openqa/worker: give up on GRE, single tap host instead
OK, this GRE crap ain't working. Let's give up! Instead let's have one tap-capable host per openQA deployment, so all the tap jobs will go to it. This...should achieve that. Let's see what blows up.
This commit is contained in:
Adam Williamson
parent
5503e325e1
commit
b0b7dc9b47
8 changed files with 90 additions and 99 deletions
18
inventory/group_vars/openqa-tap-workers
Normal file
18
inventory/group_vars/openqa-tap-workers
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
openqa_tap: true
|
||||
|
||||
# for iptables rules...maybe other stuff in future? both staging
|
||||
# and prod workers are in this group
|
||||
host_group: openqa-tap-workers
|
||||
|
||||
# firewall rules to allow openQA openvswitch guests to communicate
|
||||
custom_rules: [
|
||||
'-A FORWARD -i br0 -j ACCEPT',
|
||||
'-A FORWARD -m state -i eth0 -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
|
||||
'-A INPUT -i br0 -j ACCEPT'
|
||||
]
|
||||
|
||||
# we do stuff with ifcfg that base doesn't understand. terrible, terrible
|
||||
# stuff. seriously - it doesn't handle the openvswitch config well. so
|
||||
# let's tell it to just configure eth0 for us and leave everything else
|
||||
# alone.
|
||||
ansible_ifcfg_whitelist: ['eth0']
|
||||
|
|
@ -4,22 +4,5 @@ openqa_hostname: openqa01.qa.fedoraproject.org
|
|||
openqa_key: "{{ prod_openqa_apikey }}"
|
||||
openqa_secret: "{{ prod_openqa_apisecret }}"
|
||||
|
||||
# for iptables rules...maybe other stuff in future? both staging
|
||||
# and prod workers are in this group
|
||||
host_group: openqa-workers
|
||||
|
||||
# firewall rules to allow openQA openvswitch guests to communicate
|
||||
custom_rules: [
|
||||
'-A FORWARD -i br0 -j ACCEPT',
|
||||
'-A FORWARD -m state -i eth0 -o br0 --state RELATED,ESTABLISHED -j ACCEPT',
|
||||
'-A INPUT -i br0 -j ACCEPT'
|
||||
]
|
||||
|
||||
# we do stuff with ifcfg that base doesn't understand. terrible, terrible
|
||||
# stuff. seriously - it doesn't handle the openvswitch config well. so
|
||||
# let's tell it to just configure eth0 for us and leave everything else
|
||||
# alone.
|
||||
ansible_ifcfg_whitelist: ['eth0']
|
||||
|
||||
deployment_type: prod
|
||||
freezes: false
|
||||
|
|
|
|||
|
|
@ -516,6 +516,11 @@ openqa-stg01.qa.fedoraproject.org
|
|||
qa06.qa.fedoraproject.org
|
||||
qa07.qa.fedoraproject.org
|
||||
|
||||
# the workers that can run networked jobs. each server should have *one* of these
|
||||
[openqa-tap-workers]
|
||||
qa14.qa.fedoraproject.org
|
||||
qa06.qa.fedoraproject.org
|
||||
|
||||
[packages]
|
||||
packages03.phx2.fedoraproject.org
|
||||
packages04.phx2.fedoraproject.org
|
||||
|
|
|
|||
|
|
@ -7,6 +7,11 @@
|
|||
## string - hostname of openQA server to run jobs for
|
||||
## default - localhost
|
||||
|
||||
# Optional vars
|
||||
# - openqa_tap
|
||||
## bool - whether this is the tap-enabled host or not
|
||||
## each deployment should have *one* tap-capable worker host
|
||||
|
||||
- name: Install packages
|
||||
dnf: name={{ item }} state=present
|
||||
with_items:
|
||||
|
|
@ -21,6 +26,9 @@
|
|||
- include: nfs-client.yml
|
||||
when: openqa_hostname is defined and openqa_hostname != "localhost"
|
||||
|
||||
- include: tap-setup.yml
|
||||
when: openqa_tap is defined and openqa_tap
|
||||
|
||||
- name: openQA client config
|
||||
template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=_openqa-worker group=root mode=0600
|
||||
tags:
|
||||
|
|
@ -31,81 +39,6 @@
|
|||
tags:
|
||||
- config
|
||||
|
||||
- name: Enable ipv4_forward in sysctl
|
||||
sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes
|
||||
|
||||
# this is Fedora infra-only stuff to stop network.service choking on
|
||||
# dumb ifcfg stuff
|
||||
- name: Check if there's an annoying ifcfg-usb0 lurking
|
||||
stat: path=/etc/sysconfig/network-scripts/ifcfg-usb0
|
||||
register: ifcfgusb0
|
||||
failed_when: "1 != 1"
|
||||
changed_when: "1 != 1"
|
||||
always_run: true
|
||||
when: deployment_type is defined
|
||||
|
||||
- name: Check if there's an annoying ifcfg-eth1 lurking
|
||||
stat: path=/etc/sysconfig/network-scripts/ifcfg-eth1
|
||||
register: ifcfgeth1
|
||||
failed_when: "1 != 1"
|
||||
changed_when: "1 != 1"
|
||||
always_run: true
|
||||
when: deployment_type is defined
|
||||
|
||||
- name: Make sure usb0 doesn't get in our way
|
||||
lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-usb0 regexp="^ONBOOT=" line="ONBOOT=no"
|
||||
when: (ifcfgusb0.stat.exists == True) and (deployment_type is defined)
|
||||
|
||||
- name: Make sure eth1 doesn't get in our way
|
||||
lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^ONBOOT=" line="ONBOOT=no"
|
||||
when: (ifcfgeth1.stat.exists == True) and (deployment_type is defined)
|
||||
|
||||
- name: Start openvswitch service
|
||||
service: name=openvswitch enabled=yes state=started
|
||||
with_sequence: "count={{ openqa_workers }}"
|
||||
|
||||
- name: Enable network service (needed for openvswitch devices)
|
||||
service: name=network enabled=yes state=started
|
||||
|
||||
- name: openvswitch bridge device config
|
||||
copy: src=ifcfg-br0 dest=/etc/sysconfig/network-scripts/ifcfg-br0 owner=root group=root mode=0644
|
||||
notify:
|
||||
- restart network
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: openvswitch gre tunnel config (prod)
|
||||
template: src=ifcfg-gre.j2 dest=/etc/sysconfig/network-scripts/ifcfg-gre{{ item.0 }} owner=root group=root mode=0644
|
||||
with_indexed_items: "{{ groups['openqa-workers']|difference([inventory_hostname]) }}"
|
||||
when: deployment_type == 'prod'
|
||||
notify:
|
||||
- restart network
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: openvswitch gre tunnel config (stg)
|
||||
template: src=ifcfg-gre.j2 dest=/etc/sysconfig/network-scripts/ifcfg-gre{{ item.0 }} owner=root group=root mode=0644
|
||||
with_indexed_items: "{{ groups['openqa-stg-workers']|difference([inventory_hostname]) }}"
|
||||
when: deployment_type == 'stg'
|
||||
notify:
|
||||
- restart network
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Install ifup-pre-local script to create tap devices
|
||||
copy: src=ifup-pre-local dest=/sbin/ifup-pre-local owner=root group=root mode=0755
|
||||
|
||||
- name: openvswitch tap devices config
|
||||
template: src=ifcfg-tap.j2 dest=/etc/sysconfig/network-scripts/ifcfg-tap{{ item }} owner=root group=root mode=0644
|
||||
with_sequence: start=0 end={{ openqa_workers | int }}
|
||||
notify:
|
||||
- restart network
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Enable and start os-autoinst openvswitch service
|
||||
service: name=os-autoinst-openvswitch enabled=yes state=started
|
||||
|
||||
- name: Enable and start worker services
|
||||
service: name=openqa-worker@{{ item }} enabled=yes state=started
|
||||
with_sequence: "count={{ openqa_workers }}"
|
||||
|
|
|
|||
56
roles/openqa/worker/tasks/tap-setup.yml
Normal file
56
roles/openqa/worker/tasks/tap-setup.yml
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
- name: Enable ipv4_forward in sysctl
|
||||
sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes
|
||||
|
||||
# this is Fedora infra-only stuff to stop network.service choking on
|
||||
# dumb ifcfg stuff
|
||||
- name: Check if there's an annoying ifcfg-usb0 lurking
|
||||
stat: path=/etc/sysconfig/network-scripts/ifcfg-usb0
|
||||
register: ifcfgusb0
|
||||
failed_when: "1 != 1"
|
||||
changed_when: "1 != 1"
|
||||
always_run: true
|
||||
when: deployment_type is defined
|
||||
|
||||
- name: Check if there's an annoying ifcfg-eth1 lurking
|
||||
stat: path=/etc/sysconfig/network-scripts/ifcfg-eth1
|
||||
register: ifcfgeth1
|
||||
failed_when: "1 != 1"
|
||||
changed_when: "1 != 1"
|
||||
always_run: true
|
||||
when: deployment_type is defined
|
||||
|
||||
- name: Make sure usb0 doesn't get in our way
|
||||
lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-usb0 regexp="^ONBOOT=" line="ONBOOT=no"
|
||||
when: (ifcfgusb0.stat.exists == True) and (deployment_type is defined)
|
||||
|
||||
- name: Make sure eth1 doesn't get in our way
|
||||
lineinfile: dest=/etc/sysconfig/network-scripts/ifcfg-eth1 regexp="^ONBOOT=" line="ONBOOT=no"
|
||||
when: (ifcfgeth1.stat.exists == True) and (deployment_type is defined)
|
||||
|
||||
- name: Start openvswitch service
|
||||
service: name=openvswitch enabled=yes state=started
|
||||
with_sequence: "count={{ openqa_workers }}"
|
||||
|
||||
- name: Enable network service (needed for openvswitch devices)
|
||||
service: name=network enabled=yes state=started
|
||||
|
||||
- name: openvswitch bridge device config
|
||||
copy: src=ifcfg-br0 dest=/etc/sysconfig/network-scripts/ifcfg-br0 owner=root group=root mode=0644
|
||||
notify:
|
||||
- restart network
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Install ifup-pre-local script to create tap devices
|
||||
copy: src=ifup-pre-local dest=/sbin/ifup-pre-local owner=root group=root mode=0755
|
||||
|
||||
- name: openvswitch tap devices config
|
||||
template: src=ifcfg-tap.j2 dest=/etc/sysconfig/network-scripts/ifcfg-tap{{ item }} owner=root group=root mode=0644
|
||||
with_sequence: start=0 end={{ openqa_workers | int }}
|
||||
notify:
|
||||
- restart network
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Enable and start os-autoinst openvswitch service
|
||||
service: name=os-autoinst-openvswitch enabled=yes state=started
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
DEVICETYPE='ovs'
|
||||
TYPE='OVSTunnel'
|
||||
OVS_BRIDGE='br0'
|
||||
DEVICE='gre{{ item.0 }}'
|
||||
OVS_TUNNEL_TYPE='gre'
|
||||
OVS_TUNNEL_OPTIONS='options:remote_ip={{ hostvars[item.1]['eth0_ip'] }}'
|
||||
ONBOOT='yes'
|
||||
|
|
@ -1,2 +1,5 @@
|
|||
[global]
|
||||
HOST = http://{{ openqa_hostname|default('localhost') }}
|
||||
{% if openqa_tap is defined and openqa_tap %}
|
||||
WORKER_CLASS = tap
|
||||
{% endif %}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue