + # parameters: + # ANSIBLE_VERBOSE: "{{ lookup('env','ansible_verbose') }}" + # RUNNER_TAG: "{{ lookup('env','RUNNER_TAG') }}" + diff --git a/pod_inventory/host_vars/onap-daily-unh-oom-master.yml b/pod_inventory/host_vars/onap-daily-unh-oom-master.yml new file mode 100755 index 0000000..19ef4fc --- /dev/null +++ b/pod_inventory/host_vars/onap-daily-unh-oom-master.yml @@ -0,0 +1,100 @@ +--- +jumphost: + server: 10.15.102.155 + user: ubuntu +environment: unh/k8s8-8 +longlife_artifact: true +scenario_steps: + config: + project: config + get_artifacts: + - name: vim_unh + static_src: true + infra: k8s8-8 + infra_deploy: + branch: master + project: cloud-infra + get_artifacts: config + extra_parameters: + ADMIN: true + TENANT_NAME: onap-daily-master + USER_NAME: onap-daily-master + IDENTIFIER: -daily-master + USE_PRIVATE_IP: true + ADD_FLOATING_IP: true + virt_install: + get_artifacts: infra_deploy + project: kubespray-install + branch: helm_3 + extra_parameters: + kubespray_version: release-2.19 + helm_release: v3.8.2 + kube_network_plugin: cilium + kubernetes_release: v1.23.7 + ENABLE_MONITORING: true + DOCKER_HUB_PROXY: docker.nexus.azure.onap.eu + GCR_PROXY: docker.nexus.azure.onap.eu + K8S_GCR_PROXY: docker.nexus.azure.onap.eu + QUAY_PROXY: docker.nexus.azure.onap.eu + GITHUB_PROXY: docker.nexus.azure.onap.eu + #DOCKER_HUB_PROXY: dockerhub.devops.telekom.de + #GCR_PROXY: artifactory.devops.telekom.de/gcr.io + #K8S_GCR_PROXY: artifactory.devops.telekom.de/k8s.gcr.io + #QUAY_PROXY: artifactory.devops.telekom.de/quay.io + #GITHUB_PROXY: artifactory.devops.telekom.de/ghcr.io.docker + HTTPS_DOCKER_PROXY: https://docker.nexus.azure.onap.eu + apps_deploy: + branch: master + extra_parameters: + OOM_BRANCH: master + ONAP_REPOSITORY: nexus3.onap.org:10001 + ONAP_FLAVOR: unlimited + CLEAN: true + WORKAROUND: False + DOCKER_HUB_PROXY: docker.nexus.azure.onap.eu + ELASTIC_PROXY: docker.nexus.azure.onap.eu + K8S_GCR_PROXY: docker.nexus.azure.onap.eu + #DOCKER_HUB_PROXY: dockerhub.devops.telekom.de + #ELASTIC_PROXY: artifactory.devops.telekom.de/docker.elastic.co + #K8S_GCR_PROXY: artifactory.devops.telekom.de/k8s.gcr.io + GATHER_NODE_FACTS: false + get_artifacts: + - name: infra_deploy + limit_to: + - vars/user_cloud.yml: vars/user_cloud.yml + - inventory/infra: inventory/infra + - name: config + limit_to: + - vars/pdf.yml: vars/pdf.yml + - vars/idf.yml: vars/idf.yml + - vars/vim.yml: vars/vim.yml + - vars/vaulted_ssh_credentials.yml: vars/vaulted_ssh_credentials.yml + project: onap-install + apps_test: + project: onap-testing + branch: master + get_artifacts: + - name: apps_deploy + limit_to: + - vars/cluster.yml: vars/cluster.yml + - name: config + limit_to: + - vars/pdf.yml: vars/pdf.yml + - vars/vim.yml: vars/vim.yml + - vars/vaulted_ssh_credentials.yml: vars/vaulted_ssh_credentials.yml + - name: infra_deploy + limit_to: + - inventory/infra: inventory/infra + - name: virt_install + limit_to: + - vars/kube-config: vars/kube-config + extra_parameters: + DEPLOYMENT: oom + INFRA_DEPLOYMENT: kubespray + DEPLOYMENT_TYPE: full + DEPLOY_SCENARIO: onap-ftw + #GERRIT_REVIEW: "OOMDailyIstanbul" + #GERRIT_PATCHSET: "1" + ONAP_VERSION: master + #EXT_NET: "admin-daily-master" + diff --git a/pod_inventory/host_vars/pod-test.yml b/pod_inventory/host_vars/pod-test.yml new file mode 100644 index 0000000..a6ca724 --- /dev/null +++ b/pod_inventory/host_vars/pod-test.yml @@ -0,0 +1,21 @@ +--- +jumphost: + server: 10.126.0.26 + user: ubuntu +environment: pod-test +scenario_steps: + config: + project: config + get_artifacts: + - name: vim_dell + static_src: true + infra: pod-test + infra_deploy: + branch: master + project: cloud-infra + extra_parameters: + ADMIN: true + CLEAN: true + TENANT_NAME: "{{ lookup('env','TENANT_NAME')|default('pod-test', true) }}" + USER_NAME: "{{ lookup('env','USER_NAME')|default('pod-test', true) }}" + ANSIBLE_VAULT_PASSWORD: "{{ lookup('env','ANSIBLE_VAULT_PASSWORD')|default('test', true) }}" diff --git a/pod_inventory/inventory b/pod_inventory/inventory new file mode 100644 index 0000000..34b2e74 --- /dev/null +++ b/pod_inventory/inventory @@ -0,0 +1,2 @@ +[LF-UNH] +onap-daily-unh-oom-master
\ No newline at end of file diff --git a/run-ci.yml b/run-ci.yml new file mode 100644 index 0000000..10e77a1 --- /dev/null +++ b/run-ci.yml @@ -0,0 +1,10 @@ +--- +- hosts: all + connection: local + any_errors_fatal: true + vars_files: + - .gitlab-ci.yml + roles: + - role: prepare + - role: get_artifacts + - role: run-ci |