Compare commits
4 Commits
main
...
worker_hos
Author | SHA1 | Date | |
---|---|---|---|
|
6713c3024c | ||
|
ed3b12a320 | ||
|
0f57ce2a83 | ||
|
af549402d9 |
@ -1,3 +1,4 @@
|
||||
---
|
||||
# .ansible-lint
|
||||
warn_list:
|
||||
- '204' # Lines should be less than 160 characters
|
||||
|
@ -17,26 +17,30 @@ This repository is for openQA operations and management.
|
||||
├── handlers
|
||||
│ └── main.yml
|
||||
├── init-rocky-openqa-developer-host.yml
|
||||
├── localhost.yml
|
||||
├── init-rocky-openqa-worker-host.yml
|
||||
├── README.md
|
||||
├── roles
|
||||
│ └── README.md
|
||||
├── tasks
|
||||
│ ├── main.yml
|
||||
│ ├── openqa-worker.yml
|
||||
│ └── openqa.yml
|
||||
├── templates
|
||||
│ └── etc
|
||||
│ ├── firewalld
|
||||
│ │ └── services
|
||||
│ │ ├── openqa-socket.xml.j2
|
||||
│ │ └── openqa-vnc.xml.j2
|
||||
│ └── openqa
|
||||
│ ├── client.conf.j2
|
||||
│ └── openqa.ini.j2
|
||||
│ ├── openqa.ini.j2
|
||||
│ └── workers.conf.j2
|
||||
├── tests
|
||||
│ ├── README.md
|
||||
│ └── test.yml
|
||||
└── vars
|
||||
├── main.yml
|
||||
├── openqa-worker.yml
|
||||
└── openqa.yml
|
||||
```
|
||||
|
||||
|
@ -23,16 +23,17 @@
|
||||
|
||||
# This is to try to avoid the handler issue in pre/post tasks
|
||||
handlers:
|
||||
- import_tasks: handlers/main.yml
|
||||
- name: Import handlers
|
||||
ansible.builtin.import_tasks: handlers/main.yml
|
||||
|
||||
pre_tasks:
|
||||
- name: Check if ansible cannot be run here
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: /etc/no-ansible
|
||||
register: no_ansible
|
||||
|
||||
- name: Verify if we can run ansible
|
||||
assert:
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "not no_ansible.stat.exists"
|
||||
success_msg: "We are able to run on this node"
|
||||
@ -40,11 +41,11 @@
|
||||
|
||||
tasks:
|
||||
- name: Install and configure OpenQA
|
||||
import_tasks: tasks/openqa.yml
|
||||
ansible.builtin.import_tasks: tasks/openqa.yml
|
||||
|
||||
post_tasks:
|
||||
- name: Touching run file that ansible has ran here
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: /var/log/ansible.run
|
||||
state: touch
|
||||
mode: '0644'
|
||||
|
43
init-rocky-openqa-worker-host.yml
Normal file
43
init-rocky-openqa-worker-host.yml
Normal file
@ -0,0 +1,43 @@
|
||||
# Configure an openQA worker host
|
||||
# This playbook is *NOT* intended for WAN-facing systems!
|
||||
#
|
||||
# Created: @akatch
|
||||
---
|
||||
- name: Rocky openQA Worker Runbook
|
||||
hosts: openqa_workers
|
||||
become: true
|
||||
gather_facts: false
|
||||
vars_files:
|
||||
- vars/openqa-worker.yml
|
||||
|
||||
# This is to try to avoid the handler issue in pre/post tasks
|
||||
handlers:
|
||||
- name: Import handlers
|
||||
ansible.builtin.import_tasks: handlers/main.yml
|
||||
|
||||
pre_tasks:
|
||||
- name: Check if ansible cannot be run here
|
||||
ansible.builtin.stat:
|
||||
path: /etc/no-ansible
|
||||
register: no_ansible
|
||||
|
||||
- name: Verify if we can run ansible
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "not no_ansible.stat.exists"
|
||||
success_msg: "We are able to run on this node"
|
||||
fail_msg: "/etc/no-ansible exists - skipping run on this node"
|
||||
|
||||
tasks:
|
||||
- name: Install and configure OpenQA workers
|
||||
ansible.builtin.import_tasks: tasks/openqa-worker.yml
|
||||
|
||||
post_tasks:
|
||||
- name: Touching run file that ansible has ran here
|
||||
ansible.builtin.file:
|
||||
path: /var/log/ansible.run
|
||||
state: touch
|
||||
mode: '0644'
|
||||
owner: root
|
||||
group: root
|
||||
...
|
3
requirements.yml
Normal file
3
requirements.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
collections:
|
||||
- ansible.posix
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
# No tasks
|
||||
- debug: msg="No tasks are provided here. Please import the task as needed in your playbook."
|
||||
...
|
66
tasks/openqa-worker.yml
Normal file
66
tasks/openqa-worker.yml
Normal file
@ -0,0 +1,66 @@
|
||||
---
|
||||
- name: Install OpenQA worker packages
|
||||
ansible.builtin.dnf:
|
||||
name: "{{ openqa_worker_packages }}"
|
||||
state: present
|
||||
tags:
|
||||
- packages
|
||||
|
||||
- name: Create openQA group
|
||||
ansible.builtin.group:
|
||||
name: "{{ openqa_group }}"
|
||||
system: true
|
||||
|
||||
- name: Create openQA user
|
||||
ansible.builtin.user:
|
||||
name: "{{ openqa_user }}"
|
||||
groups: "{{ openqa_group }}"
|
||||
append: true
|
||||
system: true
|
||||
|
||||
- name: Configure firewalld for openQA worker connections
|
||||
ansible.builtin.template:
|
||||
src: etc/firewalld/services/{{ item }}.xml.j2
|
||||
dest: /etc/firewalld/services/{{ item }}.xml
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
loop:
|
||||
- openqa-socket
|
||||
- openqa-vnc
|
||||
tags:
|
||||
- configure
|
||||
|
||||
- name: Reload firewalld
|
||||
ansible.builtin.systemd:
|
||||
name: firewalld
|
||||
state: reloaded
|
||||
tags:
|
||||
- configure
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
|
||||
- name: Write openQA configuration file
|
||||
ansible.builtin.template:
|
||||
src: etc/openqa/{{ item }}.j2
|
||||
dest: /etc/openqa/{{ item }}
|
||||
owner: "{{ openqa_user }}"
|
||||
group: "{{ openqa_group }}"
|
||||
mode: "0444"
|
||||
loop:
|
||||
- client.conf
|
||||
- workers.conf
|
||||
tags:
|
||||
- configure
|
||||
|
||||
- name: Start openQA workers
|
||||
ansible.builtin.systemd:
|
||||
name: "openqa-worker@{{ item }}"
|
||||
state: started
|
||||
enabled: true
|
||||
# range "end" parameter is exclusive, so add 1
|
||||
loop: "{{ range(1, (openqa_worker_count | int + 1)) | list }}"
|
||||
tags:
|
||||
- start_workers
|
||||
- configure
|
||||
ignore_errors: "{{ ansible_check_mode }}"
|
||||
...
|
@ -1,13 +1,13 @@
|
||||
---
|
||||
- name: Install OpenQA packages
|
||||
yum:
|
||||
ansible.builtin.yum:
|
||||
name: "{{ openqa_packages }}"
|
||||
state: present
|
||||
tags:
|
||||
- packages
|
||||
|
||||
- name: Copy httpd configuration files
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
remote_src: true
|
||||
src: /etc/httpd/conf.d/{{ item }}.template
|
||||
dest: /etc/httpd/conf.d/{{ item }}
|
||||
@ -22,7 +22,7 @@
|
||||
- configure
|
||||
|
||||
- name: Template OpenQA configuration files
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: etc/openqa/{{ item }}.j2
|
||||
dest: /etc/openqa/{{ item }}
|
||||
owner: "{{ openqa_user }}"
|
||||
@ -35,20 +35,21 @@
|
||||
- configure
|
||||
|
||||
- name: Get service facts
|
||||
service_facts:
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: Check for non-empty postgres data directory
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: /var/lib/pgsql/data/base
|
||||
register: postgres_data_dir
|
||||
|
||||
- name: If postgresql is not already running, initialize database
|
||||
command: postgresql-setup --initdb
|
||||
ansible.builtin.command: postgresql-setup --initdb
|
||||
when: not ( ansible_facts.services["postgresql.service"]["state"] == "running" )
|
||||
and not postgres_data_dir.stat.exists
|
||||
changed_when: true
|
||||
|
||||
- name: Enable and start postgresql service
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: postgresql
|
||||
state: started
|
||||
enabled: true
|
||||
@ -56,7 +57,7 @@
|
||||
and not postgres_data_dir.stat.exists
|
||||
|
||||
- name: Configure SELinux to allow httpd connection to network
|
||||
seboolean:
|
||||
ansible.posix.seboolean:
|
||||
name: httpd_can_network_connect
|
||||
state: true
|
||||
persistent: true
|
||||
@ -64,7 +65,7 @@
|
||||
- configure
|
||||
|
||||
- name: Enable and start OpenQA services
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ item }}"
|
||||
state: started
|
||||
enabled: true
|
||||
@ -73,7 +74,7 @@
|
||||
- configure
|
||||
|
||||
- name: Create openqa-vnc firewalld service
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: etc/firewalld/services/openqa-vnc.xml.j2
|
||||
dest: /etc/firewalld/services/openqa-vnc.xml
|
||||
owner: root
|
||||
@ -83,13 +84,13 @@
|
||||
- configure
|
||||
|
||||
- name: Load openqa-vnc firewalld service
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: firewalld
|
||||
state: reloaded
|
||||
tags:
|
||||
- configure
|
||||
|
||||
- name: Permit traffic for {{ item }} service
|
||||
- name: Permit traffic for http and openqa-vnc services
|
||||
ansible.posix.firewalld:
|
||||
service: "{{ item }}"
|
||||
permanent: true
|
||||
@ -101,21 +102,21 @@
|
||||
- configure
|
||||
|
||||
- name: Reload FirewallD
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: firewalld
|
||||
state: reloaded
|
||||
tags:
|
||||
- configure
|
||||
|
||||
- name: Check for existing repository
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: "{{ openqa_homedir }}/share/tests/rocky"
|
||||
register: rocky_testing_repo
|
||||
tags:
|
||||
- configure
|
||||
|
||||
- name: Clone repository if it does not already exist
|
||||
git:
|
||||
ansible.builtin.git:
|
||||
accept_hostkey: true
|
||||
dest: "{{ openqa_homedir }}/share/tests/rocky"
|
||||
repo: "{{ openqa_rocky_testing_repo }}"
|
||||
@ -125,7 +126,7 @@
|
||||
- configure
|
||||
|
||||
- name: Set owner/group/permissions on repo contents
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ openqa_homedir }}/share/tests/rocky"
|
||||
recurse: true
|
||||
owner: "{{ openqa_user }}"
|
||||
@ -136,17 +137,17 @@
|
||||
|
||||
# fifloader.py will fail if the Demo user is not logged in
|
||||
- name: Authenticate to web UI the first time
|
||||
uri:
|
||||
ansible.builtin.uri:
|
||||
url: "http://{{ openqa_host }}/login"
|
||||
|
||||
- name: Run fifloader.py
|
||||
command: ./fifloader.py -l -c templates.fif.json templates-updates.fif.json
|
||||
ansible.builtin.command: ./fifloader.py -l -c templates.fif.json templates-updates.fif.json
|
||||
changed_when: "1 != 1"
|
||||
args:
|
||||
chdir: "{{ openqa_homedir }}/share/tests/rocky"
|
||||
|
||||
- name: Create ISO directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ openqa_homedir }}/share/factory/iso/fixed"
|
||||
state: directory
|
||||
owner: "{{ openqa_user }}"
|
||||
@ -156,7 +157,7 @@
|
||||
- download_isos
|
||||
|
||||
- name: Download ISOs
|
||||
get_url:
|
||||
ansible.builtin.get_url:
|
||||
dest: "{{ openqa_homedir }}/share/factory/iso/fixed/{{ item.name }}"
|
||||
url: "{{ rocky_iso_download_url }}/{{ item.name }}"
|
||||
checksum: "{{ item.checksum }}"
|
||||
@ -168,7 +169,7 @@
|
||||
tags:
|
||||
- download_isos
|
||||
|
||||
- name: Start {{ openqa_worker_count }} OpenQA workers
|
||||
- name: Start OpenQA workers
|
||||
ansible.builtin.systemd:
|
||||
name: "openqa-worker@{{ item }}"
|
||||
state: started
|
||||
@ -180,7 +181,7 @@
|
||||
- configure
|
||||
|
||||
- name: POST a job
|
||||
command: |
|
||||
ansible.builtin.command: |
|
||||
openqa-cli api -X POST isos \
|
||||
ISO=Rocky-{{ rocky_version }}-{{ rocky_arch }}-minimal.iso \
|
||||
ARCH={{ rocky_arch }} \
|
||||
|
4
templates/etc/firewalld/services/openqa-socket.xml.j2
Normal file
4
templates/etc/firewalld/services/openqa-socket.xml.j2
Normal file
@ -0,0 +1,4 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<port port="{{ openqa_min_socket_port }}-{{ openqa_max_socket_port }}" protocol="tcp"/>
|
||||
</service>
|
9
templates/etc/openqa/workers.conf.j2
Normal file
9
templates/etc/openqa/workers.conf.j2
Normal file
@ -0,0 +1,9 @@
|
||||
[global]
|
||||
HOST = https://{{ openqa_host }}
|
||||
CACHEDIRECTORY = /var/lib/openqa/cache # desired cache location
|
||||
CACHELIMIT = 50 # max. cache size in GiB, defaults to 50
|
||||
CACHE_MIN_FREE_PERCENTAGE = 10 # min. free disk space to preserve in percent
|
||||
CACHEWORKERS = 5 # number of parallel cache minion workers, defaults to 5
|
||||
|
||||
[https://{{ openqa_host }}]
|
||||
TESTPOOLSERVER = rsync://{{ openqa_host }}/tests # also cache tests (via rsync)
|
@ -1,5 +1,9 @@
|
||||
---
|
||||
- hosts: localhost
|
||||
- name: Run tests
|
||||
hosts: localhost
|
||||
remote_user: root
|
||||
tasks:
|
||||
- import_tasks: example.yml
|
||||
- name: Ensure required variables are defined
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- openqa_host is defined
|
||||
|
35
vars/openqa-worker.yml
Normal file
35
vars/openqa-worker.yml
Normal file
@ -0,0 +1,35 @@
|
||||
---
|
||||
# The primary openQA host
|
||||
openqa_host: openqa.rockylinux.org
|
||||
openqa_client_key: 1234567890ABCDEF
|
||||
openqa_client_secret: 1234567890ABCDEF
|
||||
|
||||
# Default OpenQA user and group
|
||||
openqa_user: geekotest
|
||||
openqa_group: geekotest
|
||||
|
||||
# The number of workers to enable on this system
|
||||
openqa_worker_count: 2
|
||||
|
||||
# Port range to open for VNC access to local workers.
|
||||
# The max port should be 5990 + n where n is the total
|
||||
# number of workers you want to enable on your system.
|
||||
openqa_min_vnc_port: 5991
|
||||
openqa_max_vnc_port: "{{ 5990 + openqa_worker_count | int }}"
|
||||
|
||||
# Port range to open for socket connections from the primary host.
|
||||
openqa_min_socket_port: 20000
|
||||
openqa_max_socket_port: 20089
|
||||
|
||||
# Packages to install
|
||||
openqa_worker_packages:
|
||||
- firewalld
|
||||
- guestfs-tools
|
||||
- libguestfs-xfs
|
||||
- libvirt-daemon-config-network
|
||||
- openqa-worker
|
||||
- perl-REST-Client
|
||||
- python3-libguestfs
|
||||
- virt-install
|
||||
- withlock
|
||||
...
|
Loading…
Reference in New Issue
Block a user