diff --git a/tests/roles/run_tests/tasks/install_calico.yaml b/tests/roles/run_tests/tasks/install_calico.yaml new file mode 100644 index 000000000..b5800aa60 --- /dev/null +++ b/tests/roles/run_tests/tasks/install_calico.yaml @@ -0,0 +1,55 @@ +# Install Calico +- name: Download Calico manifests + get_url: + url: "https://raw.githubusercontent.com/projectcalico/calico/{{ CALICO_VERSION }}/manifests/calico.yaml" + dest: /tmp/ + mode: '664' + register: calico_manifest + +- name: Replace docker.io with proxy + ansible.builtin.replace: + path: /tmp/calico.yaml + regexp: 'docker.io' + replace: '{{ DOCKER_HUB_PROXY }}' + +- name: Uncomment CALICO_IPV4POOL_CIDR name + replace: + path: /tmp/calico.yaml + regexp: "# - name: CALICO_IPV4POOL_CIDR" + replace: "- name: CALICO_IPV4POOL_CIDR" + +- name: Uncomment CALICO_IPV4POOL_CIDR value and set POD_CIDR + replace: + path: /tmp/calico.yaml + regexp: '# value: "192.168.0.0/16"' + replace: ' value: "{{ POD_CIDR }}"' + +- name: Add IP_AUTODETECTION_METHOD in calico config Ubuntu + blockinfile: + path: /tmp/calico.yaml + insertafter: "{{ POD_CIDR }}" + block: | + # for indentation + - name: IP_AUTODETECTION_METHOD + value: "cidr={{ EXTERNAL_SUBNET_V4_HOST }}/{{ EXTERNAL_SUBNET_V4_PREFIX }}" + +- name: Apply Calico manifest + kubernetes.core.k8s: + state: present + src: "/tmp/calico.yaml" + kubeconfig: "/tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml" + register: install_cni + +- name: Wait (maximum 10 mins) until Calico pods start running + kubernetes.core.k8s_info: + api_version: v1 + kind: Pod + namespace: kube-system + kubeconfig: /tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml + field_selectors: + - status.phase!=Running + retries: 60 + delay: 10 + register: calico_pods + until: (calico_pods is succeeded) and + (calico_pods.resources | length == 0) diff --git a/tests/roles/run_tests/tasks/install_cilium.yaml b/tests/roles/run_tests/tasks/install_cilium.yaml new file mode 100644 index 000000000..a3f11a3c8 --- /dev/null +++ b/tests/roles/run_tests/tasks/install_cilium.yaml @@ -0,0 +1,88 @@ +# Install Cilium CLI +- name: Get latest Cilium CLI version + ansible.builtin.uri: + url: https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt + return_content: yes + register: cilium_version_response + +- name: Set Cilium CLI version and architecture + ansible.builtin.set_fact: + CILIUM_CLI_VERSION: "{{ cilium_version_response.content | trim }}" + CLI_ARCH: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}" + +- name: Download Cilium CLI archive and checksum + ansible.builtin.get_url: + url: "https://github.com/cilium/cilium-cli/releases/download/{{ CILIUM_CLI_VERSION }}/cilium-linux-{{ CLI_ARCH }}.tar.gz{{ item }}" + dest: "/tmp/cilium-linux-{{ CLI_ARCH }}.tar.gz{{ item }}" + loop: + - "" + - ".sha256sum" + +- name: Verify checksum of Cilium CLI archive + ansible.builtin.stat: + path: "/tmp/cilium-linux-{{ CLI_ARCH }}.tar.gz" + checksum_algorithm: sha256 + get_checksum: yes + register: cilium_archive_stat + +- name: Read expected checksum + ansible.builtin.slurp: + src: "/tmp/cilium-linux-{{ CLI_ARCH }}.tar.gz.sha256sum" + register: expected_checksum_file + +- name: Extract expected checksum value + ansible.builtin.set_fact: + expected_checksum: "{{ (expected_checksum_file.content | b64decode).split()[0] }}" + +- name: Verify checksum matches + ansible.builtin.fail: + msg: "Checksum verification failed" + when: cilium_archive_stat.stat.checksum != expected_checksum + +- name: Extract Cilium CLI to /usr/local/bin + ansible.builtin.unarchive: + src: "/tmp/cilium-linux-{{ CLI_ARCH }}.tar.gz" + dest: /usr/local/bin + mode: 0755 + become: true + become_user: root + +- name: Clean up downloaded files + ansible.builtin.file: + path: "/tmp/cilium-linux-{{ CLI_ARCH }}.tar.gz{{ item }}" + state: absent + loop: + - "" + - ".sha256sum" + +- name: Check if Cilium is already installed + ansible.builtin.command: + cmd: cilium status + environment: + KUBECONFIG: /tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml + register: cilium_status + failed_when: false + changed_when: false + +- name: Install Cilium using CLI + ansible.builtin.command: + cmd: > + cilium install --version {{ CILIUM_VERSION }} + environment: + KUBECONFIG: /tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml + become: true + when: cilium_status.rc != 0 + +- name: Wait (maximum 10 mins) until Cilium pods start running + kubernetes.core.k8s_info: + api_version: v1 + kind: Pod + namespace: kube-system + kubeconfig: /tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml + field_selectors: + - status.phase!=Running + retries: 60 + delay: 10 + register: cilium_pods + until: (cilium_pods is succeeded) and + (cilium_pods.resources | length == 0) diff --git a/tests/roles/run_tests/tasks/verify.yml b/tests/roles/run_tests/tasks/verify.yml index 4804c27c7..3bf5b69e4 100644 --- a/tests/roles/run_tests/tasks/verify.yml +++ b/tests/roles/run_tests/tasks/verify.yml @@ -18,56 +18,10 @@ create: yes block: "{{ kubeconfig_secret.resources[0].data.value | b64decode }}" - # Install Calico - - name: Download Calico v3.25.x manifests - get_url: - url: "https://raw.githubusercontent.com/projectcalico/calico/{{ CALICO_MINOR_RELEASE }}/manifests/calico.yaml" - dest: /tmp/ - mode: '664' - register: calico_manifest - - - name: Pin calico version to v3.25.1 - ansible.builtin.replace: - path: /tmp/calico.yaml - regexp: 'image: docker.io/calico/(.+):v(.+)$' - replace: 'image: {{ DOCKER_HUB_PROXY }}/calico/\1:{{ CALICO_PATCH_RELEASE }}' - - - name: Replace the POD_CIDR in calico config - replace: - path: /tmp/calico.yaml - regexp: "192.168.0.0/16" - replace: "{{ POD_CIDR }}" - register: updated_manifest - - - name: Add IP_AUTODETECTION_METHOD in calico config Ubuntu - blockinfile: - path: /tmp/calico.yaml - insertafter: "{{ POD_CIDR }}" - block: | - # for indentation - - name: IP_AUTODETECTION_METHOD - value: "cidr={{ EXTERNAL_SUBNET_V4_HOST }}/{{ EXTERNAL_SUBNET_V4_PREFIX }}" - - - name: Apply Calico manifest - kubernetes.core.k8s: - state: present - src: "/tmp/calico.yaml" - kubeconfig: "/tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml" - register: install_cni - - - name: Wait (maximum 10 mins) until Calico pods start running - kubernetes.core.k8s_info: - api_version: v1 - kind: Pod - namespace: kube-system - kubeconfig: /tmp/kubeconfig-{{ CLUSTER_NAME }}.yaml - field_selectors: - - status.phase!=Running - retries: 60 - delay: 10 - register: calico_pods - until: (calico_pods is succeeded) and - (calico_pods.resources | length == 0) + - name: Install CNI based on CNI_NAME + include_tasks: "{{ cni_task_file }}" + vars: + cni_task_file: "{{ 'install_calico.yaml' if (CNI_NAME | default('calico')) == 'calico' else 'install_cilium.yaml' }}" # Check for pods & nodes on the target cluster - name: Wait for all pods to be in running state diff --git a/tests/roles/run_tests/vars/main.yml b/tests/roles/run_tests/vars/main.yml index e05902f32..b2d5ddb31 100644 --- a/tests/roles/run_tests/vars/main.yml +++ b/tests/roles/run_tests/vars/main.yml @@ -57,8 +57,9 @@ SSH_PRIVATE_KEY: "{{ lookup('env', 'SSH_KEY') }}" SSH_PUB_KEY_CONTENT: "{{ lookup('file', '{{ HOME }}/.ssh/id_rsa.pub') }}" IMAGE_USERNAME: "{{ lookup('env', 'IMAGE_USERNAME') | default('metal3', true) }}" REGISTRY: "{{ lookup('env', 'REGISTRY') | default('192.168.111.1:5000', true) }}" -CALICO_MINOR_RELEASE: "{{ lookup('env', 'CALICO_MINOR_RELEASE') | default('v3.25.1', true) }}" -CALICO_PATCH_RELEASE: "{{ lookup('env', 'CALICO_PATCH_RELEASE') | default('v3.25.1', true) }}" +CALICO_VERSION: "{{ lookup('env', 'CALICO_VERSION') | default('v3.30.3', true) }}" +CILIUM_VERSION: "{{ lookup('env', 'CILIUM_VERSION') | default('v1.18.0', true) }}" +CNI_NAME: "{{ lookup('env', 'CNI_NAME') | default('calico', true) }}" DOCKER_HUB_PROXY: "{{ lookup('env', 'DOCKER_HUB_PROXY') }}" WORKING_DIR: "{{ lookup('env', 'WORKING_DIR') | default('/opt/metal3-dev-env', true) }}"