now woking on kubevirt molecule (#2)
This commit is contained in:
parent
3e0b830f84
commit
fdd86b29ba
|
@ -41,11 +41,16 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
matrix:
|
||||
distro:
|
||||
- centos8
|
||||
- ubuntu2004
|
||||
- ubuntu1804
|
||||
- debian10
|
||||
include:
|
||||
- name: Centos 7
|
||||
distro: quay.io/jseguillon/kubevirt-images:centos-7-x86_64-genericcloud-2009
|
||||
# - ubuntu2004
|
||||
# - ubuntu1804
|
||||
# - debian10
|
||||
|
||||
env:
|
||||
KUBERNETES_VERSION: v1.20.0
|
||||
PYTHON_BASE_IMAGE: python:3.9
|
||||
|
||||
steps:
|
||||
- name: Check out the codebase.
|
||||
|
@ -53,17 +58,315 @@ jobs:
|
|||
with:
|
||||
path: 'geerlingguy.nginx'
|
||||
|
||||
- name: Set up Python 3.
|
||||
uses: actions/setup-python@v2
|
||||
- name: Update packages index
|
||||
run: |
|
||||
sudo apt-get update
|
||||
|
||||
- name: Install docker
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
python-version: '3.x'
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
. /etc/os-release
|
||||
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
|
||||
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
|
||||
sudo apt-get update
|
||||
sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce
|
||||
|
||||
- name: Install test dependencies.
|
||||
run: pip3 install ansible molecule[docker] docker
|
||||
- name: Install kubectl
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
curl -LO https://storage.googleapis.com/kubernetes-release/release/${KUBERNETES_VERSION}/bin/linux/amd64/kubectl; chmod +x ./kubectl
|
||||
sudo install kubectl /usr/local/bin
|
||||
|
||||
- name: Run Molecule tests.
|
||||
run: molecule test
|
||||
- name: Install kind
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
curl -Lo ./kind "https://kind.sigs.k8s.io/dl/v0.9.0/kind-$(uname)-amd64" && chmod +x ./kind
|
||||
sudo install kind /usr/local/bin
|
||||
|
||||
- name: Create single node Cluster
|
||||
run: |
|
||||
cat <<EOF | sudo kind create cluster -v7 --wait 1m --retain --config=-
|
||||
kind: Cluster
|
||||
apiVersion: kind.x-k8s.io/v1alpha4
|
||||
networking:
|
||||
ipFamily: ipv4
|
||||
EOF
|
||||
|
||||
- name: Wait and get Cluster status
|
||||
run: |
|
||||
# wait network is ready
|
||||
sudo kubectl wait --for=condition=ready pods --namespace=kube-system -l k8s-app=kube-dns
|
||||
sudo kubectl get nodes -o wide
|
||||
sudo kubectl get pods -A
|
||||
|
||||
- name: Install kubevirt packages requirements
|
||||
run: |
|
||||
sudo apt install -y qemu qemu-kvm libvirt-daemon libvirt-clients bridge-utils virt-manager libvirt-daemon-system
|
||||
sudo systemctl restart libvirtd
|
||||
|
||||
- name: Tweak ubuntu apparmor for Kubevirt
|
||||
run: |
|
||||
# See : https://github.com/kubevirt/kubevirt/issues/4303
|
||||
# Add one magic line and reload service
|
||||
tweak_qemu_apprarmor="$(head -n -1 /etc/apparmor.d/usr.sbin.libvirtd; echo " /usr/libexec/qemu-kvm rmix,"; tail -1 /etc/apparmor.d/usr.sbin.libvirtd)"
|
||||
echo "$tweak_qemu_apprarmor" | sudo dd of=/etc/apparmor.d/usr.sbin.libvirtd
|
||||
sudo systemctl reload apparmor.service
|
||||
|
||||
- name: Install kubevirt
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
sudo kubectl create -f https://github.com/kubevirt/kubevirt/releases/download/v0.36.0/kubevirt-operator.yaml
|
||||
sudo kubectl create configmap kubevirt-config -n kubevirt --from-literal debug.useEmulation=true
|
||||
sudo kubectl create -f https://github.com/kubevirt/kubevirt/releases/download/v0.36.0/kubevirt-cr.yaml
|
||||
|
||||
- name: Install virtcl
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
export ARCH=linux-amd64
|
||||
curl -L -o virtctl https://github.com/kubevirt/kubevirt/releases/download/v0.36.0/virtctl-v0.36.0-linux-amd64
|
||||
chmod +x virtctl
|
||||
sudo install virtctl /usr/local/bin
|
||||
|
||||
- name: Build molecule test container
|
||||
run: |
|
||||
#FIXME neeed copy geerlingu in home
|
||||
cat <<EOF > Dockerfile
|
||||
ARG PYTHON_BASE_IMAGE
|
||||
|
||||
FROM \${PYTHON_BASE_IMAGE}
|
||||
ARG KUBERNETES_VERSION
|
||||
|
||||
RUN python3 -m pip install ansible molecule molecule-kubevirt && \
|
||||
ansible-galaxy collection install community.crypto && \
|
||||
ansible-galaxy collection install git+https://github.com/ansible-collections/community.kubernetes.git
|
||||
|
||||
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/\${KUBERNETES_VERSION}/bin/linux/amd64/kubectl && \
|
||||
chmod +x kubectl && mv kubectl /usr/bin
|
||||
|
||||
COPY molecule /molecule
|
||||
COPY . /molecule/default/roles/geerlingguy.nginx
|
||||
EOF
|
||||
|
||||
docker build --build-arg PYTHON_BASE_IMAGE="${PYTHON_BASE_IMAGE}" --build-arg KUBERNETES_VERSION="${KUBERNETES_VERSION}" . -t molecule_kubevirt_runner:latest
|
||||
# TODO : kind load is slow : set a private registry, as described here https://kind.sigs.k8s.io/docs/user/local-registry/
|
||||
sudo kind load docker-image molecule_kubevirt_runner:latest
|
||||
|
||||
- name: Push molecule test image to Kind
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
sudo kind load docker-image molecule_kubevirt_runner:latest
|
||||
|
||||
- name: Install kail
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 5
|
||||
max_attempts: 3
|
||||
command: |
|
||||
curl -SL https://github.com/boz/kail/releases/download/v0.15.0/kail_0.15.0_linux_amd64.tar.gz -o kail.tar.gz
|
||||
tar xf kail.tar.gz
|
||||
sudo install kail /usr/local/bin
|
||||
|
||||
- name: Wait and get kubevirt status
|
||||
run: |
|
||||
# wait network is ready
|
||||
sudo kubectl wait --for=condition=ready pods --namespace=kubevirt -l kubevirt.io=virt-operator
|
||||
sudo kubectl wait --for=condition=ready pods --namespace=kubevirt -l kubevirt.io=virt-api || true
|
||||
sudo kubectl wait --for=condition=ready pods --namespace=kubevirt -l kubevirt.io=virt-controller || true
|
||||
sudo kubectl wait --for=condition=ready pods --namespace=kubevirt -l kubevirt.io=virt-handler || true
|
||||
sudo kubectl get nodes -o wide
|
||||
sudo kubectl get pods -A
|
||||
|
||||
- name: Prepare Job
|
||||
run: |
|
||||
# Service Account for Job
|
||||
cat <<EOF | sudo kubectl apply -f -
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: molecule-kubevirt
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: molecule-kubevirt
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: kubevirt.io:edit
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: molecule-kubevirt
|
||||
namespace: default
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: molecule-cdi
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: cdi.kubevirt.io:edit
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: molecule-kubevirt
|
||||
namespace: default
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: molecule-kubevirt-sec
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
- services
|
||||
- persistentvolumeclaims
|
||||
- pods
|
||||
- pods/log
|
||||
- events
|
||||
- configmaps
|
||||
verbs: ["*"]
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: molecule-kubevirt-sec
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: molecule-kubevirt-sec
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: molecule-kubevirt
|
||||
namespace: default
|
||||
EOF
|
||||
|
||||
echo "Service account created"
|
||||
|
||||
- name: Launch background log scripts
|
||||
run: |
|
||||
# Kail monitors any logs from default namespace
|
||||
sudo kail -n default 2>&1 > /tmp/kail.log || true &
|
||||
# Infinite script waits for new VMs up and fetch logs from console
|
||||
(
|
||||
while true; do
|
||||
until sudo kubectl wait --for=condition=Ready pod -l kubevirt.io=virt-launcher --namespace default;
|
||||
do echo "Still Waiting Pod to start..."; sleep 5;
|
||||
done
|
||||
|
||||
LOGFILE="virtcl-console-$(date '+%Y-%m-%d-%H-%M-%S').log"
|
||||
echo "Starting virtctl console" >> /tmp/${LOGFILE}
|
||||
sudo script -e -c "virtctl console instance" >> /tmp/${LOGFILE}
|
||||
done
|
||||
) &
|
||||
# Event router reports any event as log, a great help for troubleshooting since Kind exports all running Pods logs
|
||||
sudo kubectl create -f https://raw.githubusercontent.com/heptiolabs/eventrouter/master/yaml/eventrouter.yaml
|
||||
|
||||
- name: Launch test
|
||||
uses: nick-invision/retry@v2
|
||||
with:
|
||||
timeout_minutes: 25
|
||||
max_attempts: 3
|
||||
on_retry_command: |
|
||||
sudo kubectl delete pods --all || true
|
||||
sudo kubectl delete configmaps --all || true
|
||||
sudo kubectl delete job --all || true
|
||||
command: |
|
||||
# Configmap will be waitinig untill it is deleted, telling one Pod ended the Job
|
||||
sudo kubectl create configmap molecule-job-running --from-literal status=Started
|
||||
# Create Job
|
||||
cat <<EOF | sudo kubectl apply -f -
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: molecule
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
serviceAccountName: molecule-kubevirt
|
||||
containers:
|
||||
- name: molecule
|
||||
image: molecule_kubevirt_runner
|
||||
imagePullPolicy: IfNotPresent
|
||||
command: [ "/bin/bash", "-c", "--" ]
|
||||
args: ["(molecule test; kubectl create configmap molecule-result --from-literal exitCode=\$?); kubectl delete configmap molecule-job-running"]
|
||||
env:
|
||||
- name: PY_COLORS
|
||||
value: '1'
|
||||
- name: ANSIBLE_FORCE_COLOR
|
||||
value: '1'
|
||||
- name: MOLECULE_DISTRO
|
||||
value: ${{ matrix.distro }}
|
||||
restartPolicy: Never
|
||||
backoffLimit: 0
|
||||
EOF
|
||||
|
||||
echo "Job launched"
|
||||
|
||||
# Wait for molecule Job Pod to start
|
||||
until (sudo kubectl get pods -l job-name=molecule | grep molecule); do echo "Wait molecule pod to start"; sleep 5; done
|
||||
|
||||
sudo kubectl wait --for=condition=ready pods -l job-name=molecule --namespace default
|
||||
echo "Molecule pod is now running, waiting..."
|
||||
|
||||
# Wait for molecule Job to delete configmap, notifying one Job Pod ran till the end, whatever the result
|
||||
sudo kubectl wait --for delete --timeout=20m configmap/molecule-job-running
|
||||
|
||||
# Get molecule tests results and exit accordingly
|
||||
MOLECULE_RESULT=$(sudo kubectl get configmap molecule-result -o "jsonpath={.data['exitCode']}")
|
||||
if [ ! "${MOLECULE_RESULT}" == "0" ]; then echo "Test non ok : ${MOLECULE_RESULT}"; exit 1; fi
|
||||
|
||||
|
||||
- name: Dump and export logs
|
||||
if: always()
|
||||
run: |
|
||||
mkdir -p ${LOG_DIR} || true
|
||||
echo "** Events"
|
||||
sudo kubectl get events | tee ${LOG_DIR}/events.txt || true
|
||||
echo "** Jobs"
|
||||
sudo kubectl describe jobs | tee ${LOG_DIR}/jobs.txt || true
|
||||
echo "** Configmap"
|
||||
sudo kubectl describe cm | tee ${LOG_DIR}/cm.txt || true
|
||||
echo "** Console log"
|
||||
sudo cat /tmp/virtcl-console*.log || true
|
||||
|
||||
sudo cp /tmp/kail.log ${LOG_DIR} || true
|
||||
sudo cp /tmp/virtcl-console*.log ${LOG_DIR} || true
|
||||
sudo dmesg > ${LOG_DIR}/dmesg.txt || true
|
||||
sudo kind export logs ${LOG_DIR} || true
|
||||
sudo journalctl | cat > ${LOG_DIR}/journalctl.txt || true
|
||||
sudo chown -R $USER:$USER ${LOG_DIR} || true
|
||||
env:
|
||||
PY_COLORS: '1'
|
||||
ANSIBLE_FORCE_COLOR: '1'
|
||||
MOLECULE_DISTRO: ${{ matrix.distro }}
|
||||
LOG_DIR: /tmp/molecule-kubevirt/logs
|
||||
|
||||
- name: Upload logs
|
||||
if: always()
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: molecule-kubevirt-${{ matrix.name }}-${{ github.run_id }}
|
||||
path: /tmp/molecule-kubevirt/logs
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: yes
|
||||
|
||||
vars:
|
||||
nginx_use_ppa: true
|
||||
|
|
|
@ -2,15 +2,11 @@
|
|||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
name: kubevirt
|
||||
platforms:
|
||||
- name: instance
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
image: "${MOLECULE_DISTRO:-quay.io/jseguillon/kubevirt-images:centos-7-x86_64-genericcloud-2009}"
|
||||
|
||||
provisioner:
|
||||
name: ansible
|
||||
playbooks:
|
||||
|
|
Loading…
Reference in New Issue