WIP: Automation for configuring an openQA worker host #1
@ -1,6 +1,7 @@
|
|||||||
|
---
|
||||||
# .ansible-lint
|
# .ansible-lint
|
||||||
warn_list:
|
warn_list:
|
||||||
- '204' # Lines should be less than 160 characters
|
- '204' # Lines should be less than 160 characters
|
||||||
- '701' # meta/main.yml should contain relevant info
|
- '701' # meta/main.yml should contain relevant info
|
||||||
skip_list:
|
skip_list:
|
||||||
- '106' # Role name must match ^[a-z][a-z0-9_]+$ pattern
|
- '106' # Role name must match ^[a-z][a-z0-9_]+$ pattern
|
||||||
|
@ -23,16 +23,17 @@
|
|||||||
|
|
||||||
# This is to try to avoid the handler issue in pre/post tasks
|
# This is to try to avoid the handler issue in pre/post tasks
|
||||||
handlers:
|
handlers:
|
||||||
- import_tasks: handlers/main.yml
|
- name: Import handlers
|
||||||
|
ansible.builtin.import_tasks: handlers/main.yml
|
||||||
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Check if ansible cannot be run here
|
- name: Check if ansible cannot be run here
|
||||||
stat:
|
ansible.builtin.stat:
|
||||||
path: /etc/no-ansible
|
path: /etc/no-ansible
|
||||||
register: no_ansible
|
register: no_ansible
|
||||||
|
|
||||||
- name: Verify if we can run ansible
|
- name: Verify if we can run ansible
|
||||||
assert:
|
ansible.builtin.assert:
|
||||||
that:
|
that:
|
||||||
- "not no_ansible.stat.exists"
|
- "not no_ansible.stat.exists"
|
||||||
success_msg: "We are able to run on this node"
|
success_msg: "We are able to run on this node"
|
||||||
@ -40,11 +41,11 @@
|
|||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Install and configure OpenQA
|
- name: Install and configure OpenQA
|
||||||
import_tasks: tasks/openqa.yml
|
ansible.builtin.import_tasks: tasks/openqa.yml
|
||||||
|
|
||||||
post_tasks:
|
post_tasks:
|
||||||
- name: Touching run file that ansible has ran here
|
- name: Touching run file that ansible has ran here
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: /var/log/ansible.run
|
path: /var/log/ansible.run
|
||||||
state: touch
|
state: touch
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
|
@ -12,16 +12,17 @@
|
|||||||
|
|
||||||
# This is to try to avoid the handler issue in pre/post tasks
|
# This is to try to avoid the handler issue in pre/post tasks
|
||||||
handlers:
|
handlers:
|
||||||
- import_tasks: handlers/main.yml
|
- name: Import handlers
|
||||||
|
ansible.builtin.import_tasks: handlers/main.yml
|
||||||
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Check if ansible cannot be run here
|
- name: Check if ansible cannot be run here
|
||||||
stat:
|
ansible.builtin.stat:
|
||||||
path: /etc/no-ansible
|
path: /etc/no-ansible
|
||||||
register: no_ansible
|
register: no_ansible
|
||||||
|
|
||||||
- name: Verify if we can run ansible
|
- name: Verify if we can run ansible
|
||||||
assert:
|
ansible.builtin.assert:
|
||||||
that:
|
that:
|
||||||
- "not no_ansible.stat.exists"
|
- "not no_ansible.stat.exists"
|
||||||
success_msg: "We are able to run on this node"
|
success_msg: "We are able to run on this node"
|
||||||
@ -29,11 +30,11 @@
|
|||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Install and configure OpenQA workers
|
- name: Install and configure OpenQA workers
|
||||||
import_tasks: tasks/openqa-worker.yml
|
ansible.builtin.import_tasks: tasks/openqa-worker.yml
|
||||||
|
|
||||||
post_tasks:
|
post_tasks:
|
||||||
- name: Touching run file that ansible has ran here
|
- name: Touching run file that ansible has ran here
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: /var/log/ansible.run
|
path: /var/log/ansible.run
|
||||||
state: touch
|
state: touch
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
|
@ -1,4 +0,0 @@
|
|||||||
---
|
|
||||||
# No tasks
|
|
||||||
- debug: msg="No tasks are provided here. Please import the task as needed in your playbook."
|
|
||||||
...
|
|
@ -1,25 +1,25 @@
|
|||||||
---
|
---
|
||||||
- name: Install OpenQA worker packages
|
- name: Install OpenQA worker packages
|
||||||
dnf:
|
ansible.builtin.dnf:
|
||||||
name: "{{ openqa_worker_packages }}"
|
name: "{{ openqa_worker_packages }}"
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- packages
|
- packages
|
||||||
|
|
||||||
- name: Create openQA group
|
- name: Create openQA group
|
||||||
group:
|
ansible.builtin.group:
|
||||||
name: "{{ openqa_group }}"
|
name: "{{ openqa_group }}"
|
||||||
system: true
|
system: true
|
||||||
|
|
||||||
- name: Create openQA user
|
- name: Create openQA user
|
||||||
user:
|
ansible.builtin.user:
|
||||||
name: "{{ openqa_user }}"
|
name: "{{ openqa_user }}"
|
||||||
groups: "{{ openqa_group }}"
|
groups: "{{ openqa_group }}"
|
||||||
append: true
|
append: true
|
||||||
system: true
|
system: true
|
||||||
|
|
||||||
- name: Configure firewalld for openQA worker connections
|
- name: Configure firewalld for openQA worker connections
|
||||||
template:
|
ansible.builtin.template:
|
||||||
src: etc/firewalld/services/{{ item }}.xml.j2
|
src: etc/firewalld/services/{{ item }}.xml.j2
|
||||||
dest: /etc/firewalld/services/{{ item }}.xml
|
dest: /etc/firewalld/services/{{ item }}.xml
|
||||||
owner: root
|
owner: root
|
||||||
@ -32,7 +32,7 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Reload firewalld
|
- name: Reload firewalld
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
name: firewalld
|
name: firewalld
|
||||||
state: reloaded
|
state: reloaded
|
||||||
tags:
|
tags:
|
||||||
@ -40,7 +40,7 @@
|
|||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
|
|
||||||
- name: Write openQA configuration file
|
- name: Write openQA configuration file
|
||||||
template:
|
ansible.builtin.template:
|
||||||
src: etc/openqa/{{ item }}.j2
|
src: etc/openqa/{{ item }}.j2
|
||||||
dest: /etc/openqa/{{ item }}
|
dest: /etc/openqa/{{ item }}
|
||||||
owner: "{{ openqa_user }}"
|
owner: "{{ openqa_user }}"
|
||||||
@ -52,13 +52,13 @@
|
|||||||
tags:
|
tags:
|
||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Start {{ openqa_worker_count }} openQA workers
|
- name: Start openQA workers
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: "openqa-worker@{{ item }}"
|
name: "openqa-worker@{{ item }}"
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
# range "end" parameter is exclusive, so add 1
|
# range "end" parameter is exclusive, so add 1
|
||||||
loop: "{{ range(1, (openqa_worker_count|int + 1)) | list }}"
|
loop: "{{ range(1, (openqa_worker_count | int + 1)) | list }}"
|
||||||
tags:
|
tags:
|
||||||
- start_workers
|
- start_workers
|
||||||
- configure
|
- configure
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
---
|
---
|
||||||
- name: Install OpenQA packages
|
- name: Install OpenQA packages
|
||||||
yum:
|
ansible.builtin.yum:
|
||||||
name: "{{ openqa_packages }}"
|
name: "{{ openqa_packages }}"
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- packages
|
- packages
|
||||||
|
|
||||||
- name: Copy httpd configuration files
|
- name: Copy httpd configuration files
|
||||||
copy:
|
ansible.builtin.copy:
|
||||||
remote_src: true
|
remote_src: true
|
||||||
src: /etc/httpd/conf.d/{{ item }}.template
|
src: /etc/httpd/conf.d/{{ item }}.template
|
||||||
dest: /etc/httpd/conf.d/{{ item }}
|
dest: /etc/httpd/conf.d/{{ item }}
|
||||||
@ -22,7 +22,7 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Template OpenQA configuration files
|
- name: Template OpenQA configuration files
|
||||||
template:
|
ansible.builtin.template:
|
||||||
src: etc/openqa/{{ item }}.j2
|
src: etc/openqa/{{ item }}.j2
|
||||||
dest: /etc/openqa/{{ item }}
|
dest: /etc/openqa/{{ item }}
|
||||||
owner: "{{ openqa_user }}"
|
owner: "{{ openqa_user }}"
|
||||||
@ -35,20 +35,21 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Get service facts
|
- name: Get service facts
|
||||||
service_facts:
|
ansible.builtin.service_facts:
|
||||||
|
|
||||||
- name: Check for non-empty postgres data directory
|
- name: Check for non-empty postgres data directory
|
||||||
stat:
|
ansible.builtin.stat:
|
||||||
path: /var/lib/pgsql/data/base
|
path: /var/lib/pgsql/data/base
|
||||||
register: postgres_data_dir
|
register: postgres_data_dir
|
||||||
|
|
||||||
- name: If postgresql is not already running, initialize database
|
- name: If postgresql is not already running, initialize database
|
||||||
command: postgresql-setup --initdb
|
ansible.builtin.command: postgresql-setup --initdb
|
||||||
when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" )
|
when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" )
|
||||||
and not postgres_data_dir.stat.exists
|
and not postgres_data_dir.stat.exists
|
||||||
|
changed_when: true
|
||||||
|
|
||||||
- name: Enable and start postgresql service
|
- name: Enable and start postgresql service
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
name: postgresql
|
name: postgresql
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
@ -56,7 +57,7 @@
|
|||||||
and not postgres_data_dir.stat.exists
|
and not postgres_data_dir.stat.exists
|
||||||
|
|
||||||
- name: Configure SELinux to allow httpd connection to network
|
- name: Configure SELinux to allow httpd connection to network
|
||||||
seboolean:
|
ansible.posix.seboolean:
|
||||||
name: httpd_can_network_connect
|
name: httpd_can_network_connect
|
||||||
state: true
|
state: true
|
||||||
persistent: true
|
persistent: true
|
||||||
@ -64,7 +65,7 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Enable and start OpenQA services
|
- name: Enable and start OpenQA services
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
@ -73,7 +74,7 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Create openqa-vnc firewalld service
|
- name: Create openqa-vnc firewalld service
|
||||||
template:
|
ansible.builtin.template:
|
||||||
src: etc/firewalld/services/openqa-vnc.xml.j2
|
src: etc/firewalld/services/openqa-vnc.xml.j2
|
||||||
dest: /etc/firewalld/services/openqa-vnc.xml
|
dest: /etc/firewalld/services/openqa-vnc.xml
|
||||||
owner: root
|
owner: root
|
||||||
@ -83,13 +84,13 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Load openqa-vnc firewalld service
|
- name: Load openqa-vnc firewalld service
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
name: firewalld
|
name: firewalld
|
||||||
state: reloaded
|
state: reloaded
|
||||||
tags:
|
tags:
|
||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Permit traffic for {{ item }} service
|
- name: Permit traffic for http and openqa-vnc services
|
||||||
ansible.posix.firewalld:
|
ansible.posix.firewalld:
|
||||||
service: "{{ item }}"
|
service: "{{ item }}"
|
||||||
permanent: true
|
permanent: true
|
||||||
@ -101,21 +102,21 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Reload FirewallD
|
- name: Reload FirewallD
|
||||||
systemd:
|
ansible.builtin.systemd:
|
||||||
name: firewalld
|
name: firewalld
|
||||||
state: reloaded
|
state: reloaded
|
||||||
tags:
|
tags:
|
||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Check for existing repository
|
- name: Check for existing repository
|
||||||
stat:
|
ansible.builtin.stat:
|
||||||
path: "{{ openqa_homedir }}/share/tests/rocky"
|
path: "{{ openqa_homedir }}/share/tests/rocky"
|
||||||
register: rocky_testing_repo
|
register: rocky_testing_repo
|
||||||
tags:
|
tags:
|
||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Clone repository if it does not already exist
|
- name: Clone repository if it does not already exist
|
||||||
git:
|
ansible.builtin.git:
|
||||||
accept_hostkey: true
|
accept_hostkey: true
|
||||||
dest: "{{ openqa_homedir }}/share/tests/rocky"
|
dest: "{{ openqa_homedir }}/share/tests/rocky"
|
||||||
repo: "{{ openqa_rocky_testing_repo }}"
|
repo: "{{ openqa_rocky_testing_repo }}"
|
||||||
@ -125,7 +126,7 @@
|
|||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: Set owner/group/permissions on repo contents
|
- name: Set owner/group/permissions on repo contents
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: "{{ openqa_homedir }}/share/tests/rocky"
|
path: "{{ openqa_homedir }}/share/tests/rocky"
|
||||||
recurse: true
|
recurse: true
|
||||||
owner: "{{ openqa_user }}"
|
owner: "{{ openqa_user }}"
|
||||||
@ -136,17 +137,17 @@
|
|||||||
|
|
||||||
# fifloader.py will fail if the Demo user is not logged in
|
# fifloader.py will fail if the Demo user is not logged in
|
||||||
- name: Authenticate to web UI the first time
|
- name: Authenticate to web UI the first time
|
||||||
uri:
|
ansible.builtin.uri:
|
||||||
url: "http://{{ openqa_host }}/login"
|
url: "http://{{ openqa_host }}/login"
|
||||||
|
|
||||||
- name: Run fifloader.py
|
- name: Run fifloader.py
|
||||||
command: ./fifloader.py -l -c templates.fif.json templates-updates.fif.json
|
ansible.builtin.command: ./fifloader.py -l -c templates.fif.json templates-updates.fif.json
|
||||||
changed_when: "1 != 1"
|
changed_when: "1 != 1"
|
||||||
args:
|
args:
|
||||||
chdir: "{{ openqa_homedir }}/share/tests/rocky"
|
chdir: "{{ openqa_homedir }}/share/tests/rocky"
|
||||||
|
|
||||||
- name: Create ISO directory
|
- name: Create ISO directory
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: "{{ openqa_homedir }}/share/factory/iso/fixed"
|
path: "{{ openqa_homedir }}/share/factory/iso/fixed"
|
||||||
state: directory
|
state: directory
|
||||||
owner: "{{ openqa_user }}"
|
owner: "{{ openqa_user }}"
|
||||||
@ -156,7 +157,7 @@
|
|||||||
- download_isos
|
- download_isos
|
||||||
|
|
||||||
- name: Download ISOs
|
- name: Download ISOs
|
||||||
get_url:
|
ansible.builtin.get_url:
|
||||||
dest: "{{ openqa_homedir }}/share/factory/iso/fixed/{{ item.name }}"
|
dest: "{{ openqa_homedir }}/share/factory/iso/fixed/{{ item.name }}"
|
||||||
url: "{{ rocky_iso_download_url }}/{{ item.name }}"
|
url: "{{ rocky_iso_download_url }}/{{ item.name }}"
|
||||||
checksum: "{{ item.checksum }}"
|
checksum: "{{ item.checksum }}"
|
||||||
@ -168,19 +169,19 @@
|
|||||||
tags:
|
tags:
|
||||||
- download_isos
|
- download_isos
|
||||||
|
|
||||||
- name: Start {{ openqa_worker_count }} OpenQA workers
|
- name: Start OpenQA workers
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: "openqa-worker@{{ item }}"
|
name: "openqa-worker@{{ item }}"
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
# range 'end' parameter is exclusive, so add 1
|
# range 'end' parameter is exclusive, so add 1
|
||||||
loop: "{{ range(1, (openqa_worker_count|int + 1)) | list }}"
|
loop: "{{ range(1, (openqa_worker_count | int + 1)) | list }}"
|
||||||
tags:
|
tags:
|
||||||
- start_workers
|
- start_workers
|
||||||
- configure
|
- configure
|
||||||
|
|
||||||
- name: POST a job
|
- name: POST a job
|
||||||
command: |
|
ansible.builtin.command: |
|
||||||
openqa-cli api -X POST isos \
|
openqa-cli api -X POST isos \
|
||||||
ISO=Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso \
|
ISO=Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso \
|
||||||
ARCH={{ rocky_arch }} \
|
ARCH={{ rocky_arch }} \
|
||||||
|
@ -1,5 +1,9 @@
|
|||||||
---
|
---
|
||||||
- hosts: localhost
|
- name: Run tests
|
||||||
|
hosts: localhost
|
||||||
remote_user: root
|
remote_user: root
|
||||||
tasks:
|
tasks:
|
||||||
- import_tasks: example.yml
|
- name: Ensure required variables are defined
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- openqa_host is defined
|
||||||
|
@ -15,7 +15,7 @@ openqa_worker_count: 2
|
|||||||
# The max port should be 5990 + n where n is the total
|
# The max port should be 5990 + n where n is the total
|
||||||
# number of workers you want to enable on your system.
|
# number of workers you want to enable on your system.
|
||||||
openqa_min_vnc_port: 5991
|
openqa_min_vnc_port: 5991
|
||||||
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count|int }}"
|
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count | int }}"
|
||||||
|
|
||||||
# Port range to open for socket connections from the primary host.
|
# Port range to open for socket connections from the primary host.
|
||||||
openqa_min_socket_port: 20000
|
openqa_min_socket_port: 20000
|
||||||
@ -23,14 +23,13 @@ openqa_max_socket_port: 20089
|
|||||||
|
|
||||||
# Packages to install
|
# Packages to install
|
||||||
openqa_worker_packages:
|
openqa_worker_packages:
|
||||||
|
- firewalld
|
||||||
- guestfs-tools
|
- guestfs-tools
|
||||||
- libguestfs-xfs
|
- libguestfs-xfs
|
||||||
- libvirt-daemon-config-network
|
- libvirt-daemon-config-network
|
||||||
- virt-install
|
|
||||||
- openqa-worker
|
- openqa-worker
|
||||||
- perl-REST-Client
|
- perl-REST-Client
|
||||||
- python3-libguestfs
|
- python3-libguestfs
|
||||||
- virt-install
|
- virt-install
|
||||||
- withlock
|
- withlock
|
||||||
- firewalld
|
|
||||||
...
|
...
|
||||||
|
@ -45,7 +45,7 @@ openqa_worker_count: 1
|
|||||||
# The max port should be 5990 + n where n is the total
|
# The max port should be 5990 + n where n is the total
|
||||||
# number of workers you want to enable on your system.
|
# number of workers you want to enable on your system.
|
||||||
openqa_min_vnc_port: 5991
|
openqa_min_vnc_port: 5991
|
||||||
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count|int }}"
|
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count | int }}"
|
||||||
|
|
||||||
# Packages to install
|
# Packages to install
|
||||||
openqa_packages:
|
openqa_packages:
|
||||||
|
Loading…
Reference in New Issue
Block a user