WIP: Automation for configuring an openQA worker host #1

Draft
raktajino wants to merge 23 commits from worker_host into develop
9 changed files with 59 additions and 55 deletions
Showing only changes of commit 05fb2aa93b - Show all commits

View File

@ -1,3 +1,4 @@
---
# .ansible-lint # .ansible-lint
warn_list: warn_list:
- '204' # Lines should be less than 160 characters - '204' # Lines should be less than 160 characters

View File

@ -24,16 +24,17 @@
# This is to try to avoid the handler issue in pre/post tasks # This is to try to avoid the handler issue in pre/post tasks
handlers: handlers:
- import_tasks: handlers/main.yml - name: Import handlers
ansible.builtin.import_tasks: handlers/main.yml
pre_tasks: pre_tasks:
- name: Check if ansible cannot be run here - name: Check if ansible cannot be run here
stat: ansible.builtin.stat:
path: /etc/no-ansible path: /etc/no-ansible
register: no_ansible register: no_ansible
- name: Verify if we can run ansible - name: Verify if we can run ansible
assert: ansible.builtin.assert:
that: that:
- "not no_ansible.stat.exists" - "not no_ansible.stat.exists"
success_msg: "We are able to run on this node" success_msg: "We are able to run on this node"
@ -41,13 +42,14 @@
tasks: tasks:
- name: Install and configure OpenQA - name: Install and configure OpenQA
import_tasks: tasks/openqa.yml ansible.builtin.import_tasks: tasks/openqa.yml
- name: Apply Rocky Linux OpenQA Branding - name: Apply Rocky Linux OpenQA Branding
import_tasks: tasks/openqa_branding.yml ansible.builtin.import_tasks: tasks/openqa_branding.yml
post_tasks: post_tasks:
- name: Touching run file that ansible has ran here - name: Touching run file that ansible has ran here
file: ansible.builtin.file:
path: /var/log/ansible.run path: /var/log/ansible.run
state: touch state: touch
mode: '0644' mode: '0644'

View File

@ -18,16 +18,17 @@
# This is to try to avoid the handler issue in pre/post tasks # This is to try to avoid the handler issue in pre/post tasks
handlers: handlers:
- import_tasks: handlers/main.yml - name: Import handlers
ansible.builtin.import_tasks: handlers/main.yml
pre_tasks: pre_tasks:
- name: Check if ansible cannot be run here - name: Check if ansible cannot be run here
stat: ansible.builtin.stat:
path: /etc/no-ansible path: /etc/no-ansible
register: no_ansible register: no_ansible
- name: Verify if we can run ansible - name: Verify if we can run ansible
assert: ansible.builtin.assert:
that: that:
- "not no_ansible.stat.exists" - "not no_ansible.stat.exists"
success_msg: "We are able to run on this node" success_msg: "We are able to run on this node"
@ -35,11 +36,11 @@
tasks: tasks:
- name: Install and configure OpenQA workers - name: Install and configure OpenQA workers
import_tasks: tasks/openqa-worker.yml ansible.builtin.import_tasks: tasks/openqa-worker.yml
post_tasks: post_tasks:
- name: Touching run file that ansible has ran here - name: Touching run file that ansible has ran here
file: ansible.builtin.file:
path: /var/log/ansible.run path: /var/log/ansible.run
state: touch state: touch
mode: '0644' mode: '0644'

View File

@ -1,4 +0,0 @@
---
# No tasks
- debug: msg="No tasks are provided here. Please import the task as needed in your playbook."
...

View File

@ -1,25 +1,25 @@
--- ---
- name: Install OpenQA worker packages - name: Install OpenQA worker packages
dnf: ansible.builtin.dnf:
name: "{{ openqa_worker_packages }}" name: "{{ openqa_worker_packages }}"
state: present state: present
tags: tags:
- packages - packages
- name: Create openQA group - name: Create openQA group
group: ansible.builtin.group:
name: "{{ openqa_group }}" name: "{{ openqa_group }}"
system: true system: true
- name: Create openQA user - name: Create openQA user
user: ansible.builtin.user:
name: "{{ openqa_user }}" name: "{{ openqa_user }}"
groups: "{{ openqa_group }}" groups: "{{ openqa_group }}"
append: true append: true
system: true system: true
- name: Configure firewalld for openQA worker connections - name: Configure firewalld for openQA worker connections
template: ansible.builtin.template:
src: etc/firewalld/services/{{ item }}.xml.j2 src: etc/firewalld/services/{{ item }}.xml.j2
dest: /etc/firewalld/services/{{ item }}.xml dest: /etc/firewalld/services/{{ item }}.xml
owner: root owner: root
@ -32,7 +32,7 @@
- configure - configure
- name: Reload firewalld - name: Reload firewalld
systemd: ansible.builtin.systemd:
name: firewalld name: firewalld
state: reloaded state: reloaded
tags: tags:
@ -40,7 +40,7 @@
ignore_errors: "{{ ansible_check_mode }}" ignore_errors: "{{ ansible_check_mode }}"
- name: Write openQA configuration file - name: Write openQA configuration file
template: ansible.builtin.template:
src: etc/openqa/{{ item }}.j2 src: etc/openqa/{{ item }}.j2
dest: /etc/openqa/{{ item }} dest: /etc/openqa/{{ item }}
owner: "{{ openqa_user }}" owner: "{{ openqa_user }}"
@ -52,13 +52,13 @@
tags: tags:
- configure - configure
- name: Start {{ openqa_worker_count }} openQA workers - name: Start openQA workers
ansible.builtin.systemd: ansible.builtin.systemd:
name: "openqa-worker@{{ item }}" name: "openqa-worker@{{ item }}"
state: started state: started
enabled: true enabled: true
# range "end" parameter is exclusive, so add 1 # range "end" parameter is exclusive, so add 1
loop: "{{ range(1, (openqa_worker_count|int + 1)) | list }}" loop: "{{ range(1, (openqa_worker_count | int + 1)) | list }}"
tags: tags:
- start_workers - start_workers
- configure - configure

View File

@ -1,13 +1,13 @@
--- ---
- name: Install OpenQA packages - name: Install OpenQA packages
yum: ansible.builtin.yum:
name: "{{ openqa_packages }}" name: "{{ openqa_packages }}"
state: present state: present
tags: tags:
- packages - packages
- name: Copy httpd configuration files - name: Copy httpd configuration files
copy: ansible.builtin.copy:
remote_src: true remote_src: true
src: /etc/httpd/conf.d/{{ item }}.template src: /etc/httpd/conf.d/{{ item }}.template
dest: /etc/httpd/conf.d/{{ item }} dest: /etc/httpd/conf.d/{{ item }}
@ -22,7 +22,7 @@
- configure - configure
- name: Template OpenQA configuration files - name: Template OpenQA configuration files
template: ansible.builtin.template:
src: etc/openqa/{{ item }}.j2 src: etc/openqa/{{ item }}.j2
dest: /etc/openqa/{{ item }} dest: /etc/openqa/{{ item }}
owner: "{{ openqa_user }}" owner: "{{ openqa_user }}"
@ -35,20 +35,21 @@
- configure - configure
- name: Get service facts - name: Get service facts
service_facts: ansible.builtin.service_facts:
- name: Check for non-empty postgres data directory - name: Check for non-empty postgres data directory
stat: ansible.builtin.stat:
path: /var/lib/pgsql/data/base path: /var/lib/pgsql/data/base
register: postgres_data_dir register: postgres_data_dir
- name: If postgresql is not already running, initialize database - name: If postgresql is not already running, initialize database
command: postgresql-setup --initdb ansible.builtin.command: postgresql-setup --initdb
when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" ) when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" )
and not postgres_data_dir.stat.exists and not postgres_data_dir.stat.exists
changed_when: true
- name: Enable and start postgresql service - name: Enable and start postgresql service
systemd: ansible.builtin.systemd:
name: postgresql name: postgresql
state: started state: started
enabled: true enabled: true
@ -56,7 +57,7 @@
and not postgres_data_dir.stat.exists and not postgres_data_dir.stat.exists
- name: Configure SELinux to allow httpd connection to network - name: Configure SELinux to allow httpd connection to network
seboolean: ansible.posix.seboolean:
name: httpd_can_network_connect name: httpd_can_network_connect
state: true state: true
persistent: true persistent: true
@ -64,7 +65,7 @@
- configure - configure
- name: Enable and start OpenQA services - name: Enable and start OpenQA services
systemd: ansible.builtin.systemd:
name: "{{ item }}" name: "{{ item }}"
state: started state: started
enabled: true enabled: true
@ -73,7 +74,7 @@
- configure - configure
- name: Create openqa-vnc firewalld service - name: Create openqa-vnc firewalld service
template: ansible.builtin.template:
src: etc/firewalld/services/openqa-vnc.xml.j2 src: etc/firewalld/services/openqa-vnc.xml.j2
dest: /etc/firewalld/services/openqa-vnc.xml dest: /etc/firewalld/services/openqa-vnc.xml
owner: root owner: root
@ -83,13 +84,13 @@
- configure - configure
- name: Load openqa-vnc firewalld service - name: Load openqa-vnc firewalld service
systemd: ansible.builtin.systemd:
name: firewalld name: firewalld
state: reloaded state: reloaded
tags: tags:
- configure - configure
- name: Permit traffic for {{ item }} service - name: Permit traffic for http and openqa-vnc services
ansible.posix.firewalld: ansible.posix.firewalld:
service: "{{ item }}" service: "{{ item }}"
permanent: true permanent: true
@ -101,21 +102,21 @@
- configure - configure
- name: Reload FirewallD - name: Reload FirewallD
systemd: ansible.builtin.systemd:
name: firewalld name: firewalld
state: reloaded state: reloaded
tags: tags:
- configure - configure
- name: Check for existing repository - name: Check for existing repository
stat: ansible.builtin.stat:
path: "{{ openqa_homedir }}/share/tests/rocky" path: "{{ openqa_homedir }}/share/tests/rocky"
register: rocky_testing_repo register: rocky_testing_repo
tags: tags:
- configure - configure
- name: Clone repository if it does not already exist - name: Clone repository if it does not already exist
git: ansible.builtin.git:
accept_hostkey: true accept_hostkey: true
dest: "{{ openqa_homedir }}/share/tests/rocky" dest: "{{ openqa_homedir }}/share/tests/rocky"
repo: "{{ openqa_rocky_testing_repo }}" repo: "{{ openqa_rocky_testing_repo }}"
@ -125,7 +126,7 @@
- configure - configure
- name: Set owner/group/permissions on repo contents - name: Set owner/group/permissions on repo contents
file: ansible.builtin.file:
path: "{{ openqa_homedir }}/share/tests/rocky" path: "{{ openqa_homedir }}/share/tests/rocky"
recurse: true recurse: true
owner: "{{ openqa_user }}" owner: "{{ openqa_user }}"
@ -136,17 +137,17 @@
# fifloader.py will fail if the Demo user is not logged in # fifloader.py will fail if the Demo user is not logged in
- name: Authenticate to web UI the first time - name: Authenticate to web UI the first time
uri: ansible.builtin.uri:
url: "http://{{ openqa_host }}/login" url: "http://{{ openqa_host }}/login"
- name: Run fifloader.py - name: Run fifloader.py
command: ./fifloader.py -l -c templates.fif.json templates-updates.fif.json ansible.builtin.command: ./fifloader.py -l -c templates.fif.json templates-updates.fif.json
changed_when: "1 != 1" changed_when: "1 != 1"
args: args:
chdir: "{{ openqa_homedir }}/share/tests/rocky" chdir: "{{ openqa_homedir }}/share/tests/rocky"
- name: Create ISO directory - name: Create ISO directory
file: ansible.builtin.file:
path: "{{ openqa_homedir }}/share/factory/iso/fixed" path: "{{ openqa_homedir }}/share/factory/iso/fixed"
state: directory state: directory
owner: "{{ openqa_user }}" owner: "{{ openqa_user }}"
@ -156,7 +157,7 @@
- download_isos - download_isos
- name: Download ISOs - name: Download ISOs
get_url: ansible.builtin.get_url:
dest: "{{ openqa_homedir }}/share/factory/iso/fixed/{{ item.name }}" dest: "{{ openqa_homedir }}/share/factory/iso/fixed/{{ item.name }}"
url: "{{ rocky_iso_download_url }}/{{ item.name }}" url: "{{ rocky_iso_download_url }}/{{ item.name }}"
checksum: "{{ item.checksum }}" checksum: "{{ item.checksum }}"
@ -168,19 +169,19 @@
tags: tags:
- download_isos - download_isos
- name: Start {{ openqa_worker_count }} OpenQA workers - name: Start OpenQA workers
ansible.builtin.systemd: ansible.builtin.systemd:
name: "openqa-worker@{{ item }}" name: "openqa-worker@{{ item }}"
state: started state: started
enabled: true enabled: true
# range 'end' parameter is exclusive, so add 1 # range 'end' parameter is exclusive, so add 1
loop: "{{ range(1, (openqa_worker_count|int + 1)) | list }}" loop: "{{ range(1, (openqa_worker_count | int + 1)) | list }}"
tags: tags:
- start_workers - start_workers
- configure - configure
- name: POST a job - name: POST a job
command: | ansible.builtin.command: |
openqa-cli api -X POST isos \ openqa-cli api -X POST isos \
ISO=Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso \ ISO=Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso \
ARCH={{ rocky_arch }} \ ARCH={{ rocky_arch }} \

View File

@ -1,5 +1,9 @@
--- ---
- hosts: localhost - name: Run tests
hosts: localhost
remote_user: root remote_user: root
tasks: tasks:
- import_tasks: example.yml - name: Ensure required variables are defined
ansible.builtin.assert:
that:
- openqa_host is defined

View File

@ -15,7 +15,7 @@ openqa_worker_count: 1
# The max port should be 5990 + n where n is the total # The max port should be 5990 + n where n is the total
# number of workers you want to enable on your system. # number of workers you want to enable on your system.
openqa_min_vnc_port: 5991 openqa_min_vnc_port: 5991
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count|int }}" openqa_max_vnc_port: "{{ 5990 + openqa_worker_count | int }}"
# Port range to open for socket connections from the primary host. # Port range to open for socket connections from the primary host.
openqa_min_socket_port: 20000 openqa_min_socket_port: 20000
@ -23,14 +23,13 @@ openqa_max_socket_port: 20089
# Packages to install # Packages to install
openqa_worker_packages: openqa_worker_packages:
- firewalld
- guestfs-tools - guestfs-tools
- libguestfs-xfs - libguestfs-xfs
- libvirt-daemon-config-network - libvirt-daemon-config-network
- virt-install
- openqa-worker - openqa-worker
- perl-REST-Client - perl-REST-Client
- python3-libguestfs - python3-libguestfs
- virt-install - virt-install
- withlock - withlock
- firewalld
... ...

View File

@ -45,7 +45,7 @@ openqa_worker_count: 1
# The max port should be 5990 + n where n is the total # The max port should be 5990 + n where n is the total
# number of workers you want to enable on your system. # number of workers you want to enable on your system.
openqa_min_vnc_port: 5991 openqa_min_vnc_port: 5991
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count|int }}" openqa_max_vnc_port: "{{ 5990 + openqa_worker_count | int }}"
# Packages to install # Packages to install
openqa_packages: openqa_packages: