Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modify job to use metadata per cell #812

Merged
merged 1 commit into from
Aug 20, 2024
+136 −1
Merged

Modify job to use metadata per cell #812

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
37 changes: 36 additions & 1 deletion ci/nova-operator-tempest-multinode/ci_fw_vars.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,22 @@ cifmw_cls_pv_count: 20

cifmw_services_swift_enabled: false


mrkisaolamb marked this conversation as resolved.
Show resolved Hide resolved
# note by default the source for the playbook specified
# in the hooks is relative to
# https://github.com/openstack-k8s-operators/ci-framework/tree/main/hooks/playbooks
# if you want to use a different source you can use the full path on the ansible controller
post_deploy:
post_ctlplane_deploy:
- name: 71 Kustomize control plane to scale openstack services
type: playbook
source: "{{ ansible_user_dir }}/{{ zuul.projects['github.com/openstack-k8s-operators/nova-operator'].src_dir }}/ci/nova-operator-tempest-multinode/control_plane_hook.yaml"
- name: 82 Kustomize and update Control Plane
type: playbook
source: control_plane_kustomize_deploy.yml
- name: 85 Create neutron-metadata-custom
type: playbook
source: "{{ ansible_user_dir }}/{{ zuul.projects['github.com/openstack-k8s-operators/nova-operator'].src_dir }}/ci/nova-operator-tempest-multinode/pre_deploy_hook.yml"



cifmw_run_tests: true
Expand All @@ -28,3 +33,33 @@ cifmw_tempest_container: openstack-tempest-extras
# tempest groups by default we will manage all tempest execution
# via the job definition.
cifmw_tempest_default_groups: []


cifmw_edpm_kustomize_content: |-
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
namespace: {{ cifmw_install_yamls_defaults.NAMESPACE }}
patches:
- target:
kind: OpenStackDataPlaneNodeSet
patch: |-
- op: replace
path: /spec/services
value:
- repo-setup
- bootstrap
- download-cache
- configure-network
- validate-network
- install-os
- configure-os
- ssh-known-hosts
- run-os
- reboot-os
- install-certs
- ovn
- neutron-metadata-custom
- libvirt
- nova
- telemetry
29 changes: 29 additions & 0 deletions ci/nova-operator-tempest-multinode/control_plane_hook.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,32 @@
- op: replace
path: /spec/keystone/template/replicas
value: 2

- op: add
path: /spec/nova/template/cellTemplates
value:
cell0:
cellDatabaseAccount: nova-cell0
hasAPIAccess: true
metadataServiceTemplate:
enabled: false
cell1:
cellDatabaseAccount: nova-cell1
hasAPIAccess: true
cellMessageBusInstance: rabbitmq-cell1
cellDatabaseInstance: openstack-cell1
metadataServiceTemplate:
enabled: true
mrkisaolamb marked this conversation as resolved.
Show resolved Hide resolved
override:
service:
metadata:
annotations:
metallb.universe.tf/address-pool: internalapi
metallb.universe.tf/allow-shared-ip: internalapi
metallb.universe.tf/loadBalancerIPs: 172.17.0.80
spec:
type: LoadBalancer
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cell1:
cellDatabaseAccount: nova-cell1
cellDatabaseInstance: openstack-cell1
cellMessageBusInstance: rabbitmq-cell1
conductorServiceTemplate:
customServiceConfig: ""
replicas: 1
resources: {}
dbPurge:
archiveAge: 30
purgeAge: 90
schedule: 0 0 * * *
hasAPIAccess: true
memcachedInstance: ""
metadataServiceTemplate:
customServiceConfig: ""
enabled: true
override:
service:
metadata:
annotations:
metallb.universe.tf/address-pool: internalapi
metallb.universe.tf/allow-shared-ip: internalapi
metallb.universe.tf/loadBalancerIPs: 172.17.0.80
spec:
type: LoadBalancer
replicas: 1
resources: {}
tls: {}
noVNCProxyServiceTemplate:
customServiceConfig: ""
enabled: true
override: {}
replicas: 1
resources: {}
tls:
service: {}
vencrypt: {}
computeContainerImageURL: quay.io/podified-antelope-centos9/openstack-nova-compute:current-podified
conductorContainerImageURL: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified
keystoneInstance: keystone
memcachedInstance: memcached
metadataContainerImageURL: quay.io/podified-antelope-centos9/openstack-nova-api:current-podified
metadataServiceTemplate:
customServiceConfig: ""
enabled: false
override:
service:
metadata:
annotations:
metallb.universe.tf/address-pool: internalapi
metallb.universe.tf/allow-shared-ip: internalapi
metallb.universe.tf/loadBalancerIPs: 172.17.0.80
spec:
type: LoadBalancer
replicas: 1
resources: {}
tls: {}

https://logserver.rdoproject.org/12/812/da7bf6d58ac73b0c15b2e74be5ab64cc73842077/github-check/nova-operator-tempest-multinode/7c42e8f/controller/ci-framework-data/logs/openstack-k8s-operators-openstack-must-gather/namespaces/openstack/crs/openstackcontrolplanes.core.openstack.org/controlplane.yaml

this looks correct to me

if we also check the created nova metadata crs we see only 1 for cell 1

https://logserver.rdoproject.org/12/812/da7bf6d58ac73b0c15b2e74be5ab64cc73842077/github-check/nova-operator-tempest-multinode/7c42e8f/controller/ci-framework-data/logs/openstack-k8s-operators-openstack-must-gather/namespaces/openstack/crs/novametadata.nova.openstack.org/

and if we check the secrets we also only have the cell1 secret

https://logserver.rdoproject.org/12/812/da7bf6d58ac73b0c15b2e74be5ab64cc73842077/github-check/nova-operator-tempest-multinode/7c42e8f/controller/ci-framework-data/logs/openstack-k8s-operators-openstack-must-gather/namespaces/openstack/secrets/nova/

so this all looks good to me.


- op: add
path: /spec/nova/template/metadataServiceTemplate/enabled
value: false
71 changes: 71 additions & 0 deletions ci/nova-operator-tempest-multinode/pre_deploy_hook.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
- name: Create custom service
hosts: "{{ cifmw_target_hook_host | default('localhost') }}"
gather_facts: false
tasks:
- name: Create kustomization
ansible.builtin.copy:
dest: "{{ cifmw_basedir }}/artifacts/manifests/kustomizations/dataplane/98-kustomization.yaml"
content: |-
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
namespace: {{ cifmw_install_yamls_defaults.NAMESPACE }}
patches:
- target:
kind: OpenStackDataPlaneNodeSet
patch: |-
- op: replace
path: /spec/services
value:
- repo-setup
- bootstrap
- download-cache
- configure-network
- validate-network
- install-os
- configure-os
- ssh-known-hosts
- run-os
- reboot-os
- install-certs
- ovn
- neutron-metadata-custom
- libvirt
- nova
- telemetry
- name: Create neutron-metadata-custom service
environment:
KUBECONFIG: "{{ cifmw_openshift_kubeconfig }}"
PATH: "{{ cifmw_path }}"
ansible.builtin.shell: |
oc apply -f - <<EOF
apiVersion: dataplane.openstack.org/v1beta1
kind: OpenStackDataPlaneService
metadata:
name: neutron-metadata-custom
namespace: {{ cifmw_install_yamls_defaults['NAMESPACE'] }}
spec:
addCertMounts: false
caCerts: combined-ca-bundle
containerImageFields:
- EdpmNeutronMetadataAgentImage
dataSources:
- secretRef:
name: neutron-ovn-metadata-agent-neutron-config
- secretRef:
name: nova-cell1-metadata-neutron-config
edpmServiceType: neutron-metadata
playbook: osp.edpm.neutron_metadata
tlsCerts:
default:
contents:
- dnsnames
- ips
issuer: osp-rootca-issuer-ovn
keyUsages:
- digital signature
- key encipherment
- client auth
networks:
- ctlplane
EOF