From c3d4e34460e547a4aa808223149fb70891dc31fb Mon Sep 17 00:00:00 2001 From: greg pereira Date: Wed, 12 Jun 2024 17:10:09 -0700 Subject: [PATCH] adding ansible playbook pieces Signed-off-by: greg pereira --- .../workflows/ai-lab-remote-rhel-build.yaml | 56 +++++++++-- build/ci/rhel-ansible/playbook.yaml | 95 +++++++++++++++++++ build/ci/rhel-ansible/requirements.yaml | 3 + 3 files changed, 145 insertions(+), 9 deletions(-) create mode 100644 build/ci/rhel-ansible/playbook.yaml create mode 100644 build/ci/rhel-ansible/requirements.yaml diff --git a/.github/workflows/ai-lab-remote-rhel-build.yaml b/.github/workflows/ai-lab-remote-rhel-build.yaml index 8a47a34ea60b4..1414b14186e7e 100644 --- a/.github/workflows/ai-lab-remote-rhel-build.yaml +++ b/.github/workflows/ai-lab-remote-rhel-build.yaml @@ -20,8 +20,11 @@ env: TF_VAR_ami_id: ${{ secrets.AMI_ID }} jobs: - ai-lab-podman-remote: + rhel9-milvus: runs-on: ubuntu-24.04 + strategy: + fail-fast: false + max-parallel: 1 steps: - name: Setup Terraform uses: hashicorp/setup-terraform@v3.1.1 @@ -39,20 +42,55 @@ jobs: - name: Terraform Apply run: terraform apply -auto-approve + + - name: Set up Python + uses: actions/setup-python@v5.1.0 + with: + python-version: '3.11' - - name: Terraform Output - id: terraform-output + - name: Install Ansible run: | - echo "id=$(terraform output id | xargs)" >> $GITHUB_OUTPUT - echo "url=$(terraform output host | xargs)" >> $GITHUB_OUTPUT - echo "ssh_public_key=$(terraform output ssh_public_key | xargs)" >> $GITHUB_OUTPUT - echo "pem_filename=$(terraform output pem_filename | xargs)" >> $GITHUB_OUTPUT + python3 -m pip install --upgrade pip + pip install ansible + + - name: Ansible Collections + working-directory: build/ci/rhel-ansible + run: ansible-galaxy install -r requirements.yaml - - name: Install podman remote + - name: Install jq and build inventory run: | - sudo apt-get install -y podman podman-remote sudo apt-get install -y jq + PUBLIC_IP=$(terraform output -json | jq -r '.public_ip.value') + # PUBLIC_IP=$(terraform output -json | jq -r '.public_ip.value' | cut -d "\"" -f 2) + echo "public_ip=$PUBLIC_IP" >> $GITHUB_OUTPUT + echo "[test_environments]" > build/ci/rhel-ansible/inventory.ini + echo "test_environment_host ansible_host=${PUBLIC_IP}" >> build/ci/rhel-ansible/inventory.ini + cat build/ci/rhel-ansible/inventory.ini + + - name: Provision + working-directory: build/ci/rhel-ansible + run: | + ansible-playbook playbook.yaml \ + -i inventory.ini \ + --private-key=/home/runner/.ssh/id_rsa + # -i inventory.ini \ + # --private-key=$HOME/.ssh/id_rsa \ + # --extra-vars "registry_user=${{ secrets.REGISTRY_USER }}" \ + # --extra-vars "registry_pass=${{ secrets.REGISTRY_PASS }}" \ + # --extra-vars "subman_user=${{ secrets.SUBMAN_USER }}" \ + # --extra-vars "subman_pass=${{ secrets.SUBMAN_PASS }}" + + - name: Setup tmate session + if: ${{ failure() }} + uses: mxschmitt/action-tmate@v3.18 + timeout-minutes: 10 + with: + detached: false + limit-access-to-actor: true - name: Terraform Destroy if: always() run: terraform destroy -auto-approve + + - name: Wait for 30 seconds for destroy to work + run: sleep 30 diff --git a/build/ci/rhel-ansible/playbook.yaml b/build/ci/rhel-ansible/playbook.yaml new file mode 100644 index 0000000000000..e0fe3770a6ccf --- /dev/null +++ b/build/ci/rhel-ansible/playbook.yaml @@ -0,0 +1,95 @@ +--- +- name: Building rhel9-milvus + hosts: test_environments + remote_user: ec2-user + become: true + gather_facts: false + + tasks: + + - name: Wait until the instance is ready + ansible.builtin.wait_for_connection: + delay: 15 + timeout: 180 + + - name: Gather facts for first time + ansible.builtin.setup: + + - name: Required packages + ansible.builtin.dnf: + name: + - docker + state: present + disable_gpg_check: true + + - name: Log in to DockerHub + community.docker.docker_login: + username: "{{ registry_user }}" + password: "{{ registry_pass }}" + registry: quay.io + + - name: Register to subscription manager + ansible.builtin.shell: | + subscription-manager register --username "{{ subman_user }}" --password "{{ subman_pass }}" + + + - name: Build the Bootc Image + async: 1000 + poll: 0 + register: build_result + ansible.builtin.shell: | + podman build . \ + -f /tmp/Containerfile \ + -t quay.io/ai-lab/derived_image:latest \ + --build-arg "sshpubkey={{ ssh_public_key }}" \ + --authfile=/etc/containers/auth.json \ + --pull=never > /tmp/build.log 2>&1 + + # --retry=5 \ + # --retry-delay=15 + + - name: Check on Build Bootc Image + async_status: + jid: "{{ build_result.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 100 + delay: 10 + + - name: Install the Bootc Image + async: 1000 + poll: 0 + register: install_result + ansible.builtin.shell: | + podman run \ + --authfile=/etc/containers/auth.json \ + --privileged \ + --pid=host \ + --pull=never \ + --rm \ + --security-opt label=type:unconfined_t \ + -v /:/target \ + -v /var/lib/containers:/var/lib/containers quay.io/ai-lab/derived_image:latest \ + bootc install to-existing-root --karg=console=ttyS0,115200n8 --karg=systemd.journald.forward_to_console=1 + + # --retry=5 \ + # --retry-delay=15 \ + + - name: Check on Install Bootc Image + async_status: + jid: "{{ install_result.ansible_job_id }}" + register: job_result + until: job_result.finished + retries: 100 + delay: 10 + + - name: Remove the host from the known_host file + ansible.builtin.known_hosts: + name: "{{ inventory_hostname }}" + state: absent + delegate_to: localhost + + - name: Reboot + ansible.builtin.shell: systemctl reboot + ignore_errors: true + ignore_unreachable: true \ No newline at end of file diff --git a/build/ci/rhel-ansible/requirements.yaml b/build/ci/rhel-ansible/requirements.yaml new file mode 100644 index 0000000000000..d764e6348d354 --- /dev/null +++ b/build/ci/rhel-ansible/requirements.yaml @@ -0,0 +1,3 @@ +--- +collections: + - name: community.docker \ No newline at end of file