From f9eeec5e8a0bcf9b50ffb4e20e715ddddbd9cb20 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Wed, 20 Mar 2019 03:21:33 +0000 Subject: Update overview for stockholm --- src/zuulv3/overview.rst | 200 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 136 insertions(+), 64 deletions(-) diff --git a/src/zuulv3/overview.rst b/src/zuulv3/overview.rst index a14e671..f1b86dc 100644 --- a/src/zuulv3/overview.rst +++ b/src/zuulv3/overview.rst @@ -70,7 +70,7 @@ OpenDev -- Alex Gaynor - "OpenStack Infra are like the SpaceX of CI" + "like the SpaceX of CI" -- Emily Dunham @@ -83,6 +83,7 @@ Zuul What Zuul Does ============== + * "Speculative Future State" * gated changes * one or more git repositories * integrated deliverable @@ -93,6 +94,7 @@ Underlying Philosophy * All changes flow through code review * Changes only land if they pass all tests + * End-to-end integration testing is essential * Computers are cheaper than humans Ramifications of Philosophy @@ -146,8 +148,8 @@ Gating ====== * Changes are pushed to code review - * CI system is triggered by code review approval - * CI system merges code IFF tests pass + * Gating system is triggered by code review approval + * Gating system merges code IFF tests pass * Proactive - testing code before it lands * Future state resulting from merge of code is tested * Reviewers can fire-and-forget safely @@ -400,35 +402,6 @@ Zuul Simulation .. ansi:: images/zsim-22.ans -Cross-Project Dependencies -========================== - -Testing or gating dependencies manually specified by developers - -.. container:: progressive - - * nodepool https://review.openstack.org/612168 - - Make functional src jobs actually install from source - * openstacksdk https://review.openstack.org/612186 - - Don't start task managers passed in to Connection - - Depends-On: https://review.openstack.org/612168 - * openstacksdk https://review.openstack.org/604521 - - Add support for per-service rate limits - - (git parent is 612186) - * nodepool https://review.openstack.org/612169 - - Consume rate limiting task manager from openstacksdk - - Depends-On: https://review.openstack.org/604521 - - (nodepool-functional-py35-src should pass, but - nodepool-functional-py35 should not fail until openstacksdk release) - Lock Step Changes ================= @@ -452,7 +425,7 @@ Live Configuration Changes config-repos: - opendev/project-config project-repos: - - opendev/zuul-jobs + - zuul/zuul-jobs - zuul/zuul - zuul/nodepool - ansible/ansible @@ -494,16 +467,89 @@ When .zuul.yaml Changes ("This change depends on a change to the job definition") +Explicit Cross-Project Dependencies +=================================== + + * Developers can mark changes as being dependent + * Depends-On: footer - in commit or PR + * Zuul uses depends-on when constructing virtual serial queue + * Will not merge changes in gate before depends-on changes + * Works cross-repo AND cross-source + +Depends-On Example +================== + + * Service 'nova' talks to service 'ironic' + * Currently using 'python-ironicclient' + * Want to replace python-ironicclient with openstacksdk: + * https://review.openstack.org/643664 + * Need some plumbing in nova first: + * https://review.openstack.org/642899 + * That change "Depends-On" a change to openstacksdk + +Depends-On Example - openstacksdk +================================= + + * In openstacksdk, need a new method to extract config differently + * https://review.openstack.org/643601 + * The nova plumbing change adds this: + +:: + + Depends-On: https://review.openstack.org/643601 + +Depends-On Example - keystoneauth +================================= + + * openstacksdk uses 'keystoneauth' library to make REST calls + * Config extraction change wants a new helper method in keystoneauth + * https://review.openstack.org/644251 + * openstacksdk change adds: + +:: + + Depends-On: https://review.openstack.org/644251 + +Depends-On Example - In the Gate +================================ + + * When Zuul prepares git repos for the Ironic nova change: + * Tip of nova, plus nova plumbing change, plus nova ironic change + * Tip of openstacksdk, plus config method change + * Tip of keystoneauth, plus helper method change + * Developers iterate on the nova service change + * BEFORE finalizing and releasing keystoneauth and openstacksdk changes + +Zuul Architecture +================= + +We used to call "microservices" "distributed" + + * Zuul is comprised of several services (mostly python3) + * zuul-scheduler + * zuul-executor + * zuul-merger + * zuul-web + * zuul-dashboard (javascript/react) + * zuul-fingergw + * zuul-proxy (c++) + * RDBMS + * Gearman + * Zookeeper + Zuul Architecture ================= .. ansi:: images/architecture.ans +Where Does Job Content Run? +=========================== Nodepool ======== * A separate program that works very closely with *Zuul* + * *Zuul* requires *Nodepool* but *Nodepool* can be used independently * Creates and destroys zero or more node resources * Resources can include VMs, Containers, COE contexts or Bare Metals * Static driver for allocating pre-existing nodes to jobs @@ -517,17 +563,12 @@ Nodepool Launcher * OpenStack * Static * Kubernetes - - In review: - - * OpenShift * AWS In work / coming soon: * Azure * GCE - * Mac Stadium What about test/job content? ============================ @@ -541,16 +582,15 @@ What Zuul Does * Listens for code events * Prepares appropriate job config and git repo states - * Allocates nodes for test jobs - * Pushes git repo states to nodes - * Runs user-defined Ansible playbooks + * Requests nodes for test jobs from *Nodepool* + * Runs user-defined Ansible playbooks with nodes in an inventory * Collects/reports results * Potentially merges change Jobs ==== -* Jobs run on nodes from nodepool (static or dynamic) +* Jobs define test node needs * Metadata defined in Zuul's configuration * Execution content in Ansible * Jobs may be defined centrally or in the repo being tested @@ -570,7 +610,7 @@ Job nodeset: nodes: - name: primary - label: centos-7 + label: ubuntu-bionic pre-run: playbooks/base/pre.yaml post-run: - playbooks/base/post-ssh.yaml @@ -669,6 +709,21 @@ Multi-node Job nodeset: ceph-cluster run: playbooks/install-ceph.yaml +* Creates ansible inventory: + +.. code:: yaml + + controller ansible_host=1.2.3.4 + compute1 ansible_host=1.2.3.5 + compute2 ansible_host=1.2.3.6 + + [ceph-osd] + controller + + [ceph-monitor] + controller + compute1 + compute2 Multi-node Ceph Job Content =========================== @@ -696,7 +751,7 @@ Project With Central and Local Config .. code:: yaml - # In git.openstack.org/openstack-infra/project-config: + # In opendev.org/openstack-infra/project-config: - project: name: openstack/nova templates: @@ -704,11 +759,18 @@ Project With Central and Local Config .. code:: yaml - # In git.openstack.org/openstack/nova/.zuul.yaml: + # In opendev.org/openstack/nova/.zuul.yaml: - project: check: - nova-placement-functional-devstack +zuul-jobs standard library +========================== + +* https://opendev.org/openstack-infra/zuul-jobs +* Repo containing general purpose job definitions +* Add the git repo directly to a local Zuul config + Project with Job Dependencies ============================= @@ -746,7 +808,7 @@ Secret Example (note, no admins had to enable this) .. code:: yaml - # In git.openstack.org/openstack/loci/.zuul.yaml: + # In opendev.org/openstack/loci/.zuul.yaml: - secret: name: loci_docker_login data: @@ -768,7 +830,7 @@ Secret Example .. code:: yaml - # In git.openstack.org/openstack/loci/.zuul.yaml: + # In opendev.org/openstack/loci/.zuul.yaml: - job: name: publish-loci-cinder parent: loci-cinder @@ -776,7 +838,7 @@ Secret Example secrets: - loci_docker_login - # In git.openstack.org/openstack/loci/playbooks/push.yaml: + # In opendev.org/openstack/loci/playbooks/push.yaml: - hosts: all tasks: - include_vars: vars.yaml @@ -788,14 +850,14 @@ Secret Example - command: docker push openstackloci/{{ project }}:{{ branch }}-{{ item.name }} with_items: "{{ distros }}" -OpenDev - Largest Known Zuul -==================================== +Speculative Conatiner Images +============================ - * 2KJPH (2,000 jobs per hour) - * Build Nodes from 16 Regions of 5 Public and 3 Private OpenStack Clouds - * Rackspace, Internap, OVH, Vexxhost, CityCloud - * Linaro (ARM), Limestone, Packethost - * 10,000 changes merged per month + * Gating applied to continuously deployed container images + * Build and test images that depend on other images + * Build and test deployments comprising multiple images + * Without publishing to final location + * Publish the actual image that was built in the gate Zuul is not New =============== @@ -804,13 +866,22 @@ Zuul is not New * Zuul is now a top-level effort of OpenStack Foundation * Zuul v3 first release where not-OpenStack is first-class use case +OpenDev - Largest Known Zuul +============================ + + * 2KJPH (2,000 jobs per hour) + * Build Nodes from 16 Regions of 5 Public and 3 Private OpenStack Clouds + * Rackspace, Internap, OVH, Vexxhost, CityCloud + * Linaro (ARM), Limestone, Packethost + * 10,000 changes merged per month + Not just for OpenStack ====================== * BMW (control plane in OpenShift) - * GoDaddy (control plane in Kubernetes) + * GoDaddy (control plane in private Kubernetes) + * GoodMoney (control plane in EKS, adding GKE) * Le Bon Coin - * GoodMoney * Easystack * TungstenFabric * OpenLab @@ -826,8 +897,10 @@ Code Review Systems In work / coming soon: * Pagure + * Gitea Commonly Requested: + * GitLab * Bitbucket @@ -846,9 +919,9 @@ Ways to Install Zuul ==================== * Containers: https://hub.docker.com/_/zuul/ -* Windmill: http://git.openstack.org/cgit/openstack/windmill +* Windmill: http://opendev.org/openstack/windmill * Software Factory: https://softwarefactory-project.io/ -* Puppet: http://git.openstack.org/cgit/openstack-infra/puppet-zuul +* Puppet: http://opendev.org/openstack-infra/puppet-zuul Zuul Containers =============== @@ -867,10 +940,9 @@ zuul/zuul-executor Release Management ================== -* Zuul is a CI system -* C stands for "Continuous" -* It is run Continuously Delivered and Deployed upstream -* Releases are tagged from code run upstream +* Zuul is run Continuously Delivered and Deployed upstream +* Some users deploy Zuul with Zuul +* Releases are tagged from code run for OpenDev * There is no intent to have a 'stable' release * 'stable' is a synonym for "old and buggy" @@ -890,10 +962,10 @@ Important Links =============== * https://zuul-ci.org/ -* https://git.zuul-ci.org/cgit/zuul * https://zuul-ci.org/docs/zuul * https://zuul-ci.org/docs/zuul-jobs/ * freenode:#zuul +* https://opendev.org/zuul (https://git.zuul-ci.org/cgit/zuul) Questions ========= -- cgit v1.2.3