Skip to content

Commit

Permalink
testo
Browse files Browse the repository at this point in the history
  • Loading branch information
Alex-Welsh committed Mar 15, 2024
1 parent cb130b2 commit 2b00828
Show file tree
Hide file tree
Showing 8 changed files with 742 additions and 203 deletions.
592 changes: 391 additions & 201 deletions .github/workflows/overcloud-host-image-build.yml

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,10 @@
# Network interface definitions for the controller group.

# Controller interface on all-in-one network.
aio_interface: breth1
# aio_interface: breth1
aio_interface: ens3
# Use dummy1 if it exists, otherwise the bridge will have no ports.
aio_bridge_ports: "{{ ['dummy1'] if ('dummy1' in hostvars[inventory_hostname].ansible_facts) or (os_distribution == 'rocky' and os_release == '9') else [] }}"
# aio_bridge_ports: "{{ ['dummy1'] if ('dummy1' in hostvars[inventory_hostname].ansible_facts) or (os_distribution == 'rocky' and os_release == '9') else [] }}"

###############################################################################
# Dummy variable to allow Ansible to accept this file.
Expand Down
191 changes: 191 additions & 0 deletions terraform/host-image-builder/README.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,191 @@
==========================
Terraform All in one (aio)
==========================

This Terraform configuration deploys a single VM on an OpenStack cloud, to be
used as an all-in-one Kayobe test environment.

This configuration is used in the GitHub Actions all-in-one.yml workflow for CI
testing.

Usage
=====

These instructions show how to use this Terraform configuration manually. They
assume you are running an Ubuntu host that will be used to run Terraform. The
machine should have network access to the VM that will be created by this
configuration.

Install Terraform:

.. code-block:: console
wget -qO - terraform.gpg https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/terraform-archive-keyring.gpg
sudo echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/terraform-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/terraform.list
sudo apt update
sudo apt install docker.io terraform
Clone and initialise the Kayobe config:

.. code-block:: console
git clone https://github.com/stackhpc/stackhpc-kayobe-config
cd stackhpc-kayobe-config
git submodule init
git submodule update
Change to the terraform/aio directory:

.. code-block:: console
cd terraform/aio
Initialise Terraform:

.. code-block:: console
terraform init
Generate an SSH keypair:

.. code-block:: console
ssh-keygen -f id_rsa -N ''
Create an OpenStack clouds.yaml file with your credentials to access an
OpenStack cloud. Alternatively, download one from Horizon.

.. code-block:: console
cat << EOF > clouds.yaml
---
clouds:
sms-lab:
auth:
auth_url: https://api.sms-lab.cloud:5000
username: <username>
project_name: <project>
domain_name: default
interface: public
EOF
Export environment variables to use the correct cloud and provide a password:

.. code-block:: console
export OS_CLOUD=sms-lab
read -p OS_PASSWORD -s OS_PASSWORD
export OS_PASSWORD
Generate Terraform variables:

.. code-block:: console
cat << EOF > terraform.tfvars
ssh_public_key = "id_rsa.pub"
aio_vm_name = "kayobe-aio"
aio_vm_image = "overcloud-centos-8-stream-yoga-20230525T095243"
aio_vm_flavor = "general.v1.medium"
aio_vm_network = "stackhpc-ipv4-geneve"
aio_vm_subnet = "stackhpc-ipv4-geneve-subnet"
EOF
Generate a plan:

.. code-block:: console
terraform plan
Apply the changes:

.. code-block:: console
terraform apply -auto-approve
Write Terraform outputs to a Kayobe config file:

.. code-block:: console
terraform output -json > ../../etc/kayobe/environments/$KAYOBE_ENVIRONMENT/tf-outputs.yml
Change to the repository root:

.. code-block:: console
cd ../../
Write Terraform network config:

.. code-block:: console
cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/tf-networks.yml
admin_oc_net_name: admin
admin_cidr: "{{ access_cidr.value }}"
admin_allocation_pool_start: 0.0.0.0
admin_allocation_pool_end: 0.0.0.0
admin_gateway: "{{ access_gw.value }}"
admin_bootproto: dhcp
admin_ips:
controller0: "{{ access_ip_v4.value }}"
EOF
Write Terraform network interface config:

.. code-block:: console
cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/controllers/tf-network-interfaces
admin_interface: "{{ access_interface.value }}"
EOF
Build a Kayobe image:

.. code-block:: console
sudo DOCKER_BUILDKIT=1 docker build --file .automation/docker/kayobe/Dockerfile --tag kayobe:latest .
Use the ci-aio environment:

.. code-block:: console
export KAYOBE_ENVIRONMENT=ci-aio
Set the Kayobe Vault password env var:

.. code-block:: console
read -p KAYOBE_VAULT_PASSWORD -s KAYOBE_VAULT_PASSWORD
export KAYOBE_VAULT_PASSWORD
Set the Kayobe SSH private key env var:

.. code-block:: console
export KAYOBE_AUTOMATION_SSH_PRIVATE_KEY=$(cat terraform/aio/id_rsa)
Host configure:

.. code-block:: console
sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-host-configure.sh
Service deploy:

.. code-block:: console
sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-service-deploy.sh
Configure aio resources:

.. code-block:: console
sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/configure-aio-resources.yml
Run Tempest:

.. code-block:: console
mkdir -p tempest-artifacts
sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -v $(pwd)/tempest-artifacts:/stack/tempest-artifacts -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/tempest.sh -e ansible_user=stack
Tempest results are in tempest-artifacts.
15 changes: 15 additions & 0 deletions terraform/host-image-builder/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
output "access_ip_v4" {
value = openstack_compute_instance_v2.kayobe-host-image-builder.access_ip_v4
}

output "access_cidr" {
value = data.openstack_networking_subnet_v2.network.cidr
}

output "access_gw" {
value = data.openstack_networking_subnet_v2.network.gateway_ip
}

output "access_interface" {
value = var.host_image_builder_interface
}
14 changes: 14 additions & 0 deletions terraform/host-image-builder/provider.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
#provider "openstack" {
# use environment variables
#}

terraform {
required_version = ">= 0.14"
backend "local" {
}
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
}
}
}
21 changes: 21 additions & 0 deletions terraform/host-image-builder/templates/userdata.cfg.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
#cloud-config
# Don't automatically mount ephemeral disk
mounts:
- [/dev/vdb, null]
# WORKAROUND: internal DNS missing from SMS lab.
runcmd:
- 'echo "10.0.0.34 pelican pelican.service.compute.sms-lab.cloud" >> /etc/hosts'
- 'echo "10.205.3.187 pulp-server pulp-server.internal.sms-cloud" >> /etc/hosts'
# Configure SSH keys here, to avoid creating an ephemeral keypair.
# This means only the instance needs to be cleaned up if the destroy fails.
ssh_authorized_keys:
- ${ssh_public_key}

write_files:
# WORKAROUND: https://bugs.launchpad.net/kolla-ansible/+bug/1995409
- content: |
#!/bin/bash
docker exec openvswitch_vswitchd ovs-vsctl "$@"
owner: root:root
path: /usr/bin/ovs-vsctl
permissions: '0755'
9 changes: 9 additions & 0 deletions terraform/host-image-builder/terraform.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
ssh_public_key = "id_rsa.pub"
ssh_username = "cloud-user"
host_image_builder_name = "skc-ci-host-image-builder"
host_image_builder_image = "overcloud-rocky-9-yoga-20240124T094316"
host_image_builder_flavor = "en1.medium"
host_image_builder_network = "stackhpc-ci"
host_image_builder_subnet = "stackhpc-ci"
host_image_builder_tags = ["skc-ci-host-image-builder", "alex-testo"]
host_image_builder_interface = "ens3"
98 changes: 98 additions & 0 deletions terraform/host-image-builder/vm.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
variable "ssh_public_key" {
type = string
}

variable "ssh_username" {
type = string
}

variable "host_image_builder_name" {
type = string
default = "kayobe-host-image-builder"
}

variable "host_image_builder_image" {
type = string
default = "CentOS-stream8"
}

variable "host_image_builder_interface" {
type = string
default = "ens3"
}

variable "host_image_builder_flavor" {
type = string
}

variable "host_image_builder_network" {
type = string
}

variable "host_image_builder_subnet" {
type = string
}

variable "host_image_builder_volume_size" {
type = number
default = 60
}

variable "host_image_builder_tags" {
type = list(string)
default = []
}

locals {
image_is_uuid = length(regexall("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", var.host_image_builder_image)) > 0
}

data "openstack_images_image_v2" "image" {
name = var.host_image_builder_image
most_recent = true
count = local.image_is_uuid ? 0 : 1
}

data "openstack_networking_subnet_v2" "network" {
name = var.host_image_builder_subnet
}

resource "openstack_compute_instance_v2" "kayobe-host-image-builder" {
name = var.host_image_builder_name
flavor_name = "en1.medium"
config_drive = true
user_data = templatefile("templates/userdata.cfg.tpl", {ssh_public_key = file(var.ssh_public_key)})
network {
name = var.host_image_builder_network
}

block_device {
uuid = local.image_is_uuid ? var.host_image_builder_image: data.openstack_images_image_v2.image[0].id
source_type = "image"
volume_size = var.host_image_builder_volume_size
boot_index = 0
destination_type = "volume"
delete_on_termination = true
}

tags = var.host_image_builder_tags
}

# Wait for the instance to be accessible via SSH before progressing.
resource "null_resource" "kayobe-host-image-builder" {
provisioner "remote-exec" {
connection {
host = openstack_compute_instance_v2.kayobe-host-image-builder.access_ip_v4
user = var.ssh_username
private_key = file("id_rsa")
# Terraform will run the start script from /tmp by default. For the
# current images, /tmp is noexec, so the path must be changed
script_path = "/home/${var.ssh_username}/start.sh"
}

inline = [
"#!/bin/sh",
"echo 'connected!'"
]
}
}

0 comments on commit 2b00828

Please sign in to comment.