diff options
19 files changed, 228 insertions, 10 deletions
diff --git a/ansible/roles/nfs/molecule/default/cleanup.yml b/ansible/roles/nfs/molecule/default/cleanup.yml new file mode 100644 index 00000000..a085bd5a --- /dev/null +++ b/ansible/roles/nfs/molecule/default/cleanup.yml @@ -0,0 +1,6 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + roles: + - cleanup-nfs diff --git a/ansible/roles/nfs/molecule/default/host_vars/kubernetes-node-1.yml b/ansible/roles/nfs/molecule/default/host_vars/kubernetes-node-1.yml new file mode 100644 index 00000000..27a521b7 --- /dev/null +++ b/ansible/roles/nfs/molecule/default/host_vars/kubernetes-node-1.yml @@ -0,0 +1,2 @@ +--- +cluster_ip: "{{ ansible_default_ipv4.address }}" diff --git a/ansible/roles/nfs/molecule/default/host_vars/kubernetes-node-2.yml b/ansible/roles/nfs/molecule/default/host_vars/kubernetes-node-2.yml new file mode 100644 index 00000000..27a521b7 --- /dev/null +++ b/ansible/roles/nfs/molecule/default/host_vars/kubernetes-node-2.yml @@ -0,0 +1,2 @@ +--- +cluster_ip: "{{ ansible_default_ipv4.address }}" diff --git a/ansible/roles/nfs/molecule/default/molecule.yml b/ansible/roles/nfs/molecule/default/molecule.yml index 71e08d03..f6610ece 100644 --- a/ansible/roles/nfs/molecule/default/molecule.yml +++ b/ansible/roles/nfs/molecule/default/molecule.yml @@ -14,6 +14,7 @@ platforms: groups: - kubernetes - nfs-server + purge_networks: true networks: - name: nfs-net volumes: @@ -27,15 +28,21 @@ platforms: command: ${MOLECULE_DOCKER_COMMAND:-""} groups: - kubernetes + purge_networks: true networks: - name: nfs-net volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro provisioner: name: ansible + playbooks: + cleanup: cleanup.yml + env: + ANSIBLE_ROLES_PATH: "../../../../test/roles" inventory: links: group_vars: ../../../../group_vars + host_vars: host_vars lint: name: ansible-lint verifier: diff --git a/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py b/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py index b702a73d..0e3710cf 100644 --- a/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py +++ b/ansible/roles/nfs/molecule/default/tests/test_kubernetes-server.py @@ -1,5 +1,6 @@ import os +import testinfra import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( @@ -7,9 +8,11 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def test_nfs_mount(host): + node1_ip = testinfra.get_host("docker://kubernetes-node-1").interface( + "eth0").addresses[0] mp = host.mount_point("/dockerdata-nfs") assert mp.exists - assert mp.filesystem == "nfs" - assert mp.device == "kubernetes-node-1:/dockerdata-nfs" + assert mp.filesystem == "nfs" or mp.filesystem == "nfs4" + assert mp.device == node1_ip + ":/dockerdata-nfs" assert host.file("/etc/fstab").\ - contains("kubernetes-node-1:/dockerdata-nfs /dockerdata-nfs nfs") + contains(node1_ip + ":/dockerdata-nfs /dockerdata-nfs nfs") diff --git a/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py b/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py index 078c653e..88ba0a61 100644 --- a/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py +++ b/ansible/roles/nfs/molecule/default/tests/test_nfs-server.py @@ -1,6 +1,7 @@ import os import pytest +import testinfra import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( @@ -19,7 +20,9 @@ def test_svc(host, svc): def test_exports(host): - f = host.file("/etc/exports") + node2_ip = testinfra.get_host("docker://kubernetes-node-2").interface( + "eth0").addresses[0] + f = host.file("/etc/exports.d/dockerdata-nfs.exports") assert f.exists assert f.content_string == \ - """/dockerdata-nfs kubernetes-node-2(rw,sync,no_root_squash,no_subtree_check)""" # noqa: E501 + """/dockerdata-nfs """ + node2_ip + """(rw,sync,no_root_squash,no_subtree_check)""" # noqa: E501 diff --git a/ansible/roles/nfs/tasks/main.yml b/ansible/roles/nfs/tasks/main.yml index e7580b66..1d848876 100644 --- a/ansible/roles/nfs/tasks/main.yml +++ b/ansible/roles/nfs/tasks/main.yml @@ -23,7 +23,7 @@ - name: Add hosts to exports template: src: exports.j2 - dest: /etc/exports + dest: /etc/exports.d/dockerdata-nfs.exports notify: - reload nfs when: @@ -35,7 +35,7 @@ - name: Mount dockerdata-nfs mount: path: "{{ nfs_mount_path }}" - src: "{{ hostvars[groups['nfs-server'].0].ansible_host | default(hostvars[groups['nfs-server'].0].inventory_hostname) }}:{{ nfs_mount_path }}" + src: "{{ hostvars[groups['nfs-server'].0].cluster_ip }}:{{ nfs_mount_path }}" fstype: nfs state: mounted when: diff --git a/ansible/roles/nfs/templates/exports.j2 b/ansible/roles/nfs/templates/exports.j2 index 465c9d21..f49c4999 100644 --- a/ansible/roles/nfs/templates/exports.j2 +++ b/ansible/roles/nfs/templates/exports.j2 @@ -1,3 +1,3 @@ {% for host in groups.kubernetes | difference(groups['nfs-server']) -%} - {{ nfs_mount_path }} {{ hostvars[host].ansible_host | default(hostvars[host].inventory_hostname) }}(rw,sync,no_root_squash,no_subtree_check) + {{ nfs_mount_path }} {{ hostvars[host].cluster_ip }}(rw,sync,no_root_squash,no_subtree_check) {% endfor %} diff --git a/ansible/roles/rancher/.yamllint b/ansible/roles/rancher/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/roles/rancher/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/roles/rancher/defaults/main.yml b/ansible/roles/rancher/defaults/main.yml index 8edc5180..6ab52e64 100644 --- a/ansible/roles/rancher/defaults/main.yml +++ b/ansible/roles/rancher/defaults/main.yml @@ -2,3 +2,5 @@ rancher_server_url: "http://{{ hostvars[groups.infrastructure.0].ansible_host }}:8080" rancher_remove_other_env: true rancher_redeploy_k8s_env: true +rancher_cluster_health_state: healthy +rancher_cluster_health_check_retries: 30 diff --git a/ansible/roles/rancher/molecule/default/cleanup.yml b/ansible/roles/rancher/molecule/default/cleanup.yml new file mode 100644 index 00000000..13b48278 --- /dev/null +++ b/ansible/roles/rancher/molecule/default/cleanup.yml @@ -0,0 +1,14 @@ +--- +- name: Cleanup host + hosts: localhost + roles: + - role: cleanup-containers + vars: + container_list: + - rancher-agent + - rancher-server + # For some reason getting error "Device busy error" when trying to delete directory with root privileges and rancher-containers not anymore running. + # - role: cleanup-directories + # vars: + # directories_files_list_to_remove: + # - /var/lib/rancher/ diff --git a/ansible/roles/rancher/molecule/default/group_vars/all.yml b/ansible/roles/rancher/molecule/default/group_vars/all.yml new file mode 100644 index 00000000..107377cf --- /dev/null +++ b/ansible/roles/rancher/molecule/default/group_vars/all.yml @@ -0,0 +1,2 @@ +--- +app_name: molecule-test-app diff --git a/ansible/roles/rancher/molecule/default/molecule.yml b/ansible/roles/rancher/molecule/default/molecule.yml new file mode 100644 index 00000000..e6152d55 --- /dev/null +++ b/ansible/roles/rancher/molecule/default/molecule.yml @@ -0,0 +1,91 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + env: + container: docker + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /var/lib/rancher:/var/lib/rancher:ro + groups: + - infrastructure + networks: + - name: rancher + + - name: kubernetes-node-1 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + env: + container: docker + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /var/lib/rancher:/var/lib/rancher:ro + groups: + - kubernetes + networks: + - name: rancher + +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + inventory: + links: + group_vars: ../../../../group_vars + # 1) When running with molecule-dev container, use this definition and comment out localhost under host_vars (2) + hosts: + all: + hosts: + localhost: + ansible_connection: ssh + ansible_host: ${LOCALHOST_ANSIBLE_HOST:-""} + ansible_user: ${LOCALHOST_ANSIBLE_USER:-""} + ansible_password: ${LOCALHOST_ANSIBLE_PASSWORD:-""} + ansible_sudo_pass: ${LOCALHOST_ANSIBLE_SUDO_PASS:-""} + # end of 1) + # 2) When running with native molecule installation, use this definition and comment out hosts section under inventory (1) + # host_vars: + # localhost: + # ansible_sudo_pass: ${LOCALHOST_ANSIBLE_SUDO_PASS:-""} + # ansible_ssh_pass: ${LOCALHOST_ANSIBLE_PASSWORD:-""} + # End of 2) + lint: + name: ansible-lint +scenario: + name: default + test_sequence: + - lint + - cleanup + - destroy + - dependency + - syntax + - create + - prepare + - converge + # - idempotence + # --> Action: 'idempotence' + # ERROR: Idempotence test failed because of the following tasks: + # * [infrastructure-server] => rancher : Create rancher kubernetes environment + # * [kubernetes-node-1] => rancher : Add Rancher Agent + - side_effect + - verify + - cleanup + - destroy +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/roles/rancher/molecule/default/playbook.yml b/ansible/roles/rancher/molecule/default/playbook.yml new file mode 100644 index 00000000..e0ef086c --- /dev/null +++ b/ansible/roles/rancher/molecule/default/playbook.yml @@ -0,0 +1,28 @@ +--- +- name: Converge rancher master + hosts: infrastructure + roles: + - prepare-common # molecule specific role needed here to populate cluster_ip + - role: rancher + vars: + mode: server + rancher_server_url: "http://{{ cluster_ip }}:8080" + +- name: Converge rancher agent + hosts: kubernetes + roles: + - role: rancher + vars: + mode: agent + +- name: Wait for Kubernetes environment to be healthy + hosts: infrastructure + roles: + - role: rancher + vars: + mode: health + rancher_server_url: "http://{{ cluster_ip }}:8080" + # Do not get rancher cluster healthy in this env (to be checked), + # but it's enough in molecule test to verify we get this unhealthy response + rancher_cluster_health_state: unhealthy + rancher_cluster_health_check_retries: 40 diff --git a/ansible/roles/rancher/molecule/default/prepare.yml b/ansible/roles/rancher/molecule/default/prepare.yml new file mode 100644 index 00000000..90159c6c --- /dev/null +++ b/ansible/roles/rancher/molecule/default/prepare.yml @@ -0,0 +1,5 @@ +--- +- name: Prepare kube nodes + hosts: kubernetes + roles: + - prepare-docker diff --git a/ansible/roles/rancher/tasks/rancher_health.yml b/ansible/roles/rancher/tasks/rancher_health.yml index b0323739..b6e8d68b 100644 --- a/ansible/roles/rancher/tasks/rancher_health.yml +++ b/ansible/roles/rancher/tasks/rancher_health.yml @@ -3,6 +3,6 @@ uri: url: "{{ rancher_server_url }}/v2-beta/projects/{{ k8s_env_id }}" register: env_info - retries: 30 + retries: "{{ rancher_cluster_health_check_retries }}" delay: 15 - until: "env_info.json.healthState == 'healthy'" + until: env_info.json.healthState == rancher_cluster_health_state diff --git a/ansible/test/roles/cleanup-containers/tasks/main.yml b/ansible/test/roles/cleanup-containers/tasks/main.yml new file mode 100644 index 00000000..3a800c9e --- /dev/null +++ b/ansible/test/roles/cleanup-containers/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Remove containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ container_list }}" diff --git a/ansible/test/roles/cleanup-nfs/tasks/main.yml b/ansible/test/roles/cleanup-nfs/tasks/main.yml new file mode 100644 index 00000000..e0ca4a41 --- /dev/null +++ b/ansible/test/roles/cleanup-nfs/tasks/main.yml @@ -0,0 +1,5 @@ +- name: "Unmount /dockerdata-nfs if mounted" + ignore_errors: true + mount: + path: /dockerdata-nfs + state: unmounted diff --git a/ansible/test/roles/prepare-common/tasks/main.yml b/ansible/test/roles/prepare-common/tasks/main.yml new file mode 100644 index 00000000..11dcbe71 --- /dev/null +++ b/ansible/test/roles/prepare-common/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: Fetch docker host ip + block: + - name: Get docker host ip to access host where container running (as dood) + shell: | + set -o pipefail + ip route | awk '/default/ { print $3 }' + args: + executable: /bin/bash + register: ip + changed_when: false + + - name: "set docker host ip {{ ip.stdout }} for cluster_ip" + set_fact: + cluster_ip: "{{ ip.stdout }}" + when: inventory_hostname != 'localhost' + +- name: Set fact for localhost OS + block: + - name: set localhost fact + set_fact: + localhost_ansible_os_family: "{{ hostvars['localhost'].ansible_os_family }}" + + - name: debug + debug: + var: localhost_ansible_os_family + when: hostvars['localhost'].ansible_os_family is defined + +- name: debug + debug: + var: ansible_os_family
\ No newline at end of file |