diff options
Diffstat (limited to 'ansible')
149 files changed, 4685 insertions, 337 deletions
diff --git a/ansible/multi_port_baremetal_ixia_correlated_test.yaml b/ansible/baremetal_scale_out_ixia_correlated_test.yaml index ba92b5cd3..13f6fef15 100644 --- a/ansible/multi_port_baremetal_ixia_correlated_test.yaml +++ b/ansible/baremetal_scale_out_ixia_correlated_test.yaml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. # +# Copyright (c) 2018 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -42,7 +42,6 @@ lib_path: "/opt/ixia/ixos-api/8.01.0.2/lib/ixTcl1.0" root_dir: "/opt/ixia/ixos-api/8.01.0.2/" py_bin_path: "/opt/ixia/ixload/8.01.106.3/bin/" - py_lib_path: "/opt/ixia/ixnetwork/8.01.1029.14/lib/PythonApi" dut_result_dir: "/mnt/results" version: "8.01.106.3" pcis: @@ -113,6 +112,7 @@ ip: mgmt: - '1.2.1.6/24' + - '1.2.1.7/24' uplink: - '152.16.100.10/24' - '172.16.100.10/24' @@ -128,6 +128,6 @@ - '00:00:00:9e:00:fb' tasks: - - include: multi_port_baremetal_ixia_correlated_test_templates.yml + - include: baremetal_scale_out_ixia_correlated_test_templates.yml with_items: "{{ scale_out }}" diff --git a/ansible/multi_port_baremetal_ixia_correlated_test_templates.yml b/ansible/baremetal_scale_out_ixia_correlated_test_templates.yml index 6f73d8c01..11d3d4674 100644 --- a/ansible/multi_port_baremetal_ixia_correlated_test_templates.yml +++ b/ansible/baremetal_scale_out_ixia_correlated_test_templates.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. # +# Copyright (c) 2018 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -15,6 +15,10 @@ - set_fact: num_vnfs: "{{ item }}" +- file: + path: /etc/yardstick/nodes + state: directory + - debug: var: num_vnfs verbosity: 2 @@ -24,33 +28,33 @@ dest: ../samples/vnf_samples/traffic_profiles/ipv4_throughput-ixia-{{ num_vnfs }}.yaml - template: - src: ../etc/yardstick/nodes/standalone/ixia_template.yaml - dest: /etc/yardstick/nodes/ixia_{{ num_vnfs }}.yaml + src: ../etc/yardstick/nodes/standalone/ixia_correlated_template.yaml + dest: /etc/yardstick/nodes/ixia_correlated_{{ num_vnfs }}.yaml - template: - src: ../etc/yardstick/nodes/standalone/pod_bm_vnf.yaml + src: ../etc/yardstick/nodes/standalone/pod_bm_vnf_scale_out.yaml dest: /etc/yardstick/nodes/pod_bm_vnf_{{num_vnfs}}.yaml - template: - src: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_udp_ixia_correlated_multi_port_template.yaml - dest: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_udp_ixia_correlated_multi_port_{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_udp_ixia_correlated_scale_out_template.yaml + dest: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_udp_ixia_correlated_scale_out_{{ num_vnfs }}.yaml - template: - src: ../samples/vnf_samples/nsut/vfw/vfw-tg-topology-ixia-correlated-multi-port.yaml - dest: ../samples/vnf_samples/nsut/vfw/vfw-tg-topology-ixia-correlated-multi-port-{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/vfw/vfw-tg-topology-ixia-correlated-scale-out.yaml + dest: ../samples/vnf_samples/nsut/vfw/vfw-tg-topology-ixia-correlated-scale-out-{{ num_vnfs }}.yaml - template: - src: ../samples/vnf_samples/nsut/acl/tc_baremetal_acl_udp_ixia_correlated_multi_port_template.yaml - dest: ../samples/vnf_samples/nsut/acl/tc_baremetal_acl_udp_ixia_correlated_multi_port_{{num_vnfs}}.yaml + src: ../samples/vnf_samples/nsut/acl/tc_baremetal_acl_udp_ixia_correlated_scale_out_template.yaml + dest: ../samples/vnf_samples/nsut/acl/tc_baremetal_acl_udp_ixia_correlated_scale_out_{{num_vnfs}}.yaml - template: - src: ../samples/vnf_samples/nsut/acl/acl-tg-topology-ixia-correlated-multi-port.yaml - dest: ../samples/vnf_samples/nsut/acl/acl-tg-topology-ixia-correlated-multi-port-{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/acl/acl-tg-topology-ixia-correlated-scale-out.yaml + dest: ../samples/vnf_samples/nsut/acl/acl-tg-topology-ixia-correlated-scale-out-{{ num_vnfs }}.yaml - template: - src: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_cgnapt_udp_ixia_correlated_multi_port_template.yaml - dest: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_cgnapt_udp_ixia_correlated_multi_port_{{num_vnfs}}.yaml + src: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_cgnapt_udp_ixia_correlated_scale_out_template.yaml + dest: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_cgnapt_udp_ixia_correlated_scale_out_{{num_vnfs}}.yaml - template: - src: ../samples/vnf_samples/nsut/cgnapt/cgnapt-tg-topology-ixia-correlated-multi-port.yaml - dest: ../samples/vnf_samples/nsut/cgnapt/cgnapt-tg-topology-ixia-correlated-multi-port-{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/cgnapt/cgnapt-tg-topology-ixia-correlated-scale-out.yaml + dest: ../samples/vnf_samples/nsut/cgnapt/cgnapt-tg-topology-ixia-correlated-scale-out-{{ num_vnfs }}.yaml diff --git a/ansible/build_vm.yml b/ansible/build_vm.yml new file mode 100644 index 000000000..9774f9ff5 --- /dev/null +++ b/ansible/build_vm.yml @@ -0,0 +1,44 @@ +- name: Prepare to build VM + hosts: jumphost + become: yes + vars: + img_prop_item: "{{ IMG_PROPERTY }}" + img_arch: "{{ YARD_IMG_ARCH }}" + + tasks: + - name: Include pre-build + include_role: + name: build_yardstick_image + tasks_from: pre_build.yml + when: + - installation_mode != inst_mode_container + + +- name: Build VM in chroot + hosts: chroot_image + connection: chroot + become: yes + vars: + img_property: "{{ IMG_PROPERTY }}" + environment: "{{ proxy_env }}" + + tasks: + - name: Include image build + include_role: + name: build_yardstick_image + tasks_from: "cloudimg_modify_{{ img_property }}.yml" + when: + - installation_mode != inst_mode_container + + +- name: Clear up after VM is built + hosts: jumphost + become: yes + + tasks: + - name: Include post-build + include_role: + name: build_yardstick_image + tasks_from: post_build.yml + when: + - installation_mode != inst_mode_container diff --git a/ansible/build_yardstick_image.yml b/ansible/build_yardstick_image.yml index 7f709873e..495a547bb 100644 --- a/ansible/build_yardstick_image.yml +++ b/ansible/build_yardstick_image.yml @@ -19,17 +19,22 @@ 'amd64': disk1 'arm64': uefi1 boot_mode: "{{ boot_modes[YARD_IMG_ARCH] }}" - image_filename: "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}-{{ boot_mode }}.img" - image_path: "{{ release }}/current/{{ image_filename }}" + image_filename: + 'xenial': "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}-{{ boot_mode }}.img" + 'bionic': "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}.img" + image_path: "{{ release }}/current/{{ image_filename[release] }}" host: "{{ lookup('env', 'HOST')|default('cloud-images.ubuntu.com', true)}}" image_url: "{{ lookup('env', 'IMAGE_URL')|default('https://' ~ host ~ '/' ~ image_path, true) }}" - image_dest: "{{ workspace }}/{{ image_filename }}" + image_dest: "{{ workspace }}/{{ image_filename[release] }}" sha256sums_path: "{{ release }}/current/SHA256SUMS" sha256sums_filename: "{{ sha256sums_path|basename }}" sha256sums_url: "{{ lookup('env', 'SHA256SUMS_URL')|default('https://' ~ host ~ '/' ~ sha256sums_path, true) }}" workspace: "{{ lookup('env', 'workspace')|default('/tmp/workspace/yardstick', true) }}" raw_imgfile_basename: "yardstick-{{ release }}-server.raw" + growpart_package: + RedHat: cloud-utils-growpart + Debian: cloud-guest-utils environment: - PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/bin - "{{ proxy_env }}" @@ -39,6 +44,8 @@ key: image_builder - package: name=parted state=present + - package: name=kpartx state=present + - package: name="{{ growpart_package[ansible_os_family] }}" state=present - set_fact: imgfile: "{{ normal_image_file }}" @@ -54,7 +61,7 @@ - set_fact: raw_imgfile: "{{ workspace }}/{{ raw_imgfile_basename }}" - # cleanup non-lxd + # cleanup non-lxd - name: unmount all old mount points mount: name: "{{ item }}" @@ -69,6 +76,21 @@ command: kpartx -dv "{{ raw_imgfile }}" ignore_errors: true + - name: Debug dump loop devices + command: losetup -a + ignore_errors: true + + - name: delete loop devices for image file + # use this because kpartx -dv will fail if raw_imgfile was delete + # but in theory we could have deleted file still attached to loopback device? + # use grep because of // and awk + shell: losetup -O NAME,BACK-FILE | grep "{{ raw_imgfile_basename }}" | awk '{ print $1 }' | xargs -l1 losetup -v -d + ignore_errors: true + + - name: Debug dump loop devices again + command: losetup -a + ignore_errors: true + - name: delete {{ raw_imgfile }} file: path: "{{ raw_imgfile }}" @@ -99,7 +121,8 @@ command: "qemu-img resize -f raw {{ raw_imgfile }} +2G" - name: resize parition to allow for more VNFs - command: "parted -s -a optimal {{ raw_imgfile }} resizepart 1 100%" + # use growpart because maybe it handles GPT better than parted + command: growpart {{ raw_imgfile }} 1 - name: create mknod devices in chroot command: "mknod -m 0660 /dev/loop{{ item }} b 7 {{ item }}" @@ -109,7 +132,6 @@ tags: mknod_devices - name: find first partition device -# command: kpartx -l "{{ loop_device }}" command: kpartx -l "{{ raw_imgfile }}" register: kpartx_res diff --git a/ansible/clone_repos.yml b/ansible/clone_repos.yml index 6f69b6b15..f35be0016 100644 --- a/ansible/clone_repos.yml +++ b/ansible/clone_repos.yml @@ -17,21 +17,8 @@ YARDSTICK_REPO: "{{ lookup('env', 'YARDSTICK_REPO')|default('https://gerrit.opnfv.org/gerrit/yardstick', true) }}" YARDSTICK_REPO_DIR: "{{ lookup('env', 'YARDSTICK_REPO_DIR')|default('/home/opnfv/repos/yardstick', true) }}" YARDSTICK_BRANCH: "{{ lookup('env', 'YARDSTICK_BRANCH')|default('master', true) }}" - RELENG_REPO: "{{ lookup('env', 'RELENG_REPO')|default('https://gerrit.opnfv.org/gerrit/releng', true) }}" - RELENG_REPO_DIR: "{{ lookup('env', 'RELENG_REPO_DIR')|default('/home/opnfv/repos/releng', true) }}" - RELENG_BRANCH: "{{ lookup('env', 'RELENG_BRANCH')|default('master', true) }}" - tasks: - - name: Updating releng -> "{{ RELENG_BRANCH }}" - git: - repo: "{{ RELENG_REPO }}" - dest: "{{ RELENG_REPO_DIR }}" - version: "{{ RELENG_BRANCH }}" - accept_hostkey: yes - recursive: no - force: yes - - name: Updating yardstick -> "{{ YARDSTICK_BRANCH }}" git: repo: "{{ YARDSTICK_REPO }}" diff --git a/ansible/deploy_kube.yml b/ansible/deploy_kube.yml new file mode 100644 index 000000000..b71e7dc7c --- /dev/null +++ b/ansible/deploy_kube.yml @@ -0,0 +1,28 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- hosts: master + become: yes + environment: "{{ proxy_env }}" + roles: + - set_package_installer_proxy + - install_dependencies_kubernetes + - docker + - install_go + - install_kube + - build_cni + - role: download_dpdk + dpdk_version: "17.02.1" + - install_dpdk + - init_kubeadm diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 359968277..e94d24023 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,9 +1,25 @@ ---
target_os: "Ubuntu"
-YARD_IMG_ARCH: "amd64"
+YARD_IMG_ARCH: "{{ YARD_IMAGE_ARCH | default('amd64') }}"
+IMG_PROPERTY: "{{ IMAGE_PROPERTY | default('normal') }}"
clone_dest: /opt/tempT
-release: xenial
+release: "{{ OS_RELEASE | default('xenial') }}"
normal_image_file: "{{ workspace }}/yardstick-image.img"
nsb_image_file: "{{ workspace }}/yardstick-nsb-image.img"
ubuntu_image_file: /tmp/workspace/yardstick/yardstick-trusty-server.raw
-proxy_env: {}
+arch_amd64: "amd64"
+arch_arm64: "arm64"
+inst_mode_baremetal: "baremetal"
+inst_mode_container: "container"
+inst_mode_container_pull: "container_pull"
+ubuntu_archive:
+ "amd64": "http://archive.ubuntu.com/ubuntu/"
+ "arm64": "http://ports.ubuntu.com/ubuntu-ports/"
+installation_mode: "{{ INSTALLATION_MODE | default('baremetal') }}"
+yardstick_dir: "{{ YARDSTICK_DIR | default('/home/opnfv/repos/yardstick') }}"
+proxy_env:
+ PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/bin
+ http_proxy: "{{ lookup('env', 'http_proxy') }}"
+ https_proxy: "{{ lookup('env', 'https_proxy') }}"
+ ftp_proxy: "{{ lookup('env', 'ftp_proxy') }}"
+ no_proxy: "{{ lookup('env', 'no_proxy') }}"
diff --git a/ansible/group_vars/master.yml b/ansible/group_vars/master.yml new file mode 100644 index 000000000..f5f703a2f --- /dev/null +++ b/ansible/group_vars/master.yml @@ -0,0 +1,39 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +cni_info: + multus-cni: + repo_url: https://github.com/Intel-Corp/multus-cni + repo_ver: v1.2 + build_script: build + sriov-cni: + repo_url: https://github.com/Intel-Corp/sriov-cni + repo_ver: v0.4.0 + build_script: build + containernetworking-cni: + repo_url: https://github.com/containernetworking/cni + repo_ver: v0.6.0 + build_script: build.sh + containernetworking-plugins: + repo_url: https://github.com/containernetworking/plugins + repo_ver: v0.7.1 + build_script: build.sh +kubeadm_kubernetes_version: 1.9.3 +# Default CIDR defined in kube-flannel.yml +kubeadm_pod_network_cidr: 10.244.0.0/16 +kubelet_cluster_dns_ip: 172.20.0.10 +docker_daemon_config: + bip: 172.10.1.1/16 + fixed-cidr: 172.10.0.0/24 + mtu: 1500 diff --git a/ansible/image_uploaders/upload_yardstick_image.yml b/ansible/image_uploaders/upload_yardstick_image.yml index 9364c52a5..e61e2ab67 100644 --- a/ansible/image_uploaders/upload_yardstick_image.yml +++ b/ansible/image_uploaders/upload_yardstick_image.yml @@ -18,10 +18,9 @@ - get_url: url: "{{ CLOUD_IMG_URL }}" dest: "{{ CLOUD_IMAGE }}" - - - name: Extra cloud image kernel - - unarchive: - asdf: +# +# - name: Extra cloud image kernel +# - unarchive: - os_image: name: yardstick-{{ release }}-kernel diff --git a/ansible/infra_deploy.yml b/ansible/infra_deploy.yml new file mode 100644 index 000000000..4a5716eee --- /dev/null +++ b/ansible/infra_deploy.yml @@ -0,0 +1,50 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- hosts: jumphost + vars: + rs_file: "{{ RS_FILE }}" + clean_up: "{{ CLEAN_UP | default(False) }}" # If True will be delete all VMs, networks, disk images + + tasks: + - set_fact: + proxy_host: "{{ lookup('env', 'http_proxy') | urlsplit('hostname') }}" + proxy_proto: "{{ lookup('env', 'http_proxy') | urlsplit('scheme') }}" + proxy_port: "{{ lookup('env', 'http_proxy') | urlsplit('port') }}" + + - set_fact: + proxy_host_ip: "{{ lookup('dig', proxy_host) }}" + + roles: + - infra_install_dependencies + - infra_destroy_previous_configuration + - infra_check_requirements + - infra_create_network + - infra_create_vms + - infra_prepare_vms + +- hosts: deploy,regular,yardstickG + gather_facts: no + become: yes + + roles: + - infra_rampup_stack_nodes + + +- hosts: deploy + become: yes + environment: "{{ proxy_env }}" + + roles: + - infra_deploy_openstack diff --git a/ansible/install-inventory.ini b/ansible/install-inventory.ini new file mode 100644 index 000000000..07d2c13f4 --- /dev/null +++ b/ansible/install-inventory.ini @@ -0,0 +1,29 @@ +# the group of systems on which to install yardstick +# by default just localhost +[jumphost] +localhost ansible_connection=local + +# section below is only due backward compatibility. +# it will be removed later +[yardstick:children] +jumphost + +[yardstick-baremetal] +# baremetal-node ansible_host=192.168.2.51 ansible_user=ubuntu ansible_ssh_pass=password ansible_connection=ssh + +[yardstick-standalone] +# standalone-node ansible_host=192.168.2.52 ansible_user=ubuntu ansible_ssh_pass=password ansible_connection=ssh + +[all:vars] +# Uncomment credentials below if needed +# ansible_user=root +# ansible_ssh_pass=root +# ansible_ssh_private_key_file=/root/.ssh/id_rsa + +# When IMG_PROPERTY is passed neither normal nor nsb set "path_to_vm=/path/to/image" to add it to OpenStack +# path_to_img=/tmp/workspace/yardstick-image.img + +# List of CPUs to be isolated (not used by default) +# Grub line will be extended with: "isolcpus=<ISOL_CPUS> nohz=on nohz_full=<ISOL_CPUS> rcu_nocbs=1<ISOL_CPUS>" +# ISOL_CPUS=2-27,30-55 # physical cpu's for all NUMA nodes, four cpu's reserved for kernel +# ISOL_CPUS=2-27,58-83 # physical cpu's for first NUMA node, four cpu's reserved for kernel diff --git a/ansible/install.yaml b/ansible/install.yaml new file mode 100644 index 000000000..a78a11f68 --- /dev/null +++ b/ansible/install.yaml @@ -0,0 +1,224 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- hosts: jumphost + become: yes + vars: + virtual_environment: "{{ VIRTUAL_ENVIRONMENT | default(False) }}" + nsb_dir: "{{ NSB_DIR | default('/opt/nsb_bin/') }}" + + pre_tasks: + + - name: Create NSB binaries directory, accessible to any user + file: + path: "{{ nsb_dir }}" + state: directory + owner: root + mode: 0777 + when: + - installation_mode != inst_mode_container_pull + + roles: + - add_repos_jumphost + - install_dependencies_jumphost + - { role: install_yardstick, when: installation_mode != inst_mode_container_pull } + - { role: configure_uwsgi, when: installation_mode != inst_mode_container_pull } + - { role: configure_nginx, when: installation_mode != inst_mode_container_pull } + - { role: configure_gui, when: installation_mode != inst_mode_container_pull } + - { role: download_trex, when: installation_mode != inst_mode_container_pull } + - { role: install_trex, when: installation_mode != inst_mode_container_pull } + - role: configure_rabbitmq + install_mode: "{{ installation_mode }}" + + + post_tasks: + + - service: + name: nginx + state: restarted + when: installation_mode == inst_mode_baremetal + + - shell: uwsgi -i /etc/yardstick/yardstick.ini + when: installation_mode == inst_mode_baremetal + + +- name: Prepare baremetal and standalone servers + hosts: yardstick-baremetal,yardstick-standalone + become: yes + vars_files: + - roles/download_dpdk/defaults/main.yml + environment: "{{ proxy_env }}" + + roles: + - add_custom_repos + - role: set_package_installer_proxy + when: proxy_env is defined and proxy_env + # can't update grub in chroot/docker + - enable_hugepages_on_boot + - enable_iommu_on_boot + - enable_cpu_isolation_on_boot + # needed for collectd plugins + - increase_open_file_limits + - install_image_dependencies + - role: download_dpdk + dpdk_version: "{{ dpdk_version_for_PROX }}" + - role: install_dpdk + dpdk_version: "{{ dpdk_version_for_PROX }}" + - download_samplevnfs + - role: install_samplevnf + vnf_name: PROX + - download_dpdk + - install_dpdk + - download_trex + - install_trex + - download_civetweb + - install_civetweb + - role: install_samplevnf + vnf_name: UDP_Replay + - role: install_samplevnf + vnf_name: ACL + - role: install_samplevnf + vnf_name: FW + - role: install_samplevnf + vnf_name: CGNAPT + # build shared DPDK for collectd only, required DPDK downloaded already + - install_dpdk_shared + - install_rabbitmq + - download_intel_cmt_cat + - install_intel_cmt_cat + - download_pmu_tools + - install_pmu_tools + - download_collectd + - install_collectd + - docker + - barometer_collectd + +- name: Prepare to build VM + hosts: yardstick-standalone + become: yes + vars: + img_prop_item: "{{ IMG_PROPERTY }}" + img_arch: "{{ YARD_IMG_ARCH }}" + environment: "{{ proxy_env }}" + + tasks: + - file: + dest: /tmp/ansible + state: directory + mode: 0755 + + - name: Copy ansible folder to remote DUT + copy: + src: "." + dest: /tmp/ansible + + - name: Install DUT related packages + apt: + name: "{{ packages }}" + vars: + packages: + - qemu-kvm + - libvirt-bin + - bridge-utils + - fping + - genisoimage + + # There is a bug with the easy install ansible module in Ubuntu 16.04 linux. + # Refer https://github.com/ansible/ansible/issues/23534 + - name: Install pip + shell: easy_install -U pip + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int <= 16 + + - name: Install python-pip + action: "{{ ansible_pkg_mgr }} name=python-pip state=present" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 17 + + - name: Update pip ansible docker + pip: + name: "ansible==2.5.5" + + # This is used as workaround as ansible doesn't support chroot on remote server + - name: Run ansible on remote + shell: "ansible-playbook -e OS_RELEASE={{ OS_RELEASE }} -e IMAGE_PROPERTY={{ IMAGE_PROPERTY }} -e YARD_IMAGE_ARCH={{ YARD_IMAGE_ARCH }} -i install-inventory.ini build_vm.yml -vv" + args: + chdir: "/tmp/ansible" + + +- name: Add OpenStack variables, image + hosts: jumphost + vars: + openrc_flag: false + vars_files: + - yardstick_config.yml + + pre_tasks: + - name: Get information about external VM image + stat: + path: "{{ path_to_img }}" + register: image_file_stat + when: + - path_to_img is defined + - imgfile is not defined + + - set_fact: + imgfile: "{{ path_to_img }}" + when: + - path_to_img is defined + - imgfile is not defined + - image_file_stat.stat.islnk is defined + - not image_file_stat.stat.islnk + + - set_fact: + openrc_flag: true + when: + - openrc_file is defined + - imgfile is defined + + roles: + - { role: convert_openrc, when: openrc_file is defined } + - { role: clean_images, when: openrc_flag } + - { role: clean_flavors, when: openrc_flag } + - { role: create_samplevnfs_image, when: openrc_flag } + environment: + "{{ openrc | default({}) }}" + + +- name: Start yardstick container on jumphost + hosts: jumphost + + tasks: + - name: Install docker needed to pull Yardstick container + include_role: + name: docker + when: installation_mode == inst_mode_container_pull + + - name: Start yardstick container + docker_container: + name: yardstick + pull: yes + recreate: yes + image: "{{ yardstick_docker_image|default('opnfv/yardstick:latest') }}" + state: started + restart_policy: always + privileged: yes + interactive: yes + volumes: + - "{{ openrc_file|default('/dev/null') }}:/etc/yardstick/openstack.creds:ro" + - /var/run/docker.sock:/var/run/docker.sock + - /etc/localtime:/etc/localtime:ro + when: installation_mode == inst_mode_container_pull diff --git a/ansible/install_trex_standalone.yml b/ansible/install_trex_standalone.yml deleted file mode 100644 index 9cf64142b..000000000 --- a/ansible/install_trex_standalone.yml +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright (c) 2017 Intel Corporation. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---- -- hosts: yardstick - vars: - ansible_python_interpreter: "/usr/bin/env python" - # needed for virtualenv - NSB_INSTALL_DIR: /root/nsb_install - INSTALL_BIN_PATH: /opt/nsb_bin - #TREX_DOWNLOAD: "https://trex-tgn.cisco.com/trex/release/v2.05.tar.gz" - TREX_VERSION: v2.20 - TREX_DOWNLOAD: "https://trex-tgn.cisco.com/trex/release/{{ TREX_VERSION }}.tar.gz" - - tasks: - - get_url: - url: "{{ TREX_DOWNLOAD }}" - dest: "{{ NSB_INSTALL_DIR }}" - checksum: "sha256:b9620341e552d2ef71d5ffa39ef92f12a1186836c250390db77bd7228497b91c" - - - unarchive: - src: "{{ NSB_INSTALL_DIR }}/{{ TREX_DOWNLOAD|basename }}" - dest: "{{ NSB_INSTALL_DIR }}" - copy: no - - - file: path="{{ INSTALL_BIN_PATH }}/trex" state=absent - - file: path="{{ INSTALL_BIN_PATH }}/trex" state=directory - - - command: mv "{{ NSB_INSTALL_DIR }}/{{ TREX_DOWNLOAD|basename|regex_replace('\.tar.gz', '') }}" "{{ INSTALL_BIN_PATH }}/trex/scripts" - - - file: path="{{ INSTALL_BIN_PATH }}/trex/scripts/automation/trex_control_plane/stl/__init__.py" state=touch - - - command: cp "{{ INSTALL_BIN_PATH }}/trex/scripts/dpdk_nic_bind.py" "{{ INSTALL_BIN_PATH }}" - - - name: add scripts to PYTHONPATH - lineinfile: - dest: /etc/environment - regexp: "^PYTHONPATH=" - line: "PYTHONPATH={{ INSTALL_BIN_PATH }}/trex/scripts/automation/trex_control_plane:{{ INSTALL_BIN_PATH }}/trex/scripts/automation/trex_control_plane/stl:{{ NSB_INSTALL_DIR }}/yardstick" - state: present - create: yes diff --git a/ansible/kube-inventory.ini b/ansible/kube-inventory.ini new file mode 100644 index 000000000..ff11b391d --- /dev/null +++ b/ansible/kube-inventory.ini @@ -0,0 +1,6 @@ +[master] +kube-master ansible_host=192.168.1.155 + +[master:vars] +ansible_user=ubuntu +ansible_ssh_private_key_file=ubuntu.key diff --git a/ansible/library/fetch_url_and_verify.py b/ansible/library/fetch_url_and_verify.py index 6c5c0a8c2..13e8608b2 100644 --- a/ansible/library/fetch_url_and_verify.py +++ b/ansible/library/fetch_url_and_verify.py @@ -13,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +# pylint: disable-all + DOCUMENTATION = ''' --- module: fetch_url_and_verify @@ -42,6 +44,7 @@ def main(): dest = params['dest'] sha256url = params['sha256url'] retries = params['retries'] + sha256line = '' image_dir, image_filename = os.path.split(dest) rc, stdout, stderr = module.run_command(['curl', '-sS', sha256url]) @@ -59,7 +62,7 @@ def main(): module.exit_json(changed=False, dest=dest, url=url, sha256sum=sha256sum) - for retry in range(retries): + for _ in range(retries): curl_rc, stdout, stderr = module.run_command( ['curl', '-sS', '-o', dest, url], cwd=image_dir) if curl_rc == 0: @@ -74,7 +77,7 @@ def main(): # <<INCLUDE_ANSIBLE_MODULE_COMMON>> -from ansible.module_utils.basic import * # noqa +from ansible.module_utils.basic import * if __name__ == '__main__': main() diff --git a/ansible/load_images.yml b/ansible/load_images.yml index a4c130d46..d4b24c864 100644 --- a/ansible/load_images.yml +++ b/ansible/load_images.yml @@ -29,41 +29,15 @@ IMAGE_COMMAND: yardstick-img-modify IMAGE_OUTPUT: "/tmp/workspace/yardstick/yardstick-image.tar.gz" -# QCOW_IMAGE: "/tmp/workspace/yardstick/yardstick-image.img" -# RAW_IMAGE: "/tmp/workspace/yardstick/yardstick-image.tar.gz" -# IMAGE_COMMANDS: -# 'lxd': yardstick-img-lxd-modify -# 'default': yardstick-img-modify - - roles: - role: add_fuel_jumphost when: "INSTALLER_TYPE == 'fuel'" - role: detect_fuel_arch when: "INSTALLER_TYPE == 'fuel'" -# post_tasks: -# -# - command: "{{ DEPLOY_VARS[DEPLOY_SCENARIO].IMAGE_COMMAND }}" "{{ IMAGE_MODIFY_SCRIPT }}" -# become: true -# register: image_modify_result -# retries: 2 -# untils: image_modify_result|succeeded -# -# - stat: path="{{ DEPLOY_VARS[DEPLOY_SCENARIO].IMAGE_OUTPUT }}"} -# register: output_stat -# -# - fail: msg="" -# when: not output_stat - - - include: build_yardstick_image.yml + vars: + img_property: normal - include: image_uploaders/upload_yardstick_image.yml -# upload cirros -# upload vanilla ubuntu cloud_image - -# - include: create_flavors.yml - - diff --git a/ansible/multi_port_baremetal_ixia_test.yaml b/ansible/multi_port_baremetal_ixia_test.yaml index 52bc40b43..d2dfaa3c4 100644 --- a/ansible/multi_port_baremetal_ixia_test.yaml +++ b/ansible/multi_port_baremetal_ixia_test.yaml @@ -42,7 +42,6 @@ lib_path: "/opt/ixia/ixos-api/8.01.0.2/lib/ixTcl1.0" root_dir: "/opt/ixia/ixos-api/8.01.0.2/" py_bin_path: "/opt/ixia/ixload/8.01.106.3/bin/" - py_lib_path: "/opt/ixia/ixnetwork/8.01.1029.14/lib/PythonApi" dut_result_dir: "/mnt/results" version: "8.01.106.3" pcis: diff --git a/ansible/multi_port_baremetal_ixia_test_templates.yml b/ansible/multi_port_baremetal_ixia_test_templates.yml index f2e04a2d1..832f025a1 100644 --- a/ansible/multi_port_baremetal_ixia_test_templates.yml +++ b/ansible/multi_port_baremetal_ixia_test_templates.yml @@ -15,6 +15,10 @@ - set_fact: num_vnfs: "{{ item }}" +- file: + path: /etc/yardstick/nodes + state: directory + - debug: var: num_vnfs verbosity: 2 @@ -25,15 +29,15 @@ - template: src: ../etc/yardstick/nodes/standalone/ixia_template.yaml - dest: /etc/yardstick/nodes/ixia_{{ num_vnfs }}.yaml + dest: /etc/yardstick/nodes/baremetal_ixia_{{ num_vnfs }}.yaml - template: src: ../etc/yardstick/nodes/standalone/pod_bm_vnf.yaml dest: /etc/yardstick/nodes/pod_bm_vnf_{{num_vnfs}}.yaml - template: - src: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_rfc2544_template.yaml - dest: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_rfc2544_{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_rfc2544_ixia_template.yaml + dest: ../samples/vnf_samples/nsut/vfw/tc_baremetal_vfw_rfc2544_ixia_{{ num_vnfs }}.yaml - template: src: ../samples/vnf_samples/nsut/vfw/vfw-tg-topology-ixia-multi-port.yaml @@ -45,7 +49,7 @@ - template: src: ../samples/vnf_samples/nsut/acl/acl-tg-topology-ixia-multi-port.yaml - dest: ../samples/vnf_samples/nsut/acl/acl-tg-topology-multi-port-ixia-{{ num_vnfs }}.yaml + dest: ../samples/vnf_samples/nsut/acl/acl-tg-topology-ixia-multi-port-{{ num_vnfs }}.yaml - template: src: ../samples/vnf_samples/traffic_profiles/ipv4_throughput-cgnapt-scale-out.yaml diff --git a/ansible/multi_port_baremetal_test_templates.yml b/ansible/multi_port_baremetal_test_templates.yml index 4b905f8c7..2d0259364 100644 --- a/ansible/multi_port_baremetal_test_templates.yml +++ b/ansible/multi_port_baremetal_test_templates.yml @@ -15,6 +15,10 @@ - set_fact: num_vnfs: "{{ item }}" +- file: + path: /etc/yardstick/nodes + state: directory + - debug: var: num_vnfs verbosity: 2 @@ -40,8 +44,8 @@ dest: ../samples/vnf_samples/nsut/vfw/vfw-tg-topology-multi-port-{{ num_vnfs }}.yaml - template: - src: ../samples/vnf_samples/nsut/acl/tc_baremetal_vfw_rfc2544_template.yaml - dest: ../samples/vnf_samples/nsut/acl/tc_baremetal_vfw_rfc2544_{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/acl/tc_baremetal_acl_rfc2544_template.yaml + dest: ../samples/vnf_samples/nsut/acl/tc_baremetal_acl_rfc2544_{{ num_vnfs }}.yaml - template: src: ../samples/vnf_samples/nsut/acl/acl-tg-topology-multi-port.yaml @@ -52,8 +56,8 @@ dest: ../samples/vnf_samples/traffic_profiles/ipv4_throughput-cgnapt-{{ num_vnfs }}.yaml - template: - src: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_vfw_rfc2544_template.yaml - dest: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_vfw_rfc2544_{{ num_vnfs }}.yaml + src: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_cgnapt_rfc2544_template.yaml + dest: ../samples/vnf_samples/nsut/cgnapt/tc_baremetal_cgnapt_rfc2544_{{ num_vnfs }}.yaml - template: src: ../samples/vnf_samples/nsut/cgnapt/cgnapt-tg-topology-multi-port.yaml diff --git a/ansible/nsb_setup.yml b/ansible/nsb_setup.yml index bfe5d2349..fcde1d1b2 100644 --- a/ansible/nsb_setup.yml +++ b/ansible/nsb_setup.yml @@ -12,18 +12,18 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -#- name: Prepare baremetal machine -# include: ubuntu_server_baremetal_deploy_samplevnfs.yml -# vars: -# YARD_IMG_ARCH: amd64 -# -#- name: Install jumphost dependencies and configure docker -# hosts: jumphost -# environment: -# "{{ proxy_env }}" -# roles: -# - install_dependencies -# - docker +- name: Prepare baremetal machine + include: ubuntu_server_baremetal_deploy_samplevnfs.yml + vars: + YARD_IMG_ARCH: amd64 + +- name: Install jumphost dependencies and configure docker + hosts: jumphost + environment: + "{{ proxy_env }}" + roles: + - install_dependencies_jumphost + - docker - name: "handle all openstack stuff when: openrc_file is defined" include: prepare_openstack.yml @@ -37,7 +37,7 @@ name: yardstick pull: yes recreate: yes - image: opnfv/yardstick:latest + image: "{{ yardstick_docker_image|default('opnfv/yardstick:latest') }}" state: started restart_policy: always privileged: yes diff --git a/ansible/prepare_env.yml b/ansible/prepare_env.yml index a1299c38e..321521334 100644 --- a/ansible/prepare_env.yml +++ b/ansible/prepare_env.yml @@ -28,10 +28,6 @@ - fail: msg="{{ INSTALLER_TYPE }} not in {{ INSTALLERS }}" when: not openrc_present and (INSTALLER_TYPE not in INSTALLERS) - - name: fetch OS credentials - command: "{{ RELENG_REPO_DIR }}/utils/fetch_os_creds.sh {{ '-v' if DEPLOY_TYPE == 'virt' else '' }} -d {{ OPENRC }} -i {{ INSTALLER_TYPE }} -a {{ INSTALLER_IP }}" - when: not openrc_present - roles: - role: convert_openrc diff --git a/ansible/prepare_openstack.yml b/ansible/prepare_openstack.yml index 8456c9e59..c9067c9fb 100644 --- a/ansible/prepare_openstack.yml +++ b/ansible/prepare_openstack.yml @@ -12,27 +12,20 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: convert openrc_file to openrc env dict +- name: Convert openrc_file to openrc env dict hosts: jumphost vars_files: - yardstick_config.yml roles: - convert_openrc -### -# Build yardstick image for openstack quest -# check included file for other vars/env -### -- include: build_yardstick_image.yml +- name: Build Yardstick image for OpenStack + include: build_yardstick_image.yml vars: YARD_IMG_ARCH: amd64 - release: xenial + img_property: nsb -### -# Delete old yardstick image and flavors -# Upload new image -### -- name: cleanup old openstack images, upload new +- name: Cleanup old OpenStack images and upload the new one hosts: jumphost vars_files: - yardstick_config.yml diff --git a/ansible/roles/add_custom_repos/tasks/main.yml b/ansible/roles/add_custom_repos/tasks/main.yml index 7341ad07d..b1dfd542d 100644 --- a/ansible/roles/add_custom_repos/tasks/main.yml +++ b/ansible/roles/add_custom_repos/tasks/main.yml @@ -12,5 +12,5 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- include: "{{ target_os|lower }}.yml" +- include_tasks: "{{ target_os|lower }}.yml" diff --git a/ansible/roles/add_repos_jumphost/tasks/Debian.yml b/ansible/roles/add_repos_jumphost/tasks/Debian.yml new file mode 100644 index 000000000..e15699617 --- /dev/null +++ b/ansible/roles/add_repos_jumphost/tasks/Debian.yml @@ -0,0 +1,80 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Arguments needed: arch_arm64, arch_amd64, ubuntu_archive + +- name: Set the repositories architecture name + set_fact: + arch: "{{ arch_arm64 if ansible_architecture == 'aarch64' else arch_amd64 }}" + extra_arch: "{{ arch_amd64 if ansible_architecture == 'aarch64' else arch_arm64 }}" + +- name: Define the repositories names + set_fact: + repo: "{{ ubuntu_archive[arch] }}" + extra_repo: "{{ ubuntu_archive[extra_arch] }}" + +- name: Add architecture to the default repository list + replace: + path: "{{ sources_list_file }}" + regexp: '(^deb\s+)([^\[].*)$' + replace: 'deb [arch={{ arch }}] \2' + +- name: Remove support for source repositories + replace: + path: "{{ sources_list_file }}" + regexp: "^deb-src " + replace: "# deb-src " + +- name: Add extra architecture + command: "dpkg --add-architecture {{ extra_arch }}" + +- name: Define the default release version + copy: + dest: "{{ default_distro_file }}" + content: 'APT::Default-Release "{{ ansible_distribution_release }}";' + +- name: Remove extra repository file + file: + path: "{{ repo_file }}" + state: absent + ignore_errors: yes + +- name: Add extra repository file + file: + path: "{{ repo_file }}" + state: touch + +- name: Add the repository for qemu_static_user/xenial + blockinfile: + path: "{{ repo_file }}" + marker: "MARKER" + content: | + deb [arch={{ arch }}] {{ repo }} xenial-updates universe + when: ansible_distribution_release != "xenial" + +- name: Add extra architecture repositories if installing in container + blockinfile: + path: "{{ repo_file }}" + marker: "MARKER" + content: | + deb [arch={{ extra_arch }}] {{ extra_repo }} {{ ansible_distribution_release }} main universe multiverse restricted + deb [arch={{ extra_arch }}] {{ extra_repo }} {{ ansible_distribution_release }}-updates main universe multiverse restricted + deb [arch={{ extra_arch }}] {{ extra_repo }} {{ ansible_distribution_release }}-security main universe multiverse restricted + when: installation_mode == "container" + +- name: Remove the marker + lineinfile: + dest: "{{ repo_file }}" + state: absent + regexp: "MARKER" diff --git a/ansible/install_dependencies.yml b/ansible/roles/add_repos_jumphost/tasks/main.yml index 1c7d20170..f50fd9f0d 100644 --- a/ansible/install_dependencies.yml +++ b/ansible/roles/add_repos_jumphost/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. +# Copyright (c) 2018 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,8 +12,5 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: install yardstick dependencies - hosts: all - - roles: - - install_dependencies +- include: "{{ ansible_os_family }}.yml" + when: ansible_os_family == "Debian" diff --git a/ansible/roles/add_repos_jumphost/vars/main.yml b/ansible/roles/add_repos_jumphost/vars/main.yml new file mode 100644 index 000000000..30e444711 --- /dev/null +++ b/ansible/roles/add_repos_jumphost/vars/main.yml @@ -0,0 +1,17 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +repo_file: "/etc/apt/sources.list.d/yardstick.list" +sources_list_file: "/etc/apt/sources.list" +default_distro_file: "/etc/apt/apt.conf.d/default-distro" diff --git a/ansible/roles/barometer_collectd/tasks/main.yaml b/ansible/roles/barometer_collectd/tasks/main.yaml new file mode 100644 index 000000000..c06540c3f --- /dev/null +++ b/ansible/roles/barometer_collectd/tasks/main.yaml @@ -0,0 +1,40 @@ +#Copyright 2018 OPNFV and Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- + +- name: Remove barometer-collectd container + docker_container: + name: barometer-collectd + state: absent + +- name: Remove barometer-collectd image + docker_image: + name: opnfv/barometer-collectd + state: absent + +- name: Prepare collectd container + docker_container: + name: barometer-collectd + image: opnfv/barometer-collectd + volumes: + - /opt/collectd/etc/collectd.conf.d/:/opt/collectd/etc/collectd.conf.d + - /var/run:/var/run + - /tmp:/tmp + - /var/lib/collectd:/var/lib/collectd + command: "/run_collectd.sh" + detach: yes + state: present + restart: no + privileged: yes + network_mode: host diff --git a/ansible/roles/build_cni/defaults/main.yml b/ansible/roles/build_cni/defaults/main.yml new file mode 100644 index 000000000..18aa418f4 --- /dev/null +++ b/ansible/roles/build_cni/defaults/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +cni_src_dir: /opt/cni/src +cni_bin_dir: /opt/cni/bin diff --git a/ansible/roles/build_cni/tasks/main.yml b/ansible/roles/build_cni/tasks/main.yml new file mode 100644 index 000000000..ee66686f8 --- /dev/null +++ b/ansible/roles/build_cni/tasks/main.yml @@ -0,0 +1,49 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Get CNI driver sources + git: + repo: "{{ item.value.repo_url }}" + dest: "{{ cni_src_dir }}/{{ item.key }}" + version: "{{ item.value.repo_ver }}" + with_dict: "{{ cni_info }}" + +- name: Compile CNI drivers + command: "{{ cni_src_dir }}/{{ item.key }}/{{ item.value.build_script }}" + environment: "{{ go_env }}" + args: + chdir: "{{ cni_src_dir }}/{{ item.key }}" + with_dict: "{{ cni_info }}" + +- name: Get list of compiled CNI binaries + shell: ls -1 {{ item.key }}/bin/* + register: ls_cni_binaries_result + args: + chdir: "{{ cni_src_dir }}" + with_dict: "{{ cni_info }}" + +- set_fact: + cni_binary_list: "{{ cni_binary_list|default([]) + item.stdout_lines }}" + with_items: "{{ ls_cni_binaries_result.results }}" + +- name: Create CNI binaries dir + file: path={{ cni_bin_dir }} state=directory + +- name: Copy CNI binaries into kublet bin dir + copy: + src: "{{ cni_src_dir }}/{{ item }}" + dest: "{{ cni_bin_dir }}/" + remote_src: yes + mode: 0755 + with_items: "{{ cni_binary_list }}" diff --git a/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_normal.yml b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_normal.yml new file mode 100644 index 000000000..435b43856 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_normal.yml @@ -0,0 +1,56 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- debug:
+ msg: "chrooted in {{ inventory_hostname }}"
+
+- debug:
+ var: proxy_env
+ verbosity: 2
+
+- include_role:
+ name: "{{ role_item }}"
+ with_items:
+ - reset_resolv_conf
+ - add_custom_repos
+ - modify_cloud_config
+ loop_control:
+ loop_var: role_item
+
+- include_role:
+ name: set_package_installer_proxy
+ when: proxy_env is defined and proxy_env
+
+- include_role:
+ name: install_image_dependencies
+
+- include_vars: roles/download_unixbench/defaults/main.yml
+ when: unixbench_dest is undefined
+
+- include_vars: roles/download_ramspeed/defaults/main.yml
+ when: ramspeed_dest is undefined
+
+- include_role:
+ name: "{{ role_item }}"
+ with_items:
+ - download_l2fwd
+ - download_unixbench
+ - install_unixbench
+ - download_ramspeed
+ - install_ramspeed
+ - download_cachestat
+ loop_control:
+ loop_var: role_item
+
+ environment: "{{ proxy_env }}"
diff --git a/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_nsb.yml b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_nsb.yml new file mode 100644 index 000000000..65b9b8188 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/cloudimg_modify_nsb.yml @@ -0,0 +1,129 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- debug: + msg: "chrooted in {{ inventory_hostname }}" + +- debug: + var: proxy_env + verbosity: 2 + +- debug: msg="play_hosts={{play_hosts}}" + +- include_role: + name: "{{ role_item }}" + with_items: + - reset_resolv_conf + - add_custom_repos + - modify_cloud_config + loop_control: + loop_var: role_item + +- include_role: + name: set_package_installer_proxy + when: proxy_env is defined and proxy_env + +- include_vars: roles/install_dpdk/vars/main.yml + when: dpdk_make_arch is undefined + +- include_vars: roles/download_dpdk/defaults/main.yml + when: dpdk_version is undefined + +- include_vars: roles/download_trex/defaults/main.yml + when: trex_unarchive is undefined + +- include_vars: roles/download_civetweb/defaults/main.yml + when: civetweb_dest is undefined + +- include_role: + name: "{{ role_item }}" + with_items: + - install_image_dependencies + - enable_hugepages_on_boot # can't update grub in chroot/docker + - increase_open_file_limits # needed for collectd plugins + - download_trex + - install_trex + - download_civetweb + - install_civetweb + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" + +- include_vars: roles/install_dpdk/defaults/main.yml + when: INSTALL_BIN_PATH is undefined + +- include_vars: roles/download_samplevnfs/defaults/main.yml + +- include_role: + name: "{{ role_item }}" + vars: + dpdk_version: "{{ dpdk_version_for_PROX }}" + with_items: + - download_dpdk + - install_dpdk + - download_samplevnfs + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" + +- name: Install PROX + include_role: + name: install_samplevnf + vars: + vnf_name: PROX + +- include_role: + name: "{{ role_item }}" + with_items: + - download_dpdk + - install_dpdk + - download_pktgen + - install_pktgen + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" + +- include_vars: roles/download_samplevnfs/defaults/main.yml + when: samplevnf_dest is undefined +- set_fact: + samplevnf_path: "{{ samplevnf_dest }}" +- include_role: + name: install_samplevnf + with_items: + - UDP_Replay + - ACL + - FW + - CGNAPT + loop_control: + loop_var: vnf_name + +- include_vars: roles/download_drivers/defaults/main.yml + when: i40evf_path is undefined + +- include_role: + name: "{{ role_item }}" + with_items: + - install_dpdk_shared # build shared DPDK for collectd only, required DPDK downloaded already + - install_rabbitmq + - download_intel_cmt_cat + - install_intel_cmt_cat + - download_pmu_tools + - install_pmu_tools + - download_collectd + - install_collectd + - download_drivers + - install_drivers + loop_control: + loop_var: role_item + environment: "{{ proxy_env }}" diff --git a/ansible/roles/build_yardstick_image/tasks/main.yml b/ansible/roles/build_yardstick_image/tasks/main.yml new file mode 100644 index 000000000..e21cbb766 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/main.yml @@ -0,0 +1,14 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
diff --git a/ansible/roles/build_yardstick_image/tasks/post_build.yml b/ansible/roles/build_yardstick_image/tasks/post_build.yml new file mode 100644 index 000000000..14b7a3d17 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/post_build.yml @@ -0,0 +1,56 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: convert image to image file
+ command: qemu-img convert -c -o compat=0.10 -O qcow2 {{ raw_imgfile }} {{ imgfile }}
+
+# Post build yardstick image
+- group_by:
+ key: image_builder
+
+- name: remove ubuntu policy-rc.d workaround
+ file:
+ path: "{{ mountdir }}/usr/sbin/policy-rc.d"
+ state: absent
+ when: "target_os == 'Ubuntu'"
+
+- name: cleanup fake tmp fstab
+ file:
+ path: "{{ fake_fstab }}"
+ state: absent
+
+- mount:
+ name: "{{ mountdir }}/proc"
+ state: unmounted
+
+- mount:
+ name: "{{ mountdir }}/run"
+ state: unmounted
+
+- mount:
+ name: "{{ mountdir }}"
+ state: unmounted
+
+- name: kpartx -dv to delete all image partition device nodes
+ command: kpartx -dv "{{ raw_imgfile }}"
+ ignore_errors: true
+
+- debug:
+ msg: "yardstick image = {{ imgfile }}"
+
+- set_fact:
+ imgdest: "/var/lib/libvirt/images/{{ imgfile | basename}}"
+
+- name: Copy image to libvirt images
+ shell: "cp {{ imgfile }} {{ imgdest }}"
diff --git a/ansible/roles/build_yardstick_image/tasks/pre_build.yml b/ansible/roles/build_yardstick_image/tasks/pre_build.yml new file mode 100644 index 000000000..3ac8e90e9 --- /dev/null +++ b/ansible/roles/build_yardstick_image/tasks/pre_build.yml @@ -0,0 +1,214 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Group
+ group_by:
+ key: image_builder
+
+- package: name=parted state=present
+ environment: "{{ proxy_env }}"
+
+- package: name=kpartx state=present
+ environment: "{{ proxy_env }}"
+
+- package: name="{{ growpart_package[ansible_os_family] }}" state=present
+ environment: "{{ proxy_env }}"
+
+- set_fact:
+ imgfile: "{{ normal_image_file }}"
+ when: img_prop_item == "normal"
+
+- set_fact:
+ imgfile: "{{ nsb_image_file }}"
+ when: img_prop_item == "nsb"
+
+- set_fact:
+ mountdir: "{{ lookup('env', 'mountdir')|default('/mnt/yardstick', true) }}"
+ raw_imgfile: "{{ workspace }}/{{ raw_imgfile_basename }}"
+
+# cleanup non-lxd
+- name: unmount all old mount points
+ mount:
+ name: "{{ item }}"
+ state: unmounted
+ with_items:
+ # order matters
+ - "{{ mountdir }}/proc"
+ - "{{ mountdir }}/run"
+ - "{{ mountdir }}"
+ - "/mnt/{{ release }}"
+
+- name: kpartx -dv to delete all image partition device nodes
+ command: kpartx -dv "{{ raw_imgfile }}"
+ ignore_errors: true
+
+- name: Debug dump loop devices
+ command: losetup -a
+ ignore_errors: true
+
+- name: delete loop devices for image file
+ # use this because kpartx -dv will fail if raw_imgfile was delete
+ # but in theory we could have deleted file still attached to loopback device?
+ # use grep because of // and awk
+ shell: losetup -O NAME,BACK-FILE | grep "{{ raw_imgfile_basename }}" | awk '{ print $1 }' | xargs -l1 losetup -v -d
+ ignore_errors: true
+
+- name: Debug dump loop devices again
+ command: losetup -a
+ ignore_errors: true
+
+- name: delete {{ raw_imgfile }}
+ file:
+ path: "{{ raw_imgfile }}"
+ state: absent
+
+# common
+- name: remove {{ mountdir }}
+ file:
+ path: "{{ mountdir }}"
+ state: absent
+
+# download-common
+- name: remove {{ workspace }}
+ file:
+ path: "{{ workspace }}"
+ state: directory
+
+- name: "fetch {{ image_url }} and verify "
+ fetch_url_and_verify:
+ url: "{{ image_url }}"
+ sha256url: "{{ sha256sums_url }}"
+ dest: "{{ image_dest }}"
+
+- name: convert image to raw
+ command: "qemu-img convert {{ image_dest }} {{ raw_imgfile }}"
+
+- name: resize image to allow for more VNFs
+ command: "qemu-img resize -f raw {{ raw_imgfile }} +2G"
+
+- name: resize parition to allow for more VNFs
+ # use growpart because maybe it handles GPT better than parted
+ command: growpart {{ raw_imgfile }} 1
+
+- name: create mknod devices in chroot
+ command: "mknod -m 0660 /dev/loop{{ item }} b 7 {{ item }}"
+ args:
+ creates: "/dev/loop{{ item }}"
+ with_sequence: start=0 end=9
+ tags: mknod_devices
+
+- name: find first partition device
+ command: kpartx -l "{{ raw_imgfile }}"
+ register: kpartx_res
+
+- set_fact:
+ image_first_partition: "{{ kpartx_res.stdout_lines[0].split()[0] }}"
+
+- set_fact:
+ # assume / is the first partition
+ image_first_partition_device: "/dev/mapper/{{ image_first_partition }}"
+
+- name: use kpartx to create device nodes for the raw image loop device
+ # operate on the loop device to avoid /dev namespace missing devices
+ command: kpartx -avs "{{ raw_imgfile }}"
+
+- name: parted dump raw image
+ command: parted "{{ raw_imgfile }}" print
+ register: parted_res
+
+- debug:
+ var: parted_res
+ verbosity: 2
+
+- name: use blkid to find filesystem type of first partition device
+ command: blkid -o value -s TYPE {{ image_first_partition_device }}
+ register: blkid_res
+
+- set_fact:
+ image_fs_type: "{{ blkid_res.stdout.strip() }}"
+
+- fail:
+ msg: "We only support ext4 image filesystems because we have to resize"
+ when: image_fs_type != "ext4"
+
+- name: fsck the image filesystem
+ command: "e2fsck -y -f {{ image_first_partition_device }}"
+
+- name: resize filesystem to full partition size
+ command: resize2fs {{ image_first_partition_device }}
+
+- name: fsck the image filesystem
+ command: "e2fsck -y -f {{ image_first_partition_device }}"
+
+- name: make tmp disposable fstab
+ command: mktemp --tmpdir fake_fstab.XXXXXXXXXX
+ register: mktemp_res
+
+- set_fact:
+ fake_fstab: "{{ mktemp_res.stdout.strip() }}"
+
+- name: mount first parition on image device
+ mount:
+ src: "{{ image_first_partition_device }}"
+ name: "{{ mountdir }}"
+ # fstype is required
+ fstype: "{{ image_fs_type }}"
+ # !!!!!!! this is required otherwise we add entries to /etc/fstab
+ # and prevent the system from booting
+ fstab: "{{ fake_fstab }}"
+ state: mounted
+
+- name: mount chroot /proc
+ mount:
+ src: none
+ name: "{{ mountdir }}/proc"
+ fstype: proc
+ # !!!!!!! this is required otherwise we add entries to /etc/fstab
+ # and prevent the system from booting
+ fstab: "{{ fake_fstab }}"
+ state: mounted
+
+- name: mount chroot /run
+ mount:
+ src: /run
+ name: "{{ mountdir }}/run"
+ fstype: tmpfs
+ opts: bind
+ # !!!!!!! this is required otherwise we add entries to /etc/fstab
+ # and prevent the system from booting
+ fstab: "{{ fake_fstab }}"
+ state: mounted
+
+- name: if arm copy qemu-aarch64-static into chroot
+ copy:
+ src: /usr/bin/qemu-aarch64-static
+ dest: "{{ mountdir }}/usr/bin"
+ when: img_arch == arch_arm64
+
+- name: create ubuntu policy-rc.d workaround
+ copy:
+ content: "{{ '#!/bin/sh\nexit 101\n' }}"
+ dest: "{{ mountdir }}/usr/sbin/policy-rc.d"
+ mode: 0755
+ when: "target_os == 'Ubuntu'"
+
+- name: add chroot as host
+ add_host:
+ name: "{{ mountdir }}"
+ groups: chroot_image,image_builder
+ connection: chroot
+ ansible_python_interpreter: /usr/bin/python3
+ # set this host variable here
+ nameserver_ip: "{{ ansible_dns.nameservers[0] }}"
+ image_type: vm
diff --git a/ansible/roles/build_yardstick_image/vars/main.yml b/ansible/roles/build_yardstick_image/vars/main.yml new file mode 100644 index 000000000..3d4054408 --- /dev/null +++ b/ansible/roles/build_yardstick_image/vars/main.yml @@ -0,0 +1,33 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+boot_modes:
+ 'amd64': disk1
+ 'arm64': uefi1
+boot_mode: "{{ boot_modes[YARD_IMG_ARCH] }}"
+image_filename:
+ 'xenial': "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}-{{ boot_mode }}.img"
+ 'bionic': "{{ release }}-server-cloudimg-{{ YARD_IMG_ARCH }}.img"
+image_path: "{{ release }}/current/{{ image_filename[release] }}"
+host: "{{ lookup('env', 'HOST')|default('cloud-images.ubuntu.com', true)}}"
+image_url: "{{ lookup('env', 'IMAGE_URL')|default('https://' ~ host ~ '/' ~ image_path, true) }}"
+image_dest: "{{ workspace }}/{{ image_filename[release] }}"
+sha256sums_path: "{{ release }}/current/SHA256SUMS"
+sha256sums_filename: "{{ sha256sums_path|basename }}"
+sha256sums_url: "{{ lookup('env', 'SHA256SUMS_URL')|default('https://' ~ host ~ '/' ~ sha256sums_path, true) }}"
+workspace: "{{ lookup('env', 'workspace')|default('/tmp/workspace/yardstick', true) }}"
+raw_imgfile_basename: "yardstick-{{ release }}-server.raw"
+growpart_package:
+ RedHat: cloud-utils-growpart
+ Debian: cloud-guest-utils
diff --git a/ansible/roles/configure_gui/tasks/main.yml b/ansible/roles/configure_gui/tasks/main.yml new file mode 100644 index 000000000..665053ccf --- /dev/null +++ b/ansible/roles/configure_gui/tasks/main.yml @@ -0,0 +1,38 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define variables + set_fact: + gui_dir: "{{ yardstick_dir }}/gui/" + +- name: Run gui.sh + shell: + cmd: /bin/bash gui.sh + chdir: "{{ gui_dir }}" + +- name: Create nginx/yardstick directory + file: + path: /etc/nginx/yardstick + state: directory + recurse: yes + +- name: Remove /etc/nginx/yardstick/gui/dist directory if it exists + file: + path: /etc/nginx/yardstick/gui/dist + state: absent + +- name: Move dist to /etc/nginx/yardstick/gui + shell: + cmd: mv dist /etc/nginx/yardstick/gui + chdir: "{{ gui_dir }}" diff --git a/ansible/roles/configure_nginx/tasks/main.yml b/ansible/roles/configure_nginx/tasks/main.yml new file mode 100644 index 000000000..e0f7f75bb --- /dev/null +++ b/ansible/roles/configure_nginx/tasks/main.yml @@ -0,0 +1,33 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define variables + set_fact: + socket_file: "{{ socket_file|default('/var/run/yardstick.sock') }}" + +- name: Make sure conf.d directory exists + file: + path: /etc/nginx/conf.d + state: directory + +- name: Create the nginx config file + template: + src: yardstick.conf.j2 + dest: "/etc/nginx/conf.d/yardstick.conf" + +- name: Configure ports if RedHat OS + shell: | + semanage port -m -t http_port_t -p tcp 5000 + semanage port -m -t http_port_t -p udp 5000 + when: ansible_os_family == "RedHat" diff --git a/ansible/roles/configure_nginx/templates/yardstick.conf.j2 b/ansible/roles/configure_nginx/templates/yardstick.conf.j2 new file mode 100644 index 000000000..484096cec --- /dev/null +++ b/ansible/roles/configure_nginx/templates/yardstick.conf.j2 @@ -0,0 +1,18 @@ +server { + listen 5000; + server_name localhost; + index index.htm index.html; + location / { + include uwsgi_params; + client_max_body_size 2000m; + uwsgi_pass unix://{{ socket_file }}; + } + + location /gui/ { + alias /etc/nginx/yardstick/gui/; + } + + location /report/ { + alias /tmp/; + } +} diff --git a/ansible/roles/configure_rabbitmq/tasks/main.yml b/ansible/roles/configure_rabbitmq/tasks/main.yml new file mode 100644 index 000000000..59998abc0 --- /dev/null +++ b/ansible/roles/configure_rabbitmq/tasks/main.yml @@ -0,0 +1,39 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- block: + - name: Restart rabbitmq + service: + name: rabbitmq-server + state: restarted + + - name: rabbitmqctl start_app + shell: rabbitmqctl start_app + + - name: Configure rabbitmq + rabbitmq_user: + user: yardstick + password: yardstick + configure_priv: .* + read_priv: .* + write_priv: .* + state: present + when: install_mode == inst_mode_baremetal + +- name: Create rabbitmq file for supervisor + template: + src: rabbitmq.sh.j2 + dest: /etc/yardstick/rabbitmq.sh + mode: 0755 + when: install_mode == inst_mode_container diff --git a/ansible/roles/configure_rabbitmq/templates/rabbitmq.sh.j2 b/ansible/roles/configure_rabbitmq/templates/rabbitmq.sh.j2 new file mode 100644 index 000000000..a91565c01 --- /dev/null +++ b/ansible/roles/configure_rabbitmq/templates/rabbitmq.sh.j2 @@ -0,0 +1,20 @@ +#!/bin/bash
+trap "rabbitmqctl stop_app" EXIT
+
+rabbitmqctl stop_app
+service rabbitmq-server restart
+rabbitmqctl start_app
+
+tmp_file="/tmp/$(basename -- $0).configured"
+if [ ! -f "$tmp_file" ]; then
+ rabbitmqctl add_user yardstick yardstick
+ rabbitmqctl set_permissions -p / yardstick '.*' '.*' '.*'
+ touch "$tmp_file"
+fi
+
+while :
+do
+ sleep 5
+ service rabbitmq-server status > /dev/null 2>&1 || exit 1
+ rabbitmqctl report | grep "Status of node rabbit@`hostname`" > /dev/null 2>&1 || exit 1
+done
diff --git a/ansible/roles/configure_uwsgi/tasks/main.yml b/ansible/roles/configure_uwsgi/tasks/main.yml new file mode 100644 index 000000000..8822bda53 --- /dev/null +++ b/ansible/roles/configure_uwsgi/tasks/main.yml @@ -0,0 +1,53 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define variables + set_fact: + config_dir: "/etc/yardstick/" + log_dir: "/var/log/yardstick/" + socket_file: "/var/run/yardstick.sock" + +- name: Create UWSGI config directory + file: + path: "/etc/yardstick" + state: directory + owner: root + mode: 0755 + +- name: Create API log directory + file: + path: "{{ log_dir }}" + state: directory + owner: root + mode: 0777 + +- name: Create the socket for communicating + file: + path: "{{ socket_file }}" + state: touch + owner: root + mode: 0644 + +- set_fact: + uwsgi_log: "logto" + when: installation_mode == inst_mode_container + +- set_fact: + uwsgi_log: "daemonize" + when: installation_mode != inst_mode_container + +- name: Create the UWSGI config file + template: + src: yardstick.ini.j2 + dest: "{{ config_dir }}yardstick.ini" diff --git a/ansible/roles/configure_uwsgi/templates/yardstick.ini.j2 b/ansible/roles/configure_uwsgi/templates/yardstick.ini.j2 new file mode 100644 index 000000000..1890f16f9 --- /dev/null +++ b/ansible/roles/configure_uwsgi/templates/yardstick.ini.j2 @@ -0,0 +1,18 @@ +[uwsgi] +master = true +debug = true +chdir = {{ yardstick_dir }}/api +module = server +plugins = python +processes = 10 +threads = 5 +async = true +max-requests = 5000 +chmod-socket = 666 +callable = app_wrapper +enable-threads = true +close-on-exec = 1 +{{ uwsgi_log }} = {{ log_dir }}/uwsgi.log +socket = {{ socket_file }} +{# If virtual environment, we need to add: + virtualenv = <virtual_env> #} diff --git a/ansible/roles/convert_openrc/tasks/main.yml b/ansible/roles/convert_openrc/tasks/main.yml index 1606b0bc5..00aa13615 100644 --- a/ansible/roles/convert_openrc/tasks/main.yml +++ b/ansible/roles/convert_openrc/tasks/main.yml @@ -18,7 +18,7 @@ - debug: var=openrc - set_fact: - yardstick_url_ip: "{{ openrc.OS_AUTH_URL|urlsplit|attr('hostname') }}" + yardstick_url_ip: "{{ openrc.OS_AUTH_URL|urlsplit('hostname') }}" - debug: var=yardstick_url_ip @@ -29,14 +29,8 @@ auth_url: "{{ openrc.OS_AUTH_URL }}" password: "{{ openrc.OS_PASSWORD }}" username: "{{ openrc.OS_USERNAME }}" - project_name: "{{ openrc.OS_PROJECT_NAME }}" -# tenant_name: "{{ openrc.OS_TENANT_NAME }}" + project_name: "{{ openrc.OS_PROJECT_NAME|default(openrc.OS_TENANT_NAME) }}" project_domain_name: "{{ openrc.OS_PROJECT_DOMAIN_NAME }}" -# user_domain_name: "{{ openrc.OS_USER_DOMAIN_NAME }}" - # BUGS: We need to specify identity_api_version == 3, but we can't do it here - # because it is not the write place - # we need to set it via OS_IDENTITY_API_VERSION or clouds.yaml -# identity_api_version: "{{ openrc.OS_IDENTITY_API_VERSION }}" - debug: var=os_auth @@ -44,7 +38,7 @@ clouds: demo: # must specify API version here - identity_api_version: "{{ openrc.OS_IDENTITY_API_VERSION }}" + identity_api_version: "{{ openrc.OS_IDENTITY_API_VERSION|default(3) }}" auth: "{{ os_auth }}" - template: diff --git a/ansible/roles/create_dockerfile/templates/centos/Dockerfile b/ansible/roles/create_dockerfile/templates/centos/Dockerfile index ca104c8f8..96d8a0041 100644 --- a/ansible/roles/create_dockerfile/templates/centos/Dockerfile +++ b/ansible/roles/create_dockerfile/templates/centos/Dockerfile @@ -18,7 +18,6 @@ ENV REPOS_DIR /home/opnfv/repos # Yardstick repo ENV YARDSTICK_REPO_DIR ${REPOS_DIR}/yardstick -ENV RELENG_REPO_DIR ${REPOS_DIR}/releng RUN yum -y install\ deltarpm \ @@ -50,7 +49,6 @@ RUN yum -y install\ RUN mkdir -p ${REPOS_DIR} && \ git config --global http.sslVerify false && \ git clone --depth 1 -b $BRANCH https://gerrit.opnfv.org/gerrit/yardstick ${YARDSTICK_REPO_DIR} && \ - git clone --depth 1 https://gerrit.opnfv.org/gerrit/releng ${RELENG_REPO_DIR} # install yardstick + dependencies # explicity pin pip version to avoid future issues like the ill-fated pip 8.0.0 release diff --git a/ansible/roles/create_dockerfile/templates/ubuntu/Dockerfile b/ansible/roles/create_dockerfile/templates/ubuntu/Dockerfile index 7fbc4f01a..6eba3a841 100644 --- a/ansible/roles/create_dockerfile/templates/ubuntu/Dockerfile +++ b/ansible/roles/create_dockerfile/templates/ubuntu/Dockerfile @@ -18,7 +18,6 @@ ENV REPOS_DIR /home/opnfv/repos # Yardstick repo ENV YARDSTICK_REPO_DIR ${REPOS_DIR}/yardstick -ENV RELENG_REPO_DIR ${REPOS_DIR}/releng RUN sed -i -e 's/^deb /deb [arch=amd64] /g;s/^deb-src /# deb-src /g' /etc/apt/sources.list && \ echo "\n\ deb [arch=arm64] http://ports.ubuntu.com/ubuntu-ports/ trusty main universe multiverse restricted \n\ @@ -63,7 +62,6 @@ RUN apt-get update && apt-get install -y \ RUN mkdir -p ${REPOS_DIR} && \ git config --global http.sslVerify false && \ git clone --depth 1 -b $BRANCH https://gerrit.opnfv.org/gerrit/yardstick ${YARDSTICK_REPO_DIR} && \ - git clone --depth 1 https://gerrit.opnfv.org/gerrit/releng ${RELENG_REPO_DIR} # install yardstick + dependencies # explicity pin pip version to avoid future issues like the ill-fated pip 8.0.0 release diff --git a/ansible/roles/create_samplevnfs_image/tasks/main.yml b/ansible/roles/create_samplevnfs_image/tasks/main.yml index c83cccab5..ab7371a12 100644 --- a/ansible/roles/create_samplevnfs_image/tasks/main.yml +++ b/ansible/roles/create_samplevnfs_image/tasks/main.yml @@ -19,6 +19,6 @@ is_public: yes disk_format: qcow2 container_format: bare - filename: "{{ raw_imgfile }}" + filename: "{{ imgfile }}" properties: hw_vif_multiqueue_enabled: true diff --git a/ansible/roles/create_storperf_admin_rc/tasks/main.yml b/ansible/roles/create_storperf_admin_rc/tasks/main.yml index bd1418e89..f63d1d814 100644 --- a/ansible/roles/create_storperf_admin_rc/tasks/main.yml +++ b/ansible/roles/create_storperf_admin_rc/tasks/main.yml @@ -12,15 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: Fetch TENANT_ID - os_project_facts: - name: admin - environment: "{{ openrc }}" - -- name: Fetch TENANT_ID - set_fact: - os_tenant_id: "{{ openstack_projects[0].id }}" - - name: Create storperf_admin-rc template: src: storperf_admin-rc.j2 diff --git a/ansible/roles/create_storperf_admin_rc/templates/storperf_admin-rc.j2 b/ansible/roles/create_storperf_admin_rc/templates/storperf_admin-rc.j2 index 410ab24df..888e87118 100644 --- a/ansible/roles/create_storperf_admin_rc/templates/storperf_admin-rc.j2 +++ b/ansible/roles/create_storperf_admin_rc/templates/storperf_admin-rc.j2 @@ -1,7 +1,5 @@ OS_AUTH_URL="{{ openrc.OS_AUTH_URL }}" OS_USERNAME="{{ openrc.OS_USERNAME|default('admin') }}" OS_PASSWORD="{{ openrc.OS_PASSWORD|default('console') }}" -OS_TENANT_NAME="{{ openrc.OS_TENANT_NAME|default('admin') }}" OS_VOLUME_API_VERSION="{{ openrc.OS_VOLUME_API_VERSION|default('2') }}" -OS_PROJECT_NAME="{{ openrc.OS_PROJECT_NAME|default(openrc.OS_TENANT_NAME) }}" -OS_TENANT_ID="{{ os_tenant_id }}" +OS_PROJECT_NAME="{{ openrc.OS_PROJECT_NAME|openrc.OS_TENANT_NAME|default('admin') }}" diff --git a/ansible/roles/docker/tasks/Debian.yml b/ansible/roles/docker/tasks/Debian.yml index cf4128774..a03040d88 100644 --- a/ansible/roles/docker/tasks/Debian.yml +++ b/ansible/roles/docker/tasks/Debian.yml @@ -12,15 +12,21 @@ # See the License for the specific language governing permissions and # limitations under the License. --- - - name: add Ubuntu docker repo - apt_repository: repo='deb [trusted=yes] {{ ubuntu_docker_url }} ubuntu-{{ ansible_distribution_release }} main' state=present + - name: Install docker.io + action: "{{ ansible_pkg_mgr }} name=docker.io state=present force=yes" - - name: ensure correct docker version - action: "{{ ansible_pkg_mgr }} name={{ item }} state=present force=yes" - with_items: "{{ docker_packages[ansible_os_family] }}" + - name: Update package manager cache + tags: + - cache_update + package: + update_cache: yes - - name: remove Ubuntu docker repo - apt_repository: - repo: 'deb [trusted=yes] {{ ubuntu_docker_url }} ubuntu-{{ ansible_distribution_release }} main' - state: absent - update_cache: no + - name: Install python-pip + package: + name: python-pip + state: present + + - name: Install docker-py + pip: + name: docker-py + state: present diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index bbec371a8..18e441462 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. +# Copyright (c) 2017-2019 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,6 +18,10 @@ - name: create docker service config dir file: path=/etc/systemd/system/docker.service.d state=directory + - name: docker configuration + template: src=daemon.json.j2 dest=/etc/docker/daemon.json owner=root mode=0644 + when: 'docker_daemon_config is defined' + - name: create docker proxy config template: src=http-proxy-conf.j2 dest=/etc/systemd/system/docker.service.d/http-proxy.conf owner=root mode=0644 when: 'proxy_env is defined and "http_proxy" in proxy_env or "https_proxy" in proxy_env' diff --git a/ansible/roles/docker/templates/daemon.json.j2 b/ansible/roles/docker/templates/daemon.json.j2 new file mode 100644 index 000000000..57bdc9f63 --- /dev/null +++ b/ansible/roles/docker/templates/daemon.json.j2 @@ -0,0 +1 @@ +{{ docker_daemon_config | to_nice_json }} diff --git a/ansible/roles/docker/vars/main.yml b/ansible/roles/docker/vars/main.yml index 8b5077490..a735d523d 100644 --- a/ansible/roles/docker/vars/main.yml +++ b/ansible/roles/docker/vars/main.yml @@ -16,5 +16,3 @@ docker_project_url: https://yum.dockerproject.org docker_packages: "RedHat": - docker-engine-1.13.1 - "Debian": - - docker-engine=1.13.1* diff --git a/ansible/roles/download_civetweb/defaults/main.yml b/ansible/roles/download_civetweb/defaults/main.yml index 5efc9bb56..289e52ce8 100644 --- a/ansible/roles/download_civetweb/defaults/main.yml +++ b/ansible/roles/download_civetweb/defaults/main.yml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -civetweb_url: https://sourceforge.net/projects/civetweb/files/1.9/CivetWeb_V1.9.zip +civetweb_url: https://iweb.dl.sourceforge.net/project/civetweb/1.9.1/CivetWeb_V1.9.1.zip civetweb_file: "{{ civetweb_url|basename }}" civetweb_dest: "{{ clone_dest }}/civetweb" -civetweb_sha256s: "sha256:947a546bfccd733c79dff9565227fa74f4d17750650ff49312ef4b2d032fa8c8" +civetweb_sha256s: "sha256:69a82f042eae0197fb50b09861a8e2c5fff2871c196a21edd122bb8ce34ca0f3" diff --git a/ansible/roles/download_civetweb/tasks/main.yml b/ansible/roles/download_civetweb/tasks/main.yml index 03dd3ccd3..b6a475774 100644 --- a/ansible/roles/download_civetweb/tasks/main.yml +++ b/ansible/roles/download_civetweb/tasks/main.yml @@ -18,6 +18,10 @@ dest: "{{ clone_dest }}/" validate_certs: False checksum: "{{ civetweb_sha256s }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - name: unarchive civetweb unarchive: diff --git a/ansible/roles/download_collectd/defaults/main.yml b/ansible/roles/download_collectd/defaults/main.yml index 9beaeb897..3f5632394 100644 --- a/ansible/roles/download_collectd/defaults/main.yml +++ b/ansible/roles/download_collectd/defaults/main.yml @@ -1,4 +1,4 @@ --- collectd_url: "https://github.com/collectd/collectd.git" collectd_dest: "{{ clone_dest }}/collectd" -collectd_version: "c870991a2d614e51c03c0da76e9aef997343551b" +collectd_version: "collectd-5.8" diff --git a/ansible/roles/download_dpdk/defaults/main.yml b/ansible/roles/download_dpdk/defaults/main.yml index fb42ed48a..b2d959eed 100644 --- a/ansible/roles/download_dpdk/defaults/main.yml +++ b/ansible/roles/download_dpdk/defaults/main.yml @@ -1,10 +1,19 @@ --- -dpdk_version: "17.02" -dpdk_url: "http://dpdk.org/browse/dpdk/snapshot/dpdk-{{ dpdk_version }}.zip" +dpdk_version: "17.05" +dpdk_version_for_PROX: "18.11" +dpdk_url: "http://fast.dpdk.org/rel/dpdk-{{ dpdk_version }}.tar.xz" dpdk_file: "{{ dpdk_url|basename }}" -dpdk_unarchive: "{{ dpdk_file|regex_replace('[.]zip$', '') }}" +dpdk_unarchive: "{{ dpdk_file|regex_replace('[.]tar[.]xz$', '') }}" dpdk_dest: "{{ clone_dest }}/" -dpdk_sha256s: - "17.02": "sha256:c675285d5eab8e7e8537a10bdae6f03c603caa80cb4bf5b055ddd482e3b7d67f" - "16.04": "sha256:65e587af439b21abf54c644f86ba5ce7ea65657b3272480dcd78b769d2aecac3" - "16.07": "sha256:46fee52f9b3ff54df869414c69f122aea8f744de5ed5f8fb275a22cc9cefe094" + +dpdk_md5: + "16.07.2": "md5:4922ea2ec935b64ff5c191fec53344a6" + "16.11.7": "md5:c081d113dfd57633e3bc3ebc802691be" + "17.02.1": "md5:cbdf8b7a92ce934d47c38cbc9c20c54a" + "17.05": "md5:0a68c31cd6a6cabeed0a4331073e4c05" #Ubuntu 17.10 support + "17.05.2": "md5:37afc9ce410d8e6945a1beb173074003" #unsupported + "17.08.2": "md5:dd239a878c8c40cf482fdfe438f8d99c" #unsupported + "17.11.3": "md5:68ca84ac878011acf44e75d33b46f55b" #unsupported + "18.02.2": "md5:75ad6d39b513649744e49c9fcbbb9ca5" #unsupported + "18.05": "md5:9fc86367cd9407ff6a8dfea56c4eddc4" #unsupported + "18.11": "md5:04b86f4a77f4f81a7fbd26467dd2ea9f" # Not supported by SampleVNFs except PROX diff --git a/ansible/roles/download_dpdk/tasks/main.yml b/ansible/roles/download_dpdk/tasks/main.yml index bcb5dde1a..e434536a3 100644 --- a/ansible/roles/download_dpdk/tasks/main.yml +++ b/ansible/roles/download_dpdk/tasks/main.yml @@ -25,7 +25,11 @@ url: "{{ dpdk_url }}" dest: "{{ dpdk_dest }}" validate_certs: False - checksum: "{{ dpdk_sha256s[dpdk_version] }}" + checksum: "{{ dpdk_md5[dpdk_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - unarchive: src: "{{ dpdk_dest }}/{{ dpdk_file }}" @@ -37,8 +41,20 @@ path: "{{ dpdk_dest }}/{{ dpdk_file }}" state: absent +- name: find unzipped DPDK folder + find: + paths: "{{ dpdk_dest }}" + patterns: "^dpdk-.*{{ dpdk_version }}$" + file_type: directory + use_regex: yes + register: dpdk_folder_match + +- fail: + msg: "Cannot find unzipped DPDK folder or more than one found" + when: dpdk_folder_match.matched != 1 + - set_fact: - dpdk_path: "{{ dpdk_dest }}/{{ dpdk_unarchive }}" + dpdk_path: "{{ dpdk_folder_match.files[0].path }}" - set_fact: RTE_SDK: "{{ dpdk_path }}" diff --git a/ansible/roles/download_drivers/defaults/main.yml b/ansible/roles/download_drivers/defaults/main.yml new file mode 100644 index 000000000..bf1e48a23 --- /dev/null +++ b/ansible/roles/download_drivers/defaults/main.yml @@ -0,0 +1,22 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +i40evf_version: "3.5.13" +i40evf_gzfile: "i40evf-{{ i40evf_version }}.tar.gz" +i40evf_url: "https://netix.dl.sourceforge.net/project/e1000/i40evf%20stable/{{ i40evf_version }}/{{ i40evf_gzfile }}" +i40evf_dest: "{{ clone_dest }}/" +i40evf_path: "{{ i40evf_dest }}/{{ i40evf_gzfile|regex_replace('[.]tar[.]gz$', '') }}" +i40evf_checksum: + "3.4.2": "sha256:a8e2a722fb2f8ac874cb39545a331761841f1724830ff1581d2012dd37314645" + "3.5.13": "sha256:e57b95b694c8480b905e72ea13caac8714d6bb0c9eabe37cca655505b808f033"
\ No newline at end of file diff --git a/ansible/roles/download_drivers/tasks/i40evf.yml b/ansible/roles/download_drivers/tasks/i40evf.yml new file mode 100644 index 000000000..48a0330ab --- /dev/null +++ b/ansible/roles/download_drivers/tasks/i40evf.yml @@ -0,0 +1,40 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Directory to store i40evf driver + file: + path: "{{ i40evf_dest }}" + state: directory + +- name: Fetch i40evf driver + get_url: + url: "{{ i40evf_url }}" + dest: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" + validate_certs: False + checksum: "{{ i40evf_checksum[i40evf_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 + +- name: Unarchive the i40evf file + unarchive: + src: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" + dest: "{{ i40evf_dest }}" + copy: no + +- name: Cleanup the archive to save space + file: + path: "{{ i40evf_dest }}/{{ i40evf_gzfile }}" + state: absent diff --git a/ansible/roles/download_drivers/tasks/main.yml b/ansible/roles/download_drivers/tasks/main.yml new file mode 100644 index 000000000..b7c1e0f1f --- /dev/null +++ b/ansible/roles/download_drivers/tasks/main.yml @@ -0,0 +1,15 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- include: i40evf.yml diff --git a/ansible/roles/download_l2fwd/defaults/main.yml b/ansible/roles/download_l2fwd/defaults/main.yml new file mode 100644 index 000000000..1bc76ef3e --- /dev/null +++ b/ansible/roles/download_l2fwd/defaults/main.yml @@ -0,0 +1,4 @@ +--- +l2fwd_url: "http://artifacts.opnfv.org/yardstick/third-party/l2fwd.tar" +l2fwd_file: "l2fwd.tar" +l2fwd_dest: "/home" diff --git a/ansible/roles/download_l2fwd/tasks/main.yml b/ansible/roles/download_l2fwd/tasks/main.yml new file mode 100644 index 000000000..43b0ec366 --- /dev/null +++ b/ansible/roles/download_l2fwd/tasks/main.yml @@ -0,0 +1,32 @@ +# Copyright (c) 2017 Huawei Technologies Co.,Ltd and others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- file: + path: "{{ l2fwd_dest }}" + state: directory + +- name: fetch dpdk + get_url: + url: "{{ l2fwd_url }}" + dest: "{{ l2fwd_dest }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 + +- unarchive: + src: "{{ l2fwd_dest }}/{{ l2fwd_file }}" + dest: "{{ l2fwd_dest }}/" + copy: no + mode: 0777 diff --git a/ansible/roles/download_pktgen/defaults/main.yml b/ansible/roles/download_pktgen/defaults/main.yml new file mode 100644 index 000000000..b598e1d56 --- /dev/null +++ b/ansible/roles/download_pktgen/defaults/main.yml @@ -0,0 +1,8 @@ +--- +pktgen_version: "3.2.12" +pktgen_url: "http://dpdk.org/browse/apps/pktgen-dpdk/snapshot/pktgen-{{ pktgen_version }}.zip" +pktgen_file: "{{ pktgen_url|basename }}" +pktgen_unarchive: "{{ pktgen_file|regex_replace('[.]zip$', '') }}" +pktgen_dest: "{{ clone_dest }}/" +pktgen_sha256s: + "3.2.12": "sha256:a20aeb677fb847c0871acabb6e8f965ba3485e92f92e86e0bb5dc11c787b11d8" diff --git a/ansible/roles/download_pktgen/tasks/main.yml b/ansible/roles/download_pktgen/tasks/main.yml new file mode 100644 index 000000000..b5ac8cfe8 --- /dev/null +++ b/ansible/roles/download_pktgen/tasks/main.yml @@ -0,0 +1,42 @@ +# Copyright (c) 2018 Huawei Technologies Co.,Ltd and others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- file: + path: "{{ pktgen_dest }}" + state: directory + +- name: fetch pktgen + get_url: + url: "{{ pktgen_url }}" + dest: "{{ pktgen_dest }}" + validate_certs: False + checksum: "{{ pktgen_sha256s[pktgen_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 + +- unarchive: + src: "{{ pktgen_dest }}/{{ pktgen_file }}" + dest: "{{ pktgen_dest }}/" + copy: no + +- name: cleanup tar file to save space + file: + path: "{{ pktgen_dest }}/{{ pktgen_file }}" + state: absent + +- set_fact: + pktgen_path: "{{ pktgen_dest }}/{{ pktgen_unarchive }}" + diff --git a/ansible/roles/download_samplevnfs/defaults/main.yml b/ansible/roles/download_samplevnfs/defaults/main.yml index e40eb67c0..2ae4d6159 100644 --- a/ansible/roles/download_samplevnfs/defaults/main.yml +++ b/ansible/roles/download_samplevnfs/defaults/main.yml @@ -1,4 +1,17 @@ --- +# samplevnf_version must be a valid version accepted by "git checkout" +# It can be either: +# - a branch name: fetch branch latest commits, as of installation time +# - a tag name: frozen and reproducible, from stable branches, or +# - a commit id: frozen and reproducible, from any branch +# Some examples: +# - branch name: "master", "stable/gambia", "stable/fraser" +# - tag name: "opnfv-6.2.0" +# - commit id: "3afd384b7e68a3cd29f4d2cdf39785f8441d0b6f" +# Please refer to https://git.opnfv.org/samplevnf for possible values +# beyond the one specified below + samplevnf_url: "https://git.opnfv.org/samplevnf" samplevnf_dest: "{{ clone_dest }}/samplevnf" -samplevnf_version: "stable/euphrates" +samplevnf_version: "47123bfc1b3c0d0b01884aebbce1a3e09ad7ddb0" +path_json: "{{ INSTALL_BIN_PATH }}/{{ inventory_hostname | basename }}_sample_vnf.json" diff --git a/ansible/roles/download_samplevnfs/tasks/main.yml b/ansible/roles/download_samplevnfs/tasks/main.yml index e9d4142c9..f98f2a42d 100644 --- a/ansible/roles/download_samplevnfs/tasks/main.yml +++ b/ansible/roles/download_samplevnfs/tasks/main.yml @@ -27,3 +27,7 @@ - set_fact: samplevnf_path: "{{ samplevnf_dest }}" + +- file: + dest: "{{ path_json }}" + state: absent diff --git a/ansible/roles/download_trex/defaults/main.yml b/ansible/roles/download_trex/defaults/main.yml index 6e8fa7020..cbaae1d84 100644 --- a/ansible/roles/download_trex/defaults/main.yml +++ b/ansible/roles/download_trex/defaults/main.yml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -trex_version: v2.28 +trex_version: v2.41 trex_url: "https://trex-tgn.cisco.com/trex/release/{{ trex_version }}.tar.gz" trex_file: "{{ trex_url|basename }}" trex_unarchive: "{{ trex_file|regex_replace('[.]tar.gz$', '') }}" @@ -20,3 +20,4 @@ trex_dest: "{{ clone_dest }}/" trex_sha256s: "v2.20": "sha256:eb5a069f758a36133a185c7e27af10834ca03d11441165403529fbd7844658fb" "v2.28": "sha256:c3f08aabbd69dddb09843984d41acbe9ba1af6a6ef3380a7830f7c9e33134207" + "v2.41": "sha256:aa4122d82cc7b25a16a20d6dd465eccd89e31c51816d4103765b86d06a8b9810" diff --git a/ansible/roles/download_trex/tasks/main.yml b/ansible/roles/download_trex/tasks/main.yml index baa964fd8..44449a9c0 100644 --- a/ansible/roles/download_trex/tasks/main.yml +++ b/ansible/roles/download_trex/tasks/main.yml @@ -12,12 +12,21 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- name: make sure trex_dest exists + file: + path: "{{ trex_dest }}" + state: directory + - name: fetch Trex get_url: url: "{{ trex_url }}" dest: "{{ trex_dest }}" validate_certs: False checksum: "{{ trex_sha256s[trex_version] }}" + register: package_result + until: package_result is succeeded + retries: 10 + delay: 5 - name: unarchive Trex unarchive: diff --git a/ansible/roles/enable_cpu_isolation_on_boot/defaults/main.yml b/ansible/roles/enable_cpu_isolation_on_boot/defaults/main.yml new file mode 100644 index 000000000..fda366682 --- /dev/null +++ b/ansible/roles/enable_cpu_isolation_on_boot/defaults/main.yml @@ -0,0 +1,21 @@ +# Copyright (c) 2018-2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +grub_file: "/etc/default/grub" +isolcpus_help_string: ' # added by Yardstick ansible isolcpus role' +isolcpu_params: " isolcpus={{ ISOL_CPUS }} nohz=on nohz_full={{ ISOL_CPUS }} rcu_nocbs={{ ISOL_CPUS }}" +enable_isolcpu: 'GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX{{ isolcpu_params }}"' +update_grub: + Debian: "update-grub2" + RedHat: "grub2-mkconfig -o /boot/grub2/grub.cfg" diff --git a/ansible/roles/enable_cpu_isolation_on_boot/tasks/main.yml b/ansible/roles/enable_cpu_isolation_on_boot/tasks/main.yml new file mode 100644 index 000000000..e11288bfd --- /dev/null +++ b/ansible/roles/enable_cpu_isolation_on_boot/tasks/main.yml @@ -0,0 +1,59 @@ +# Copyright (c) 2018-2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Check if isolcpus is set by this role in {{ grub_file}} + lineinfile: + path: "{{ grub_file }}" + regexp: '{{ isolcpus_help_string }}' + state: absent + check_mode: yes + register: is_nsb_isolcpus_role + ignore_errors: True + +- name: Check if isolcpus is set by someone else + lineinfile: + path: "{{ grub_file }}" + regexp: "isolcpus=" + state: absent + check_mode: yes + register: is_isolcpu + ignore_errors: True + +- name: Send warning that CPU isolation cannot be configured + debug: + msg: "WARNING: CPU isolation is not configured" + when: + - not is_nsb_isolcpus_role.changed and not is_isolcpu.changed + - ISOL_CPUS is not defined + +- name: Send info that CPU isolation configured by someone else + debug: + msg: "INFO: NOT modified, CPU isolation is already configured by someone." + when: + - not is_nsb_isolcpus_role.changed and is_isolcpu.changed + +- name: Add/update isolcpus when ISOL_CPUS is defined and not set at all or set by this role + lineinfile: + path: "{{ grub_file }}" + regexp: "{{ isolcpus_help_string }}" + line: '{{ enable_isolcpu }} {{ isolcpus_help_string }}' + when: + - is_nsb_isolcpus_role.changed or not is_nsb_isolcpus_role.changed and not is_isolcpu.changed + - ISOL_CPUS is defined + +- name: Update grub for bare metal usage + command: "{{ update_grub[ansible_os_family] }}" + when: + - is_nsb_isolcpus_role.changed or not is_nsb_isolcpus_role.changed and not is_isolcpu.changed + - ISOL_CPUS is defined diff --git a/ansible/roles/enable_hugepages_on_boot/tasks/main.yml b/ansible/roles/enable_hugepages_on_boot/tasks/main.yml index 75526eb19..f84e07545 100755 --- a/ansible/roles/enable_hugepages_on_boot/tasks/main.yml +++ b/ansible/roles/enable_hugepages_on_boot/tasks/main.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation +# Copyright (c) 2017-2019 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. --- -- name: check if hugepages are set by this role +- name: Check if hugepages are set by this role command: "grep -o '{{ hugepage_param_regex }}' /etc/default/grub" register: is_mine_huge ignore_errors: True @@ -22,46 +22,32 @@ # stat: path="/sys/firmware/efi" # register: efi -- name: check if hugepages are set by someone else +- name: Check if hugepages are set by someone else command: "grep -o 'default_hugepagesz=' /etc/default/grub" register: is_huge ignore_errors: True -- fail: +- debug: msg: "Hugepages already set by someone else" when: is_mine_huge.stdout == "" and is_huge.stdout != "" -- name: configure hugepages as idempotent block +- name: Configure hugepages as idempotent block block: - - name: use 8 for auto num_hugepages and 1G size + - name: Use 8 for auto num_hugepages and 1G size set_fact: num_hugepages: 8 when: num_hugepages|default("auto") == "auto" - - name: set hugepages in grub + - name: Set hugepages in grub lineinfile: dest: /etc/default/grub regexp: '{{ hugepage_param_regex }}' line: '{{ hugepage_param }}' state: present - - name: create hugetables mount - file: - path: "{{ hugetable_mount }}" - state: directory - - - name: mount hugetlbfs - mount: - name: "{{ hugetable_mount }}" - src: nodev - fstype: hugetlbfs - state: present - - - service: - name: procps - enabled: yes - - include: manual_modify_grub.yml # only tested on Ubuntu, kernel line is probably different on other distros when: ansible_distribution == "Ubuntu" - when: is_mine_huge.stdout == "" + when: + - is_mine_huge.stdout == "" + - is_huge.stdout == "" diff --git a/ansible/roles/enable_iommu_on_boot/tasks/main.yml b/ansible/roles/enable_iommu_on_boot/tasks/main.yml new file mode 100644 index 000000000..2772a5d52 --- /dev/null +++ b/ansible/roles/enable_iommu_on_boot/tasks/main.yml @@ -0,0 +1,79 @@ +# Copyright (c) 2017-2018 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Set iommu_boot_params for Intel + set_fact: + iommu_boot_params: ' intel_iommu=on iommu=pt' + when: hostvars[inventory_hostname]['ansible_system_vendor'] == "Intel Corporation" + +- name: Set iommu_boot_params for AMD + set_fact: + iommu_boot_params: ' amd_iommu=on iommu=pt' + when: hostvars[inventory_hostname]['ansible_system_vendor'] == "AuthenticAMD" + +- block: + - name: Define grub string for IOMMU + set_fact: + enable_iommu: 'GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX{{ iommu_boot_params }}' + + - name: check if iommu is set by this role in {{ grub_file}} + lineinfile: + path: "{{ grub_file}}" + regexp: '{{ iommu_help_string }}' + line: '{{ iommu_help_string }}' + state: absent + check_mode: yes + register: is_nsb_iommu_role + ignore_errors: True + + - name: Check if IOMMU is set by someone else + lineinfile: + path: "{{ grub_file}}" + regexp: "_iommu=" + line: '{{ iommu_help_string }}' + state: absent + check_mode: yes + register: is_iommu + ignore_errors: True + + - name: Send info that IOMMU is configured by someone else + debug: + msg: "INFO: NOT modified, IOMMU is already configured by someone." + when: + - not is_nsb_iommu_role.changed + - is_iommu.changed + + - block: + - name: Add IOMMU when it is not set + lineinfile: + path: "{{ grub_file }}" + regexp: "{{ iommu_help_string }}" + line: '{{ enable_iommu }}" {{ iommu_help_string }}' + + - name: find boot grub.cfg + find: + paths: /boot + file_type: file + patterns: 'grub*.cfg' + recurse: yes + register: grub_files + + - include: manual_modify_grub.yml + # only tested on Ubuntu, kernel line is probably different on other distros + with_items: "{{ grub_files.files }}" + when: + - ansible_distribution == "Ubuntu" + - not is_nsb_iommu_role.changed + - not is_iommu.changed + when: iommu_boot_params is defined diff --git a/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml b/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml new file mode 100644 index 000000000..e0c880912 --- /dev/null +++ b/ansible/roles/enable_iommu_on_boot/tasks/manual_modify_grub.yml @@ -0,0 +1,32 @@ +# Copyright (c) 2017-2018 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: check if iommu is set by this role in /boot grub.cfg files + lineinfile: + path: "{{ item.path }}" + regexp: '{{ iommu_boot_params }}' + line: '{{ iommu_boot_params }}' + state: absent + check_mode: yes + register: is_mine_iommu_boot_grub + ignore_errors: True + +- name: added iommu to grub manually because we can't run update-grub in chroot + replace: + path: "{{ item.path }}" + regexp: '(.*linux\s+/boot/vmlinuz.*)$' + replace: '\1{{ iommu_boot_params }}' + when: not is_mine_iommu_boot_grub.changed + +- debug: var=ansible_kernel diff --git a/ansible/roles/enable_iommu_on_boot/vars/main.yml b/ansible/roles/enable_iommu_on_boot/vars/main.yml new file mode 100644 index 000000000..d2575ffd6 --- /dev/null +++ b/ansible/roles/enable_iommu_on_boot/vars/main.yml @@ -0,0 +1,19 @@ +# Copyright (c) 2017-2018 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +grub_file: "/etc/default/grub" +iommu_help_string: ' # added by Yardstick ansible iommu role' +update_grub: + Debian: "update-grub2" + RedHat: "grub2-mkconfig -o /boot/grub2/grub.cfg" diff --git a/ansible/roles/infra_check_requirements/tasks/main.yml b/ansible/roles/infra_check_requirements/tasks/main.yml new file mode 100644 index 000000000..991bd7383 --- /dev/null +++ b/ansible/roles/infra_check_requirements/tasks/main.yml @@ -0,0 +1,80 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Reread system properties + setup: + +- name: Include + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- name: Store total CPU, RAM, Disk requested resources + set_fact: + vcpu_t: "{{ item.vcpus|int + vcpu_t | int }}" + vram_t: "{{ item.ram|int + vram_t | int }}" + disk_t: "{{ item.disk|int + disk_t | int }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Fail if not enough RAM + fail: + msg: "Failed, not enough RAM, required: {{ vram_t }}, available {{ ansible_memory_mb.nocache.free }}" + when: ansible_memory_mb.nocache.free < vram_t | int + +- name: Fail if not enough CPU + fail: + msg: "Failed, not enough CPU, required: {{ vcpu_t }}, available {{ ansible_processor_vcpus }}" + when: ansible_processor_vcpus < vcpu_t | int + +- name: Define default network counter + set_fact: + num_default_network_detected: 0 + +- name: Increment counter for every default network detected + set_fact: + num_default_network_detected: "{{ num_default_network_detected | int + 1 }}" + when: + - item.default_gateway is defined + - item.default_gateway == True + with_items: "{{ infra_deploy_vars.networks }}" + +- name: Fail if more than 1 or 0 default networks + fail: + msg: "Failed, there must be 1 default network: {{ num_default_network_detected }} detected" + when: num_default_network_detected | int != 1 + +- name: Fail if not enough Disk space + set_fact: + disk_avail: "{% for mount in ansible_mounts if mount.mount == '/' %}{{ (mount.size_available/1024/1024) | int }}{% endfor %}" +- fail: + msg: "Failed, not enough disk space, required {{ disk_t }}, available: {{ disk_avail }}" + when: disk_avail|int < disk_t | int + +- set_fact: + ostack_nodes: "{{ ostack_nodes | default([]) + [item.openstack_node] }}" + when: item.openstack_node is defined + with_items: "{{ infra_deploy_vars.nodes }}" + +# all-in-one node node type must be controller, multinode requires at least one controller and one compute node +- fail: + msg: "OpenStack node types currently supported: controller, compute. Check input VMs file." + when: ostack_nodes is undefined or ostack_nodes | length < 1 + +- fail: + msg: "In all-in-one configuration OpenStack node type must be controller." + when: ostack_nodes | length == 1 and 'controller' not in ostack_nodes + +- fail: + msg: "At least one controller and one compute node expected when total number of OpenStack nodes is more than one." + when: ostack_nodes | length > 1 and not ('compute' in ostack_nodes and 'controller' in ostack_nodes) diff --git a/ansible/roles/infra_check_requirements/vars/main.yml b/ansible/roles/infra_check_requirements/vars/main.yml new file mode 100644 index 000000000..219c33875 --- /dev/null +++ b/ansible/roles/infra_check_requirements/vars/main.yml @@ -0,0 +1,17 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +vcpu_t: 0 +vram_t: 0 +disk_t: 0 diff --git a/ansible/roles/infra_create_network/tasks/create_xml.yml b/ansible/roles/infra_create_network/tasks/create_xml.yml new file mode 100644 index 000000000..345b77927 --- /dev/null +++ b/ansible/roles/infra_create_network/tasks/create_xml.yml @@ -0,0 +1,91 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Define XML file name + set_fact: + xml_file: "{{ '/tmp/'+item.name+'.xml' }}" + +- name: Delete the file, if exists + file: + path: "{{ xml_file }}" + state: absent + +- name: Create a new empty file + file: + path: "{{ xml_file }}" + state: touch + +- name: Add root "network" node + blockinfile: + path: "{{ xml_file }}" + marker: "" + content: | + <network> + </network> + +- name: Add new children nodes to "network" node + xml: + path: "{{ xml_file }}" + xpath: /network + add_children: + - name: "{{ item.name }}" + - forward: + mode: nat + - bridge: + name: "{{ item.name }}" + stp: "on" + delay: "0" + - ip: + address: "{{ item.host_ip }}" + netmask: "{{ item.netmask }}" + pretty_print: yes + +- name: Add new children nodes to "forward" node + xml: + path: "{{ xml_file }}" + xpath: /network/forward + add_children: + - nat + pretty_print: yes + +- name: Add new children nodes to "nat" node + xml: + path: "{{ xml_file }}" + xpath: /network/forward/nat + add_children: + - port: + start: "1024" + end: "65535" + pretty_print: yes + +- name: Define the networks + virt_net: + command: define + name: "{{ item.name }}" + xml: "{{ lookup('file', xml_file) }}" + +- name: Set autostart to yes + virt_net: + autostart: yes + name: "{{ item.name }}" + +- name: Start the networks + virt_net: + command: start + name: "{{ item.name }}" + +- name: Remove XML file + file: + path: "{{ xml_file }}" + state: absent diff --git a/ansible/roles/infra_create_network/tasks/main.yml b/ansible/roles/infra_create_network/tasks/main.yml new file mode 100644 index 000000000..025a775a1 --- /dev/null +++ b/ansible/roles/infra_create_network/tasks/main.yml @@ -0,0 +1,22 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- name: Create XML file + include_tasks: create_xml.yml + with_items: "{{ infra_deploy_vars.networks }}" diff --git a/ansible/roles/infra_create_vms/tasks/configure_vm.yml b/ansible/roles/infra_create_vms/tasks/configure_vm.yml new file mode 100644 index 000000000..a6a5e0618 --- /dev/null +++ b/ansible/roles/infra_create_vms/tasks/configure_vm.yml @@ -0,0 +1,354 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Remove directory + file: + path: "{{ '/tmp/'+node_item.hostname }}" + state: absent + +- name: Create directory + file: + path: "{{ '/tmp/'+node_item.hostname }}" + state: directory + mode: 0755 + +- name: Define user-data file name + set_fact: + user_data: "{{ '/tmp/'+node_item.hostname+'/user-data' }}" + +- name: Define image-dir + set_fact: + image_dir: "{{ '/var/lib/libvirt/images/' }}" + +- name: Create a new empty file for user-data + file: + path: "{{ user_data }}" + state: touch + +- name: Add user-data + blockinfile: + path: "{{ user_data }}" + marker: "MARKER" + content: | + #cloud-config + preserve_hostname: False + hostname: {{ node_item.hostname }} + output: + all: ">> /var/log/cloud-init.log" + ssh_pwauth: True + users: + - name: {{ node_item.user }} + lock-passwd: False + plain_text_passwd: {{ node_item.password }} + chpasswd: { expire: False } + sudo: ALL=(ALL) NOPASSWD:ALL + ssh_pwauth: True + +- name: Remove the marker + lineinfile: + dest: "{{ user_data }}" + state: absent + regexp: "MARKER" + +- name: Define network-config file name + set_fact: + network_config: "{{ '/tmp/'+node_item.hostname+'/network-config' }}" + +- name: Create a new empty file for network-config + file: + path: "{{ network_config }}" + state: touch + +- name: Add network-data + blockinfile: + path: "{{ network_config }}" + marker: "MARKER" + content: | + version: 2 + ethernets: + +- name: Define meta-data file name + set_fact: + meta_data: "{{ '/tmp/'+node_item.hostname+'/meta-data' }}" + +- name: Create a new empty file for meta-data + file: + path: "{{ meta_data }}" + state: touch + +- name: Add meta-data + blockinfile: + path: "{{ meta_data }}" + marker: "MARKER" + content: | + instance-id: {{ node_item.hostname }} + local-hostname: {{ node_item.hostname }} + +- name: Remove the marker + lineinfile: + dest: "{{ meta_data }}" + state: absent + regexp: "MARKER" + +- name: Define xml file name + set_fact: + xml_file: "{{ '/tmp/'+node_item.hostname+'/'+node_item.hostname+'.xml' }}" + +- name: Create a new empty file for xml file + file: + path: "{{ xml_file }}" + state: touch + +- name: Add root "domain" node + blockinfile: + path: "{{ xml_file }}" + marker: "" + content: | + <domain> + </domain> + +- name: Add "type" attribute to "domain" node + xml: + path: "{{ xml_file }}" + xpath: /domain + attribute: type + value: "kvm" + pretty_print: yes + +- name: Add new children nodes to "domain" node + xml: + path: "{{ xml_file }}" + xpath: /domain + add_children: + - name: "{{ node_item.hostname }}" + - memory: "{{ node_item.ram }}" + - vcpu: "{{ node_item.vcpus }}" + - os + - cpu + - devices + pretty_print: yes + +- name: Add "unit" attribute to "memory" node + xml: + path: "{{ xml_file }}" + xpath: /domain/memory + attribute: unit + value: "MB" + pretty_print: yes + +- name: Add "placement" attribute to "vcpu" node + xml: + path: "{{ xml_file }}" + xpath: /domain/vcpu + attribute: placement + value: "static" + pretty_print: yes + +- name: Add new children nodes to "os" node + xml: + path: "{{ xml_file }}" + xpath: /domain/os + add_children: + - type: "hvm" + - boot + pretty_print: yes + +- name: Add "arch" attribute to "type" node + xml: + path: "{{ xml_file }}" + xpath: /domain/os/type + attribute: arch + value: "x86_64" + pretty_print: yes + +- name: Add "dev" attribute to "boot" node + xml: + path: "{{ xml_file }}" + xpath: /domain/os/boot + attribute: dev + value: "hd" + pretty_print: yes + +- name: Add new children nodes to "cpu" node + xml: + path: "{{ xml_file }}" + xpath: /domain/cpu + add_children: + - cache + pretty_print: yes + +- name: Add "mode" attribute to "cpu" node + xml: + path: "{{ xml_file }}" + xpath: /domain/cpu + attribute: mode + value: "host-passthrough" + pretty_print: yes + +- name: Add "mode" attribute to "cache" node + xml: + path: "{{ xml_file }}" + xpath: /domain/cpu/cache + attribute: mode + value: "passthrough" + pretty_print: yes + +- name: Add new children nodes to "devices" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices + add_children: + - disk: + type: file + device: disk + - controller: + type: virtio-serial + index: '0' + - serial: + type: pty + - console: + type: pty + tty: '/dev/pts/14' + - graphics: + type: vnc + port: '-1' + autoport: 'yes' + pretty_print: yes + +- name: Add new children nodes to "disk" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/disk + add_children: + - driver: + name: qemu + type: qcow2 + - source: + file: "{{ '/var/lib/libvirt/images/'+node_item.hostname+'.qcow2' }}" + - target: + dev: vda + bus: virtio + - alias: + name: virtio-disk0 + pretty_print: yes + +- name: Add new children nodes to "graphics" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/graphics + add_children: + - listen: + type: address + address: 0.0.0.0 + pretty_print: yes + +- name: Add new children nodes to "devices" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices + add_children: + - disk: + type: file + device: cdrom + pretty_print: yes + +- name: Add new children nodes to "disk" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/disk + add_children: + - source: + file: "{{ '/var/lib/libvirt/images/'+node_item.hostname+'-ci-data.img' }}" + - target: + dev: hdb + bus: ide + - readonly + pretty_print: yes + +- name: Configure controller + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/controller + add_children: + - alias: + name: virtio-serial0 + pretty_print: yes + +- name: Configure serial + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/serial + add_children: + - source: + path: '/dev/pts/14' + - target: + port: '0' + - alias: + name: 'serial0' + pretty_print: yes + +- name: Configure console + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/console + add_children: + - source: + path: '/dev/pts/14' + - target: + port: '0' + type: 'serial' + - alias: + name: 'serial0' + pretty_print: yes + +- set_fact: + slot_address: 5 + +- name: Populate network-config and add interface to xml file + include_tasks: create_interfaces.yml + extra_vars: "{{ network_config xml_file slot_address mac_address_counter }}" + loop_control: + loop_var: interface_item + with_items: "{{ node_item.interfaces }}" + +- name: Create directory + file: + path: "{{ '/tmp/'+node_item.hostname }}" + state: directory + mode: 0755 + +- name: Generate iso image + shell: > + genisoimage -output {{ image_dir+node_item.hostname+'-ci-data.img' }} -volid cidata -joliet + -r {{ '/tmp/'+node_item.hostname+'/network-config' }} {{ '/tmp/'+node_item.hostname+'/user-data' }} {{ '/tmp/'+node_item.hostname+'/meta-data' }} + &>> {{ '/tmp/'+node_item.hostname+'/hostname.log' }} + +- name: Copy and convert the ubuntu image + shell: > + qemu-img convert -O qcow2 {{ node_item.image }} {{ image_dir+node_item.hostname+'.qcow2' }} + +- name: Resize image + shell: > + qemu-img resize {{ image_dir+node_item.hostname+'.qcow2' }} {{ node_item.disk }}M + +- name: Define the VMs + virt: + command: define + name: "{{ node_item.hostname }}" + xml: "{{ lookup('file', '/tmp/'+node_item.hostname+'/'+node_item.hostname+'.xml') }}" + +- name: Start the VMs + virt: + command: create + name: "{{ node_item.hostname }}" diff --git a/ansible/roles/infra_create_vms/tasks/create_interfaces.yml b/ansible/roles/infra_create_vms/tasks/create_interfaces.yml new file mode 100644 index 000000000..12b2726dc --- /dev/null +++ b/ansible/roles/infra_create_vms/tasks/create_interfaces.yml @@ -0,0 +1,84 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- set_fact: + mac_address_arg: "mac_address" + +- set_fact: + mac_address_arg: "macaddress" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 18 + +- name: Add network-data + blockinfile: + path: "{{ network_config }}" + insertafter: 'ethernets:' + marker: "MARKER" + block: |2 + {{ 'enp0s%d:'| format( slot_address | int) }} + match: + {{ mac_address_arg }}: {{ '52:54:00:5d:7d:%02x'| format( mac_address_counter | int) }} + addresses: + - {{ interface_item.ip }}/{{ (interface_item.ip + '/' + interface_item.netmask) | ipaddr('prefix') }} + +- name: Add default gateway + blockinfile: + path: "{{ network_config }}" + insertafter: "{{ interface_item.ip }}" + marker: "MARKER" + block: |2 + gateway4: {{ default_bridge.host_ip }} + when: + - default_bridge is defined + - default_bridge.name == interface_item.network + +- name: Remove the marker introduced in network-data + lineinfile: + dest: "{{ network_config }}" + state: absent + regexp: "MARKER" + +- name: Add new children nodes to "domain" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices + add_children: + - interface: + type: 'bridge' + pretty_print: yes + +- name: Add new children nodes to "domain" node + xml: + path: "{{ xml_file }}" + xpath: /domain/devices/interface + add_children: + - source: + bridge: "{{ interface_item.network }}" + - model: + type: 'virtio' + - address: + type: 'pci' + domain: '0x0000' + bus: '0x00' + slot: "{{ '0x%02x'| format( slot_address | int) }}" + function: '0x0' + - mac: + address: "{{ '52:54:00:5d:7d:%02x'| format( mac_address_counter | int) }}" + pretty_print: yes + +- set_fact: + slot_address: "{{ slot_address | int + 1 }}" +- set_fact: + mac_address_counter: "{{ mac_address_counter | int + 1 }}" diff --git a/ansible/roles/infra_create_vms/tasks/main.yml b/ansible/roles/infra_create_vms/tasks/main.yml new file mode 100644 index 000000000..b422a9205 --- /dev/null +++ b/ansible/roles/infra_create_vms/tasks/main.yml @@ -0,0 +1,45 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- set_fact: + mac_address_counter: 0 + +- set_fact: + default_bridge: "{{ item }}" + when: + - item.default_gateway is defined + - item.default_gateway == True + with_items: "{{ infra_deploy_vars.networks }}" + +- name: Create XML file + include_tasks: configure_vm.yml + loop_control: + loop_var: node_item + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Create list of dictionaries with vm name, ip address + set_fact: + vm_name_ip: "{{ vm_name_ip|default([]) + [{item.hostname: item.interfaces[1].ip}] }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Make sure VM is reachable + include_tasks: validate_vms.yml + loop_control: + loop_var: name_ip + with_items: "{{ vm_name_ip }}" diff --git a/ansible/roles/infra_create_vms/tasks/validate_vms.yml b/ansible/roles/infra_create_vms/tasks/validate_vms.yml new file mode 100644 index 000000000..ce5eff211 --- /dev/null +++ b/ansible/roles/infra_create_vms/tasks/validate_vms.yml @@ -0,0 +1,54 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Validate if VM is responding + wait_for: + host: "{{ item.value }}" + port: 22 + timeout: 10 + with_dict: "{{ name_ip }}" + register: result + ignore_errors: yes + +- name: Stop VM if it is not responding + virt: + name: "{{ item.key }}" + command: destroy + when: result is failed + with_dict: "{{ name_ip }}" + +- name: Wait for VM is being stopped + pause: + seconds: 10 + when: result is failed + +- name: Start VM + virt: + name: "{{ item.key }}" + command: start + when: result is failed + with_dict: "{{ name_ip }}" + +- name: Validate if VM is responding + wait_for: + host: "{{ item.value }}" + port: 22 + timeout: 10 + when: result is failed + with_dict: "{{ name_ip }}" + register: result + +- fail: + msg: "FAILED on {{ name_ip }}" + when: result is failed diff --git a/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml b/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml new file mode 100644 index 000000000..9713c0d1e --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/configure_kolla.yml @@ -0,0 +1,40 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Modify globals.yml + replace: + path: /etc/kolla/globals.yml + regexp: "{{ item.find }}" + replace: "{{ item.insert_after }}" + with_items: + - { find: '^#kolla_base_distro:.*', insert_after: 'kolla_base_distro: "ubuntu"' } + - { find: '^#kolla_install_type:.*', insert_after: 'kolla_install_type: "source"' } + - { find: '^#openstack_release:.*', insert_after: 'openstack_release: "pike"' } + - { find: 'kolla_internal_vip_address:.*', insert_after: 'kolla_internal_vip_address: "{{ deployvm_ip }}"' } + - { find: '^#network_interface:.*', insert_after: 'network_interface: "{{ hostvars[ansible_host].ansible_default_ipv4.interface }}"' } + - { find: '^#neutron_external_interface:.*', insert_after: 'neutron_external_interface: "{{ neutron_iface }}"' } + - { find: '^#enable_haproxy:.*', insert_after: 'enable_haproxy: "no"'} + - { find: '^#enable_heat:.*' , insert_after: 'enable_heat: "yes"'} + - { find: '^#docker_registry:.*', insert_after: 'docker_registry: "{{ ansible_host }}:4000"' } + +- name: Generate multinode from inventory + template: + src: templates/multinode.j2 + dest: "{{ git_repos_path + 'multinode' }}" + +- set_fact: + path2multinode: "{{ git_repos_path + kolla_ans_path + '/ansible/inventory/multinode' }}" + +- name: Append rest groups to multinode file + shell: line=`grep -n '\[deployment\]' {{ path2multinode }} | cut -d ':' -f1` && tail -n +$line {{ path2multinode }} >> "{{ git_repos_path + 'multinode' }}" diff --git a/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml b/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml new file mode 100644 index 000000000..3963cb64c --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/configure_openstack.yml @@ -0,0 +1,67 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Create folders + file: + path: "{{ item }}" + state: directory + with_items: + - /etc/kolla/config/nova + - /etc/kolla/config/neutron + +- set_fact: + filter_ops: RetryFilter,AvailabilityZoneFilter,RamFilter,DiskFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,SameHostFilter + +- name: Configure OpenStack Nova + copy: + content: | + [filter_scheduler] + enabled_filters = {{ filter_ops }} + [libvirt] + cpu_mode = host-passthrough + dest: /etc/kolla/config/nova.conf + +- name: Configure OpenStack Neutron + copy: + content: | + [DEFAULT] + service_plugins=neutron.services.l3_router.l3_router_plugin.L3RouterPlugin + [securitygroup] + firewall_driver = neutron.agent.firewall.NoopFirewallDriver + [ml2] + extension_drivers=port_security + [agent] + extensions=port_security + dest: /etc/kolla/config/neutron.conf + +- name: Configure OpenStack ml2_plugin.ini + copy: + content: | + [ml2] + tenant_network_types = vxlan + extension_drivers = port_security + type_drivers = vlan,flat,local,vxlan + mechanism_drivers = openvswitch + [ml2_type_flat] + flat_networks = physnet1 + [ml2_type_vlan] + network_vlan_ranges = physnet1 + [securitygroup] + firewall_driver = iptables_hybrid + [ovs] + datapath_type = system + bridge_mappings = physnet1:br-ex + tunnel_bridge = br-tun + local_ip = {{ deployvm_ip }} + dest: /etc/kolla/config/neutron/ml2_plugin.ini diff --git a/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml b/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml new file mode 100644 index 000000000..38c163c6c --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/install_kolla.yml @@ -0,0 +1,54 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Download kolla and kolla-ansible from git repos + git: + repo: "{{ item.repo }}" + dest: "{{ git_repos_path + item.dir }}" + version: stable/pike + with_items: + - { dir: "{{ kolla_path }}", repo: 'https://git.openstack.org/openstack/kolla'} + - { dir: "{{ kolla_ans_path }}", repo: 'https://git.openstack.org/openstack/kolla-ansible' } + +- name: Copy kolla-ansible password.yml and globals.yml + shell: cp -r "{{ git_repos_path + kolla_ans_path + '/etc/kolla/' }}" /etc/ + +- name: Copy kolla-ansible all-in-one, multinode + shell: cp * "{{ git_repos_path }}" + args: + chdir: "{{ git_repos_path + kolla_ans_path + '/ansible/inventory/' }}" + +- name: Install requirements + pip: + chdir: "{{ item[0] }}" + requirements: "{{ item[1] }}" + with_nested: + - [ "{{ git_repos_path + kolla_path }}", "{{ git_repos_path + kolla_ans_path }}" ] + - [ 'requirements.txt', 'test-requirements.txt' ] + +- name: pip install . + pip: + chdir: "{{ item }}" + name: '.' + with_items: + - "{{ git_repos_path + kolla_path }}" + - "{{ git_repos_path + kolla_ans_path }}" + +- name: Run setup.py + shell: "python setup.py install" + args: + chdir: "{{ item }}" + with_items: + - "{{ git_repos_path + kolla_path }}" + - "{{ git_repos_path + kolla_ans_path }}" diff --git a/ansible/roles/infra_deploy_openstack/tasks/main.yml b/ansible/roles/infra_deploy_openstack/tasks/main.yml new file mode 100644 index 000000000..ba5d5bc54 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/main.yml @@ -0,0 +1,125 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# This script is based on https://docs.openstack.org/kolla-ansible/pike/user/quickstart.html +- name: Include variables + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- set_fact: + traffic_ip: "{{ item.interfaces[1].ip }}" + when: item.hostname == ansible_host + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Get neutron iface + set_fact: + neutron_iface: "{{ item }}" + when: + - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4 is defined + - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4.address is defined + - hostvars[ansible_host]['ansible_' + item.replace('-', '_')].ipv4.address == traffic_ip + with_items: "{{ hostvars[ansible_host].ansible_interfaces }}" + +- name: Create a registry container + docker_container: + name: registry + image: registry:2 + restart_policy: always + ports: + - "4000:5000" + +- name: Download and install Kolla + include_tasks: install_kolla.yml + +- name: Configure Kolla + include_tasks: configure_kolla.yml + +- name: Configure Open Stack + include_tasks: configure_openstack.yml + +- name: Ramp up Open Stack + include_tasks: rampup_openstack.yml + +- name: Update admin-openrc.sh + lineinfile: + path: /etc/kolla/admin-openrc.sh + regexp: "{{ item.find }}" + line: "{{ item.add }}" + with_items: + - { find: 'EXTERNAL_NETWORK', add: 'export EXTERNAL_NETWORK=public' } + - { find: 'OS_AUTH_TYPE', add: 'export OS_AUTH_TYPE=password' } + +- name: Copy env file + shell: cp /etc/kolla/admin-openrc.sh /tmp/admin-openrc.yaml + +- name: Rework as env vars + replace: + path: /tmp/admin-openrc.yaml + regexp: 'export\s+(.*)=(.*)' + replace: '\1: \2' + +- name: Download OpenStack env file + fetch: + src: /tmp/admin-openrc.yaml + dest: /tmp/ + flat: yes + +- include_vars: + file: /tmp/admin-openrc.yaml + name: ostack_env + +- name: Re-assign IP address + shell: ip address show {{ neutron_iface }} | awk '/inet/ {print $2}' + when: neutron_iface is defined + register: ip_netmask + +- shell: > + ip addr del dev {{ neutron_iface }} {{ ip_netmask.stdout }} && + ip addr add dev br-ex {{ infra_deploy_vars.networks[1].host_ip }}/{{ ip_netmask.stdout_lines[0].split('/')[1] }} + when: + - neutron_iface is defined + - ip_netmask.stdout | length > 0 + +- name: Create external network + os_network: + name: public + external: yes + provider_physical_network: physnet1 + provider_network_type: flat + environment: + - no_proxy: "{{ lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" + - "{{ ostack_env }}" + +- name: Create sub-network + os_subnet: + name: public-subnet + network_name: public + cidr: "{{ ip_netmask.stdout }}" + allocation_pool_start: "{{ infra_deploy_vars.networks[1].dhcp_ip_start }}" + allocation_pool_end: "{{ infra_deploy_vars.networks[1].dhcp_ip_stop }}" + gateway_ip: "{{ infra_deploy_vars.networks[1].host_ip }}" + enable_dhcp: no + environment: + - no_proxy: "{{ lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" + - "{{ ostack_env }}" + +- name: Upload OpenStack env file to Yardstick VM + copy: + src: /etc/kolla/admin-openrc.sh + dest: '/tmp/admin-openrc.sh' + delegate_to: "{{ item }}" + when: "groups['yardstickG'] is defined" + with_items: + - "{{ groups['yardstickG'] }}" diff --git a/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml b/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml new file mode 100644 index 000000000..c75bec685 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/tasks/rampup_openstack.yml @@ -0,0 +1,43 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Generate passwords + shell: kolla-genpwd + +- name: Generate the kolla-build.conf + shell: tox -e genconfig + args: + chdir: "{{ git_repos_path + kolla_path }}" + +- set_fact: + target: "{{ git_repos_path + 'all-in-one' }}" + +- set_fact: + target: "{{ git_repos_path + 'multinode' }}" + when: "groups['ostack'] | length > 1" + +- name: Run kolla-ansible precheck + shell: kolla-ansible prechecks -i "{{ target }}" + +- name: Build kolla-ansible + shell: kolla-build -b ubuntu -t source --profile default --tag pike --registry {{ ansible_host }}:4000 --push + +- name: Pull images from registry + shell: kolla-ansible pull -i "{{ target }}" + +- name: Run kolla-ansible deploy + shell: kolla-ansible deploy -i "{{ target }}" + +- name: Create an openrc file + shell: kolla-ansible post-deploy diff --git a/ansible/roles/infra_deploy_openstack/templates/multinode.j2 b/ansible/roles/infra_deploy_openstack/templates/multinode.j2 new file mode 100644 index 000000000..57f87b521 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/templates/multinode.j2 @@ -0,0 +1,39 @@ +{% set control_dict = {} %} +{% set compute_dict = {} %} +{% for host in groups['ostack'] %} +{% if hostvars[host].node_type is defined and hostvars[host].node_type == 'controller' %} +{% set control_dict = control_dict.update({hostvars[host].ansible_host: hostvars[host].ansible_default_ipv4.interface}) %} +{% endif %} +{% endfor %} +{% for host in groups['ostack'] %} +{% if hostvars[host].node_type is defined and hostvars[host].node_type == 'compute' %} +{% for iface in hostvars[host].ansible_interfaces %} +{%- if ((hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4 is defined) and + (hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4.address is defined) and + (hostvars[host]['ansible_' + iface.replace('-', '_')].ipv4.address == hostvars[host].secondary_ip)) -%} +{% set compute_dict = compute_dict.update({hostvars[host].ansible_host: iface}) %} +{% endif %} +{% endfor %} +{% endif %} +{% endfor %} +{% macro print_node(in_dict, iface_str='', cnt=1) %} +{%- for host, iface in in_dict | dictsort -%} +{% if loop.index <= cnt %} +{% if iface_str %} +{{ host }} ansible_ssh_user={{ hostvars[host].ansible_user }} ansible_private_key_file=/root/.ssh/id_rsa ansible_become=True {{ iface_str }}={{ iface }} +{% else %} +{{ host }} ansible_ssh_user={{ hostvars[host].ansible_user }} ansible_private_key_file=/root/.ssh/id_rsa ansible_become=True +{% endif %} +{% endif %} +{% endfor %} +{% endmacro %} +[control] +{{ print_node(control_dict, iface_str='network_interface', cnt=control_dict | length) }} +[compute] +{{ print_node(compute_dict, iface_str='network_interface', cnt=compute_dict | length) }} +[network] +{{ print_node(control_dict, iface_str='', cnt=control_dict | length) }} +[monitoring] +{{ print_node(control_dict) }} +[storage] +{{ print_node(control_dict, iface_str='', cnt=control_dict | length) }} diff --git a/ansible/roles/infra_deploy_openstack/vars/main.yml b/ansible/roles/infra_deploy_openstack/vars/main.yml new file mode 100644 index 000000000..bbea56847 --- /dev/null +++ b/ansible/roles/infra_deploy_openstack/vars/main.yml @@ -0,0 +1,18 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +kolla_path: "{{ 'https://git.openstack.org/openstack/kolla' | urlsplit('path') | basename }}" +kolla_ans_path: "{{ 'https://git.openstack.org/openstack/kolla-ansible' | urlsplit('path') | basename }}" +deployvm_ip: "{{ hostvars[ansible_host].host_ip }}" +git_repos_path: '/tmp/repos/' diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml new file mode 100644 index 000000000..5e616335a --- /dev/null +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_network.yml @@ -0,0 +1,53 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Destroy old networks created by virt + virt_net: + name: "{{ network_item }}" + command: destroy + when: clean_up | bool or network_item in deploy_nets + +# Ignoring errors as network can be created without being defined. +# This can happen if a user manually creates a network using the virsh command. +# If the network is not defined the undefine code will throw an error. +- name: Undefine old networks defined by virt + virt_net: + name: "{{ network_item }}" + command: undefine + when: clean_up | bool or network_item in deploy_nets + ignore_errors: yes + +- name: Check if "ovs-vsctl" command is present + command: which ovs-vsctl + register: ovs_vsctl_present + ignore_errors: yes + +- name: Destroy OVS bridge if it exists + command: ovs-vsctl --if-exists -- del-br "{{ network_item }}" + when: + - ovs_vsctl_present.rc == 0 + - clean_up | bool or network_item in deploy_nets + ignore_errors: yes + +- name: Check if linux bridge is present + stat: path="{{ '/sys/class/net/' + network_item + '/brif/' }}" + register: check_linux_bridge + +- name: Remove linux bridge if it exists + shell: | + ifconfig "{{ network_item }}" down + brctl delbr "{{ network_item }}" + when: + - check_linux_bridge.stat.exists + - clean_up | bool or network_item in deploy_nets diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml new file mode 100644 index 000000000..91e949344 --- /dev/null +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/delete_vm.yml @@ -0,0 +1,29 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Ignore errors as VM can be destroyed without been undefined. +- name: Destroy old VMs + virt: + command: destroy + name: "{{ vmhost_item }}" + when: clean_up | bool or vmhost_item in deploy_vms + ignore_errors: yes + +# Ignore errors as VM can be running while undefined +- name: Undefine old VMs + virt: + command: undefine + name: "{{ vmhost_item }}" + when: clean_up | bool or vmhost_item in deploy_vms + ignore_errors: yes diff --git a/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml b/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml new file mode 100644 index 000000000..6c4aa33cf --- /dev/null +++ b/ansible/roles/infra_destroy_previous_configuration/tasks/main.yml @@ -0,0 +1,64 @@ +# Copyright (c) 2017-2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include input file + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- name: List virt-nets + virt_net: command=list_nets + register: virt_nets + +- name: List VMs + virt: command=list_vms + register: virt_vms + +- set_fact: + deploy_vms: "{{ deploy_vms | default([]) + [item.hostname] }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Define old disk images to delete + shell: virsh domblklist {{ item }} | awk '/\/.*/ { print $2 }' + when: clean_up | bool or item in deploy_vms + with_items: "{{ virt_vms.list_vms }}" + register: virt_img + +- set_fact: + images: "{{ images | default([]) + item.stdout_lines }}" + when: item.stdout_lines is defined and item.stdout_lines | length > 0 + with_items: "{{ virt_img.results }}" + +- name: Destroy old VMs + include_tasks: delete_vm.yml + loop_control: + loop_var: vmhost_item + with_items: "{{ virt_vms.list_vms }}" + +- set_fact: + deploy_nets: "{{ deploy_nets | default([]) + [item.name] }}" + with_items: "{{ infra_deploy_vars.networks }}" + +- name: Delete old networks + include_tasks: delete_network.yml + loop_control: + loop_var: network_item + with_items: "{{ virt_nets.list_nets }}" + +- name: Delete old disk images + file: + path: "{{ item }}" + state: absent + when: images is defined and images | length > 0 + with_items: "{{ images }}" diff --git a/ansible/roles/infra_install_dependencies/tasks/Debian.yml b/ansible/roles/infra_install_dependencies/tasks/Debian.yml new file mode 100644 index 000000000..9f4dc1046 --- /dev/null +++ b/ansible/roles/infra_install_dependencies/tasks/Debian.yml @@ -0,0 +1,34 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- name: Update repositories
+ apt:
+ update_cache: yes
+
+- name: Install core packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items:
+ - python-libvirt
+ - genisoimage
+ when: ansible_distribution_major_version|int == 16
+
+- name: Install core packages
+ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
+ with_items:
+ - python-pip
+ - python-libvirt
+ - python-lxml
+ - python-netaddr
+ - genisoimage
+ when: ansible_distribution_major_version|int >= 18
diff --git a/ansible/roles/infra_install_dependencies/tasks/main.yml b/ansible/roles/infra_install_dependencies/tasks/main.yml new file mode 100644 index 000000000..115b1e3b9 --- /dev/null +++ b/ansible/roles/infra_install_dependencies/tasks/main.yml @@ -0,0 +1,15 @@ +# Copyright (c) 2018 Intel Corporation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+- include_tasks: "{{ ansible_os_family }}.yml"
diff --git a/ansible/roles/infra_prepare_vms/tasks/main.yml b/ansible/roles/infra_prepare_vms/tasks/main.yml new file mode 100644 index 000000000..4e0d9c373 --- /dev/null +++ b/ansible/roles/infra_prepare_vms/tasks/main.yml @@ -0,0 +1,102 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Include input file + include_vars: + file: "{{ rs_file }}" + name: infra_deploy_vars + +- name: Install setuptools + apt: + name: python-setuptools + +- name: Install pip + shell: easy_install pip + environment: "{{ proxy_env }}" + +- name: Install dependency for dns dig + pip: + name: dnspython + state: latest + +- set_fact: + block_str: "{{ block_str | default('') + item.interfaces[0].ip + ' ' + item.hostname + '\n'}}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Delete hosts between markers + blockinfile: + path: /etc/hosts + marker: "# {mark} generated hosts file" + content: "" + +- name: Update /etc/hosts + blockinfile: + path: /etc/hosts + block: | + {{ block_str }} + marker: "# {mark} generated hosts file" + +- name: Clear known hosts + shell: > + ssh-keygen -f /root/.ssh/known_hosts -R "{{ item.interfaces[0].ip }}"; + ssh-keygen -f /root/.ssh/known_hosts -R "{{ item.hostname }}" + with_items: "{{ infra_deploy_vars.nodes }}" + +- set_fact: + controllers: "{{ controllers | default([]) + [item.hostname] }}" + when: + - item.openstack_node is defined + - item.openstack_node == 'controller' + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Add host controller as deploy + add_host: + hostname: "{{ item.hostname }}" + host_ip: "{{ item.interfaces[0].ip }}" + groups: deploy, ostack + ansible_host: "{{ item.hostname }}" + ansible_user: "{{ item.user }}" + ansible_ssh_pass: "{{ item.password }}" + node_type: "{{ item.openstack_node }}" + secondary_ip: "{{ item.interfaces[1].ip }}" + when: item.hostname == controllers[0] + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Add hosts others as controller, compute + add_host: + hostname: "{{ item.hostname }}" + host_ip: "{{ item.interfaces[0].ip }}" + groups: regular,ostack + ansible_host: "{{ item.hostname }}" + ansible_user: "{{ item.user }}" + ansible_ssh_pass: "{{ item.password }}" + node_type: "{{ item.openstack_node }}" + secondary_ip: "{{ item.interfaces[1].ip }}" + when: + - item.openstack_node is defined + - item.openstack_node == 'controller' or item.openstack_node == 'compute' + - item.hostname != controllers[0] + with_items: "{{ infra_deploy_vars.nodes }}" + +- name: Add yardstick host to group + add_host: + hostname: "{{ item.hostname }}" + host_ip: "{{ item.interfaces[0].ip }}" + groups: yardstickG + ansible_host: "{{ item.hostname }}" + ansible_user: "{{ item.user }}" + ansible_ssh_pass: "{{ item.password }}" + secondary_ip: "{{ item.interfaces[1].ip }}" + when: item.hostname == 'yardstickvm' + with_items: "{{ infra_deploy_vars.nodes }}" diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml new file mode 100644 index 000000000..a6ae00e51 --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/configure_docker.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- file: + path: /lib/systemd/system/docker.service.d + state: directory + +- copy: + content: | + [Service] + MountFlags=shared + dest: /lib/systemd/system/docker.service.d/kolla.conf + +- set_fact: + ostack_hosts: "{{ ostack_hosts | default([]) + [hostvars[item].ansible_host] }}" + with_items: "{{ groups['ostack'] }}" + +- name: Create proxy configuration for docker + copy: + content: | + [Service] + Environment="HTTP_PROXY={{ lookup('env', 'http_proxy') }}" + Environment="HTTPS_PROXY={{ lookup('env', 'https_proxy') }}" + Environment="FTP_PROXY={{ lookup('env', 'ftp_proxy') }}" + Environment="NO_PROXY={{ lookup('env', 'no_proxy') }},{{ hostvars[ansible_host].ansible_default_ipv4.address }},{{ ostack_hosts | join(',') }}" + dest: /lib/systemd/system/docker.service.d/http-proxy.conf + +- name: Update /etc/default/docker + lineinfile: + path: /etc/default/docker + line: 'DOCKER_OPTS="--dns {{ hostvars[ansible_host].ansible_default_ipv4.gateway }} --insecure-registry {{ deploy_host }}:4000"' + +- name: reload restart docker + systemd: + state: restarted + daemon_reload: yes + name: docker diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml new file mode 100644 index 000000000..d22e8155a --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/install_packets.yml @@ -0,0 +1,85 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Update apt cache + apt: + update_cache: yes + upgrade: yes + cache_valid_time: 36000 + environment: "{{ proxy_env }}" + +- name: Install packets + apt: + name: "{{ item }}" + with_items: + - python-tox + - python-dev + - libffi-dev + - libssl-dev + - python3-dev + - ethtool + - ipmitool + - git + - ntp + - apparmor-utils + - docker.io + - libvirt-bin + - python-setuptools + - build-essential + environment: "{{ proxy_env }}" + +- name: Install pip + shell: easy_install pip + environment: "{{ proxy_env }}" + +- name: Update pip ansible docker + pip: + name: "{{ item }}" + state: latest + with_items: + - ansible + - docker + - tox + - shade + environment: "{{ proxy_env }}" + +- name: Remove conflicting packages + apt: + name: "{{ item }}" + state: absent + with_items: + - lxd + - lxc + +- name: Stop and disable libvirt + systemd: + state: stopped + enabled: no + name: libvirt-bin.service + +- name: Stop and disable apparmor service + systemd: + name: apparmor + state: stopped + enabled: no + +- name: Get stat of libvirtd apparmor profile + stat: + path: /etc/apparmor.d/disable/usr.sbin.libvirtd + register: apparmor_libvirtd_profile + +- name: Remove apparmor profile for libvirt + shell: ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/ && apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd + when: + - apparmor_libvirtd_profile.stat.exists == False diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml new file mode 100644 index 000000000..65d5e59d8 --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/main.yml @@ -0,0 +1,39 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Configure proxy and install python to support ansible +- name: Create apt.conf proxy config + raw: > + echo 'Acquire::http::proxy "{{ hostvars[groups['jumphost'][0]].proxy_proto + '://' + hostvars[groups['jumphost'][0]].proxy_host_ip + ':' + hostvars[groups['jumphost'][0]].proxy_port }}";' + > /etc/apt/apt.conf.d/22proxy + +- name: Install python which is required to run ansible mudules + raw: apt-get update && apt-get install -y python + +- name: Gather facts + setup: + +- name: Update configuration files + include_tasks: update_conf_files.yml + +- name: Install packets + include_tasks: install_packets.yml + when: ansible_hostname in groups['ostack'] + +- name: Configure docker settings + include_tasks: configure_docker.yml + when: ansible_hostname in groups['ostack'] + +- name: generate and apply SSH keys + include_tasks: update_keys.yml diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml new file mode 100644 index 000000000..424fb543b --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_conf_files.yml @@ -0,0 +1,69 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Set hostname + shell: hostname {{ ansible_hostname }} + +- name: Delete hosts between markers + blockinfile: + path: /etc/hosts + marker: "# {mark} generated hosts file" + content: "" + +- set_fact: + block_str: "{{ block_str | default('') + hostvars[item].host_ip + ' ' + hostvars[item].ansible_host + '\n'}}" + with_items: "{{ groups['ostack'] }}" + +- name: Update /etc/hosts + blockinfile: + path: /etc/hosts + block: | + {{ block_str }} + marker: "# {mark} generated hosts file" + +- name: Update /etc/hosts + lineinfile: + path: /etc/hosts + regexp: ".*{{ hostvars[groups['jumphost'][0]].proxy_host }}.*" + line: "{{ hostvars[groups['jumphost'][0]].proxy_host_ip }} {{ hostvars[groups['jumphost'][0]].proxy_host }}" + +- name: Turn off IPv6 + lineinfile: + path: /etc/sysctl.conf + regexp: '^{{ item }}.*' + line: "{{ item }} = 1" + with_items: + - 'net.ipv6.conf.all.disable_ipv6' + - 'net.ipv6.conf.default.disable_ipv6' + - 'net.ipv6.conf.lo.disable_ipv6' + +- name: Update IP configuration + shell: sysctl -p + +- name: Update resolv.conf + shell: echo "{{ 'nameserver ' + hostvars[ansible_host].ansible_default_ipv4.gateway }}" > /etc/resolvconf/resolv.conf.d/base + +- name: Update name servers + shell: resolvconf -u + +- name: Update /etc/environment + lineinfile: + path: /etc/environment + regexp: "{{ item.find }}" + line: "{{ item.add }}" + with_items: + - { find: 'http_proxy=', add: "{{ 'export http_proxy=' + lookup('env', 'http_proxy') }}" } + - { find: 'https_proxy=', add: "{{ 'export https_proxy=' + lookup('env', 'https_proxy') }}" } + - { find: 'ftp_proxy=', add: "{{ 'export ftp_proxy=' + lookup('env', 'ftp_proxy') }}" } + - { find: 'no_proxy=', add: "{{ 'export no_proxy=' + lookup('env', 'no_proxy') + ',' + ansible_host + ',' + hostvars[ansible_host].ansible_default_ipv4.address }}" } diff --git a/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml new file mode 100644 index 000000000..816f7cbca --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/tasks/update_keys.yml @@ -0,0 +1,48 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Generate keys + user: + name: "{{ hostvars[ansible_host].ansible_user }}" + generate_ssh_key: yes + state: present + ssh_key_file: "/root/.ssh/id_rsa" + +- name: Get remote files + fetch: + src: "/root/.ssh/id_rsa.pub" + dest: "/tmp" + +- name: Update authorized_key + authorized_key: + key: "{{ lookup('file', '/tmp/{{ hostvars[item].ansible_host }}/root/.ssh/id_rsa.pub') }}" + state: present + user: "{{ hostvars[item].ansible_user }}" + with_items: + - "{{ groups['ostack'] }}" + - "{{ groups['yardstickG'] }}" + +- name: Make sure the known hosts file exists + file: + path: "{{ ssh_known_hosts_file }}" + state: touch + +- name: Add key to known hosts + known_hosts: + name: "{{ hostvars[item].ansible_host }}" + key: "{{ lookup('pipe', 'ssh-keyscan -t rsa {{ hostvars[item].ansible_host }}') }}" + path: "{{ ssh_known_hosts_file }}" + with_items: + - "{{ groups['ostack'] }}" + - "{{ groups['yardstickG'] }}" diff --git a/ansible/roles/infra_rampup_stack_nodes/vars/main.yml b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml new file mode 100644 index 000000000..252eb86b3 --- /dev/null +++ b/ansible/roles/infra_rampup_stack_nodes/vars/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +ssh_known_hosts_file: "/root/.ssh/known_hosts" +deploy_host: "{{ hostvars[groups['deploy'][0]].ansible_host }}" diff --git a/ansible/roles/init_kubeadm/defaults/main.yml b/ansible/roles/init_kubeadm/defaults/main.yml new file mode 100644 index 000000000..3d868398d --- /dev/null +++ b/ansible/roles/init_kubeadm/defaults/main.yml @@ -0,0 +1,27 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +cmk_rbc_rules_url: https://raw.githubusercontent.com/intel/CPU-Manager-for-Kubernetes/master/resources/authorization/cmk-rbac-rules.yaml +cmk_serviceaccount: https://raw.githubusercontent.com/intel/CPU-Manager-for-Kubernetes/master/resources/authorization/cmk-serviceaccount.yaml +dpdk_devbind_path: "{{ INSTALL_BIN_PATH|default('/opt') }}" +multus_config: + name: node-cni-network + type: multus + kubeconfig: /etc/kubernetes/kubelet.conf + delegates: + - type: flannel + delegate: + isDefaultGateway: true + hairpinMode: true + masterplugin: true diff --git a/ansible/roles/init_kubeadm/tasks/kubeadm.yml b/ansible/roles/init_kubeadm/tasks/kubeadm.yml new file mode 100644 index 000000000..7c808a01c --- /dev/null +++ b/ansible/roles/init_kubeadm/tasks/kubeadm.yml @@ -0,0 +1,50 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- set_fact: + service_cidr_param: --service-cidr={{ kubeadm_service_cidr }} + when: 'kubeadm_service_cidr is defined' + +- set_fact: + pod_network_cidr_param: --pod-network-cidr={{ kubeadm_pod_network_cidr }} + when: 'kubeadm_pod_network_cidr is defined' + +- set_fact: + kubernetes_version: --kubernetes-version {{ kubeadm_kubernetes_version }} + when: 'kubeadm_kubernetes_version is defined' + +- name: Initialize Kubernetes cluster + command: > + kubeadm init {{ pod_network_cidr_param|default('') }} + {{ service_cidr_param|default('') }} {{ kubernetes_version|default('') }} + --ignore-preflight-errors=all + +- name: Create Kubernetes configuration dir + file: path={{ ansible_env.HOME }}/.kube state=directory + +- name: Setup Kubernetes environment + copy: + src: /etc/kubernetes/admin.conf + dest: "{{ ansible_env.HOME }}/.kube/config" + remote_src: yes + +- name: Allow to schedule pods on the master + command: kubectl taint nodes --all node-role.kubernetes.io/master- + +- name: Wait for kube-dns pod to be in running state + command: kubectl get pods --namespace=kube-system -l k8s-app=kube-dns -o json + register: result + until: result.stdout|from_json|json_query('items[].status.phase|[0]') == "Running" + retries: 30 + delay: 2 diff --git a/ansible/roles/init_kubeadm/tasks/kubectl.yml b/ansible/roles/init_kubeadm/tasks/kubectl.yml new file mode 100644 index 000000000..dd8ad2f65 --- /dev/null +++ b/ansible/roles/init_kubeadm/tasks/kubectl.yml @@ -0,0 +1,26 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Generate temporary resource file + tempfile: state=file prefix=kubectl.{{ item }}. + register: config_file + +- name: Generate {{ item }} resource file + template: src={{ item }}.j2 dest={{ config_file.path }} + +- name: Create {{ item }} resource + command: kubectl create -f {{ config_file.path }} + +- name: Create Kubernetes configuration dir + file: path={{ config_file.path }} state=absent diff --git a/ansible/roles/init_kubeadm/tasks/main.yml b/ansible/roles/init_kubeadm/tasks/main.yml new file mode 100644 index 000000000..df7334ce1 --- /dev/null +++ b/ansible/roles/init_kubeadm/tasks/main.yml @@ -0,0 +1,70 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Disable swap + command: swapoff -a + ignore_errors: true + +- name: Reset Kubernetes cluster + command: kubeadm reset + +- name: Clean Kubernetes directories (w/o removing the folder itself) + shell: rm -fr {{ item }}/* + with_items: + - /etc/kubernetes + - /var/lib/cni + - /etc/cmk + +- name: Create Multus CNI plugin dir + file: path=/etc/cni/net.d state=directory + +- name: Configure Multus CNI plugin + template: src=10-multus-cni.conf.j2 dest=/etc/cni/net.d/10-multus-cni.conf owner=root mode=0644 + +- name: Change default kubelet cluster dns IP + lineinfile: + path: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf + regexp: '^(.*)--cluster-dns=([0-9\.]*)( +.*)$' + line: '\1--cluster-dns={{ kubelet_cluster_dns_ip }}\3' + backrefs: yes + backup: yes + +- name: Systemd daemon reload + command: systemctl daemon-reload + +- name: Restart kubelet + service: name=kubelet state=restarted + +- name: Initialize kubeadm + include: kubeadm.yml + +- name: Create CMK Kubernetes resources + command: kubectl create -f {{ item }} + with_items: + - "{{ cmk_rbc_rules_url }}" + - "{{ cmk_serviceaccount }}" + +- name: Create Kubernetes resources + include: kubectl.yml + with_items: + - crd-network.yaml + - net-flannel.yaml + - roles.yaml + - kube-flannel.yaml + - cmk-init-pod.yaml + +- name: Create a ClusterRoleBinding for a particular ClusterRole + command: > + kubectl create clusterrolebinding multus-node-{{ ansible_hostname }} + --clusterrole=multus-crd-overpowered --user=system:node:{{ ansible_hostname }} diff --git a/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 b/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 new file mode 100644 index 000000000..a68afaf26 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/10-multus-cni.conf.j2 @@ -0,0 +1 @@ +{{ multus_config | to_nice_json }} diff --git a/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 b/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 new file mode 100644 index 000000000..44c22581f --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/cmk-init-pod.yaml.j2 @@ -0,0 +1,32 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: v1 +kind: Pod +metadata: + labels: + app: cmk-cluster-init-pod + name: cmk-cluster-init-pod +spec: + serviceAccountName: cmk-serviceaccount + containers: + - args: + # Change this value to pass different options to cluster-init. + - "/cmk/cmk.py cluster-init --host-list={{ ansible_hostname }} --saname=cmk-serviceaccount --cmk-img=si-docker.ir.intel.com/vcmts-ubuntu/cmk --num-dp-cores=4 --dp-mode=spread --num-cp-cores=1 --cp-mode=spread" + command: + - "/bin/bash" + - "-c" + image: si-docker.ir.intel.com/vcmts-ubuntu/cmk + name: cmk-cluster-init-pod + restartPolicy: Never diff --git a/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 b/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 new file mode 100644 index 000000000..0e451c51a --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/crd-network.yaml.j2 @@ -0,0 +1,26 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: "apiextensions.k8s.io/v1beta1" +kind: CustomResourceDefinition +metadata: + name: networks.kubernetes.com +spec: + group: kubernetes.com + version: v1 + scope: Namespaced + names: + plural: networks + singular: network + kind: Network diff --git a/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 b/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 new file mode 100644 index 000000000..ddb849616 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/kube-flannel.yaml.j2 @@ -0,0 +1,158 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: flannel +rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: flannel +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flannel +subjects: +- kind: ServiceAccount + name: flannel + namespace: kube-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: flannel + namespace: kube-system +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: kube-flannel-cfg + namespace: kube-system + labels: + tier: node + app: flannel +data: + cni-conf.json: | + { + "name": "cbr0", + "plugins": [ + { + "type": "flannel", + "delegate": { + "hairpinMode": true, + "isDefaultGateway": true + } + }, + { + "type": "portmap", + "capabilities": { + "portMappings": true + } + } + ] + } + net-conf.json: | + { + "Network": "{{ kubeadm_pod_network_cidr }}", + "Backend": { + "Type": "vxlan" + } + } +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: kube-flannel-ds + namespace: kube-system + labels: + tier: node + app: flannel +spec: + template: + metadata: + labels: + tier: node + app: flannel + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + serviceAccountName: flannel + containers: + - name: kube-flannel + image: quay.io/coreos/flannel:v0.10.0-amd64 + command: + - /opt/bin/flanneld + args: + - --ip-masq + - --kube-subnet-mgr + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - name: run + mountPath: /run + - name: flannel-cfg + mountPath: /etc/kube-flannel/ + volumes: + - name: run + hostPath: + path: /run + - name: cni + hostPath: + path: /etc/cni/net.d + - name: flannel-cfg + configMap: + name: kube-flannel-cfg diff --git a/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 b/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 new file mode 100644 index 000000000..db25c6a89 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/net-flannel.yaml.j2 @@ -0,0 +1,24 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: "kubernetes.com/v1" +kind: Network +metadata: + name: flannel +plugin: flannel +args: '[{ + "delegate": { + "isDefaultGateway": true + } + }]' diff --git a/ansible/roles/init_kubeadm/templates/roles.yaml.j2 b/ansible/roles/init_kubeadm/templates/roles.yaml.j2 new file mode 100644 index 000000000..b3509b048 --- /dev/null +++ b/ansible/roles/init_kubeadm/templates/roles.yaml.j2 @@ -0,0 +1,29 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: multus-crd-overpowered +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' diff --git a/ansible/roles/install_civetweb/defaults/main.yml b/ansible/roles/install_civetweb/defaults/main.yml index 2235fe172..c97403688 100644 --- a/ansible/roles/install_civetweb/defaults/main.yml +++ b/ansible/roles/install_civetweb/defaults/main.yml @@ -15,7 +15,9 @@ civetweb_dest: "{{ clone_dest }}/civetweb" civetweb_build_dependencies: Debian: - - libjson0 - - libjson0-dev +# - libjson-c-dev=0.11-4ubuntu2 +# - libjson0 +# - libjson0-dev - libssl-dev + - libjson-c-dev RedHat: diff --git a/ansible/roles/install_dependencies_jumphost/tasks/Debian.yml b/ansible/roles/install_dependencies_jumphost/tasks/Debian.yml new file mode 100755 index 000000000..a229cc1a2 --- /dev/null +++ b/ansible/roles/install_dependencies_jumphost/tasks/Debian.yml @@ -0,0 +1,106 @@ +# Copyright (c) 2017 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Update repositories + apt: + update_cache: yes + +- name: Install dependency for Ubuntu 18 + action: "{{ ansible_pkg_mgr }} name=libssl1.0-dev state=present" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 17 + +- name: Install core packages + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - wget + - curl + - screen + - procps + - socat + - sshpass + - sudo + - vim + - libffi-dev + - libfuse-dev + - libxft-dev + - libxml2-dev + - libxss-dev + - libxslt1-dev + - libzmq3-dev + - qemu-user-static + - qemu-utils + - kpartx + - python + - python-setuptools + - python-dev + - python-libvirt + - python-virtualenv + - bridge-utils + - ebtables + - openssl + - ccze + - nginx-full + - uwsgi + - uwsgi-plugin-python + - supervisor + - lsof + - npm + - rabbitmq-server + +- name: Install libc6:arm64 package + action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" + with_items: + - libc6:arm64 + when: + - arch is defined + - arch != arch_arm64 + - installation_mode == inst_mode_container + +- name: Remove dependencies that are no longer required + apt: + update_cache: yes + +- name: Remove useless packages from the cache + apt: + autoclean: yes + +# There is a bug with the easy install ansible module in Ubuntu 16.04 linux. +# Refer https://github.com/ansible/ansible/issues/23534 +- name: Install pip + shell: easy_install -U pip + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int <= 16 + +- name: Install python-pip + action: "{{ ansible_pkg_mgr }} name=python-pip state=present" + when: + - ansible_distribution == 'Ubuntu' + - ansible_distribution_major_version|int >= 17 + +- name: Uninstall docker as it conflicts with docker-py + pip: + name: + - docker + state: absent + +- name: Install required docker-py module + pip: + name: + - docker-py + - shade + state: latest + environment: "{{ proxy_env }}" diff --git a/ansible/roles/install_dependencies/tasks/RedHat.yml b/ansible/roles/install_dependencies_jumphost/tasks/RedHat.yml index a5d4d0b15..cb5315adb 100644 --- a/ansible/roles/install_dependencies/tasks/RedHat.yml +++ b/ansible/roles/install_dependencies_jumphost/tasks/RedHat.yml @@ -42,5 +42,14 @@ - python-setuptools - libffi-devel - python-devel - - kpartx - + - nodejs + - npm + - gcc + - lsof + - procps + - bridge-utils + - ebtables + - openssl + - python-virtualenv + - ccze + - python-pip diff --git a/ansible/roles/install_dependencies/tasks/Debian.yml b/ansible/roles/install_dependencies_jumphost/tasks/Suse.yml index bba6fb13c..7932ed96d 100755..100644 --- a/ansible/roles/install_dependencies/tasks/Debian.yml +++ b/ansible/roles/install_dependencies_jumphost/tasks/Suse.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. +# Copyright (c) 2018 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,39 +12,44 @@ # See the License for the specific language governing permissions and # limitations under the License. --- +- name: Install EPEL if needed + action: "{{ ansible_pkg_mgr }} name=epel-release state=present" + when: ansible_distribution in ['RedHat', 'CentOS', 'ScientificLinux'] + - name: Install core packages action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - - python-minimal + - deltarpm - wget + - expect - curl - screen - - procps - git - socat - sshpass - - libxslt1-dev - - libffi-dev - - libfuse-dev - qemu-kvm - - qemu-user-static - - qemu-utils - kpartx - - libvirt0 - - python-libvirt + - libxslt-devel + - libffi-devel + - openssl-devel + - nginx + - uwsgi + - python-setuptools + - libffi-devel + - python-devel + - nodejs + - npm + - gcc + - lsof + - procps - bridge-utils - ebtables - openssl - - libssl-dev - - python-dev - python-virtualenv - ccze - - libxml2-dev - - libxslt-dev - - libzmq-dev - - nginx-full - - uwsgi - - uwsgi-plugin-python - - supervisor - - python-setuptools - - lsof + +# There is a bug with the easy install ansible module in suse linux. +# Until this is fixed the shell command must be used +# Refer https://github.com/ansible/ansible/issues/37296 +- name: Install pip + shell: easy_install -U pip diff --git a/ansible/roles/install_dependencies/tasks/main.yml b/ansible/roles/install_dependencies_jumphost/tasks/main.yml index 27660c3ca..27660c3ca 100644 --- a/ansible/roles/install_dependencies/tasks/main.yml +++ b/ansible/roles/install_dependencies_jumphost/tasks/main.yml diff --git a/ansible/roles/install_dependencies_kubernetes/tasks/main.yml b/ansible/roles/install_dependencies_kubernetes/tasks/main.yml new file mode 100644 index 000000000..90098a48e --- /dev/null +++ b/ansible/roles/install_dependencies_kubernetes/tasks/main.yml @@ -0,0 +1,19 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Install https download transport for APT + apt: + name: apt-transport-https + state: latest + update_cache: yes diff --git a/ansible/roles/install_dpdk/tasks/Debian.yml b/ansible/roles/install_dpdk/tasks/Debian.yml index 4f0c3c881..b76a0fbf8 100755 --- a/ansible/roles/install_dpdk/tasks/Debian.yml +++ b/ansible/roles/install_dpdk/tasks/Debian.yml @@ -17,6 +17,7 @@ with_items: - libpcap-dev - pciutils + - libelf-dev - name: Install kernel headers action: "{{ ansible_pkg_mgr }} name=linux-headers-{{ dpdk_kernel }} state=present" diff --git a/ansible/roles/install_dpdk/tasks/main.yml b/ansible/roles/install_dpdk/tasks/main.yml index 01ad4baf1..a1a377eb1 100644 --- a/ansible/roles/install_dpdk/tasks/main.yml +++ b/ansible/roles/install_dpdk/tasks/main.yml @@ -20,6 +20,10 @@ # with_fileglob: # - "{{ local_nsb_path }}/patches/dpdk_custom_patch/0*.patch" +- debug: + var: dpdk_version + verbosity: 2 + - name: find kernel for image, (including chroot) find_kernel: kernel: "{{ ansible_kernel }}" @@ -106,6 +110,7 @@ src: "{{ dpdk_path }}/{{ dpdk_make_arch }}/kmod/igb_uio.ko" dest: "{{ dpdk_module_dir }}/igb_uio.ko" remote_src: yes + when: dpdk_version is version(dpdk_version_for_PROX, '>=') - name: run depmod for dpdk_kernel command: depmod "{{ dpdk_kernel }}" @@ -116,16 +121,26 @@ - name: copy dpdk-devbind.py to correct location copy: - src: "{{ dpdk_devbind[dpdk_version] }}" + src: "{{ dpdk_devbind_usertools if dpdk_version is version('17.02', '>=') else dpdk_devbind_tools }}" dest: "{{ INSTALL_BIN_PATH }}/dpdk-devbind.py" remote_src: yes force: yes mode: 0755 + when: dpdk_version is version(dpdk_version_for_PROX, '>=') + +- name: make vPE binary + command: make -j {{ ansible_processor_vcpus }} + args: + chdir: "{{ dpdk_path }}/examples/ip_pipeline" + environment: + RTE_SDK: "{{ dpdk_path }}" + when: dpdk_version is version(dpdk_version_for_PROX, '!=') -- name: make dpdk_nic_bind.py for backwards compatibility +- name: Copy vPE to correct location copy: - src: "{{ dpdk_devbind[dpdk_version] }}" - dest: "{{ INSTALL_BIN_PATH }}/dpdk_nic_bind.py" + src: "{{ dpdk_path }}/examples/ip_pipeline/build/app/ip_pipeline" + dest: "{{ INSTALL_BIN_PATH }}/vPE_vnf" remote_src: yes force: yes mode: 0755 + when: dpdk_version is version(dpdk_version_for_PROX, '!=') diff --git a/ansible/roles/install_dpdk/vars/main.yml b/ansible/roles/install_dpdk/vars/main.yml index 45bcc339b..957f47e99 100644 --- a/ansible/roles/install_dpdk/vars/main.yml +++ b/ansible/roles/install_dpdk/vars/main.yml @@ -1,9 +1,10 @@ --- -dpdk_make_arch: x86_64-native-linuxapp-gcc +dpdk_make_archs: + "amd64": "x86_64-native-linuxapp-gcc" + "arm64": "arm64-native-linuxapp-gcc" +dpdk_make_arch: "{{ dpdk_make_archs[YARD_IMG_ARCH] }}" dpdk_module_dir: "/lib/modules/{{ dpdk_kernel }}/extra" hugetable_mount: /mnt/huge -dpdk_devbind: - "16.07": "{{ dpdk_path }}/tools/dpdk-devbind.py" - "17.02": "{{ dpdk_path }}/usertools/dpdk-devbind.py" - "17.04": "{{ dpdk_path }}/usertools/dpdk-devbind.py" +dpdk_devbind_tools: "{{ dpdk_path }}/tools/dpdk-devbind.py" +dpdk_devbind_usertools: "{{ dpdk_path }}/usertools/dpdk-devbind.py" dpdk_pmd_path: /usr/lib/dpdk-pmd/ diff --git a/ansible/roles/install_dpdk_shared/tasks/Debian.yml b/ansible/roles/install_dpdk_shared/tasks/Debian.yml index c77e4f96a..641d8f9cd 100755 --- a/ansible/roles/install_dpdk_shared/tasks/Debian.yml +++ b/ansible/roles/install_dpdk_shared/tasks/Debian.yml @@ -16,6 +16,7 @@ action: "{{ ansible_pkg_mgr }} name={{ item }} state=present" with_items: - libpcap-dev + - libnuma-dev - name: Install kernel headers action: "{{ ansible_pkg_mgr }} name=linux-headers-{{ dpdk_kernel }} state=present" diff --git a/ansible/roles/install_dpdk_shared/tasks/main.yml b/ansible/roles/install_dpdk_shared/tasks/main.yml index 65954be04..94b9215bd 100644 --- a/ansible/roles/install_dpdk_shared/tasks/main.yml +++ b/ansible/roles/install_dpdk_shared/tasks/main.yml @@ -42,6 +42,15 @@ set_fact: RTE_KERNELDIR: "/lib/modules/{{ dpdk_kernel }}/build" +# make clean must be run here as DPDK-shared is a copy of the DPDK directory +# which has already run the make command +# no T= target for clean +- command: make -j {{ ansible_processor_vcpus }} clean O={{ dpdk_make_arch }} + args: + chdir: "{{ dpdk_shared_path }}" + environment: + RTE_KERNELDIR: "{{ RTE_KERNELDIR }}" + - command: make -j {{ ansible_processor_vcpus }} config T={{ dpdk_make_arch }} O={{ dpdk_make_arch }} args: chdir: "{{ dpdk_shared_path }}" @@ -85,13 +94,6 @@ regexp: '^CONFIG_RTE_EAL_PMD_PATH=""' line: 'CONFIG_RTE_EAL_PMD_PATH="{{ dpdk_pmd_path }}"' - # no T= target for clean -- command: make -j {{ ansible_processor_vcpus }} clean O={{ dpdk_make_arch }} - args: - chdir: "{{ dpdk_shared_path }}" - environment: - RTE_KERNELDIR: "{{ RTE_KERNELDIR }}" - # TODO: disable ASLR - command: make -j {{ ansible_processor_vcpus }} diff --git a/ansible/roles/install_dpdk_shared/vars/main.yml b/ansible/roles/install_dpdk_shared/vars/main.yml index 45bcc339b..b663cedd2 100644 --- a/ansible/roles/install_dpdk_shared/vars/main.yml +++ b/ansible/roles/install_dpdk_shared/vars/main.yml @@ -1,9 +1,8 @@ --- -dpdk_make_arch: x86_64-native-linuxapp-gcc +dpdk_make_archs: + "amd64": "x86_64-native-linuxapp-gcc" + "arm64": "arm64-native-linuxapp-gcc" +dpdk_make_arch: "{{ dpdk_make_archs[YARD_IMG_ARCH] }}" dpdk_module_dir: "/lib/modules/{{ dpdk_kernel }}/extra" hugetable_mount: /mnt/huge -dpdk_devbind: - "16.07": "{{ dpdk_path }}/tools/dpdk-devbind.py" - "17.02": "{{ dpdk_path }}/usertools/dpdk-devbind.py" - "17.04": "{{ dpdk_path }}/usertools/dpdk-devbind.py" dpdk_pmd_path: /usr/lib/dpdk-pmd/ diff --git a/ansible/roles/install_drivers/tasks/Debian.yml b/ansible/roles/install_drivers/tasks/Debian.yml new file mode 100755 index 000000000..27f6b74cc --- /dev/null +++ b/ansible/roles/install_drivers/tasks/Debian.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Install kernel headers + action: "{{ ansible_pkg_mgr }} name=linux-headers-{{ chroot_kernel }} state=present" diff --git a/ansible/roles/install_drivers/tasks/RedHat.yml b/ansible/roles/install_drivers/tasks/RedHat.yml new file mode 100644 index 000000000..d2e2a3768 --- /dev/null +++ b/ansible/roles/install_drivers/tasks/RedHat.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Install kernel headers + action: "{{ ansible_pkg_mgr }} name=kernel-headers-{{ chroot_kernel }} state=present" diff --git a/ansible/roles/install_drivers/tasks/i40evf.yml b/ansible/roles/install_drivers/tasks/i40evf.yml new file mode 100644 index 000000000..1cd95ceb0 --- /dev/null +++ b/ansible/roles/install_drivers/tasks/i40evf.yml @@ -0,0 +1,31 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Make i40evf + make: + chdir: "{{ i40evf_path }}/src" + params: + BUILD_KERNEL: "{{ chroot_kernel }}" + +- name: Make i40evf install + make: + chdir: "{{ i40evf_path }}/src" + target: install + params: + BUILD_KERNEL: "{{ chroot_kernel }}" + +- name: Configure i40evf to load on boot + copy: + content: i40evf + dest: /etc/modules-load.d/i40evf.conf diff --git a/ansible/roles/install_drivers/tasks/main.yml b/ansible/roles/install_drivers/tasks/main.yml new file mode 100644 index 000000000..72a432e54 --- /dev/null +++ b/ansible/roles/install_drivers/tasks/main.yml @@ -0,0 +1,28 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Find kernel for image, (including chroot) + find_kernel: + kernel: "{{ ansible_kernel }}" + register: found_kernel + +# Do this before installing kernel headers +- name: Set chroot_kernel to be the kernel we found + set_fact: + chroot_kernel: "{{ found_kernel.kernel }}" + +- include: "{{ ansible_os_family }}.yml" + +# Install drivers +- include: i40evf.yml diff --git a/ansible/roles/install_go/defaults/main.yml b/ansible/roles/install_go/defaults/main.yml new file mode 100644 index 000000000..dee4f82d2 --- /dev/null +++ b/ansible/roles/install_go/defaults/main.yml @@ -0,0 +1,18 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +golang_repo_key_server: keyserver.ubuntu.com +golang_repo_key_id: C73998DC9DFEA6DCF1241057308C15A29AD198E9 +golang_repo_url: deb http://ppa.launchpad.net/gophers/archive/ubuntu xenial main +golang_bin_dir: /usr/lib/go-1.10/bin diff --git a/ansible/roles/install_go/tasks/main.yml b/ansible/roles/install_go/tasks/main.yml new file mode 100644 index 000000000..5489fadae --- /dev/null +++ b/ansible/roles/install_go/tasks/main.yml @@ -0,0 +1,40 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Add go language gophers repo key + # due to a proxy issue in the ansible apt_key module on Ubuntu 17.10, + # it doesn't work to add key via `id` and `keyserver` parametes. Similar + # issue is described here: https://github.com/debops/ansible-elastic_co/issues/2 + # apt_key: + # keyserver: "{{ golang_repo_key_server }}" + # id: "{{ golang_repo_key_id }}" + # As a workaround, we can use `apt-key` tool directly with proxy specified. + command: > + apt-key adv --keyserver {{ golang_repo_key_server }} --recv-keys + --keyserver-options http-proxy={{ proxy_env.http_proxy }} + {{ golang_repo_key_id }} + +- name: Add apt golang repository + apt_repository: + repo: "{{ golang_repo_url }}" + filename: golang-1.10-go + +- name: Install golang-1.10-go + apt: + name: golang-1.10-go + +- name: Setup Go environment variable + set_fact: + go_env: + PATH: "{{ golang_bin_dir }}:{{ ansible_env.PATH }}" diff --git a/ansible/roles/install_image_dependencies/defaults/main.yml b/ansible/roles/install_image_dependencies/defaults/main.yml index f0b53215a..558e68a9b 100644 --- a/ansible/roles/install_image_dependencies/defaults/main.yml +++ b/ansible/roles/install_image_dependencies/defaults/main.yml @@ -28,6 +28,9 @@ install_dependencies: # for IxLoad - libxft-dev - libxss-dev + - expect + - libnuma-dev + - curl RedHat: - bc - fio @@ -48,3 +51,4 @@ install_dependencies: - sysstat - unzip - python-devel + - curl diff --git a/ansible/roles/install_image_dependencies/tasks/main.yml b/ansible/roles/install_image_dependencies/tasks/main.yml index ffd30f33e..4e55339c2 100644 --- a/ansible/roles/install_image_dependencies/tasks/main.yml +++ b/ansible/roles/install_image_dependencies/tasks/main.yml @@ -19,5 +19,5 @@ action: "{{ ansible_pkg_mgr }} name={{ item }} state=latest update_cache=yes" register: pkg_mgr_results retries: "{{ pkg_mgr_retries }}" - until: pkg_mgr_results|success + until: pkg_mgr_results is success with_items: "{{ install_dependencies[ansible_os_family] }}" diff --git a/ansible/roles/install_kube/defaults/main.yml b/ansible/roles/install_kube/defaults/main.yml new file mode 100644 index 000000000..1ae57469d --- /dev/null +++ b/ansible/roles/install_kube/defaults/main.yml @@ -0,0 +1,16 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +kubernetes_key_url: https://packages.cloud.google.com/apt/doc/apt-key.gpg +kubernetes_repo_url: deb http://apt.kubernetes.io/ kubernetes-xenial main diff --git a/ansible/roles/install_kube/tasks/main.yml b/ansible/roles/install_kube/tasks/main.yml new file mode 100644 index 000000000..ea4f0cdb5 --- /dev/null +++ b/ansible/roles/install_kube/tasks/main.yml @@ -0,0 +1,30 @@ +# Copyright (c) 2018-2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: Add kubernetes repo key + apt_key: + url: "{{ kubernetes_key_url }}" + +- name: Add apt kubernetes repository + apt_repository: + repo: "{{ kubernetes_repo_url }}" + filename: kubernetes + +- name: Install kubelet kubeadm kubectl kubernetes-cni + apt: + name: + - kubelet=1.9.3* + - kubeadm=1.9.3* + - kubectl=1.9.3* + force: yes diff --git a/ansible/roles/install_pktgen/tasks/main.yml b/ansible/roles/install_pktgen/tasks/main.yml new file mode 100644 index 000000000..294c77971 --- /dev/null +++ b/ansible/roles/install_pktgen/tasks/main.yml @@ -0,0 +1,25 @@ +# Copyright (c) 2018 Huawei Technologies Co.,Ltd and others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +- name: set build env vars + set_fact: + build_env_vars: + RTE_SDK: "{{ RTE_SDK }}" + RTE_TARGET: "{{ RTE_TARGET }}" + +- name: "make pktgen" + command: make + args: + chdir: "{{ pktgen_path }}" + environment: "{{ build_env_vars }}" diff --git a/ansible/roles/install_samplevnf/tasks/main.yml b/ansible/roles/install_samplevnf/tasks/main.yml index b5d33f668..ad147b00f 100644 --- a/ansible/roles/install_samplevnf/tasks/main.yml +++ b/ansible/roles/install_samplevnf/tasks/main.yml @@ -56,3 +56,35 @@ # make executable mode: 0755 +- set_fact: + path_vnf: "{{ INSTALL_BIN_PATH }}/{{ vnf_app_names[vnf_name]}}" + +- stat: + path: "{{ path_vnf }}" + checksum_algorithm: md5 + register: path_vnf_var + +- stat: + path: "{{ path_json }}" + register: path_json_var + +- name: Fetch from remote + fetch: + src: "{{ path_json }}" + dest: "{{ path_json }}" + flat: yes + when: path_json_var.stat.exists + +- name: Read from json + set_fact: + json_vars: "{{ lookup('file', path_json) | from_json }}" + when: path_json_var.stat.exists + +- set_fact: + json_vars: "{{ json_vars | default([]) | combine({ vnf_app_names[vnf_name]: {'branch_commit': samplevnf_version, 'path_vnf': path_vnf, 'md5': path_vnf_var.stat.checksum }}) }}" + +- name: Update json file + copy: + content: "{{ json_vars | to_nice_json }}" + dest: "{{ path_json }}" + mode: 0755 diff --git a/ansible/roles/install_samplevnf/vars/main.yml b/ansible/roles/install_samplevnf/vars/main.yml index 45cea6820..e2a37377a 100644 --- a/ansible/roles/install_samplevnf/vars/main.yml +++ b/ansible/roles/install_samplevnf/vars/main.yml @@ -47,12 +47,12 @@ vnf_build_dependencies: vnf_build_dirs: ACL: vACL FW: vFW - CGNATP: vCGNAPT + CGNAPT: vCGNAPT UDP_Replay: UDP_Replay PROX: DPPD-PROX vnf_app_names: ACL: vACL FW: vFW - CGNATP: vCGNAPT + CGNAPT: vCGNAPT UDP_Replay: UDP_Replay PROX: prox diff --git a/ansible/roles/install_trex/defaults/main.yml b/ansible/roles/install_trex/defaults/main.yml index a5555e355..79a04fedd 100644 --- a/ansible/roles/install_trex/defaults/main.yml +++ b/ansible/roles/install_trex/defaults/main.yml @@ -13,6 +13,6 @@ # limitations under the License. --- #TREX_DOWNLOAD: "https://trex-tgn.cisco.com/trex/release/v2.05.tar.gz" -TREX_VERSION: v2.28 +TREX_VERSION: v2.41 TREX_DOWNLOAD: "{{ nsb_mirror_url|ternary(nsb_mirror_url, 'https://trex-tgn.cisco.com/trex/release' }}/{{ TREX_VERSION }}.tar.gz" INSTALL_BIN_PATH: "/opt/nsb_bin" diff --git a/ansible/roles/install_trex/tasks/main.yml b/ansible/roles/install_trex/tasks/main.yml index 7ba1fc833..9113c887f 100644 --- a/ansible/roles/install_trex/tasks/main.yml +++ b/ansible/roles/install_trex/tasks/main.yml @@ -31,9 +31,6 @@ dest: "{{ INSTALL_BIN_PATH }}/trex_client" state: link -# Don't use trex/scripts/dpdk_nic_bind.py use DPDK usertools/dpdk-devbind.py -#- command: cp "{{ INSTALL_BIN_PATH }}/trex/scripts/dpdk_nic_bind.py" "{{ INSTALL_BIN_PATH }}" - - name: add scripts to PYTHONPATH lineinfile: dest: /etc/environment diff --git a/ansible/roles/install_yardstick/tasks/main.yml b/ansible/roles/install_yardstick/tasks/main.yml new file mode 100644 index 000000000..f93f8eec3 --- /dev/null +++ b/ansible/roles/install_yardstick/tasks/main.yml @@ -0,0 +1,67 @@ +# Copyright (c) 2018 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +# Arguments needed: map_min_addr_file, yardstick_dir + +- name: Define variables + set_fact: + map_min_addr_file: "/etc/sysctl.d/mmap_min_addr.conf" + +- name: Remove the kernel minimum virtual address restriction that a process is allowed to mmap + copy: + dest: "{{ map_min_addr_file }}" + content: "vm.mmap_min_addr = 0\n" + +- name: Config git SSL + git_config: + name: http.sslVerify + scope: global + value: False + +- name: Install Yardstick requirements (venv) + pip: + requirements: "{{ yardstick_dir }}/requirements.txt" + virtualenv: "{{ yardstick_dir }}/virtualenv" + async: 900 + poll: 0 + register: pip_installer + when: virtual_environment == True + +- name: Install Yardstick requirements + pip: + requirements: "{{ yardstick_dir }}/requirements.txt" + async: 900 + poll: 0 + register: pip_installer + when: virtual_environment == False + +- name: Check install Yardstick requirements + async_status: + jid: "{{ pip_installer.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 180 + +- name: Install Yardstick code (venv) + pip: + name: "{{ yardstick_dir }}/" + editable: True + virtualenv: "{{ yardstick_dir }}/virtualenv" + when: virtual_environment == True + +- name: Install Yardstick code + pip: + name: "{{ yardstick_dir }}/" + editable: True + when: virtual_environment == False diff --git a/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 b/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 index 5b57178a7..cba8eacd4 100644 --- a/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 +++ b/ansible/roles/set_package_installer_proxy/templates/apt_conf.j2 @@ -1,3 +1,6 @@ {% if "http_proxy" in proxy_env %} Acquire::http::Proxy "{{ proxy_env.http_proxy }}"; {% endif %} +{% if "https_proxy" in proxy_env %} +Acquire::https::Proxy "{{ proxy_env.https_proxy }}"; +{% endif %} diff --git a/ansible/standalone_ovs_scale_out_ixia_correlated_test.yaml b/ansible/standalone_ovs_scale_out_ixia_correlated_test.yaml index 516676576..b54ea9b57 100644 --- a/ansible/standalone_ovs_scale_out_ixia_correlated_test.yaml +++ b/ansible/standalone_ovs_scale_out_ixia_correlated_test.yaml @@ -51,13 +51,12 @@ user: "" password: "" key_filename: ~ - tg_config: + tg_config: ixchassis: "1.1.1.127" #ixia chassis ip tcl_port: "8009" # tcl server port lib_path: "/opt/ixia/ixos-api/8.01.0.2/lib/ixTcl1.0" root_dir: "/opt/ixia/ixos-api/8.01.0.2/" py_bin_path: "/opt/ixia/ixload/8.01.106.3/bin/" - py_lib_path: "/opt/ixia/ixnetwork/8.01.1029.14/lib/PythonApi" dut_result_dir: "/mnt/results" version: "8.01.106.3" pcis: diff --git a/ansible/standalone_ovs_scale_out_ixia_test.yaml b/ansible/standalone_ovs_scale_out_ixia_test.yaml index ff665377f..cae373432 100644 --- a/ansible/standalone_ovs_scale_out_ixia_test.yaml +++ b/ansible/standalone_ovs_scale_out_ixia_test.yaml @@ -60,7 +60,6 @@ lib_path: "/opt/ixia/ixos-api/8.01.0.2/lib/ixTcl1.0" root_dir: "/opt/ixia/ixos-api/8.01.0.2/" py_bin_path: "/opt/ixia/ixload/8.01.106.3/bin/" - py_lib_path: "/opt/ixia/ixnetwork/8.01.1029.14/lib/PythonApi" dut_result_dir: "/mnt/results" version: "8.01.106.3" pcis: diff --git a/ansible/standalone_sriov_scale_out_ixia_correlated_test.yaml b/ansible/standalone_sriov_scale_out_ixia_correlated_test.yaml index 45a4a498b..0e3a0af55 100644 --- a/ansible/standalone_sriov_scale_out_ixia_correlated_test.yaml +++ b/ansible/standalone_sriov_scale_out_ixia_correlated_test.yaml @@ -43,13 +43,12 @@ user: "" password: "" key_filename: ~ - tg_config: + tg_config: ixchassis: "1.1.1.127" #ixia chassis ip tcl_port: "8009" # tcl server port lib_path: "/opt/ixia/ixos-api/8.01.0.2/lib/ixTcl1.0" root_dir: "/opt/ixia/ixos-api/8.01.0.2/" py_bin_path: "/opt/ixia/ixload/8.01.106.3/bin/" - py_lib_path: "/opt/ixia/ixnetwork/8.01.1029.14/lib/PythonApi" dut_result_dir: "/mnt/results" version: "8.01.106.3" pcis: diff --git a/ansible/standalone_sriov_scale_out_ixia_test.yaml b/ansible/standalone_sriov_scale_out_ixia_test.yaml index 659dbef07..8fb09d9b9 100644 --- a/ansible/standalone_sriov_scale_out_ixia_test.yaml +++ b/ansible/standalone_sriov_scale_out_ixia_test.yaml @@ -49,7 +49,6 @@ lib_path: "/opt/ixia/ixos-api/8.01.0.2/lib/ixTcl1.0" root_dir: "/opt/ixia/ixos-api/8.01.0.2/" py_bin_path: "/opt/ixia/ixload/8.01.106.3/bin/" - py_lib_path: "/opt/ixia/ixnetwork/8.01.1029.14/lib/PythonApi" dut_result_dir: "/mnt/results" version: "8.01.106.3" pcis: diff --git a/ansible/ubuntu_server_baremetal_deploy_samplevnfs.yml b/ansible/ubuntu_server_baremetal_deploy_samplevnfs.yml index 479b45c92..82d80fd5a 100644 --- a/ansible/ubuntu_server_baremetal_deploy_samplevnfs.yml +++ b/ansible/ubuntu_server_baremetal_deploy_samplevnfs.yml @@ -1,4 +1,4 @@ -# Copyright (c) 2017 Intel Corporation. +# Copyright (c) 2017-2019 Intel Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,6 +15,8 @@ - hosts: yardstick-standalone:jumphost vars: clone_dir: /tmp/yardstick-clone + vars_files: + - roles/download_dpdk/defaults/main.yml environment: "{{ proxy_env }}" @@ -24,19 +26,24 @@ when: proxy_env is defined and proxy_env # can't update grub in chroot/docker - enable_hugepages_on_boot + - enable_iommu_on_boot + - enable_cpu_isolation_on_boot # needed for collectd plugins - increase_open_file_limits - install_image_dependencies - - role: download_dpdk -# dpdk_version: "17.02" - - install_dpdk - download_trex - install_trex - download_civetweb - install_civetweb + - role: download_dpdk + dpdk_version: "{{ dpdk_version_for_PROX }}" + - role: install_dpdk + dpdk_version: "{{ dpdk_version_for_PROX }}" - download_samplevnfs - role: install_samplevnf vnf_name: PROX + - download_dpdk + - install_dpdk - role: install_samplevnf vnf_name: UDP_Replay - role: install_samplevnf @@ -44,7 +51,7 @@ - role: install_samplevnf vnf_name: FW - role: install_samplevnf - vnf_name: CGNATP + vnf_name: CGNAPT # build shared DPDK for collectd only, required DPDK downloaded already - install_dpdk_shared - install_rabbitmq @@ -54,3 +61,5 @@ - install_pmu_tools - download_collectd - install_collectd + - docker + - barometer_collectd diff --git a/ansible/ubuntu_server_cloudimg_modify.yml b/ansible/ubuntu_server_cloudimg_modify.yml index 099d5803f..90235cc81 100644 --- a/ansible/ubuntu_server_cloudimg_modify.yml +++ b/ansible/ubuntu_server_cloudimg_modify.yml @@ -27,6 +27,7 @@ - modify_cloud_config - role: set_package_installer_proxy when: proxy_env is defined and proxy_env + - download_l2fwd - install_image_dependencies - download_unixbench - install_unixbench diff --git a/ansible/ubuntu_server_cloudimg_modify_samplevnfs.yml b/ansible/ubuntu_server_cloudimg_modify_samplevnfs.yml index dff7f976a..d894c3dc4 100644 --- a/ansible/ubuntu_server_cloudimg_modify_samplevnfs.yml +++ b/ansible/ubuntu_server_cloudimg_modify_samplevnfs.yml @@ -16,6 +16,8 @@ connection: chroot vars: clone_dir: /tmp/yardstick-clone + vars_files: + - roles/download_dpdk/defaults/main.yml pre_tasks: - debug: @@ -35,16 +37,21 @@ - increase_open_file_limits - modify_cloud_config - install_image_dependencies - - role: download_dpdk -# dpdk_version: "17.02" - - install_dpdk - download_trex - install_trex - download_civetweb - install_civetweb + - role: download_dpdk + dpdk_version: "{{ dpdk_version_for_PROX }}" + - role: install_dpdk + dpdk_version: "{{ dpdk_version_for_PROX }}" - download_samplevnfs - role: install_samplevnf vnf_name: PROX + - download_dpdk + - install_dpdk + - download_pktgen + - install_pktgen - role: install_samplevnf vnf_name: UDP_Replay - role: install_samplevnf @@ -52,7 +59,7 @@ - role: install_samplevnf vnf_name: FW - role: install_samplevnf - vnf_name: CGNATP + vnf_name: CGNAPT # build shared DPDK for collectd only, required DPDK downloaded already - install_dpdk_shared - install_rabbitmq @@ -62,3 +69,5 @@ - install_pmu_tools - download_collectd - install_collectd + - download_drivers + - install_drivers diff --git a/ansible/yardstick-install-inventory.ini b/ansible/yardstick-install-inventory.ini deleted file mode 100644 index e276076cc..000000000 --- a/ansible/yardstick-install-inventory.ini +++ /dev/null @@ -1,20 +0,0 @@ -# the group of systems on which to install yardstick -# by default just localhost -[jumphost] -localhost ansible_connection=local - -# section below is only due backward compatibility. -# it will be removed later -[yardstick:children] -jumphost - -[yardstick-standalone] -# uncomment hosts below if you would to test yardstick-standalone/sriov scenarios -#yardstick-standalone-node ansible_host=192.168.1.2 -#yardstick-standalone-node-2 ansible_host=192.168.1.2 - -[all:vars] -# incomment credentials below for yardstick-standalone -#ansible_user=root -#ansible_pass=root - diff --git a/ansible/yardstick_config.yml b/ansible/yardstick_config.yml index 79ec1958e..32b853929 100644 --- a/ansible/yardstick_config.yml +++ b/ansible/yardstick_config.yml @@ -21,7 +21,6 @@ OPENRC: "{{ opnfv_root }}/openrc" INSTALLERS: [apex, compass, fuel, joid] INSTALLER_TYPE: "{{ lookup('env', 'INSTALLER_TYPE') }}" YARDSTICK_REPO_DIR: "{{ lookup('env', 'YARDSTICK_REPO_DIR')|default('/home/opnfv/repos/yardstick', true) }}" -RELENG_REPO_DIR: "{{ lookup('env', 'RELENG_REPO_DIR')|default('/home/opnfv/repos/releng', true) }}" storperf_rc: "{{ opnfv_root }}/storperf_admin-rc" DISPATCHER_TYPES: |