diff options
Diffstat (limited to 'ansible/roles')
50 files changed, 501 insertions, 34 deletions
diff --git a/ansible/roles/application/.gitignore b/ansible/roles/application/.gitignore deleted file mode 100644 index 155cbb20..00000000 --- a/ansible/roles/application/.gitignore +++ /dev/null @@ -1 +0,0 @@ -application/ diff --git a/ansible/roles/application/defaults/main.yml b/ansible/roles/application/defaults/main.yml index 2ae668ac..6a7472a6 100644 --- a/ansible/roles/application/defaults/main.yml +++ b/ansible/roles/application/defaults/main.yml @@ -5,11 +5,15 @@ helm_extra_install_options: - { opt: '--timeout 1800'} # Override file generation for Helm application can be customized by any role # given by user and found by ansible from roles_path. -# By default override file is generated by 'application-override' role that is -# specific for offline installer (for onap) as it's generating server -# certificate needed to simulate internet by offline installer. +# By default override file is generated by 'application-override' role that +# allows specifying custom helm overrides as the value of "override" +# dictionary in inventory or extravars. app_skip_helm_override: false app_helm_override_role: application-override app_helm_override_file: "{{ app_data_path }}/override.yaml" -helm_overide_files: - - "{{ app_helm_override_file }}" +# List of additional helm override files, the one generated above overrides +# every file listed here. In addition, the order of override files in this list +# matters, settings in latter files override the former.. +# Paths provided here must be absolute. +helm_override_files: + - "{{ app_helm_charts_infra_directory }}/onap/resources/overrides/onap-all.yaml" diff --git a/ansible/roles/application/molecule/custom_role/Dockerfile.j2 b/ansible/roles/application/molecule/custom_role/Dockerfile.j2 new file mode 120000 index 00000000..867ec5c3 --- /dev/null +++ b/ansible/roles/application/molecule/custom_role/Dockerfile.j2 @@ -0,0 +1 @@ +../default/Dockerfile.j2
\ No newline at end of file diff --git a/ansible/roles/application/molecule/custom_role/molecule.yml b/ansible/roles/application/molecule/custom_role/molecule.yml new file mode 100644 index 00000000..f9b29d92 --- /dev/null +++ b/ansible/roles/application/molecule/custom_role/molecule.yml @@ -0,0 +1,55 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: instance + image: centos:7 +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + group_vars: + all: + app_name: moleculetestapp + app_data_path: "/opt/{{ app_name }}" + app_helm_release_name: "{{ app_name }}" + app_kubernetes_namespace: "{{ app_name }}" + app_helm_charts_install_directory: application/helm_charts + app_helm_plugins_directory: "{{ app_helm_charts_install_directory}}/helm/plugins/" + app_helm_charts_infra_directory: "{{ app_data_path }}/helm_charts" + helm_bin_dir: /usr/local/bin + app_helm_build_targets: + - all + - onap + app_helm_chart_name: "{{ app_name }}" + application_pre_install_role: application/test-patch-role + application_post_install_role: application/test-patch-role + lint: + name: ansible-lint + playbooks: + prepare: ../default/prepare.yml + converge: ../default/playbook.yml + cleanup: ../default/cleanup.yml +scenario: + name: custom_role + test_sequence: + - lint + - cleanup + - destroy + - dependency + - syntax + - create + - prepare + - converge + - verify + - cleanup + - destroy +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/roles/application/molecule/custom_role/tests b/ansible/roles/application/molecule/custom_role/tests new file mode 120000 index 00000000..b8ac4407 --- /dev/null +++ b/ansible/roles/application/molecule/custom_role/tests @@ -0,0 +1 @@ +../default/tests/
\ No newline at end of file diff --git a/ansible/roles/application/molecule/default/cleanup.yml b/ansible/roles/application/molecule/default/cleanup.yml new file mode 100644 index 00000000..996acaf1 --- /dev/null +++ b/ansible/roles/application/molecule/default/cleanup.yml @@ -0,0 +1,6 @@ +--- +- name: Cleanup infra + hosts: all + ignore_unreachable: true + roles: + - cleanup-application diff --git a/ansible/roles/application/molecule/default/molecule.yml b/ansible/roles/application/molecule/default/molecule.yml index 8f19d7ff..30c752e2 100644 --- a/ansible/roles/application/molecule/default/molecule.yml +++ b/ansible/roles/application/molecule/default/molecule.yml @@ -27,8 +27,6 @@ provisioner: - all - onap app_helm_chart_name: "{{ app_name }}" - application_pre_install_role: - application_post_install_role: lint: name: ansible-lint scenario: diff --git a/ansible/roles/application/molecule/default/tests/test_default.py b/ansible/roles/application/molecule/default/tests/test_default.py index 5edceff3..22298e3a 100644 --- a/ansible/roles/application/molecule/default/tests/test_default.py +++ b/ansible/roles/application/molecule/default/tests/test_default.py @@ -16,7 +16,8 @@ serve repo list repo add local http://127.0.0.1:8879 install --name moleculetestapp local/moleculetestapp --namespace \ -moleculetestapp -f /opt/moleculetestapp/override.yaml \ +moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ +overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ --timeout 1800""" assert fc == expected_content diff --git a/ansible/roles/application/tasks/install.yml b/ansible/roles/application/tasks/install.yml index 003631d7..2ac2fd6b 100644 --- a/ansible/roles/application/tasks/install.yml +++ b/ansible/roles/application/tasks/install.yml @@ -59,6 +59,16 @@ name: "{{ app_helm_override_role }}" when: not app_skip_helm_override +# The generated override file is added to override list unless skipped. +- name: Add application helm override file to list of overrides unless skipped + set_fact: + helm_override_files: "{{ (helm_override_files | default([])) + [app_helm_override_file] }}" + when: not app_skip_helm_override + +- name: Print final list of override files + debug: + var: helm_override_files + - name: Check for deploy plugin presence stat: path: '{{ helm_home_dir.stdout }}/plugins/deploy/deploy.sh' @@ -71,7 +81,7 @@ {{ app_helm_release_name }} {{ helm_repository_name }}/{{ app_helm_chart_name }} --namespace {{ app_kubernetes_namespace }} - {% if not app_skip_helm_override %} {% for arg in helm_overide_files %} {{ '-f ' + arg }} {% endfor %} {% endif %} + {% for arg in helm_override_files %} {{ '-f ' + arg }} {% endfor %} {% for arg in helm_extra_install_options %} {{ arg.opt }} {% endfor %} changed_when: true # when executed its a changed type of action register: helm_install diff --git a/ansible/roles/application/tasks/transfer-helm-charts.yml b/ansible/roles/application/tasks/transfer-helm-charts.yml index 0cd7c02f..5e4240b6 100644 --- a/ansible/roles/application/tasks/transfer-helm-charts.yml +++ b/ansible/roles/application/tasks/transfer-helm-charts.yml @@ -40,5 +40,5 @@ dest: "{{ helm_home_dir.stdout }}/plugins" directory_mode: true mode: 0755 - with_items: "{{ list_of_plugins.files }}" + loop: "{{ list_of_plugins.files }}" when: app_helm_plugins_directory is defined and app_helm_plugins_directory is not none diff --git a/ansible/roles/chrony/molecule/default/playbook.yml b/ansible/roles/chrony/molecule/default/playbook.yml index 7dccfc35..717d0f39 100644 --- a/ansible/roles/chrony/molecule/default/playbook.yml +++ b/ansible/roles/chrony/molecule/default/playbook.yml @@ -1,6 +1,10 @@ --- - name: Converge infrastructure hosts hosts: infrastructure + tasks: + - name: Set cluster_ip fact + set_fact: + cluster_ip: "{{ ansible_default_ipv4.address }}" roles: - chrony diff --git a/ansible/roles/chrony/molecule/default/tests/test_default.py b/ansible/roles/chrony/molecule/default/tests/test_default.py new file mode 100644 index 00000000..08f85d37 --- /dev/null +++ b/ansible/roles/chrony/molecule/default/tests/test_default.py @@ -0,0 +1,42 @@ +import os +import pytest + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +@pytest.fixture +def chrony_conf_file(host, os_family): + conf = host.ansible('include_vars', 'file=../../defaults/main.yml')[ + 'ansible_facts']['chrony']['conf'][os_family]['config_file'] + return conf + + +@pytest.fixture +def os_family(host): + osf = host.ansible("setup")['ansible_facts']['ansible_os_family'] + return osf + + +def test_chrony_conf_file_exists(host, chrony_conf_file): + assert host.file(chrony_conf_file).exists, 'Config file not found!' + + +def test_chrony_service_running_enabled(host): + assert host.service('chronyd').is_running, \ + 'Chronyd service is not running!' + assert host.service('chronyd').is_enabled, \ + 'Chronyd service is not enabled!' + + +def test_ntp_synchronized(host, chrony_conf_file): + assert host.file(chrony_conf_file).exists, 'Config file not found!' + if host.file(chrony_conf_file).contains("server "): + out = host.check_output('systemctl status chronyd') + assert 'Selected source' in out, \ + 'Chronyd did not synchronize with NTP server.' + else: + # Host acts as a time source + pass diff --git a/ansible/roles/chrony/molecule/external_time_source/molecule.yml b/ansible/roles/chrony/molecule/external_time_source/molecule.yml new file mode 100644 index 00000000..e38f4295 --- /dev/null +++ b/ansible/roles/chrony/molecule/external_time_source/molecule.yml @@ -0,0 +1,49 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infra_host + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - infrastructure + - name: node0 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - kubernetes +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + group_vars: + all: + timesync: + servers: + - 0.pool.ntp.org + - 1.pool.ntp.org + timezone: Europe/Warsaw + playbooks: + prepare: ../default/prepare.yml +verifier: + name: testinfra + lint: + name: flake8 + options: + v: 1 + directory: ../default/tests/ diff --git a/ansible/roles/chrony/molecule/external_time_source/playbook.yml b/ansible/roles/chrony/molecule/external_time_source/playbook.yml new file mode 100644 index 00000000..7dccfc35 --- /dev/null +++ b/ansible/roles/chrony/molecule/external_time_source/playbook.yml @@ -0,0 +1,10 @@ +--- +- name: Converge infrastructure hosts + hosts: infrastructure + roles: + - chrony + +- name: Converge kubernetes hosts + hosts: kubernetes + roles: + - chrony diff --git a/ansible/roles/chrony/molecule/external_time_source_ubuntu/molecule.yml b/ansible/roles/chrony/molecule/external_time_source_ubuntu/molecule.yml new file mode 100644 index 00000000..6cc2854a --- /dev/null +++ b/ansible/roles/chrony/molecule/external_time_source_ubuntu/molecule.yml @@ -0,0 +1,50 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infra_host-ubuntu + image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - infrastructure + - name: node0-ubuntu + image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} + pre_build_image: True + privileged: true + volume_mounts: + - "/sys/fs/cgroup:/sys/fs/cgroup:ro" + override_command: False + groups: + - kubernetes +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + group_vars: + all: + timesync: + servers: + - 0.pool.ntp.org + - 1.pool.ntp.org + timezone: Europe/Warsaw + playbooks: + prepare: ../default/prepare.yml + converge: ../external_time_source/playbook.yml +verifier: + name: testinfra + lint: + name: flake8 + options: + v: 1 + directory: ../default/tests/ diff --git a/ansible/roles/chrony/molecule/ubuntu/molecule.yml b/ansible/roles/chrony/molecule/ubuntu/molecule.yml index dd2b9655..e7ede8c7 100644 --- a/ansible/roles/chrony/molecule/ubuntu/molecule.yml +++ b/ansible/roles/chrony/molecule/ubuntu/molecule.yml @@ -37,3 +37,6 @@ verifier: name: testinfra lint: name: flake8 + options: + v: 1 + directory: ../default/tests/ diff --git a/ansible/roles/dns/handlers/main.yml b/ansible/roles/dns/handlers/main.yml index cd1e4b47..3d7570f5 100644 --- a/ansible/roles/dns/handlers/main.yml +++ b/ansible/roles/dns/handlers/main.yml @@ -2,6 +2,7 @@ - name: Run dns server container docker_container: name: dns-server + network_mode: host image: "{{ dns_server_image }}" command: -H /simulated_hosts --log-facility=- --dns-loop-detect capabilities: NET_ADMIN diff --git a/ansible/roles/dns/molecule/default/cleanup.yml b/ansible/roles/dns/molecule/default/cleanup.yml new file mode 100644 index 00000000..60195bb3 --- /dev/null +++ b/ansible/roles/dns/molecule/default/cleanup.yml @@ -0,0 +1,6 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + roles: + - cleanup-dns diff --git a/ansible/roles/helm/molecule/default/group_vars/infrastructure.yml b/ansible/roles/helm/molecule/default/group_vars/infrastructure.yml new file mode 120000 index 00000000..3e9c2f0c --- /dev/null +++ b/ansible/roles/helm/molecule/default/group_vars/infrastructure.yml @@ -0,0 +1 @@ +../../../../../group_vars/infrastructure.yml
\ No newline at end of file diff --git a/ansible/roles/helm/molecule/default/prepare.yml b/ansible/roles/helm/molecule/default/prepare.yml index 8a149b89..34c41e8e 100644 --- a/ansible/roles/helm/molecule/default/prepare.yml +++ b/ansible/roles/helm/molecule/default/prepare.yml @@ -1,5 +1,8 @@ --- - name: Prepare for helm tests - hosts: all + hosts: infrastructure + pre_tasks: + - name: Include infrastructure group variables + include_vars: ../../../../group_vars/infrastructure.yml roles: - prepare-helm diff --git a/ansible/roles/helm/tasks/main.yml b/ansible/roles/helm/tasks/main.yml index 2521ad28..c1b47103 100644 --- a/ansible/roles/helm/tasks/main.yml +++ b/ansible/roles/helm/tasks/main.yml @@ -1,7 +1,11 @@ --- - name: Install Helm - copy: - src: "{{ app_data_path }}/downloads/helm" + unarchive: + src: "{{ app_data_path }}/downloads/helm-{{ helm_version }}-linux-amd64.tar.gz" dest: "{{ helm_bin_dir }}" + extra_opts: + - --strip=1 + - --wildcards + - '*/helm' remote_src: true mode: 0755 diff --git a/ansible/roles/nexus/.yamllint b/ansible/roles/nexus/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/roles/nexus/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/roles/nexus/defaults/main.yml b/ansible/roles/nexus/defaults/main.yml index 8f636979..194f88bf 100644 --- a/ansible/roles/nexus/defaults/main.yml +++ b/ansible/roles/nexus/defaults/main.yml @@ -6,4 +6,6 @@ populate_nexus: false # but all images are pre-populated either at buildtime or at install time (populate_nexus). runtime_images: {} # Default rule for tarball naming translation +nexus_url: "{{ nexus_url_scheme | default('https') }}://nexus.{{ hostvars[groups.infrastructure[0]].ansible_nodename }}{{ nexus_port | default('') }}" nexus3_image_tar: "{{ nexus3_image | regex_replace('(\\/|\\:)', '_') }}.tar" +nexus3_published_ports: [] diff --git a/ansible/roles/nexus/molecule/default/cleanup.yml b/ansible/roles/nexus/molecule/default/cleanup.yml new file mode 100644 index 00000000..1517e53e --- /dev/null +++ b/ansible/roles/nexus/molecule/default/cleanup.yml @@ -0,0 +1,8 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + vars_files: + - ../../defaults/main.yml + roles: + - cleanup-nexus diff --git a/ansible/roles/nexus/molecule/default/molecule.yml b/ansible/roles/nexus/molecule/default/molecule.yml new file mode 100644 index 00000000..63c47724 --- /dev/null +++ b/ansible/roles/nexus/molecule/default/molecule.yml @@ -0,0 +1,30 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + volumes: + - /var/lib/docker + groups: + - infrastructure +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + links: + group_vars: ../../../../group_vars + lint: + name: ansible-lint +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/roles/nexus/molecule/default/playbook.yml b/ansible/roles/nexus/molecule/default/playbook.yml new file mode 100644 index 00000000..e10ea55b --- /dev/null +++ b/ansible/roles/nexus/molecule/default/playbook.yml @@ -0,0 +1,11 @@ +--- +- name: Converge + hosts: all + vars: + nexus_port: ":8081" + nexus3_published_ports: + - "{{ '8081' + nexus_port }}" + nexus_url_scheme: http + populate_nexus: true + roles: + - nexus diff --git a/ansible/roles/nexus/molecule/default/prepare.yml b/ansible/roles/nexus/molecule/default/prepare.yml new file mode 100644 index 00000000..f7290bd5 --- /dev/null +++ b/ansible/roles/nexus/molecule/default/prepare.yml @@ -0,0 +1,8 @@ +--- +- name: Prepare + hosts: all + vars_files: + - ../../defaults/main.yml + roles: + - prepare-docker-dind + - prepare-nexus diff --git a/ansible/roles/nexus/tasks/insert-images.yml b/ansible/roles/nexus/tasks/insert-images.yml index 6c283330..404889f4 100644 --- a/ansible/roles/nexus/tasks/insert-images.yml +++ b/ansible/roles/nexus/tasks/insert-images.yml @@ -18,4 +18,4 @@ push: true load_path: "{{ item.path }}" timeout: 120 - changed_when: false # for idenpotence + changed_when: false # for idempotence diff --git a/ansible/roles/nexus/tasks/install.yml b/ansible/roles/nexus/tasks/install.yml index c88e5855..6ac2b131 100644 --- a/ansible/roles/nexus/tasks/install.yml +++ b/ansible/roles/nexus/tasks/install.yml @@ -24,6 +24,7 @@ image: "{{ nexus3_image }}" networks: - name: nexus_network + published_ports: "{{ nexus3_published_ports }}" volumes: - "{{ app_data_path }}/nexus_data:/nexus-data:rw" state: started diff --git a/ansible/roles/nexus/tasks/runtime-populate.yml b/ansible/roles/nexus/tasks/runtime-populate.yml index ac947ec7..2d90bf22 100644 --- a/ansible/roles/nexus/tasks/runtime-populate.yml +++ b/ansible/roles/nexus/tasks/runtime-populate.yml @@ -8,4 +8,4 @@ # WA: block of tasks cant be executed in iterations # need to iterate over those tasks in include - include: "insert-images.yml" - with_items: "{{ tar_images.files }}" + loop: "{{ tar_images.files }}" diff --git a/ansible/roles/nexus/vars/main.yml b/ansible/roles/nexus/vars/main.yml deleted file mode 100644 index 5ec51869..00000000 --- a/ansible/roles/nexus/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -nexus_url: "https://nexus.{{ hostvars[groups.infrastructure[0]].ansible_nodename }}" diff --git a/ansible/roles/nginx/.yamllint b/ansible/roles/nginx/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/roles/nginx/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/roles/nginx/defaults/main.yml b/ansible/roles/nginx/defaults/main.yml index 260de9bf..8bf44197 100644 --- a/ansible/roles/nginx/defaults/main.yml +++ b/ansible/roles/nginx/defaults/main.yml @@ -4,7 +4,7 @@ simulated_hosts: http: nexus: all_simulated_hosts: - "{{ simulated_hosts.git + simulated_hosts.http + simulated_hosts.nexus }}" + "{{ simulated_hosts.git + simulated_hosts.http + simulated_hosts.nexus }}" nginx: ports: diff --git a/ansible/roles/nginx/molecule/default/cleanup.yml b/ansible/roles/nginx/molecule/default/cleanup.yml new file mode 100644 index 00000000..9870a553 --- /dev/null +++ b/ansible/roles/nginx/molecule/default/cleanup.yml @@ -0,0 +1,6 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + roles: + - cleanup-nginx diff --git a/ansible/roles/nginx/molecule/default/molecule.yml b/ansible/roles/nginx/molecule/default/molecule.yml new file mode 100644 index 00000000..63c47724 --- /dev/null +++ b/ansible/roles/nginx/molecule/default/molecule.yml @@ -0,0 +1,30 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + volumes: + - /var/lib/docker + groups: + - infrastructure +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + links: + group_vars: ../../../../group_vars + lint: + name: ansible-lint +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/roles/nginx/molecule/default/playbook.yml b/ansible/roles/nginx/molecule/default/playbook.yml new file mode 100644 index 00000000..431bb666 --- /dev/null +++ b/ansible/roles/nginx/molecule/default/playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Converge + hosts: all + roles: + - nginx diff --git a/ansible/roles/nginx/molecule/default/prepare.yml b/ansible/roles/nginx/molecule/default/prepare.yml new file mode 100644 index 00000000..5c6ff5d8 --- /dev/null +++ b/ansible/roles/nginx/molecule/default/prepare.yml @@ -0,0 +1,8 @@ +--- +- name: Prepare + hosts: all + vars_files: + - ../../../../roles/nginx/defaults/main.yml + roles: + - prepare-docker-dind + - prepare-nginx diff --git a/ansible/roles/resource-data/tasks/unarchive-resource.yml b/ansible/roles/resource-data/tasks/unarchive-resource.yml index 9097ddc8..879a9dfe 100644 --- a/ansible/roles/resource-data/tasks/unarchive-resource.yml +++ b/ansible/roles/resource-data/tasks/unarchive-resource.yml @@ -1,11 +1,11 @@ --- # -# Wrapper to pass through following variables +# Wrapper to pass through following variables: # resources_source_host # resources_dir # resource_source_filename # resource_destination_directory -# And handling target directory creation and possible removal on failure. +# and handle target directory creation and eventual removal on failure. # Idempotence is also handled here as nothing is done if resource_destination_directory # was already created. # @@ -48,9 +48,12 @@ - name: "Cleanup the destination directory {{ resource_destination_directory }} on error" file: - path: "{{ item.path }}" + path: "{{ files_item.path }}" state: absent - with_items: "{{ files_after_fail.files | difference(original_files.files) }}" + loop: "{{ files_after_fail.files | difference(original_files.files) }}" + loop_control: + label: "{{ files_item.path }}" + loop_var: files_item when: files_after_fail is defined - name: "Report failure of upload operation" diff --git a/ansible/roles/rke/defaults/main.yml b/ansible/roles/rke/defaults/main.yml index 88216857..2f160fc2 100644 --- a/ansible/roles/rke/defaults/main.yml +++ b/ansible/roles/rke/defaults/main.yml @@ -1,5 +1,5 @@ --- -rke_binary: rke +rke_binary: rke_linux-amd64 rke_username: rke rke_bin_dir: /usr/local/bin kube_config_dir: "{{ ansible_env.HOME }}/.kube" diff --git a/ansible/roles/rke/molecule/default/molecule.yml b/ansible/roles/rke/molecule/default/molecule.yml index e8e5ad76..6ae613a9 100644 --- a/ansible/roles/rke/molecule/default/molecule.yml +++ b/ansible/roles/rke/molecule/default/molecule.yml @@ -19,7 +19,9 @@ platforms: container: docker groups: - infrastructure + - kubernetes-etcd - kubernetes-control-plane + - kubernetes networks: - name: rke purge_networks: true @@ -37,6 +39,7 @@ platforms: - /var/lib/docker groups: - kubernetes + - kubernetes-node networks: - name: rke purge_networks: true @@ -54,6 +57,7 @@ platforms: - /var/lib/docker groups: - kubernetes + - kubernetes-node networks: - name: rke purge_networks: true diff --git a/ansible/roles/rke/molecule/default/playbook.yml b/ansible/roles/rke/molecule/default/playbook.yml index 09dbfb8e..fab7a0d0 100644 --- a/ansible/roles/rke/molecule/default/playbook.yml +++ b/ansible/roles/rke/molecule/default/playbook.yml @@ -13,10 +13,8 @@ vars: mode: config -- name: Prepare kubernetes nodes (RKE) - hosts: - - kubernetes - - kubernetes-control-plane +- name: Prepare kubernetes hosts (RKE) + hosts: kubernetes roles: - role: rke vars: diff --git a/ansible/roles/rke/molecule/default/tests/test_kubernetes.py b/ansible/roles/rke/molecule/default/tests/test_etcd.py index 887494fa..0f4b6f12 100644 --- a/ansible/roles/rke/molecule/default/tests/test_kubernetes.py +++ b/ansible/roles/rke/molecule/default/tests/test_etcd.py @@ -4,10 +4,10 @@ import pytest import testinfra.utils.ansible_runner testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes') + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-etcd') @pytest.mark.parametrize('container_name', [ - 'etcd', 'kubelet', 'kube-proxy']) + 'etcd']) def test_container_running(host, container_name): assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/molecule/default/tests/test_nodes.py b/ansible/roles/rke/molecule/default/tests/test_nodes.py new file mode 100644 index 00000000..60413018 --- /dev/null +++ b/ansible/roles/rke/molecule/default/tests/test_nodes.py @@ -0,0 +1,13 @@ +import os +import pytest + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-node') + + +@pytest.mark.parametrize('container_name', [ + 'kubelet', 'kube-proxy']) +def test_container_running(host, container_name): + assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/templates/cluster.yml.j2 b/ansible/roles/rke/templates/cluster.yml.j2 index 64508e6f..2012ab92 100644 --- a/ansible/roles/rke/templates/cluster.yml.j2 +++ b/ansible/roles/rke/templates/cluster.yml.j2 @@ -1,7 +1,5 @@ nodes: -{# Note that we iterate through all nodes in relevant groups. -We check which groups they belong to exactly later to determine roles. #} -{% for node in groups['kubernetes'] | union(groups['kubernetes-control-plane']) %} +{% for node in groups['kubernetes'] %} - address: "{{ hostvars[node].cluster_ip }}" port: "22" internal_address: "{{ hostvars[node].cluster_ip }}" @@ -9,8 +7,10 @@ We check which groups they belong to exactly later to determine roles. #} {% if node in groups['kubernetes-control-plane'] %} - controlplane {% endif %} -{% if node in groups['kubernetes'] %} +{% if node in groups['kubernetes-node'] %} - worker +{% endif %} +{% if node in groups['kubernetes-etcd'] %} - etcd {% endif %} hostname_override: "" diff --git a/ansible/roles/vncserver/.yamllint b/ansible/roles/vncserver/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/roles/vncserver/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/roles/vncserver/molecule/default/cleanup.yml b/ansible/roles/vncserver/molecule/default/cleanup.yml new file mode 100644 index 00000000..16be86ef --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/cleanup.yml @@ -0,0 +1,6 @@ +--- +- name: Cleanup + hosts: all + ignore_unreachable: true + roles: + - cleanup-vncserver diff --git a/ansible/roles/vncserver/molecule/default/molecule.yml b/ansible/roles/vncserver/molecule/default/molecule.yml new file mode 100644 index 00000000..5f7e4062 --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/molecule.yml @@ -0,0 +1,32 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + volumes: + - /var/lib/docker + override_command: False + groups: + - infrastructure +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + inventory: + links: + group_vars: ../../../../group_vars +verifier: + name: testinfra + lint: + name: flake8 + options: + v: 1 diff --git a/ansible/roles/vncserver/molecule/default/playbook.yml b/ansible/roles/vncserver/molecule/default/playbook.yml new file mode 100644 index 00000000..1b253495 --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Converge + hosts: infrastructure + roles: + - vncserver diff --git a/ansible/roles/vncserver/molecule/default/prepare.yml b/ansible/roles/vncserver/molecule/default/prepare.yml new file mode 100644 index 00000000..55edb8f8 --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/prepare.yml @@ -0,0 +1,8 @@ +--- +- name: Prepare + hosts: all + vars_files: + - ../../defaults/main.yml + roles: + - prepare-docker-dind + - prepare-vncserver diff --git a/ansible/roles/vncserver/molecule/default/tests/test_default.py b/ansible/roles/vncserver/molecule/default/tests/test_default.py new file mode 100644 index 00000000..0164a3ee --- /dev/null +++ b/ansible/roles/vncserver/molecule/default/tests/test_default.py @@ -0,0 +1,10 @@ +import os + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('infrastructure') + + +def test_container_running(host): + assert host.docker('vnc-server').is_running |