From eeaf553a2c5fbfe01f0ac56e054f541ca14dd4b0 Mon Sep 17 00:00:00 2001 From: Sergio Date: Fri, 3 Apr 2020 11:56:35 +0000 Subject: [PATCH] Add ocp-29073-internalis testcase --- e2e_mig_samples.yml | 1 + roles/ocp-29073-internalis/defaults/main.yml | 41 ++++++++ roles/ocp-29073-internalis/tasks/deploy.yml | 96 +++++++++++++++++++ roles/ocp-29073-internalis/tasks/main.yml | 24 +++++ roles/ocp-29073-internalis/tasks/migrate.yml | 3 + roles/ocp-29073-internalis/tasks/track.yml | 3 + roles/ocp-29073-internalis/tasks/validate.yml | 45 +++++++++ .../templates/mirror_helper.yml.j2 | 51 ++++++++++ .../templates/testpod.yml.j2 | 15 +++ 9 files changed, 279 insertions(+) create mode 100644 roles/ocp-29073-internalis/defaults/main.yml create mode 100644 roles/ocp-29073-internalis/tasks/deploy.yml create mode 100644 roles/ocp-29073-internalis/tasks/main.yml create mode 100644 roles/ocp-29073-internalis/tasks/migrate.yml create mode 100644 roles/ocp-29073-internalis/tasks/track.yml create mode 100644 roles/ocp-29073-internalis/tasks/validate.yml create mode 100644 roles/ocp-29073-internalis/templates/mirror_helper.yml.j2 create mode 100644 roles/ocp-29073-internalis/templates/testpod.yml.j2 diff --git a/e2e_mig_samples.yml b/e2e_mig_samples.yml index 9ee9353..f5f0aa6 100644 --- a/e2e_mig_samples.yml +++ b/e2e_mig_samples.yml @@ -23,6 +23,7 @@ - { role: ocp-24797-mongodb, tags: ["ocp-24797-mongodb", "ocp"] } # This tests deploys the official datagrid service application in openshift. It doesnt exist before 3.11 - { role: ocp-24871-datagrid, tags: ["never" ,"ocp-24871-datagrid"] } + - { role: ocp-29073-internalis, tags: ["ocp-29073-internalis", "ocp"] } vars_files: - "{{ playbook_dir }}/config/mig_controller.yml" - "{{ playbook_dir }}/config/defaults.yml" diff --git a/roles/ocp-29073-internalis/defaults/main.yml b/roles/ocp-29073-internalis/defaults/main.yml new file mode 100644 index 0000000..67f6ae0 --- /dev/null +++ b/roles/ocp-29073-internalis/defaults/main.yml @@ -0,0 +1,41 @@ +namespace: "ocp-29073-internalis" + + +helper_namespace: "mirror-helper" +source_image: "docker.io/library/alpine:latest" +target_image: "{{ namespace }}/test-mirror:latest" + + +image_streams: +- external_image_name: docker.io/library/alpine + internal_image_name: internal-image + internal_image_tag: alp + external_image_tag: latest + extra_tags: + - name: tag1 + alias: false + - name: tag2 + alias: false +- external_image_name: docker.io/library/busybox + internal_image_name: internal-image + internal_image_tag: busy + external_image_tag: latest + extra_tags: + - name: tag3 + alias: false + - name: latest + alias: false + - name: tag4 + alias: false + + +migration_sample_name: "ocp-29073-internalis" +migration_plan_name: "{{ migration_sample_name }}-migplan-{{ ansible_date_time.epoch }}" +migration_name: "{{ migration_sample_name }}-mig-{{ ansible_date_time.epoch }}" +#migration_sample_files: "{{ playbook_dir }}/mig-controller/docs/scenarios/{{ migration_sample_name }}" +with_deploy: true +with_migrate: true +with_cleanup: true +with_validate: true +pv: false +quiesce: true diff --git a/roles/ocp-29073-internalis/tasks/deploy.yml b/roles/ocp-29073-internalis/tasks/deploy.yml new file mode 100644 index 0000000..3542413 --- /dev/null +++ b/roles/ocp-29073-internalis/tasks/deploy.yml @@ -0,0 +1,96 @@ +- name: Check namespace + k8s_facts: + kind: Namespace + name: "{{ namespace }}" + register: ns + +- name: Create namespace + shell: "{{ oc_binary }} new-project {{ namespace }} --skip-config-write=true" + when: ns.resources | length == 0 + +- name: Check helper namespace + k8s_facts: + kind: Namespace + name: "{{ helper_namespace }}" + register: ns + +- name: Create helper namespace + shell: "{{ oc_binary }} new-project {{ helper_namespace }} --skip-config-write=true" + when: ns.resources | length == 0 + + +- name: Get previous mirroring pods if any + k8s_facts: + kind: Pod + namespace: "{{ helper_namespace }}" + label_selectors: "nsowner={{namespace}}" + register: prevmirror + +- name: Delete previous mirroring pods if any + k8s: + state : absent + kind : Pod + name: "{{ item.metadata.name }}" + namespace: "{{ item.metadata.namespace }}" + loop: "{{ prevmirror.resources }}" + loop_control: + label: "Deleted mirror pod {{ item.metadata.name }} from namespace {{ item.metadata.namespace }}" + when: prevmirror.resources | length > 0 + +- name: Mirror image to imagestream + k8s: + state : present + definition: "{{ lookup('template', 'mirror_helper.yml.j2' )}}" + vars: + source_image: "{{ item.external_image_name }}:{{ item.external_image_tag }}" + target_image: "{{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}" + internal_registry: "{{ default_registry }}" + loop: "{{ image_streams }}" + loop_control: + label: | + mirror: {{ item.external_image_name }}:{{ item.external_image_tag }} + --> {{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}" + +- name: Wait until mirroring is done + k8s_facts: + kind: Pod + namespace: "{{ helper_namespace }}" + label_selectors: "nsowner={{namespace}}" + field_selectors: + - status.phase=Succeeded + register: mirrorpod + until: mirrorpod.get( 'resources', []) | length == image_streams | length + retries: 10 + loop: "{{ image_streams }}" + +- name: Tag the imported images + shell: "{{ oc_binary }} -n {{ namespace }} tag {{ item.0.internal_image_name }}:{{ item.0.internal_image_tag }} {{ item.0.internal_image_name }}:{{ item.1.name }} --alias={{item.1.alias}}" + loop: "{{ image_streams|subelements('extra_tags') }}" + loop_control: + label: "{{ oc_binary }} -n {{ namespace }} tag {{ item.0.internal_image_name }}:{{ item.0.internal_image_tag }} {{ item.0.internal_image_name }}:{{ item.1.name }} --alias={{item.1.alias}}" + +## BZ https://bugzilla.redhat.com/show_bug.cgi?id=1820250 +# This bug breaks the following part. Once it's fixed the pods creation should be uncommented. +# +#- name: Create test pods to pull images +# k8s: +# state : present +# definition: "{{ lookup('template', 'testpod.yml.j2' )}}" +# vars: +# name: "usetag-{{ item.internal_image_tag }}" +# image: "{{ default_registry }}/{{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}" +# loop: "{{ image_streams }}" +# loop_control: +# label: "Create pod for image {{ default_registry }}/{{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}" +# +#- name: Create test pods to pull extra tags +# k8s: +# state : present +# definition: "{{ lookup('template', 'testpod.yml.j2' )}}" +# vars: +# name: "usetag-{{ item.1.name }}" +# image: "{{ default_registry }}/{{ namespace }}/{{item.0.internal_image_name}}:{{item.1.name}}" +# loop: "{{ image_streams|subelements('extra_tags') }}" +# loop_control: +# label: "Create pod for image {{ default_registry }}/{{ namespace }}/{{item.0.internal_image_name}}:{{item.1.name}}" +# diff --git a/roles/ocp-29073-internalis/tasks/main.yml b/roles/ocp-29073-internalis/tasks/main.yml new file mode 100644 index 0000000..08175e4 --- /dev/null +++ b/roles/ocp-29073-internalis/tasks/main.yml @@ -0,0 +1,24 @@ +- name: Get oc facts + include_role: + name: migration_getfacts + +- name: Cleanup resources + include_role: + name: migration_cleanup + when: with_cleanup|bool + +- name: Create resources + import_tasks: deploy.yml + when: with_deploy|bool + +- name: Start migration + import_tasks: migrate.yml + when: with_migrate|bool + +- name: Track migration + import_tasks: track.yml + when: with_migrate|bool + +- name: Validate migration + import_tasks: validate.yml + when: with_validate|bool diff --git a/roles/ocp-29073-internalis/tasks/migrate.yml b/roles/ocp-29073-internalis/tasks/migrate.yml new file mode 100644 index 0000000..ac543a0 --- /dev/null +++ b/roles/ocp-29073-internalis/tasks/migrate.yml @@ -0,0 +1,3 @@ +- name: Execute migration + include_role: + name: migration_run diff --git a/roles/ocp-29073-internalis/tasks/track.yml b/roles/ocp-29073-internalis/tasks/track.yml new file mode 100644 index 0000000..8a3cf7c --- /dev/null +++ b/roles/ocp-29073-internalis/tasks/track.yml @@ -0,0 +1,3 @@ +- name: Track migration + include_role: + name: migration_track diff --git a/roles/ocp-29073-internalis/tasks/validate.yml b/roles/ocp-29073-internalis/tasks/validate.yml new file mode 100644 index 0000000..925a43a --- /dev/null +++ b/roles/ocp-29073-internalis/tasks/validate.yml @@ -0,0 +1,45 @@ +- name: Check image streams + k8s_facts: + kind: ImageStream + namespace: "{{ namespace }}" + name: "{{ item.internal_image_name }}" + register: imagestream + until: imagestream.get('resources',[]) | length == 1 + retries: 10 + loop: "{{ image_streams }}" + loop_control: + label: "Check that imagestream {{ item.internal_image_name }} exists" + +- name: Check initial tags + k8s_facts: + kind: ImageStreamTag + namespace: "{{ namespace }}" + name: "{{ item.internal_image_name }}:{{ item.internal_image_tag }}" + register: istag + until: istag.get('resources',[]) | length == 1 + retries: 10 + loop: "{{ image_streams }}" + loop_control: + label: "Check that imagestream tag {{ item.internal_image_name}}:{{item.internal_image_tag }} exists" + +- name: Check extra tags + k8s_facts: + kind: ImageStreamTag + namespace: "{{ namespace }}" + name: "{{ item.0.internal_image_name }}:{{ item.1.name }}" + register: istag + until: istag.get('resources',[]) | length == 1 + retries: 10 + loop: "{{ image_streams|subelements('extra_tags') }}" + loop_control: + label: "Check that imagestream tag {{ item.0.internal_image_name}}:{{item.1.name }} exists" + +- name: Check pods running + k8s_facts: + kind: Pod + namespace: "{{ namespace }}" + field_selectors: + - status.phase!=Running + register: pods + until: pods.get( 'resources',[]) | length == 0 + retries: 10 diff --git a/roles/ocp-29073-internalis/templates/mirror_helper.yml.j2 b/roles/ocp-29073-internalis/templates/mirror_helper.yml.j2 new file mode 100644 index 0000000..7ef3e5b --- /dev/null +++ b/roles/ocp-29073-internalis/templates/mirror_helper.yml.j2 @@ -0,0 +1,51 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: ServiceAccount + metadata: + name: mirror-sa + namespace: {{helper_namespace}} + +#- apiVersion: rbac.authorization.k8s.io/v1 +- apiVersion: {{ rolebinding_api }} + kind: ClusterRoleBinding + metadata: + name: mirror-helper + namespace: {{helper_namespace}} + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: registry-editor + subjects: + - kind: ServiceAccount + name: mirror-sa + namespace: {{helper_namespace}} + +- apiVersion: v1 + kind: Pod + metadata: + name: mirrorer-{{ lookup('password', '/dev/null length=15 chars=ascii_lowercase,digits') }} + labels: + nsowner: "{{ target_image.split('/')[0] }}" + app: "mirrorer" + namespace: {{helper_namespace}} + spec: + serviceAccountName: mirror-sa + restartPolicy: OnFailure + containers: + - name: podtest + image: quay.io/sregidor/oc44:latest + env: + - name: INTERNAL_REGISTRY + value: {{internal_registry}} + - name: SOURCE_IMAGE + value: {{source_image}} + - name: TARGET_IMAGE + value: {{target_image}} + command: [ "/bin/sh", "-c", "--" ] + args: + - "set -x; echo '{\"auths\": {\"'${INTERNAL_REGISTRY}'\": { \"auth\": \"'$(echo -n $(oc whoami | sed 's/.*://')\":\"$(oc whoami -t) | base64 -w 0)'\"}}}' > /tmp/config ; + oc image mirror ${SOURCE_IMAGE} ${INTERNAL_REGISTRY}/${TARGET_IMAGE} --insecure=true --registry-config=/tmp/config --force=true;" + #"while true; do sleep 30; done;" +kind: List +metadata: {} diff --git a/roles/ocp-29073-internalis/templates/testpod.yml.j2 b/roles/ocp-29073-internalis/templates/testpod.yml.j2 new file mode 100644 index 0000000..6aed9ef --- /dev/null +++ b/roles/ocp-29073-internalis/templates/testpod.yml.j2 @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ name }}" + namespace: {{ namespace }} +spec: + restartPolicy: OnFailure + containers: + - name: podtest + imagePullPolicy: Always + image: {{ image }} + command: [ "/bin/sh", "-c", "--" ] + args: + - "echo 'Hello world! I can load the image. {{ image }}'; + while true; do sleep 30; done;"