-
Notifications
You must be signed in to change notification settings - Fork 92
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: David Galloway <[email protected]>
- Loading branch information
David Galloway
committed
Nov 10, 2017
1 parent
248aebb
commit cf9cba5
Showing
4 changed files
with
348 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,145 @@ | ||
--- | ||
# This playbook should only be run against a teuthology host or a machine inside the Sepia test lab that can lock testnodes. | ||
# See ceph-cm-ansible/README.rst | ||
|
||
- hosts: all | ||
become: true | ||
user: cm | ||
vars: | ||
- jenkins_user: 'jenkins-build' | ||
# jenkins API credentials: | ||
- api_user: 'ceph-jenkins' | ||
- token: '{{ token }}' | ||
- api_uri: 'https://jenkins.ceph.com' | ||
- jenkins_credentials_uuid: '39fa150b-b2a1-416e-b334-29a9a2c0b32d' | ||
- nodename: 'teuthology' | ||
- labels: 'teuthology' | ||
|
||
tasks: | ||
- name: "create a {{ jenkins_user }} user" | ||
user: | ||
name: "{{ jenkins_user }}" | ||
append: yes | ||
comment: "Jenkins Build Slave User" | ||
|
||
- name: "create a {{ jenkins_user }} home directory" | ||
file: | ||
path: "/home/{{ jenkins_user }}/" | ||
state: directory | ||
owner: "{{ jenkins_user }}" | ||
|
||
- name: Create .ssh directory | ||
file: | ||
path: "/home/{{ jenkins_user }}/.ssh" | ||
state: directory | ||
owner: "{{ jenkins_user }}" | ||
|
||
- name: set the authorized keys | ||
authorized_key: | ||
user: "{{ jenkins_user }}" | ||
key: "{{ lookup('file', 'files/ssh/keys/jenkins_build.pub') }}" | ||
|
||
- name: Write ~/.ssh/config | ||
blockinfile: | ||
path: "/home/{{ jenkins_user }}/.ssh/config" | ||
create: yes | ||
block: | | ||
Host * | ||
StrictHostKeyChecking no | ||
UserKnownHostsFile=/dev/null | ||
- name: set utf-8 for LC_ALL | ||
lineinfile: | ||
dest: "/home/{{ jenkins_user }}/.bashrc" | ||
regexp: '^export LC_ALL=' | ||
line: "export LC_ALL=en_US.UTF-8" | ||
create: true | ||
state: present | ||
|
||
- name: set utf-8 for LANG | ||
lineinfile: | ||
dest: "/home/{{ jenkins_user }}/.bashrc" | ||
regexp: '^export LANG=' | ||
line: "export LANG=en_US.UTF-8" | ||
|
||
- name: set utf-8 for LANGUAGE | ||
lineinfile: | ||
dest: "/home/{{ jenkins_user }}/.bashrc" | ||
regexp: '^export LANGUAGE=' | ||
line: "export LANGUAGE=en_US.UTF-8" | ||
|
||
- name: ensure the build dir exists | ||
file: | ||
path: "/home/{{ jenkins_user }}/build" | ||
state: directory | ||
owner: "{{ jenkins_user }}" | ||
|
||
- name: ensure the home dir has the right owner permissions | ||
file: | ||
path: "/home/{{ jenkins_user }}" | ||
state: directory | ||
owner: "{{ jenkins_user }}" | ||
group: "{{ jenkins_user }}" | ||
recurse: yes | ||
|
||
- name: ensure the gitconfig file exists | ||
shell: printf "[user]\name=Ceph CI\[email protected]\n" > /home/{{ jenkins_user }}/.gitconfig | ||
|
||
- name: ensure the gitconfig file has right permissions | ||
file: | ||
path: "/home/{{ jenkins_user }}/.gitconfig" | ||
owner: "{{ jenkins_user }}" | ||
|
||
- name: install six, latest one | ||
pip: | ||
name: six | ||
state: latest | ||
|
||
- name: install python-jenkins | ||
# https://review.openstack.org/460363 | ||
pip: | ||
name: python-jenkins | ||
version: 0.4.15 | ||
|
||
- name: add github.com host key | ||
known_hosts: | ||
path: '/etc/ssh/ssh_known_hosts' | ||
# we need to use 'host' here because prado currently uses ansible-playbook==1.9.1 | ||
host: 'github.com' | ||
# github.com.pub is the output of `ssh-keyscan github.com` | ||
key: "{{ lookup('file', 'files/ssh/hostkeys/github.com.pub') }}" | ||
|
||
- name: register the new slave to jenkins master with jnlp | ||
jenkins_node: | ||
username: "{{ api_user }}" | ||
uri: "{{ api_uri }}" | ||
password: "{{ token }}" | ||
# relies on a convention to set a unique name that allows a reverse | ||
# mapping from Jenkins back to whatever service created the current | ||
# node | ||
name: "{{ ansible_default_ipv4.address }}+{{ nodename }}" | ||
labels: "{{ labels }}" | ||
host: "{{ ansible_default_ipv4.address }}" | ||
credentialsId: "{{ jenkins_credentials_uuid }}" | ||
launcher: 'hudson.slaves.JNLPLauncher' | ||
remoteFS: '/home/{{ jenkins_user }}/build' | ||
# XXX this should be configurable, not all nodes should have one executor | ||
executors: '{{ executors|default(1) }}' | ||
exclusive: true | ||
|
||
- name: Download slave.jar | ||
get_url: | ||
url: "{{ api_uri }}/jnlpJars/slave.jar" | ||
dest: "/home/{{ jenkins_user }}/slave.jar" | ||
force: yes | ||
|
||
- name: install the systemd unit file for jenkins | ||
template: | ||
src: "templates/systemd/jenkins.service.j2" | ||
dest: "/etc/systemd/system/jenkins.service" | ||
|
||
- name: start jenkins service | ||
service: | ||
name: jenkins | ||
state: started | ||
enabled: yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
ceph-cm-ansible-prs | ||
=================== | ||
|
||
This job tests changes to the ceph-cm-ansible_ repo. It locks one testnode per machine type **and** distro and runs the ``ansible_managed`` and ``testnodes`` playbooks. | ||
|
||
Prerequisites | ||
------------- | ||
|
||
These steps should only have to be performed when a new teuthology host is being set up but it's good to have documented. | ||
|
||
#. Run the ``ansible/examples/slave_teuthology.yml`` playbook against the teuthology host. | ||
|
||
#. As the ``jenkins-build`` user on the teuthology host, generate a new RSA SSH key (``ssh-keygen -t rsa``). | ||
|
||
#. Copy the public key to jenkins-build.pub_ in the keys repo. (This is so the jenkins-build user can ssh to testnodes and VPSHOSTs) | ||
|
||
#. Copy/create ``/home/jenkins-build/.config/libvirt/libvirt.conf`` so the jenkins-build user can downburst VPSes. | ||
|
||
#. Run the ceph-cm-ansible_ ``users`` playbook against VPSHOSTs so the jenkins-build pubkey is added to the ubuntu user's authorized_keys on the VPSHOSTs. | ||
|
||
**NOTE:** This job also relies on: | ||
|
||
- teuthology.yaml_ -- If the job is being run on the teuthology host, this should already be in place at ``/etc/teuthology.yaml``. | ||
- ceph-sepia-secrets_ -- If the job is being run on a teuthology host, ``/etc/ansible`` should already be symlinked to a ceph-sepia-secrets checkout. | ||
|
||
.. _ceph-cm-ansible: https://github.com/ceph/ceph-cm-ansible | ||
.. _jenkins-build.pub: https://github.com/ceph/keys/blob/master/ssh/jenkins-build.pub | ||
.. _teuthology.yaml: http://docs.ceph.com/teuthology/docs/siteconfig.html | ||
.. _ceph-sepia-secrets: https://github.com/ceph/ceph-sepia-secrets/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
#!/bin/bash | ||
# NOTE: Commented code was my attempt at creating this as a matrix job. | ||
# I couldn't get the child jobs to share the same checkout/venv of teuthology | ||
# so I left the code in place in case I (or somebody else) wants to take a | ||
# crack at it in the future. | ||
|
||
set -ex | ||
|
||
# Clone or update teuthology | ||
if [ ! -d teuthology ]; then | ||
git clone https://github.com/ceph/teuthology | ||
cd teuthology | ||
else | ||
cd teuthology | ||
git pull | ||
fi | ||
|
||
# Bootstrap teuthology | ||
./bootstrap | ||
|
||
cd $WORKSPACE | ||
|
||
# Clone or update teuthology | ||
if [ ! -d downburst ]; then | ||
git clone https://github.com/ceph/downburst | ||
cd downburst | ||
else | ||
cd downburst | ||
git pull | ||
fi | ||
|
||
# Bootstrap downburst | ||
./bootstrap | ||
|
||
# Activate our virtualenv containing teuthology and ansible | ||
source $WORKSPACE/teuthology/virtualenv/bin/activate | ||
|
||
# Add downburst to path | ||
PATH=$PATH:$WORKSPACE/downburst/virtualenv/bin | ||
|
||
#if [ $DISTRO == "xenial" ]; then | ||
# DISTRO="ubuntu" | ||
# DISTRO_VERSION="16.04" | ||
#elif [ $DISTRO == "trusty" ]; then | ||
# DISTRO="ubuntu" | ||
# DISTRO_VERSION="14.04" | ||
#elif [ $DISTRO == "centos" ]; then | ||
# DISTRO="centos" | ||
# DISTRO_VERSION="7.3" | ||
#else | ||
# echo "Unknown distro: $DISTRO" | ||
# exit 1 | ||
#fi | ||
|
||
# Don't bail since we'll almost certainly not lock every machine/os type on the first try | ||
set +e | ||
|
||
for machine_type in smithi mira vps; do | ||
LOCK_TRUSTY_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type ubuntu --os-version 14.04" | ||
LOCK_XENIAL_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type ubuntu --os-version 16.04" | ||
LOCK_CENTOS_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type centos --os-version 7.3" | ||
$LOCK_TRUSTY_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_TRUSTY_CMD; done | ||
$LOCK_XENIAL_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_XENIAL_CMD; done | ||
$LOCK_CENTOS_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_CENTOS_CMD; done | ||
done | ||
|
||
#LOCK_CMD="teuthology-lock --lock-many 1 --machine-type $MACHINE_TYPE --os-type $DISTRO --os-version $DISTRO_VERSION" | ||
# | ||
## Keep trying to lock a machine | ||
#$LOCK_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_CMD; done | ||
|
||
set -e | ||
|
||
locked_machines=$(teuthology-lock --brief | awk '{ print $1 }' | paste -sd "," -) | ||
#locked_machines=$(teuthology-lock --brief --machine-type $MACHINE_TYPE --os-type $DISTRO --os-version $DISTRO_VERSION | awk '{ print $1 }' | paste -sd "," -) | ||
|
||
cd $WORKSPACE/ceph-cm-ansible | ||
|
||
# Erase line about the vault password since testnodes don't need any secrets | ||
sed -i '/vault_password_file/d' ./ansible.cfg | ||
|
||
ansible-playbook -vv ansible_managed.yml --limit=\"$locked_machines\" | ||
#ansible-playbook -vvv ansible_managed.yml --limit=\"$locked_machine\" | ||
|
||
ansible-playbook -vv testnodes.yml -e ansible_ssh_user=ubuntu --limit=\"$locked_machines\" | ||
#ansible-playbook -vvv testnodes.yml -e ansible_ssh_user=ubuntu --limit=\"$locked_machine\" | ||
|
||
teuthology-lock --unlock -t <(teuthology-lock --list-targets) | ||
#teuthology-lock --unlock $locked_machine |
85 changes: 85 additions & 0 deletions
85
ceph-cm-ansible-prs/config/definitions/ceph-cm-ansible-prs.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
- scm: | ||
name: ceph-cm-ansible | ||
scm: | ||
- git: | ||
url: https://github.com/ceph/ceph-cm-ansible | ||
branches: | ||
- ${sha1} | ||
refspec: +refs/pull/*:refs/remotes/origin/pr/* | ||
browser: auto | ||
timeout: 20 | ||
basedir: "ceph-cm-ansible" | ||
skip-tag: true | ||
wipe-workspace: true | ||
|
||
- job: | ||
name: ceph-cm-ansible-pull-requests | ||
description: Tests changes to ceph-cm-ansible testnode playbook | ||
project-type: freestyle | ||
# project-type: matrix | ||
node: teuthology | ||
block-downstream: false | ||
block-upstream: false | ||
defaults: global | ||
display-name: 'ceph-cm-ansible: Pull Requests' | ||
quiet-period: 5 | ||
# execution-strategy: | ||
# sequential: false | ||
# axes: | ||
# - axis: | ||
# type: user-defined | ||
# name: MACHINE_TYPE | ||
# values: | ||
# - smithi | ||
# - mira | ||
# - vps | ||
# - axis: | ||
# type: user-defined | ||
# name: DISTRO | ||
# values: | ||
# - trusty | ||
# - xenial | ||
# - centos | ||
# - axis: | ||
# type: label-expression | ||
# name: teuthology | ||
# values: | ||
# - teuthology | ||
|
||
logrotate: | ||
daysToKeep: 14 | ||
|
||
properties: | ||
- github: | ||
url: https://github.com/ceph/ceph-cm-ansible/ | ||
|
||
parameters: | ||
- string: | ||
name: sha1 | ||
description: "A pull request ID, like 'origin/pr/72/head'" | ||
|
||
triggers: | ||
- github-pull-request: | ||
admin-list: | ||
- djgalloway | ||
- zmc | ||
org-list: | ||
- ceph | ||
only-trigger-phrase: false | ||
github-hooks: true | ||
permit-all: true | ||
auto-close-on-fail: false | ||
|
||
scm: | ||
- ceph-cm-ansible | ||
|
||
builders: | ||
- shell: | ||
!include-raw: | ||
- ../../../scripts/build_utils.sh | ||
- ../../build/build | ||
# | ||
# wrappers: | ||
# - pre-scm-buildstep: | ||
# - shell: | ||
# !include-raw: ../../build/setup |