diff options
25 files changed, 335 insertions, 115 deletions
diff --git a/ansible/infrastructure.yml b/ansible/infrastructure.yml index ce4d4d72..7fdbd2e1 100644 --- a/ansible/infrastructure.yml +++ b/ansible/infrastructure.yml @@ -18,7 +18,7 @@ - nexus - name: Setup base for Kubernetes nodes - hosts: kubernetes + hosts: kubernetes:!infrastructure roles: - chrony - package-repository-check diff --git a/ansible/inventory/hosts.yml b/ansible/inventory/hosts.yml index 37ae4e39..4a6b68cf 100644 --- a/ansible/inventory/hosts.yml +++ b/ansible/inventory/hosts.yml @@ -25,20 +25,29 @@ all: # This is group of hosts which are/will be part of Kubernetes cluster. kubernetes: - hosts: - kubernetes-node-1: - ansible_host: 10.8.8.19 - #ip of the node that it uses for communication with k8s cluster. - cluster_ip: 10.8.8.19 + children: + # This is a group of hosts containing kubernetes worker nodes. + kubernetes-node: + hosts: + kubernetes-node-1: + ansible_host: 10.8.8.19 + #ip of the node that it uses for communication with k8s cluster. + cluster_ip: 10.8.8.19 - # This is a group of hosts that are to be used as kubernetes control plane nodes. - # This means they host kubernetes api server, controller manager and scheduler. - # This example uses infra for this purpose, however note that any - # other host could be used including kubernetes nodes. - # cluster_ip needs to be set for hosts used as control planes. - kubernetes-control-plane: - hosts: - infrastructure-server + # Group of hosts containing etcd cluster nodes. + # Defaults to infra. + kubernetes-etcd: + hosts: + infrastructure-server + + # This is a group of hosts that are to be used as kubernetes control plane nodes. + # This means they host kubernetes api server, controller manager and scheduler. + # This example uses infra for this purpose, however note that any + # other host could be used including kubernetes nodes. + # cluster_ip needs to be set for hosts used as control planes. + kubernetes-control-plane: + hosts: + infrastructure-server nfs-server: hosts: diff --git a/ansible/rke.yml b/ansible/rke.yml index e0d6dcf1..13e7bb5b 100644 --- a/ansible/rke.yml +++ b/ansible/rke.yml @@ -9,10 +9,8 @@ vars: mode: config -- name: Prepare kubernetes nodes (RKE) - hosts: - - kubernetes - - kubernetes-control-plane +- name: Prepare kubernetes hosts (RKE) + hosts: kubernetes roles: - role: rke vars: diff --git a/ansible/roles/chrony/molecule/external_time_source/molecule.yml b/ansible/roles/chrony/molecule/external_time_source/molecule.yml new file mode 100644 index 00000000..e38f4295 --- /dev/null +++ b/ansible/roles/chrony/molecule/external_time_source/molecule.yml @@ -0,0 +1,49 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infra_host + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - infrastructure + - name: node0 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - kubernetes +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + group_vars: + all: + timesync: + servers: + - 0.pool.ntp.org + - 1.pool.ntp.org + timezone: Europe/Warsaw + playbooks: + prepare: ../default/prepare.yml +verifier: + name: testinfra + lint: + name: flake8 + options: + v: 1 + directory: ../default/tests/ diff --git a/ansible/roles/chrony/molecule/external_time_source/playbook.yml b/ansible/roles/chrony/molecule/external_time_source/playbook.yml new file mode 100644 index 00000000..7dccfc35 --- /dev/null +++ b/ansible/roles/chrony/molecule/external_time_source/playbook.yml @@ -0,0 +1,10 @@ +--- +- name: Converge infrastructure hosts + hosts: infrastructure + roles: + - chrony + +- name: Converge kubernetes hosts + hosts: kubernetes + roles: + - chrony diff --git a/ansible/roles/chrony/molecule/external_time_source_ubuntu/molecule.yml b/ansible/roles/chrony/molecule/external_time_source_ubuntu/molecule.yml new file mode 100644 index 00000000..6cc2854a --- /dev/null +++ b/ansible/roles/chrony/molecule/external_time_source_ubuntu/molecule.yml @@ -0,0 +1,50 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infra_host-ubuntu + image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - infrastructure + - name: node0-ubuntu + image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - kubernetes +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + group_vars: + all: + timesync: + servers: + - 0.pool.ntp.org + - 1.pool.ntp.org + timezone: Europe/Warsaw + playbooks: + prepare: ../default/prepare.yml + converge: ../external_time_source/playbook.yml +verifier: + name: testinfra + lint: + name: flake8 + options: + v: 1 + directory: ../default/tests/ diff --git a/ansible/roles/nexus/molecule/default/cleanup.yml b/ansible/roles/nexus/molecule/default/cleanup.yml new file mode 100644 index 00000000..1517e53e --- /dev/null +++ b/ansible/roles/nexus/molecule/default/cleanup.yml @@ -0,0 +1,8 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + vars_files: + - ../../defaults/main.yml + roles: + - cleanup-nexus diff --git a/ansible/roles/rke/molecule/default/molecule.yml b/ansible/roles/rke/molecule/default/molecule.yml index e8e5ad76..6ae613a9 100644 --- a/ansible/roles/rke/molecule/default/molecule.yml +++ b/ansible/roles/rke/molecule/default/molecule.yml @@ -19,7 +19,9 @@ platforms: container: docker groups: - infrastructure + - kubernetes-etcd - kubernetes-control-plane + - kubernetes networks: - name: rke purge_networks: true @@ -37,6 +39,7 @@ platforms: - /var/lib/docker groups: - kubernetes + - kubernetes-node networks: - name: rke purge_networks: true @@ -54,6 +57,7 @@ platforms: - /var/lib/docker groups: - kubernetes + - kubernetes-node networks: - name: rke purge_networks: true diff --git a/ansible/roles/rke/molecule/default/playbook.yml b/ansible/roles/rke/molecule/default/playbook.yml index 09dbfb8e..fab7a0d0 100644 --- a/ansible/roles/rke/molecule/default/playbook.yml +++ b/ansible/roles/rke/molecule/default/playbook.yml @@ -13,10 +13,8 @@ vars: mode: config -- name: Prepare kubernetes nodes (RKE) - hosts: - - kubernetes - - kubernetes-control-plane +- name: Prepare kubernetes hosts (RKE) + hosts: kubernetes roles: - role: rke vars: diff --git a/ansible/roles/rke/molecule/default/tests/test_kubernetes.py b/ansible/roles/rke/molecule/default/tests/test_etcd.py index 887494fa..0f4b6f12 100644 --- a/ansible/roles/rke/molecule/default/tests/test_kubernetes.py +++ b/ansible/roles/rke/molecule/default/tests/test_etcd.py @@ -4,10 +4,10 @@ import pytest import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes') + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-etcd') @pytest.mark.parametrize('container_name', [ - 'etcd', 'kubelet', 'kube-proxy']) + 'etcd']) def test_container_running(host, container_name): assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/molecule/default/tests/test_nodes.py b/ansible/roles/rke/molecule/default/tests/test_nodes.py new file mode 100644 index 00000000..60413018 --- /dev/null +++ b/ansible/roles/rke/molecule/default/tests/test_nodes.py @@ -0,0 +1,13 @@ +import os +import pytest + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-node') + + +@pytest.mark.parametrize('container_name', [ + 'kubelet', 'kube-proxy']) +def test_container_running(host, container_name): + assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/templates/cluster.yml.j2 b/ansible/roles/rke/templates/cluster.yml.j2 index 64508e6f..2012ab92 100644 --- a/ansible/roles/rke/templates/cluster.yml.j2 +++ b/ansible/roles/rke/templates/cluster.yml.j2 @@ -1,7 +1,5 @@ nodes: -{# Note that we iterate through all nodes in relevant groups. -We check which groups they belong to exactly later to determine roles. #} -{% for node in groups['kubernetes'] | union(groups['kubernetes-control-plane']) %} +{% for node in groups['kubernetes'] %} - address: "{{ hostvars[node].cluster_ip }}" port: "22" internal_address: "{{ hostvars[node].cluster_ip }}" @@ -9,8 +7,10 @@ We check which groups they belong to exactly later to determine roles. #} {% if node in groups['kubernetes-control-plane'] %} - controlplane {% endif %} -{% if node in groups['kubernetes'] %} +{% if node in groups['kubernetes-node'] %} - worker +{% endif %} +{% if node in groups['kubernetes-etcd'] %} - etcd {% endif %} hostname_override: "" diff --git a/ansible/roles/vncserver/.yamllint b/ansible/roles/vncserver/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/roles/vncserver/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/roles/vncserver/molecule/default/cleanup.yml b/ansible/roles/vncserver/molecule/default/cleanup.yml new file mode 100644 index 00000000..16be86ef --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/cleanup.yml @@ -0,0 +1,6 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + roles: + - cleanup-vncserver diff --git a/ansible/roles/vncserver/molecule/default/molecule.yml b/ansible/roles/vncserver/molecule/default/molecule.yml new file mode 100644 index 00000000..5f7e4062 --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/molecule.yml @@ -0,0 +1,32 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + volumes: + - /var/lib/docker + override_command: False + groups: + - infrastructure +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + links: + group_vars: ../../../../group_vars +verifier: + name: testinfra + lint: + name: flake8 + options: + v: 1 diff --git a/ansible/roles/vncserver/molecule/default/playbook.yml b/ansible/roles/vncserver/molecule/default/playbook.yml new file mode 100644 index 00000000..1b253495 --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Converge + hosts: infrastructure + roles: + - vncserver diff --git a/ansible/roles/vncserver/molecule/default/prepare.yml b/ansible/roles/vncserver/molecule/default/prepare.yml new file mode 100644 index 00000000..55edb8f8 --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/prepare.yml @@ -0,0 +1,8 @@ +--- +- name: Prepare + hosts: all + vars_files: + - ../../defaults/main.yml + roles: + - prepare-docker-dind + - prepare-vncserver diff --git a/ansible/roles/vncserver/molecule/default/tests/test_default.py b/ansible/roles/vncserver/molecule/default/tests/test_default.py new file mode 100644 index 00000000..0164a3ee --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/tests/test_default.py @@ -0,0 +1,10 @@ +import os + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('infrastructure') + + +def test_container_running(host): + assert host.docker('vnc-server').is_running diff --git a/ansible/test/play-infrastructure/molecule/default/cleanup.yml b/ansible/test/play-infrastructure/molecule/default/cleanup.yml index 9870a553..008543bd 100644 --- a/ansible/test/play-infrastructure/molecule/default/cleanup.yml +++ b/ansible/test/play-infrastructure/molecule/default/cleanup.yml @@ -1,6 +1,10 @@ --- - name: Cleanup - hosts: all + hosts: infrastructure ignore_unreachable: true + vars_files: + - ../../../../roles/nexus/defaults/main.yml roles: - cleanup-nginx + - cleanup-nexus + - cleanup-vncserver diff --git a/ansible/test/roles/cleanup-nexus/defaults b/ansible/test/roles/cleanup-nexus/defaults new file mode 120000 index 00000000..d9144aae --- /dev/null +++ b/ansible/test/roles/cleanup-nexus/defaults @@ -0,0 +1 @@ +../prepare-nexus/defaults/
\ No newline at end of file diff --git a/ansible/test/roles/cleanup-nexus/tasks/main.yml b/ansible/test/roles/cleanup-nexus/tasks/main.yml new file mode 100644 index 00000000..1d1e811b --- /dev/null +++ b/ansible/test/roles/cleanup-nexus/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Remove saved docker images + delegate_to: localhost + file: + path: "{{ item.archive_path }}" + state: absent + loop: "{{ prepare_nexus_images }}" diff --git a/ansible/test/roles/cleanup-vncserver/tasks/main.yml b/ansible/test/roles/cleanup-vncserver/tasks/main.yml new file mode 100644 index 00000000..1fcb37d8 --- /dev/null +++ b/ansible/test/roles/cleanup-vncserver/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Remove saved vncserver docker image + delegate_to: localhost + file: + path: /tmp/vncserver.tar + state: absent diff --git a/ansible/test/roles/prepare-nexus/defaults/main.yml b/ansible/test/roles/prepare-nexus/defaults/main.yml new file mode 100644 index 00000000..be6bd523 --- /dev/null +++ b/ansible/test/roles/prepare-nexus/defaults/main.yml @@ -0,0 +1,13 @@ +--- +prepare_nexus_images: + - name: "{{ nexus3_image }}" # name already contains tag so it's ommited in this list element + archive_path: /tmp/nexus.tar + dest: "{{ infra_images_path }}/{{ nexus3_image_tar }}" + - name: nexus3.onap.org:10001/busybox + tag: latest + archive_path: /tmp/busybox.tar + dest: "{{ aux_data_path }}/busybox.tar" + - name: nexus3.onap.org:10001/aaionap/haproxy + tag: 1.2.4 + archive_path: /tmp/haproxy.tar + dest: "{{ aux_data_path }}/aaionap-haproxy.tar" diff --git a/ansible/test/roles/prepare-nexus/tasks/main.yml b/ansible/test/roles/prepare-nexus/tasks/main.yml index 5eb1b7d3..951bc28e 100644 --- a/ansible/test/roles/prepare-nexus/tasks/main.yml +++ b/ansible/test/roles/prepare-nexus/tasks/main.yml @@ -18,53 +18,16 @@ - "{{ infra_images_path }}" - "{{ aux_data_path }}" -- name: Download and archive nexus docker image for the nexus role to use +- name: Download and archive docker images for the nexus role to use delegate_to: localhost docker_image: - name: "{{ nexus3_image }}" - archive_path: /tmp/nexus.tar + name: "{{ item.name }}" + tag: "{{ item.tag | default('latest') }}" # Tag given in 'name' has precedence over the one declared here + archive_path: "{{ item.archive_path }}" + loop: "{{ prepare_nexus_images }}" -- name: Download and tag additional (busybox) docker image for the nexus role to populate into - delegate_to: localhost - docker_image: - name: busybox - tag: latest - repository: nexus3.onap.org:10001/busybox - -- name: Save busybox image - delegate_to: localhost - docker_image: - name: nexus3.onap.org:10001/busybox - tag: latest - pull: false - archive_path: /tmp/busybox.tar - -- name: Download and tag additional (aaionap/haproxy) docker image for the nexus role to populate into nexus - delegate_to: localhost - docker_image: - name: aaionap/haproxy - tag: 1.2.4 - repository: nexus3.onap.org:10001/aaionap/haproxy - -- name: Save haproxy image - delegate_to: localhost - docker_image: - name: nexus3.onap.org:10001/aaionap/haproxy - tag: 1.2.4 - pull: false - archive_path: /tmp/haproxy.tar - -- name: Copy nexus image to node - copy: - src: /tmp/nexus.tar - dest: "{{ infra_images_path }}/{{ nexus3_image_tar }}" - -- name: Copy busybox image to node - copy: - src: /tmp/busybox.tar - dest: "{{ aux_data_path }}/busybox.tar" - -- name: Copy haproxy image to node +- name: Copy docker images to node copy: - src: /tmp/haproxy.tar - dest: "{{ aux_data_path }}/aaionap-haproxy.tar" + src: "{{ item.archive_path }}" + dest: "{{ item.dest }}" + loop: "{{ prepare_nexus_images }}" diff --git a/docs/InstallGuide.rst b/docs/InstallGuide.rst index 95b5749f..7e8ebf04 100644 --- a/docs/InstallGuide.rst +++ b/docs/InstallGuide.rst @@ -168,20 +168,29 @@ We need to setup the ``'hosts.yml'`` first, the template looks like this:: # This is group of hosts which are/will be part of Kubernetes cluster. kubernetes: - hosts: - kubernetes-node-1: - ansible_host: 10.8.8.19 - #ip of the node that it uses for communication with k8s cluster. - cluster_ip: 10.8.8.19 - - # This is a group of hosts that are to be used as kubernetes control plane nodes. - # This means they host kubernetes api server, controller manager and scheduler. - # This example uses infra for this purpose, however note that any - # other host could be used including kubernetes nodes. - # cluster_ip needs to be set for hosts used as control planes. - kubernetes-control-plane: - hosts: - infrastructure-server + children: + # This is a group of hosts containing kubernetes worker nodes. + kubernetes-node: + hosts: + kubernetes-node-1: + ansible_host: 10.8.8.19 + #ip of the node that it uses for communication with k8s cluster. + cluster_ip: 10.8.8.19 + + # Group of hosts containing etcd cluster nodes. + # Defaults to infra. + kubernetes-etcd: + hosts: + infrastructure-server + + # This is a group of hosts that are to be used as kubernetes control plane nodes. + # This means they host kubernetes api server, controller manager and scheduler. + # This example uses infra for this purpose, however note that any + # other host could be used including kubernetes nodes. + # cluster_ip needs to be set for hosts used as control planes. + kubernetes-control-plane: + hosts: + infrastructure-server nfs-server: hosts: @@ -222,37 +231,43 @@ After all the changes, the ``'hosts.yml'`` should look similar to this:: infrastructure: hosts: infrastructure-server: - ansible_host: 10.8.8.100 + ansible_host: 10.8.8.13 #IP used for communication between infra and kubernetes nodes, must be specified. cluster_ip: 10.8.8.100 # This is group of hosts which are/will be part of Kubernetes cluster. kubernetes: - hosts: - kubernetes-node-1: - ansible_host: 10.8.8.101 - #ip of the node that it uses for communication with k8s cluster. - cluster_ip: 10.8.8.101 - kubernetes-node-2: - ansible_host: 10.8.8.102 - #ip of the node that it uses for communication with k8s cluster. - cluster_ip: 10.8.8.102 - kubernetes-node-3: - ansible_host: 10.8.8.103 - #ip of the node that it uses for communication with k8s cluster. - cluster_ip: 10.8.8.103 - - # This is a group of hosts that are to be used as kubernetes control plane nodes. - # This means they host kubernetes api server, controller manager and scheduler. - # This example uses infra for this purpose, however note that any - # other host could be used including kubernetes nodes. - # cluster_ip needs to be set for hosts used as control planes. - kubernetes-control-plane: - hosts: - infrastructure-server - ansible_host: 10.8.8.100 - #IP used for communication between infra and kubernetes nodes, must be specified. - cluster_ip: 10.8.8.100 + children: + # This is a group of hosts containing kubernetes worker nodes. + kubernetes-node: + hosts: + kubernetes-node-1: + ansible_host: 10.8.8.101 + #ip of the node that it uses for communication with k8s cluster. + cluster_ip: 10.8.8.101 + kubernetes-node-2: + ansible_host: 10.8.8.102 + #ip of the node that it uses for communication with k8s cluster. + cluster_ip: 10.8.8.102 + kubernetes-node-3: + ansible_host: 10.8.8.103 + #ip of the node that it uses for communication with k8s cluster. + cluster_ip: 10.8.8.103 + + # Group of hosts containing etcd cluster nodes. + # Defaults to infra. + kubernetes-etcd: + hosts: + infrastructure-server + + # This is a group of hosts that are to be used as kubernetes control plane nodes. + # This means they host kubernetes api server, controller manager and scheduler. + # This example uses infra for this purpose, however note that any + # other host could be used including kubernetes nodes. + # cluster_ip needs to be set for hosts used as control planes. + kubernetes-control-plane: + hosts: + infrastructure-server nfs-server: hosts: |