diff options
13 files changed, 206 insertions, 2 deletions
diff --git a/ansible/roles/docker/.yamllint b/ansible/roles/docker/.yamllint new file mode 100644 index 00000000..e8e79a57 --- /dev/null +++ b/ansible/roles/docker/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable +# truthy: disable diff --git a/ansible/roles/docker/molecule/default/molecule.yml b/ansible/roles/docker/molecule/default/molecule.yml new file mode 100644 index 00000000..9a87184f --- /dev/null +++ b/ansible/roles/docker/molecule/default/molecule.yml @@ -0,0 +1,38 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + command: ${MOLECULE_DOCKER_COMMAND:-""} + groups: + - infrastructure + env: + container: docker + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + inventory: + host_vars: + infrastructure-server: + cluster_ip: 1.2.3.4 +verifier: + name: testinfra + options: + verbose: true + lint: + name: flake8 + options: + ignore: W291 # trailing whitespace diff --git a/ansible/roles/docker/molecule/default/playbook.yml b/ansible/roles/docker/molecule/default/playbook.yml new file mode 100644 index 00000000..7384ae27 --- /dev/null +++ b/ansible/roles/docker/molecule/default/playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Converge + hosts: all + roles: + - role: docker diff --git a/ansible/roles/docker/molecule/default/prepare.yml b/ansible/roles/docker/molecule/default/prepare.yml new file mode 100644 index 00000000..8df759c9 --- /dev/null +++ b/ansible/roles/docker/molecule/default/prepare.yml @@ -0,0 +1,5 @@ +--- +- name: Prepare infra + hosts: all + roles: + - prepare-docker diff --git a/ansible/roles/docker/molecule/default/tests/test_default.py b/ansible/roles/docker/molecule/default/tests/test_default.py new file mode 100644 index 00000000..a8adeb65 --- /dev/null +++ b/ansible/roles/docker/molecule/default/tests/test_default.py @@ -0,0 +1,35 @@ +import os +import pytest + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +@pytest.mark.parametrize('svc', [ + 'docker' +]) +def test_service(host, svc): + service = host.service(svc) + + assert service.is_running + assert service.is_enabled + + +def test_docker_daemon_file(host): + f = host.file('/etc/docker/daemon.json') + + assert f.exists + assert f.user == 'root' + assert f.group == 'root' + assert f.content_string == """{ + "log-opts": { + "max-size": "100m", + "max-file": "3" + }, + "dns": [ + "1.2.3.4" + ], + "log-driver": "json-file" +}""" diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index de740df2..1925d09b 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -24,7 +24,7 @@ - name: Setup docker container logging settings json_mod: path: /etc/docker/daemon.json - key: '' # the whole JSON document per https://tools.ietf.org/html/rfc6901 + key: '' # the whole JSON document per https://tools.ietf.org/html/rfc6901 # "value" must be wrapped in single quote "'" with extra space in front of "{" (ansible workaround) # reference: https://stackoverflow.com/questions/31969872 value: ' { "log-driver": "json-file", "log-opts": { "max-size": "{{ docker.log_max_size }}", "max-file": "{{ docker.log_max_file }}" } }' @@ -46,4 +46,4 @@ systemd: name: docker state: started - enabled: yes + enabled: true diff --git a/ansible/test/roles/prepare-docker/tasks/docker-socket-override.yml b/ansible/test/roles/prepare-docker/tasks/docker-socket-override.yml new file mode 100644 index 00000000..0cabadf4 --- /dev/null +++ b/ansible/test/roles/prepare-docker/tasks/docker-socket-override.yml @@ -0,0 +1,13 @@ +--- +- name: Create docker.socket systemd dir for override + file: + path: /etc/systemd/system/docker.socket.d + state: directory + +- name: Fake dockerd dependent docker.socket service not to actually listen the docker socket as dockerd is not used in container only docker client + copy: + content: | + [Socket] + ListenStream= + ListenStream=/tmp/fake + dest: /etc/systemd/system/docker.socket.d/override.conf diff --git a/ansible/test/roles/prepare-docker/tasks/enable-repos.yml b/ansible/test/roles/prepare-docker/tasks/enable-repos.yml new file mode 100644 index 00000000..204bf03d --- /dev/null +++ b/ansible/test/roles/prepare-docker/tasks/enable-repos.yml @@ -0,0 +1,13 @@ +--- +- name: Enable docker repos back for Molecule testing purposes + copy: + remote_src: yes + src: "{{ item }}" + dest: "{{ (item | splitext)[0] }}" + loop: "{{ docker_needed_repos }}" + +- name: Disable offline repo for molecule testing purposes + lineinfile: + path: "{{ offline_repo_file }}" + regexp: 'enabled = 1' + line: 'enabled = 0' diff --git a/ansible/test/roles/prepare-docker/tasks/main.yml b/ansible/test/roles/prepare-docker/tasks/main.yml new file mode 100644 index 00000000..e7d87061 --- /dev/null +++ b/ansible/test/roles/prepare-docker/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: Check repositories + stat: + path: "{{ item }}" + loop: "{{ docker_needed_repos + [offline_repo_file] }}" + register: repos + +- name: Set fact for offline repos created + set_fact: + offline_repo_created: "{{ (repos.results | map(attribute='stat.exists') | list) is all }}" + +- debug: + var: offline_repo_created + +- name: Enable repos back (if package-repository role already setup offline onap repo) for molecule testing purposes to install docker + include_tasks: enable-repos.yml + when: offline_repo_created + +- name: Prepare docker repos normally + include_tasks: prepare-docker-repos.yml + when: not offline_repo_created diff --git a/ansible/test/roles/prepare-docker/tasks/prepare-docker-repos.yml b/ansible/test/roles/prepare-docker/tasks/prepare-docker-repos.yml new file mode 100644 index 00000000..26f89d64 --- /dev/null +++ b/ansible/test/roles/prepare-docker/tasks/prepare-docker-repos.yml @@ -0,0 +1,15 @@ +--- +- name: Install Docker-CE repo + yum_repository: + name: docker-ce + description: Docker-ce YUM repo + baseurl: https://download.docker.com/linux/centos/7/x86_64/stable/ + gpgcheck: true + gpgkey: https://download.docker.com/linux/centos/gpg + +- name: Install docker python bindings + import_tasks: python-bindings.yml + +- name: Fake dockerd on container + import_tasks: docker-socket-override.yml + when: ansible_env.container == 'docker' diff --git a/ansible/test/roles/prepare-docker/tasks/python-bindings.yml b/ansible/test/roles/prepare-docker/tasks/python-bindings.yml new file mode 100644 index 00000000..7a66a328 --- /dev/null +++ b/ansible/test/roles/prepare-docker/tasks/python-bindings.yml @@ -0,0 +1,3 @@ +--- +- name: Handle python2-docker dependency needed by Ansible's docker_* modules + import_tasks: python2-docker.yml diff --git a/ansible/test/roles/prepare-docker/tasks/python2-docker.yml b/ansible/test/roles/prepare-docker/tasks/python2-docker.yml new file mode 100644 index 00000000..9cb3b483 --- /dev/null +++ b/ansible/test/roles/prepare-docker/tasks/python2-docker.yml @@ -0,0 +1,38 @@ +--- +- name: Remove docker-python that is conflicting with python2-docker + package: + name: docker-python + state: absent + +- name: Create own-repo dir + file: + path: /root/own-repo + state: directory + +- name: Download python2-docker rpm for Ansible (docker_container module dep) + get_url: + url: https://cbs.centos.org/kojifiles/packages/python-docker/2.5.1/2.el7/noarch/python2-docker-2.5.1-2.el7.noarch.rpm + dest: /root/own-repo/ + register: rpm + +- name: Install createrepo + package: + name: createrepo + state: present + +- name: Run createrepo + command: createrepo /root/own-repo/ + when: rpm.changed + +- name: Create own-repo + yum_repository: + name: own-repo + description: Own repo for ansible deps + baseurl: file:///root/own-repo + enabled: true + gpgcheck: false + +- name: Install docker python module + package: + name: python2-docker + state: present diff --git a/ansible/test/roles/prepare-docker/vars/main.yml b/ansible/test/roles/prepare-docker/vars/main.yml new file mode 100644 index 00000000..c63c0dea --- /dev/null +++ b/ansible/test/roles/prepare-docker/vars/main.yml @@ -0,0 +1,7 @@ +--- +docker_needed_repos: + - /etc/yum.repos.d/CentOS-Base.repo.disabled + - /etc/yum.repos.d/docker-ce.repo.disabled + - /etc/yum.repos.d/own-repo.repo.disabled + +offline_repo_file: /etc/yum.repos.d/onap.repo
\ No newline at end of file |