diff --git a/roles/k8s/defaults/main.yaml b/roles/k8s/defaults/main.yaml index 446213a8..6d22a692 100644 --- a/roles/k8s/defaults/main.yaml +++ b/roles/k8s/defaults/main.yaml @@ -1,5 +1,5 @@ k8s_channel: latest/stable k8s_classic_mode: false -k8s_load_balancer_cidr: 10.170.0.248/29 +k8s_load_balancer_cidr: 172.28.28.136/29 k8s_pod_cidr: 10.1.0.0/16 k8s_host_ip: "{{ ansible_default_ipv4.address }}" diff --git a/roles/k8s/tasks/main.yaml b/roles/k8s/tasks/main.yaml index eaba055b..5c0a16f7 100644 --- a/roles/k8s/tasks/main.yaml +++ b/roles/k8s/tasks/main.yaml @@ -11,6 +11,15 @@ - ansible_distribution_release in ('jammy', 'noble') - nftables_enabled | default(true) | bool +- name: Increase fs.inotify.max_user_instances + ansible.posix.sysctl: + name: fs.inotify.max_user_instances + value: '4096' + sysctl_set: true + state: present + reload: true + become: true + - name: Allow packets from pod cir ansible.builtin.command: nft insert rule filter openstack-INPUT ip saddr {{ k8s_pod_cidr }} accept become: true diff --git a/roles/manual-cloud/tasks/main.yaml b/roles/manual-cloud/tasks/main.yaml index cd4ceede..0cae68a1 100644 --- a/roles/manual-cloud/tasks/main.yaml +++ b/roles/manual-cloud/tasks/main.yaml @@ -3,6 +3,14 @@ name: snapd become: true +- name: curl is installed and up to date + ansible.builtin.apt: + name: curl + state: latest + become: true + when: + - ansible_distribution_release in ('jammy', 'noble') + - name: Nftables is installed ansible.builtin.apt: name: nftables diff --git a/tests/all-k8s/smoke.yaml.j2 b/tests/all-k8s/smoke.yaml.j2 new file mode 100644 index 00000000..4951b30a --- /dev/null +++ b/tests/all-k8s/smoke.yaml.j2 @@ -0,0 +1,607 @@ +bundle: kubernetes + +applications: + traefik: + charm: ch:traefik-k8s + channel: latest/candidate + base: ubuntu@20.04 + scale: 1 + trust: true + options: + kubernetes-service-annotations: metallb.universe.tf/address-pool=public + mysql: + charm: ch:mysql-k8s + channel: 8.0/stable + base: ubuntu@22.04 + scale: 1 + trust: true + options: + profile-limit-memory: 6202 + experimental-max-connections: 466 + ldap-server: + charm: ch:ldap-test-fixture-k8s + channel: edge + base: ubuntu@22.04 + scale: 1 + tls-operator: + charm: self-signed-certificates + channel: latest/beta + base: ubuntu@22.04 + scale: 1 + options: + ca-common-name: internal-ca + rabbitmq: + charm: ch:rabbitmq-k8s + channel: 3.12/edge + base: ubuntu@24.04 + scale: 1 + trust: true + options: + minimum-replicas: 1 + ovn-central: + {% if ovn_central_k8s is defined and ovn_central_k8s is sameas true -%} + charm: ../../../ovn-central-k8s.charm + {% else -%} + charm: ch:ovn-central-k8s + channel: 24.03/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + ovn-sb-db-server-image: ghcr.io/canonical/ovn-consolidated:24.03 + ovn-nb-db-server-image: ghcr.io/canonical/ovn-consolidated:24.03 + ovn-northd-image: ghcr.io/canonical/ovn-consolidated:24.03 + ovn-relay: + {% if ovn_relay_k8s is defined and ovn_relay_k8s is sameas true -%} + charm: ../../../ovn-relay-k8s.charm + {% else -%} + charm: ch:ovn-relay-k8s + channel: 24.03/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + ovn-sb-db-server-image: ghcr.io/canonical/ovn-consolidated:24.03 + keystone: + {% if keystone_k8s is defined and keystone_k8s is sameas true -%} + charm: ../../../keystone-k8s.charm + {% else -%} + charm: ch:keystone-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + storage: + fernet-keys: 5M + credential-keys: 5M + resources: + keystone-image: ghcr.io/canonical/keystone:2024.1 + glance: + {% if glance_k8s is defined and glance_k8s is sameas true -%} + charm: ../../../glance-k8s.charm + {% else -%} + charm: ch:glance-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + storage: + local-repository: 10G + resources: + glance-api-image: ghcr.io/canonical/glance-api:2024.1 + nova: + {% if nova_k8s is defined and nova_k8s is sameas true -%} + charm: ../../../nova-k8s.charm + {% else -%} + charm: ch:nova-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + nova-api-image: ghcr.io/canonical/nova-consolidated:2024.1 + nova-scheduler-image: ghcr.io/canonical/nova-consolidated:2024.1 + nova-conductor-image: ghcr.io/canonical/nova-consolidated:2024.1 + nova-spiceproxy-image: ghcr.io/canonical/nova-consolidated:2024.1 + placement: + {% if placement_k8s is defined and placement_k8s is sameas true -%} + charm: ../../../placement-k8s.charm + {% else -%} + charm: ch:placement-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + placement-api-image: ghcr.io/canonical/placement-api:2024.1 + neutron: + {% if neutron_k8s is defined and neutron_k8s is sameas true -%} + charm: ../../../neutron-k8s.charm + {% else -%} + charm: ch:neutron-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + options: + debug: true + resources: + neutron-server-image: ghcr.io/canonical/neutron-server:2024.1 + cinder: + {% if cinder_k8s is defined and cinder_k8s is sameas true -%} + charm: ../../../cinder-k8s.charm + {% else -%} + charm: ch:cinder-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + cinder-api-image: ghcr.io/canonical/cinder-consolidated:2024.1 + cinder-scheduler-image: ghcr.io/canonical/cinder-consolidated:2024.1 + cinder-ceph: + {% if cinder_ceph_k8s is defined and cinder_ceph_k8s is sameas true -%} + charm: ../../../cinder-ceph-k8s.charm + {% else -%} + charm: ch:cinder-ceph-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + cinder-volume-image: ghcr.io/canonical/cinder-consolidated:2024.1 + horizon: + {% if horizon_k8s is defined and horizon_k8s is sameas true -%} + charm: ../../../horizon-k8s.charm + {% else -%} + charm: ch:horizon-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + horizon-image: ghcr.io/canonical/horizon:2024.1 + # Images Sync feature + openstack-images-sync: + {% if openstack_images_sync_k8s is defined and openstack_images_sync_k8s is sameas true -%} + charm: ../../../openstack-images-sync-k8s.charm + {% else -%} + charm: ch:openstack-images-sync-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + options: + frequency: test-do-not-use + architecture: amd64 + release: jammy + max-items: 1 + resources: + openstack-images-sync-image: ghcr.io/canonical/openstack-images-sync:2024.1 + # Vault feature + vault: + charm: ch:vault-k8s + channel: 1.15/edge + revision: 190 + base: ubuntu@22.04 + scale: 1 + trust: false + # Secrets feature + barbican: + {% if barbican_k8s is defined and barbican_k8s is sameas true -%} + charm: ../../../barbican-k8s.charm + {% else -%} + charm: ch:barbican-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: false + resources: + barbican-api-image: ghcr.io/canonical/barbican-consolidated:2024.1 + barbican-worker-image: ghcr.io/canonical/barbican-consolidated:2024.1 + # Orchestration feature + heat: + {% if heat_k8s is defined and heat_k8s is sameas true -%} + charm: ../../../heat-k8s.charm + {% else -%} + charm: ch:heat-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + heat-api-image: ghcr.io/canonical/heat-consolidated:2024.1 + heat-engine-image: ghcr.io/canonical/heat-consolidated:2024.1 + # Load Balancer feature + octavia: + {% if octavia_k8s is defined and octavia_k8s is sameas true -%} + charm: ../../../octavia-k8s.charm + {% else -%} + charm: ch:octavia-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + octavia-api-image: ghcr.io/canonical/octavia-consolidated:2024.1 + octavia-driver-agent-image: ghcr.io/canonical/octavia-consolidated:2024.1 + octavia-housekeeping-image: ghcr.io/canonical/octavia-consolidated:2024.1 + # CAAS feature + # magnum: + # {% if magnum_k8s is defined and magnum_k8s is sameas true -%} + # charm: ../../../magnum-k8s.charm + # {% else -%} + # charm: ch:magnum-k8s + # channel: 2024.1/edge + # {% endif -%} + # base: ubuntu@24.04 + # scale: 1 + # trust: false + # resources: + # magnum-api-image: ghcr.io/canonical/magnum-consolidated:2024.1 + # magnum-conductor-image: ghcr.io/canonical/magnum-consolidated:2024.1 + # Telemetry feature + gnocchi: + {% if gnocchi_k8s is defined and gnocchi_k8s is sameas true -%} + charm: ../../../gnocchi-k8s.charm + {% else -%} + charm: ch:gnocchi-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + gnocchi-api-image: ghcr.io/canonical/gnocchi-consolidated:2024.1 + gnocchi-metricd-image: ghcr.io/canonical/gnocchi-consolidated:2024.1 + ceilometer: + {% if ceilometer_k8s is defined and ceilometer_k8s is sameas true -%} + charm: ../../../ceilometer-k8s.charm + {% else -%} + charm: ch:ceilometer-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + ceilometer-central-image: ghcr.io/canonical/ceilometer-consolidated:2024.1 + ceilometer-notification-image: ghcr.io/canonical/ceilometer-consolidated:2024.1 + aodh: + {% if aodh_k8s is defined and aodh_k8s is sameas true -%} + charm: ../../../aodh-k8s.charm + {% else -%} + charm: ch:aodh-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + aodh-api-image: ghcr.io/canonical/aodh-consolidated:2024.1 + aodh-evaluator-image: ghcr.io/canonical/aodh-consolidated:2024.1 + aodh-notifier-image: ghcr.io/canonical/aodh-consolidated:2024.1 + aodh-listener-image: ghcr.io/canonical/aodh-consolidated:2024.1 + aodh-expirer-image: ghcr.io/canonical/aodh-consolidated:2024.1 + openstack-exporter: + {% if openstack_exporter_k8s is defined and openstack_exporter_k8s is sameas true -%} + charm: ../../../openstack-exporter-k8s.charm + {% else -%} + charm: ch:openstack-exporter-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + resources: + openstack-exporter-image: ghcr.io/canonical/openstack-exporter:1.7.0-3be9ddb + # Resource Optimization feature + # watcher: + # {% if watcher_k8s is defined and watcher_k8s is sameas true -%} + # charm: ../../../watcher-k8s.charm + # {% else -%} + # charm: ch:watcher-k8s + # channel: 2024.1/edge + # {% endif -%} + # base: ubuntu@24.04 + # scale: 1 + # trust: true + # resources: + # watcher-image: ghcr.io/canonical/watcher-consolidated:2024.1 + # DNS feature + designate-bind: + {% if designate_bind_k8s is defined and designate_bind_k8s is sameas true -%} + charm: ../../../designate-bind-k8s.charm + {% else -%} + charm: ch:designate-bind-k8s + channel: 9/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: false + resources: + designate-bind-image: ubuntu/bind9:9.18-22.04_beta + designate: + {% if designate_k8s is defined and designate_k8s is sameas true -%} + charm: ../../../designate-k8s.charm + {% else -%} + charm: ch:designate-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: false + resources: + designate-image: ghcr.io/canonical/designate-consolidated:2024.1 + keystone-ldap: + {% if keystone_ldap_k8s is defined and keystone_ldap_k8s is sameas true -%} + charm: ../../../keystone-ldap-k8s.charm + {% else -%} + charm: ch:keystone-ldap-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + # Instance Recovery feature + masakari: + {% if masakari_k8s is defined and masakari_k8s is sameas true -%} + charm: ../../../masakari-k8s.charm + {% else -%} + charm: ch:masakari-k8s + channel: 2024.1/edge + {% endif -%} + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + masakari-image: ghcr.io/canonical/masakari-consolidated:2024.1 + consul: + charm: consul-k8s + channel: 1.19/edge + base: ubuntu@24.04 + scale: 1 + trust: true + resources: + consul-image: ghcr.io/canonical/consul:1.19.2 + +relations: +- - tls-operator:certificates + - ovn-central:certificates + +- - tls-operator:certificates + - ovn-relay:certificates +- - ovn-relay:ovsdb-cms + - ovn-central:ovsdb-cms + +- - mysql:database + - keystone:database +- - traefik:ingress + - keystone:ingress-internal + +- - mysql:database + - glance:database +- - keystone:identity-service + - glance:identity-service +- - rabbitmq:amqp + - glance:amqp +- - traefik:ingress + - glance:ingress-internal +- - keystone:send-ca-cert + - glance:receive-ca-cert + +- - mysql:database + - nova:database +- - mysql:database + - nova:api-database +- - mysql:database + - nova:cell-database +- - rabbitmq:amqp + - nova:amqp +- - keystone:identity-service + - nova:identity-service +- - traefik:ingress + - nova:ingress-internal +- - traefik:traefik-route + - nova:traefik-route-internal +- - keystone:send-ca-cert + - nova:receive-ca-cert + +- - mysql:database + - placement:database +- - keystone:identity-service + - placement:identity-service +- - traefik:ingress + - placement:ingress-internal +- - keystone:send-ca-cert + - placement:receive-ca-cert + +- - mysql:database + - neutron:database +- - rabbitmq:amqp + - neutron:amqp +- - keystone:identity-service + - neutron:identity-service +- - traefik:ingress + - neutron:ingress-internal +- - tls-operator:certificates + - neutron:certificates +- - neutron:ovsdb-cms + - ovn-central:ovsdb-cms +- - keystone:send-ca-cert + - neutron:receive-ca-cert + +- - keystone:identity-service + - openstack-images-sync:identity-service +- - traefik:ingress + - openstack-images-sync:ingress-internal + +- - mysql:database + - heat:database +- - keystone:identity-service + - heat:identity-service +- - keystone:identity-ops + - heat:identity-ops +- - traefik:traefik-route + - heat:traefik-route-internal +- - rabbitmq:amqp + - heat:amqp +- - keystone:send-ca-cert + - heat:receive-ca-cert + +- - mysql:database + - octavia:database +- - keystone:identity-service + - octavia:identity-service +- - keystone:identity-ops + - octavia:identity-ops +- - traefik:ingress + - octavia:ingress-internal +- - tls-operator:certificates + - octavia:certificates +- - octavia:ovsdb-cms + - ovn-central:ovsdb-cms +- - keystone:send-ca-cert + - octavia:receive-ca-cert + +- - mysql:database + - barbican:database +- - rabbitmq:amqp + - barbican:amqp +- - keystone:identity-service + - barbican:identity-service +- - keystone:identity-ops + - barbican:identity-ops +- - traefik:ingress + - barbican:ingress-internal +- - vault:vault-kv + - barbican:vault-kv +- - keystone:send-ca-cert + - barbican:receive-ca-cert + +# - - mysql:database +# - magnum:database +# - - rabbitmq:amqp +# - magnum:amqp +# - - keystone:identity-service +# - magnum:identity-service +# - - keystone:identity-ops +# - magnum:identity-ops +# - - traefik:ingress +# - magnum:ingress-internal +# - - keystone:send-ca-cert +# - magnum:receive-ca-cert + +- - mysql:database + - cinder:database +- - cinder:amqp + - rabbitmq:amqp +- - keystone:identity-service + - cinder:identity-service +- - traefik:ingress + - cinder:ingress-internal +- - keystone:send-ca-cert + - cinder:receive-ca-cert + +- - cinder-ceph:database + - mysql:database +- - cinder-ceph:amqp + - rabbitmq:amqp +- - cinder:storage-backend + - cinder-ceph:storage-backend +- - keystone:identity-credentials + - cinder-ceph:identity-credentials + +- - mysql:database + - gnocchi:database +- - traefik:ingress + - gnocchi:ingress-internal +- - keystone:identity-service + - gnocchi:identity-service +- - keystone:send-ca-cert + - gnocchi:receive-ca-cert + +- - rabbitmq:amqp + - ceilometer:amqp +- - keystone:identity-credentials + - ceilometer:identity-credentials +- - gnocchi:gnocchi-service + - ceilometer:gnocchi-db +- - keystone:send-ca-cert + - ceilometer:receive-ca-cert + +- - mysql:database + - aodh:database +- - rabbitmq:amqp + - aodh:amqp +- - keystone:identity-service + - aodh:identity-service +- - traefik:ingress + - aodh:ingress-internal +- - keystone:send-ca-cert + - aodh:receive-ca-cert + +# - - mysql:database +# - watcher:database +# - - watcher:amqp +# - rabbitmq:amqp +# - - keystone:identity-service +# - watcher:identity-service +# - - traefik:ingress +# - watcher:ingress-internal +# - - keystone:send-ca-cert +# - watcher:receive-ca-cert +# - - gnocchi:gnocchi-service +# - watcher:gnocchi-db + +- - mysql:database + - designate:database +- - rabbitmq:amqp + - designate:amqp +- - keystone:identity-service + - designate:identity-service +- - traefik:ingress + - designate:ingress-internal +- - designate-bind:dns-backend + - designate:dns-backend +- - keystone:send-ca-cert + - designate:receive-ca-cert + +- - keystone:domain-config + - keystone-ldap:domain-config + +- - keystone:identity-ops + - openstack-exporter:identity-ops + +- - mysql:database + - horizon:database +- - keystone:identity-credentials + - horizon:identity-credentials +- - traefik:ingress + - horizon:ingress-internal +- - keystone:send-ca-cert + - horizon:receive-ca-cert + +- - mysql:database + - masakari:database +- - rabbitmq:amqp + - masakari:amqp +- - keystone:identity-service + - masakari:identity-service +- - traefik:ingress + - masakari:ingress-internal + +- - masakari:consul-management + - consul:consul-cluster diff --git a/tests/all-k8s/tests.yaml b/tests/all-k8s/tests.yaml new file mode 100644 index 00000000..dbfce569 --- /dev/null +++ b/tests/all-k8s/tests.yaml @@ -0,0 +1,134 @@ +gate_bundles: + - smoke +smoke_bundles: + - smoke +configure: + - zaza.sunbeam.charm_tests.k8s.setup.add_loadbalancer_annotations + - zaza.sunbeam.charm_tests.keystone.setup.wait_for_all_endpoints + - zaza.openstack.charm_tests.keystone.setup.add_tempest_roles + - zaza.openstack.charm_tests.nova.setup.create_flavors + - zaza.openstack.charm_tests.nova.setup.manage_ssh_key +tests: + - zaza.openstack.charm_tests.tempest.tests.TempestTestWithKeystoneMinimal + - zaza.sunbeam.charm_tests.openstack_images_sync_k8s.tests.OpenStackImagesSyncK8sTest +tests_options: + trust: + - smoke + ignore_hard_deploy_errors: + - smoke + + tempest: + default: + smoke: True + exclude-regex: + - "tempest\\.api\\.volume\\..*" + exclude-list: + - "tempest.api.image.v2.test_images.BasicOperationsImagesTest.test_register_upload_get_image_file" + - "tempest.api.compute.security_groups.test_security_group_rules.SecurityGroupRulesTestJSON.test_security_group_rules_create" + - "tempest.api.compute.security_groups.test_security_group_rules.SecurityGroupRulesTestJSON.test_security_group_rules_list" + - "tempest.api.compute.security_groups.test_security_groups.SecurityGroupsTestJSON.test_security_groups_create_list_delete" + - "tempest.api.compute.servers.test_server_actions.ServerActionsTestJSON" + - "tempest.api.compute.servers.test_create_server.ServersTestManualDisk" + - "tempest.api.compute.servers.test_server_addresses.ServerAddressesTestJSON" + - "tempest.api.compute.servers.test_create_server.ServersTestJSON" + - "tempest.scenario.test_server_multinode.TestServerMultinode.test_schedule_to_all_nodes" + - "tempest.scenario.test_server_basic_ops.TestServerBasicOps.test_server_basic_ops" + - "tempest.api.compute.servers.test_attach_interfaces.AttachInterfacesUnderV243Test.test_add_remove_fixed_ip" + - "tempest.api.compute.servers.test_create_server.ServersTestBootFromVolume" + include-list: + - "tempest.api.identity.v3.test_application_credentials.ApplicationCredentialsV3Test.test_create_application_credential" + +target_deploy_status: + traefik: + workload-status: active + workload-status-message-regex: '^Serving at.*$' + mysql: + workload-status: active + workload-status-message-regex: '^.*$' + tls-operator: + workload-status: active + workload-status-message-regex: '^$' + rabbitmq: + workload-status: active + workload-status-message-regex: '^$' + ovn-central: + workload-status: active + workload-status-message-regex: '^$' + ovn-relay: + workload-status: active + workload-status-message-regex: '^$' + keystone: + workload-status: waiting + workload-status-message-regex: '^.*domain-config.*integration incomplete.*$|^$' + glance: + workload-status: active + workload-status-message-regex: '^$' + nova: + workload-status: active + workload-status-message-regex: '^$' + placement: + workload-status: active + workload-status-message-regex: '^$' + neutron: + workload-status: active + workload-status-message-regex: '^$' + openstack-images-sync: + workload-status: active + workload-status-message-regex: '^$' + vault: + workload-status: active + workload-status-message-regex: '^.*$' + heat: + workload-status: active + workload-status-message-regex: '^.*$' + octavia: + workload-status: active + workload-status-message-regex: '^$' + barbican: + workload-status: active + workload-status-message-regex: '^$' + magnum: + workload-status: waiting + workload-status-message-regex: '^.*$' + cinder: + workload-status: active + workload-status-message-regex: '^$' + cinder-ceph: + workload-status: blocked + workload-status-message-regex: '^.*ceph.*$' + ceilometer: + workload-status: waiting + workload-status-message-regex: '^.*Not all relations are ready$' + aodh: + workload-status: active + workload-status-message-regex: '^.*$' + gnocchi: + workload-status: blocked + workload-status-message-regex: '^.*ceph.*$' + watcher: + workload-status: waiting + workload-status-message-regex: '^.*integration incomplete$' + ldap-server: + workload-status: active + workload-status-message-regex: '^$' + designate-bind: + workload-status: active + workload-status-message-regex: '^.*$' + designate: + workload-status: active + workload-status-message-regex: '^.*$' + keystone-ldap: + workload-status: active + workload-status-message-regex: '^$' + openstack-exporter: + workload-status: active + workload-status-message-regex: '^$' + horizon: + workload-status: active + workload-status-message-regex: '^$' + masakari: + workload-status: active + workload-status-message-regex: '^$' + consul: + workload-status: active + workload-status-message-regex: '^$' diff --git a/tests/caas/smoke.yaml.j2 b/tests/caas/smoke.yaml.j2 index 84197b74..6a62484f 100644 --- a/tests/caas/smoke.yaml.j2 +++ b/tests/caas/smoke.yaml.j2 @@ -3,7 +3,7 @@ bundle: kubernetes applications: traefik: charm: ch:traefik-k8s - channel: 1.0/candidate + channel: latest/candidate base: ubuntu@20.04 scale: 1 trust: true diff --git a/tests/caas/tests.yaml b/tests/caas/tests.yaml index 9b90d312..f1608b6e 100644 --- a/tests/caas/tests.yaml +++ b/tests/caas/tests.yaml @@ -4,7 +4,7 @@ smoke_bundles: - smoke configure: - zaza.sunbeam.charm_tests.k8s.setup.add_loadbalancer_annotations - - zaza.openstack.charm_tests.keystone.setup.wait_for_all_endpoints + - zaza.sunbeam.charm_tests.keystone.setup.wait_for_all_endpoints - zaza.openstack.charm_tests.keystone.setup.add_tempest_roles tests: - zaza.openstack.charm_tests.tempest.tests.TempestTestWithKeystoneMinimal @@ -21,7 +21,7 @@ tests_options: target_deploy_status: traefik: workload-status: active - workload-status-message-regex: '^$' + workload-status-message-regex: '^Serving at.*$' mysql: workload-status: active workload-status-message-regex: '^.*$' diff --git a/tests/ceph/smoke.yaml.j2 b/tests/ceph/smoke.yaml.j2 index 905e5d0e..89b2b768 100644 --- a/tests/ceph/smoke.yaml.j2 +++ b/tests/ceph/smoke.yaml.j2 @@ -3,7 +3,7 @@ bundle: kubernetes applications: traefik: charm: ch:traefik-k8s - channel: 1.0/candidate + channel: latest/candidate base: ubuntu@20.04 scale: 1 trust: true diff --git a/tests/ceph/tests.yaml b/tests/ceph/tests.yaml index 89ac801f..f6a5af21 100644 --- a/tests/ceph/tests.yaml +++ b/tests/ceph/tests.yaml @@ -17,7 +17,7 @@ tests_options: target_deploy_status: traefik: workload-status: active - workload-status-message-regex: '^$' + workload-status-message-regex: '^Serving at.*$' mysql: workload-status: active workload-status-message-regex: '^.*$' diff --git a/tests/core/smoke.yaml.j2 b/tests/core/smoke.yaml.j2 index 051db46a..de04a3dd 100644 --- a/tests/core/smoke.yaml.j2 +++ b/tests/core/smoke.yaml.j2 @@ -3,7 +3,7 @@ bundle: kubernetes applications: traefik: charm: ch:traefik-k8s - channel: 1.0/candidate + channel: latest/candidate base: ubuntu@20.04 scale: 1 trust: true diff --git a/tests/core/tests.yaml b/tests/core/tests.yaml index f3d4c4fa..d784ff91 100644 --- a/tests/core/tests.yaml +++ b/tests/core/tests.yaml @@ -4,7 +4,7 @@ smoke_bundles: - smoke configure: - zaza.sunbeam.charm_tests.k8s.setup.add_loadbalancer_annotations - - zaza.openstack.charm_tests.keystone.setup.wait_for_all_endpoints + - zaza.sunbeam.charm_tests.keystone.setup.wait_for_all_endpoints - zaza.openstack.charm_tests.keystone.setup.add_tempest_roles - zaza.openstack.charm_tests.nova.setup.create_flavors - zaza.openstack.charm_tests.nova.setup.manage_ssh_key @@ -38,7 +38,7 @@ tests_options: target_deploy_status: traefik: workload-status: active - workload-status-message-regex: '^$' + workload-status-message-regex: '^Serving at.*$' mysql: workload-status: active workload-status-message-regex: '^.*$' diff --git a/tests/local/zaza/sunbeam/charm_tests/keystone/__init__.py b/tests/local/zaza/sunbeam/charm_tests/keystone/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/tests/local/zaza/sunbeam/charm_tests/keystone/setup.py b/tests/local/zaza/sunbeam/charm_tests/keystone/setup.py new file mode 100644 index 00000000..f9f047d2 --- /dev/null +++ b/tests/local/zaza/sunbeam/charm_tests/keystone/setup.py @@ -0,0 +1,69 @@ +# Copyright (c) 2025 Canonical Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import logging +import subprocess + +import requests +import zaza.openstack.utilities.openstack as openstack_utils +from zaza.openstack.charm_tests.keystone.setup import ( + wait_for_all_endpoints as zaza_wait_for_all_endpoints, +) + +SERVICE_CODES = { + # gnocchi is not started because no ceph relation + "gnocchi": [requests.codes.bad_gateway], + "heat-cfn": [requests.codes.bad_request], + "heat": [requests.codes.bad_request], +} + + +def wait_for_all_endpoints(interface="internal"): + """Check all endpoints are returning an acceptable return code. + + :param interface: Endpoint type to check. public, admin or internal + :type interface: str + :raises: AssertionError + """ + zaza_wait_for_all_endpoints(interface, SERVICE_CODES) + + +def wait_for_all_endpoints_debug(interface="internal", service_codes=None): + """Check all endpoints are returning an acceptable return code. + + :param interface: Endpoint type to check. public, admin or internal + :type interface: str + :param service_codes: Dict of service names and acceptable return codes + :type service_codes: Optional[dict] + :raises: AssertionError + """ + if service_codes is None: + service_codes = {} + + import zaza.model as model + + action = model.run_action_on_leader( + "traefik", + "show-proxied-endpoints", + ) + logging.warning("result: %r", action.data) + + keystone_client = openstack_utils.get_keystone_overcloud_session_client() + curl = ["curl", "-v", "-k", "-i"] + for service in keystone_client.services.list(): + for ep in keystone_client.endpoints.list( + service=service, interface=interface + ): + subprocess.run(curl + [ep.url]) diff --git a/tests/misc/smoke.yaml.j2 b/tests/misc/smoke.yaml.j2 index 9b8c0bab..6adf244d 100644 --- a/tests/misc/smoke.yaml.j2 +++ b/tests/misc/smoke.yaml.j2 @@ -3,7 +3,7 @@ bundle: kubernetes applications: traefik: charm: ch:traefik-k8s - channel: 1.0/candidate + channel: latest/candidate base: ubuntu@20.04 scale: 1 trust: true diff --git a/tests/misc/tests.yaml b/tests/misc/tests.yaml index 1e9acdd1..d6306edc 100644 --- a/tests/misc/tests.yaml +++ b/tests/misc/tests.yaml @@ -6,7 +6,7 @@ configure: - zaza.sunbeam.charm_tests.k8s.setup.add_loadbalancer_annotations - zaza.charm_tests.noop.setup.basic_setup # https://bugs.launchpad.net/snap-openstack/+bug/2045206 - # - zaza.openstack.charm_tests.keystone.setup.wait_for_all_endpoints + # - zaza.sunbeam.charm_tests.keystone.setup.wait_for_all_endpoints tests: - zaza.charm_tests.noop.tests.NoopTest # Tests commented until bug fix for https://bugs.launchpad.net/snap-openstack/+bug/2045206 @@ -26,7 +26,7 @@ tests_options: target_deploy_status: traefik: workload-status: active - workload-status-message-regex: '^$' + workload-status-message-regex: '^Serving at.*$' mysql: workload-status: active workload-status-message-regex: '^.*$' diff --git a/tests/tempest/smoke.yaml.j2 b/tests/tempest/smoke.yaml.j2 index 06b06e32..c6627dba 100644 --- a/tests/tempest/smoke.yaml.j2 +++ b/tests/tempest/smoke.yaml.j2 @@ -3,7 +3,7 @@ bundle: kubernetes applications: traefik: charm: ch:traefik-k8s - channel: 1.0/candidate + channel: latest/candidate base: ubuntu@20.04 scale: 1 trust: true diff --git a/tests/tempest/tests.yaml b/tests/tempest/tests.yaml index cb4cc944..253f1080 100644 --- a/tests/tempest/tests.yaml +++ b/tests/tempest/tests.yaml @@ -7,7 +7,7 @@ smoke_bundles: - smoke configure: - zaza.sunbeam.charm_tests.k8s.setup.add_loadbalancer_annotations - - zaza.openstack.charm_tests.keystone.setup.wait_for_all_endpoints + - zaza.sunbeam.charm_tests.keystone.setup.wait_for_all_endpoints - zaza.openstack.charm_tests.keystone.setup.add_tempest_roles - zaza.openstack.charm_tests.nova.setup.create_flavors - zaza.openstack.charm_tests.nova.setup.manage_ssh_key @@ -22,7 +22,7 @@ tests_options: target_deploy_status: traefik: workload-status: active - workload-status-message-regex: '^$' + workload-status-message-regex: '^Serving at.*$' mysql: workload-status: active workload-status-message-regex: '^.*$' diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index f093d5be..1c080dd9 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -953,3 +953,118 @@ secrets: - charmhub_token timeout: 3600 + +- job: + name: func-test-all-k8s + description: | + Zaza smoke test for all the k8s sunbeam charms. + timeout: 3600 + pre-run: playbooks/pre-run-func-test.yaml + run: playbooks/zaza-func-test.yaml + post-run: playbooks/collect-run-data.yaml + dependencies: + - name: charm-build-keystone-k8s + soft: true + - name: charm-build-glance-k8s + soft: true + - name: charm-build-nova-k8s + soft: true + - name: charm-build-placement-k8s + soft: true + - name: charm-build-neutron-k8s + soft: true + - name: charm-build-openstack-images-sync-k8s + soft: true + - name: charm-build-ovn-central-k8s + soft: true + - name: charm-build-ovn-relay-k8s + soft: true + - name: charm-build-cinder-k8s + soft: true + - name: charm-build-cinder-ceph-k8s + soft: true + - name: charm-build-gnocchi-k8s + soft: true + - name: charm-build-ceilometer-k8s + soft: true + - name: charm-build-aodh-k8s + soft: true + - name: charm-build-watcher-k8s + soft: true + - name: charm-build-heat-k8s + soft: true + - name: charm-build-octavia-k8s + soft: true + - name: charm-build-barbican-k8s + soft: true + - name: charm-build-magnum-k8s + soft: true + - name: charm-build-designate-k8s + soft: true + - name: charm-build-designate-bind-k8s + soft: true + - name: charm-build-keystone-ldap-k8s + soft: true + - name: charm-build-openstack-exporter-k8s + soft: true + - name: charm-build-horizon-k8s + soft: true + - name: charm-build-masakari-k8s + soft: true + files: + - ops-sunbeam/ops_sunbeam/* + - charms/keystone-k8s/* + - charms/glance-k8s/* + - charms/nova-k8s/* + - charms/neutron-k8s/* + - charms/placement-k8s/* + - charms/openstack-images-sync-k8s/* + - charms/ovn-central-k8s/* + - charms/ovn-relay-k8s/* + - charms/cinder-k8s/* + - charms/cinder-ceph-k8s/* + - charms/gnocchi-k8s/* + - charms/ceilometer-k8s/* + - charms/aodh-k8s/* + - charms/watcher-k8s/* + - charms/heat-k8s/* + - charms/octavia-k8s/* + - charms/barbican-k8s/* + - charms/magnum-k8s/* + - charms/designate-k8s/* + - charms/designate-bind-k8s/* + - charms/keystone-ldap-k8s/* + - charms/openstack-exporter-k8s/* + - charms/horizon-k8s/* + - charms/masakari-k8s/* + - rebuild + - zuul.d/zuul.yaml + vars: + # Artifacts will be downloaded from below charm jobs + charm_jobs: + - charm-build-keystone-k8s + - charm-build-glance-k8s + - charm-build-nova-k8s + - charm-build-placement-k8s + - charm-build-neutron-k8s + - charm-build-openstack-images-sync-k8s + - charm-build-ovn-central-k8s + - charm-build-ovn-relay-k8s + - charm-build-cinder-k8s + - charm-build-cinder-ceph-k8s + - charm-build-gnocchi-k8s + - charm-build-ceilometer-k8s + - charm-build-aodh-k8s + - charm-build-watcher-k8s + - charm-build-heat-k8s + - charm-build-octavia-k8s + - charm-build-barbican-k8s + - charm-build-magnum-k8s + - charm-build-designate-k8s + - charm-build-designate-bind-k8s + - charm-build-keystone-ldap-k8s + - charm-build-openstack-exporter-k8s + - charm-build-horizon-k8s + - charm-build-masakari-k8s + # test_dir relative to project src dir + test_dir: tests/all-k8s diff --git a/zuul.d/nodesets.yaml b/zuul.d/nodesets.yaml new file mode 100644 index 00000000..229bee51 --- /dev/null +++ b/zuul.d/nodesets.yaml @@ -0,0 +1,5 @@ +- nodeset: + name: charms-ubuntu-noble-32GB + nodes: + - name: charms-ubuntu-noble-32GB + label: ubuntu-noble-32GB diff --git a/zuul.d/zuul.yaml b/zuul.d/zuul.yaml index 2e85e323..b34109af 100644 --- a/zuul.d/zuul.yaml +++ b/zuul.d/zuul.yaml @@ -6,14 +6,8 @@ - charm-publish-jobs check: jobs: - - func-test-core: - nodeset: ubuntu-noble - - func-test-ceph: - nodeset: ubuntu-noble - - func-test-caas: - nodeset: ubuntu-noble - - func-test-misc: - nodeset: ubuntu-noble + - func-test-all-k8s: + nodeset: charms-ubuntu-noble-32GB - func-test-tempest: nodeset: ubuntu-noble voting: false