nat64-appliance integration in the reproducer

openstack-k8s-operators · Jun 13, 2024 · 143ea56 · 143ea56
1 parent 147745c
commit 143ea56
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 0 deletions.
diff --git a/reproducer-clean.yml b/reproducer-clean.yml
@@ -25,6 +25,14 @@
         name: rhol_crc
         tasks_from: cleanup.yml
 
+    - name: Clean up nat64 appliance
+      tags:
+        - never
+        - deepscrub
+      ansible.builtin.import_role:
+        name: nat64_appliance
+        tasks_from: cleanup.yml
+
     - name: Remove remote selected data directories
       tags:
         - deepscrub

diff --git a/roles/nat64_appliance/tasks/cleanup.yml b/roles/nat64_appliance/tasks/cleanup.yml
@@ -19,13 +19,20 @@
     state: absent
     path: "{{ cifmw_nat64_appliance_workdir }}/nat64-appliance.qcow2"
 
+- name: List VMs
+  register: _list_vms
+  community.libvirt.virt:
+    command: list_vms
+
 - name: Stop the nat64_appliance VM
+  when: cifmw_nat64_appliance_name in _list_vms.list_vms
   community.libvirt.virt:
     command: destroy
     name: "{{ cifmw_nat64_appliance_name }}"
     uri: "{{ cifmw_nat64_libvirt_uri }}"
 
 - name: Undefine the nat64_appliance VM
+  when: cifmw_nat64_appliance_name in _list_vms.list_vms
   community.libvirt.virt:
     command: undefine
     name: "{{ cifmw_nat64_appliance_name }}"

diff --git a/roles/nat64_appliance/tasks/deploy.yml b/roles/nat64_appliance/tasks/deploy.yml
@@ -109,3 +109,7 @@
     state: running
     name: "{{ cifmw_nat64_appliance_name }}"
     uri: "{{ cifmw_nat64_libvirt_uri }}"
+
+- name: "Set nat64 facts"
+  ansible.builtin.set_fact:
+    nat64_dns_server: "{{ cifmw_nat64_appliance_ipv6_address }}"
diff --git a/roles/reproducer/tasks/main.yml b/roles/reproducer/tasks/main.yml
@@ -104,6 +104,22 @@
         - bootstrap_env
         - bootstrap_layout
 
+- name: Bootstrap nat64 if needed
+  when:
+    - cifmw_use_libvirt | default(false) | bool
+    - cifmw_use_nat64 | default(false) | bool
+  tags:
+    - bootstrap_nat64
+    - bootstrap_layout
+    - bootstrap_env
+  ansible.builtin.include_tasks:
+    file: nat64_appliance.yml
+    apply:
+      tags:
+        - bootstrap_nat64
+        - bootstrap_layout
+        - bootstrap_env
+
 - name: Deploy CRC if needed
   when:
     - _use_crc | bool

diff --git a/roles/reproducer/tasks/nat64_appliance.yml b/roles/reproducer/tasks/nat64_appliance.yml
@@ -0,0 +1,40 @@
+---
+- name: List VMs
+  register: _list_vms
+  community.libvirt.virt:
+    command: list_vms
+
+- name: Deploy nat64-appliance only if it does not already exist
+  when: "'nat64-appliance' not in _list_vms.list_vms"
+  block:
+    # TODO(hjensas): Building takes a bit of time (~5 minutes)
+    # We could host the image somewhere and download it instead.
+    - name: Build nat64 appliance image
+      vars:
+        cifmw_nat64_appliance_run_dib_as_root: true
+      ansible.builtin.include_role:
+        name: nat64_appliance
+
+    - name: Fix permissions on nat64_appliance dir - because we ran dib as root
+      become: true
+      ansible.builtin.file:
+        path: "{{ cifmw_basedir }}/nat64_appliance"
+        state: directory
+        recurse: true
+        owner: "{{ ansible_user_id }}"
+        group: "{{ ansible_user_gid }}"
+
+    - name: Crate SSH keypair for nat64-appliance
+      register: _nat64_key
+      community.crypto.openssh_keypair:
+        comment: "nat64-access-key"
+        path: "{{ (ansible_user_dir, '.ssh/id_nat64') | path_join }}"
+        type: "ecdsa"
+
+    - name: "Deploy the nat64 appliance and networks"
+      vars:
+        cifmw_nat64_appliance_ssh_pub_keys:
+          - "{{ _nat64_key.public_key }}"
+      ansible.builtin.include_role:
+        name: nat64_appliance
+        tasks_from: deploy.yml