From: Bartek Grzybowski Date: Mon, 20 Jan 2020 10:40:26 +0000 (+0000) Subject: Merge "Add robot config at onap install" X-Git-Tag: 6.0.0-ONAP~53 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=694656b0fd93183b99a1065dd9dafaf367e14552;hp=fd2a5066ec0a3f13fb52b6d0bb2fb84e52dc31a8;p=oom%2Foffline-installer.git Merge "Add robot config at onap install" --- diff --git a/ansible/roles/application/tasks/transfer-helm-charts.yml b/ansible/roles/application/tasks/transfer-helm-charts.yml index 5e4240b6..56c95cc4 100644 --- a/ansible/roles/application/tasks/transfer-helm-charts.yml +++ b/ansible/roles/application/tasks/transfer-helm-charts.yml @@ -3,9 +3,12 @@ - name: Distribute helm charts to infra node block: - name: Archive helm charts - archive: - path: "{{ app_helm_charts_install_directory }}/*" - dest: "{{ app_helm_charts_install_directory }}.tgz" + command: tar -cvzf {{ app_helm_charts_install_directory }}.tgz -C {{ app_helm_charts_install_directory }} . + args: + warn: false + tags: + - skip_ansible_lint # Prevent '[303] tar used in place of unarchive module' + changed_when: false # for idempotency delegate_to: localhost - name: Create helm charts dir on infra file: diff --git a/ansible/roles/rke/defaults/main.yml b/ansible/roles/rke/defaults/main.yml index 71c0c622..1077ee80 100644 --- a/ansible/roles/rke/defaults/main.yml +++ b/ansible/roles/rke/defaults/main.yml @@ -3,6 +3,10 @@ rke_binary: rke_linux-amd64 rke_username: rke rke_bin_dir: /usr/local/bin kube_config_dir: "{{ ansible_env.HOME }}/.kube" +kubernetes_config_dir: "/etc/kubernetes" +kubelet: + static_config: "kubelet-static-config.yml" + runtime_request_timeout: "2m0s" cluster_config_dir: "{{ app_data_path }}/cluster" # Whether dashboard is exposed. rke_dashboard_exposed: true diff --git a/ansible/roles/rke/molecule/default/group_vars b/ansible/roles/rke/molecule/default/group_vars new file mode 120000 index 00000000..e04e088f --- /dev/null +++ b/ansible/roles/rke/molecule/default/group_vars @@ -0,0 +1 @@ +../../../../group_vars/ \ No newline at end of file diff --git a/ansible/roles/rke/molecule/default/molecule.yml b/ansible/roles/rke/molecule/default/molecule.yml index 6ae613a9..3078c115 100644 --- a/ansible/roles/rke/molecule/default/molecule.yml +++ b/ansible/roles/rke/molecule/default/molecule.yml @@ -44,32 +44,11 @@ platforms: - name: rke purge_networks: true - - name: kubernetes-node-2 - image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} - pre_build_image: true - privileged: true - override_command: false - restart_policy: unless-stopped - env: - container: docker - volumes: - - /var/lib/kubelet - - /var/lib/docker - groups: - - kubernetes - - kubernetes-node - networks: - - name: rke - purge_networks: true - provisioner: name: ansible env: ANSIBLE_ROLES_PATH: ../../../../test/roles ANSIBLE_LIBRARY: ../../../../library - inventory: - links: - group_vars: ../../../../group_vars options: e: "app_data_path=/opt/onap" lint: diff --git a/ansible/roles/rke/molecule/default/playbook.yml b/ansible/roles/rke/molecule/default/playbook.yml index 33345ed9..8db7aef5 100644 --- a/ansible/roles/rke/molecule/default/playbook.yml +++ b/ansible/roles/rke/molecule/default/playbook.yml @@ -6,6 +6,13 @@ set_fact: cluster_ip: "{{ ansible_default_ipv4.address }}" +- name: Configure etcd (RKE) + hosts: kubernetes-etcd + roles: + - role: rke + vars: + mode: etcd + - name: Configure kubernetes cluster (RKE) hosts: infrastructure roles: diff --git a/ansible/roles/rke/molecule/default/tests/test_infrastructure.py b/ansible/roles/rke/molecule/default/tests/test_infrastructure.py index 9ba11d6e..731f38bf 100644 --- a/ansible/roles/rke/molecule/default/tests/test_infrastructure.py +++ b/ansible/roles/rke/molecule/default/tests/test_infrastructure.py @@ -52,5 +52,5 @@ def test_pods_ready(host): 'metadata']['ownerReferences'][0]['kind'] == 'Job': continue assert host.run( - 'kubectl wait --timeout=120s --for=condition=' + condition + ' -n ' + + 'kubectl wait --timeout=240s --for=condition=' + condition + ' -n ' + namespace + ' pods/' + podname).rc == 0 diff --git a/ansible/roles/rke/molecule/etcd_storage/group_vars b/ansible/roles/rke/molecule/etcd_storage/group_vars new file mode 120000 index 00000000..e04e088f --- /dev/null +++ b/ansible/roles/rke/molecule/etcd_storage/group_vars @@ -0,0 +1 @@ +../../../../group_vars/ \ No newline at end of file diff --git a/ansible/roles/rke/molecule/etcd_storage/molecule.yml b/ansible/roles/rke/molecule/etcd_storage/molecule.yml new file mode 100644 index 00000000..3c915284 --- /dev/null +++ b/ansible/roles/rke/molecule/etcd_storage/molecule.yml @@ -0,0 +1,74 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + volumes: + - /var/lib/kubelet + - /var/lib/docker + env: + container: docker + groups: + - infrastructure + - kubernetes-etcd + - kubernetes-control-plane + - kubernetes + networks: + - name: rke + purge_networks: true + + - name: kubernetes-node-1 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + env: + container: docker + volumes: + - /var/lib/kubelet + - /var/lib/docker + groups: + - kubernetes + - kubernetes-node + networks: + - name: rke + purge_networks: true + +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + inventory: + group_vars: + all: + rke_etcd: + enabled_custom_etcd_storage: false + storage_path: /var/lib/etcd-custom + storage_mountpoint: /var/lib/rancher/etcd-custom + enabled_unsafe_volatile_storage: true + tmpfs_size: 5G + playbooks: + prepare: ../default/prepare.yml + converge: ../default/playbook.yml + destroy: ../default/destroy.yml + options: + e: "app_data_path=/opt/onap" + lint: + name: ansible-lint +scenario: + name: etcd_storage +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/roles/rke/tasks/rke_node.yml b/ansible/roles/rke/tasks/rke_node.yml index 9ec9f073..2f59b18a 100644 --- a/ansible/roles/rke/tasks/rke_node.yml +++ b/ansible/roles/rke/tasks/rke_node.yml @@ -9,3 +9,14 @@ authorized_key: user: "{{ rke_username }}" key: "{{ hostvars[groups['infrastructure'][0]].cluster_public_key }}" + +- name: "Ensure that '{{ kubernetes_config_dir }}' is present" + file: + path: "{{ kubernetes_config_dir }}" + state: directory + mode: 0755 + +- name: Prepare kubelet static config + template: + src: "kubelet-static-config.yml.j2" + dest: "{{ kubernetes_config_dir }}/{{ kubelet.static_config }}" diff --git a/ansible/roles/rke/templates/cluster.yml.j2 b/ansible/roles/rke/templates/cluster.yml.j2 index 656c1136..53e9a09a 100644 --- a/ansible/roles/rke/templates/cluster.yml.j2 +++ b/ansible/roles/rke/templates/cluster.yml.j2 @@ -67,8 +67,11 @@ services: extra_env: [] kubelet: image: "" - extra_args: {} - extra_binds: [] + extra_args: + dynamic-config-dir: "/kubelet-dynamic-config-dir" + config: "/kubelet-static-config.yml" + extra_binds: + - "{{ kubernetes_config_dir }}/{{ kubelet.static_config }}:/kubelet-static-config.yml:ro" extra_env: [] cluster_domain: cluster.local infra_container_image: "" diff --git a/ansible/roles/rke/templates/kubelet-static-config.yml.j2 b/ansible/roles/rke/templates/kubelet-static-config.yml.j2 new file mode 100644 index 00000000..71c2854d --- /dev/null +++ b/ansible/roles/rke/templates/kubelet-static-config.yml.j2 @@ -0,0 +1,3 @@ +apiVersion: kubelet.config.k8s.io/v1beta1 +kind: KubeletConfiguration +runtimeRequestTimeout: "{{ kubelet.runtime_request_timeout }}" diff --git a/ansible/test/bin/ci-molecule.sh b/ansible/test/bin/ci-molecule.sh index 7859c8dc..74296815 100755 --- a/ansible/test/bin/ci-molecule.sh +++ b/ansible/test/bin/ci-molecule.sh @@ -2,7 +2,7 @@ # COPYRIGHT NOTICE STARTS HERE -# Copyright 2019 © Samsung Electronics Co., Ltd. +# Copyright 2019-2020 © Samsung Electronics Co., Ltd. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,8 +19,8 @@ # COPYRIGHT NOTICE ENDS HERE # -# This is a main wrapper script to run Molecule tests -# Main usage is for the CI usage to keep interface stable and the way to call +# This is a main wrapper script to run Molecule tests. +# Main usage is for the CI to keep interface stable and the way to call # Molecule can be adjusted in this script independently. # @@ -40,7 +40,6 @@ if [ "${MOLECULE_CONTAINER}" == "true" ]; then echo "Build Molecule-dev docker container" ${LOCAL_PATH}/../molecule-docker/build.sh MOLECULE_BINARY=${LOCAL_PATH}/../bin/molecule.sh - else # Install Molecule natively in the target platform echo "Install Molecule with virtualenv" source ${LOCAL_PATH}/../bin/install-molecule.sh @@ -50,5 +49,5 @@ fi cd ${ROLE_PATH} ${MOLECULE_BINARY} --version ${MOLECULE_BINARY} test --all +docker volume prune --force cd - - diff --git a/ansible/test/play-infrastructure/molecule/default/vars.yml b/ansible/test/play-infrastructure/molecule/default/vars.yml index 8aa774b4..2ae49d95 100644 --- a/ansible/test/play-infrastructure/molecule/default/vars.yml +++ b/ansible/test/play-infrastructure/molecule/default/vars.yml @@ -1,5 +1,4 @@ --- -vnc_passwd: molecule certificates: organization_name: Molecule Testers state_or_province_name: Finland @@ -22,3 +21,4 @@ runtime_images: registry: "{{ molecule_test_registry }}" path: "/library/alpine" tag: "latest" +vnc_server_image: alpine:latest diff --git a/ansible/test/play-rke/.yamllint b/ansible/test/play-rke/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/test/play-rke/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/test/play-rke/molecule/default/molecule.yml b/ansible/test/play-rke/molecule/default/molecule.yml new file mode 100644 index 00000000..b7e71bf5 --- /dev/null +++ b/ansible/test/play-rke/molecule/default/molecule.yml @@ -0,0 +1,55 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + volumes: + - /var/lib/docker + - /var/lib/kubelet + groups: + - infrastructure + - kubernetes-etcd + - kubernetes-control-plane + - kubernetes + networks: + - name: rke + purge_networks: true + + - name: kubernetes-node-1 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + volumes: + - /var/lib/docker + - /var/lib/kubelet + groups: + - kubernetes + - kubernetes-node + networks: + - name: rke + purge_networks: true + +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + lint: + name: ansible-lint +scenario: + name: default +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/test/play-rke/molecule/default/playbook.yml b/ansible/test/play-rke/molecule/default/playbook.yml new file mode 100644 index 00000000..aa2e0df2 --- /dev/null +++ b/ansible/test/play-rke/molecule/default/playbook.yml @@ -0,0 +1,11 @@ +--- +- name: Initialize + hosts: all + tasks: + - name: Set cluster_ip fact + set_fact: + cluster_ip: "{{ ansible_default_ipv4.address }}" + - name: Include variables + include_vars: vars.yml + +- import_playbook: ../../../../rke.yml diff --git a/ansible/test/play-rke/molecule/default/prepare.yml b/ansible/test/play-rke/molecule/default/prepare.yml new file mode 100644 index 00000000..ad6f0495 --- /dev/null +++ b/ansible/test/play-rke/molecule/default/prepare.yml @@ -0,0 +1,22 @@ +--- +- name: Prepare for all + hosts: all + roles: + - prepare-docker-dind + - role: prepare-rke + vars: + mode: all + +- name: Prepare infra + hosts: infrastructure + pre_tasks: + - name: Include infrastructure group variables + include_vars: ../../../../group_vars/infrastructure.yml + roles: + - role: prepare-rke + vars: + mode: infra + - prepare-kubectl + - prepare-helm + vars_files: + vars.yml diff --git a/ansible/test/play-rke/molecule/default/vars.yml b/ansible/test/play-rke/molecule/default/vars.yml new file mode 100644 index 00000000..fa5b60e3 --- /dev/null +++ b/ansible/test/play-rke/molecule/default/vars.yml @@ -0,0 +1,3 @@ +--- +app_name: moleculeapp +app_data_path: "/opt/{{ app_name }}" diff --git a/build/data_lists/additional_packages.list b/build/data_lists/additional_packages.list new file mode 100644 index 00000000..98d1dda1 --- /dev/null +++ b/build/data_lists/additional_packages.list @@ -0,0 +1,2 @@ +jq +screen diff --git a/docs/InstallGuide.rst b/docs/InstallGuide.rst index 1f4514fa..4bd65fac 100644 --- a/docs/InstallGuide.rst +++ b/docs/InstallGuide.rst @@ -39,7 +39,7 @@ The four nodes/VMs will be running these services: - kubernetes-etcd - kubernetes-control-plane -**NOTE:** kubernetes-* roles can be collocated directly with kubernetes nodes and not necessarily on infra node. +**NOTE:** kubernetes-* roles can be collocated directly with kubernetes nodes and not necessarily on infra node. - **kubernetes node 1-3**:: @@ -52,7 +52,7 @@ You don't need to care about these services now - that is the responsibility of Kubernetes cluster overview ^^^^^^^^^^^^^^^^^^^^^^^^^^^ -In El Alto we are using RKE as k8s orchestrator method, however everyone is free to diverge from this example and can set it up in own way omitting our rke playbook execution. +In El Alto we are using RKE as k8s orchestrator method, however everyone is free to diverge from this example and can set it up in own way omitting our rke playbook execution. =================== ================== ==================== ============== ============ =============== KUBERNETES NODE OS NETWORK CPU RAM STORAGE @@ -461,6 +461,13 @@ Once all pods are properly deployed and in running state, one can verify functio $ cd //helm_charts/robot $ ./ete-k8s.sh onap health +For better work with terminal screen and jq packages were added . It can be installed from resources directory. + +Screen is a terminal multiplexer. With screen it is possible to have more terminal instances active. Screen as well keeps active SSH connections even terminal is closed. + +Jq can be used for editing json data format as output of kubectl. For example jq was used to troubleshoot `SDNC-739 (UEB - Listener in Crashloopback) `_ :: + + $ kubectl -n onap get job onap-sdc-sdc-be-config-backend -o json | jq "del(.spec.selector)" | jq "del(.spec.template.metadata.labels)" | kubectl -n onap replace --force -f - -----