From 06dbce9fa666f6dbc4d813f285f864dc01cf3158 Mon Sep 17 00:00:00 2001
From: Florian Fuchs <flfuchs@redhat.com>
Date: Fri, 15 Jun 2018 14:11:35 +0000
Subject: [PATCH] Add a OpenShift on OpenStack HW validation

This validation checks if the requirements for an OpenShift installation on top
of an OpenStack overcloud are met.

Change-Id: I3af047aca3ccc5e173dc0de48ba07f28536933c5
---
 ...-hardware-validation-bb70ba88165450d2.yaml |   6 +
 validations/openshift-hw-requirements.yaml    | 173 ++++++++++++++++++
 .../openshift-hw-requirements-warnings.j2     |  17 ++
 3 files changed, 196 insertions(+)
 create mode 100644 releasenotes/notes/openshift-hardware-validation-bb70ba88165450d2.yaml
 create mode 100644 validations/openshift-hw-requirements.yaml
 create mode 100644 validations/templates/openshift-hw-requirements-warnings.j2

diff --git a/releasenotes/notes/openshift-hardware-validation-bb70ba88165450d2.yaml b/releasenotes/notes/openshift-hardware-validation-bb70ba88165450d2.yaml
new file mode 100644
index 000000000..94d0b129a
--- /dev/null
+++ b/releasenotes/notes/openshift-hardware-validation-bb70ba88165450d2.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Adds a hardware requirements validation that checks flavors and compute
+    resources for minimum values needed for either a test or production
+    environment and looks for the existence of the required images.
diff --git a/validations/openshift-hw-requirements.yaml b/validations/openshift-hw-requirements.yaml
new file mode 100644
index 000000000..78915f200
--- /dev/null
+++ b/validations/openshift-hw-requirements.yaml
@@ -0,0 +1,173 @@
+---
+- hosts: undercloud
+  vars:
+    metadata:
+      name: Check resources for an OpenShift on OpenStack deployment
+      description: |
+        Check if there are enough resources for an OpenShift deployment on top
+        of Openstack
+        deployment:
+        - Is there a flavor that meets the minimum requirements for a test
+          environment?
+          (4GB RAM, 40GB disk)
+        - Is there a flavor that meets the minimum requirements for a
+          production environment?
+          (16GB RAM, 40GB disk, 4 VCPUs)
+        - Are images named centos or rhel available?
+        - Are there sufficient compute resources available for a default setup?
+          (1 Master node, 1 Infra node, 2 App nodes)
+      groups:
+      - openshift-on-openstack
+    min_total_ram_testing: 16384    # 4 per node
+    min_total_vcpus_testing: 4      # 1 per node
+    min_total_disk_testing: 93      # Master: 40, others: 17 per node
+    min_total_ram_prod: 40960       # Master: 16, others: 8 per node
+    min_total_vcpus_prod: 7         # Master: 4, others 1 per node
+    min_total_disk_prod: 93         # Master: 42, others: 17 per node
+    min_node_ram_testing: 4096      # Minimum ram per node for testing
+    min_node_disk_testing: 40       # Minimum disk per node for testing
+    min_node_ram_prod: 16384        # Minimum ram per node for production
+    min_node_disk_prod: 42          # Minimum disk per node for production
+    resource_reqs_testing: False
+    resource_reqs_prod: False
+
+  tasks:
+
+  # Get auth token and service catalog from Keystone and extract service urls.
+  - name: Get token and catalog from Keystone
+    uri:
+      url: "{{ overcloud_keystone_url
+               | urlsplit('scheme') }}://{{ overcloud_keystone_url
+               | urlsplit('netloc')}}/v3/auth/tokens"
+      method: POST
+      body_format: json
+      body:
+        auth:
+          scope:
+            project:
+              name: admin
+              domain:
+                id: default
+          identity:
+            methods:
+              - password
+            password:
+              user:
+                name: admin
+                domain:
+                  id: default
+                password: "{{ overcloud_admin_password }}"
+      return_content: yes
+      status_code: 201
+    register: keystone_result
+    when: overcloud_keystone_url|default('')
+  - name: Set auth token
+    set_fact: auth_token="{{ keystone_result.x_subject_token }}"
+  - name: Get Nova URL from catalog
+    set_fact: nova_url="{{ keystone_result.json.token
+                           | json_query("catalog[?name=='nova'].endpoints")
+                           | first
+                           | selectattr('interface', 'equalto', 'public')
+                           | map(attribute='url') | first }}"
+  - name: Get Glance URL from catalog
+    set_fact: glance_url="{{ keystone_result.json.token
+                           | json_query("catalog[?name=='glance'].endpoints")
+                           | first
+                           | selectattr('interface', 'equalto', 'public')
+                           | map(attribute='url') | first }}"
+
+  - name: Get flavors with required values for testing
+    uri:
+      url: "{{ nova_url }}/flavors/detail?minRam={{ min_node_ram_testing }}&minDisk={{ min_node_disk_testing }}"
+      method: GET
+      headers:
+        X-Auth-Token: "{{ auth_token }}"
+        Accept: application/vnd.openstack.compute.v2.1+json
+      return_content: yes
+      follow_redirects: all
+    register: flavors_result_testing
+
+  - name: Get flavors with required values for production
+    uri:
+      url: "{{ nova_url }}/flavors/detail?minRam={{ min_node_ram_prod }}&minDisk={{ min_node_disk_prod }}"
+      method: GET
+      headers:
+        X-Auth-Token: "{{ auth_token }}"
+        Accept: application/vnd.openstack.compute.v2.1+json
+      return_content: yes
+      follow_redirects: all
+    register: flavors_result_prod
+
+  - name: Set matching_flavors_testing variable
+    set_fact:
+      matching_flavors_testing: "{{ flavors_result_testing.json.flavors
+                                    | list | length > 0 }}"
+
+  - name: Set matching_flavors_prod variable
+    set_fact:
+      matching_flavors_prod: "{{ flavors_result_prod.json.flavors
+                                 | selectattr('vcpus', 'ge', 4)
+                                 | list
+                                 | length > 0 }}"
+
+  # Get hypervisor stats from nova and check if there are sufficient
+  # available resources.
+  - name: Get hypervisor details from nova
+    uri:
+      url: "{{ nova_url }}/os-hypervisors/statistics"
+      method: GET
+      headers:
+        X-Auth-Token: "{{ auth_token }}"
+        Accept: application/vnd.openstack.compute.v2.1+json
+      return_content: yes
+      follow_redirects: all
+    register: hypervisors_result
+  - name: Set hypervisor stats
+    set_fact: hv_stats="{{ hypervisors_result.json.hypervisor_statistics }}"
+  - name: Set flag whether min resources for testing are available
+    set_fact: resource_reqs_testing=True
+    when: hv_stats.disk_available_least >= min_total_disk_testing
+          and hv_stats.free_ram_mb >= min_total_ram_testing
+          and hv_stats.vcpus - hv_stats.vcpus_used >= min_total_vcpus_testing
+  - name: Set flag whether min resources for production are available
+    set_fact: resource_reqs_prod=True
+    when: hv_stats.disk_available_least >= min_total_disk_prod
+          and hv_stats.free_ram_mb >= min_total_ram_prod
+          and hv_stats.vcpus - hv_stats.vcpus_used >= min_total_vcpus_prod
+
+  # Get overcloud images from Glance and check if there is one named either
+  # rhel or centos.
+  - name: Get images from glance
+    uri:
+      url: "{{ glance_url }}/v2/images"
+      method: GET
+      headers:
+        X-Auth-Token: "{{ auth_token }}"
+      return_content: yes
+      follow_redirects: all
+    register: images
+
+  - name: Find matching images
+    set_fact:
+      matching_image: "{{ images.json.images
+                          | map(attribute='name')
+                          | map('lower')
+                          | select('search', '(centos|rhel)')
+                          | list | length | int > 0 }}"
+
+  - name: Create warning message
+    set_fact:
+      warning_msg: |
+        {{ lookup('template', './templates/openshift-hw-requirements-warnings.j2') }}
+
+  - name: Fail if minimum requirements aren't met
+    fail: msg="{{ warning_msg }}"
+    when: not matching_flavors_testing
+          or not matching_image
+          or not resource_reqs_testing
+
+  - name: Warn if production requirements aren't met
+    warn: msg="{{ warning_msg }}"
+    when: not matching_flavors_prod
+          or not matching_image
+          or not resource_reqs_prod
diff --git a/validations/templates/openshift-hw-requirements-warnings.j2 b/validations/templates/openshift-hw-requirements-warnings.j2
new file mode 100644
index 000000000..c75e29474
--- /dev/null
+++ b/validations/templates/openshift-hw-requirements-warnings.j2
@@ -0,0 +1,17 @@
+While checking the hardware requirements for an OpenShift deployment, the following problems were detected:
+
+{% if not matching_image %}
+  - No image with name "centos" or "rhel" could be found.
+{% endif %}
+{% if not matching_flavors_testing  %}
+  - There is no flavor available that meets the hardware requirements for a test setup.
+{% endif %}
+{% if not matching_flavors_prod  %}
+  - There is no flavor available that meets the hardware requirements for a production setup.
+{% endif %}
+{% if not resource_reqs_testing %}
+  - The resources necessary for a default test setup are not available on the hypervisors.
+{% endif %}
+{% if not resource_reqs_prod %}
+  - The resources necessary for a default production setup are not available on the hypervisors.
+{% endif %}