testo

Change-Id: If1750f2495168e0f2d12747c7d907302fde7c6f9
stackhpc · Mar 19, 2024 · f7668d2 · f7668d2
1 parent cb130b2
commit f7668d2
Show file tree

Hide file tree

Showing 10 changed files with 820 additions and 203 deletions.
diff --git a/.github/workflows/overcloud-host-image-build.yml b/.github/workflows/overcloud-host-image-build.yml
diff --git a/etc/kayobe/environments/ci-aio/inventory/group_vars/controllers/network-interfaces b/etc/kayobe/environments/ci-aio/inventory/group_vars/controllers/network-interfaces
@@ -3,9 +3,9 @@
 # Network interface definitions for the controller group.
 
 # Controller interface on all-in-one network.
-aio_interface: breth1
+# aio_interface: breth1
 # Use dummy1 if it exists, otherwise the bridge will have no ports.
-aio_bridge_ports: "{{ ['dummy1'] if ('dummy1' in hostvars[inventory_hostname].ansible_facts) or (os_distribution == 'rocky' and os_release == '9') else [] }}"
+# aio_bridge_ports: "{{ ['dummy1'] if ('dummy1' in hostvars[inventory_hostname].ansible_facts) or (os_distribution == 'rocky' and os_release == '9') else [] }}"
 
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.

diff --git a/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/lvm b/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/lvm
@@ -0,0 +1,45 @@
+---
+###############################################################################
+# Network interface definitions for the controller group.
+
+# Controller interface on all-in-one network.
+aio_interface: ens3
+# Use dummy1 if it exists, otherwise the bridge will have no ports.
+# aio_bridge_ports: "{{ ['dummy1'] if 'dummy1' in hostvars[inventory_hostname].ansible_facts else [] }}"
+
+seed_lvm_groups:
+  - "{{ stackhpc_lvm_group_rootvg }}"
+
+# List of extra LVs to include in the rootvg VG.
+stackhpc_lvm_group_rootvg_lvs_extra:
+  - "{{ stackhpc_lvm_lv_docker }}"
+
+###############################################################################
+# StackHPC LVM Logical Volume (LV) configuration.
+
+# StackHPC LVM lv_swap LV size.
+stackhpc_lvm_lv_swap_size: 500m
+
+# StackHPC LVM lv_root LV size.
+stackhpc_lvm_lv_root_size: 4g
+
+# StackHPC LVM lv_tmp LV size.
+stackhpc_lvm_lv_tmp_size: 8g
+
+# StackHPC LVM lv_var LV size.
+stackhpc_lvm_lv_var_size: 2g
+
+# StackHPC LVM lv_var_tmp LV size.
+stackhpc_lvm_lv_var_tmp_size: 8g
+
+# StackHPC LVM lv_log LV size.
+stackhpc_lvm_lv_log_size: 2g
+
+# StackHPC LVM lv_audit LV size.
+stackhpc_lvm_lv_audit_size: 250m
+
+# StackHPC LVM lv_home LV size.
+stackhpc_lvm_lv_home_size: 5g
+
+# StackHPC LVM lv_docker LV size.
+stackhpc_lvm_lv_docker_size: 60%FREE
diff --git a/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/network-interfaces b/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/network-interfaces
@@ -3,9 +3,9 @@
 # Network interface definitions for the controller group.
 
 # Controller interface on all-in-one network.
-aio_interface: breth1
+aio_interface: ens3
 # Use dummy1 if it exists, otherwise the bridge will have no ports.
-aio_bridge_ports: "{{ ['dummy1'] if 'dummy1' in hostvars[inventory_hostname].ansible_facts else [] }}"
+# aio_bridge_ports: "{{ ['dummy1'] if 'dummy1' in hostvars[inventory_hostname].ansible_facts else [] }}"
 
 ###############################################################################
 # Dummy variable to allow Ansible to accept this file.

diff --git a/terraform/host-image-builder/README.rst b/terraform/host-image-builder/README.rst
@@ -0,0 +1,191 @@
+==========================
+Terraform All in one (aio)
+==========================
+
+This Terraform configuration deploys a single VM on an OpenStack cloud, to be
+used as an all-in-one Kayobe test environment.
+
+This configuration is used in the GitHub Actions all-in-one.yml workflow for CI
+testing.
+
+Usage
+=====
+
+These instructions show how to use this Terraform configuration manually. They
+assume you are running an Ubuntu host that will be used to run Terraform. The
+machine should have network access to the VM that will be created by this
+configuration.
+
+Install Terraform:
+
+.. code-block:: console
+
+   wget -qO - terraform.gpg https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/terraform-archive-keyring.gpg
+   sudo echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/terraform-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/terraform.list
+   sudo apt update
+   sudo apt install docker.io terraform
+
+Clone and initialise the Kayobe config:
+
+.. code-block:: console
+
+   git clone https://github.com/stackhpc/stackhpc-kayobe-config
+   cd stackhpc-kayobe-config
+   git submodule init
+   git submodule update
+
+Change to the terraform/aio directory:
+
+.. code-block:: console
+
+   cd terraform/aio
+
+Initialise Terraform:
+
+.. code-block:: console
+
+   terraform init
+
+Generate an SSH keypair:
+
+.. code-block:: console
+
+   ssh-keygen -f id_rsa -N ''
+
+Create an OpenStack clouds.yaml file with your credentials to access an
+OpenStack cloud. Alternatively, download one from Horizon.
+
+.. code-block:: console
+
+   cat << EOF > clouds.yaml
+   ---
+   clouds:
+     sms-lab:
+       auth:
+         auth_url: https://api.sms-lab.cloud:5000
+         username: <username>
+         project_name: <project>
+         domain_name: default
+       interface: public
+   EOF
+
+Export environment variables to use the correct cloud and provide a password:
+
+.. code-block:: console
+
+   export OS_CLOUD=sms-lab
+   read -p OS_PASSWORD -s OS_PASSWORD
+   export OS_PASSWORD
+
+Generate Terraform variables:
+
+.. code-block:: console
+
+   cat << EOF > terraform.tfvars
+   ssh_public_key = "id_rsa.pub"
+   aio_vm_name = "kayobe-aio"
+   aio_vm_image = "overcloud-centos-8-stream-yoga-20230525T095243"
+   aio_vm_flavor = "general.v1.medium"
+   aio_vm_network = "stackhpc-ipv4-geneve"
+   aio_vm_subnet = "stackhpc-ipv4-geneve-subnet"
+   EOF
+
+Generate a plan:
+
+.. code-block:: console
+
+   terraform plan
+
+Apply the changes:
+
+.. code-block:: console
+
+   terraform apply -auto-approve
+
+Write Terraform outputs to a Kayobe config file:
+
+.. code-block:: console
+
+   terraform output -json > ../../etc/kayobe/environments/$KAYOBE_ENVIRONMENT/tf-outputs.yml
+
+Change to the repository root:
+
+.. code-block:: console
+
+   cd ../../
+
+Write Terraform network config:
+
+.. code-block:: console
+
+   cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/tf-networks.yml
+
+   admin_oc_net_name: admin
+   admin_cidr: "{{ access_cidr.value }}"
+   admin_allocation_pool_start: 0.0.0.0
+   admin_allocation_pool_end: 0.0.0.0
+   admin_gateway: "{{ access_gw.value }}"
+   admin_bootproto: dhcp
+   admin_ips:
+     controller0: "{{ access_ip_v4.value }}"
+   EOF
+
+Write Terraform network interface config:
+
+.. code-block:: console
+
+   cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/controllers/tf-network-interfaces
+   admin_interface: "{{ access_interface.value }}"
+   EOF
+
+Build a Kayobe image:
+
+.. code-block:: console
+
+   sudo DOCKER_BUILDKIT=1 docker build --file .automation/docker/kayobe/Dockerfile --tag kayobe:latest .
+
+Use the ci-aio environment:
+
+.. code-block:: console
+
+   export KAYOBE_ENVIRONMENT=ci-aio
+
+Set the Kayobe Vault password env var:
+
+.. code-block:: console
+
+   read -p KAYOBE_VAULT_PASSWORD -s KAYOBE_VAULT_PASSWORD
+   export KAYOBE_VAULT_PASSWORD
+
+Set the Kayobe SSH private key env var:
+
+.. code-block:: console
+
+   export KAYOBE_AUTOMATION_SSH_PRIVATE_KEY=$(cat terraform/aio/id_rsa)
+
+Host configure:
+
+.. code-block:: console
+
+   sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-host-configure.sh
+
+Service deploy:
+
+.. code-block:: console
+
+   sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-service-deploy.sh
+
+Configure aio resources:
+
+.. code-block:: console
+
+   sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/configure-aio-resources.yml
+
+Run Tempest:
+
+.. code-block:: console
+
+   mkdir -p tempest-artifacts
+   sudo -E docker run -it --rm -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config -v $(pwd)/tempest-artifacts:/stack/tempest-artifacts -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY kayobe:latest /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/tempest.sh -e ansible_user=stack
+
+Tempest results are in tempest-artifacts.
diff --git a/terraform/host-image-builder/outputs.tf b/terraform/host-image-builder/outputs.tf
@@ -0,0 +1,15 @@
+output "access_ip_v4" {
+  value = openstack_compute_instance_v2.kayobe-host-image-builder.access_ip_v4
+}
+
+output "access_cidr" {
+  value = data.openstack_networking_subnet_v2.network.cidr
+}
+
+output "access_gw" {
+  value = data.openstack_networking_subnet_v2.network.gateway_ip
+}
+
+output "access_interface" {
+  value = var.host_image_builder_interface
+}
diff --git a/terraform/host-image-builder/provider.tf b/terraform/host-image-builder/provider.tf
@@ -0,0 +1,14 @@
+#provider "openstack" {
+# use environment variables
+#}
+
+terraform {
+  required_version = ">= 0.14"
+  backend "local" {
+  }
+  required_providers {
+    openstack = {
+      source = "terraform-provider-openstack/openstack"
+    }
+  }
+}
diff --git a/terraform/host-image-builder/templates/userdata.cfg.tpl b/terraform/host-image-builder/templates/userdata.cfg.tpl
@@ -0,0 +1,21 @@
+#cloud-config
+# Don't automatically mount ephemeral disk
+mounts:
+  - [/dev/vdb, null]
+# WORKAROUND: internal DNS missing from SMS lab.
+runcmd:
+  - 'echo "10.0.0.34 pelican pelican.service.compute.sms-lab.cloud" >> /etc/hosts'
+  - 'echo "10.205.3.187 pulp-server pulp-server.internal.sms-cloud" >> /etc/hosts'
+# Configure SSH keys here, to avoid creating an ephemeral keypair.
+# This means only the instance needs to be cleaned up if the destroy fails.
+ssh_authorized_keys:
+  - ${ssh_public_key}
+
+write_files:
+  # WORKAROUND: https://bugs.launchpad.net/kolla-ansible/+bug/1995409
+  - content: |
+      #!/bin/bash
+      docker exec openvswitch_vswitchd ovs-vsctl "$@"
+    owner: root:root
+    path: /usr/bin/ovs-vsctl
+    permissions: '0755'
diff --git a/terraform/host-image-builder/terraform.tfvars b/terraform/host-image-builder/terraform.tfvars
@@ -0,0 +1,9 @@
+ssh_public_key = "id_rsa.pub"
+ssh_username = "cloud-user"
+host_image_builder_name = "skc-ci-host-image-builder"
+host_image_builder_image = "overcloud-rocky-9-yoga-20240124T094316"
+host_image_builder_flavor = "en1.medium"
+host_image_builder_network = "stackhpc-ci"
+host_image_builder_subnet = "stackhpc-ci"
+host_image_builder_tags = ["skc-ci-host-image-builder", "alex-testo"]
+host_image_builder_interface = "ens3"