diff options
author | Peter Mikus <pmikus@cisco.com> | 2019-02-20 12:19:07 +0000 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2019-02-22 16:05:38 +0000 |
commit | 53153e114017d193cdf9b88f21f4eac31bad72b7 (patch) | |
tree | 6cbe624d67ec51733928ea4a54a50d613b4b94c5 /resources/tools/testbed-setup/ansible/roles/tg_sut | |
parent | 138c1b1f56a2b59afeafb92379e955b9baf95e7a (diff) |
CSIT-1437 Create portable host-setup document
- Ansible simplified and optimalized
- Porting global variables into single file
- Rework the README.md
- Tested outside LF environemnt
Change-Id: I124cffa5c4510edf365e8b558da0c8c498f55d50
Signed-off-by: Peter Mikus <pmikus@cisco.com>
Diffstat (limited to 'resources/tools/testbed-setup/ansible/roles/tg_sut')
7 files changed, 122 insertions, 200 deletions
diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/defaults/main.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/defaults/main.yaml deleted file mode 100644 index 3a6f68fb8b..0000000000 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/defaults/main.yaml +++ /dev/null @@ -1,28 +0,0 @@ ---- -docker_edition: "ce" -docker_channel: "edge" - -docker_version: "18.05.0" -docker_install_docker_compose: True -docker_compose_version: "1.21.0" - -docker_users: ['testuser'] - -docker_daemon_options: [] -# Can be used to set environment variables for the Docker daemon, such as: -# docker_daemon_environment: -# - "HTTP_PROXY=http://proxy.example.com:3128/" -# - "HTTPS_PROXY=http://proxy.example.com:3128/" -# - "NO_PROXY=localhost,127.0.0.1" -docker_daemon_environment: [] - -docker_repository: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_channel }}" -docker_apt_package_name: "{{ docker_version }}~{{ docker_edition }}~3-0~{{ ansible_distribution | lower }}" - -apt_cache_time: 86400 - -kubernetes_channel: "main" -kubernetes_version: "1.11.0-00" - -kubernetes_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_channel }}" -kubernetes_apt_package_name: "{{ kubernetes_version }}" diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config index 2f34cfbaca..2602f93b4f 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/netplan_config @@ -6,6 +6,7 @@ network: ethernets: {{ ansible_default_ipv4["interface"] }}: addresses: [ {{ (ansible_default_ipv4.address + '/' + ansible_default_ipv4.netmask) | ipaddr('host/prefix') }} ] + dhcp4: false gateway4: {{ ansible_default_ipv4["gateway"] }} nameservers: - addresses: [ 199.204.44.24, 199.204.47.54 ] + addresses: {{ dns_servers }} diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/requirements.txt b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/requirements.txt index 11caf5d563..0ce17e2b47 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/files/requirements.txt +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/files/requirements.txt @@ -1,13 +1,56 @@ -robotframework==2.9.2 -paramiko==1.16.0 -scp==0.10.2 -ipaddress==1.0.16 -interruptingcow==0.6 -PyYAML==3.11 -pykwalify==1.5.0 -scapy==2.3.1 -enum34==1.1.2 -requests==2.9.1 +# DISCLAIMER: BEFORE EDITING THIS FILE! +# +# This file has two closely related consequences. +# The common part is that this file defines +# the content of virtual Python environment +# used when Robot tests are running. +# The difference is in which machine the environment is created on. +# For the Jenkins executor machines, +# editing this file has no surprising consequences. +# +# But the environment is also being created +# on virtual machines created by VIRL, which do have specific restrictions. +# Complete package and setting snapshot (for both VIRL and Physical Testbed), +# with network being limited in case of VIRL to local only. +# This implies pip currently being set to site-packages only +# for both VIRL and Physical Testbed. +# So if the "virl image" applied on the machine +# does not reflect the edits, some installations might fail. +# Even if the failure may not directly impact execution, +# this leads into inconsistency between installed environment +# and the code base which may lead into fatal error or uncaught exceptions. +# +# The "virl image" is built from files such as +# resources/tools/disk-image-builder/ubuntu/lists/ubuntu-16.04.1_2017-10-21_2.0/pip-requirements.txt +# but the build is not automated, +# the new "virl image" has to be built and applied manually +# before your edit can pass. +# This also means, incompatible virl images +# would make existing tests fail until your edit is merged. +# +# TODO: Automate the virtualenv download and distribution +# on all types of testbeds prior the test execution. +# TODO: Figure out a way to verify edits to this file automatically. + +# TODO: Split into directly needed packages and their dependencies. +docopt==0.6.2 # for pykwalify ecdsa==0.13 +enum34==1.1.2 +ipaddress==1.0.16 +paramiko==1.16.0 +pexpect==4.6.0 pycrypto==2.6.1 +pykwalify==1.5.0 pypcap==1.1.5 +python-dateutil==2.4.2 # for pykwalify +PyYAML==3.11 +requests==2.9.1 +robotframework==2.9.2 +scapy==2.3.1 +scp==0.10.2 +six==1.12.0 # for python-dateutil + +# The following is only there for PLRsearch. +dill==0.2.8.2 +numpy==1.14.5 +scipy==1.1.0 diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu.yaml b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu.yaml index 8604185aa2..2f75ae545d 100644 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu.yaml +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/tasks/ubuntu.yaml @@ -1,178 +1,110 @@ --- # file: roles/tg_sut/tasks/ubuntu.yaml -- name: Install python-dev +- name: Install CSIT dependencies apt: - name: 'python-dev' + name: '{{ item }}' state: 'present' - update_cache: True - tags: install-python-dev - -- name: Install python-virtualenv - apt: - name: 'python-virtualenv' - state: 'present' - update_cache: True - tags: install-python-virtualenv - -- name: Install python pip - apt: - name: 'python-pip' - state: 'present' - update_cache: True - tags: install-python-pip - -- name: Install libpcap-dev - apt: - name: 'libpcap-dev' - state: 'present' - update_cache: True - tags: install-libpcap-dev - -- name: Install cpufrequtils - apt: - name: 'cpufrequtils' - state: 'present' - update_cache: True - tags: install-cpufrequtils - -- name: Install cgroup-support - apt: - name: 'cgroup-bin' - state: 'present' - update_cache: True - tags: install-cgroup-support - -- name: Install zlib1g-dev - apt: - name: 'zlib1g-dev' - state: 'present' - update_cache: True - tags: install-zlib1g-dev - -- name: Install libnuma-dev - apt: - name: 'libnuma-dev' - state: 'present' - update_cache: True - tags: install-libnuma-dev - -- name: Install Docker and role dependencies - apt: - name: "{{ item }}" - state: "present" install_recommends: False with_items: - - "apt-transport-https" - - "ca-certificates" - - "software-properties-common" - - "cron" - tags: install-docker - -- name: Install Docker APT GPG key + - 'python-dev' + - 'python-virtualenv' + - 'python-pip' + - 'libpcap-dev' + - 'cpufrequtils' + - 'cgroup-bin' + - 'zlib1g-dev' + - 'apt-transport-https' + - 'ca-certificates' + - 'software-properties-common' + - 'cron' + - 'libnuma-dev' + tags: install-csit-dependencies + +- name: Add an Apt signing key, for docker-ce repository apt_key: url: https://download.docker.com/linux/ubuntu/gpg - state: "present" + state: 'present' tags: install-docker - name: Install Docker APT repository apt_repository: - repo: "{{ docker_repository }}" - state: "present" + repo: '{{ docker_repository }}' + state: 'present' update_cache: True tags: install-docker - name: Install Docker apt: - name: "docker-{{ docker_edition }}={{ docker_apt_package_name }}" - state: "present" - update_cache: True - install_recommends: False - cache_valid_time: "{{ apt_cache_time }}" + name: 'docker-{{ docker_edition }}={{ docker_apt_package_name }}' + state: 'present' tags: install-docker -- name: Remove Upstart docker config file +- name: Creates Docker service directory file: - path: "/etc/default/docker" - state: "absent" - tags: docker + path: '/etc/systemd/system/docker.service.d' + state: 'directory' -- name: Ensure systemd directory exists - file: - path: "/etc/systemd/system" - state: "directory" - owner: "root" - group: "root" - mode: "0755" - tags: ensure-docker +- name: Setup Docker http proxy + template: + src: 'templates/docker.service.proxy.http' + dest: '/etc/systemd/system/docker.service.d/http-proxy.conf' + owner: 'root' + group: 'root' + mode: '0644' + register: docker_register_systemd_service + when: proxy_env is defined and proxy_env.http_proxy is defined + tags: copy-docker -- name: Copy systemd docker unit file +- name: Setup Docker https proxy template: - src: "templates/docker.service.j2" - dest: "/etc/systemd/system/docker.service" - owner: "root" - group: "root" - mode: "0644" + src: 'templates/docker.service.proxy.https' + dest: '/etc/systemd/system/docker.service.d/https-proxy.conf' + owner: 'root' + group: 'root' + mode: '0644' register: docker_register_systemd_service + when: proxy_env is defined and proxy_env.https_proxy is defined tags: copy-docker - name: Reload systemd daemon - command: "systemctl daemon-reload" - notify: ["Restart Docker"] + command: 'systemctl daemon-reload' + notify: ['Restart Docker'] when: (docker_register_systemd_service and docker_register_systemd_service is changed) tags: restart-docker -- name: Set specific users to "docker" group +- name: Set specific users to docker group user: - name: "{{ item }}" - groups: "docker" + name: '{{ item }}' + groups: 'docker' append: True - with_items: "{{ docker_users }}" + with_items: '{{ docker_users }}' when: docker_users tags: set-docker -- name: Install kubernetes APT GPG key +- name: Add an Apt signing key, for Kubernetes repository apt_key: url: https://packages.cloud.google.com/apt/doc/apt-key.gpg - state: "present" + state: 'present' tags: install-kubernetes - name: Install kubernetes APT repository apt_repository: - repo: "{{ kubernetes_repository }}" - state: "present" - update_cache: True - tags: install-kubernetes - -- name: Install kubeadm - apt: - name: "kubeadm={{ kubernetes_apt_package_name }}" - state: "present" - force: yes - update_cache: True - install_recommends: False - cache_valid_time: "{{ apt_cache_time }}" - tags: install-kubernetes - -- name: Install kubectl - apt: - name: "kubectl={{ kubernetes_apt_package_name }}" - state: "present" - force: yes + repo: '{{ kubernetes_repository }}' + state: 'present' update_cache: True - install_recommends: False - cache_valid_time: "{{ apt_cache_time }}" tags: install-kubernetes -- name: Install kubelet +- name: Install Kubernetes apt: - name: "kubelet={{ kubernetes_apt_package_name }}" - state: "present" + name: '{{ item }}={{ kubernetes_apt_package_name }}' + state: 'present' force: yes - update_cache: True - install_recommends: False - cache_valid_time: "{{ apt_cache_time }}" + with_items: + - 'kubeadm' + - 'kubectl' + - 'kubelet' tags: install-kubernetes - name: Apply kubelet parameter diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.j2 b/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.j2 deleted file mode 100644 index 26a1bcf372..0000000000 --- a/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.j2 +++ /dev/null @@ -1,34 +0,0 @@ -# {{ ansible_managed }} - -[Unit] -Description=Docker Application Container Engine -Documentation=https://docs.docker.com -After=network-online.target docker.socket -Requires=docker.socket - -[Service] -Type=notify -# the default is not to use systemd for cgroups because the delegate issues still -# exists and systemd currently does not support the cgroup feature set required -# for containers run by docker -{% if docker_daemon_environment %} -Environment="{{ docker_daemon_environment | join('" "') }}" -{% endif %} -ExecStart=/usr/bin/dockerd {{ docker_daemon_options | join(" ") }} -ExecReload=/bin/kill -s HUP $MAINPID -# Having non-zero Limit*s causes performance problems due to accounting overhead -# in the kernel. We recommend using cgroups to do container-local accounting. -LimitNOFILE=infinity -LimitNPROC=infinity -LimitCORE=infinity -# Uncomment TasksMax if your systemd version supports it. -# Only systemd 226 and above support this version. -TasksMax=infinity -TimeoutStartSec=0 -# set delegate yes so that systemd does not reset the cgroups of docker containers -Delegate=yes -# kill only the docker process, not all processes in the cgroup -KillMode=process - -[Install] -WantedBy=multi-user.target diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.proxy.http b/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.proxy.http new file mode 100644 index 0000000000..73ceba3870 --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.proxy.http @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[Service] +Environment="{{ docker_daemon_environment_http | join('" "') }}" diff --git a/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.proxy.https b/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.proxy.https new file mode 100644 index 0000000000..1c2097eb9d --- /dev/null +++ b/resources/tools/testbed-setup/ansible/roles/tg_sut/templates/docker.service.proxy.https @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[Service] +Environment="{{ docker_daemon_environment_https | join('" "') }}" |