diff options
| author | James E. Blair <jim@acmegating.com> | 2021-02-24 16:57:49 -0800 |
|---|---|---|
| committer | James E. Blair <jim@acmegating.com> | 2021-03-08 06:49:57 -0800 |
| commit | 74a9c9de9b52b75b7286b7e4873667517b390446 (patch) | |
| tree | 34d2ef737720e9d1c575d35dce5ed20a22fd3f7f /tools | |
| parent | fa2175c22a0799401c0f9983751e08955793a964 (diff) | |
| download | zuul-74a9c9de9b52b75b7286b7e4873667517b390446.tar.gz | |
Use ZooKeeper TLS in tests
This mirrors the configuration in Nodepool for using TLS-enabled
ZooKeeper in tests. We use the ensure-zookeeper role in order
to get a newer ZooKeeper than is supplied in bionic.
Change-Id: I14413fccbc9a6a7a75b6233d667e2a1d2856d894
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/docker-compose.yaml | 5 | ||||
| -rwxr-xr-x | tools/test-setup-docker.sh | 6 | ||||
| -rwxr-xr-x | tools/test-setup.sh | 10 | ||||
| -rw-r--r-- | tools/zoo.cfg | 16 |
4 files changed, 27 insertions, 10 deletions
diff --git a/tools/docker-compose.yaml b/tools/docker-compose.yaml index d7c3ce0cd..e17750bb2 100644 --- a/tools/docker-compose.yaml +++ b/tools/docker-compose.yaml @@ -29,7 +29,10 @@ services: - ZOO_AUTOPURGE_PURGEINTERVAL=1 - ZOO_LOG4J_PROP=WARN ports: - - "2181:2181" + - "2281:2281" tmpfs: - /data - /datalog + volumes: + - "./ca:/var/certs:z" + - "./zoo.cfg:/conf/zoo.cfg:z" diff --git a/tools/test-setup-docker.sh b/tools/test-setup-docker.sh index c64dccb41..526f025c7 100755 --- a/tools/test-setup-docker.sh +++ b/tools/test-setup-docker.sh @@ -3,6 +3,7 @@ set -eu cd $(dirname $0) +SCRIPT_DIR="$(pwd)" # Select docker or podman if command -v docker > /dev/null; then @@ -33,6 +34,11 @@ else podman-compose down fi +CA_DIR=$SCRIPT_DIR/ca + +mkdir -p $CA_DIR +$SCRIPT_DIR/zk-ca.sh $CA_DIR zuul-test-zookeeper + ${COMPOSE} up -d echo "Waiting for mysql" diff --git a/tools/test-setup.sh b/tools/test-setup.sh index cb524f9c5..237763569 100755 --- a/tools/test-setup.sh +++ b/tools/test-setup.sh @@ -7,23 +7,15 @@ # This setup needs to be run as a user that can run sudo. TOOLSDIR=$(dirname $0) -# Config Zookeeper to run on tmpfs -sudo service zookeeper stop -DATADIR=$(sed -n -e 's/^dataDir=//p' /etc/zookeeper/conf/zoo.cfg) -sudo mount -t tmpfs -o nodev,nosuid,size=500M none $DATADIR -echo "autopurge.purgeInterval=1" | sudo tee -a /etc/zookeeper/conf/zoo.cfg -echo "maxClientCnxns=1000" | sudo tee -a /etc/zookeeper/conf/zoo.cfg - # Prepare a tmpfs for Zuul test root if [[ -n "${ZUUL_TEST_ROOT:-}" ]]; then sudo mkdir -p "$ZUUL_TEST_ROOT" sudo mount -t tmpfs -o noatime,nodev,nosuid,size=64M none "$ZUUL_TEST_ROOT" fi -# Be sure mysql and zookeeper are started. +# Be sure mysql is started. sudo service mysql start sudo service postgresql start -sudo service zookeeper start # The root password for the MySQL database; pass it in via # MYSQL_ROOT_PW. diff --git a/tools/zoo.cfg b/tools/zoo.cfg new file mode 100644 index 000000000..bf1ac6cf7 --- /dev/null +++ b/tools/zoo.cfg @@ -0,0 +1,16 @@ +# zoo.cfg for use in test-setup.sh +dataDir=/data +dataLogDir=/datalog +tickTime=2000 +initLimit=5 +syncLimit=2 +autopurge.snapRetainCount=3 +autopurge.purgeInterval=0 +maxClientCnxns=1000 +standaloneEnabled=true +admin.enableServer=true +server.1=nodepool-test-zookeeper:2888:3888 +serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory +secureClientPort=2281 +ssl.keyStore.location=/var/certs/keystores/zuul-test-zookeeper.pem +ssl.trustStore.location=/var/certs/certs/cacert.pem |