TEMPEST_BRANCH which is mostly set as master so
that Tempest master is run to test the env. With
stable branch going to EM state and Tempest master
might not work due to incompatibility of code or
requirements. In that case we pin the Tempest so that
older Tempest can be used for their testing.
Till now for ocata, pike and, queens we used the gerrit style
ref to pin the Tempest which is not preferred way. We should be
able to use the tag name on TEMPEST_BRANCH.
This commit explicitly checkout the tag set in TEMPEST_BRANCH
as git_clone does not checkout the tag directly until RECLONE
is true or tempest dir does not exist.
After this stable branch or job can set the tag directly with name.
For exmaple: TEMPEST_BRANCH=23.0.0.
Also use the stable/ocata upper constraint in Tempest venv.
Related--Bug: 1861308
[1] https://review.opendev.org/#/c/704840/
Change-Id: I15942917ec96e0f0e17639ea3296e356cdfeb832
The URL for rdo-release package is version-less and redirects to latest
stable version. This becomes problematic when stacking older stable
versions as dependencies might not be met or newer and incompatibile
ones might get installed.
Closes-Bug: #1833696
Change-Id: Icb07dcb4c9a3950a3c31a3a8dcb8d0b4c713fdb1
(cherry picked from commit 8b31dce38b)
(cherry picked from commit fb3b6e4baa)
(cherry picked from commit ed120e335f)
(cherry picked from commit 6f3696c168)
Tempest master started doing the strict JSON schema validation
for volume API. With that validation Tempest master started
failing on Ocata branch as new field in Cinder API added after
Ocata is still seen in Ocata API verison. Means new field added
in microverison is still seen in older microversion also.
Whether Cinder API can be fixed or not is different topic but as
per Tempest stable branch support policy[1], current Tempest master
does not support Ocata branch which is EM and if Temepst master
does not work on EM branches then solution is to use the Tempest
working tag for that EM branch.
Tempest 20.0.0 is supported Tag for Ocata so let's use that for Ocata
testing instead of Tempest master.
Related-Bug: 1843762
[1] https://docs.openstack.org/tempest/latest/stable_branch_support_policy.html
Change-Id: If5a0710360be448aa0c9e36fd22657b122dad66b
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.
This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.
This update should result in no functional change.
For more information see the thread at
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html
Change-Id: Ib02316a43b18bdbfee29aa157a7a0438b9b2fdc9
CentOS tests have reverted to using upstream for EPEL rather than
local mirrors, introducing some unnecessary instability. The root of
the problem is that /etc/nodepool/provider disappeared with zuulv3, so
we now always re-install the EPEL repo and overwrite the local EPEL
.repos files that were made during test setup and point to local
mirrors.
The other change is that we stopped installing the RDO repositories on
the testing nodes too. That we were incorrectly taking this path and
reinstalling EPEL has hidden the removal of these packages from the
base image in the test, since it ends up installing them too.
Split the install into two parts -- epel and RDO. Check for
/etc/ci/mirror_info.sh (the sourcable mirror script provided by base
test setup) and if so, just enable EPEL so we get the CI-mirror
version correctly. Install the RDO repositories (if not already
installed) unconditionally.
(Cherry-Picked from dc04b5aa24)
Change-Id: Iccb045a6695deb10da4d68a5694e1fa45ccbb810
The os-fping API was deprecated in nova in
I92064cbcb5f6414da0c9d294f912a860428af698. I can't see anything
obviously using it on codesearch.
This is only in EPEL for centos, which I'm trying to remove. But I
think less dependencies is always better than more in general hence
the removal.
This is essentially a revert of
Ibdc7479a9038321e4fc3953774a6f3e1dac90530
Change-Id: I163fc48c860bae2a92c83cfdaed26b2e54630e20
(cherry picked from commit bc6c992e3c)
legacy-periodic-tempest-dsvm-oslo-latest-full-master
runs only on master, remove it. This needs to stay in project-config.
Change-Id: I81e66ddb0976bb4bb7a7cd8efbbae3bda551191d
(cherry picked from commit 6403b1447f)
the swift and devstack-plugin-ceph jobs have been renamed, follow rename
and use in-repo jobs.
Depends-On: https://review.openstack.org/543048
Change-Id: Idccc21e47b2cc04e5eeab4db7f7fb7cf156f8049
This is a mechanically generated patch to complete step 1 of moving
the zuul job settings out of project-config and into each project
repository.
Because there will be a separate patch on each branch, the branch
specifiers for branch-specific jobs have been removed.
Because this patch is generated by a script, there may be some
cosmetic changes to the layout of the YAML file(s) as the contents are
normalized.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I4f262c7dd9fedf16cdd0898f9171f882919c13b1
Story: #2002586
Task: #24327
- Remove extra spaces
- Fix a missing space in the generated option string
- Fix a fatal typo
Change-Id: Ieca1c3e3c7e2ff59089ef45435e126ce7ff4f9b5
Closes-Bug: #1667073
(cherry picked from commit ed887d8b9f)
It looks pip 10 failed the uninstallation of distutils installed
packages. This patch temporarily cap the version of pip to work-around.
Closes-Bug: #1763966
Change-Id: I8bf80efc04883cd754c19bea0303064080112c6e
(cherry picked from commit f99d1771ba)
The old code was strip()ing the version string instead of split()ing the
version string so we always got the first character of the version
string. This worked fine as long as the pip version was single digit but
as soon as it rolls over to '10.stuff' we will compare:
pip version 1 (instead of 10) > 6
Which fails bceause 1 is less than six. Instaed we really do want to
compare 10 > 6 so use split on '.' instead.
Closes-Bug: #1764046
Change-Id: Ic7d0c04d7fa77774ab2d70fb9d11f182becec553
(cherry picked from commit 065779517f)
This changes bumps NOVA_READY_TIMEOUT to 120s by default in Pike
and older because the UCA shipped libvirt (2.5.0) is very slow
to start up (taking almost a minute at times)
Change-Id: Ia5fd8654e062533a55de2e78d84128027c73c094
The function was introduced in [0] using a hardcoded timeout of 60
seconds which turns out to be too small on slow machines. Create a new
global variable NOVA_READY_TIMEOUT instead so that users can
override the timeout if necessary.
[0] I32eb59b9d6c225a3e93992be3a3b9f4b251d7189
Co-Authored-By: Mohammed Naser <mnaser@vexxhost.com>
Change-Id: I0cd7f193589a1a0776ae76dc30cecefe7ba9e5db
'deactivate_image' feature flag was added long back during kilo
cycle. Tempest is going to remove this feature flag.
Depends-On: I843d4c64f24407d9d217005d5ea59d50d7ad62e7
Change-Id: I1ae8efc0e62acc5e05c1c00dc8970b74d8b16da0
The sphinx jobs need to find doc requirements in either
test-requiremnts.txt or doc/requirements.txt. Putting them directly in
to tox.ini, not so much.
Amended to use matching stable/ocata requirements.
Change-Id: I98a43b511a6949fa4f00c26eec224d24d6fa6588
(cherry picked from commit 4187d2fc4a)
As described in the change, "pip freeze" has issues with the way
zuulv3 clones repos without a remote. This is an attempt to use "pip
list" to check for local install
Change-Id: I33d25f86b6afcadb4b190a0f6c53311111c64521
(cherry picked from commit ae9c6ab759)
(cherry picked from commit 4358418d7d)
This adds packages to suse for systemd python linkages as well as
apache2 and which. And configures mod_proxy and mod_proxy_uwsgi with
a2enmod.
We also properly query if apache mods are enabled to avoid running
into systemd service restart limits. Enable mod_version across the board
as we use it and it may not be enabled by default (like in SUSE).
Also in addition to enabling mod_ssl we enable the SSL flag so that TLS
will work...
Finally we tell the system to trust the devstack CA.
Change-Id: I3442cebfb2e7c2550733eb95a12fab42e1229ce7
(cherry picked from commit 35649ae0d2)
With cell v2, on initial bring up, discover hosts can't run unless all
the compute nodes have checked in. The documentation says that you
should run ``nova service-list --binary nova-compute`` and see all
your hosts before running discover hosts. This isn't really viable in
a multinode devstack because of how things are brought up in parts.
We can however know that stack.sh will not complete before the compute
node is up by waiting for the compute node to check in before
completing. This happens quite late in the stack.sh run, so shouldn't
add any extra time in most runs.
Cells v1 and Xenserver don't use real hostnames in the service table
(they encode complex data that is hostname like to provide more
topology information than just hostnames). They are exempted from this
check.
Related-Bug: #1708039
Change-Id: I32eb59b9d6c225a3e93992be3a3b9f4b251d7189
(cherry picked from commit c2fe916fc7)
Sometimes when doing worlddump would see a command line like this:
sudo ip netns exec (id: ip addr
This would cause an error to be seen in console.log:
2017-02-07 00:03:03.659570 | /bin/sh: 1: Syntax error: "(" unexpected
This is caused by there sometimes being extra data returned from the
'ip netns' command [1]. For example it might look like:
qrouter-0805fd7d-c493-4fa6-82ca-1c6c9b23cd9e (id: 1)
qdhcp-bb2cc6ae-2ae8-474f-adda-a94059b872b5 (id: 0)
[1] https://lwn.net/Articles/629715/
Change-Id: Icece442023125ef55696b8d92a975d37e358b1b4
Closes-Bug: 1653969
(cherry picked from commit c6e6939e89)
This patch increase host_subset_size when ironic is used to 999
to minimize race conditions.
Change-Id: I0874fe3b3628cb3e662ee01f24c4599247fdc82d
(cherry picked from commit 0525e77d9f)
In Fedora mariadb, cracklib has been enabled [0] in order to verify the
password strength.
Disable cracklib in Fedora devstack in order to allow simple passwords
in dev environments.
[0] https://src.fedoraproject.org/cgit/rpms/mariadb.git/
commit: 9442da192282aa74f43e86c96202109a173bbaba
Change-Id: I2d5e965f0f19f86992794eec78134e862899c931
(cherry picked from commit 13e81ad1cf)
As a follow on to I4c269a7f3d63ee9a976e7c3636fc3e5e8dab9ae3; the
quoting gets tricky when putting arbitrary command-substitution
strings into saved echo-able strings. As they say, "the only winning
move is not to play" :)
An alternative proposal is to not write this into a script but just
dump info into a file. To my mind, this has several advantages --
avoid getting involved in quoting, not dropping a script into the
global environment -- it's just as easy to "cat" -- and the plain-text
file can be collected as an artifact during log collection (also moved
git commit line to separate line for easier parsing during log search,
etc).
-- Note
This is a combined cherry-pick of the following
2c0faca038 - add version
3415521d56 - fix to ^
07cbc44942 - this change
2c0faca and 3415522 were not merged to this branch at the time to
avoid breakage. This brings consistency across the open branches.
Change-Id: Ic7391dd087657c0daf74046e4a052c53f4eb6e1a
With the key manager refactoring in nova and cinder, the key manager
class will need to be explicitly set.
Nova key manager refactoring: Ib563b0ea4b8b4bc1833bf52bf49a68546c384996
Cinder key manager refactoring: Ief8885bb4ca8d62b03cf1a52c25dd0e62c835bfe
Related-Bug: #1704875
Change-Id: I733279864ee1a4aaffc9c8eed81b5e12f8d8821b
(cherry picked from commit a5b72b053e)
Now that mysql.qcow2 has been removed, we only have 4 images to worry
about. This fixes cache-devstack element for openstack-infra.
Change-Id: Ia06f0e0679e253a1a6614f7c38abf1f5cd13991b
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(Cherry-picked from 331b3de88e)
We no longer host this on tarballs.o.o, additionally it is no longer
used my trove.
Change-Id: I2034e8ebc530704d6e63a231056f92e14a8654e4
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
In master branch of noVNC project file vnc_auto.html was renamed to
vnc_lite.html Because of that nova-novncproxy looks for file that
actually doesn't exist.
We need to change branch of noVNC to latest stable, because other
projects are not ready yet to rename the path. Those projects
depends on noVNC package installed in system, but it is too old
for now for both CentOS (version 0.5) and Ubuntu (version 0.4).
The only way to make noVNC console working on Devstack is to change
the branch to stable one.
Unit test also has to be modified in order to ignore novnc repo
from checking against cloning non-master branch.
Change-Id: Iaf4761aedf93bc6b914a6a0c5cf1cfedcc29583c
Closes-bug: #1692513
In order to test whether live migration is backward compatible
we need to live migrate VM back and forth between two versions
of nova. This configuration option will allow to reuse existing
tests just by adding if condition in a method that invokes live
migration and validates outcome:
* If set to False, it will use existing behaviour
* If set to True, it will live migrate VM, validate whether it
succeded, then live migrate the same VM once again and again
validate the result
Depends-On: Icaeca404ec3e4b8f3cd489789fdac6117740ec43
Change-Id: I8da2b3bd0c08d9a3111d3531c346d06bd52cae7b
(cherry picked from commit 8a92b7f1de)
KEYSTONE_SERVICE_API is the keystone endpoint and it is what we should
use. The admin url should DIAF - but until it does, it CERTAINLY should
not be the thing we put into clouds.yaml.
Change-Id: If8196a04f852f633e0b7548793f68c92376aa6da
(cherry picked from commit e43f60ba2a)
We recently disabled EPEL in openstack-infra, enable it again.
Change-Id: I213b302b34b740354d63b69e8ac7f4e1b3d3cdd7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit bc4b8eb5bf)
This is a partial backport of:
https://review.openstack.org/#/c/435126
We have only opted to backport the removal of openvz image.
openvz is not in the nova tree, and is referencing a crazy old image,
we're going to assume that if anyone is using this they can build a
devstack plugin.
Change-Id: I9d33b98263c3d52a95b9983e90eb0b341fa1d363
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Keystone v3 API is CURRENT and the v2 API is deprecated now.
So we need to change the default config of auth_version to fit
for current API status.
Change-Id: I801e6740258ddea2a1b628a209970e0307d39d12
(cherry picked from commit dc6e550218)
Libvirt live migration requires netcat. It appears that newer UCA
packages may not automagically pull this in so explicitly list it as a
dependency of nova compute here. Note that netcat/netcat-traditional do
not appear to work and netcat-openbsd is required.
Change-Id: If2dbc53d082fea779448998ea12b821bd037a14e
(cherry picked from commit 3d4c6d2dd1)
When an apache worker gets a proxy error, it will not retry talking to
the backend server until the retry timeout expires. We bring up the
proxy server *before* the backend server, and poll it. If we are
running a small number of workers, there is a likely chance that we're
going to hit one that errored before the backend was up, thus failing
for now real reason.
Set this to 0 instead to mean always retry failed connections.
Change-Id: I9e584f087bd375f71ddf0c70f83205c425094a17
Ref: https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypass
(cherry picked from commit a1446b960f)
We have had issues with libvirt 1.3.1 which is stock on Xenial. Try
using 2.5.0 from UCA instead.
Related-Bug: 1643911
Related-Bug: 1646779
Related-Bug: 1638982
Change-Id: Ia4434541c71f050fe1ffb54f4c4c1e302391d00b
(cherry picked from commit c9a9e415b9)
Was using the '-ne' integer comparison operator to compare UUID
values. This caused error messages like:
/opt/stack/new/devstack/lib/tempest: line 226: [[: dfae26ac-1780-4677-902d: value too great for base (error token is "902d")
Change it to use '!=' string comparison operator
Change-Id: Ib7c9197dd0fe58addf33b4f82beea6de64f6b10b
(cherry picked from commit 3345a6d316)
Since https://review.openstack.org/#/c/438325 landed
it only works for Centos 7, but not for other
RHEL-based distributions: Virtuozzo and, probably, RHEV.
Both of above have own version for qemu-kvm package: qemu-kvm-vz and qemu-kvm-rhev,
accordingly. These packages provide "qemu-kvm", like qemu-kvm-ev,
and, when you call "yum install qemu-kvm", they replace the default OS package.
Change-Id: I46da627c0da8925064862fdc283db81591979285
(cherry picked from 008aa3e095)
For the latest qemu-kvm, you have to use the qemu-kvm-ev package,
which is based off the qemu-kvm-rhev package, which is explained in
[1] but you probably can't read it. The gist is, that qemu-kvm-rhev
is a later build of kvm that is incompatible with the base version
provided. qemu-kvm-rhev is only provided with the RHV (ovirt) and
RHOS (openstack) products. CentOS rebuilds this package as
qemu-kvm-ev as part of it's virtualisation SIG.
I9a972e3fde2e4e552f6fc98350820c07873c3de3 has bumped up the minimum
qemu version to 2.1.0. It seems there is a an issue (bug #1668164)
where having the qemu-system package installed gets picked up if
installed, and reports the incorrect version to nova, causing failure.
This removes the installs from files/rpms/nova as it is all being done
in function-libvirt. We only install the qemu-kvm-ev package on
centos and remove the old work-around.
[1] https://access.redhat.com/solutions/629513
[2] https://wiki.centos.org/SpecialInterestGroup/Virtualization
Change-Id: Ide91b261f35fb19d8bd7155ca016fa3b76a45ea1
(cherry picked from commit 52bb64105f)
When variables use the 'declare' directive, it is by default a local
variable. While other variables have global scope.
For example:
declare -A AN_ARRAY # local in scope
foo=1 # global in scope
This causes errors to occur as some of the variables will be local only
and others will be global.
Update the code, as appropriate, so that variables using the 'declare'
directive also include the '-g' flag to have them also be global. Not
every instance of a declared variable has been updated.
Closes-Bug: #1669509
Co-Authored-By: John L. Villalovos <john.l.villalovos@intel.com>
Change-Id: I2180b68fe861ad19c6d4ec0df0f9f8a528347862
(cherry picked from commit afef8bf097)
This was not supposed to be merged yet, it breaks grenade.
There needs to be a fix applied to master and then included in this backport.
This reverts commit f61ca5fd61.
Change-Id: I6321039117dcff80bb87e43f0e49082071018936
Calling enable_kernel_bridge_firewall inside a
container, devstack will crash because it tries to
load a kernel module by calling 'sudo modprobe' on
net.bridge.
Change-Id: Id4718c065d5a8c507d49f38e19c2796a64221aa4
Closes-Bug: #1662194
(cherry picked from commit 0bf75a471e)
Use pip_install_gr so we get the version pinned by requirements. The
depends-on is an example of where we're trying to pin to workaround
issues.
Depends-On: I9c57c08a150571c5bb62235d502839394d53a4c1
Change-Id: I780cca681b12a3e9d228dbf2fd9fa6e8ab1a82e1
(cherry picked from commit 1e7f738f28)
On stable branches, we are supposed to hard code the extension list of
what API extensions are available when we branch the project so that
test cases against new features will be skipped. However, we didn't do
this on Ocata release.
Change-Id: I1a4d1ea8c8d34b8cd1020e76597db6c67f85f6ec
Currently placement api section will be configured on controller
only if service n-cpu is running. It breaks multi node setup.
Closes-Bug: #1667219
Change-Id: I8b0f60f253859f704bb9831d7dac8f55df353ac7
(cherry picked from commit f58b373563)
This commit switches devstack to use the published qcow2 cirros image
instead of the AMI version. Using AMI was mostly a historical artifact
dating pretty far back, but in the real world no one really uses AMI
images with openstack clouds. This change reflects that and also
enables tempest ro remove its deprecated config options for using AMI
as a fallback on misconfiguration (which was just there to support
devstack's defaults)
Change-Id: Id65ebae73b28da7185cb349b714b659af51ef77f
(cherry picked from commit 6fc332d852)
This commit sets the max microversions on the ocata branch so that
tempest doesn't try to run tests that require a newer api version.
Change-Id: Id033dde91b6a7aa09aca2332fe815fd72be90438
The dedicated RPC worker is overkill in single or multinode
devstack deployments. Also metadata API workers was left
default, which meant they were as many as the CPU cores.
Related-bug: 1656386
Change-Id: Ibbf7787dfa48e13a51f961f3e0ee2b8f49964759
Cells v1 apparently doesn't support the swap volume API which
was recently enabled for testing in change:
92575baa6b
Rather than revert that change, we should just handle the cells
v1 case and not enable that test in that environment.
Change-Id: I80f52e8299641098d90d3c374a80770fc45b8122
Closes-Bug: #1660511
tools/discover_hosts.sh is run by devstack-gate, and breaks all dsvm job
that doesn't use nova.
nova-manage is perhaps not installed if nova services are not enabled.
This change checks the presence of nova-.
Change-Id: Ic555d241f98d0fa027897c69a7115d1be88f6c96
This adds a simple script to run the
'nova-manage cell_v2 discover_hosts'
command which will be used by
devstack-gate to discover the compute
hosts after devstack is fully setup.
This allows us to manage the branches
where this can run from devstack rather
than require branch logic in devstack-gate.
Change-Id: Icc595d60de373471aa7ee8fb9f3a81fc12d80438
Depends-On: I4823737246a8e9cc4eaebf67ff6bdba8bf42ab29
If the NoVNC service is enabled, enable vnc_console in tempest.conf.
This will allow tempest tests that interact with VNC to be executed.
Change-Id: Idb38a3b11e2f61f23adf1ec23c04ddccd72e7539
Depends-On: I09aed8de28f1ba2637382e870134ced38808df29
This provides a single setup_logging function which builds consistent
colorization if the config supports it, otherwise builds the identity
strings that we need to actually keep track of requests.
Change-Id: Iffe30326a5b974ad141aed6288f61e0d6fd18ca9
This makes setup_colorized_logging be a thing which takes a single
parameter and doesn't let projects do things differently. It also
changes the order of values from user / project to project / user to
represent the hierachy more clearly.
Change-Id: I8c0ba7da54be588e3e068734feb4f78ed7c5a14a
An initial install for devstack-tools, this will need to use all the
fun pip extra variables for installation, however the current
pip_install always prefers python2, and we only want to do python3
here.
Change-Id: I3dcdb35130f76fad81cb7b0d4001b7e96efbbd84
The test that is in tempest for this feature is
specific to LVM and will *not* work for other backends
regardless of them supporting the feature. It shouldn't
default to enabled for everyone, only for LVM.
If others want to opt-in they can, but its definitely
the minority that would.
Change-Id: I21347f2a5069059e6413208b254d5acd246faaea
In the incoming XenServer, it failed to install conntrack-tools
in Dom0 due to the bash script which is trying to find the correct
CentOS release version to be used in yum command. This patch is to
fix the problem
Change-Id: If7f169e118ccb7c29fc479c361417a916dc40b40
For some reason we were defaulting the name of the cell0 database
to nova_api_cell0 instead of nova_cell0. Devstack inherited that to
make things work, but we don't really want that. This patch makes us
use the proper name and create the cell0 mapping accordingly. As a
side effect, it also starts the process of unifying the cellsv1 and
cellsv2 paths by creating the cell0 mapping the same for both.
Change-Id: I4e7f6c5eaa068c98e5c4ef3feaee50d8e4f5d484
Findutils added in release 4.2.3 a new --delete action for deleting
matching files. This action performs better than -exec rm {} \;
because it doesn't have to spawn an external process. This change
uses a new action whenever is possible.
Change-Id: Iff16a86b18e924cfe78ac7c6107910940ce51e03
$ipv6_modes should always be passed when creating the
default IPv6 subnet, not just when fixed_range_v6 is
set. Without it the default was DHCPv6, which cirros
doesn't support out of the box. Was broken in
change-over from neutron to openstack cli.
Change-Id: Iadd39b1ce02fe0b3781bd3ae04adfd20d7e12d9f
Closes-bug: #1656098
Since cellsv2 setup is no longer optional, we can't even exclude
cellsv1 from this step. Since cellsv1 users can't use the simple
command, this does the individual steps as needed.
Depends-On: Icfbb17cce8ce8b03dc8b7b4ffb202db01e5218a6
Change-Id: I3c9101a34b2bb0804fc4deda62dbb8637e7b8f94
The only virt driver in nova that supports the swap volume API is
libvirt so enable testing that in Tempest only if using libvirt.
Depends on two changes:
1. The Tempest change that adds the new config option and test.
Depends-On: I2d4779de8d21aa84533f4f92d347e932db2de58e
2. A nova fix for correctly waiting for the block copy job in the guest
to complete.
Depends-On: I0c52917a5555a70c4973f37dea1aebf878dd73b4
Change-Id: Ibb6b309574d2c6a06fcecb0626ea21527fb7f412
Only a few Cinder backends support the 'manage snapshot' feature. So
we need a feature flag here. Luckily the LVM driver does support this
feature so default the feature flag to True in devstack(/Gate) but
introduce a variable to tweak the config.
Change-Id: Ifcb9f91059f08bdf2faf2a8d65229aba5742ee1c
Depends-On: I77be1cf85a946bf72e852f6378f0d7b43af8023a
Hypervisor XenServer will change to use os-xenapi in the future,
this will need DevStack changes, this patch is to remove install
Dom0 plugins part to our own DevStack plugins.
Change-Id: Ic327135b893a77672fd42af919f47f181e932773
The logic to set the default image for Ironic has been moved into the
Ironic tree. This patch is just removing it from DevStack.
Change-Id: Iaeb177f194adc83e40d86696e5553f9f72bbd1f9
Depends-On: Id828b41dc44113ce1cd094ce5fc245989699d4ff
The PCI-DSS feature has been introduced during the Newton
release and its settings are disabled by default. This
patch adds the possibility to enable some of them during
DevStack setup.
Change-Id: If6b5eb3e3cbc43eb241c94d18af80ad50be08772
Depends-On: Id97ca26f93b742cc3d8d49e98afc581f22360504
* iniuncomment followed by iniset for reseller_prefix just adds a
duplicate line in the config file that configparser does not like
so just remove the uncomment
* fall back to http:// url for glance->swift keystone authentication
* insecure flag to talk to swift
Depends-On: I51d56d16a5b175bd45dee09edc0b2748d72a5d06
Change-Id: I02ed01e20f8dce195c51273e8384130af53384ce
Currently if PHYSICAL_NETWORK and PUBLIC_PHYSICAL_NETWORK are
same then duplicate entry is created in ml2_conf.ini like below:
flat_networks = public,public,
With this patch, if PHYSICAL_NETWORK and PUBLIC_PHYSICAL_NETWORK
are same then add only PHYSICAL_NETWORK to flat_networks in
ml2_conf.ini
Change-Id: Iae4d1ee3882f6d96b4e4abd52ecc673a620563b5
Closes-Bug: #1654148
This commit switches how scripts we use to launch the installed version
in the path. Previously the scripts were manually executed in the source
repo, but this has issues if you're trying to run with py3 in a system
where python == py2. Setuptools already does the shebang magic for us
at install time, so we just need to use the installed version of the
script.
Change-Id: Iaa4d80ec607a2aa200400330e16cad3a4ca782ac
According to the feedback in the TC meeting [1], we renamed the Nova
virt driver from "docker" to "zun" [2] to avoid name collision
to nova-docker. This rename also help to clarify the difference
between these two drivers.
[1] http://eavesdrop.openstack.org/meetings/tc/2016/
tc.2016-11-29-20.01.log.html
[2] https://review.openstack.org/#/c/414651/
Change-Id: I747080953ae4d1d35ed334831100413b6e4466c4
The domain_name to be used needs to be $SERVICE_DOMAIN_NAME, as this is
changed in devstack from "Default" to "service".
Change-Id: I6351c1b2ca7ea4448e13eb87455bff4058df4fa7
Previous this was set the zake, but that was revert to missing
dependencies issue and because zake is a test fixture and not somthing
to deploy.
This change configures the Cinder dlm with this one is zookeeper.
And it installs tooz and the extra dependencies needed for the
zookeeper driver.
To do it, this commit have to introduce a new method for package
installation: 'pip_install_gr_extras package extra1,extra2'.
Change-Id: Idca310c08e345db59840eb31434c6cb1f849fa70
nova-network has been deprecated since Netwon and Nova change
I8388c29ad310cd8800084b4d5c026013158bfbed is switching the default
value of use_neutron to True, so we need devstack to explicitly
set use_neutron=False when running and configuring nova-network.
Part of blueprint use-neutron-by-default
Change-Id: I82721b5d10711401b9b0ebc2b0ed07cc8287bbf7
Really close to getting swift and keystone under uwsgi working, so
let's white list them. Won't affect any existing jobs, so we should
be good.
Change-Id: I51d56d16a5b175bd45dee09edc0b2748d72a5d06
Now that Liberty is EOLed, the feature flag is not needed anymore.
Change-Id: I5206535761773d4bcb02ebb8f25d1b0c1b59110c
Depends-On: If0b2168080a0b0ecdc6682ef69856a0879f4f6d3
CLI tests have been removed from Tempest in
I4f8638f1c048bbdb598dd181f4af272ef9923806
Dashboard tests have been removed from Tempest in
I2a69ebed2947a5ab5e5ca79557130bd093e168dd
Change-Id: I6df74a07e209b07fd3feae762c9cdab16e09414f
The snapshot_backup feature flag was introduced in
Ib695e60c2ed7edf30c8baef9e00f0307b1156551 to enable Tempest tests
introduced in I1964ce6e1298041f8238d76fa4b7029d2d23bbfb
But I1964ce6e1298041f8238d76fa4b7029d2d23bbfb was never merged so that
feature flag was never really useful.
Change-Id: I4e0bc786d2320907cb101fc788ad51444628537d
Use trueorfalse to normalize the values for USE_PYTHON3
Install 3.5 instead of 3.4 When USE_PYTHON3 is specified.
Also, since not many packages are classified correctly, fallback
to looking for just "Programming Language :: Python :: 3" and
log a message for the package to highlight the problem.
Also special case some services that are *almost* ready
Depends-On: Id48e1b328230fcdf97ed1cb4b97f4c3f9cf6eb8a
Depends-On: Ib7d9aa0e0b74a936002e0eea0b3af05102b06a62
Change-Id: I243ea4b76f0d5ef57a03b5b0798a05468ee6de9b
The placement API configuration was binding a specific port *and* was supporting
to be called by the default HTTPd ports using a Location directive.
Given that the corresponding service catalog entry for the placement service type
doesn't mention the specific application port but is rather using the default
port 80, we can remove that specific port and just use the default config.
Note that we still need to use a VirtualHost directive for the specific placement
config because ErrorLog is only scoped for either server or virtualhost but can't
be set for a Location (or a Directory) context.
Change-Id: I9a26dcff4b879cf9e82e43a3d1aca2e4fe6aa3e6
This moves setting of RABBIT_HOST from stack.sh to lib/rpc_backend
so it may be used in grenade runs, which don't have the defaulted
value from stack.sh. The RABBIT_HOST is needed in order to call
get_transport_url in lib/rpc_backend.
Change-Id: I504f7fac7bb9a8c158e20046dbd1dd2d507db02b
Closes-Bug: #1649586
Depends-On: I3d4d7b309e50f4e2970cda55aada02d68c4fa705
Services that run inside Apache use tail -f on the corresponding log
file to display output in the screen session. However, they also use sed
to replace some control characters, and this means that the output is
buffered. This results in debugging experiences that range from
"impossible" (the log you want isn't shown) to "Kafkaesque nightmare"
(the log you want isn't shown, except that sometimes it is, and
sometimes it isn't even though you double-checked and you're completely
sure that you must have output a log, but when you check back later you
realise it actually is and you wonder if history is actually not mutable
after all and begin to question what is real and what is not).
This adds the --unbuffered option to ensure streaming output.
Change-Id: I665ff5f047156401d8152f478d834ac40ff31658
Now that the placement service is mandatory for running Nova in Ocata,
we want to enable it by default when running devstack by default.
In the past, we added a placement-client service with
I04a655fbc58913b3d607400a7f677be299499142
Devstack-gate will also be able to run a multinode devstack with the
help of Ibd760c642e3c1ffff2dd61be48e30530b0d24720
Change-Id: I273c3c8299ee329bed425f3e7cd4b583ed1187a4
Neutron doesn't use any arptables based firewall rules. This should
somewhat optimize kernel packet processing performance.
I think the setting came from:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf
but does not apply to the way we use iptables.
Change-Id: I41796c76172f5243e4f9c4902363abb1f19d0d12
Closes-Bug: #1651765
If 'RECREATE_KEYSTONE_DB=False' database won't be recreated.
It would be useful for multinode Grenade tests for Keystone. This parameter
will help us to deploy multiple services on different machines talking to
the same DB.
Devstack recreates Keystone DB each time during Keystone service installation.
If our controller node is already deployed, Keystone DB already contains
important information about OpenStack services and their endpoints. When
the second Keystone node is being deployed, we don't want to delete
records about controllers' services endpoints.
Partially-Implements: bp rolling-upgrade-testing
Change-Id: Ia8d07b4295ca165be01e44466c95d5275f596e83
When doing multinode devstack we need a way to specify that we've
enabled for the placement service. We use a pseudo service of
placement-client for this.
Change-Id: I04a655fbc58913b3d607400a7f677be299499142
The current code assumes that there exists a public openstack network
and uses that assumption to set the public_network_id variable in
tempest lib. If NEUTRON_CREATE_INITIAL_NETWORKS is set to false this
step will fail as there is no public network to be found. This change
adds a check for NEUTRON_CREATE_INITIAL_NETWORKS before attempting to
set this variable.
Change-Id: I62e74d350d6533fa842d64c15b01b1a3d42c71c2
Closes-Bug: #1645900
Different versions of Ubuntu ship with different versions of Java.
Trusty had 7, Xenial has 8, and so on. This causes problems when we
hardcode a versioned package name into our dep lists as that version may
not exist everywhere. Thankfully Ubuntu provides a default-jre-headless
package that we can use instead that maps properly onto whatever java
version is correct.
Change-Id: I4e5da215c8f7aa426494686d5043995ce5d3c3af
* Set ml2_type_flat setting so that the public flat network is created
correctly
* Set securitygroup driver correctly
It should be set as:
[securitygroup]
firewall_driver = iptables
Change-Id: I7369b45fbc5a47ce958693c67a1902a8cb24f367
When creating a service user we allow the user to be created with a
different role. Currently in auth_token middleware we want to check that
the service token is specified with the service role so we should always
add the service role and optionally add additional roles.
Change-Id: Ie954a679674b4795079b539ebc8d4d2dcbd7dacc
When using local.conf in multinode envs not everything is going to be
defined in all places. Eventually we probably want to make it so we
have a host role for these sections or something. But for now warn
instead of die when we can't find a config var.
Change-Id: I6959099373f035fbfe9e540a44e4c52b8e7c95c0
Closes-Bug: #2000824
Since I21ae13a6c029e8ac89484faa212434911160fd51 nova-manage db sync
may try to make a request to api db in order to get cell mapping and
will fail, as the db is not created yet. While this is non fatal, we
could avoid the error anyway.
Change-Id: I19483e9420071d484f029779bcc8c6d623c210ce
Related-Bug: #1631033
the python-xml is a subpackage from the standard cpython package that
that contains elementtree and other bits that are needed almost
everywhere in OpenStack but isn't installed on a absolutely minimal
openSUSE Leap installation. This package doesn't exist on pip but
is a SUSE only invention, so just treat it similar to a bindep.
Change-Id: I82887c2e6895740d1b16d1269574519450ca783e
Starting with SLE12 SP2 and with openSUSE Leap the distro-shipped
openvswitch is the normal systemd openvswitch.service service file
and no longer the older openvswitch-switch Sysv5 init script. Add
a special case for that.
Change-Id: I5152f2585c3d4d18853988d6290039d6b1713b99
Now all configuration are present in Ironic tempest plugin
and those are going to be removed from tempest in
Id518a6d87d0949737cd1c50cb6a83149b85e5f85
Patch- I73c649625d106fc7f068e12e21eaacba8f43cbbb set
those in ironic devstack plugin.
We can remove all baremetal config setting from devstack.
Along with moved one this patch deletes other unused baremetal
config setting.
Change-Id: If826321ebc0c20ea372d206d49383f3826c9b547
Depends-On: Id518a6d87d0949737cd1c50cb6a83149b85e5f85
Depends-On: I73c649625d106fc7f068e12e21eaacba8f43cbbb
On Ubuntu nodes, devstack tries to predefine the initial mysql root
password by doing some debconf-set-selections, but these will not take
effect if the corresponding package has been installed earlier. So
just try to set it every time, like we do on other distros.
Change-Id: I2c167051fc5e53dd0ccf82a60ab085cd9cdea28d
create_cell requires n-api and at least one n-cpu up and running. If
we have a configuration where it is not guarunteed that there is an
n-cpu at the end of a devstack run we have to skip this step and make
the user run it manually later.
Change-Id: I2287ab29f3c1a7252271dcce81673ef365615296
Role "root" it is hardcode.
In general case role name comes from local.conf: string "DATABASE_USER="
Change-Id: Iedfca48e04d23c313851f48d68ac40ba29340805
The linuxbridge agent for Neutron expects that the public bridge will
already be created by the time it starts. On devstack, this only occurs
as part of the l3 agent configuration. If a compute node doesn't have an
l3 agent and is using a linuxbridge agent, then br-ex won't be created
and the process will not be able to start (causing stack.sh to fail).
This causes the gate-grenade-dsvm-neutron-linuxbridge-multinode-nv gate
to fail. To avoid the issue, skip the bridge mappings setup unless L3 is
configured. This is done in a backward compatible fashion: if localrc
uses the old q-l3 tags, the is_service_enabled neutron-l3 would not be
able to succeed.
Closes-Bug: #1643562
Change-Id: I292ff0dc080fb84b5f879ba2f00f03eff295b55b
libguestfs does not work on ubuntu because the kernel is not
world readable. This breaks file injection with libvirt.
See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725
for more details.
The workaround proposed by Ubuntu is to relax the kernel ACL
if needed, so we need to do that in case file injection is
enabled on an Ubuntu host running libvirt.
Partial-bug: #1646002
Change-Id: I405793b9e145308e51a08710d8e5df720aec6fde
We need a local.conf processing phase after every run phase which lets
us override config options after that point. We didn't explicitly
support this for test-config before, which broke some CI systems when
we moved tempest to use this later phase.
Closes-Bug: #1646391
Change-Id: I7d693afa19acf3e8231e84e45b7a868628ebdbc0
This single global variable is no longer useful as we have multiple
repositories and devstack plugins nowadays.
Also, add a utility function, neutron_server_config_add, for devstack
plugins to add an extra config file.
Related-Bug: #1599936
Change-Id: I90112823ef96ae2fba97d7b09b00bec8cb816d8d
So that it can be used by functions like _determine_config_server,
which is used like RESULT=$(_determine_config_server).
Change-Id: Ia4e641c5529b95ada30ae662221f370bc7fa88a7
To avoid using legacy functions accidentially.
Depends-On: Ida1f83b6b3ef9b76be13c063c7e35a8703214078
Change-Id: I3ff136fc8330c92007cdfe91b77d7f9865eabd8d
XenServer already support OVS native mode and I have a patch for
configuring it https://review.openstack.org/#/c/372952/ which
is fine. But we have another patch which revert the usage of
ml2_confi.ini and ml2_conf.ini.domU
https://review.openstack.org/#/c/396573/. Both patches work well
separately. But the two should have some dependent relationship.
Once one merged, the other should change accordingly. Sorry that
we missed the dependency.
This patch is to fix the ovs config based on reverted ml2_conf.ini
and ml2_conf.ini.domU to make sure we configure the correct IP for
ovs agent
Change-Id: Ib53e37e210cc849f161dd6630f81e5b2331a91d5
Similar to 30ab23cd9b, fix the
plugin name to avoid warnings like:
WARNING stevedore.named [-] Could not load neutron.plugins.ml2.plugin.Ml2Plugin
Change-Id: Ibb45f1305816b255ba2419ba662d9e29eff68f58
Neutron has changed to use ovs native interface by default, but when
the hypervisor is XenServer, we cannot use ovs native interface without
extra configurations in neutron-openvswitch-agent(q-agt) in compute
node.
This patch is to add the needed configurations automatically during
deployment, so user needn't to do it manually and restart q-agt.
Change-Id: Ibc69d3cdb4d75833f2ac16840c62bcacf460dd4f
We are seeing connection errors to the proxy occasionally. These errors
do not result in a logged http request or error to the backends,
resulting in a theory that the proxy itself may just not be able to
handle the number of connections. More than double the total number of
connections that will be accepted by the proxy in an attempt to fix
this.
Change-Id: Iefa6c43451dd1f95927528d2ce0003c84248847f
Related-bug: 1630664
There may be cases when the configuration of the OVS is different
from the default one. This enables one to make use of the neutron
configuration file to contain all of the OVS settings.
Change-Id: I728cf8cdc653667c076b07b39c13c1278281c01b
Closes-bug: #1645691
The order of the steps were a bit confusing for the first timers
in the devstack document. So, changed the order of installation
steps to make it clear.
Change-Id: Ifaa051887dab95719b9ca5d1b2fbe2f5f549d269
Closes-Bug: #1627939
The current coding fails to process local.conf like
the following. Note: This example is taken from a
real use case. [1]
[[post-config|$NEUTRON_CONF]]
[qos]
notification_drivers = midonet
[[post-config|$NEUTRON_CONF]]
[quotas]
# x10 of default quotas (at the time of writing)
quota_network=100
quota_subnet=100
quota_port=500
quota_router=100
quota_floatingip=500
quota_security_group=100
quota_security_group_rule=1000
[1] https://review.openstack.org/#/c/400627/
Closes-Bug: #1583214
Change-Id: Ie571b5fa5a33d9ed09f30ba7c7724b958ce17616
Horizon is removing run_tests in favour of tox during Ocata, as part of
https://blueprints.launchpad.net/horizon/+spec/enhance-tox. To complete
this move, we need to remove any reliance on run_tests.
Change-Id: Ia8ad073aee68d1660d3bb5a68ec07516d8ce0665
In the 'Private Network Addressing' section of the doc,
there are references to FIXED_RANGE when referring to V6
networks. These have been changed to FIXED_RANGE_V6.
Also fixed a few typos and grammatical errors when
giving the doc a quick read-through looking for more
references to FIXED_RANGE.
Change-Id: Iaa530c476ce2b36a3f616945ddd2e24fa599a16c
If devstack is deployed in the VM with defined
public IP address (like 192.168.10.6) it is not possible to
access the Horizon from the browser.
This is because DEBUG=True means that ALLOWED_HOSTS, if not set,
is equal to ['localhost', '127.0.0.1', '[::1]'] according
to Django's documentation.
Change-Id: I0ab2b57e459dbfa3b01b3e9388bbcefac076a142
Co-Authored-By: David Lyle <dklyle0@gmail.com>
Closes-Bug: #1643050
Using devstack on a RHEL based system results in
"Listen 0.0.0.0:80" being added to the
/etc/httpd/conf/httpd.conf.
This configures Apache to only listen to port 80 on an IPv4 interface.
This makes it not possible to access Horizon via IPv6 without
re-configuring and restarting httpd.
Removing this sed leaves the default "Listen 80" from the rpm package,
which binds to all interfaces and will allow connection to Horizon
via IPv6.
Change-Id: I9fe8cbebff0ca6a30ceeaae0f7e035c9bb828d44
No need to explain how to enable Neutron now that it's enabled by
default. Keep but reformat the 'how to enable swift' part though.
Change-Id: I3f9b7796fad10abf1039e4c68eb2cd5ef6cdbc99
Since 4b49e409f8 devstack
started to use reload instead of restart.
Using reload in devstack for a fresh install,
does not makes too much sense unless multiple service
plugin touches the same service configs.
Systemd rejects to reload something,
which was not loaded before.
$ sudo /bin/systemctl reload httpd
httpd.service is not active, cannot reload.
We will switch to `reload-or-restart` action instead of `reload`,
it is more likely the action what the previous patch wanted.
Change-Id: I70d597fbe4a8923d937ba8432e29edefb27d1058
The linuxbridge agent for Neutron expects that the public bridge will
already be created by the time it starts. On devstack, this only occurs
as part of the l3 agent configuration. If a compute node doesn't have an
l3 agent and is using a linuxbridge agent, then br-ex won't be created
and the process will not be able to start (causing stack.sh to fail).
This causes the gate-grenade-dsvm-neutron-linuxbridge-multinode-nv gate
to fail.
Closes-Bug: #1643562
Change-Id: I6f441c6febb5070ad885569d9c798634d0272b6c
Change dddb2c7b5f recently
changed devstack to enable the Cinder image cache by default
and changed to use thinly provisioned LVM volumes by default.
Since then we've had a spike in thin LVM snapshot test failures
in the gate, which is by far our top gate bug at 219 hits in the
last 10 days.
So unless there is a fix on the Cinder side, this changes the
default lvm_type back to 'default' for thick provisioning.
Change-Id: I1c53bbe40177fe104ed0a222124bbc45c553b817
Related-Bug: #1642111
Without this parameter, when we set GIT_DEPTH,
it may happen that we clone only master and
then cannot checkout branch
Change-Id: I39376914f8bfc286a308c99db6bc92cddab195b5
The intent was to make any ipv6 safe addr range bigger than a /64 a /64
when setting the fixed range. Unfortunately the awk only emited the mask
and not the addr. Fix this by sprinkling the address back in.
Fixes-Bug: 1643055
Change-Id: I526d4c748fd404ecb3c77afcbb056aa95090c409
If devstack is deployed in the VM with defined
public IP address (like 192.168.10.6) it is not possible to
access the Horizon from the browser.
This is because DEBUG=True means that ALLOWED_HOSTS, if not set,
is equal to ['localhost', '127.0.0.1', '[::1]'] according
to Django's documentation.
Change-Id: I74ae99569dafa10eee7066713a05fb49183e3fca
Currently devstack assumes that the network used for ssh
validation is the private network. This patch adds a hook that
sets the network used for ssh validation based on whether or not
provider networking is being used. It also moves the function
'is_provider_network' into functions-common as it will now be
used by both tempest and neutron.
Change-Id: I265c9e26c9bfb18b7e201f27d8912b8bec235872
We should be using $VOLUME_GROUP_NAME instead since Icehouse.
$VOLUME_GROUP_NAME has been introduced in
I93b8ef32832269d730c76a6dc24ddb4f20c6d9df and $VOLUME_GROUP is nowadays
only use as a fallback to $VOLUME_GROUP_NAME.
As a code comment in lib/lvm says it we kept the $VOLUME_GROUP around as
"for compatibility with icehouse-generation Grenade". Icehouse is long
gone so now seems a good time to remove any usage of $VOLUME_GROUP.
Change-Id: Id3051b5a196c45266c39fde4f08401aaacf0f6bd
When using zypper remove, include the -y option to avoid stack.sh from
hanging waiting for user confirmation. Due to output buffering, the
script could hang before giving the user the prompt to enter Y to
continue, making it unclear why the script was hanging.
Change-Id: I5ea761e5ae0829439953c385f8e7d0546acba886
Closes-Bug: 1642736
Swift port base was changed in Ifd95b99004aead5ddc8ae1a8dd3ccd9c4f2abe91
but we forgot to update the rsyncd.conf. This patch update the rsyncd.conf
file.
Change-Id: Id457c047c672a810c4c0c7721b6beeb01b719879
When using the enable_plugin command and grenade jobs it can be
easy to enable the same plugin twice, as the grenade job has a
registration section and the configuration in project-config can also
enable it due to code-reuse in project-config.
If a plugin is enabled twice it will likely fail, though it won't be
obvious that it was due to the plugin being enabled multiple times.
This change makes it so if it sees the same plugin name is enabled
more than once it will die and an error message outputted.
Change-Id: I9f1d7e58b861b04473b6a57c9ad404203fb7277a
The switch to using subnetpools caused quite a bit of confusion
because it didn't respect the value of FIXED_RANGE. This caused
conflicts in the gate with it's default IPv4 value of 10.0.0.0/8.
This patch does a few things to address the issue:
* It introduces the IPV4_ADDRS_SAFE_TO_USE and IPV6_ADDRS_SAFE_TO_USE
values and adjusts all of the FIXED_RANGE and SUBNETPOOL_PREFIX values
to dervive from them by default.
* This addresses the concern that was raised about implying that
SUBNETPOOL_PREFIX and FIXED_RANGE are equivalent when setting
SUBNETPOOL_PREFIX=FIXED_RANGE by default. Now we have a new value
for the operator specify a chunk of addresses that are safe to
use for private networks without implementation implications.
* Backwards compatibility is maintained by alloing users to override
override all of these values.
* The default for IPV4_ADDRS_SAFE_TO_USE uses /22 instead of /24
* Because we want to be able to use subnetpools for auto allocated
topologies and we want to be able to have a large chunk of
instances on each network, we needed a little more breathing room
in the default v4 network size.
* SUBNET_POOL_SIZE_V4 default is changed from 24 to 26
* In conjuction with this change and the one above, the default
subnetpool will support up to 16 64-address allocations.
* This should be enough to cover any regular gate scenarios.
* If someone wants a bigger/smaller subnet, they can ask for that
in the API request, change this value themselves, or use a different
network entirely.
* FIXED_RANGE_V6 defaults to a max prefix of /64 from IPV6_ADDRS_SAFE_TO_USE
* This avoids the private subnet in the non-subnetpool case from being
larger than /64 to avoid issues identified in rfc 7421.
* Users can still explicitly set this value to whatever they want.
This 'max' behavior is only for the default.
* This allows IPV6_ADDRS_SAFE_TO_USE to default to a /56, which leaves
tons of room for v6 subnetpools.
Closes-Bug: #1629133
Change-Id: I7b32804d47bec743c0b13e434e6a7958728896ea
This removes the logic to add a route pointing to the IPv4
tenant private network range since the router is performing
SNAT. If reaching the IPs via the route worked at all, it was
by accident since this behavior is certainly not guaranteed
by Neutron.
Change-Id: If45e3fc15c050cfbac11b57c1eaf137dd7ed816f
XenAPI requires two instances of L2Agent: the standard one manages OVS
bridges in DomU and the service name is called as q-agt in Devstack;
the other new L2Agent manages OVS bridges in Dom0 and the service name
is called as q-domuA. In order to support the new agent q-domuA, it
requires some XenAPI-specific configurations. But unfortunately those
XenAPI-specific configurations were configured in the standard agent
file, meaning other changes made to the standard agent file would not
have the correct effect. So it has caused issues, for example, floating
IP addresses are not reachable.
This fix is to move the XenAPI-specific configurations from the stardard
agent configuration file to the XenAPI-specific agent configuration file
so that it won't impact the standard agent's behavior.
Change-Id: I45944e84a1f81d016aa00da6d782801ee8457ea4
Currently the x509 certificate setup is done after all the
openstack services have been deployed. This is OK because
none of the services require that the x509 certs exist
when they are being deployed. With the integration of TLS
into the nova novnc proxy (and later spice & serial proxy)
service, x509 certs will need to exist before Nova is
deployed.
The CA setup must thus be moved earlier in the devstack
deployment flow, prior to the setup of any services. One
part of the CA setup, however, fixes up the global cert
bundle locations and this can only be done after the
python requests module is install, thus must remain in
its current location.
Change-Id: Idcd264fb73bb88dc2f4280c53c013dfe4364afff
This removes all of the heat code from the devstack tree, in favor of the
devstack plugin in Heat's tree.
Depends-On: I4bed1e5cef5afa7b049b07640086a86a3f881e13
Depends-On: Ic392bcc24bc374ee8511a94f1d8f6ac23131c7e3
Change-Id: I5b60422bf1f5fa78aa8f3383f7a222e0356d9e42
The deprecated AMI image file opts will be removed soon.
See https://review.openstack.org/#/c/338377.
So we can't use the fallback mechanism anymore. This patch is to
specify the correct image parameters for XenServer.
Change-Id: Ic287a3ed1725c42ea29022158bc9720c9a96533f
Previously the usage of neutron debug ports was removed by
5e01c47e4d but there was still call to
teardown_neutron_debug. Recently a change to devstack-gate
1d6cc0771a3399300117f488e9d71e7ea46a4d82 caused that call to be
triggered and breaking the gate-devstack-dsvm-updown job.
This patch deletes the call and comments regarding setup_neutron_debug
and teardown_neutron_debug.
Change-Id: Ifdacb0cec1307db469bd66f551474539184cf2cd
Besides updating to OSC CLI, this patch also fixes an argument name typo
present before in 'nova keypair-add' (--pub_key should be --pub-key).
Specifying $OS_PROJECT_NAME in case user is associated to multiple
projects containing security groups with same name (e.g. 'default').
Change-Id: I776f6edfc4c6c798a39d3260827a18c695f05c87
Nova is going to land a database migration in Ocata
under change I72fb724dc13e1a5f4e97c58915b538ba761c582d
which enforces that at least the simple cells v2 setup
is performed, which creates the cell mappings, cell0 and
host mappings. Before we can land that change in Nova
we have to make cells v2 setup a default in the integrated
gate jobs.
Depends-On: Ie44e615384df464516aa30b9044b5e54b7d995bb
Change-Id: If1af9c478e8ea2420f2523a9bb8b70fafddc86b7
The neutron client is going to be deprecated during the
Ocata timeframe, so it is time to start switching to the
openstack client to invoke networking commands.
use of neutron client in neutron-legacy has been left as is.
The command for setting the router gateway is left as follow up.
Change-Id: I0a63e03d7d4a08ad6c27f2729fc298322baab397
When using neutron network under xenserver, we must enable linux bridge
in Dom0 as neutron will use linux bridge qbr in compute node for
security group. But by default XenServer use openvswitch and disabled
linux bridge. This patch is to remove this restriction.
Change-Id: I0e8124ff2323810fdc46c717a750ce7e8f4aa0c6
The initial start of the neutron OVS agent always prints
a warning:
WARNING stevedore.named [] Could not load
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
There's an alias for that in setup.cfg called
iptables_hybrid that would avoid it.
Change-Id: I3f5bf782f4f27dc123e462e494741a8a941641ec
This patch sets Keystone v3 as default in services
configuration files and in the openrc and stackrc scripts.
Change-Id: I24546f02067ea23d088d383b85e3a78d7b43f166
Partially-Implements: bp keystonev3
When using XenServer, it will create two neutron-openvswitch-agent
q-agt and q-domua even it's single box environment, but it didn't
stop the q-domua, this patch is to stop q-domua in unstack.sh
Change-Id: I511ed534bfb7d5fe6136f6a0b33f1d749d30862c
Closes-Bug: #1631721
This commit removes some config values for tempest that no
longer exist in tempest/config.py therefore are no longer needed
in tempest.conf.
Change-Id: I5778973012e57e8d9df9bf864590f8ed7fe05561
Sets the port_security feature flag in tempest.conf
if the port_security extension is enabled, which it's not
by default in neutron but is set by default in devstack.
This adds global variable for setting the port_security
extension in ml2.conf and in tempest.conf so we only have
to set this in one place.
Depends-On: I1efd5c838aa0d73cc6e8864e3041eea25850198d
Change-Id: I6334b200e42edd785f74cfb41520627393039619
Related-Bug: #1624082
this is the first patch in a series to actually make fernet the default
token provider in keystone. the patches for grenade, release notes, and
actually switching the value in keystone all depend on this patch first.
reasons for switching over:
- fernet tokens are the recommended token provider
- the install guide for newton recommends deployers use fernet tokens [0]
- we previously attempted this switch but ran into timing issues [1],
the timing issues have been resolved [2]
[0] http://docs.openstack.org/newton/install-guide-ubuntu/keystone-install.html
[1] 153db26970
[2] https://review.openstack.org/#/q/topic:make-fernet-default
Change-Id: I3b819ae8d2924f3bece03902e05d1a8c5e5923f1
The devstack ldap configuration for keystone is still using some
old options that are no longer valid. The write support is
being removed this release. And in previous releases, the ldap
assignment driver support was removed and was not removed here.
Change-Id: I538626b681eaee6a7ac10dfbc29605b73fbe13bf
To avoid it being created multiple times for multinode setup.
Note: This reverts "Enable neutron to work in a multi node setup"
(commit 88f8558d87) partly and fixes
the issue differently.
The configuration in question uses the new lib/neutron. (not neutron-legacy)
In that case, calling create_neutron_initial_network from stack.sh directly
is a wrong way, as create_neutron_initial_network is sourced by
neutron-legacy. The new neutron code should not rely on the legacy one.
Closes-Bug: #1613069
Change-Id: I868afeb065d80d8ccd57630b90658e330ab94251
Q_ variables belong to neutron-legacy.
These are True by default in neutron.
Remove them in favor of post-config meta section.
Change-Id: If691a79b09003f85a07c9f33e0379a2b21e48141
Until the policy changes land for Nova, Glance, etc, this
value is not used. Additionally, by having it set, it actually
makes it hard/impossible for the required changes to land in
the other services. Disable/comment out the changes in the
Keystone specific lib file for now, and we will re-enable once
the Services can make use of them.
Change-Id: Ia1de9083c21107dac2f0abb56bda166bdb37a69d
The ceph cinder backend script was setting the wrong
config option in cinder.conf for the secret uuid. This
was being masked by a bug in nova which is failing on
this bug when trying to fix the nova bug...right. It
makes sense.
See:
http://docs.ceph.com/docs/master/rbd/rbd-openstack/#configuring-cinder
Change-Id: I4655cae3212d589177d2570403b563a83aad529a
Closes-Bug: #1635488
It's not used, and a recent change to trim down projects lists in
devstack-gate broke devstack in the gate that enabled heat.
Change-Id: I405423bdc9ba8dd9b30fce6fdceacccf662d5da3
Ubuntu wily support is EOL so lets make room for yakkety.
Change-Id: Ib13d43f6d89bdf7c684cd34655a077a13e237be3
Signed-off-by: Chuck Short <chuck.short@canonical.com>
This reverts commit 6930ba312f.
By reverting this patch we are no longer using the bandaid fix mentioned
in the code. The latest openstackclient release (3.3.0) fixes the bug.
Related-Bug: 1619274
Change-Id: I20e3c5a92b97bf46c8d2318cd37044f0f36e1745
We should not require any special role for heat
since very long time.
We should use the same roles as with the primary user.
Change-Id: Id9150f94c30505ed0da33b8fbc2a5a7bd4fcf5d0
When tls is enabled, we aren't bringing the logs to the forefront,
which makes it hard to debug when things go wrong. This does that.
Change-Id: I7c6c7e324e16da6b9bfa44f4bad17401ca4ed7e3
The prior art on other options in the same document seemed to be
calling out the default in a pre-formatted block after describing the
possible values.
I believe the default value for the option was first changed [1], then
the docs were fixed [2], then the information was unintentionally
dropped from the docs [3].
1. Related-Change: If0e0b818355e4cb1338f7fa72af5e81e24361574
2. Related-Change: Ib6603b4f6ea0b4079f9a4ea46e723ecbb2ea371d
3. Related-Change: Iddd27cb54f1d9f062b9c47ff9ad6a2bef3650d6b
Change-Id: I662403db3b08a351a680587440ad1f15a6f8ee5d
doing a clean.sh / stack.sh cycle with USE_SSL=True was failing
because we were no longer cleaning up the keystone site fully, so some
of the early mod_ssl queries hit an invalid apache configuration.
Change-Id: Ic6f3f601e532ec50c0234d928c25b378d9e95e32
This fix replaces Q_USE_PROVIDERNET_FOR_PUBLIC with
Q_USE_PROVIDER_NETWORKING in the error messages introduced by
[1].
The error is thrown when provider networking with IPv6 has been
requested via local.conf, but no provider IPv6 range or provider
IPv6 gateway is provided. But if a provider network should be used
over the private network is determined along the variable
Q_USE_PROVIDER_NETWORKING and not Q_USE_PROVIDERNET_FOR_PUBLIC.
The variable Q_USE_PROVIDERNET_FOR_PUBLIC determines if a provider
network should be used as public network. This happens a few lines
later in the code and is not related to those error messages.
[1] https://review.openstack.org/#/c/326638/1/lib/neutron_plugins/
services/l3
Change-Id: I50aa1e9d2027eef598c95404851e51c31a397fbb
This creates log files per proxy vhost and sets the log level to info to
help debug potential issues with tls proxying.
Change-Id: I02a62224662b021b35c293909ba045b4b74e1df8
If DLM is enabled, cinder should be configured to use the correct
backend url for the dlm.
At the moment only zookeeper is supported, as it is the only backend
currently supported in devstack.
Change-Id: I7afc8dc95bc5b3f11b888e10607615c1212c45f4
As long as nova already supports an Identity v3 auth flow when talking
to ironic (Id837d26bb21c158de0504627e488c0692aef1e24), make it use
v3 by default.
This way we don't fail in a keystone v3-only situation, for
example.
Change-Id: I028dfb52108d0630f47a53f8b420b70d4979eb55
Some of the clouds used for CI use the 10.2xx.0.0/16 range
for VMs, and collide with the wider 10.0.0.0/8.
This setting allows for creation of 256 subnets out of the pool.
Change-Id: I48c86f94098f1501f0e7f90a265dda7e81440eb0
Closes-Bug: 1629133
Added an option to make subnetpools to be optional
as it ignores the public network specified in
FIXED_RANGE.
DocImpact
Change-Id: Ic89ceca76afda67da5545111972c3348011f294f
Closes-Bug: #1628267
With the plan [1] to stop enabling it by Neutron iptables firewall
driver itself, deployment tools should catch up and enable the firewall
themselves.
This is needed for distributions that decided to disable the kernel
firewall by default (upstream kernel has it enabled). This is also
needed for distributions that ship newer kernels but don't load the
br_netfilter module before starting nova-network or Neutron iptables
firewall driver. In the latter case, firewall may not work, depending on
the order of operations executed by the driver.
To isolate devstack setups from the difference in distribution
kernel configuration and version, the following steps are done:
- we load bridge kernel module, and br_netfilter if present, to get
access to sysctl knobs controlling the firewall;
- once knobs are available, we unconditionally set them to 1, to make
sure the firewall is in effect.
More details at:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf
[1] I9137ea017624ac92a05f73863b77f9ee4681bbe7
Change-Id: Id6bfd9595f0772a63d1096ef83ebbb6cd630fafd
Related-Bug: #1622914
Nova ships with an empty policy.json file which it does not need.
oslo.policy previously required the empty file to be there but as of
version 1.14.0 it is possible to run with no policy file at all. Since
there are no policies defined in the sample file let's no install it.
Change-Id: I85a251376dfe38caa4b100861bf764014a98bc37
Depends-On: I09fa842ffbe75bed269cef6edc9c82d18bfe9297
When dots are used with sysctl, they are reinterpreted as slashes.
Route devices can have dots in their names, so when they are used in a
sysctl command that also uses dots, its dot will be replaced with a
slash, causing an error.
Change-Id: Ie32126a3aa8d646568d7d37ec4874419b9658935
Closes-Bug: #1627770
The motivation is to make it more friendly with lib/neutron.
ie. independent from lib/neutron-legacy
Change-Id: I19821b009cbf1bc715a6c7b2854e4c77d2041ec4
urllib3 1.18 was released today and contains new more correct hostname
matching that takes into account the ipAddress portion of a certificate
and disallows matching an IP Address against a DNS hostname.
Change-Id: I37d247b68911dc85f55adec6a7952ed321c1b1d8
The /identity_admin endpoint is the port 80/443 equivalent of the
service that typically runs on port 35357. In v2 some operations must be
performed on the admin endpoint whereas on v3 the services on 5000 and
35357 are exactly the same. This would be why the service was mounted at
/identity_v2_admin however that is misleading because both the v2 and v3
services are present on that endpoint.
This is particularly confusing because we set this as the OS_AUTH_URL
endpoint and it makes it seem like we are doing v2 authentication when
we are not.
Change-Id: If73735026079fb19ca5bd44b3a4dc1f507b5c99d
With [1] glance_store introduced default settings for user_domain_id and
project_domain_id. Sadly since these are always passed to the keystone
client, they override any settings to user_domain_name and
project_domain_name that are made in the config, leading to authentication
failures.
So as a workaround until [2] is fixed, we explicitly place the corresponding
domain_ids into the config.
[1] https://review.openstack.org/297665
[2] https://bugs.launchpad.net/tempest/+bug/1620999
Change-Id: Ica81a1a176614392291f2db4cc6398ed30663aed
To support multinode testing where we just copy the CA to all the
instances don't remake the CA if it already exists.
The end result is that you can trusty a single chain and all your
clients will be happy regardless of which host they are talking to.
Change-Id: I90892e6828a59fa37af717361a2f1eed15a87ae4
TIL:
Similarly, all the END rules are merged, and executed when all the
input is exhausted (or when an exit statement is executed).
i.e. matching YUM_FAILED calls "exit", which falls through to the END
rules which calls "exit result" ... which is zero. i.e. if the return
code is 1 then we actually hide that and return with zero.
This is rather annoying because errors that should halt to alert us of
a package install failure pass through, only for you to have to debug
much later on seemingly unrelated problems.
This always sets "result" and thus should be returning the right
thing. I've updated the documentation to hopefully make it clearer
what's going on.
Change-Id: Ia15b7dc55efb8d3e3e945241b67a468b8a914672
In Debian jessie and later release,there is no packages
called "qemu-kvm" for AArch64. Also modify the libguestfs0
packages for AArch64
Closes-bug: #1612182
Change-Id: I5eb6bd137896eb9abfc4f8dbb41b41105e4820cd
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
Instead of only using the userrc_early when keystone
is an enabled service we will do it on all runs of
stack.sh. This way services can be split up more
across devstack nodes, and you can do configuration
requiring credentials on nodes that don't install
keystone.
Change-Id: I74574ae9f45a74bcbcc8e3149228ecb795ab4fb7
Stud is now abandonware (see https://github.com/bumptech/stud) and is
not packaged in xenial. Lets use Apache for SSL termination since its
there already.
Change-Id: Ifcba410f5969521e8b3d30f02795541c1661f83a
The flag ENABLE_DEBUG_LOG_LEVEL indicates if this should be
set or not.
This will now be supported in Neutron.
Change-Id: I3afe0546b379873247fee1ef9f4cc2708a7b5713
Some systems may have more than one default route.
Set up iptables NAT rules on all v4 default route devices.
Accept RAs on all v6 default route devices.
Closes-Bug: #1624773
Change-Id: If58509297497ea33c6c156f083a4394000bd0561
The use_usb_tablet option is replaced by the pointer_model
option.
Depends-On: Id18b5503799922e4096bde296a9e7bb4f2a994aa
Change-Id: Ic2a49f88df988c6404c1c72e9ee28a487e4f7908
There is a bit of a weird history here, but the net is we're not
installing python-guestfs when ENABLE_FILE_INJECTION is set, which
it is in the gate-tempest-dsvm-neutron-full-ssh job, which makes
file injection (personality) tests fail.
The history:
Commit 0ae942b41c moved installing
python-guestfs to the hypervisor-libvirt file and it was conditional
on a flag to enable file injection and the backing distro.
Commit a3c94468ba removed the ability
to configure nova for file injection, which never made any Tempest
tests fail because we didn't have a job that tested file injection
with ssh, which is what gate-tempest-dsvm-neutron-full-ssh does.
Commit 6d3670a652 added the ability
back to enable file injection and the gate-tempest-dsvm-neutron-full-ssh
job uses it, but missed added the condition back in from 0ae942b41
which installed the python-guestfs package. This change adds that
back in.
Change-Id: I1c1ef093b70007100646c086dc5724cd64751d00
Closes-Bug: #1622649
A couple of hundred of these were added with
Ia02f4e1819ac47b12b4ce4381e04253eb26e9f70 and you can see in some of
the proposals at I21fd2b3866efe66dd1f7173003c2521688aa7fd6 they're
starting to match. Just ignore packaging repos as they're not really
relevant for the purposes of plugin list.
Change-Id: Iaf9e0c0fb672a70c3aee1bbcf587bb0d387e5945
Configure the linux bridge physical interface to use the interface for
the default route on the current host. In the future we should consider
using a dangling interface so that we aren't affecting the host
instances networking but this roughly matches what testing has been
using in the past.
Change-Id: I7859437f97e6cab929e90208fe56f7efd62dfe01
Ubuntu's LVM packaging does not support thin provisioning by
default:
/usr/sbin/thin_check: execvp failed: No such file or directory
This is fixed with install of thin-provisioning-tools.
Change-Id: I31f572934ea94cae6e2aea27a2c731ee5bca68d3
Closes-Bug: #1615134
The default get_pip url regulary times out when starting devstack
from behind company firewalls. Making this a configureable variable,
user can make use of internal git-pip.py mirrors without modifying
any code.
Change-Id: I66a5534d51ab23a4d8586c27d37b4b6b8a6892c9
This patch setup cellsv2 for Nova after plugin initialization phase.
Since this requires compute hosts to be started, we need to do it
after we have initialized all other plugins. Things like ironic
aren't setup when we were running this as part of nova setup, and
thus this command can fail.
When cellsv1 is used (n-cell is enabled) skip calling
cells_v2 simple_cell_setup, which will never have hosts
at the top level and which will always fail.
Change-Id: Ic7d0115da51d6ea17ee49071af259a7789c62ab9
Depends-On: I9bbaa4c92503222c9fd015fe075926b50f3dcc8c
In some initialization conditions (having never ran stack.sh) the
result of unstack.sh is dependent on if the user had previously
installed lvm2 or disabled the cinder service.
This change makes all results the same with a bit of LBYL.
There's also a drive-by to put a comment back where it belongs after
being accidentally moved in the related change.
Related-Change: I09b1a7bee0785e5e1bb7dc96158a654bd3f15c83
Change-Id: I9a7e052677d60cbbbdd582877f3c6c48c387f668
Closes-Bug: #1619195
Catalog caching was disabled due to bug 1537617, but this has been
fixed for some time. Re-enabling to get some performance back.
Change-Id: Ic0edf5c70a5040edf3393dbd1e110ab5fb56c110
Related-Bug: 1537617
Keystone had a problem where there was a memcached socket
opened very early on startup which then got shared between
worker processes when running under uwsgi. This can be
prevented by setting lazy-apps so this is the recommended
setting.
See http://uwsgi-docs.readthedocs.io/en/latest/ThingsToKnow.html
"""uWSGI tries to (ab)use the Copy On Write semantics of the
fork() call whenever possible. By default it will fork after
having loaded your applications to share as much of their
memory as possible. If this behavior is undesirable for some
reason, use the lazy-apps option. This will instruct uWSGI to
load the applications after each worker’s fork(). Beware as
there is an older options named lazy that is way more invasive
and highly discouraged (it is still here only for backward
compatibility) """
Change-Id: I6f271dc906528f0c86060452deaf15df81b267d2
Related-Bug: 1600394
This moves setting of RABBIT_USERID from stack.sh to lib/rpc_backend
so it may be used in grenade runs, which don't have the defaulted
value from stack.sh. The RABBIT_USERID is needed in order to call
get_transport_url in lib/rpc_backend.
Change-Id: I6f211e9102f79418f9f94a15784f91c4150ab8a7
As part of Nova cellsv2 there is now a third database that must be setup
for use by Nova. This database is an exact copy of the 'nova' database.
Only do this if NOVA_CONFIGURE_CELLSV2 is overridden.
Change-Id: I8775b8066ba85fbdbcdfb42c28cb567fc7759fe5
If we left the ansi color codes in apache logs, we can run a sed
script to convert the escaped escapes back to ansi escapes which make
the logs colorized again.
There are 8 \ because we need to end up with 2 in the final sed, and
we get interopolated twice. How much fun is escape interpolation? All
the fun.
Change-Id: Id8531cf03ba80f0df62f20add02e757bd63d4f2d
We should use the standard install nova-placement-api script which is
managed by the python package instead of a one off copy procedure.
Depends-On: I00d032554de273d7493cfb467f81687c08fd5389
Change-Id: I74b39d6a0cedea7c18ce8080dcddb43d13df1de8
After I00847bb6733febf105855ae6fc577a7c904ec4b4, we cannot see the
test result (testr_result.html) on gate jobs.
So let's revert the patch for verifying the test result on the gate.
Change-Id: I9db1ff9f43b22d1634a43c7d5e502cc205aa26f2
Closes-Bug: #1617476
Fix the comment to actually be a comment. Regenerate page.
Although we've got a pretty cool system for generating this, I wonder
if anyone actually looks at it? Maybe it's just helpful as a form of
SEO.
Change-Id: I15aaa983716f9ee897293c2954ca7ae561951372
All jobs using ceph as a storage backend have been moved over
to using the devstack-plugin-ceph repo in project-config so we
should be safe to remove the now unused lib/ceph file.
The files are left in place because the devstack plugin does not
install xfsprogs but it's used by the create_disk function.
And the ceph cinder backend file is left in place since the
devstack-plugin-ceph repo uses that by setting
CINDER_ENABLED_BACKENDS=${CINDER_ENABLED_BACKENDS:-ceph}.
Change-Id: I3fb09fc92bc6ab614e86d701ea46d5741a76b7a8
When the loop device is not present because something
has gone wrong, this will print an error:
"losetup: option requires an argument -- 'd'"
Just skip the losetup -d in this case.
Change-Id: Iedc439b1ae924e9a599f6522eb081b83d43190c7
Uses lib/placement, but relies on some functionality from
lib/nova. This leads to some weirdness since the nova has
special status in stack.sh. If/when placement is extracted
it may be good to follow the devstack plugin structure
instead.
Because the placement code is currently a part of nova, there
are dependencies in lib/placement on a some $NOVA_* variable
and, if virtenv is being used, the virtualenv used by nova.
Because placement currently runs using nova's configuration
settings, not a lot actually happens in lib/placement: apache
is configured and keystone accounts and endpoints are created.
If PLACEMENT_DB_ENABLED is true then a separate placement db
will be configured.
When complete the initial version of the placement service will
provide support for managing resource providers, inventories and
allocations.
The placement api only runs under mod-wsgi.
Change-Id: I53dd3e6b41de17387a0e179fc9ac64c143b6a9eb
Neutron openvswitch agent running in compute node will control the
actual connection of the VMs in Dom0 via conntrack-tools, but Dom0
doesn't install conntrack-tools RPM by default.
This patch is to add such support with XenServer 7.0 and above.
Change-Id: Iec56db761015d4b7baa5a5f54314f4ff3fa67e02
Ensure the virtlogd service is started, to work-around various
platform issues where it isn't started correctly.
Closes-Bug: #1603009
Change-Id: I548b377df6b2f0c287429e4387ee33184a82a64d
With the addition of encrypted credential in keystone, we need to be able to
add setup steps in devstack to configure the credential repository with
encryption keys.
Depends-On: I97e7701bc5b8765d207cc721793643bcefa2d4e2
Depends-On: Id3e8922adc154cfec5f7a36613e22eb0b49eeffe
Change-Id: I433da9a257daa21ec3b5996b2bca571211f1fbba
p-c patches have merged, neutron-lbaas removal is in the merge queue.
This reverts commit b3f26cb66c.
Depends-On: I506949e75bc62681412358ba689cb07b16311b68
Change-Id: I98d62c13ef90b20a9c67ef4f1720efcaa366fb31
Because neutron sets ipv6 forwarding settings, we stop accepting RAs
from IPv6-only host environments. This leads to a loss of external
connectivity, which is bad for zuul running tests and stuff.
Setting accept_ra to 2 will cause the RAs to be accepted.
Change-Id: Ia044fff2a1731ab6c04f82aea47096b425e0c0a0
On the controller node where devstack is being run should create
the neutron network. The compute node should not.
The the case that we want to run a multi-node neutron setup we need
to configure the following (in the case that a plugin does not
have any agents running on the compute node):
ENABLED_SERVICES=n-cpu,neutron
In addition to this the code did not enable decomposed plugins to
configure their nova configurations if necessary.
This patch ensure that the multi-node support works.
Change-Id: I8e80edd453a1106ca666d6c531b2433be631bce4
Closes-bug: #1613069
Removing the explicit enablment of Neutron services, as with [1] they are configured as defaults in stackrc.
[1] https://review.openstack.org/#/c/350750/
Change-Id: Ic8910cd28fe37842f7d824e68bd2ea705e7e52de
By default, FIXED_RANGE and NETWORK_GATEWAY (and the
IPv6 equivalents) are in the same subnet. But if
FIXED_RANGE is over-ridden in local.conf we could
create a subnet with an invalid gateway address.
Since neutron will pick the lowest host IP as the
gateway by default, do not specify them unless the
user has specifically set them.
Do this for both the private and public subnets, as
well as the public IPv4 subnet.
Change-Id: Ifc71400a3af1f131bb8a9722188e13de5bd3c806
We really should be using the metadata server more in our normal
testing, this changes the default to use it.
Change-Id: I8ef14e6110da1160163c0106e32032d27226f929
memcache_pool is there to keep a limited number of thread-associated
connections open rather than a connection for every thread. If you
don't have a huge number of threads it doesn't offer anything.
Keystone is an example of a service where memcache_pool doesn't
improve things -- eventlet isn't supported anymore and more threads
is not useful due to GIL.
As such, keystone cache backend is changed to dogpile.cache.memcached.
See https://review.openstack.org/357407 for the oslo.cache help text
change.
Change-Id: I4452a8c4968073cdea4c0f384453a5a28519fa08
CEPH_CONF does not exist anymore, resulting both cinder-volume and
cinder-backup being configured with an empty rbd_ceph_conf option.
Using CEPH_CONF_FILE to fix this.
Change-Id: I1aa590aba900a4a94698917e45a0ea5c6f497f18
Signed-off-by: Sébastien Han <seb@redhat.com>
The plugin creates subnetpools but does not use them when creating the
default subnets. It uses CIDR values that overlap with the
default pools. Change this to use the subnetpools.
Change-Id: I6171c13507e420f146801d323cb1011be36c1e8c
Closes-bug: 1613717
'quota_injected_file_path_bytes' has been renamed to
'quota_injected_file_path_length' long time ago, this patch fixes this
issue in devstack.
Change-Id: I5d3c52c5ded5321435d2d395b682c4c0725279a7
Since support for sections was added to devstack local.conf parsing
we don't need this, and actually prefer just using the
sections in local.conf.
Change-Id: I5908fdf7ad127997bb1f4a6bbb16d0d8cf073ddd
Change the order of variable declarations in stackrc so that setting
custom DEST in local.conf is also affecting DATA_DIR, SERVICE_DIR and
SUBUNIT_OUTPUT.
Change-Id: I00847bb6733febf105855ae6fc577a7c904ec4b4
Closes-Bug: #1285720
There is no longer a trace of these options anywhere in the
Neutron codebase. These can be safely removed.
Change-Id: Ibf00e158248e2a20248917c8cfc0011d30da6a82
There is currently a hole in our testing that lets os-client-config,
which sits at the bottom of the dependency chain for some key pieces
like neutronclient and python-openstackclient, introduce gate breakages.
Step one in fixing this is allowing os-client-config to be optionally
installed from source so that jobs can be put into its gate to exercise
its master vs devstack installs.
Additionally, osc-lib is a new and lovely library that's going to need
the same things.
We're putting both in install_oslo, even though they're not oslo
libraries, because that'll make grenade work properly.
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
Change-Id: I747480b6063a62e82ca2b030f274d3e87bf28b3b
Run "nova-manage cell_v2 simple_cell_setup --transport_url ..." after
Nova is started. This will add all compute hosts into a new cell, and
setup a db for cell0.
Change-Id: I50a955b97d0e18426406c15397bdfbc9e807d908
Depends-On: I559f9c87e89926414b368cac9442dec4eadcb89b
This explains the current state of networking in devstack, and a
couple of scenarios that people might want to try out for local
testing.
Change-Id: I2be35f4345bf9306c981ef6f0186b48da7d06772
It turns out we never really had a document on how to work with
devstack in the devstack docs. At one point this was just cultural
knowledge passed down, but with the size of our community, we can't
rely on that any more.
Change-Id: I28f896ea507ccbba5164ebfc5415d22207f52e98
This config option is requied in order for nova notificaions to
function, and enabling it doesn't cause any harm (there is another
option for turning notifications on).
Change-Id: I309af6cc43af485f795c368d304ebe71fceb1a03
This value defaults to something not (necessarily) in our fixed range,
which will cause spurious test behavior. We know the value for this, so
just configure it properly.
Change-Id: I0ee3b71f509377dc7174ce97575e60ee2095f893
Before the code in the extra.d plugins was removed from the devstack
tree they could define the order they ran. When this code is decomposed
into a plugin, there is still a need to do some form of ordering. This
caused problems with the Ironic devstack plugin and Tempest because the
code is run in this order:
1. The tempest configuration is run from extra.d, processing
DEFAULT_INSTANCE_TYPE, and writing the flavor_ref to tempest.conf
2. The Ironic devstack plugin is run, creating the flavor needed for
DEFAULT_INSTANCE_TYPE
This leads to build failures as tempest can not find the required
flavor, so it writes which ever flavor it can find at the time into
flavor_ref. Ironic now has code it its devstack plugin duplicated from
the tempest plugin to work around this problem until this is merged.
This patch fixes this by using the test-config phase to move the tempest
plugin as late as possible in the devstack process.
Change-Id: I3d98692e69d94756e0034c83a247e05d85177f02
This enables a new test in Tempest to run on a per-branch
basis since by default it's disabled because it won't pass
on liberty given the bug fix isn't in liberty and won't be
backported there.
Depends-On: I20b8d5d2a300c83a59bdb33374fc20447ce2ede3
Change-Id: I18fd5e0978795fec39a763e1e0f07d758905b9b8
Related-Bug: #1175464
We don't run q-metering in default single host configuration, so we
should make it so that tempest won't attempt to test for it either.
Change-Id: I928be70e3b10fc3753fd1081631e54fa839b671d
===Set bridge_mappings for linux bridge===
The external network physnet needs a bridge_mapping to the public
bridge when the L2 agent is responsible for wiring.
===Add PUBLIC_PHYSICAL_NETWORK to flat_networks===
This network must be present in the ML2 flat_networks config if
flat_networks is specified.
===Set ext_gw_interface to PUBLIC_BRIDGE in provider net case===
ext_gw_interface must be a bridge in a bridge_mapping when
Q_USE_PROVIDERNET_FOR_PUBLIC is used.
Closes-Bug: #1605423
Change-Id: I95d63f8dfd21499c599d425678bf5327b599efcc
The devstack docs have gotten a bit meandering so even the quick start
guide doesn't get you to a working setup without referencing other
pages. This attempts to pull this back in a bit.
Change-Id: I608331cbdae9cbe4f3e8bd3814415af0390a54d0
A change was made to tempest.conf for volume multibackend. Previously,
tempest used the following, with a limit of 2 backends:
backend1_name = BACKEND1
backend2_name = BACKEND2
That was changed to accomodate >2 backends. tempest.conf now uses a comma
separated list:
backend_names=BACKEND1,BACKEND2,BACKEND3
devstack/lib/cinder uses a comma separated list with "type:backend_name":
enabled_backends = lvm:BACKEND1,ceph:BACKEND2
This is in order to use scripts in devstack/lib/cinder_backends to setup
devstack basked on "type".
This patch allows parsing of the CINDER_ENABLED_BACKENDS to pass the proper
backend_name to tempest.
Change-Id: I76973c3fad4998a0f9e534fc9f6a271c1923f7b3
When running a default devstack environment, having guests that
actually can resolve DNS, so that they can do package updates from
well known hosts. This addresses a gap between nova-net and neutron
behavior in devstack.
Change-Id: I42fdc2716affd933e9158f1ef7ecb20bc664ef21
nova-net is deprecated, and it's long time to switch to neutron by
default. This patch does that, and has an auto configuration mode that
mostly just works for the basic case.
It does this by assuming that unless the user specifies an interface
for it to manage, that it will not automatically have access to a
physical interface. The floating range is put on br-ex (per normal),
fixed ranges stay on their OVS interfaces.
Because there is no dedicated interface managed by neutron, we add an
iptables rule which allows guests to route out. While somewhat
synthetic, it does provide a working out of the box developer
experience, and is not hugely more synthetic then all the other
interface / route setup we have to do for the system.
You should be able to run this with a local.conf of just
[[local|localrc]]
ADMIN_PASSWORD=pass
DATABASE_PASSWORD=pass
RABBIT_PASSWORD=pass
SERVICE_PASSWORD=pass
And get a working neutron on a single interface box
Documentation will come in subsequent patches, however getting the
code out there and getting feedback is going to help shape this
direction.
Change-Id: I185325a684372e8a2ff25eae974a9a2a2d6277e0
This reverts commit f327b1e119.
The problem being addressed in the original commit was that
rejoin-stack.sh would run with the user's locale, instead of C that
was set in stack.sh
We overlooked that this gets pulled in by openrc, so it is overriding
the user's locale when using clients, etc.
rejoin-stack.sh was removed in
I2f61bb69cc110468a91dcaa4ee7653ede7048467 so we don't have to worry
about that part. A revert to not touch the user's locale seems
appropriate.
Change-Id: I7c858bb92ce7ba5b5d323bf3ad6776100026c7a2
Closes-Bug: #1608687
This was used solely by bigswitch, and everyone else has moved over to
devstack plugins. Cleaning this out makes the core logic much simpler.
Depends-On: I8fd2ec6e651f858d0ce109fc335189796c3264b8
(grenade removal)
Change-Id: I47769fc7faae22d263ffd923165abd48f0791a2c
The horizon cleanup function wasn't being called at all during
cleanup which left the Apache configuration.
Change-Id: Iff5336d0c5e79cfc82f1c648afaabb869d86020e
Seeing a race condition where lib/neutron code tries to
set the MTU on br-ex before it exists.
Thanks to some good grepping by sdague, it appears that the difference
between lib/neutron and lib/neutron-legacy is that the initial bridge
being created is br-int while in lib/neutron the initial bridge
created is br-ex, which means there must be some kind of warm-up that
occurs between the first bridge that is created by ovs-vswitchd and the
second, and the second one created is much faster.
So instead, let's just wait for the bridge to be created successfully.
Change-Id: I271dc8b6ae5487c80d2a22153b3fc45fb247707f
In case q-fwaas is enabled. It will causes the q-l3 failed to start
because the DevStack gave a redundant --config-file option to start q-l3
This is a follow-up patch of 84409516d5
to remove fwaas from DevStack completely.
Change-Id: I630969b3556bcffba506cab02a09cc83f4430c88
Closes-Bug: #1608401
The privsep helper should have a sane default for all libraries,
pushing this into devstack means we cheat past a part of the upgrade
that we really shouldn't be.
Change-Id: I52259e2023e277e8fd62be5df4fd7f799e9b36d7
The default for GUEST_INTERFACE_DEFAULT now uses the ip command
to find an interface; so it will work on multiple distributions.
XenAPI should not be setting a specific interface here, as it will
almost always be wrong. In most cases, the calculated value for
GUEST_INTERFACE_DEFAULT will be a better default.
PUBLIC_INTERFACE_DEFAULT makes even less sense as it's often an
internal bridge for devstack scenarios.
In both cases, the right way to override these is to set
GUEST_INTERFACE / PUBLIC_INTERFACE in the localrc rather than
changing the _DEFAULT values.
Change-Id: I0cf84438d778bf1a2481328165513c59167490e2
Currentlly, the *.pyc files could not be removed in any scripts or
functions. But the redundant files would lead stack.sh not to find the
correct script for some versions after branch switched from master to
stable/mitaka in migration_helpers.sync_database_to_version.
So this commit adds the process of cleaning all the *.pyc files in
clean.sh.
It is needed to execute clean.sh before re-stack.sh to prevent the
exception.
Change-Id: I9ba0674d6b20b13c0a26b22cd5d1939daa121a94
Closes-Bug: #1599124
In the 25.0.0 release [1] of setuptools during any install
operation the package in not overwritten. If a package is
installed from another requirement via pip and then it is
installed again from git, it is not updated causing
check_libs_from_git to fail.
[1] https://setuptools.readthedocs.io/en/latest/history.html#v25-0-0
Change-Id: Ibaa1d4157816ea649f4452756fbde25951347001
Closes-Bug: #1605998
On RHEL-based systems pip and yum share the same installation
directory for virtualenv. If yum pulls in the python-virtualenv
package (e.g. due to a dependency) it will clobber what pip has
already installed. The file tools/fixup_stuff.sh tries to ensure that
the proper virtualenv package is installed via pip. If virtualenv has
already been installed via pip, then clobbered by yum, pip skips the
install since it appears as if virtualenv is already installed and at
the correct version.
The reinstall of virtualenv must use the --force-reinstall argument to
pip to fix up the damage done by yum.
Change-Id: Ib0edf6c4ee8a510e9d671213de35d787f56acfed
Closes-Bug: #1599863
Add a VirtualHost that defines the necessary options for
enabling SSL. The existing keystone Apache configuration already
does all the location handling.
Change-Id: I836a471a7258f14f051d3dd8bdb428286b5a11aa
Relying on 'external_network_bridge=br-ex' for the L3
agent has been deprecated in Neutron. This patch adjusts
the devstack defaults to setup Neutron in the preferred
manner (empty external_network_bridge value and
correct bridge_mappings for the L2 agent).
This will also help with correct MTU calculations now that
the external network will have the correct segmentation
type on it ('flat' now instead of 'vxlan' by default).
Related-Bug: #1511578
Related-Bug: #1603493
Change-Id: Id20e67aba5dfd2044b82c700f41c6e648b529430
We have new feature in cinder and new test for it.
The test is skipped by default.
Need to add flag to unskip this test on master and
Mitaka.
new test: I1964ce6e1298041f8238d76fa4b7029d2d23bbfb
Change-Id: Ib695e60c2ed7edf30c8baef9e00f0307b1156551
For AArch64, KVM don't recognize the cpu-mode "none",
so change the default cpu-mode as host-passthrough for
generating nova.conf
Change-Id: I94a22e5a15a974b9c11e9f9fd996857453b6e2ca
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
This variable can be used to accommodate for underlying infrastructure
that does not provide full 1500-sized traffic, or maybe instead gives
access to Jumbo frames.
Change-Id: I38a80bac18673a30842a7b997d0669fed5aff976
Related-Bug: #1603268
The change Ibb7423d243d57852dada0b6298463bbdfc6dc63c that introduced the
os-brick plugin introduced a flaw where the xtrace state wasn't restored
after the end of the plugin's execution. The end behavior is that devstack's
logs were with way less information, difficulting the debugging of the build.
This patch fixes the variable that was intended to hold the xtrace state (it
was using cinder's) and restoring the state at the end of the script.
Change-Id: I47c6c794a9704049b089142eca5603d1183f8a10
Replicated Yi Zhao's fix for re-adding ipv6 addresses to neutron-legacy
(review I9ff62023dbc29a88aec3c48af331c0a49a1270bb).
Previously, re-stacking failed with "File exists" for ipv6 addresses
on br-ex. With this change, the existing address is replaced on
br-ex with the appropriate address.
Change-Id: I6e6235132a34469f4e68b5bb3cf51ebdf01c83a2
Fedora 22 reaches its EOL on 19-JUL-2016[1]. Remove it as
officially supported distribution.
The current two supported Fedora distributions are Fedora 23 and Fedora
24. (Change Ia4a58de4973ef228735c48b33453a0562dc65258 already added
support for Fedora 24.)
[1] https://fedoramagazine.org/fedora-22-end-of-life-2016-july/
Change-Id: I5b4e1ddb6165a9065e80e84175246678a7356f18
This removes several config flags for Tempest
now that juno and kilo are end of life. Tempest
has already removed these flags too.
Change-Id: I748429e73073f4202f77dfe1002687f76ee9a451
This option to install os-brick from git was only added
into lib/cinder previously. When testing all-in-one nodes
this worked fine, but if you have multi-node setups with
compute nodes that don't install any c-* services we
only get packaged os-brick. With this change non-cinder
nodes can now test against unreleased os-bricks.
Change-Id: Ibb7423d243d57852dada0b6298463bbdfc6dc63c
The common code for metering calls _neutron_service_plugin_class_add,
which despite the description only just appends a service plugin to
$Q_SERVICE_PLUGIN_CLASSES - it doesn't actually write it into a
configuration file.
So for now, read out the configuration, and append metering to it, then
write it back out.
Change-Id: Ice96cca8b43dcd54f2aa81461000a4597db8260d
This is necessary to make it possible to filter out compute nodes,
which don't support such type of images.
Change-Id: I347953876e2057e6f3dca71c2f5e8b638b85aaf8
Option was deleted from Tempest config file. Also test scenario
was deleted. See commit I93b2fb33e97381f7c1e0cb1ef09ebc5c42c16ecc
Change-Id: I750e50ba7cf8fca1dde391c2620b4a815d6b02a1
Closes-Bug: #1599619
File injection is disabled by default for the libvirt
driver in nova. This adds a variable to enable file
injection for the libvirt driver and is also used
to configure tempest.conf for running personality
tests.
Change-Id: I34790fadeffd6e3fdc65bd9feed3d6e62316896c
Related-Bug: #1598581
Change 9ce99a44cf85e431227536e2251ef05b52e61524 disabled file
injection with the libvirt driver by default back in Icehouse,
so devstack doesn't need to do this explicitly anymore.
Change-Id: Id0c521f6f624367bd497463c8c2d99488548fcff
This adds a set of local.conf modifying functions which make it easier
for consuming projects like devstack-gate to programatically add
elements to local.conf structured files.
Change-Id: I3427968c2bd43aba12b3619acc27f73c74f0dabb
Co-Authored-By: fumihiko kakuma <kakuma@valinux.co.jp>
This will have devstack setup the Cinder internal tenant and generic
image-volume cache by default. If left alone it will use reasonable
defaults.
More information about configuration options and the cache can be found
here: http://docs.openstack.org/admin-guide/blockstorage_image_volume_cache.html
As part of this we switch the default lvm type to thin so it will
work more efficiently with the image cache.
Change-Id: I0b2cc261736f32d38d43c60254f0dc7225b24c01
Implements: blueprint cinder-image-volume-cache
In Aarch64, the default cdrom bus is scsi, and the default scsi
controller is virtio-scsi. The cdrom with virtio bus will not be
recognized by the instance.
Change-Id: Ib8cec79f9e9083239092fa7348793ee3b64a9c94
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
Change I4a10a49db97d413349bcfceeb8c4164936fbcc40 added colorful PS4 via
tput. However, if TERM is not set (as is the case when stacking
noninteractively), tput errors with the following:
tput: No value for $TERM and no -T specified
...twice for every log message, thus flooding the logs.
This change set turns LOG_COLOR off by default for noninteractive
execution. If LOG_COLOR is set to True when noninteractive (TERM is
unset), obviate the above errors by passing tput a simple -T.
Change-Id: I0f8ad82375cde463160bad5bd9918f1e4b19326d
Closes-Bug: 1576405
wait_for_service just checked to see if the remote service
was started, not that it was returning data. This caused
problems when the service was behind a proxy because the
proxy would respond quickly but the service may not have
fully started.
Wait for a non-503 HTTP response code and non-7 exit code
(connection error) from curl
Return an error if a successful connection cannot be made.
Change-Id: I059a12b1b920f703f28aca0e2f352714118dee97
Add support for the "geneve" ML2 plugin type driver. The
networking-ovn ML2 mechanism driver uses geneve for its
project network type. Geneve is part of core neutron but
didn't have any DevStack configuration for it. This patch
set adds the necessary options. It also removes the default
for ML2 type drivers to rely on the neutron default and
consolidates the tunnel ranges default for gre, vxlan and
geneve by using TENANT_TUNNEL_RANGES.
Change-Id: Id75651dfe57a07045a6932a0369668f33c7eef09
Partial-Bug: #1588966
The 'neutron_plugin_configure_l3_agent' function expects a path to a
configuration file as a parameter. This was not done for one call,
resulting in the generation of a 'DEFAULT' file in the DevStack
directory along with an invalid L3 configuration file. Resolve this.
Change-Id: I5781cb1ec4cfc1699e61dbc324d0bdb824b56be1
MacVTap mechanism driver and agent have been added during
Mitaka [1][2]. Now adding the related doc to run a
multinode devstack with MacVTap compute nodes.
[1] https://review.openstack.org/209538
[2] https://review.openstack.org/275306
Depends-On: I0dd4c0d34d5f1c35b397e5e392ce107fb984b0ba
Change-Id: Ie743a207a5faeab2e2a7274fda503699f3072e98
Due to the fix [1] of neutron-refactor, some flat network usages of devstack
installation start fale.
This fix enables ML2_L3_PLUGIN to be set to empty to solve the problem.
By default l3_router_plugin.L3RouterPlugin will be set to ML2_L3_PLUGIN,
and for neutron, in such of configuration, router (ASA some others) will be
set into supported_extension_aliases,
then devstack will create a router that we do not want in a flat network.
Before fix [1], we can disable q-l3 to aviod the issue.
But now we don't, and we need this fix to disable the whole L3 plugin.
[1] https://review.openstack.org/318145
Change-Id: I61a2142d5121e0af4cc6cdf50e6bceafaf791fb0
Config auth_plugin in trustee group is deprecated.
Change to use auth_type in trustee group instead.
Closes-Bug: 1592482
Change-Id: Ib90d9c0299887201b37d26254693dc6b007a41dc
CINDERCLIENT_REPO cannot refer to both python-cinderclient.git
and python-brick-cinderclient-ext.git so make sure
the overrides have different names.
Bug introduced by: I6d0f09950ea1200d3367a53aa4a3eea9be7abc66
Change-Id: I9cbbf71ba08ef5394537d7b294846faa3c5be5bd
Implements Blueprint: configure-tempest-volume-microversion
Related to: I3d9b3fe288333721bf3b2c6c988949f2f253bfcc
Change-Id: I80c6a0c46c667291c6f7fe2a036717504c110314
Tempest introduced a new ability to use domain scoped tokens for
identity v3 admin APIs. Since domain scoped tokens can be used
with the base keystone policy used in the gate, and the
pre-provisioned admin user is assigned a role on the domain, turn
the option alway on.
Change-Id: Ib1bb958eee076364b407fc03e77e6882d92147d2
Depends-on: I91ca907992428a5a14fb8d48a4fad105d2906e27
I352362cf59e492fa9f7725190f0243f2436ac347 switched this to vercmp, but
using single-quote (') will mean that the kernel version isn't
actually expanded for the comparision.
I guess, like the original change, the fact it isn't working is
hidden. Trusty seems to have 3.13 ... I can't imagine we support
anything before this ... so I'd also be happy if someone with some OVS
knowledge wants to just delete it.
(This change was originally an alternative to
I352362cf59e492fa9f7725190f0243f2436ac347 but got the quoting right)
Change-Id: I9fa514885c20b1135fb0680cf61fc04628fbecbe
Closes-Bug: #1580850
privsep will default to invoking privsep-helper directly
via sudo, which won't work for people with a locked down
sudo config. To deal with this we should explicitly
configure the os-vif plugins to use nova-rootwrap for
running privsep-helper. This change makes such a change
for the two official in-tree os-vif plugins.
Change-Id: I3d26251206a57599385f2b9f3e0ef7d91daafe35
keystone was configured to connect to memcached on the host IP
address. Unfortunately, memcached is only listening on localhost,
so this setting actually hurts performance as keystone fails to
connect to the memcached server. There's no indication of this in
the keystone logs since this is just how memcache client works
(ignoring errors).
You can verify this by
1) in /etc/memcached.conf, set -vv
2) restart memcached: service memcached restart
3) watch /var/log/memcached.log
4) There will be no output
with this change, there will be output in /var/log/memcached.log
Also the performance should be a lot better.
Change-Id: I95d798d122e2a95e27eb1d2c4e786c3cd844440b
If you are using provider networking, and have IP_VERSION set to include
IPv6 (which we do by default) - you must set the required variables.
If you do not want this behavior, set IP_VERSION=4
This arose from a third party CI system which was configured[1] to have
provider networking, but would explode when hitting the router IPv6
setup step[2] since there was no IPv6 subnet created, and IPV6_SUBNET_ID
would be empty, causing a python-neutronclient error and causing
stack.sh to exit.
[1]: http://paste.openstack.org/show/508710/
[2]: https://github.com/openstack-dev/devstack/blob/c35110e7c5c35dd1edc310dc3d0bb8693e58d336/lib/neutron_plugins/services/l3#L320
Change-Id: I267799b62284c3086ed7c3e2d8a9cbadb9ddcd60
The local.conf docs talk about phases which don't exist for config
file processing, which makes it more confusing then it needs to be.
Change-Id: If7f9255eab0535c3d57a2fd5f1bc18ba4d0801aa
To properly test the integration between Glance CORS feature and
Horizon Javascript environment uploading image files directly to Glance
(using this feature), we need to enable CORS support for Glance in
integration tests. Adding corresponding Devstack variable to configure
Glance in such a way that it accepts direct requests from Horizon
Javascript is the prerequisite step for the integration testing of this
feature.
By default Horizon and Glance are located on the same host, hence
default value cors.allowed_origin = http://$SERVICE_HOST should work.
If a more complicated setup is desired, where Horizon is located on a
different host, GLANCE_CORS_ALLOWED_ORIGIN environment variable should
be exported to Devstack.
Partially implements blueprint: horizon-glance-large-image-upload
Change-Id: I4881fb6631c2daa2ad8946210eff4bb021957374
When running tempest testcase test_minimum_basic_scenario will always fail
due to lack of configuration [scenario] img_disk_format=vhd in tempest.conf
This patchset is to add this configuration when XenServer is used.
Change-Id: I4b916200e6eefb62f148ec8b644fb23ffc7e00a6
Closes-Bug: #1589787
Currently a hardcoded value is used for the DEPLOYWAIT timeout in
tempest. The patch in review 269249 adds a config option to use
instead of this hardcoded value. This patch allows the value to be
set via the BUILD_TIMEOUT variable.
Change-Id: Id79014fd6e07f93029111f6c28e3537e2e39be9f
Related-Bug: 1526466
XenServer 7.0 has changed some iso files' name, this made devstack script
install_os_domU.sh failed to install VM before installing OpenStack. This
patch is to fix the problem, make install_os_domU.sh support 7.0 and other
prior versions of XenServer
Change-Id: I49459bfff2b101fc6927eb4578c5eb47cc8c3ad6
This change adjusts a few instances of `--config-file=foo` to
`--config-file foo` (no `=`) in order to make neutron command
lines more consistent and easier to match in sudoers/rootwrap
filters.
This is particularly useful for oslo.privsep, which needs to start a
helper command with the same `--config-file` arguments (see
Ia9675dff9232e0e987a836ecaf9e842eb5c3cb18).
Change-Id: I91fe18f66f3c3bc2ccd1ca8be91be2915ed3e3ec
I ran some tests locally that showed that when using the uwsgi
deploy the keystone server wasn't using all the processes
available. When I switched from "threads" to "processes" the
concurrent performance improved considerably. So I'm proposing
that devstack switch to processes to improve performance.
Change-Id: I8cfe9272e098e636441b7cfb51bff08d62c3336e
As part of the process of deprecating Glance's V1, the glance team would
like to start testing V2-only environments. Therefore, this change
provides a way to force other services to use V2.
Change-Id: I87e77d07964eac01e9a796817cbc88bd6e59c721
Cinder uses my_ip config option to provide iscsi_targets. It gets
defaulted to the IP of the first interface in the system, which is fine
for some cases, but for example with Vagrant first interface can be used
only to contact with host machine.
To get over it we should set my_ip to HOST_IP from local.conf and this
commit implements that.
Change-Id: I4d2960d92f388ac689dfa6b436dc8bfc1e129fbf
Closes-Bug: 1588825
Future oslo.messaging is going to deprecate usage of driver-specific
options for hosts/port/user/password options.
This change uses transport_url that exists since a while now and
works with all drivers (even devstack handles only the rabbit one).
Change-Id: I3006b96ff93a3468249177c31c359c2f9ddc5db6
For the tempest plugin install inside the tox venv to hold we need to
ensure that it's the last thing run that touches the tox venv before
devstack ends. Otherwise there is a chance we'll recreate the venv in
a later step of installing and configuring tempest. This commit
moves the plugin installation into it's own function and calls that
function as last phase of the tempest setup to make sure it runs last.
Change-Id: Ie253171537e8c5a9887cc30aba1cad4b31e57663
This plugin was using a deprecated function, vercmp_numbers(),
that wasn't actually working properly because the call to
'deprecated' at the beginning was causing garbage to be
returned to the caller. For example, this was always in
stack.sh.log when using OVS:
.../lib/neutron_plugins/ovs_base: line 57: [: too many arguments
Update to use vercmp() like all other users in devstack, and
remove all the old code.
Change-Id: I352362cf59e492fa9f7725190f0243f2436ac347
Two things:
(a) Add the log filter to capture libvirt CPU manipulation driver
related error messages when things fallout (e.g. CPU model
comparision failures during live migration).
(b) While we're at it, remove the "1:qemu_monitor" log filter, because
the existing filter "1:qemu" should take care of logging the
interactions with QEMU monitor console. This is the case since
the introduction of VIR_LOG_INIT() macro in upstream libvirt,
which performs a substring match on a given file name. (Available
from libvirt version v1.2.10 onwards).
Change-Id: I75befd52d9f892eb5a6236eee9a397fab7602ecc
Looks like f24 does not have any special change compared to the
previous release, we just need to add f24 where f23 present.
Change-Id: Ia4a58de4973ef228735c48b33453a0562dc65258
This didn't break functionality but it would use a global instead
of a local variable so nested calls to time_* might have issues.
Change-Id: If61ef07c4ce15f1a356975a0b0611fdf5e49109a
Added to requirements:
https://review.openstack.org/309084
Functional tests were added
https://review.openstack.org/265811
But they still use the version of python-brick-cinderclient-ext from pip.
This change updates devstack to pull in the changes from
python-brick-cinderclient-ext patch sets instead, when configured to do so.
Change-Id: I6d0f09950ea1200d3367a53aa4a3eea9be7abc66
Needed-by: I34f3b5ceaad7a50b1e9cadcc764f61c0aabe086d
A new tempest test is being added in https://review.openstack.org/#/c/285541/
but it is not supported in the Kilo and Liberty branches. This patch
turns on this feature flag at Devstacks's side.
According to tempest policies, this patch must be merged first so the
test can actually run.
Change-Id: I52458a0b36e1dba233667311b35f6c3931e2e66c
Depends-On: Ie69dae09c2b42e825e9d51abf158fc14788387d1
This commit just adds a sanity check output to lib/tempest. It will
use tempest list-plugins to print a table of installed plugins after
the pip install phase is run for any provided plugins. This will
enable users to check that the plugins they think they're running are
detected by tempest.
Change-Id: Icff286da6c68ec9a57f2288458976341bc095875
If a plugin has the L3 API extension available, issue the L3 API
extension calls that creates routers and networks
Change-Id: I77e269ce0025054bcf2a2f4156124f2921ba2d59
lib/keystone sets KEYSTONE_AUTH_URI and KEYSTONE_SERVICE_URI that
other projects should use rather than building the URL themselves.
This will allow us to more easily drop the port altogether.
Change-Id: I7467aae680215f3045d32a088af2187e1eba8169
When the nova backend is LVM we set some libvirt configs
in nova.conf. Those should happen in the libvirt plugin
file rather than the generic nova file since it's specific
to running nova-compute with libvirt.
Change-Id: I37a63a5fba2e9eea4daafe4ec390b2e7aac236f3
This reverts commit 181588b9ba.
Since this change landed on 4/29 it's been the cause of the
top two gate failures (besides known latent infra issues) and
hasn't had good progress on landing a fix, so until it's a
priority for the keystone team we need to revert this change
to get the integrated gate jobs moving again.
Change-Id: I588a84c5179eab072d21bc1394aea2df00929650
Related-Bug: #1577558
Related-Bug: #1578866
When running a compute node that only runs n-cpu and neutron-agent,
there are still configuration items that are needed by the agent that
reside in $NEUTRON_CONF - such as the rabbit rpc information.
Change-Id: Ib7f5dde3afb0c19dc88f351c99bc669217952a14
If the nodepool info file is around, assume we're on a OpenStack CI
node and skip re-installing EPEL & RDO
Change-Id: Ife80af015b26514098e0633f568e3da35b9eea8c
Neutron L3 may implement a variety of extensions: router, external-net,
dvr, ext-gw-mode, extraroute, l3-ha, etc. The public network uuid is
only going to be made available if and only if the external-net extension
is available, because that's the one that provides Floating IP support.
Rather than making Tempest aware of q-l3 service (when q-* services
are supposed to be legacy), it is better to tune this configuration
based on the extension availability. This decouples Tempest from
Neutron setup internals.
Change-Id: I4889fc3d21bd221785b507995f1b3da0e8f52b46
Related-bug: 1582119
Wrong container name in devstack "All-In-One Single LXC Container" manual.
Link: http://docs.openstack.org/developer/devstack/guides/lxc.html
After creating "devstack" container with below command
sudo lxc-create -n devstack -t ubuntu -f devstack-lxc.conf -- --packages=bsdmainutils,git
The name should be 'devstack' instead of 'p2' in the below command
ssh ubuntu@$(sudo lxc-info -n p2 | awk '/IP/ { print $2 }')).
Change-Id: I7a84b97b03b2dd4338f1d946b7eafb8ec6e3767d
Closes-bug: #1582248
For client debugging that invokes multiple libs it can be useful
to have all libs directly in git and not listing all of them
in LIBS_FROM_GIT.
TrivialFix
Change-Id: Ie631cc4045231ebbe8177d2d113e47e4bf83f61c
This patch enables account management by default in Swift. This will be
leveraged by Tempest test cases validating account management APIs.
Depends-On: Id29f5ca48f92cd139535be7064107b8a61b02856
Change-Id: Ic01432939ed9b4cf0cbf20e3244d4d76847f539f
This patch replaces Q_L3_ENABLED with is_service_enabled q-l3.
Both of them idicates wherever Neutron L3 agent is enabled or not.
Change-Id: I33f0f5a6174d1d170bc2ac1c2e3a096d88d17cc1
This commit adds a deprecation warning for lib/neutron-legacy. Right
now lib/neutron isn't quite in a place where we can use it by default
but we're getting close. As soon as it's passing in the gate we plan
to make a switch over and a hard delete of lib/neutron-legacy. To give
any users which have a hard dependency on it (which is not actually
a supported use case) a heads up this adds the deprecation warning
in front of that change.
Change-Id: Idf1faf2e9dd497f9b97abfcc6e796ca72d60d955
The commit message of 2a242519f7 indicated
that neutron-metadata-agent was the correct name for the metadata
proxy, but parts of the code were not consistent.
Change-Id: I52f08266a169aeb9005c0f84296fc814d05b90d4
When creating service users, the assumption is that the service
project lies within the service domain, so create it there.
Change-Id: I4880e789f5eaf340634ceb792397eef12a5a6b51
Closes-Bug: 1580998
This is a follow up patch of [1].
In [1], source has been moved from lib/neutron-legacy to lib/neutron_plugins/services/l3.
However, one necessary function of is_provider_network is lost.
And this cause devstack install fail.
[1]https://review.openstack.org/168438/
Change-Id: I413b3577ec5b11ee0ee01f2368364117962494bb
I goofed when moving it over, and it looks like the calls
to _move_neutron_addresses_route got clobbered.
Changes like a0d1b0151a ended up getting
dropped on the floor, so let's reintroduce them.
Change-Id: I3bbfbc56e2c663c47a03659a1dff96443c13af47
There are a few CI efforts going on related to jobs that use the lvm
image backend for the libvirt driver in Nova. We don't want to waste
time zero'ing out volumes during CI runs, so we need a way to configure
nova to not clear the volumes in these jobs.
This change adds a variable used to set the CONF.libvirt.volume_clear
value in nova.conf. If the variable isn't set, Nova just uses the default.
This will be set to 'none' in the jobs that are going to use LVM.
Co-Authored-By: Matt Riedemann <mriedem@us.ibm.com>
Change-Id: I1e97ba6ab4772a87192ae2689a25050d432358ab
This helps fix an issue where an IPv4 address is moved from an interface
and you lose your SSH session.
Change-Id: Idf37ccbaa6f615fcc714d49c3f0c00c893f56021
Background for this work can be read on the mailing list:
http://lists.openstack.org/pipermail/openstack-dev/2016-May/094063.html
Usage of the new Neutron is by setting the following in
ENABLED_SERVICES:
* neutron-api
* neutron-l3
* neutron-agent
* neutron-dhcp
* neutron-metadata-agent
For now, the new neutron library supports just the ML2 plugin, with the
Open vSwitch and Linux Bridge agents supported. All other Neutron
plugins should be creating their own DevStack plugin if they wish for
DevStack to support them. Many of them already do.
Other notable changes compared to neutron-legacy:
* Rely on the Neutron defaults, and force Neutron to make
sane defaults instead of all kinds of knobs in DevStack.
* Default to rootwrap daemon support
* Use the security group driver by default
* interface_driver can now use NEUTRON_AGENT (linuxbridge, openvswitch), since
they are entrypoints in neutron's setup.cfg
* Use NEUTRON_AGENT variable to determine which agent to run
Works with NEUTRON_AGENT set to either "linuxbridge" or "openvswitch"
Default is openvswitch for the time being.
* Set ML2 configuration for VXLAN support
* Remove Xen hypervisor stuff - it should be a plugin
* Move L3 crud into separate service file:
There's a lot of L3 configuration that was in the main neutron file, but
a lot of it is self contained and can be moved into its own file.
The new l3 service file will contain all the previous L3 plumbing and
configuration that the OpenStack Gate expects, while also eventually
moving the whole l3 network creation step into a single hook that can be
overridden by plugins.
* Introduce a check for a function "neutron_plugin_create_initial_networks" which
will become the mechanism through which different topologies, and
networking plugins can create and wire the initial networks that are
created during a stack.sh run.
The new lib/neutron is considered experimental, and followup patches
will build upon this one. Existing users of lib/neutron-legacy should
remain unharmed.
Co-Authored-By: Hirofumi Ichihara <ichihara.hirofumi@lab.ntt.co.jp>
Co-Authored-By: Dean Troyer <dtroyer@gmail.com>
Change-Id: I31b6362c6d9992f425f2dedbbeff2568390a93da
This seems to break Ironic gate with n-cpu not starting
any more.
This reverts commit c527ded91b.
Change-Id: Idfb01448e8ecf53fbd2e1df61c8f08f3107981ac
Closes-Bug: #1579683
As can be seen in logs of the periodic generation job, our cgit does a
weird thing where sometimes it returns a 404 page with content, and
sometimes a zero response (see [1] for example, the last number is
response size). This appears to be an openstack CI issue; possibly
due to cgit caching or similar (see [2] for manual test). It will
have to be investigated with the host apache logs.
This is resulting in a lot of projects incorrectly being picked up as
having plugins (I7116571d2a2b1fc3a61e5f1ed46ac2cbc244775a). I'm not
sure if this problem is also releated to the original status-code
issues mentioned in the code, but testing shows that cgit is correctly
returning 404's for missing files (you can see in the logs [1]). Thus
switch the logic to examine the return code which avoids this issue.
[1] http://logs.openstack.org/periodic/propose-devstack-plugins-list/e55790c/console.html.gz#_2016-05-04_06_46_51_660
[2] http://paste.openstack.org/show/496434/
Change-Id: I6a06347d91d091441f6f7b70f99aba6d8e9add4b
Currently, the db sync operation does not specify the config dir or
config file.
If there is a config file in the home path, it will use this one,
but not the right one devstack write.
Set config file to these operations.
Change-Id: Id1fbc3d85280c19596f5ebd301c46bcf018fa2f6
Closes-Bug: #1578098
CoreOS cloud image is compressed with bz2 extension [1]. In such
case, we need to decompress the image before uploading it to glance.
[1] https://coreos.com/os/docs/latest/booting-on-openstack.html
Change-Id: I705d0813d180aefaa2507c00d1ae40af07d12fcf
Export the 'short_source' function so that it will be present in the
environment for child shell scripts. Do this because we are passing PS4
to the child shell scripts and it is using 'short_source'
Don't do an 'env_keep' in the sudoers file for PS4, since it is
difficult to also pass along the 'short_source' function.
Change-Id: I9781010d6eb336d02939c7fd47f18bedeae5ccc6
Closes-Bug: #1563443
Devstack installs elasticsearch version 1.4.2 by default.
This version is really out of date and you can't run kibana
4.x against it. We are working towards 2.x support [0],
but in the meantime would like our example to install a more
recent version of ES.
[0] http://lists.openstack.org/pipermail/openstack-dev/2016-April/092583.html
Change-Id: I9ca244f8b817dd9c5f6d7435e347df28282db0a9
This commit adds a new phase to the devstack plugin interface for
configuring test environments. It runs after everything in devstack
(except for the final output commands) to ensure that tempest or
any other dependency is installed prior to running it.
Change-Id: I52128756f18d3857963a0687de77f7cdfd11fb3e
the referenced file was removed with the following change
Ie7f4b265368f1d10a8908d75e11d625b2cc39e7c
Change-Id: I0e25b1f38e0969037d1c8af367432da56bb12e92
This commit adds a new variable to lib/tempest to provide the plugins
that should be installed into common tox venv that gets created. In
order to make this work the workarounds to handle migrating to a common
tox venv have to be removed otherwise the plugins could be installed in
a venv that isn't used.
Change-Id: I63658b8d8dfa999e0feb79f8f2968f2b32e3ff57
Depends-On: Iab2e6e04b6c5795a4d0c8214564106525b942308
In order to support the effort to unify the tox venvs being created
by tempest this commit temporarily cases the path of the venv being
created. Once tempest is updated to only use .tox/tempest we can
remove the if blocks and just use it unconditionally.
Change-Id: I34a69020eee07156e64026781a3c0bffdb5ab415
As we are creating a domain with id 'default' and name
'Default', we should iniset the correct name.
Change-Id: If67338fbbd255b8aa1b91e18e4cf8213baebab95
When running in httpd, keystone accepts requests on /identity and
/identity_v2_admin.
The path endpoints should be preferred over the ports so keystone
is configured to point applications to the path endpoints by
setting admin_endpoint and public_endpoint.
Change-Id: I34569b9e03c3f36748c92d803349e22a7ee1a633
Tempest-lib, as a standalone project, is deprecated in favor of a
"lib/" directory inside Tempest's repo. So remove the installation
of tempest-lib in DevStack.
Change-Id: I507bfe875777fd25bbe5d67c861f3fca99faa22d
There are two implementation code for similar API in Nova repository.
One is newer: v2.1 API, another is legacy: v2 API. v2.1 API has been
used as the default API since Liberty and legacy v2 API has been marked
as deprecated. We have used and tested v2.1 API so well and now is
nice time to remove legacy API code based on the consensus of the
design summit of Austin.
This patch removes NOVA_V2_LEGACY which set up legacy API code.
NOTE: The gate job which uses this NOVA_V2_LEGACY option has been
removed already since Iac81b7d569b76b99e9d86eaa5001ae7f9b78cdfe.
Partially implements blueprint remove-legacy-v2-api-code
Change-Id: I0e16b7ce608d7eeb3a35fd77e66531dfc8c142ef
I think the objective of the line is to display message, but it was
also echoing entire line before printing the message.
Change-Id: I758759638003deec3205983863f4b7e23ba94e89
Signed-off-by: Sachin Patil <psachin@redhat.com>
In a multiregion installation of devstack, conflicts occur in the
creation of images, networks, or volume types, when the region is not
set.
This patch adjusts commands to include the region, and
also adjusts the region_name in the nova configuration section of
neutron.conf to include the region.
Change-Id: Ifedff6a124fa49d57cc7b2f35916d8d96f5e5f7a
The nova check in is_service_enabled() is loading the nova repo
when ENABLED_SERVICES=ovn-northd. Add a comma before each of the
checks to prevent this error with any of the other services.
Change-Id: I9deee735812cde44ea5140b1ad76848f02576609
Closes-Bug: #1574431
Commit 020586fab4 removed support
for g-search as it was promoted to its own project. The devstack
plugin for Searchlight triggers the installation of elasticsearch,
so it can be removed from upstream devstack.
Change-Id: Iada75fc59c66b776c506431f93deb668ab0a84b9
This minor release of bashate just fixes one small issue with python3
compatability. This is an alternative to
Ic91b5ce8cb85e376573f9bf3659d2a86cc437179.
Change-Id: Ie5ad29003cf80a332b9a9258749757a15de79966
This commit fixes breaking change [0].
Long driver names like 'nova.virt.libvirt.libvirtDriver' are
no longer available and 'libvirt.libvirtDriver' should be used
instead.
Reference:
[0] https://review.openstack.org/309504
Change-Id: I27a1b75b921c7401bc8614caadfd1e09e7dd5d65
Closes-Bug: 1574990
Change I24546f02067ea23d088d383b85e3a78d7b43f165 aimed to use
keystone v3 as default in devstack. The change was later reverted in
Ia792b23119c00089542ba08879dca1c29dc80945 because it broke some
projects.
This patch contains a small portion of the first change to set the
environment variables $OS_USER_DOMAIN_ID and $OS_PROJECT_DOMAIN_ID in
openrc, so that users don't have to set them manually when using
keystone v3.
Change-Id: Ie4c316d60590d55830d417f13817298dac70864f
Partially-Implements: bp keystonev3
Closes-Bug: 1387814
Since I380dd20e5ed716a0bdf92aa02c3730359b8136e4 , tempest options
tempest_username and tempest_tenant_name have been added.
However, they are never used at all.
So this patch removes them for the cleanup.
Change-Id: Ic40047c5903d664e4a2d5eea88ff788e39d1e416
This reverts commit 7d1ec43004.
This broke the sahara and layer4 dsvm jobs. The layer4 job
is voting on tempest changes so tempest is also broken.
Change-Id: Ide69f10cd85bf7ff0d86bc8cba56dedd26850362
Partial-Bug: #1573868
We really should only have code that create endpoints once, making all
osc calls get_or_set adds 3 seconds per call for no really good
reason.
This also stops creating the internal endpoints in the service
catalog. It's a pattern that we're trying not to propogate, so lets
not have it in devstack any more.
Change-Id: Ia8cefe43753900d62117beae330db46deb6a9fc9
When using XenServer as hypervisor, install_os_domU.sh will create
integration bridge for compute node when neutron network is used.
But it should provide a way to allow moving of the VM to another
host (with a different XEN_INTEGRATION_BRIDGE) for easier install.
This patch is to provide the way to let user have the chance to
configure integration bridge themselves
Change-Id: If923a5e978e77fc091d24b6e1fe7a83a3375da09
As Nova hypervisor uses deprecated parameters when trying to
authenticate to Ironic, as well as a hardcoded /v2.0 endpoint, a fatal
error occurs when creating a keystone v3-only devstack.
This patch updates auth parameters (ironic section in nova.conf) that Nova
uses when trying to connect to Ironic to v3 parameters.
Change-Id: I2d7ebf750115613aa917448f20daaece614633ef
The bug #1542282 added Q_PLUGIN_CONF_PATH to the comment on how to use
Q_PLUGIN_EXTRA_CONF_FILES. But the right variable name is
Q_PLUGIN_EXTRA_CONF_PATH; this patch fixes this comment.
Change-Id: I6b6b39068fe54509b1bb8af47ae0b21dd77c444a
Related-Bug: #1469434
Closes-Bug: #1542282
Use the fernet token provider as the default for keystone.
The Keystone token provider of choice is changing from UUID to Fernet.
However, due the the need for multi-site keystone deploys to have keys
kept in sync, we cannot change the default in upstream Keystone
without breaking existing deployments. Fernet requires a deliberate
setup step like what is done in devstack. Making the change in
devstack documents the expected setup.
Change-Id: I8c0db244634b0861b0eb3c48fe6ede153f7f04f2
Currently there is added an obsolote/wrong '/' when passing
Q_PLUGIN_EXTRA_CONF_FILES to the service start arguments.
Thats not a problem when using absolute paths, but wrong for
relative paths. This patch removes that extra '/'.
Change-Id: I2136d39889eaf83ecfcc711c733e95e261f455e0
Closes-Bug: #1572192
Make it possible to construct the service users in their own seperate
domain. Changing this away from Default will not work for everyone yet,
though it does work for basic service interaction however enabling it
will allow us to start testing and hopefully gating that services aren't
relying on v2 only concepts.
Change-Id: I7e73df5dd1caabf355783da2bc0f3007ade92fba
This environment is used by the normal docs job, add it.
Manually add requirements needed for doc building.
Change-Id: I1be193d113683966f6a76e862713f3a550543168
Related bug #1469434 fixed the usage comments for
Q_PLUGIN_EXTRA_CONF_FILES. However that change didn't
make it into neutron-legacy. This patch updates the comments
in neutron-legacy to reflect proper assignment of
Q_PLUGIN_EXTRA_CONF_FILES as well indicate
Q_PLUGIN_CONF_PATH is required when using extra conf files.
Change-Id: I447f1158d333ac4a35c4903a509146a62d93b272
Related-Bug: #1469434
Closes-Bug: #1542282
Those reports may be helpful when debugging neutron gate issues.
pgrep is backwards compatible with old Solaris tools, which means it
does not match with commands that are longer than 15 characters. To
avoid that for neutron agent names which are longer than that, we need
to pass -f argument to match against the full cmdline.
Also killall instead of kill + pgrep in a subshell.
Change-Id: I9b3801e927c0e80443ed76e38cd8e3618e888e49
Create specific heat_stack_owner role to be used by
tempest tests, rather than using _member_ which is not
automatically created in keystone v3.
Change-Id: Iff13a47e360b628bc48a8cb897d9368af49db01b
Partial-Bug: #1539692
devstack failed to install because glance:
Could not determine a suitable URL for the plugin
patch I618ea8e27b49af360c905df85af06d9b1eef8407 tries
to fix this problem, but with a wrong way because path is not
correct, the clouds.yaml is not under /path/to/devstack/~/.config/openstack/
but ~/.config/openstack.
patch I8af6bd465f74099c560dddba6b5221dd79cbc965 tries to
fix this problem, but with a worng way to specify the path,
~$STACK_USER/.config/openstack/clouds.yaml will not expand with
a variable, only const string can.
$ whoami
zqfan
$ touch ~/.config/openstack/clouds.yaml
$ export STACK_USER=zqfan
$ rm -rf ~$STACK_USER/.config/openstack/clouds.yaml
$ ls ~/.config/openstack/
clouds.yaml
Change-Id: I549817d2f4638be615991c1726b39d270ba71357
ref: I618ea8e27b49af360c905df85af06d9b1eef8407
If the variable SWIFT_STORAGE_IPS contains a space-separated list of
IPs, we can use this to create consistent rings across all proxy and
storage nodes.
Change-Id: If9307196dc7e74e4a842c95503958ae2d7f7acc7
This is a follow-on to I6f392d3c16726f6dd734184dcf3014fb4f388207 to
note the variable is kept for backwards compatibility.
Change-Id: I1008b2d4e2baf82e1aa531d9eaf96a084beb69aa
The WIP prefix and the statement
"This can't merge until p-c no longer references lbaas jobs."
Should have been an indication that this patch is not quite ready to
go in as is.
This reverts commit 130c3adb0e.
Change-Id: I57d5f9f2e66b1bdf6fca70074bc1d5678de65f38
This is a fairly opinionated change to do some spring cleaning on the
documentation.
The current output of shocco as rendered at [1] is completely broken.
I can not see that it is worth us maintaining this. Honestly, the
github page does a better job at showing the scripts with a bit of
formatting. The "changes" page is similarly useless today. cgit or
github show allow browsing of changes in the repo better. Both are
removed along with support scripts.
When you currently hit the first page, it gives no clue as to what
DevStack actually is. Add a paragraph explaining that, and link to
the cgit for easy source browsing.
stackrc.rst is not necessary; the stuff about database backends is
already discussed in configuration.rst; move the things about service
repos into a section of configuration.rst.
The discussion in openrc.rst is moved into the configuration.rst file.
localrc.conf.rst was just a paragraph pointing back to
configuration.rst; this is removed.
The variables described in exercise.rst are moved into a separate
section of configuration.rst
[1] http://docs.openstack.org/developer/devstack/#scripts
Change-Id: Ie7f4b265368f1d10a8908d75e11d625b2cc39e7c
When devstack fails, some or all bridges may not exist.
This change allows an only existing bridge to executes ovs-ofctl command.
And fix duplicate ofp version specified in protocol option of ovs-ofctl.
Change-Id: Ied01de727ca9b867ce87db358f72ae44838b63af
This removes Oracle Linux 6 support ("OracleLinux") which, like RHEL6,
is now unsupported. "OracleServer" matches Oracle Linux 7.
Change-Id: I35b1c7d0b103c509283dba0f6551453e7d8ac4cc
Closes-Bug: #1568634
This commit adds an execution bit to generate-devstack-plugins-list.sh.
This should be useful for users.
Change-Id: I12d0a257eb1d487979d044c2e52e824a6ea4c02d
In stack.sh, REGION_NAME is used to set environment variable
OS_REGION_NAME before using OpenStack client to configure accounts
for services. OpenStack client will try to find Keystone endpoint
in REGION_NAME to send the requests.
However, in the case of deploying multiple DevStack instances in
different regions with shared Keystone, Keystone is only running
in one the of region. When installing DevStack for the region that
does not host Keystone, OpenStack client will fail to find the
Keystone endpoint and thus DevStack fails to start.
This patch fixes this bug by introducing KEYSTONE_REGION_NAME for
user to specify which region Keystone is running in. Document of
multi-region setup is also updated.
Change-Id: I3e82c7ff69326d4171623299ffecea103d40c80d
Closes-Bug: #1540802
Most of the tempest utilities need at least a partially setup
configuration file to work properly. This is because most of them
make api requests in order to perform the expected operations.
This causes a bit of a chicken and egg problem when we rely on
these utilities for configuration purposes since we don't know if
we have enough of a configuration file to run things. This previously
wasn't an issue because all we needed to run was verify-tempest config
and it wasn't in a critical path just for api extension discovery and
it wasn't relied on. But, with the addition of tempest preprovisioned
credentials we rely on a tempest util to create the credentials we
use for running things. We need to ensure the util has as complete of
a config file when it's run to ensure that everything is in the
correct state.
This commit moves the running of all tempest utils and the associated
iniset calls to the end of the configure_tempest function to ensure
that the utils have as complete a config file as possible.
Additionally, it makes all tempest util calls are venv isolated. (which
is mostly future proofing for when things are branched on stable)
Change-Id: I5844aed4e134fbc7210aa0eca83500e260915b7b
The test job "gate-tempest-dsvm-cells" uses the Nova cells concept.
This triggered a deprecation warning:
WARNING oslo_config.cfg [...]
Option "rabbit_virtual_host" from group "DEFAULT" is deprecated.
Use option "rabbit_virtual_host" from group "oslo_messaging_rabbit".
This change removes that warning.
Change-Id: Ieaf437ecbf58edb8994f6afcb0ac2afcd5585a1e
Variables PUBLIC_INTERFACE_DEFAULT and GUEST_INTERFACE_DEFAULT
are only use to provide default value, deployment script should
not use such values directly
Closes-Bug: #1566768
Change-Id: Ib543b416df861086fa2edbe7df769b224d0b0add
Make the warning in the auto-generated file stand-out a bit more, so
people don't waste time trying to add entries that appear
automatically.
Change-Id: Icf4290e1fad21ce72af54c178bafcce0b287cdf6
Change 0b9e378cca2be4e034ad401d71fbe4470907f93a moved the
api_paste_config from the DEFAULT group to the wsgi group
and deprecated it's usage in DEFAULT.
Change-Id: I283db638e76b986d3e728c6caf34a0b3f37fc9b6
Ubuntu vivid support is EOL lets make room for xenial.
Change-Id: I21c4966c80e0b5fc2b1a7448020dd1c75e0070ad
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Fix the table with a bottom border. Regenerate the plugin list using
the script to make sure it works this time.
Change-Id: Iab3eb3879fd6017c55259e470477e4a9e34514e2
This makes us depend on n-api being enabled, which should avoid running
this on subnodes, where it fails because of no credentials.
Change-Id: I209bd59cd57be27c3375f5a2074361307abcafe9
Closes-Bug: #1567065
Nova API itself supports both URL modes:
with project-id and without project-id
However, we are changing service catalogs for removing project-id
based on the discussion.
We have agreement on https://review.openstack.org/#/c/181393 like the
following:
- Standard required naming for endpoints (versioned vs. unversioned,
contains project ID vs. no project ID).
* We want unversioned endpoints so that the user can get
information about multiple available versions in a given cloud.
* We do not want project ID, account ID, or tenant ID as part of
the resource URI for an OpenStack API endpoint.
So this patch removes project-id from Nova service catalog for this
direction.
Change-Id: Ifd74152727b5c0c75924419a7a52e024a69ce72c
Make sure the table is separated out from header and footer content so
it actually gets picked up as a table.
Change-Id: I60a24b2476a55cfbf5c864a1c27ce5b98e699886
This sets all the internal variables and service users that are set to
use project instead of tenant for clarity.
Change-Id: I4aa833bac2ee2281c5f2881f7ae1fd8e7c759f74
This makes devstack create default flavors in nova, like cinder, now
that nova no longer hard-codes them into its database.
The flavors created here match the legacy default flavors that nova
kept for so long, and also creates a new devstack-namespaces set of
flavors which are likely more useful for people.
Change-Id: Ic275887e97221d9ce5ce6f12cdcfb5ac94e300b0
Cinder was the only project with a script in driver_certs. That cert is
no longer required for Cinder as we now just require that third party CI
is run for all drivers before acceptance.
This removes the cinder cert test script and the now empty driver_certs
directory.
Change-Id: I8d0867c4720f324b8dbf3c64ddf66ff267996d10
As part of the "reduce confusion on tenant_id" we need to change as
many references as possible over to project_id.
Change-Id: Ia665312f24672b106e12fde93b60f142620c3a45
Currently ovs-ofctl command is executed for only default ofp version
(OpenFlow10).
Some Neutron's plugin uses OpenFlow13 and in that case ovs-ofctl fails.
This chage allows us to get ovs info for all ofp versions supported by ovs.
And adds dump by dump-ports and dump-ports-desc.
Change-Id: I2d3c42835a5ad0f5ebf540e8127762f466347c9c
Neutron had a lot of work done during the Mitaka cycle to fix MTU
issues, so let's see if Neutron can stand on its own.
This commit reverts 06cfce3756
Neutron patches:
I6ffc8973c9b8f46cc19922ff04fdd2d23646b878
I4096a3e7704032fa4aa5c3aa8bcaec4e38d0d06d
I6a10c4dfc1f2198667f3d02528e2ca8020cb5bb8
Ic091fa78dfd133179c71cbc847bf955a06cb248a
Idf6221fee2c7da86123b330ad3c235ecc6868242
I6859ebdde1f7e3a8163b49d705620e522ada606a
Change-Id: Ie88c7ebb29adadde530217c95e2f38aacb119dc8
In I33525e2b83a4497a57ec95f62880e0308c88b34f, we switched
from zookeeper to dlm. Somehow this got left behind.
Change-Id: I41d13d33c9a81271d4a9752cbe98c0028a17ab1e
Since commit 7580a0c3e3, openrc
print a WARNING message to stdout, it will break the zsh script
in faq.rst. This patch redirect openrc output to /dev/null.
Change-Id: Iaba03634d7a234cd4d120477f91ef56d0595cdf6
Closes-Bug: #1563940
Printing the total makes it easier to compare runs at a glance. Clean
up the output a little, and use some consistent, name-spaced globals
while we're there.
Note the total runtime is at the top to avoid giving the impression
that it is the sum of the components below, since you can nest/overlap
timers (I made that mistake in a prior change :). It might be a fun
exercise in tree building to one day track the overlaps and present a
nice nested breakdown.
Change-Id: I878ce03813d21138df493b82bceff3aaa7f83064
Ceilometer uses a devstack plugin for a while now, so there should not
be any need for this file in the main devstack repository.
Change-Id: I3577c52b106c63c465a40ea3740eb5b8384e900e
This is a normal step in the process for upgrade and is now
required for migration of flavors from the main DB to the API DB.
Since we previously made a bad decision to encode those flavors into
the first database migration, that means that even on new installs we
need to run these.
Deployment tools are going to be running this command any time they
do anything to the database post-deployment, which means adding this
to devstack is putting it in line with what normal deployments will
be doing.
Change-Id: I8ab03af9d2f4974f26a7f8487ec978caea957e45
Since change Ie38deadf190db33863c99d4610157349484ac10f ceilometer does
not use spidermonkey which needed libnspr4-dev to be installed. Thus the
requirement can be removed now.
Change-Id: Ib0685181f1cc4c9b58411a1679ac9dec1812f683
OS_CACERT was being added directly to the environment rather
than usercc_early. This caused an untrusted CA error to be
thrown.
Ensure that SERVICE_HOST is in the Subject Alt. Names of the
issued TLS server cert. The gate sets it to 127.0.0.1 which
wasn't being handled. Only the FQDN of the host and actual
IP address of the machine were being added.
Change-Id: I8a91dffe1a5263d2bcc99ea406a8556045b52be2
auch configuration in the nova section in neutron.conf was
still setup manually. Just reuse the function
configure_auth_token_middleware() for configuration to simplify
the code.
Change-Id: Ib5a7e9212e2d1242bdbec75cf3fac13d5c42a2e2
This commit moves the auth setup for tempest config to occur before
we run tempest verify-config. The API requests that command runs
require auth and in the case we run tempest without admin creds set
the config file will not have any credentials to run the query with.
By moving the auth setup to occur before this it will ensure tempest
is always configured with credentials before we run the command.
Change-Id: I6d11b24e4492f1fde3aa3a7a239c40d63111bfa1
Previously the swift blocks only ran if s-proxy is enabled, which
prevents a multinode configuration. We should run these blocks if any
swift services are enabled, and push proxy specific conditionals one
step lower.
Change-Id: I540a97615b3c19f882c8673b1a4a29cd47e36aa8
Lbaas devstack support is now in the neutron-lbaas repo, so we can move
towards removing it here. This will explode hard, but let's start peeling
the onion.
This can't merge until p-c no longer references lbaas jobs.
Change-Id: I1c49877bab53f6b25385302420086b25e3eeeebf
Make our usual admin user to be a real admin,
and open the way for improving the per project
policy.json files.
Change-Id: I133a5953d209bc1edbd03ecfae750f77e3eaa64d
Related-Change: https://review.openstack.org/#/c/242232
PS4 can include functions, so when running in the LOG_COLORS=True mode
provide a grey function line so that it's easier to visually
distinguish the content from the location.
Also make it so the main prompt chunks off all the common path, which
means we can printf to 40 characters and have a pretty reasonable and
readable PS4.
Change-Id: I4a10a49db97d413349bcfceeb8c4164936fbcc40
Check that a public and/or private network exists before calling
probe-create for it, to avoid an error in the case where that
network hasn't been created
Change-Id: If01cec47dc4ab02b5d78074b1354df10dc23b384
Closes-bug: #1560629
It seems pip distinguishes paths with .. or extra / for constraints.
For example, the following directories are considered different.
/path/to/dir
/path/to//dir
/path/to/dir/subdir/..
This commit tries to normalize the given directory name to avoid
"Could not satisfy constraints for 'xxxx': installation from path
or url cannot be constrained to a version" error due to directory
name mismatch.
Reference: https://github.com/pypa/pip/pull/3582
Closes-Bug: #1542545
Change-Id: Iae9d58c27d3b10bca16e4a471507c4d5c16439a0
hexdump is used in common function generate_hex_string which is
used by nova and heat. The current general dependencies do not
have this dependency covered, instead it is usually pulled in by
other implicit dependencies when a full devstack is built. In
cases where only a subset is built (like just Heat and keystone)
hexdump is missing.
Added unit tests for the generate_hex_string function.
Depends-On: Ib47d802a31a0f4c2a49daa7e6698e37c70a2365a
Change-Id: I77c8c2019fb8b8174cdfaed3e56ebf728f0732b7
Closes-Bug: #1558672
In future Nova will use os-vif library for some communication with Neutron.
This patch add ability to install os-vif library that requires for run
tempest-jobs for new patches, that used os-vif.
Change-Id: I28e48afd3c740b1aa50c994d99f660f095e7deda
We've had a couple of cases where plugin names are longer than our
table width.
Take the fixed-with table-header out of the header file, and generate
it dynamically based on first-column width. To simplify, take
advantage that RST allows a variable-length last column and so don't
specify it's width.
Add a link to the cgit URL for each project you can click on to browse
the source (link text remains the git:// URL).
Add some logging so you can see what the python generator is doing,
should you run it.
Change-Id: I5d5e692039bbb30b2508119412472dac1d105c08
Apparently this is intentional as a joke on devstack leaking
passwords, but the dual meaning of the word confuses people. Let's
change it before we get yet another review fixing it.
Change-Id: I3bee03612f6ea197362aab04a37f81043f77f235
Insert the unversioned keystone URLs into the service catalog. Services
should be able to determine the correct URL for their work from this.
Depends-On: I931f0c558aafc8dfaa5519744c6e4e7fcffc3205
Change-Id: I6171f782a1dd397720a9b2a3393b30ae5aca0cc2
When detecting os_VENDOR, the lsb_release output may be different
from what is expected today. This patch fixes the detection.
Change-Id: I850ad1acbc2397c73e7cc85c1765cba6ba2f98d4
After reviewing I5b1d49be8d9e3e331826e30182fba70f099b5e7f and
I161a157895b4ed0c9ea5a7a00302e30f4ad75ed3 - I have come to the
determination that this really should be in a DevStack plugin.
If both of the patches under review were to merge, we would be blessed
with at least the following variables:
OVS_NICS_FROM_BRIDGES
OVS_NIC_MAPPINGS
OVS_BRIDGE_MAPPINGS
OVS_PHYSICAL_BRIDGE
PHYSICAL_NETWORK
PUBLIC_PHYSICAL_NETWORK
Which really is not good. Let's just push this into a plugin, I don't
want to deal with it.
This reverts commit 3095ff5132.
Change-Id: I746022f5db93d3333101a014692fbdcd790a0004
This all started with an investigation into Fedora's use of ecua2ools
package. This package is a bit of a nightmare because it pulls in a
lot of other system-python packages.
For Ubuntu, this package was removed in
I47b7e787771683c2fc4404e586f11c1a19aac15c. However, it is not
actually a "pure python" package as described in that change, in that
it is not installable from pypi. I can't see how you could actually
run exercises/euca.sh on Ubuntu unless you installed euca2ools by hand
-- ergo I suggest it is totally unused, because nobody seems to have
reported problems.
In the mean time, ec2 api has moved to a plugin [1] anyway where the
recommendation in their README is to use the aws cli from amazon.
Thus remove all the parts related to EC2 and ecua2ools from base
devstack.
[1] https://git.openstack.org/cgit/openstack/ec2-api
Change-Id: I8a07320b59ea6cd7d1fe8bce61af84b5a28fb39e
Normally a standalone uwsgi server would run in "master" mode -- it
handles signals to reload the processes. I tried this originally
with keystone but found that the server didn't shut down when
unstacking. The reason it didn't shut down is because (by default)
uwsgi does a reload on SIGTERM & SIGHUP rather than shutting down by
default, see [1].
Setting "die-on-term = true" & "exit-on-reload = true" changes the
uwsgi server to shut down when unstacking.
[1] http://uwsgi-docs.readthedocs.org/en/latest/Management.html#reloading-the-server
Change-Id: I145fef185d4a31078295941779e175b7452a5760
There was a lot of duplication in the uwsgi options between the
admin and public config files. The options common to both are
moved into their own section.
Change-Id: I5519c7d4d8b8446a7a5fdb8033852655d8a2c67b
keytone has removed it's CLI and will release a new version
when Newton begins. As part of the removal process we also
need to remove the bash completion script, which is currently
failing devstack gates.
Change-Id: I132b862bde5b4173bf34beae12a7a882f5a96314
This command has never completely worked to restart DevStack.
It periodically prompts attempts to work around this brokenness
in ways that harm other functions. Let's finally remove it.
Requiring a complete re-run of DevStack after a reboot has always
been intentional.
TODO: follow-up cleaning all of the screen hackage if this merges.
Change-Id: I2f61bb69cc110468a91dcaa4ee7653ede7048467
This change provides better handling of tgtadm --op show
output as input of tgt-admin --delete command. In situation
where no output of the first command is present no tgt-admin
command is run.
Change-Id: Ief5e1d50dd679f4d47cffef29ff07e54cc37f80a
Closes-bug: 1554997
1.4 was released in 2012. I think we can assume everyone is running
something newer.
http://openvswitch.org/releases/NEWS-1.4.0
Change-Id: I3cfe99d2647800ae3ffb32c9e6749d03224c2967
* memcache_servers is a deprecated name for memcached_servers.
See: keystonemiddleware/auth_token/__init__.py#n287
NOTE: memcache_serves in the cache section is valid option for
oslo.cache. See oslo_cache/_opts.py#n65
Depends-on: Id65f1bff8e38c777fa406d88ac6a2355d6033d94
Change-Id: I3e1230b139e710a0433e71ce118ca246d7c6a0e6
We made assumptions on the platform for sorting purposes, which turned
out to break with new images being deployed. Explicitly setting LC_ALL
should make this work.
Change-Id: Id65f1bff8e38c777fa406d88ac6a2355d6033d94
Not having a header or footer should not be a fatal error
especially now that we have removed the footer entirely.
Change-Id: Ibbf3e513b8faa016dc2dac8d11ab4f499b3fc51c
Use the additional keystone-manage parameters to setup the identity
endpoint in the service catalog rather than manually fetching a token
for this.
Change-Id: I6f5be1df205dee8f3251b4eb413e00ae64f00f07
Currently Devstack (and devstack gate) uses the default
max_file_size of for Swift (5GB). However the loopback file
is only 1 or 2 GB is size.
We are looking at setting a default FALLOCATE_RESERVE in swift
https://review.openstack.org/#/c/288011.
Because of this our max file size test fails due to the max_file_size
and devstacks loopback size being too small.
This patch sets this to a more sane size by default inside DevStack.
See the gerrit link above for more details.
Tempest uses a loopback of 6GB, so in this case the swift default of 5GB
should be fine.
Change-Id: If09eab7d16ae67bd252020e00e8812ff252f065b
Update bashate to 0.5.0 release. We got things ready for this with
I3fd5d55236e90c2f2c25243af87adaf0c1b763e2.
I'm not sure what I was thinking in
I9e4b1c0dc9e0f709d8e76f9c9bf1c9478b2605ed when I added ".orig" files
to the list of files to check. Ignore diff/merge files.
Change-Id: I8bb0c8b39972abb775b4e5556e79d2e17005bc8c
The trove image is one of the larger ones we cache, and after
double-checking it is still used as part of the
gate-tempest-dsvm-trove tests (although integration tests seem use
their own dib-built version)
Add some notes to clarify the situation with this image.
Change-Id: I2319dd5811d6bd215d1e8778eca5b4c9399f0efb
Aside from notes, the content of the footer is entirely redundant
with the detected plugins list, so let's remove it.
Change-Id: I346b59705c5b0716a18087f6800f568fb1f4c9a8
This uses the new use_neutron variable instead of the crazy class
path. This helps us test the use of this in our jobs.
Change-Id: Ic6d0cc4b7a0df6b3f5336ee58886f7edff26e846
Depends-On: I1c2eb51d10ba6370492a911f59370b9870646a38
Change I380dd20e5ed716a0bdf92aa02c3730359b8136e4 updated the tempest
configuration to stop creating a bunch of globals. But as part of
that refactor it started using $admin_password as the password
argument for tempest-account generator, which is never defined.
This commit rectifies the situation by using the correct variable
$password.
Change-Id: Ieeed58751e5784020e04bcc2911ac74791662110
If /usr/bin/which is not available, the current code
doesn't detect i.e. /usr/bin/zypper . Using "command -v" solved
the problem.
Change-Id: I1c281c3184d69cd9dc2418295b6a392d8e5693e0
Virtuozzo is a RHEL-based distribution serving as a platform OS
to host proprietary container virtualization
(formerly, Parallels Cloud Server).
We moved away from CloudLinux distribution, which has actually
no support in Devstack (no such clause in is_fedora).
As it was us who introduced CloudLinux, by this patch
we replace it with Virtuozzo distribution.
More info on Virtuozzo company here: http://virtuozzo.com
Change-Id: Ib8a77e4611ebc05bc0aa50bb83ab79c412e21c74
If a command we trigger fails for some reason, it's worth logging
details about the failure (like return code).
Change-Id: Ib19aa474eccdd11e138a4f55e125935b621bca05
The agent_* drivers in Ironic are not yet capable of deploying partition
images. The code in DevStack was aware of that but it was looking at the
agent_ssh driver specifically.
This patch is fixing this assumption and extending that conditional for
all agent drivers.
Change-Id: I416faa9ef6fba9621cd664d5a0747b1e80e281d1
postgresql 9.3 don't create /etc/postgresql and related conf file by
default. So we need start the pg_createcluster in devstack if has not
started after package installed.
Change-Id: I2b348658d79b23b5f21871b33d8023499b2fb956
Close-bug: #1552051
We need to do a substring match on the vendor here. As most releases return
"openSUSE project" for the vendor.
Change-Id: Ia05db8d93b5e3f42cb6a9c8d77616ca9f7c32039
Now that the devstack pluging periodic proposal job is in place,
add a note to the header to try to head off confusion.
Change-Id: I1c740ff768f831548970142a8bd024abe1763fdf
This patch ensures that lib/tempest doesn't call nova when heat is
enabled and nova is disabled.
Change-Id: I2debbae1bb82ecace1058e99ab172272393fb5ea
Closes-bug: #1549708
Since I93e9f312a94aeb086925e069a83ec1d3d3419423 yum_install isn't safe
under errexit. This means it really only works when called by
tools/install_prereqs.sh because for some reason, we don't set that
there.
However, there is a problem with the retry logic when detecting failed
installs. A failed package install should stop further progress, but
with the current retry logic it just goes ahead and retries the
installation, which then incorrectly passes. You can see this
happening in a test like [1].
In our detection scripts, make a failed package or missing packages
exit with error-code 2, and "die" when we see this to correctly stop.
[1] http://logs.openstack.org/81/285881/1/check/gate-tempest-dsvm-platform-fedora23-nv/a83be30/logs/devstacklog.txt.gz
Change-Id: I4ea5515fa8e82a66aefa3ec3a48b823b645274f7
Setting OFFLINE=True in local.conf should enable stack.sh to run multiple
times without an internet connection. This was broken for some cases
when recreation of tox venv for tempest was forced in lib/tempest.
This change makes recreation of tox venv enabled only when OFFLINE mode is
disabled.
Change-Id: I2bf6caf60038a3690378eead905b35e9175ac356
Closes-Bug: #1550537
Since EXPERIMENTAL Glance v3 API has been removed in favor of
standalone API implementation was added we need to add some
changes in devstack to support it.
Implements blueprint: move-v3-to-glare
Depends-On: I5b7bd4cdcc5f2a40fc4a5f74bcc422fd700c4fb0
Change-Id: Iced3c68010eb6bcd2a6a1ec8f1c6883f84cbe77f
If tools/generate-devstack-plugins-list.sh is invoked with a parameter,
as is the case with the proposal job, copy the generated list thither
so that git will actually generate a diff.
Change-Id: I874a521bba7f402f5c07e28d6ebb086e77873795
This removes the fs-based git code path for detecting devstack plugins
as requested in I2c5c9282a8ad80014cad171a4dfbdc8f26044cd1
Change-Id: I6d1567c2545b866c433381d19587beb08c281c53
When os-brick starts using privsep, it will need to know how to invoke
its privileged half. Amazingly the name of the rootwrap executable
isn't anywhere else in the config, so the privsep default uses just
"sudo" (no rootwrap).
We need to either:
1. set the privsep command line to use nova-rootwrap in nova.conf (and
similar in other configs), or
2. add the privsep-helper line to sudoers and bypass rootwrap entirely.
This change implements (1) for devstack (nova only for now, cinder to
follow shortly).
Change-Id: I90dc41bc77993bd83b80c92286e015e14f290b45
When os-brick starts using privsep, it will need to know how to invoke
its privileged half. Amazingly the name of the rootwrap executable
isn't anywhere else in the config, so the privsep default uses just
"sudo" (no rootwrap).
We need to either:
1. set the privsep command line to use cinder-rootwrap in
cinder.conf (and similar in other configs), or
2. add the privsep-helper line to sudoers and bypass rootwrap entirely.
This change implements (1) for devstack/cinder and is similar to the
corresponding nova change in I90dc41bc77993bd83b80c92286e015e14f290b45
Change-Id: I8a0b1728cc66c4861f69623b1b16b1f759b57b25
Skip with a notification that a command was not found when trying
to run a dump that relies on optional external command.
Otherwise we produce noise in the error output that is misleading.
Change-Id: I0e3d99da8c54d2912463ecba7c1783864a7c7fc7
Closes-Bug: #1548833
Closes-Bug: #1506873
When running pkg/elasticsearch.sh the following files are created:
.localrc.password
files/elasticsearch-1.4.2.noarch.rpm
files/elasticsearch-1.4.2.noarch.rpm.sha1.gen
files/elasticsearch-1.4.2.noarch.rpm.sha1.txt
Change-Id: Ie2ab8b7fe72f51cb350e1f46ca97570b84047ac4
Closes-Bug: #1548201
Since https://review.openstack.org/#/c/281779/2 have been
merged the telemetry integration job is broken.
Unfortunatly, it can't be fixed on our side, because we have to
rename SERVICE_TENANT_NAME in many devstack plugin, we can't merge thing
until all plugins have been fixed.
So this change restores SERVICE_TENANT_NAME, to be able to switch to SERVICE_PROJECT_NAME.
Related-bug: #1548634
Change-Id: I14ebf23aa63f0f153b934ad213a6209d22e73e9d
Commit 7dbcfae introduced a subnetpool needed for the
auto-configured-topology Neutron extension. However, it allows
only up to 4 tenants, then you'd hit an error about no more
available IPs. This patch changes the size of the subnetpool
and the subnets it creates.
Change-Id: I4f43bebc52fb20e39853a1632fe31506958f5071
The uwsgi keystone jobs are failing with an error like
+ devstack/functions-common:_run_process:L1391: setsid uwsgi /etc/keystone/keystone-uwsgi-admin.ini
+ devstack/functions-common:_run_process:L1395: exit 0
execvp: No such file or directory
I think this is because uwsgi isn't installed on the images. The fix
is to pip install it.
Also, use the full path to the uwsgi executable (even though execvp
is used) because eventlet (calling keystone-all) does.
Also, the uwsgi process wasn't shutting down on ./unstack.sh. This
is worked around by not running master process.
Change-Id: Id02e16c5149ba3dfa13051e87cfccd8e505b7362
lib/tempest is using / setting a ton of globals, a lot which don't
look used. As a first step to converting over to s/tenant/project/
make all of these local which means they can not be impacting anything
outside of this function. That will make them safe to change names
later.
Change-Id: I380dd20e5ed716a0bdf92aa02c3730359b8136e4
This replaces the use of TENANT variables with PROJECT ones during the
initial setup. The openrc will still export a OS_TENANT_NAME because
many tools (cinderclient, glanceclient amoung them) will not function
without it. We warn when we do that.
Change-Id: I824b1121842eb5821034071874bf1bb2d7c3631e
override-defaults mechanism allows us to define
s_neutron_plugin_security_group before loading lib/neutron,
and we no longer need to have a plugin-specific file in
the master DevStack repository.
Change-Id: Ib0f6e3d9463357d2dd66a2d61b8c722fa1f0bfba
Depends-On: I8b19b8f1b0694a96132f158146848aee7d14e8ff
Neutron implemented an extension to allow users to automatically
provision a basic network topology to connect their instances.
One of the requirements for this feature is to be able to mark
an external network to be the one to be used for external
connectivity. Another requirement is subnetpools, which are
used to determine the IP space to allocate for private tenant
networks.
This patch codifies these requirements. The provisioning
needs to be made conditional based on the extensions
needed for this to work correctly.
Partially-implements: blueprint get-me-a-network
Change-Id: I43ce5d65e754f131f7ca1ce2088a397d266cf821
In the "I can't believe I missed this" category -- the existing strip
method removes shortest match (%); which fails when you put another #
in the comment (like "refer to bug#1234"). Change to the longest
match which should strip everything from the first "#" to the end
(since that's going to be the longest).
Change-Id: I47f5e710ebd87b0f54549732e7d64cf42c7a6b65
The devstack plugins list can be generated through web requests in
environments (such as the proposal slave) that lack copies of all
the relevant git repositories.
One downside to this is that there is no way of getting the last
modification time of the plugin.
Change-Id: I2c5c9282a8ad80014cad171a4dfbdc8f26044cd1
in fedora postgresql is the service name and postgresql-server is
the package.[1]
os: Fedora release 23 (Twenty Three)
psql: psql (PostgreSQL) 9.4.5
i'm not entirely sure when this changed, but it's devstack is broken
in above environment.
[1]https://fedoraproject.org/wiki/PostgreSQL
Change-Id: Id940fed2a777ca469ce77402e1136251ba572359
The DevStack module of Ironic added a new configuration variable called
IRONIC_IS_HARDWARE that can be set to True/False to indicate that we are
setting up devstack to deploy physical or virtual machines (see the
depends flag). Prior to that, the devstack code assumed that if the
driver name loaded is != *_ssh then it's a physical hardware but now we
need to kill this assumption because we have means (see the virtualbmc
utility) to test drivers such as pxe_ipmitool and agent_ipmitool using
virtual machines.
Depends-On: I5edc51c7fc8b6f0bb7fe4ca129596709a32eb93e
Related-Bug: #1544642
Change-Id: I8b6363bbe280ddd2720c570851bc40e2804a40e2
These flags were not functioning as described. Check if UNSTACK_ALL is
set in env or -a flag is set when calling script.
Change-Id: I128d32b1e74ee46e24a9eb2e81560e58137b1553
Closes-Bug: #1546687
This reverts commit 8a3b7d424d.
This change masked a non-backward compatible change made to the
Neutron core API. This is being cleaned up and thus this workaround
is no longer required.
Depends-on: Idf516ed9db24d779742cdff0584b48182a8502d6
Change-Id: I6695a6e17df1a395ada4ecf2b063b2c20870d99d
There's no need to change these Tempest's default anymore.
The feature flags are left in Tempest so that downstream distros can
continue to use Tempest to test Juno.
Change-Id: I99f286d0febb1675b8feb91b6801ad0b159da332
We don't have a new bashate release yet, but this fixes some minor
issues when used with bashate trunk.
The only two things triggered are stricter checking of assignment in
local declartions (catches quotes) and one instance of evaluating
arithmetic result in tools/xen/functions.
Therefore, hopefully, this change has no effect!
Change-Id: I3fd5d55236e90c2f2c25243af87adaf0c1b763e2
Update to bashate 0.4.0. The biggest change in this is that bashate
does a syntax check with "bash -n" which can be useful
Change-Id: Iff625ef2181dfaba28349dc17de0749faddec539
Adds LinuxMint to the distro checking. This allows linux mint with
the FORCE option to run. This will not fix for other distros that
do not pass the checks.
Change-Id: I42599c1bd851d2b61a56a3960f42ad051aab1727
Closes-Bug: #1545864
It was pointed out in I42599c1bd851d2b61a56a3960f42ad051aab1727 that
after I46a2c36d95327087085df07cb797eb91249a893c we now die if we can't
determine DISTRO, rather than take a guess.
After some consideration, I don't consider this a regression. This
default matching was basically only working for LinuxMint, because we
already have some matching there for setting os_PACKAGE that makes us
know the platform is Ubuntu-ish.
However, I would certainly agree it is not particularly clear as to
why. This just adds some comments explaining why we can not just add
a default DISTRO fall-through and directs implementors on how to add
support for their platform.
Change-Id: I4b07259be1427d86a7154906646073d08dd07294
Keystone is going to remove support for eventlet. Rather than only
have one way to run keystone (in Apache Httpd with mod_wsgi), we
should continue to gate on multiple wsgi containers to ensure that
keystone remains container-agnostic. The suggested alternative
container is uwsgi.
To run keystone in uwsgi rather than httpd or eventlet, set the
following env var in local.conf:
KEYSTONE_DEPLOY=uwsgi
There's a lot of options to uwsgi. Here's some protips:
http://uwsgi-docs.readthedocs.org/en/latest/ThingsToKnow.html
Change-Id: If3b49879ce5181c16f0f0ab0db12fa55fe810a41
Currently there's a boolean KEYSTONE_USE_MOD_WSGI to switch between
running keystone in mod_wsgi and eventlet. We've got a need to
support more/different deployment options (e.g., uwsgi), so a
boolean is inadequate.
A new input variable KEYSTONE_DEPLOY is introduced that can be
set to mod_wsgi or eventlet (and other values in future) to
control how keystone is deployed. KEYSTONE_USE_MOD_WSGI is
deprecated.
Change-Id: I9b2815e6f007309f088346df9ac48e6a24ae3656
Enable use of memory cache by default for Heat. It will provide a boost
for various test builds and will help test this configuration.
Change-Id: I06183138d54c1cb971a58a158a15f3f5b25cba4d
It makes it a bit easier to read the output since each new command is
now visually separated from the output of the previous one.
Change-Id: If441c61bb6f13f85f771dd31609b10d3dd1ee93c
Neutron hugely relies on namespaces, so we should try to dump
internal IP stack state for non-root network namespaces.
Change-Id: Ib980d22fbf3c6b680473754fa2b1684c2ef91b72
This patch enables the virtual console for Power systems /dev/hvc0
and sets scsi bus and virtio-scsi model as default.
The virtual console hvc0 enables full console including dmesg.
High performance virtio-scsi driver keeps the efficient design of
virtio-blk with effective SCSI passthrough.
Change-Id: I0b5cd4a15d30f06fc7993555d91d6907bd1acbd7
We have a fix in Nova which should make this unessessary,
revert to see if that's true.
This reverts commit 61aa0e9f19.
Change-Id: If109af452ad583417e3a3a3ef1c9b545f1ec9b89
Running OpenStack in a container can be a useful workflow for developers.
The primary benefits are faster performance and lower memory overhead
while still providing a suitable level of isolation.
The guide walks the user through procedure for configuring an LXC container
and deploying OpenStack in it using devstack. It also discusses the limitations
of this setup - particularly related to cinder.
Change-Id: I2e0921fd118cfe98cef86ba110a94b3edccf9a29
Horizon now uses the WEBROOT to populate the value of $webroot in
the CSS code. The CUSTOM_THEME_PATH pointing to the webroot theme
to explicitly set the same value is no longer necessary.
Closes-Bug: 1540801
Change-Id: Ic212796ee0905751ac3fd619bbbc902d25ea10d5
This was removed in commit 19363fc1e7 as
an unneeded F21 dependency, but due to missing dependencies as
described in the bug, /usr/lib/rpm/redhat/redhat-hardened-cc1 is
required and is provided by this package.
Change-Id: I2c0c3b0198d795d947fd77005fd7528de561dfcb
This is just another code path for little benefit in devstack which is
going to rot out. We should be opinionated here and only support the
dynamic catalog.
Change-Id: I4e5c7e86aefe72fc21c77d423033e9b169318fec
The keystoneauth1 library replaces the auth_plugin option
with auth_type. In neutron.conf, change [nova] auth_plugin
to auth_type. In nova.conf, change [neutron] auth_plugin to
auth_type.
Change-Id: Ifbd26b8999e453f4cd875e1be3ae1211bdd8fb2a
As of 9de8f7230d069e4da9736f09ad5d17773315b476 nova is now attempting
to import libosinfo packages, so install them for goodness sake.
Change-Id: Ib481dda475dd2975a513052478be0007aa1cf4a8
Related-Bug: #1543288
This commit is a workaround for respecting upper-constraints. Since
we're using tox to handle setting up a venv and running tempest
commands we need to manually install the constrained packages inside
the tox venvs. This patch does that for all the venvs being created by
devstack via tox. However, since tempest has additional tox jobs
defined if those are run via devstack those will default to the
default pip install -U -r requirements.txt defined in tempest's
tox.ini.
Change-Id: I7f84dfb67a3c97003947aefd8a7e3c6454106db4
Closes-Bug: #1543841
This commit will unblock the world breakage caused by the recent
cliff release. This exposes a hole in our constraints usage in
devstack. We need to fix this bug for real in devstack and cliff,
but that will take a few minutes to an hour or so. So let's just
change the usage in the meantime, we can revert this when things
are fixed for real.
Related-Bug: #1543841
Depends-On: Ic63612dc50e064a3a69b88618e394ba17e083c22
Change-Id: I19e477fa5068474bc3471307732f89adaafb2952
If FUNCNAME[0] is undefined and 'set -u' has been used it will cause the
devstack run to fail.
Handle undefined values in PS4.
Closes-Bug: #1543749
Change-Id: I06a013a5e7683e3a3461ff06361d867f61d48e6a
There are some parts of devstack we should really delete, but we have
no idea who is using them. Push out some deprecations so we can look
at this through logstash.
Change-Id: Id5c8748606cce16f64e978ad7ac9309bebac0eb7
Remove the microseconds from the apache logs and move back to using
milliseconds. There is no longer any 2.2 workarounds in the keystone
setup process.
Change-Id: I8787eee41fbde1f9794aeffe1e862af0d5117bc3
Having multiple clouds with the same name in clouds.yaml confuses
openstack client config and it may not choose the intended cloud.
Unfortunately the new alt_demo user's clouds.yaml config used a
duplicate name creating confusion for clouds.yaml consumers.
Correct this by using a unique cloud name, devstack-alt, for use by the
alt_demo user.
Change-Id: I2cb8f10ab5abfedf76ead309f237730ce8ce2ad4
After staring at a bunch of logs, try to crisp up the ps4 output for
maximum readability.
This also adds PS4 to all calling scripts by having a common PS4 in
stackrc. It should make understanding when clean fails a bit more
straight forward.
Change-Id: Ia1f8dff5c1102c32c146a020a9f033c65d2c50de
Tweak a code comment based on a review comment from Steve Martinelli in
https://review.openstack.org/#/c/275121/ where the alt_demo user is now
always created.
Change-Id: I9e9a769f601e52c030e9f6953f1746788c24a185
Allows the definition of the global variable OVS_BRIDGE_MAPPINGS (e.g.
in local.conf) to automatically trigger the creation of multiple OVS
bridges. For example:
OVS_BRIDGE_MAPPINGS=physnet1:br-br-enp0s20f1,physnet2:br-enp0s20f2
should automatically yield the creation of two bridges, respectively
associated to the two physical networks declared,
by simply running DevStack with the OVS agent enabled.
Documentation has also been added to doc/source/guides/neutron.rst.
Change-Id: I79dc0213c9d70ba628621c4c0f65481783590085
Closes-Bug: #1535835
The g-search service was promoted to its own project and it's now called
Searchlight. This patch removes that code from devstack.
Change-Id: I9dd7ce62f0339911e025329b8a841792219ea02b
For testing reasons it's typically very useful to have a second non
admin user to cross check that it can't do a thing to the first
user. It was useful enough we always created it with tempest (though
we didn't always use it).
This makes devstack always create an alt_demo user, which is available
in occ as devstack-alt. This will help us unwind some of the keystone
v3 breaks with functional tests using keystone cli to build this
second user.
Change-Id: Iaaf02469180563e2d8c413fee0ee66ada2296cfa
It seems like the fallout from this was not well sorted.
A lot of things aren't working, and there is still vestigial
v2 bits left behind.
This should have come with a much greater warning and some
spot checking of additional services working with this.
This reverts commit b162a1d58c.
Change-Id: Ia792b23119c00089542ba08879dca1c29dc80945
This generates the plugin-registry document from a static header,
a scan of openstack/ git repositories, and a static footer. It
is intended to be run by a periodic job proposal bot to keep the
list of plugins current.
Change-Id: Ia04ab72900c8efd5d5289fbd7632201dcaa3e5d9
Full class path style configuration of options scheduler_host_manager
and scheduler_driver are deprecated because of dependent changes. This
commit changes the related configurations to use entrypoints in setting
up nova scheduler in devstack.
Related to blueprint scheduler-driver-use-stevedore
Depends-On: I8c169e12d9bfacdbdb1dadf68b8a1fa98c5ea5bc
Depends-On: I3fd42ead44487a21eb5cfaf5a91209277ce30ad0
Change-Id: Iad96c270073b63719237cf9a9aa1c2dc4daa213a
Add:
export PS4='+(${BASH_SOURCE}:${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }'
To stack.sh to provide additional debug info. This will show the
filename, line number, function name, and the content of the line.
An example output line:
+++(/opt/stack/old/devstack/functions-common:675): get_field(): local data field
Info on this PS4 variable found at:
http://wiki.bash-hackers.org/scripting/debuggingtips
Change-Id: I272df6c79f6ff7afa8f102da24706558d9169eda
This was something we used a while back, but since support
for sections was added to devstack local.conf parsing we
don't need this, and actually prefer just using the
sections in local.conf.
Here's an example of how to achieve the same thing via
local.conf sections:
CINDER_ENABLED_BACKENDS=solidfire
TEMPEST_VOLUME_DRIVER=SolidFireDriver
TEMPEST_VOLUME_VENDOR="SolidFire Inc"
TEMPEST_STORAGE_PROTOCOL=iSCSI
[[post-config|$CINDER_CONF]]
[DEFAULT]
CINDER_ENABLED_BACKENDS=solidfire
[solidfire]
volume_driver=cinder.volume.drivers.solidfire.SolidFireDriver
san_ip=192.168.160.3
san_login=admin
san_password=admin
volume_backend_name=solidfire
Change-Id: I8068fd4fb14510b15c31edf490283454f167f6c6
Enable keystone caching since there is now a memcache server available
for the middlewares to cache validation. Offload queries to the
keystone backend to memcache as well.
Change-Id: I6d1d28f5b974e79d44d1e86ea53c666e3f5771df
Live migration will not currently work with a multi-node DevStack
environment due to the libvirtd process running as root and the compute
process trying to use the stack user's SSH keys with the default live
migration URI.
The multi-node documentation is updated to outline how to configure the
SSH keys between the source and destination stack and root users so that
live migration will work as expected.
Co-Authored-By: Taylor Peoples <tpeoples@us.ibm.com>
Change-Id: Ifed7e95cd5ba43a05a4099a3664cbefde3e0a749
Closes-Bug: #1487262
This patch sets Keystone v3 as default in services
configuration files and in the openrc and stackrc scripts.
Change-Id: I24546f02067ea23d088d383b85e3a78d7b43f165
Partially-Implements: bp keystonev3
Use the preferred logging_user_identity_format option to specify an alternative context format
in log files. The removal of defining logging_context_format_string brings this more inline
with optimal production configuration of using the defined default. logging_user_identity_format
is set in devstack to maintain current compatibility of names instead of ids.
Change-Id: I3807d76b91b6cc1614b4a9a203509f8e1ad7146d
The pip issue pypa/pip#3384 has already been fixed after pip 8.0.1
released. But leave the facility to easy flip this on in the future.
TrivialFix
Change-Id: I49658ce4056c773943321270defd461bbf3e9fb9
fixed ips are not cross host accessible in our current config. So
always configure tempest to use floating ips.
Change-Id: I1cf605229070024c9d5d29c7a08967aa505fda7b
Option "verbose" from group "DEFAULT" is deprecated for removal.
Its value may be silently ignored in the future.
If this option is not set explicitly, there is no such warning.
Furthermore, the default value of verbose is true, so there is
no need to set this value in config files.
TrivialFix
Change-Id: I581238e661c2eb0c29dd915d1b1e4773dcdeb4c8
Commit d5004a3802 introduced the package
"redhat-rpm-config" to make the Fedora 21 gate job running again.
As we dropped the F21 support in December 2015 with
commit 90bc586772 we don't need
this package anymore.
Change-Id: I71b969b7fd6651082451f6c4fd1e01d205771a11
Devstack used in development is about things coming and going
quickly. The long dhcp leases mean that we might miss a release, and
keep a stale lease around for way too long. See if this helps.
Change-Id: I9a58a4e64777f56ad7ec66242a319f985469469e
Instead of using in-process caching for tokens per service per
worker (disabled by default now), use a shared memcache to cache
token validation(s). This should both offload/speedup validations
and avoid the issues surrounding inconsistent validation responses
when using in-process caching [since each worker caches separately].
Change-Id: Ifc17c27744dac5ad55e84752ca6f68169c2f5a86
In RHEL under proxy, installation by stack.sh failed
because of rdo-release.rpm install failure.
This patch fixes install command for rdo-release.rpm
because it is caused by lack of http(s)_proxy.
Change-Id: I176d1e140f52e1bb0343170ba4d90c06b98d5a99
Closes-Bug: #1536478
We don't write files here anymore, but it's higher in the precedence
order than the /etc/openstack/clouds.yaml file we do write. Some
developers who have long-lived devstacks who update infrequently have
been bitten by the leftover file.
Change-Id: I8af6bd465f74099c560dddba6b5221dd79cbc965
Setting path_mtu to reflect mtu for physical devices that handle traffic
issued from br-tun makes ml2 plugin to calculate mtu for tenant networks
properly, considering encapsulation headers. After that, calculated mtu
values can be propagated into instances (currently, only DHCP approach
is implemented; RA support for IPv6 subnets is under review).
This change allows to run tunnelled tenant networks in multinode when
underlying physical devices don't support jumbo frames.
Note: changing the default value in neutron would not be backwards
compatible, since it could slow down east-west tunnelled traffic in
clouds that run on jumbo-aware networks.
Change-Id: I8287677c7ad0f13fa9f5cb194f9372d04b78cb61
Related-Bug: #1527675
Not all yum failures has to be considered
catastrofic failures also because install_package
function should implement the same behavior in Fedora,
CentOS and Ubuntu. Let return the error to be solved at higher
level.
Change-Id: I93e9f312a94aeb086925e069a83ec1d3d3419423
Closes-Bug: #1522590
Pip 8 just release which made uninstalling distutils installed packages
fatal. This was previously a deprecation warning and is now causing all
dsvm jobs to fail.
Depends-On: I511d216d9d8619c7cf919c482aaead4e833cdaac
Change-Id: I22f5c3af1adf96cfbd5747122f915a82e947843a
This commit adds a success output for the entire devstack run to the
subunit output. Ideally we wouldn't need this, but because we don't
have timing data for every single operation performed by devstack we
need to do this to track the total duration of the devstack run.
To capture failures this commit adds saving a devstack event when we
trip the exit_trap. This will save a similar result to the stream in
the successful case, but instead mark it as a failure.
Depends-On: Icc7df33e4d73ba6322af38fbdf3aea230f2fcf4d
Change-Id: I07112dde996c3e2c73f5aafc9b73d33d26374633
It turns out that we need to be even more restrictive on the cpu flags
we expose as some clouds don't expose vme or ssse3.
Fixes-Bug: 1535799
Change-Id: I6c8c1101771d1c5496884be7a405285472ae803a
the /etc/openstack directory needs to be removed with sudo privs,
the loop at the end will not suffice.
Change-Id: Icc0ac45f9216d538ca214176d90241f973a4687b
It was probably finally removed by one of recent refactoring changes.
Now ironic gate fails due to Swift trying to access it to override OS_AUTH_URL.
This change drops this override and just uses OS_AUTH_URL.
Closes-Bug: #1535245
Change-Id: I145bec110c4299e61f2bce49df41dcd82e5d462d
lib/glance restricts the disk_formats to those supported by XenAPI, so
tempest needs a similar restriction for the disk_formats tested.
Confirmed as passing internal Citrix CI (affected tempest jobs are
currently disabled in voting XenServer CI until this change lands)
Change-Id: Iefa5b16a3fa1789ed583426ea47ebb22e6cb571e
OSprofiler is now under Oslo:
https://review.openstack.org/#/c/103825/
And we really need this patch to make proper dsvm job for
OSprofiler
Change-Id: I20f59c52c147303de01544dc975a82b4a741a1b9
We are seeing a lot of gate failures as vm(s) are unable to acquire
DHCP leases:
https://bugs.launchpad.net/nova/+bug/1532809
we need to set log_file for nova-dhcpbridge configuration, so clone
the nova.conf and set the log_file properly to a path where the
CI can pick up from for analysis.
Change-Id: Iec4fe3f2235da9d1f5bd399d4ffc45af516c58ce
override-defaults mechanism allows us to define
s_neutron_plugin_security_group before loading lib/neutron,
and we no longer need to have a plugin-specific file in
the master DevStack repository.
Change-Id: I37d5012e89cb3650e4f325b6d77d70f28f87d3e7
Depends-On: I5e02acd288e53dd06a369d348ec77ead57d476fd
override-defaults mechanism allows us to define
s_neutron_plugin_security_group before loading lib/neutron,
and we no longer need to have a plugin-specific file in
the master DevStack repository.
Change-Id: I78a4e05fa72b1dd545b8d9e97a8fd8fdbf23739c
Depends-On: Id6765245459c1aff3aab27dbc60d320ce2951b38
As of I8bf7cbaa7015bb61656ab90ccc8f944aaeebb095, Nova
removed the n-obj service, so we should cleanup
Change-Id: I7db3796a6448decb4ac5e66d980f487c7d1f394e
The existing GetOSVersion has a lot of unused code which is wrong in
several ways
- the only path tested in upstream CI is with lsb_release, because
it's pre-installed on all nodes
- the /etc/redhat-release checking probably still works, but is
unnecessary
- If using lsb_release, os_UPDATE has never actually been set.
- the /etc/SuSE-release branch checking is broken if the lsb package
is actually installed. lsb checking does not set os_UPDATE but yet
the SuSE DISTRO setting relies on this to set a patch level (and so
does some of the rpm tags). SuSE 11 is up to update 3, but the rpm
matching is stuck hard-coded to update 2. I'm guessing
installation is actually broken there.
- the debian checking branch is broken. The VERSION tags have been
removed and were not supposed to be relied on anyway (see notes in
[1])
This simplifies things:
- remove OSX checking (moved here after discussions in
I31d0fdd30928ecc8d959a95838b1d3affd28ac6f)
- only use the output of lsb_release.
- A small best-effort check to pre-install lsb packages if not
detected (that avoids chicken-egg-problem of package-install
wrappers relying on os_* flags).
- The unset os_UPDATE is removed. It's only previous use was for
setting separate suse versions in the DISTRO element for matching
during package installs (since removed)
- DISTRO setting is modified to use the parts of os_RELEASE it wants.
Per-above, this is the correct place to parse out specifics.
- Call out the is_* functions, which are a better way to detect
platforms
- Export the variables as read-only, since they shouldn't be reset
[1] http://sources.debian.net/src/base-files/7.5/debian/changelog/
Change-Id: I46a2c36d95327087085df07cb797eb91249a893c
Add diskimage-builder to the list of libraries so it can be installed
from source to be tested in gate.
Change-Id: I6cefac1eb4ebf0196a6b4d4bfc038c00921f0d70
This reverts commit 00b5f4af92.
This patch was merged before the timeout was merged to
tempest. This means that devstack is currently referencing
a non-existent config option. As such I think it needs to be reverted.
Change-Id: I947261dc330ef35efce1ecd805ba6e649e81a6aa
there are a few lingering instances of SERVICE_TOKEN in the docs
and some of the scripts in tools.
Change-Id: I9d2147eea6639db1f4ea15a259c147eecfc339ff
Be gone ADMIN_TOKEN, long live keystone-manage bootstrap.
This patch reworks the initial setup for keystone by using
the new bootstrap command. After a minimal service catalog
has been created, using this process, we simply authenticate
as usual.
implements bp: bootstrap
Depends-On: I113c6934b6b83ceff23a94101967a6df1126873f
Change-Id: Ia1475d461eab60b68c6a0356714b21c7f92e0194
test_volume_services works incorrect with host info if it includes
backend name (host@backend). The test is skipped by default for
Liberty and Kilo gates. Need to add flag to unskip this test in new release.
This fix related with bug #1530144 in service-list filter.
Change-Id: Ifdc0bab819c05a00cd0c20316bd81961cf6aeb88
Fix an issue where apt-get consistently hangs due to a SIGTTIN being
received. This occurs on a 'vanilla' devstack-gate VM, when running an
ironic-grenade job.
Upstream has a bug related to this:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555632http://www.gnu.org/software/libc/manual/html_node/Job-Control-Signals.html
Macro: int SIGTTIN
A process cannot read from the user's terminal while it is running
as a background job. When any process in a background job tries to
read from the terminal, all of the processes in the job are sent a
SIGTTIN signal. The default action for this signal is to stop the
process. For more information about how this interacts with the
terminal driver, see Access to the Terminal.
Change-Id: I8b1f3dccf329bb88e017eff7492da5e701b4892c
Closes-Bug: #1532080
Not all yum failures has to be considered
catastrofic failures also because install_package
function should implement the same behavior in Fedora,
CentOS and Ubuntu. Let return the error to be solved at higher
level.
Change-Id: Ia33bb98f47017f6ec00eb3b7261ed42d72efc573
Closes-Bug: #1522590
Boolean logic used in install_package was wrong:
on nominal flow packages were actually installed twice.
This should fix it.
Change-Id: Ia465414936b272d04523a11f83d6ded378fe1daf
Closes-Bug: #1518544
Change 4d8c03a3 added logic to enable rabbit on Fedora/CentOS systems
whether or not rabbit is enabled. This corrects that to only enable
rabbit when it is configured as such.
Change-Id: I270e79ff989176770d65df1ac0ac4e2c4382bb9a
Signed-off-by: Kyle Mestery <mestery@mestery.com>
On Ubuntu, after a successful ./stack.sh and ./unstack.sh, if one
"apt-get purge tgt", then the directory /etc/tgt/stack.d/ still
exist (i.e it is not purged) but /etc/tgt/targets.conf is removed.
Thus any subsequent ./stack.sh would fail to configure
/etc/tgt/targets.conf properly.
Change-Id: I252789f3f39bd64b5a1e7d9abb923386d2a158dd
Add "KVM for IBM z Systems" to the list of Fedora-like distros.
As the distribution does not have a dedicated kvm package,
prevent the installation of the kvm package during the libvirt
setup.
Change-Id: Ibb5c60797d6867264f9dea7fea85cdf1d7c72ded
Solve the devstack ./rejoin-stack.sh when is reboot-safe in RHEL 7.
Enable mysql, postgresql, rabbitmq-server, openvswitch service when on boot.
Change-Id: I3ce9fc58ccc76092ad08314de1c3c9339ebfb3b5
Related-Bug: #1486833
Keystone further broken apart the assignment backend into: role,
resource, and assignment. We should define the backends in the
config file and allow users to override the default by passing in
their own value.
Change-Id: Ieb22c428609d3db852814c7eceb77efa6bbde633
The default filters of nova don't contain SameHostFilter and
DifferentHostFilter, so we cannot test them on the gate.
This patch makes these filters available for the development.
Change-Id: Ia6b4847e9bb21048d254d0a460ae4c5be896b17b
Closes-Bug: #1526620
If you configure devstack with the following three values,
for example:
PHYSICAL_NETWORK=eth0
PUBLIC_INTERFACE=eth0
OVS_PHYSICAL_BRIDGE=br-eth0
This will cause devstack to create an OVS bridge, create a port for
eth0, and add it to the bridge (along with it's IP address).
The problem is that on unstack the port is never deleted from OVS,
so eth0 gets "trapped", not showing up in any of the OVS commands,
but not usable by the system. The only workaround is to unload the
OVS kernel module.
There needs to be an 'ovs-vsctl del-port ...' call at the end of
_move_neutron_addresses_route() on unstack - the antidote to the
'ovs-vsctl add-port ...', that happened on stack.
Closes-Bug: #1516801
Change-Id: Id2ff60f1f8e8fffff1eaffd68d9de4f6aa772943
Keystone now provides an "ldap" in extras to install its ldap
dependencies so devstack doesn't have to track the python
dependencies itself.
Installation of the extras is done in an extra install line. This is
slightly redundant, however this pattern works much better from an
install stand point as it supports an arbitrarily large number of
extras.
Partial-Bug: 1479962
Change-Id: If0f0ff48f3d6b3c414f2d6fcd747ecf45a397658
Recent pip supports using [extras] to install extra dependencies
from the project setup.cfg. Add support so that projects can take
advantage of it.
For example, if devstack is configured to use ldap, install the
extra ldap dependencies using:
setup_develop $KEYSTONE_DIR ldap
Partial-Bug: 1479962
Change-Id: Ic13d95b99aaa4d3854b2723343e90f5de6b98aa2
Fedora 21 reached its End Of Life (EOL) on 1-DEC-2015[1]; remove it as
supported distribution.
- stack.sh: Remove Fedora 21 from list of supported distributions.
- tools/fixup_stuff.sh: Make the minimum Fedora version to be F22 in
from a conditional check in 'Python packages' section
- files/rpms/general: Remove 'f21' from NOPRIME.
- lib/ceph: Remove 'f21' from the check_os_support_ceph() function.
- doc/source/index.rst: s/Fedora 21/Fedora 22/
- pkg/elasticsearch.sh: Remove the 'if' conditional in the
install_elasticsearch() function.
[1] https://fedoramagazine.org/fedora-21-end-life-december-1st/
Change-Id: Ifbcc3dd783ff2f362a464fbf4ca22f20cc2c658e
Change I855ffe9c7a75e9943106af0f70cf715c34ae25c5 and
I368fec44858bd97fc6a314fb20eed2b10932cbb1 added timing
infrastructure which hides the return value of
the main commands. Restore the prior behaviour.
Change-Id: I4a536abefa7824ac6d42e7bbbf1079d9cc055984
Closes-Bug: #1518545
Those were originally used to bootstrap with admin-token from keystone,
but the openstack client is fully configured now, leaving no reason to
not just use the actual users that are there.
Change-Id: I80bdee33a78a97f5d3910aa36dc331f19780d2f1
We're trying to get things to use volume v2 by default. devstack already
deploys a v2 endpoint. Tell clouds.yaml that this devstack cloud is a v2
enabled cloud.
Change-Id: I6f792ce65153389aa1ee133e9bd363c394b28534
Closes-Bug: 1467589
This function returns list of sections from specified INI file.
It is needed for I7938f26015d953efdf720774b5ad2cee4068ac90.
'iniget_sections' is needed for automatic node enrollment to
Ironic from INI syntax file.
Change-Id: I52a69ad3bc8fc528e7f20e6b03a98f327acaaa74
Implements: blueprint ironic-ml2-integration
XenServer install with devstack doesn't support local.conf, this fix
is to add support for using local.conf and backward-compatibility of
localrc
Change-Id: Ie494e01f8f1ecb8720e14392ef3f12d5a5a01dcd
Closes-Bug: #1528520
We cannot restore a backup to a larger volume on ceph because it
fails with status "error_restoring". This patch adds read/write
permissions to volumes pool for backup user. We need such permissions
to change volume size during restoring backup when the backup is
smaller than a volume.
Change-Id: I794c1126bcee4e07baf5a9dcfee779fd61da5636
Closes-Bug: 1519749
Option "auth_plugin" from group "keystone_authtoken" is deprecated.
Use option "auth_type" from group "keystone_authtoken".
Change-Id: I01371bd924114d6470e960a91a3045fe7dc22339
Closes-Bug: #1528746
Neutron-rootwrap-daemon cannot be killed when you stop
neutron services, so here we add the right command in
the neutron stop-service scripts.
Change-Id: I91fefb277427e0e16ff59760b7255e4c7eee1792
Closes-Bug: #1525601
Latest tox causes failures:
File "/usr/local/lib/python2.7/dist-packages/tox/config.py", line 1140, in processcommand
argv = list(shlexer)
File "/usr/lib/python2.7/shlex.py", line 269, in next
token = self.get_token()
File "/usr/lib/python2.7/shlex.py", line 96, in get_token
raw = self.read_token()
File "/usr/lib/python2.7/shlex.py", line 172, in read_token
raise ValueError, "No closing quotation"
ValueError: No closing quotation
This is caused by a backwards incompatible change in tox:
https://bitbucket.org/hpk42/tox/issues/181
Change-Id: Ic28c634cf806394cfa82b61cb45be60b8f40a61a
Currently, the function create_heat_accounts uses the OS_URL and
OS_TOKEN environment variables. This is a bad choice for several
reasons, most importantly we are sending the "ADMIN_TOKEN" value
as a header. There is also no reason to not use a standard admin
user to create these resources.
Change-Id: I70b41d69917b9e53ad09c2c61e022ef09a50acfd
This commit updates lib/tempest to stop using deprecated config
options when tempest is configured.
Change-Id: I65b56ff681d6c27094380693c953fbc3664eceb0
The creation of the IPv6 subnet with provider networks does not
specifiy the correct parameters:
. V6_NETWORK_GATEWAY is specified but never set
- created new IPV6_PROVIDER_NETWORK_GATEWAY
. PROVIDER_SUBNET_NAME_V6 is specified but never set
- created new IPV6_PROVIDER_SUBNET_NAME
. FIXED_RANGE_V6 is being used
- created new IPV6_PROVIDER_FIXED_RANGE
. subnetpool_id is incorrect
- changed to subnetpool
Related-Bug: #1507870
Closes-Bug: #1417410
Change-Id: I9a1ad11bc54529080ec84d4677fa5633708890c7
This removes all of the ironic code from the devstack tree, in favor of
the devstack plugin in Ironic's tree.
Depends-On: I659e3de5c64df798441798ff48ba5c9c0506585a
Depends-On: I2c52bc014f1b0dbc6b0ae22a4deb4132b4c28621
Change-Id: I5125fce295c79600781469c2f48bea80e7600081
Default value needs to be set for service_provider config item in
neutron_vpnaas.conf. This is to support backward compatability
for using the enable_service q-vpn. It should be noted that the
recommended way to use VPN is the devstack plugin.
Change-Id: I0d5960c81c47a138087d480527eff2a8eef59445
Closes-bug: #1527483
Tempest does not test EC2 by default anymore:
Ib5e24e19bcba9808a9f49fe7f328668df77fe4f9
So we don't need to run nova ec2 API service by default.
Change-Id: Ieec0ca1361baf0978d96e69e1134f699c1af3bb9
See review 258670 for more information. The preceeding patch
consolidates Ironic timeouts into one blanket timeout. This
patch sets the new timeout via the BUILD_TIMEOUT variable and
removes the deprecated timeouts.
Change-Id: I320461b2b40aa2b68afc38a901a5933e39aac1b6
Related-Bug: #1526863
See if using fixed IPs for connectivity to hosts is more reliable than
floating ips, which really were not intended for these purposes (at
least in nova-net).
Change-Id: I251710ee9186a68bb3ddc58ca803c33b81c8ac49
Previously horizon configuration and start are done too early
and as a result horizon init and start need to be run twice
after horizon plugins are enabled.
- horizon config was done before "run_phase stack install"
- horizon init and start were done before "run_phase stack post-config"
This commit rearrange horizon setup to the appropriate phases
defined in the devstack plugin interface.
- Configuration of horizon settings is moved to configure_horizon.
- horizon config is now called between run_phase stack install
and post-config.
- horizon init and start are now called between run_phase stack
post-config and extra.
Change-Id: I8bf2ceaf7734c4f7cec68bc05d7cdbae81ef311e
All keystone extensions have been moved into cores and are
enabled by default, there is no need to configure the extension
in devstack but configure it in devstack will block the
install process.
Change-Id: I7d21b122c641f601295ee7ece3583404b3874dbd
Closes-Bug: #1526033
Generate the Neutron VPNaaS sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Icef8f7e8f0e8e78bfffa7a5af3f9f2300376b115
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I4a6094b8218dfd320d05bfb1e3bc121e8930c551
SQLALCHEMY_DATABASE_DRIVER is no longer used
after If6d8d08e5b7b7c48ca012677b536d71058def6fd .
Also, remove mysql connector packages from the install list.
Closes-Bug: #1523377
Related-Bug: #1493304
Change-Id: I5ecbc3b0bac989faa5c46d3c2866558a505414d8
/etc/libvirt is not world-readable (at least on Fedora and RHEL) so
use sudo with the grep that checks whether we have already configured
libvirtd logging. Also, change the regex so we don't count commented
out logging config.
Change-Id: I67484b28aafd0fa828385321fa96d9141cb4cb59
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
n-api log output WARNINGs that vnc config options group 'DEFAULT'
is deprecated. New vnc config options group is 'vnc'.
This is change of Nova.[1]
This patch changes the vnc config options group 'DEFAULT' to 'vnc'.
[1] https://bugs.launchpad.net/nova/+bug/1447528
Change-Id: If54f750bac83298e90bdca27b5992fe2e5fbb712
Closes-Bug: 1483583
Cinder API was pinned to v1 due to openstackclient missing some of the
v2 commands, as reported in osc bug 1475060. That bug has since been
marked invalid, but its intent was covered by the blueprint:
https://blueprints.launchpad.net/python-openstackclient/+spec/volume-v2
This removes the pinning to the v1 API now that osc supports v2. Also
removing the enablement of v1 as it was deprecated three releases ago
and we would like to get more coverage on v2.
Change-Id: Ia4d97734738d026c8721791669110778ff5eb6e5
Generate the Neutron LBaaS sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Iae1e581ec2bea9c0ced700229effcc716d53fe4e
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I25507f3bc6e995580aa91a912c2cf4110757df15
This adds a flag to skip ironic code if the ironic devstack plugin is in
use. This flag will be set to true in ironic's devstack plugin to
indicate that the plugin should be in control, rather than devstack.
This is for the transition period only, and will be removed with the
rest of the ironic code in the devstack tree, once the gate
is configured to use the ironic plugin.
Change-Id: Id01d97fd13fa9f866d645ec5077834ddb78b2b89
Docs specify that this file should be override_defaults, when really
devstack looks for override-defaults.
Change-Id: I3900ec4d16ffb48c6969dac5081ea2817536c246
Using absolute names for the symlink breaks in quite a few ways;
* when creating a tar file of the logs,
* when serving via NFS,
or any other case where the directory gets transferred to
a different machine.
So just create the symlink with relative names, then they'll work
in any location.
Change-Id: I432a69754985fc71feb0068b7adca01066d7bc1b
Many projects like Nova, Ironic etc have implemented the
microversions for versioning their APIs.
Tempest is going to tests those microversions -
I57b78b4c0543b6fb0533b556886a19a03297555e.
For testing microversion in Tempest on gate, we need to set
a valid range of microversion in Tempest config and based on that
Tempest will run appropriate tests.
This commit adds the below range options for compute microversion testing-
- [None, 'latest'] - for master branch as default
- [None, None] - for tests running on v2.0
- option to set the range.
Depends-On: I81e86faca6f8c0ffb7da22154a62236ac25cf0c0
Partially implements blueprint api-microversions-testing-support
Change-Id: I171b862d1bba1af467f5b9a76288216c39e2adda
There are some inter-related changes required to avoid using legacy
fallback/deprecated paths in heat, which result in warnings in the
log, e.g because we fall-back to reusing keystone auth_token
configuration instead of heat specific sections.
To fix this:
- Don't explicitly set deferred_auth_method=trusts, as this is now
the default (since kilo)
- Create a new "trustee" section containing configuration used for
the password auth-plugin associated with deferred authentication
via trusts (support for this was added during liberty to enable
us to stop incorrectly using the keystone auth_token config)
- Create a "clients_keystone" section to avoid falling back to the
legacy behavior of stealing the uri from auth_token.
This also means we can remove the FIXME and auth_token auth_uri
mentioned by jamielennox.
Change-Id: Ie34332a7aec3b9b271df0759dd6ab66b45302832
Related-Bug: #1300246
Generate the Neutron FWaaS sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Ic8208850a27408c8fbeed80ecdb43345aa7dfaa4
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I8e9113dfb88e5290f6eedd012d1a52fc35c3c88c
Previously, devstack would disable ironic's cleaning phase if a driver
with "agent" in the name was used. However, we have begun using the IPA
ramdisk for all tests in the gate, which caused cleaning to be run for
the "pxe_ssh" job which therefore fails due to timeouts.
As a result, for now, we need to always disable cleaning.
As a point of record, we should actually be testing cleaning in the
gate. However, running 'shred' on the disks of a nested VM is too slow
and causes the gate to timeout // take too long. Some options have been
discussed for ways to test the callback mechanism but avoid actually
running 'shred' on the disks.
This needs to be revisited.
Change-Id: Id15cf6cc49122b08e557e44871b31a8c0d20b55d
Related-to-Bug: #1517277
This removes the generic extras.d support, which we said we'd do at
Mitaka-1. In tree extras.d continues to function as before, though we
need stories to get ceph and ironic into plugins, and a better
solution for Tempest.
Change-Id: I8b134446dc08a2c3852423ca71af2f469f85496e
Ubuntu's apt mirroring mechanism produces inconsistent mirrors pretty
regularly. The devstack-gate apt-get update model seems to have been
more effective getting past this than what we did in devstack. Adopt
that method for our updates.
Change-Id: I97c7896ef38b275aacb4f933fc849acee1bab858
Add USE_PYTHON3 and PYTHON3_VERSION variables to allow services to use
python 3 if they indicate support in their python package metadata.
Tested in Heat here -> I837c2fba682ab430d50e9f43913f2fed20325a7a.
Project config change to add a dedicated job to Heat is here -> I0837e62d6ccc66397a5e409f0961edd4be31f467
Change-Id: I079e18b58b214bf8362945c253d6d894ca8b1a6b
When outputting these error strings, turn off the tracing so the user
can actually read it. Also reword the "not root" user message so it
fits into a standard terminal window length.
Change-Id: I466c60865bc1128f4edd219f831a9c6cffa67829
Parital-Bug: #1517199
There are two bugs in add_sudo_secure_path.
Firstly we don't properly check if the file exists, so always append
the new line. This will overwrite any existing changes.
Secondly the logic for checking if the path exists is inverted, so we
miss adding paths when we should. This particularly causes failures
when installing with virtualenv's since the paths are inside the
virtualenv, rather than the standard system locations.
Change-Id: I646fe0c68958470d464fe4f3d81d5c17dd6f2ab6
Closes-bug: #1521241
Generate the neutron core sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Ic37a16b6cf8eb92030649f1fc8b198738a8cc104
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I1c6dc4e7d479f1b7c755597caded24a0f018c712
Co-Authored-By: Louis Taylor <louis@kragniz.eu>
Heat does not support Keystone Trusts when deployed in standalone
mode. This change forces an error when HEAT_DEFERRED_AUTH is set
to anything other than "password" if HEAT_STANDALONE is True and
advises of the acceptable setting.
Change-Id: Ib4ee9d9af396093137a2a0f99f1b18ae153ccdb3
Closes-Bug: #1463837
- To add, initialize and set up a valiable named IP_UP
- To bring up interface after moving IP to OVS bridge
Change-Id: I70f5974c115be6f7e7422a9a325f36cf3b71455a
Closes-Bug: #1469596
I noticed this when debugging some grenade issues failures.
An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.
We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.
When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).
The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.
The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.
Some files had already discovered this. In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste. This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.
Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
Add a pointer to installing clients via LIBS_FROM_GIT to local.conf
sample. Mention in the git tree setup that the projects within are
usually installed via released pip versions.
Change-Id: I245094e51ea4a8ce983f6a1e48b6ab7ca5d309d0
The build_timeout for the ironic baremetal build is at
340s. Modify the unprovision_timeout and active_timeout
to match BUILD_TIMEOUT to avoid frequent failures during
IPA gate jobs.
Change-Id: Idfdc54210e33c71719c7fd0c905d0b802809e173
Related-Bug: #1393099
The root cause is that when provider network is used, devstack
is trying to build ovs related interface.
We need to make a condition such that if linux bridge is used, don't
build any ovs related interface.
Change-Id: I7f26ce7893a0ecce55b3467cd5621abf25745b8e
Closes-bug: #1509705
Add instructions on creating a user to the documentation, and call out
that the standard cloud-users are probably ok too
Change-Id: I1119a43f1d5ae7c0c208bf0cc16e2f7bee29a69d
Forced creation of incremental backup is not
implemented in old release (Juno and Kilo).
The test is skipped by default for Juno and Kilo gates.
Need to add flag to unskip this test in new release.
New test: Idde2c14aba78382b1063ce20269f4832f9fdd583
Change-Id: I565b5941d6067644fc9ca6cb0891d97f4946e031
Partial-Bug: #1506394
Fix to trove has been merged, and autogenerated flavor ID
is available since Kilo.
Related-Bug: #1333852
Change-Id: Ie4b3dd11a23fa5f91cf9ff22dd05f1afd0532cb4
We haven't been testing master on precise for a long time, and changes
are coming that won't work on precise. If people want to keep running
on precise they should realize they are on their own with it. And that
we won't block any changes that use it.
Change-Id: I3697f1c2409ad08f49793dabb37011606188e6f6
This change allows to use f23 without the FORCE=yes option.
Make sure you have latest kernel, or you have kernel-modules
installed for the running kernel.
f21 support will be removed when the gate jobs are upgraded
to use newer fedora version.
Change-Id: I6e3e64088187a7f6da745e3cfb07524fd31782ab
The existing vercmp_numbers function only handles, as the name says,
numbers. I noticed that "sort" has had a version sort for a long time
[1] and, rather than re-implement it badly, use this as a version of
vercmp that works a bit more naturally.
This is intended to be used in an "if" statement as in
prog_ver=$(prog_ver --version | grep ...)
if vercmp $prog_ver "<" 2.0; then
...
fi
A test-case is added to test the basic features and some edge-cases.
[1] http://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=4c9fae4e97d95a9f89d1399a8aeb03051f0fec96
Change-Id: Ie55283acdc40a095b80b2631a55310072883ad0d
ebtables is racing with itself when nova and libvirt attempt to create
rules at the same time in the nat table. ebtables now has an explicit
--concurrent flag, that all tools must opt into to prevent ebtables
from inherently being unsafe to run.
libvirt gained this support in 1.2.11, which is too new for our ubuntu
primary testing environment. Nova still hasn't added this support,
though even if it did, we'd run into the issue with libvirt.
We can do the most ghetto thing possible and create a wrapper for
ebtables that does explicit locking on it's own. It's pretty terrible,
but it should work. And it is the kind of work around that people
unable to upgrade libvirt will probably need to do.
This is an opt in value which we should set in the gate to True.
Related-Bug: #1501558
Change-Id: Ic6fa847eba34c21593b9df86a1c2c179534d0ba5
Swift requirement PyECLib won't bundle liberasurecode
going forward given the package is available in common
distros now. This patch adds liberasurecode-dev(el)
package to the devstack debs/rpms list for Swift as a
PyECLib build/install dependency.
Change-Id: Idbc2ca3f677f1b8153ebf3a5912f4354525a55c7
When determining the primary IP/IPv6 addresses on a system,
we can use the /sbin/ip command to filter them for us. The
resulting address is parsed the same way for both address
families, so we can use just a single command.
Change-Id: I0471ff5a258a16a23061941ac38063dbf3d7c233
Python in f23 and f22 depends on the python-pip package so removing it
results in a nonfunctional system. pip on fedora installs to /usr so pip
can safely override the system pip for all versions of Fedora.
Change-Id: I336c7ffdf00784ca8deba7d6612a08b96a0ad098
Closes-Bug: #1467569
A number of new settings are required for glance, cinder
and keystone to be installable when the tls-proxy
service is enabled.
For cinder a new public_endpoint option was added and this
needs to be set to the secure port.
Keystone needs the admin_endpoint and public_endpoints
defined otherwise during discovery the default,
non-secure versions, will be returned.
The keystone authtoken identity_uri was set at its default value
in the glance registry and API configuration files.
Change-Id: Ibb944ad7eb000edc6bccfcded765d1976d4d46d0
Closes-Bug: #1460807
Add an option to skip the EPEL & other repo installs for rhel7 based
platforms.
This option can serve two purposes; firstly as described in
I834f20e9ceae151788cec3649385da1274d7ba46 during platform bringup, a
publically available EPEL might not be available. This will allow you
to pre-configure a hand-built repo, etc. so you can continue testing.
The other thing is that in a CI system you might be frequently
building images and pre-installing EPEL/RDO etc. In that case this is
just extra work.
Change-Id: I9809449f4a43fa9b547c6e3ca92722c7f6e66d6a
stack.sh creates a user-specific configuration file ~/.my.cnf for mysql.
If devstack is installed with SERVICE_IP_VERSION=6 option in local.conf,
the IPv6 host address was stored in the ~/.my.cnf file with square
brackets. However mysql does not use bracketing for IPv6 addresses,
resulting in 'Unknown MySQL server host' error when 'mysql' command is
run. With this patch IPv6 host address is written to ~/.my.cnf without
brackets.
Closes-Bug: #1516776
Change-Id: I27a7be8c75cf6b09b4a75dc4c9d09cd36bc5ac81
Add a simple test to ensure package install files remain sorted
alphabetically (follow-on from the sorting of the files done in
I01e42defbf778626afd8dd457f93f0b02dd1a19d)
Change-Id: I75568871e92afcd81dac2c3ce18b84aa34cdd289
We wish to fail if we have >0 zero errors, not >1 errors (i.e. exactly
one error did not trigger a failure!)
This change also brings consistency to the pass & failure paths by
ensuring report_results exits in both cases, since report_results is
supposed to be the last thing run in a test file.
Change-Id: Id4721dffe13721e6c3cd71bca40c3395627e98bf
With the release of osc 1.8.0, swift support has been expanded and
we can now remove references to the swift CLI from this exercise
file. Also made minor improvements to comments.
Change-Id: I04069eb6251f8cbf8266183441b2cfdb64defd7d
Controller node wouldn't install libvirt package. The package will only
been installed at nodes which had enable nova-compute.
We only need to configure libvirt secret if it had enable nova-compute.
Change-Id: I9cd6baf1820ce9f71c276d7e8b670307833578a5
Closes-Bug: 1515960
So that it does not end up being the IP address that is picked to move
back to $PUBLIC_INTERFACE when we call _move_neutron_address_route
Change-Id: I3d29d4f11feff308f6ad5d950ef004b48ec11b67
Closes-Bug: 1514984
devstack can call python before parsing the
package requirements, so the python installation
needs to be done eralier.
Closes-Bug: #1488625
Change-Id: I85cca899aeedd741cf7dc695435d61390e260f22
Commit title says it all. I don't know how you feel about these kind
of commits, I feel like it's a waste of resources but I also feel bad
when I see big/obvious typo.
Change-Id: If048bb2dbad1a0b5a13e56b5fa1e6ea7c01eb05e
The lack of a CI for XenAPI + Neutron has meant this support has been
broken over time. This is set of one-off fixes that are needed to
reintroduce support while we work towards getting a CI functional
Related-Bug: #1495423
Change-Id: Id41fdc77c155756bda9e2e9ac0446a49f06f0603
Currently we set USE_SCREEN to SCREEN_DEV if it's set. There is a
comment to remove it once it's eracticated from CI.
AFAICT this pre-condition has been met.
Change-Id: I1423c8b9c18d1b3e34dbfe1c03be735c646a12b4
This attempts to make the zookeeper installation a bit more modular
(assuming that other folks will want to add other dlms as plugins),
and addresses the service start issues with zookeeper under
ubuntu/upstart.
Zookeeper is not going to be installed by default. Services need to
ask for it with use_dlm.
Change-Id: I33525e2b83a4497a57ec95f62880e0308c88b34f
Change I8da7dd95ae24cf06dc7bdc300fcf39947a6df093 added Pillow build deps
to nodepool thick slaves. This means that Pillow 3 will work in unit
tests.
Make the matching change to allow Pillow 3.0.0 to work under devstack.
The longer term aim is to remove temporary upper cap.
Change-Id: I2bec8cf1bfeaaa6ae329704229fdeb86d26e55c7
- Updated LBaaS v2 setup to use Octavia.
- Removed the old cirros image URL, the default should be sufficient.
- Fixed nova boot commands based on Liberty DevStack.
- Added sleeps to LBaaS v2 commands since most commands
can take a few seconds to complete.
- Added wait to load balancer creation since it can take
a few minutes to complete.
- Wrapped long lines in the descriptions.
Change-Id: Ib4a3f02ebc2606e3e16591ae3a23676cb0a6cd64
This has come up on the mailing list recently, we should just fail
early and explicitly so that people don't get way down this path and
not realize it's never going to work.
Change-Id: I8a7f001adf3a5244b8655858ebd5fc7014a4af55
Add complete localrcs, and also add a section for additional compute
nodes, to help demonstrate the OVS layout and how traffic flows over
VXLAN tunnels from compute nodes, to the L3 node, and out onto the
wire.
Closes-Bug: #1506733
Change-Id: Ibb5fd454bdcb8c13400c1e11f640c2aafc0f73ca
Taking a temporary IPv6 address created through the OS' support for
Privacy Extensions (RFC 4941) is not very useful. It would occur because
it happened to be the first in the list returned from ip(8). Instead,
grab the first IPv6 address that is not a temporary address.
Related-Bug: #1488691
Change-Id: I7f455572241e7d0c7406f173239a2270a4d8926a
When taking the IPv6 addresses from an interface, also update any routing
table entries.
Change-Id: I0424de6c5c1b0fcb7a9bc3fc1475036668cab09d
Closes-Bug: 1514494
Since f21 the kernel modules are split to multiple packages
and by default just the core modules gets installed.
nova requires iscsi_tcp module for attaching a volume
from any iscsi source (default cinder lvm setup).
On el7 it is not required.
Change-Id: I31705720ade5defd1b6d4b95bc51c2a11a5f0364
Related-Bug: #1429504
In some niche setups it is desirable to run OpenStack services under
screen, but undesirable to automatically keep a persistent log from
each service.
Add a new variable SCREEN_IS_LOGGING that controls if screen logs each
window to disk automatically.
Ideally screen itself would be configured to log but just not activate.
This isn't possible with the screerc syntax. Temporary logging can still
be used by a developer with:
C-a : logfile foo
C-a : log on
Change-Id: I2a3abf15dea95ae99ddbdfe1309382df601b7d93
On Ubuntu, if the Zookeeper service is already running, attempting
to start it again fails with non-zero exit code. This patch detects
whether ZK is already started before trying to start it.
Change-Id: If1257152de01fe5fe0351fdbb538bce083edbec0
Closes-Bug: #1513741
Currently stack.sh will fail if a value is set for
default_ipv4_subnet_pool and/or default_ipv6_subnet_pool in
neutron.conf. This is because setting either of these values
overrides the default behaviour of using the implicit (none)
subnetpool for subnet creation, and the subnetpools
specified in neutron.conf have not been created at the time
of the devstack calls to subnet-create.
This patch fixes the failure by specifying subnetpool = None
in calls to subnet-create, so that neutron will behave as
devstack expects. This parameter will no longer be required
once these configuration options are removed in the OpenStack
N release, but will be required for compatibility with Kilo,
Liberty, and Mitaka.
Change-Id: I29b2d62a022b43f6623b127af2ca303f9de847b0
Closes-Bug: #1472200
A value is never assigned, and it ends up in the nova.conf file as:
linuxnet_interface_driver =
So, let's delete it.
Change-Id: Ibc270ce6ee622eee871df1f8c11f21e8be8280ee
python-devel and the mysql/postgresql client dev-libs should all be
installed globally via the "general" installs; no need to installs
them separately
Change-Id: I91a9ace2e62a891634dbb4635ab2ad8c8dc59f91
Add a quick check so we don't reintroduce bad arguments as in
Ie1b8d09369281059d21da61b2725a457f708ae9e
Change-Id: Ibebc71791f2743eef64d6f7c2596d54a73ea92aa
neutron port-list returns a dictionary that's of random order in python 3.
This expression sometimes returns a NULL value thus failing devstack.
Add an expression that always returns a consistent ROUTER_GW_IP.
Change-Id: Id23d9afda275051ca68bcba2dfd1b6e30f02c628
I think these duplicate dependencies came in because we were not
correctly always installing "general" packages (see
Ie1b8d09369281059d21da61b2725a457f708ae9e)
Most of these are just extras for the lxml dependencies; I added zlib
devel to general for glance (seems pretty generic), and then that can
go too, as all other packages are specified.
Change-Id: I44b14ca15c64fad9daf1ac8d851704b02ea2eae0
The removal of the wheel caching code
(Ia140dc34638d893b92f66d1ba20efd9522c5923b) removed the install of the
"devlib" packages, which was being done with a call in
tools/build_wheels.sh
The idea of "devlibs" and "general" seems to be pretty much the same
thing -- global build requirements. I have removed the unused devlibs
files, and moved any missing packages into the "general" package
install file.
Change-Id: I8f34a164d6785a122394b42387d4221a7b447ae1
We are specifying the argument to get_packages incorrectly, so we are
not actually adding the packages in "general" to the list of packages.
In most cases, this is hidden as other more specific plugins/services
request their packages. However, as
I2dafd32f211fcbc9fff53030d736d97a5f1bb2df shows, not always. I think
this was uncovered by 5f8133caac
Change-Id: Ie1b8d09369281059d21da61b2725a457f708ae9e
This adds an iptables rule to allow ports 67 and 68. We see
occassionally dropped DHCP packets, which may be causing PXE failures in
ironic jobs.
I'm not 100% confident this fixes the issue, however I don't think it
can break anything and it rules out one theory.
Change-Id: I4630afb6f010a4c2cb146a79264c480c64c6e4b7
Related-Bug: #1393099
By default, devstack creates it's own test flavors for Tempest runs.
These are not in the cells API database since they are non-default
for nova so any resize tests in Tempest with cells and these custom
flavors fail.
Configure Tempest to not run resize tests if using cells and custom
flavors.
This allows us to also clean up a bunch of the resize skips found
in nova/devstack/tempest-dsvm-cells-rc.
Change-Id: I20f46024e45e32c60275703a193a56ae8cfe7eca
Closes-Bug: #1513925
With pip + upper-constraints we're nearly always over installing all
python packages because we no longer support a range, we support
*exactly* one version.
This removes a bunch of the gratuitous package installs which we're
going to install over, lxml, numpy, libvirt. All of these we had
coming from packages in the past for speed concerns, but upper
constraints removes that.
It also ensures that all the headers to build all those are in
general, so they are guarunteed available at all times.
Change-Id: Ia76de730d65c84d81c4fb2c980ae1b4d595f9f5b
tempest is already defined in stackrc as default.
Without this definition in local.conf,
tempest is installed successfully.
If it still needs "enable_service tempest" definition
on local.conf,
devstack itself has some problem.
In my environment, tempest installation works
without this definition on local.conf.
Change-Id: I25cda0142538d21bb9656b471e65ca5b018e8378
Thanks to lifeless, pip now implicitly has a wheel cache so that it
builds a wheel before every install, and uses that cache. All our
clever attempts at manually doing wheelhouse things is actually
bypassing the existing cache and making things take longer.
We should remove all of this code and just let pip do this thing,
which is does very well, and get out of the way.
Change-Id: Ia140dc34638d893b92f66d1ba20efd9522c5923b
In Tokyo, there was a cross project session on distributed
key locking:
https://etherpad.openstack.org/p/mitaka-cross-project-dlm
In support of the discussion there, we'll need support for
a zookeeper service in Devstack and ability to use libraries
like Tooz for DLM functionality.
In this review, we pick up some configuration files from
monasca-api and copy the lib/template to implement the
zookeeper lifecycle. Those services that need zookeeper
need to add "zookeeper" in ENABLED_SERVICES.
Change-Id: Icef26e5cdaa930a581e27d330e47706776a7f98f
with the release of osc 1.8.0, modifying object store account
properties is now available. use this mechanism and avoid setting
environment variable that are only helpful for swift CLI.
Change-Id: Ie51e3e2bb86162763f23d0a6bed36208811f89fc
interface_driver configuration was updated to use stevedore aliases.
This patch is to change devstack scripts to now use the aliases
instead of the previous class imports.
Closes-Bug: #1504536
Change-Id: Ic56bfcc1f9da05a999e6fd328e4dd6617e9470ff
If local.conf specifies a config file addition in the following way...
[[post-config|$MY_CONF_FILE]]
[xyz]
foo=bar
...and $MY_CONF_FILE points to a file whose directory is not writable by
the user running the script, then stack.sh aborts with the following
obscure message:
2015-09-01 08:20:08.113 | touch: setting times of '/': Permission denied
This patch modifies inc/meta-config to provide a useful error message,
such as:
2015-09-01 08:20:08.114 | could not create config file / ($MY_CONF_FILE)
This patch also modifies inc/meta-config so that it provides an error
message if $MY_CONF_FILE is empty (instead of silently ignoring this local.conf
statement):
2015-09-01 09:38:53.406 | bogus config file specification: $MY_CONF_FILE
is undefined
Change-Id: I9b78407420318548561012a8672762bc7fdd6db6
Closes-Bug: 1490881
* ReST doesn't allow monospace in italic sections.
bash$ grep -R \`\` doc/build/html/ --include "*.html"
* The code-block section "::" needed an empty line before the code,
otherwise it gets shown in the HTML output.
bash$ egrep -R "<dt>::" doc/build/html/ --include "*.html"
* Monospaced font incorrectly marked with a single back tick
bash$ egrep -nR '\w`(\s|[\.,;:])' doc/source/ --include "*.rst"
Change-Id: I66c3f685f33851c3f3f0f859996037fc24930246
Looks like this was just a typo in the original
d1498d74db816b3edbb8376ca5acb7cc5792ea5c ; replace with
environment variable
Change-Id: I877c1a570a68e926c91fc8a393217e6b18245f82
As files/keystone_data.sh has been removed in the commit
https://review.openstack.org/#/c/79366/, we should remove some
related documations and comments.
Change-Id: I7802d0052fa28d8debb7f361d36a4f108869554c
Since:
- novaclient doesn't require specify the *compute api* version
(default is 2.latest now)
- novaclient doesn't use COMPUTE_API_VERSION, since it's wrong name(
OS_COMPUTE_API_VERSION is a correct name)
we can remove COMPUTE_API_VERSION and NOVA_VERSION vars
Change-Id: I47856863e9403870b8d60c778b97d3de1a212ae1
When keystone API v3 was introduced, filtering regions when listing
endpoints was not supported (see [1]). This caused multi-region devstack
deployments to fail (see [2]). A workaround was introduced to devstack
to enable for multi-region deployments until region filtering would work
in keystone API v3.
Now that the bug related to region filtering in keystone is resolved,
the workaround should be removed.
[1]: https://bugs.launchpad.net/keystone/+bug/1482772
[2]: https://bugs.launchpad.net/devstack/+bug/1483784
Closes-Bug: #1511745
Related-Bug: #1483784
Related-Bug: #1482772
Change-Id: I52d13c3f5e7b77a7f8fb1be4dcea437988ebddfe
The 'verbose' option has been deprecated by oslo_log. Using it
results in a warning for the 'nova-manage' command and likely
many other OpenStack commands.
Change-Id: Icc11b25f56ebc62443c6afa90b9572d5c63b3882
Partial-bug: #1511505
132fbcd38ebae52bdd20da54905131b75581520f in cinder changed the
volume_clear StrOpt to use the choices kwarg which enforces the value
specified and raises a ValueError if an invalid value is set for the
option in cinder.conf.
This lets us remove the validation that devstack was doing.
Change-Id: Ia7eead6297ed0f3a972de2021170fe9c7225e856
To avoid hanging services during gracefull shutdown option
graceful_shutdown_timeout should be configured.
Closes-Bug: #1446583
Change-Id: I2b7f0df831d65c55ae8cae241478f49c9641d99f
The protocol for connections with Cinder is wrong for the Ironic script. This
patch changes the script to use $GLANCE_SERVICE_PROTOCOL, which is https when
USE_SSL=true or tls-proxy is on ENABLED_SERVICES.
Change-Id: I4d4c6f9dc6f6ee53166db109848dca64334b8748
Adds the $ENABLE_HEAT_PLUGINS variable, which should be a list of
the names of the plugins the user wishes to install.
Change-Id: I2ba90002a8fad1cdce6543c89dc37c5912fe133e
Bashate 0.3.2 has a few new checks -- firstly make sure some of the
plugins have #!/bin/bash, and fix up a couple of "local" changes that
were missed by I9c8912a8fd596535589b207d7fc553b9d951d3fe
Change-Id: I9e4b1c0dc9e0f709d8e76f9c9bf1c9478b2605ed
The libvirt+lxc backend in nova does not support shelve, image snapshot
or any volume-related actions (so pretty much anything to do with
cinder), so we need to configure tempest to not run tests that hit those
operations/service when using libvirt/lxc.
This is part of an overall effort to get a CI job running for nova with
the libvirt+lxc configuration per:
Ic07c39e219121ba6b8b20de2b83a193bb735133d
Change-Id: I4decfcc5a5dfbabdecb3eb9fc93f1d1d6c2af805
Add templates for running Heat API services via
apache mod_wsgi. Also add appropriate functions to
lib/heat for configuring Heat.
Change-Id: I1bdd678c44ddfa616a9db7db85ff6f490ff08947
After having migrated the copies of clouds.yaml to just consume from
/etc, remove the duplicate copy.
Change-Id: I036704734785958c95d2234917d7b40bd797a375
This fails in the environment where sudo does not have permissions to
write in /home/$USER folder, e.g. [1]
Also clean-up the comment/variable usage a bit; the location isn't
actually variable at all (and that's fine, but we don't need a global
here)
[1] http://144.76.193.39/ci-artifacts/228979/10/Nova-ML2-Sriov/console.html.gz
Change-Id: I6807eae9d1c27219aa7c19de29f24fa851aa787c
When nova-api and nova-ec2-api services are started by Apache
(it can be done with devstack config option NOVA_USE_MOD_WSGI=True)
log files contained duplication of timestamp value.
Change-Id: I5439ea8f89ca3073600456f67220e9d3f5257d97
Closes-Bug: #1510517
The neutron use_namespaces option is deprecated since Kilo, it's time
remove it from neutron and devstack.
Related-bug: #1508188
Change-Id: I4feb2a15c7e1e4bfdbed2531b18b8e7d798ab3cc
A new project olos.privsep has been created but failes sdvm testing as
even though the library is added ro PROJECTS and LIBS_FROM_GIT it isn't
installed by devstack.
Add oslo.privsep to the install_oslo function
Change-Id: Ia4d56747d56dcfe50889ebbdf9d553df13e1b950
This patch alows specifiying a deviation of the swift default port 8080 with
variable SWIFT_DEFAULT_BIND_PORT. The created endpoints in keystone for
object-store and the backup_swift_url in cinder.conf will use variable
SWIFT_DEFAULT_BIND_PORT instead of the fixed port 8080.
Change-Id: I47bbcf77368c430718fb8f29b7de1ff305e64422
Closes-Bug: #1489767
This commit fixes an issue with the tempest configuration when
TEMPEST_HAS_ADMIN is disabled. Without admin credentials tempest
is unable to create credentials at all so enabling tenant isolation
is not going to work. Previously devstack wasn't setting it one way
or the other when TEMPEST_HAS_ADMIN was set, which results in the
default of being enabled. So jobs that try to run tempest without
admin were failing.
Change-Id: Iff496cb5cbf29f17c130cfad746b48d8547ca965
Since nova-ec2-api service was removed from nova it is not
needed in devstack.
Change-Id: I91d4be02a1a9c2ca4d18256d9a37a5c2559f53b7
Closes-Bug: #1530798
There are more than one user that need to access clouds.yaml values
in tests. Rather than copying the file everywhere, simply output
it to /etc/openstack.
However, we have things copying it at the moment, so output to
both places. A follow up patch will remove the homedir version.
Change-Id: I21d3c2ad7a020a5ab02dc1ab532feae70b718892
beacuse of the stackforge project move to openstack project,
so change the document url to git://git.openstack.org/openstack/.
Change-Id: I1628c0aeb62ee519867fdaee56386e22978c4271
The path is tools/build_wheels.sh, but in the Makefile which is
tools/build-wheels.sh. Modify it to the correct one.
Change-Id: If297b65b539403af10a73adbbadfcd8281d40009
Closes-Bug: #1507699
After devstack runs ./stack.sh, there is a file named userrc_early
which contains sensitive information is created, we should add it
to ignore list, because it is only for end user debugging.
Change-Id: Ic99c279ec6a3606dc6f6ba9a7612b5ca7a2b6b10
I want to release a new bashate, but I also don't want to risk
consuming it before fully testing it. By pinning here, we can run all
our usual CI on new versions before accepting them.
Additionally, allow substitution of the bashate dependency via an
environment variable. We can use this in a bashate test to substitute
a path to a checkout with any changes applied.
Change-Id: I165c4d66db8b7bdcff235ef7d8c99029637bb76a
Cells doesn't support the os-attach-interfaces API so disable those
tests in Tempest if running with Cells.
Change-Id: I5c7884407868eae70ea125f3f893c73214c04c75
After I9c8912a8fd596535589b207d7fc553b9d951d3fe this approach leads
to a failure and breaks (at least) ironic-inspector gate.
Change-Id: I19bb8ada9a6f42d375838cc88a376715918c2a3e
There is no need to test here whether v2 is disabled or not. V3
Authentication will always be available and we should just use that.
Change-Id: I0d2d76ebdf261917f1a2b23c65f0f843ae50f49a
The interactive password prompt currently saves to .localrc.auto
However, this is removed when you re-run stack; that is required as it
is how we source the localrc bits of local.conf, and we want the
users' changes to be picked up.
The passwords, however, should remain constant, because everything has
already been setup with them. So write them to a separate file. Note
we source before localrc so it can still overwrite them.
Some minor flow-changes too
Change-Id: I9871c8b8c7569626faf552628de69b811ba4dac0
Closes-Bug: #1505872
The os_RELEASE for RHEL is 7.1 (for example). Which does not work for comparisons
to an integer. And, while I am at it, change base_path to not use a hard-coded
directory.
Change-Id: I64a04810cc7ba4668c2cb7a8df79c206301e9e16
OVS_PHYSICAL_BRIDGE is not always set, like when you don't need specify the
bridge mapping, and also it has no default value. So we need to add
verification of OVS_PHYSICAL_BRIDGE in cleanup_neutron function where we refer
to it.
Change-Id: I69d113a7f3f7e67b09cb72fa0b0d3bba188e783a
Close-Bug: #1474634
These functions commonly externally called (as part of stackrc
inclusion, even) and do a fair bit of iteration over long
service-lists, which really fills up the logs of devstack and grenade
with unnecessary details.
The functions are well tested by unit-tests, so we are very unlikely
to need to debug internal issues with them in a hurry. Thus turn
logging down for them.
Change-Id: I63b9a05a0678c7e0c7012f6d768c29fd67f090d2
In Tempest config, `image-feature-enabled deactivate_image` is
enabled twice. This patch removes one of the redundant call to iniset.
Change-Id: Idbfcd6d6ee171c2c83736e17bbaf3d7a32c738b1
In neutron-legacy function _move_neutron_addresses_route, there are
few lines trying to figure out the bridge IP by assuming that the
bridge IP will be always same as the HOST_IP, this is not always true.
When the nic bears the HOST_IP and the nic which will be used as the
public network are different nics, the code in that method fails.
Eventually the function fails with network unreachable error.
This patch set fixes the problem, so that when HOST_IP and the IP for
the bridge are different, devstack will still be setup correctly.
Change-Id: I4d67f61c2ffd93f1e8ea2f8fe3b551044fab294e
Closes-bug: #1498538
this adds a timing infrastructure to devstack to account for time
taken up by set of operations. The first instance of this is
accounting the time taken up by doing apt_get calls.
Change-Id: I855ffe9c7a75e9943106af0f70cf715c34ae25c5
In this guide, multiple interfaces in DevStack is only used when doing
provider networking, so let's go ahead and just put the information
inside the provider network section. That way it won't be confusing.
Change-Id: I66f58ffb936230e72ac4cf8c04668e25dac5b17a
This prevents bleed out of the i variable to other functions that
might call this inside their own iteration loop.
Change-Id: I42d0c287a6f4bb24ae3871de9abb7e0de98a8462
Also remove variable definitions from compute node localrc that is only
applicable on the control node.
Change-Id: I37b00611ff08d8973f21af7db340d287b1deb4af
With the advent of plugins and their settings files it has become
possible to disable_service in local.conf only to have the service
re-enabled in a plugin settings file. This happens because of
processing order.
To get around this the disable_service function now aggregates
service names into a DISABLED_SERVICES variable which is then checked
during enable_service. If something tries to enable something that
was previously disabled, a warning is produced in the log and the
service is not enabled.
Then after all configuration has been sourced a final check is to
done by verify_disabled_services to confirm that something has not
manually adjusted ENABLED_SERVICES to overcome a previously called
disable_service. If something has, the stack dies with an error.
Change-Id: I0f9403f44ed2fe693a46cd02486bd94043ce6b1a
Closes-Bug: #1504304
As a follow-on to I8cefb58f49dcd2cb2def8a5071d0892af520e7f7, put in
some detection around missing variable-to-test arguments in
trueorfalse.
Correct a couple of places where we were passing in blank strings,
resulting in the default always being applied.
Add test-cases and enhance the documentation a little.
Depends-On: I8cefb58f49dcd2cb2def8a5071d0892af520e7f7
Change-Id: Icc0eb3808a2b6583828d8c47f0af4181e7e2c75a
This lets you specify that devstack should not be run by the user on
the box that you are on. Helps with running commands in the wrong
window.
Change-Id: I7aa26df1a2e02331d596bbfefb0697937787252f
This will make curl fail on pypi errors, and should prevent corrupt
images from pypi going offline for a few hours randomly, which it does
from time to time.
Closes-Bug: #1503909
Change-Id: Ib4a740b7d1772e1e36aa701e42d3ac0f0ee12883
If get-pip servers fall over and return 503 for a few hours (which
they do medium regularly) we'll cache crud html, and everything will
suck. We know this script should be python, so if it isn't, delete it.
Change-Id: Ia9f6f7c7217939bc1ab5745f4a9d568acfbf04c8
Setup the log output before calling functions like
check_path_perm_sanity that want to write out to
the error log.
Change-Id: I9815965257c399a48f8cf0f344814d954137aecb
Closes-Bug: #1500834
one cron job attempts to print debug text into stderr; so the file
of /root/dead.letter gets created and its size grows continuously.
It could eventually threaten dom0 disk space. Maybe there are two
solutions: one is to redirect the output to a specific log file;
and rotate log files in the script. And the other one is simply
to redirect the output /dev/null. By considering the function of
this cron job and the printed contents are straight and simple,
this patch set goes with the later solution.
Change-Id: I4875e5e3837e6f0249e314c6c5f408c79145c6c1
Closes-Bug: 1503966
As a follow-on to the issues raised by
I069f46f95656655ae7ba8f3dd929f47eae594b68, rather than a re-write of
create_userrc.sh logic, create a temporary userrc that can be helpful
for debugging until we have the whole system bootstrapped
Change-Id: I3325acffd259cf7f6f4a153c88037cfe8405ca50
we were unconditionally adding -z to the curl command even if the file
doesn't exist that we are referencing. That produces a scary warning
for users. Lets not do that.
Change-Id: Id2860c1c702510b0f8fd496abce579d0fa3ff867
This adds a warning for extras.d usage. This will give us something to
keep an eye on in logstash to build up the list of projects that will
break at Mitaka-1.
This also makes the deprecated handling done through a function, which
will hopefully make it more consistent in the future.
Change-Id: Icd393bc3e7095fe58be0fd13ef74fece3aa5c5f1
At the moment the following md and conf files are handled with shocco.
This should not be the case.
* samples/local.conf
* lib/neutron_thirdparty/README.md
* lib/neutron_plugins/README.md
Change-Id: I11ea5ebda111e6cdab71d3cffaeb4f16443bfd3c
Ia0957b47187c3dcadd46154b17022c4213781112 proposes to have bashate
find instances of setting a local value. The issue is that "local"
always returns 0, thus hiding any failure in the commands running to
set the variable.
This is an automated replacement of such instances
Depends-On: I676c805e8f0401f75cc5367eee83b3d880cdef81
Change-Id: I9c8912a8fd596535589b207d7fc553b9d951d3fe
Ia0957b47187c3dcadd46154b17022c4213781112 detects setting local
variables with subshell commands.
Although this is a particuarly benign case, it trips the test. Rather
than putting in an ignore for this, we can easily change it to make
the test pass. This seems better than putting in special work-arounds
to bashate, etc.
Change-Id: I37c3967c0f2d780a636a7d26cda83755085c5c69
Metadata agent now talks to neutron-server thru AMQP, so there is no use
for API access configuration.
Change-Id: I8f81eea91fe3448d5098e77312f64f2eaba68a68
Depends-On: I254c575c66214f50fb93a94c46c4c9caebfc2937
Closes-Bug: #1502947
Guests with large memory requirements can use default flavors, so
removing the special flavor for ppc64 since new qemu requires more
memory - http://wiki.qemu.org/ChangeLog/2.4 - PowerPC.
Users should set DEFAULT_INSTANCE_TYPE to one of the default
flavors available in local.conf, as m1.tiny.
DocImpact
Change-Id: I0fd275dc7342cc2daa83e9a2bd79d30e7defa3e4
Since Ic2532676e46e93f129d590d1fa7a044ef65f50fb bashate warns on
long-lines. Traditionally, for whatever reason, devstack hasn't cared
too much about long lines unless it really damages readability.
So ignore this to avoid thousands of warnings on the long lines. Note
even though released bashate doesn't have this, ignoring a missing
test doesn't matter.
Change-Id: I16aeaa3b334fac1eec5085f2cfe26c81c53023a8
This is being removed from the Neutron tree, so there is
no need to keep it here anymore.
Change-Id: Ice869bc445cb9dab6f227c30d38fb9b7ba04442b
Depends-on: I949a51873ee5af654b577952d423dd29a6ced8e7
The default bind_port (6011-6013) in the sample config files for swift
use port numbers that are in the range registered by X11 (6000-6063) and
can prevent swift from starting if the ports are in use.
We should use an unregistered range (6611-6613).
Change-Id: Ifd95b99004aead5ddc8ae1a8dd3ccd9c4f2abe91
Closes-Bug: #1254328
Kill them twice to make sure they're good'n'dead. There is a supposed
fix to oslo-incubator code, but we're working around that here in the
meantime with this change.
This returned in Liberty.
Change-Id: I02a7af995dc7de857c4efcf2cef2f95d357c007a
Related-Bug: #1446583
(cherry picked from commit 953baa7998f253681ed31013fd18bd8aa8098b34)
These files have acquired execute permissions that
are not strictly necessary because they are being
sourced, and not intended to be run separately.
Restore to 644
Change-Id: I0b8654123416a07521502b61610ca45c94494a07
There has been a ton of fall out from this change, and I
think it's been premature. We should revert and try again
when more of the client space supports this.
This reverts commit a29434460e.
Change-Id: I1658dc48a024627be0fdb39c46137aaa3d9b911a
When moving to Python 3, we also need to install test-requriements
to allow projects to install any python 3 test dependencies they
might be missing otherwise.
Change-Id: I2d19aa2f7ec8de869a82aa7764ab72cc8693101f
When I deploy linuxbridge-agent and enable tunneling,
the configuration of neutron isn't right. It lacks
the whole section [vxlan] to be properly configured.
Change-Id: Ib3bfe0f3445f466f4dbb36f7f0cb0d940114e7f6
Closes-Bug: #1481126
This reverts commit f768787bdd.
And sets OS_AUTH_VERSION so swift CLI doesn't fall flat when
not using v2 keystone
Change-Id: If44a7e0d85e48020a3c90d8c5c027513129f0f3b
If `DATABASE_TYPE` is configured in `local.conf`, the database backend
is currently configured with `initialize_database_backends` even if no
database backend is enabled.
On a multi-nodes Devstack environment, such as devstack-vagrant, the
compute node currently fails because it does not have PyMysql. This
compute node has no database backend enabled, but has to connect to
the database on another node.
We should install the python client if DATABASE_TYPE is set, even
if no database backend is enabled.
Closes-Bug: 1501001
Change-Id: Iffd5f7243a0dfdbe56cf6b9a87b96ed7678c81dd
Commit 1ce19ab76d dropped API_WORKERS from
nproc/2 to nproc/4 and also started using API_WORKERS for the number of
conductor workers, so in gate runs that dropped conductor workers from 8
to 2. We're now seeing instance build timeouts in the large ops job.
This change goes back to nproc/2 for the large ops job (VIRT_DRIVER=='fake').
Closes-Bug: #1500615
Change-Id: Ie6ef855fce0a99c930d479b7459c15b69e8de499
Ceilometer is now removed from devstack and only exists as a plugin
so it should be in the registry.
Unfortunately the length of the URL changed the table formatting so
the diff is much larger than the semantic change.
Change-Id: Ibe8e27e97294c2d13be8f22f41eea27775811eec
This change adds apache templates for Cinder API services.
Also add possibility to switch between the old and new ways
to setup Cinder API.
Related Cinder blueprint:
https://blueprints.launchpad.net/cinder/+spec/non-eventlet-wsgi-app
Change-Id: Icfad40ee6998296727a95613199e5c2d87bd0a45
Depends-On: Ifbab059001d1567b1f7b394c0411a9ca4629f846
Co-Authored-By: Ivan Kolodyazhny <e0ne@e0ne.info>
It will report 'unknown locale: UTF-8', when the env is UTF-8.
Default set the LC_ALL to C in the stackrc, instead. And delete
the duplicate option in stack.sh.
Closes-Bug: 1499296
Change-Id: I14121b25ac314a1a93e6dd6811e196ce2a7c0eb5
We can just directly install the latest RDO repo rather than having to
keep this up-to-date. I don't think there is actually much there we
need any more; there was a lot more coming from RDO in the centos6
days. openvswitch is one big one, however.
Change-Id: I42b8bc1aea8ff61770987eecd5fc3b8309c1e210
If OVS_DATAPATH_TYPE is configured it should be visible in ML2 config
Changing OVS_DATAPATH_TYPE default value to 'system' from ''
Closes-Bug: 1499029
Change-Id: I88e7d2554e8a1d6dcfea71fc1fb8e9fb2491d8b7
The function guru_meditation_report() currently uses the User-defined
signal SIGUSR1 to kill a Nova Compute process so that a Guru Meditation
Report is generated.
Testing locally, in a DevStack instance, manually attempting to kill a
Nova compute process [kill -s USR1 `pgrep nova-compute`] does not result
in process being terminated, and no error report generated.
It turns out[1] that SIGUSR1 is used by Apache 'mod_wsgi'.
Using the signal SIGUSR2 resolves this issue (i.e. 'nova-compute'
process is terminated, and the Guru Meditation Report is generated).
So, use USR2, instead of USR1.
Corresponding oslo.reports related commit[2].
[1] https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIRestrictSignal
[2] 45b1c02d113051d147e54ef921ce8e94135542d8 -- guru_meditation_report:
Use SIGUSR2 instead of SIGUSR1
[3] Original DevStack commit that brought in this change --
2ebe993b25
Change-Id: I8a7eaf71b83edca3c80074d6bf2d471e3db6142b
In case ERROR_ON_CLONE is true and triggers a failure for a missing
project, suggest a remedial action. On their own, people have
come up with remedies that include altering the value of ERROR_ON_CLONE
which rather defeats the purpose.
Change-Id: I28d7f2c184f8440b774fefaa8ec7002d6708db95
One of the key reasons for the large number of API_WORKERS was that
mysql would block API workers, so would start rejecting work. Now with
the python mysql driver we should be eventlet aware, and life should
be good.
Let's see if this works.
Change-Id: Iaf8730a4dcdc30ef390795bfb5fb73ec3cd665fe
First noted in change id by fumihiko and kyle:
I079e18b58b214bf8362945c253d6d894ca8b1a6b
Neutron and few others seem to use an extra "python" along
with run_process which is quite unnecessary and complicates
adding python3 support in devstack. So let's clean this up.
Change-Id: I2d478f2b04c04d05c18420563e2ad77eba73be3f
Current install_os_domU.sh depends on some keywords which are changed in the
next version XenServer which is upgraded to CentOS 7. So with the existing
script to install domU in the new version XenServer, it will always fail.
This patch is to make it to be compatible with all XenServer versions:
1. the output format of "ifconfig" is changed; the fix is to use the ip
command to retrieve IP address.
2. In XS 6.5 and the previous XS, the "xe-guest-utilities" package file name
is as "xe-guest-utilities_<version>_<arch>.deb" but now it delivers a
single file for all Arch's and the file name is
"xe-guest-utilities_<version>_all.deb". In order to make it to be
compatible, the fix will try to search the old file name pattern by
default. If it does't exist, then try to search the new file name pattern.
Change-Id: I893e89e42a5ef7dd079b571ea308f318c9befc9e
Closes-Bug: #1494241
The commit breaks creation of user rc file.
Now devstack doesn't create certificate for user
(because it's too early to do it) and doesn't react
to changes of EC2/S3 urls if they is recreated by devstack plugins.
So the commit totally broke ec2-api gating for example.
Change-Id: I069f46f95656655ae7ba8f3dd929f47eae594b68
Changeset https://review.openstack.org/#/c/225426/ changed how images
were uploaded into Glance, however the (now) unused TOKEN variable
and function argument to upload_image remained.
These have been removed.
Change-Id: I9910c469f72d52e56111048cc24ea3c992c1d480
get_or_add_user_project_role function was always returning an
empty user_role_id because the role assignment command does not
return any output. Added a command to get the user_role_id after
the assignment happens.
Closes-Bug: #1498599
Change-Id: If1b77eef0d4f0ebdcdf761ecb5e2011484f73871
This patch adds an admin role assignment for the admin user on
the default domain as part of the Keystone configuration stage.
Closes-Bug: #1494081
Change-Id: I91c88917bd51be4572e4970c94e65d866798df26
Commit 2ad1a42ca6 broke entirely the
Apache configuration for Keystone when used without a port on the
/identity URL. This patch fixes that.
Change-Id: I47805138c66456c9c5fa9af1f4ac33b03d0ce5b9
There is no reason to use keystone token bootstrapping for image
uploads. Glance is a service, and images can be uploaded to it normally
without special shenanigans.
Depends-On: If7b81c4a6746c8a1eb0302c96e045fb0f457d67b
Change-Id: I7092fb10cbe243e091789134263fab081af0c7f4
If something goes wrong after keystone is running with services
registered, but before credentials are written, it's hard to poke at the
existing half-running state because none of the auth information is
recorded.
Write the files right after we're done bootstrapping keystone.
Change-Id: I2f8ae86e17d26ec4defa16e843faa8987d27fac9
It should redirect stdout to /dev/null firstly,
then redirect stderr to whatever stdout currently points at.
Change-Id: I4666fa90a96301f0b504a8501f0ffc3fe17616b0
Zaqar's devstack code has been moved into a plugin in the Zaqar repo.
This patch removes the remaining code from devstack.
Depends-On: Iceefabb6cd528b23075a91e8039b8264eb3f33f5
Change-Id: Ifcf54fa2d4a5bf49b6757b593bb70cdeda8edb2a
Cinder API v1 will be removed Mitaka so we don't need to setup it be
default.
To enable Cinder API v1 you need to set CINDER_ENABLE_V1_API=True in
your Devstack config.
Related-Bug: #1467589
Depends-On: I6916eb3e4b7c85f37be8b365b11ca8b48f88177c
Change-Id: I0754e357433cfcd9fde7e937a4a1b440580b6289
after the glance_store vs. upper-constraints bug, it's probably worth
actually enforcing and sanity checking that devstack is doing what
it's being asked of with LIBS_FROM_GIT. This will hopefully reduce
user generated error.
This *might* not work with the current oslo naming, we'll have to test
and normalize that.
Change-Id: Iffef2007f99a0e932b68c4c897ebbfb748cac2b4
Now that we don't have namespace packages any more, editable installs
should be fine. This also means that we apply constraints to these
libraries during installation, which is important for future testing.
This is needed in order to be able to easily sanity check
LIBS_FROM_GIT, as then all libs installed from git will have pip urls
with git in them.
Change-Id: I46c3b8f943b97f912eccc7278e3e033ae67e7e31
is_service_enabled might actually fail to return the expected result if
there is a is_${service}_enabled function available and multiple
services are checked.
For example, if one defines swift as a service but disables glance, the
following check fails:
if is_service_enabled swift glance horizon; then
install_swiftclient
fi
This is because the second for-iteration resets the local "enabled" var
again to 1 and finally exits with 1 as a return code.
This patch fixes this.
Change-Id: Ic76b72897efe9597d1412470353895001a1a4c66
The ceilometer project is moving to using a devstack plugin rather
than having ceilometer in the base devstack. This is to allow
greater control and flexibility.
Change-Id: I413ab159474b7d7231ad66d3a482201f74efe8a8
A new tempest test is being added in https://review.openstack.org/#/c/200108/
but it doesn't run by default because the test fails on Juno. So a
feature flag in Tempest is added. This patch turns on this feature
flag at Devstack's side.
Change-Id: If1cf90dac3edc81a483fc51da74495042c96d543
Without this change some services for ceilometer will not start
breaking CI.
This change I7447ba4f408c95b0acf1b809504ce16fff1c6e21 was validated
against the ceilometer devstack plugin but apparently not against
devstack itself. Until I413ab159474b7d7231ad66d3a482201f74efe8a8
merges devstack still has ceilometer support and is used in the
gate.
Change-Id: Ib1ea8b6ef7019570f82b0ba87e03fc627c8f6801
This removes a restriction for neutron vendor plugin.
Some neutron vendor plugins were already decomposed and
there is no config file in Neutron tree. They should prepare
the file in each plugin.
Change-Id: I4997b8eae1f433b1c23f20c06ba254568ac4982b
There are a number of different neutron plugins that work with the
VMware nova driver. If necessary this flag can be set by each plugin
if necessary.
Change-Id: I47ac2a5c71ff573f474d45b85a523fc243ec3ade
If all databases drivers are loaded, MySQL SQLAlchemy driver
overrides all the other one that might not have set one.
This patches fixes that.
Change-Id: If6d8d08e5b7b7c48ca012677b536d71058def6fd
Closes-Bug: #1493304
The python-keystoneclient requires a trailing /v<IDENTITY_API_VERSION> to
successfully authenticate, otherwise it fails with a 404 error due to a not
found resource.
This error showed up only when generating Swift tempurls, because the error was
raised when using python-swiftclient.
This change fixes this for python-swiftclient within devstack.
Change-Id: Ibe222d65162898db69acba076b5fe1cb3621fbc3
Closes-Bug: 1492216
A previous change in this code had a typo, reversing the
definitions of IP_ADD and IP_DEL, noticed while debugging
another issue.
Change-Id: Ifb87de1138eeb72081a2e52a5c81bfe9fe91ecd6
Remove setting of ssh_user param to boto section.
Because boto uses user name to ssh from compute.ssh_user
Change-Id: Ifd5b99ef35eaf126a3c6e0055837c4741353345e
This change have broke the Ironic tests. Reverting to unblock the Ironic
gate.
This reverts commit 4b115ad526.
Closes-Bug: #1492216
Change-Id: I03acfdf47caf435cede1df08fd79b288a6662435
This reverts commit 2e1a91c50b
It looks like this introduced race bug 1491949 in the
gate-tempest-dsvm-large-ops job causing rpc timeouts when
deallocating network information for an instance,
specifically around the dnsmasq callback to release the
fixed IP that the instance was using which triggers the
disassociation between the fixed IP and the instance in the
nova database.
Change-Id: I163cdeea75e92485f241647c69aea0d7456c3258
Closes-Bug: #1491949
The upstream version of requests contains a copy
of urllib3 and cardet library, common practice in many distros
to create symbolic links for these libraries instead of creating
a huge package which contains the same library as the distro provides
as separate package as well.
Now devstack upgrades the urllib3 to incompatible version,
but it leaves the requests unchanged because Fedora already has the
latest version.
The issue does not happens with Ubuntu because it has older requests
and devstack updates it as well.
The pip installed version contains a bundled urllib3 and the actually
installed urllib3 version does not matters.
This is not the `usual` distro package overrides pip installed package
case.
Change-Id: Icfa71368384b0c2e3ff39265b2fa9190b5566b9b
Related-Bug: #1476770
This commit fixes error caused by adding default image path to IMAGE_URLS without ','
If user sets IMAGE_URLS in localrc like
IMAGE_URLS="path1, path2" (with a space after the comma)
the we get an error "binary operator expected" in
if [ -n $IMAGE_URLS ] condition and a comma will not be added to the end of IMAGE_URLS
In the code below we add default image path(path3) to IMAGE_URLS and we get
IMAGE_URLS="path1, path2path3"
Change-Id: I6543f7178c49a42c71ad9df4cdb4c6e78cbf7758
Change from using a blacklist to disable the shelve tests for
nova-cells to using the tempest config option to disable the shelve
feature tests. This is the intended method of disabling feature tests.
This first commit is to add code to lib/tempest to disable the shelve
feature test if the nova-cells service is enabled. The next
st will remove the shelve blacklist from
http://git.openstack.org/cgit/openstack/nova/tree/devstack/tempest-dsvm-cells-rc
Change-Id: Ibf1f9aaa63e5f17b7d8774b511940ba8421e0887
Partial-bug: 1491152
Neutron plugin always needs plugin file even if the plugin
is out of tree. This patch remove the restraint.
Change-Id: Iedd52db6430def47505a127986170d7279966141
Closes-Bug: #1477452
Now gate will tests Nova v2.1 as default and separate jobs
for v2 legacy and v2 compatible APIs -
I86a627b8ec7b1246452a16c10dcfb1ad5f83bdef
This commit cleanup the options used for old v2.1 jobs.
Separate options are provided for Nova APIs testing-
Ie6b7e4290d9a1d9789d04099b3b31c9a557bc22b
Depends-On: Ie0430cedb7a8136c04b9fb7d08746293aab79f42
To remove old V2.1 jobs.
Change-Id: Ibbed44e1c41ec1e6b3675317f08061810762796c
I had to poke around for awhile to find /var/log/cloud-init-output.log
so I figured I'd add a sentence in the docs about using that.
Change-Id: I8bb6cb730032e41661ee443da816cbea2b28f76d
This adds 2 devstack options:
NOVA_V2_LEGACY={True/False} which is whether we'd like to force the
/v2 endpoint to use the legacy v2.0 code base.
it also provides TEMPEST_COMPUTE_TYPE as an way to pass in which
service catalog entry we'd like to use for compute testing.
We also make v2.1 the default compute endpoint, as that's what we'd
like everyone to be testing and using. The other options will let us
build jobs that nova can run to ensure those APIs don't regress.
Change-Id: Ie6b7e4290d9a1d9789d04099b3b31c9a557bc22b
With multi host set to true devstack's dnsmasq server no longer
listens on the network to other systems. In the gate we can see we're
getting a ton of spurious dhcp requests from other systems on the
network, and it's better that we never even see it.
Change-Id: Ie600de91e4a7da734eae722e78101c2401a7b1f5
The existing mysql code is wrong and not detected as failing [1], and
boto config requires work-arounds [2,3] that are all fairly ugly. Use
-sudo argument to iniset to handle this.
[1] I24388b5de777995f92d73076524122cf599d6371
[2] I5f4c43bbbe477c570936e2e40ac05cc38febbb3f
[3] Ib7556dac9aaaf2f3c96237e0ca28ed6ae1b1b7ac
Change-Id: Iaceb8d42ce37be728adae6fd0a30a1f9d33d4029
this flag was added to deal with inefficiencies of Icehouse. this
patch removes flag as it's not used in post-Icehouse
Change-Id: Ib715e68dc61f3c3ea0a40fae0ea57028e36285bd
Depends-On: I842dfe04725b2482399c0e95b54403fb82001645
IMAGE_URLS could be set both in localrc with customization or stackrc by
default. By setting DOWNLOAD_DEFAULT_IMAGES, user could choose to add
default images to IMAGE_URLS or overwrite them.
As uploading duplicate images will cause a "409 Conflict" error, a
duplicate detection will expose it earlier.
Care needs to be taken that you don't end up with a duplicate image, so
clean up Xen's README.
Depends-On: I6fbae12f950a03afab39f341132746d3db9f788c
Change-Id: I3ca4e576aa3fb8992c08ca44900a8c53dd4b4163
Closes-Bug: #1473432
We bury the lead with all the historical notes about localrc; just
talk about what is important to somebody setting up a current
devstack, which is local.conf.
There are already inline examples of config-variables, etc. Remove
them, but add a small overview example for logging in its place.
Change-Id: I466252ffba66ef4ea180c9355f715a19eb4f8017
We have configuration information split between the README.md and
configuration documentation. A lot of it is duplicated and it shows
little organisation.
This clears the README.md of detailed configuration options and
consolidates it into the existing configuration guide. When someone
first hits the README they don't need details on changing the RPC
back-end; but more importantly this indicates clearly where we should
be adding or clarifying details.
Firstly, the detailed overview of local.conf is removed; it was
duplicated in the configuration guide. This is left as a first-level
section of that guide.
The configuration notes are divided into generic devstack things
(logging, database-backend, etc) and then the rest of the notes on
various projects' configuration options have been moved into a
dedicated sub-section "Projects".
Each project gets its own sub-sub-section. Duplicated swift guides is
consolidated into the single "Swift section". The neutron and
multi-node nodes, which were all duplicated in their more specific
dedicated guides are removed and replaced with links to those. Other
sections are moved directly.
Change-Id: Ib0bac56d82be870fe99c47c53fda674d8668b968
The previous approach assumed that devstack in tree service support
would always be a super set of tempest. That's not necessarily
true. Instead when configuring tempest we should look at all the
possible services that tempest could know about, which will let us
disable services we don't have support for.
Change-Id: I9c24705e494689f09a885eb0a640efd50db33fcf
Some IPv6 addresses are temporary and are generated by IPv6 privacy
extensions. They eventually expire and are regenerated, so we should
filter them out.
Change-Id: I916d6a335bab096f765ae8c7e0e540a4349dd15f
Closes-Bug: #1488691
Commit 7561c8ded211d53e8745d1420a73b82bd0fc35cf removed the
libvirt.vif_driver option from Nova in Juno so we should remove the
variable from devstack since it's useless / confusing.
Change-Id: I70a8cb4a3606eb5eabd3c0ef331945e72c80543a
Neutron and its sub-projects have been made more intelligent about the
alembic migrations of installed sub-projects. Neutron will now
discover the installed migrations and run them automatically.
Partial-Bug: #1470625
Change-Id: Iec8993b02400ae306abf520e6e70d86bba042c8d
Devstack was setting up a separate directory and copying
http/keystone.py into it for the admin and public endpoints.
Keystone now defines wsgi_scripts entrypoints so that
keystone-wsgi-admin and keystone-wsgi-public are created on
install so devstack can reference these files instead.
See http://httpd.apache.org/docs/2.4/upgrading.html#access for
the apache docs with examples for the Allow|Deny/Require
directives.
Depends-On: Ic9c03e6c00408f3698c10012ca98cfc6ea9b6ace
Change-Id: Ided688be62b64066d90776313c963ec5016363f2
This commit fixes an simple syntax error on an else statement causing
it to crash instead of eval. Clearly someone has been writing too much
python and not enough bash.
Change-Id: I81d2324abd17790dc4790147f210ad7d9f0db74b
The lib/tempest variable definition for TEMPEST_USE_TEST_ACCOUNTS was
incorrectly calling the trueorfalse function by passing the variable's
value to the function instead of the variable's name. This was causing
trueorfalse the default value of false to always be returned even when
specifying the option as true in the localrc. (well assuming True or
it's variants wasn't an actual defined variable with a value that
would return true) This commit fixes this issue by properly using the
trueorfalse function.
Change-Id: I8cefb58f49dcd2cb2def8a5071d0892af520e7f7
Patchset fixes calculating EC2_URL/S3_URL for user rc files in 'accrc' directory.
Currently calculation of these url's uses 'openstack endpoint show' command
without specifying os-identity-v3 flag. But output is empty without such flag.
So this patchset uses same construction as exists in functions-common.
Change-Id: Ia4f2510750fa0f46e2f1d58cf0a7a16782f022b3
If nbd isn't enabled you can't boot instances with libvirt using lxc
(unless you're using an lvm backend).
Closes-Bug: #1487195
Co-Authored-By: Andrew Melton <andrew.melton@rackspace.com>
Change-Id: I08c4d498ed35166f566291d9530ca1ecfae05625
Swift3 should be in the same region as all other cloud.
By default it has regaion name 'US'. It's ok for requests
that signed by version 1 of signature because they haven't
region information in request.
But S3 signature of version 4 protocol sends region name to server
and swift3 plugin checks that input region equals to internal.
And because all cloud lives with 'RegionOne' then swift3 fails
request because it has 'US' region name by default.
Change-Id: Icd817183b1a040110372a8ae5d73fd2f0ec5559c
Related-Bug: #1411078
in I0272d56bc2e50e8174db78bd449f65f60f7f4000, we reset DEST value
when installing elasticsearch. it gets set to /opt/stack/ which is
not always correct in gate causing the path to be wrong and
elasticseach cannot be installed. we should reuse DEST from stackrc
Change-Id: Ia3a2383ada30c4e92c37386aedd6164c69cac60a
Closes-Bug: #1484182
As part of moving components to use keystone v3, this review
allows nova.conf's [neutron] section to switch to using the
auth_plugin in keystoneclient for talking to keystone /v3 API
Change-Id: I42502bff147534199096fb581630b8559f311963
When clean.sh is executed, it shows "command not found" messages.
Commands are defined in lib/lvm, however lib/lvm doesn't include clean.sh.
This pache add lib/lvm to clean.sh.
Change-Id: I56672e949d25f7cdcda879badd992f849d06c749
Closes-Bug: 1486392
The commit 05aa3846a0 into devstack exposed a bug
where pip_install is called before the requirements repository is cloned. This
change ensures that the requirements repository exists before pip_install is
called.
Change-Id: I60b157fc98691764a69cf022852e7a95fc50cdd7
Closes-Bug: #1486304
On Linux kernel 4.1, `ip link` reports peer interface name for
each Open vSwitch interface, like:
$ ip link
...
71: ovs-tap1@brbm-tap1: <BROADCAST,MULTICAST,UP,LOWER_UP> ...
~~~~~~~~~~
Currently it is regarded as a part of interface name, so
causes failure in tap id detection from ovs-vsctl output,
that results into ironic deployment failure.
This patch removes the peer name from the interface name.
Change-Id: Id3b181fa821e9bff1afabef4d63964f61fa49a65
Closes-Bug: #1486273
Although l3_agent.ini, dhcp_agent.ini and metadata_agent.ini have
"AGENT" section as default, devstack added "agent" section.
Change-Id: Ie4034257d8aed00d67e3f28e7dd3b05cc5d89fc4
Having behavior on your laptop diverge from behavior in the gate is
confusing. Just use constraints on every devstack run to be consistent.
Users of devstack can edit the requirements repo in order to change
these constraints locally if necessary.
Change-Id: I843208e2e982eb04931b76f5cb4bd219fbcd70de
This has been incorrect since the initial commit
(I632df4149e9d7f78cb5a7091dfe4ea8f8ca3ddfa)
Closes-Bug: #1483499
Change-Id: Ife4defce989c4f3c7eb5381376c0f93de50a9668
Currently horizon configures keystone using v3 only if v2 is not
available. Really we should just always be using v3.
Change-Id: Icac4d90b617209da75abf33f8e25ffc021c45fdb
At this point all our function calls should be using the V3 APIs anyway
so switch the authentication credentials to v3 compatible ones and
remove all the hacks we added to force v3 API calls.
Implements: bp keystonev3
Change-Id: If92d3e11b9a363454f77527783b6d25f4da9c249
The change fix multi-node doc to use SERVICE_HOST.
It resolves duplicate IP address.
Closes-Bug: #1485159
Change-Id: If86393e9a37bcb911a9aa125829cd8ce684edd9f
This patch is setting a name for each node created in Ironic, when
testing stuff it's easier to refer to a nome by its name then uuid.
The format of the name is: node-0, node-1, ...
Change-Id: I60fcddbcb36d1b1da8b3846b6edf14c59401f102
Future work toward visualization of DevStack and devstack-gate performance
would benefit greatly from the availability of machine-parsable DStat output.
This patch outputs an additional logfile to $LOGDIR, `dstat-csv.log`, using
DStat's built-in CSV logging functionality.
An additional instance of DStat is started during start_dstat that outputs
to CSV-formatted text without `--top-cpu-adv` and `-top-io-adv` enabled, as
these plugins are currently incompatible with CSV output. To facilitate this,
a new `dstat.sh` script is added to $TOP_DIR/tools/ to act as a daemon to
manage the two processes.
Change-Id: I826c94c35b6a109308b4f132c181ff7a1f63bc7b
Depends-On: I534fb1f9356a7948d2fec0aecc7f275e47362a11
Currently, if the VPN devstack plugin is enabled (which is
the method used for VPN in all test jobs), there will be
two VPN agent processes started. This doesn't seem to
affect the tests, but is incorrect.
To resolve this, the proposal is to do this in two steps.
With this commit, the script is modified to start the q-vpn
process, if q-vpn is enabled (legacy), and to only start
q-l3 process, if neither q-vpn nor neutron-vpnaas is enabled.
Once committed, the opertion will be the same - if no VPN
service is enabled, we get q-l3 (correct); if legacy q-vpn is
enabled (only), we get q-vpn (correct); if the plugin is used
(the default), we get two q-vpn processes started (wrong).
With a separate plugin commit (to be pushed next), the plugin
will be renamed to neutron-vpnaas, and then we'll get only
one agent process (q-vpn or neutron-vpnaas) runing. We can't
commit the plugin first, because both the VPN agent and the
q-l3 agent will be started at once (just as bad, if not worse).
Change-Id: I2bb7ac01e619c8a9b22bd517a4ff60d67035dfed
Partial-Bug: 1484141
The openstack role list command doesn't include any identity API version
information and so will fail when running purely with v3. We could add
this information to the command however we already have a function that
does what swift requires so we should use it.
Change-Id: I5d5417eaed432760bfb97cf35bd76a0919c6004d
Added functionallity to allow _move_neutron_addresses_route to support
interfaces without a configured IP address. If PUBLIC_INTERFACE is set
to an interface without a configured IP, only the port will be
added to the OVS_PHYSICAL_BRIDGE.
Change-Id: I511ea5229ab871298086af5c96761390529bd85e
It was shown that the local.conf is at root devstack directory, but
it is at devstack/samples directory. So the path is updated.
1.) Copy the file into root Devstack directory.
Change-Id: I6ff8a404a3664c892bb458023c57ccc5d0926fdf
Closes-Bug: #1464491
With keystone's move to /identity, a conflict in for resources was
created as both keystone and horizon used /identity. The keystone
config took precedence and rendered API output in the horizon UI.
This patch sets the root for horizon to /dashboard and serves all
horizon content from there. Additionally, a RedirectMatch has been added
to the apache config for horizon to redirect '/' to '/dashboard' this
will allow the implementation to change without being immediately
painful to users.
Also made the path '/dashboard/' configurable in stackrc.
Closes-Bug: #1478306
Depends-On: I9a04f936ed6d8c14775a332dc28e903992806c42
for devstack-gate changes to remove hard coded horizon url structure
assumptions.
Change-Id: I6fbca5cea9e44df160afbccc71bd045437657320
To disable tempest running the v2 tests when the identity v2 api is
disabled you need to set api_v2=False not v2_api=False.
Change-Id: Ied8a0593619dccb5985f9a1e51feb370754336c7
Keystone API v3 does currently not support filtering for region names.
As a consequence an additional check is needed in get_or_create_endpoint
to check if an endpoint must be created for a given region or if it
already exists.
See related bug for more information regarding the missing region
filtering in keystone.
Closes-Bug: #1483784
Related-Bug: #1482772
Change-Id: Ia6a497b9fb58f7474636ab52dc01b99857bed3a2
With the aim of moving everything fully over to v3 authentication we
need to configure glance_store to use v3 when calling swift.
Requires glance_store 0.8.0
Change-Id: I61e8c5a4136404077f5505ebc2edfe49841c244f
Implements: bp keystonev3
This commit adds support to lib/tempest for configuring tempest to use
the test accounts mechanism. It adds a new variable
TEMPEST_USE_TEST_ACCOUNTS which will be used to trigger using test
accounts. The generate tempest-account-generator utility packaged with
tempest is used to generate the users and projects and write an
accounts.yaml. Another option TEMPEST_CONCURRENCY is added to specify
the the number of accounts to create, the value defaults to the number
of processors on the system.
The auth configuration section is moved to the bottom of the
configure_tempest function to ensure the proper auth endpoint and
catalog entries are all set in the tempest.conf file because the
tempest-account-generator tool depends on tempest knowing how to talk
to keystone to create the accounts.
Change-Id: I8682f72ffe26fd133874f5c575df6389f787ffcc
This has only ever appeared in
I3a5d1e511c5dca1e6d01a1adca8fda0a43d4f632 and has never been exported,
referenced, etc.
Remove it to avoid confusion
(e.g. Icfad40ee6998296727a95613199e5c2d87bd0a45)
Change-Id: Ic71e841f6f751ff43083e12ad734b9c84be7b645
To allow separating neutron l3, metadata, or dhcp agent from neutron
server or controller, there is supposed to be policy.json on the nodes
with l3, dhcp, metadata agent enabled, so it would be more appropriate
to create policy.json in _configure_neutron_common.
Change-Id: I890d647ffca05482f36ebaaf9c2c6e9e6cb23e2b
Only source openrc once, and remove the unnecessary re-sourcing of
"functions" which is done by openrc.
Change-Id: I61c87a0742de274d47753a0b216c56d96344d161
I'm still at a loss about why guests stop being pingable in grenade,
so lets get ourselves some ebtables output as well.
Change-Id: I4e40eff6d0b1ef194e43b151a83206fbd50deb66
test_encrypted_cinder_volumes.* tempest test failes,
when cryptsetup package is not installed.
The following error can be seen in the n-cpu log:
Stderr: u'/usr/bin/nova-rootwrap: Executable not found: cryptsetup
(filter match = cryptsetup)\n'
Change-Id: I86603f1301fa946c8bb22de3e69a2ec1ab7f1ef3
The current format is just copy-paste after auto-conversion and very
inconsistent. Move discussion of each option into a section and
reword some slightly so they read more clearly. Group some together
into a section+sub-sections, such as the logging and ip-version option
discussions.
Add a top table-of-contents for the major sections, and then a
separate toc for each of the configuration options that are discussed
in detail.
Change-Id: Iddd27cb54f1d9f062b9c47ff9ad6a2bef3650d6b
The multinode guide erroneously said to enable n-api on the worker
nodes, which is a typo. n-api-meta is the thing that's needed.
Change-Id: I733896681f7f6fe3bea0fdeeb8ffc9033d7fc761
We pull the pip constraints from the requirements repo so need to clone
that repo prior to using the constraints. In fixup_stuff.sh devstack
attempts to install packages like prettytable using the constraints. It
is also possible to need constraints before fixup_stuff.sh if tracking
depends. To deal with this clone requirements repo before any possible
use of constraints in pip_install.
Change-Id: I42e981c8c5ce1b8a57b9f6cce213065c72d6af11
Preparing the field for this patch:
https://review.openstack.org/205282
The client.cinder key needs to have write permission to the glance pool
in order to complete the snapshot process.
Change-Id: I98f16167db864ffd14e8c3dd5dec81fc16245448
This will let us defauilt to the path within the code,
we can add the right path in once we have the file in
the codebase.
Change-Id: I9de94c5ac6349c3b46adbacb77fc877b5201285c
This commit stops using the sample config file as the base for tempest
configuration. The sample config isn't actually needed as a based for
configuration because all the options are commented out so from the
perspective of the config parser it's a blank file.
There are 2 reasons for making this change, first using the sample
like this creates a hard dependency on tempest having a sample config
file in tree. This is something that the project wants to change since
keeping the file in sync causes headaches because of new oslo
releases. The second aspect is that it makes the generated output
difficult to read. It includes *every* option and it's description in
the generated output which makes finding where devstack is actually
setting something more difficult to find.
Change-Id: I4064a041a965ed2419b68efc8dc31fce37b24cfd
Some of the ceph commands had gotten quite long, so reviewing them in
gerrit is a bit problematic. Do some line wrapping just to bring these
back to a bit more managable state.
Change-Id: Ice5122702f2466d059dd275b038d5ff983bcda44
We're worlddumping at success points in grenade, and it would be much
handier to explain when that happens via a symbolic name in the
filename. Add a --name option to worlddump to allow it.
Change-Id: I644200fe08e404dc7ca2006478ae4e11ca020672
This parameter is needed in order to test the copy on write cloning
functionnality.
Change-Id: Ie8179a68827acba2dd8614ea9c6cecf2ddb20e29
Signed-off-by: Sébastien Han <seb@redhat.com>
Preparing the field for this patch:
https://review.openstack.org/#/c/205282/2
The client.cinder key needs to have write permission to the glance pool
in order to complete the snapshot process.
Change-Id: I90c6aa056b99944aa558783f3f81d06f918f3e26
Signed-off-by: Sébastien Han <seb@redhat.com>
Due to errors in tools/ping_neutron.sh, exercise neutron-adv-test.sh
fails. Faults were: 'neutron net-list' took too much arguments and
variable REMAINING_ARGS was mistyped.
Change-Id: I681328bfb1e4445543ef9d94e3b3824dbc9c8346
Closes-Bug: #1478021
Ceilometer introduces two new configuration files
This change adds them.
Change-Id: I4da44f09eb0a839f36fef513aec41d9b1564155d
Depends-On: I5a202c30614d06821063e243d4e2330736aba5fd
Ml2 plugin always needs agent file even if the agent is out of tree.
This patch removes the restraint and ofagent_agent.
Change-Id: I12de58e13da1fd162ad8b632d895779ae7560c3c
Closes-Bug: #1477459
We do not need the HOST_IP to be detected in order to be able to list
our images. So just set that to some dummy value before sourcing
functions.
This will allow tools like disk-image-builder to work regardless of
whether get_default_host_ip succeeds or not.
Change-Id: I9c22d2066e34309e70e56076e3d17c5db6ecee06
Add a -sudo option to allow these functions to operate on root-owned
files. Test-case is updated, but not enabled by default as we can't
expect test-runner to have sudo access.
Change-Id: I134c3397314c7d9395996eb6c825ecb7e7fdfc69
Various cleanup to this file.
Firstly create a temporary space to test, rather than working in the
source directory.
We have "assert_equal" which simplifies a lot. Add "assert_empty"
that is used in a couple of tests too. Remove a couple of duplicate
tests.
Change-Id: I7fd476ed63026e67d66a8ac2891b2e4a6687d09c
These return paths doesn't renable xtrace, so output mysteriously goes
missing until the next time it is enabled.
Change-Id: I3a8018dfa9397c07534970c39fba8dc10afcbe41
devstack attempts to set bind-address, sql_mode, default-storage-engine,
max_connections, query_cache_type and query_cache_size.
However the bash command is missing some '&&'s and was omiting
max_connections, query_cache_type and query_cache_size.
Change-Id: I24388b5de777995f92d73076524122cf599d6371
Currently, the Swift proxy, object, account, and container servers bind
to IPv4 address 0.0.0.0 by default. In the case of a user setting
SERVICE_IP_VERSION=6 in their local.conf file, these Swift servers still
listen on 0.0.0.0 instead of ::, which causes a ./stack.sh run to fail.
This change explicitly sets the bind_ip variable in the Swift server
config files so that the servers bind to either 0.0.0.0 (when
SERVICE_IP_VERSION != 6) or :: (when SERVICE_IP_VERSION == 6).
This patch is related to the following patch for devstack IPv6 support:
https://review.openstack.org/#/c/192329
Change-Id: Ie268c6daf5374e67ef8710a731c3af50ffdb821e
Nova option osapi_v3 is used for Nova v2.1 API and the default value
was False(disabled). However Nova v2.1 API is CURRENT status and the
API should be enabled as the default as we discussed on
http://lists.openstack.org/pipermail/openstack-dev/2015-July/069624.html
We could not find it before because devstack makes it True, so this
patch removes it for avoiding confusion any more.
Change-Id: I4efd2036605a1a41ea297b44a5f31b2da7412593
Related-Bug: #1462901
Depends-on: I43f0352f9fa89401f79389a6dc1035d901f52ed2
In another "things from the man page"
The return status is 0 unless local is used outside a function, an
invalid name is supplied, or name is a readonly variable.
Thus if anything fails in "cmd" of "local foo=$( cmd )" we don't
notice.
Change-Id: I22b10d5d39f014b6c92d2e101b167cbacf81afca
OpenStackClient doesn't currently support volume type create on the V2
API. Make sure that all requests use the V1 api until this has been
fixed in OpenStackClient.
Change-Id: I2fa133d30753e188d383d3de78c0022a3625cb34
Closes-Bug: #1475062
In test_functions.sh, There aren't export_proxy_variables() tests.
This patch add test of export_proxy_variables to test_funstions.sh.
Change-Id: I76f2bab84f4019961e612b0bff0ab66646b6e160
As soon as Parallels Cloud Server/Virtuozzo is based on CloudLinux distribution
this new rpm kind of distribution is introduced.
Also we setup vnc and set vnc_encoding parameter to None as soon it isn't
supported by parallels.
Change-Id: Ib97a09f397f950227498cfc2ce162d19b700f6f4
Add support of ploop images (*.hds extension) for both exe and hvm types.
In devstack we assume that images have '-exe' and '-hvm' suffixes in
their names correspondently.
Change-Id: I1c074876c530be0535a6e02e764d67a4ebcbbbe5
File injection is disabled in nova meanwhile, and devstack core
reviewers think it shouldn't be configureable in devstack anymore.
This basically reverts https://review.openstack.org/#/c/70560/
Change-Id: Ia7dd407da00c0b1c9641865aea1f7b74533d7357
Nova commit 322cc9336fe6f6fe9b3f0da33c6b26a3e5ea9b0c added the
neutron.allow_duplicate_networks config option in Juno and it defaults
to False. The option was deprecated in Kilo with commit
4306d9190f49e7fadf88669d18effedabc880d3b and removed in Liberty with
commit b06867c581541ed325ddc5e5b5a2d53b1b0261ac so it's the default
behavior in Liberty.
To test it in the gate with Tempest, we need to be able to set it to
True in devstack-gate and update tempest.conf (since tempest is branchless
and we don't want to try to test duplicate networks against kilo/juno code).
We can remove the change to lib/tempest when it's removed from Tempest
after kilo-eol.
Depends-On: I05f81d86cde249c23be06d5804fadbf40fc4a7f3
Change-Id: Ifd075420f57c9b60746f4a6af6520c0ef04800db
I dug back through the history to see why xtrace is enabled where it
is. Originally (like first commit originally), it was somewhat sanely
placed to turn on tracing after it had done the interactive
"read_password" prompt stuff. Over time, it has just shuffled it's
way down as stuff got added around it.
This was noticed this because I was looking for tracing of earlier
commands when looking at the repo setup (see
Iec2ad7b5598fdaefbc2338ade702bc7b08963b96) and couldn't find it.
Putting this at the start means we both capture all output
unconditionally, and avoid needlessly getting this interleaved at some
odd place again.
Change-Id: I441d7eecbab9d204258c18a071ccc1cbf4f7512a
The encrypted Cinder volume tests in Tempest don't actually work
properly for a Ceph backend in cinder since the volume encryption
support is not in Nova for RBD volume types.
This is needed for Cinder change
I03f8cae05cc117e14f7482115de685fc9f3fa54a which tells Nova that the rbd
volume connection is on an encrypted volume type.
Related-Bug: #1463525
Change-Id: I8548d41095513b9e669f773e3f35353e9228ead9
Most of unused files were used with build_domU_multi.sh which has been
replaced by build_xva.sh. Besides tools/xen/scripts/templatedelete.sh
was created for convenience purposes and now not in use.
Change-Id: I4282c779629e3413ee3cd3ff134c3b7b19eee487
Closes-Bug: #1470535
Include the user and project domain parameters in the generated user rc files.
This is fairly simplistic, if we were to follow the existing attitudes we
should iterate over the domains and add a new level of folders however this
would change the output location for files that may be depended upon.
Change-Id: I5e9e78406b11382751a591d91f711161bb98f47a
The create_userrc file is littered with references to a tenant. The tenant
concept has been deprecated long enough that we should use project instead.
I have not attempted to maintain compatibility with the --os-tenant-X flags
because I have not found reference to anyone using this script outside of
devstack.
Change-Id: I613f1bdc6673f0c4bfe29aaab7b514348a617a8c
This command was commented out so assumedly there used to be a bug. Switch to
OpenStackClient as the cinder CLI doesn't handle v3 auth correctly.
Implements: bp keystonev3
Change-Id: I1acdc04cf04b7056701bdded31ef2a015de5bce3
Always use the V3 API for role creation.
Groups only exist in the v3 identity API and so we must specify
--os-identity-api-version in these commands.
Implements: bp keystonev3
Closes-Bug: #1470668
Change-Id: I5e01d23ebcb5a0c7de56233071a4eb9b16d3b813
Always use the keystone V3 API when creating services and endpoints. The syntax
here is slightly different but we maintain the function interface.
Change-Id: Ib3a375918a45fd6e37d873a1a5c0c4b26bdbb5d8
Implements: bp keystonev3
Added functionallity to allow IPv6 addresses to be moved to the
OVS_PHYSICAL_BRIDGE from PUBLIC_INTERFACE automatically using
_move_neutron_addresses_route. Only PUBLIC_INTERFACE and
OVS_PHYSICAL_BRIDGE need to be set in localrc.
HOST_IP must be set in localrc. HOST_IPV6 must be set in localrc if a
global IPv6 address is configured on PUBLIC_INTERFACE.
Change-Id: I8d2c055702e1c7cf08499a77f6843393762fd4c1
We stop the services, which should be sufficient.
Uninstalling the packages means that doing repeated
runs with devstack takes longer than necessary.
Change-Id: I5626e42ce83710690a3523439bb2c9c9af560cd9
Keystoneauth is not marked as stable yet however to ensure that the
integration between it, keystoneclient and other services don't break
compatibility we want to test it with tempest.
Unfortunately you can't put -e links in requirements.txt files so add
it to devstack so we can set the test environment. This will also make
it available when keystoneauth is released.
Change-Id: I43ca1df9c6ae2f0ac1a687c9ce1e2ccb97e81652
Configuration of local_ip is duplication in ml2 because there is
the configuration in both ml2 and openvswitch_agent.
It also should be set in each driver using openvswitch.
Change-Id: Ib0b874aed8db883d778426ed1ae01679fc0cc075
Libraries were resulting in two edit-constraints runs:
- one for the library, which adds a non-editable file path
- then one for the editable servers, but that fails becuse
pkg-resources couldn't parse the prior entry.
This is fixed in two parts: the dependent patch which supports parsing
file urls that have egg names, and this patch which changes from a
file path to a file url with an egg name.
Change-Id: I0f07858e96ea3baf46f8a453e253b9ed29c7f7e2
With config option NOVA_USE_MOD_WSGI=True nova-api handles
requests on /compute URL.
Depends on I83bc4731507fa028377ae6701ed4d32adefa9251
Change-Id: Ic84b5c0dc0726662470ef9c076a0cadca55a3917
When you get or create service it first checks to see if an existing
service matching these parameters exists. The definition of existing is
having a service with the same name, however name is not a unique field.
Sahara for example creates two services, one with data-processing, one
with data_processing with the same sahara name.
Search for existing services by service type, not by service name.
Change-Id: I6148e2254aa3968039b0e7c178e7cabc53b6be68
Assumes devstack was configured with SERVICE_IP_VERSION in
local.conf
SERVICE_IP_VERSION is stored in .stackenv and checked in
openrc. If SERVICE_IP_VERSION is set to 6, openrc will use
IPv6.
NOTE: At first, I added a '-6' option to the openrc call
which would set the HOSTS accordingly. I then simplified
the code by saving SERVICE_IP_VERSION to the .stackenv file
which is sourced by openrc. After that, I simplified the
code even more by removing an extra, unnecessary, variable.
Change-Id: I5d46d5438d3e56fea788720ca17f0010caef3df1
By default, most Openstack services are bound to 0.0.0.0
and service endpoints are registered as IPv4 addresses.
With this change we introduce two new variables to control
this behavior:
SERVICE_IP_VERSION - can either be "4" or "6".
When set to "4" (default if not set) devstack will operate
as today - most services will open listen sockets on 0.0.0.0
and service endpoints will be registered using HOST_IP as the
address.
When set to "6" devstack services will open listen sockets on ::
and service endpoints will be registered using HOST_IPV6 as the
address.
There is no support for "4+6", more work is required for that.
HOST_IPV6 - if SERVICE_IP_VERSION=6 this must be an IPv6
address configured on the system.
Some existing services, like the Openvswitch agent, will continue
to use IPv4 addresses for things like tunnel endpoints. This is
a current restriction in the code and can be updated at a later
time. This change is just a first step to supporting IPv6-only
control and data planes in devstack.
This change is also partly based on two previous patches,
https://review.openstack.org/#/c/140519/ and
https://review.openstack.org/#/c/176898/
Change-Id: I5c0b775490ce54ab104fd5e89b20fb700212ae74
Co-Authored-By: Sean Collins <sean@coreitpro.com>
Co-Authored-By: Baodong Li <baoli@cisco.com>
Co-Authored-By: Sridhar Gaddam <sridhar.gaddam@enovance.com>
Co-Authored-By: Adam Kacmarsky <adam.kacmarsky@hp.com>
Co-Authored-By: Jeremy Alvis <jeremy.alvis@hp.com>
stackrc needs to do all of the initialization for situations (Grenade,
unstack.sh, etc) that do not run stack.sh
Change-Id: Ib8c7b923dde817b37f852515dd049fcf970b999a
Constraints files allow a global view of dependencies for devstack
without the side effect that requirements files have of installing
everything everytime. This is part of the cross project
requirements-management spec.
Change-Id: If089d30146629e6cf817edd634e5c2b80f1366dd
This allows setting the new option in Tempest for toggling whether
or not the Cinder encrypted volume tests should run.
Depends-On: I48eba7c645cc1c979fd766ae9c05efb00957f787
Related-Bug: #1463525
Change-Id: I9e12f8dc9e3e6b68dc031351cb081ee2bc6e6cbb
Review https://review.openstack.org/#/c/192154/ removed support for RPC backends
other than RabbitMQ, but we should still document how to disable rabbit.
Change-Id: I1fd64b5f02573c58d7b0d1005c39a22c459a09a5
Once the Sahara related code moved to Sahara repo and used, we can
remove Sahara specific code from Devstack.
Partial-Implements: bp sahara-devstack-intree
Change-Id: I34412b5cb2e86944b8555b8fd04b43556eb2bbe6
Depends-on: I2e00b2ebc59dd3be6a0539dea2985f2e801a1bd7
Depends-on: I07c3fede473030e8a110cbf5a08309f890905abf
Before the fix, requirements soft-update was used for projects that are
in the file.
Change-Id: I095d42521f54b45a6b13837e2f8375fa04532faa
Closes-Bug: #1469067
The gate/updown.sh calls the unstack.sh with
-ex option. Normally we do not use -e with unstack.sh.
The unstack.sh can fail if the service already stopped,
and it also can have flaky failures on the gate.
For example the stop_swift function tries to kill swift in two
different ways, and if the first one succeeds before the 2th attempt
the pkill fails the whole unstack.sh.
This change accepts kill failure.
Normally the kill can fail if the process does not exits,
or when you do not have permission to the kill operation.
Since the permission issue is very unlikely in our case,
this change does not tries to distinguish the two operation.
The behavior of the unstack.sh wen you are not using -ex should
not be changed by this change.
Change-Id: I64bf3cbe1b60c96f5b271dcfb620c3d4b50de26b
Unconditionally running this can lead to confusing failure output from
kill as the pgrep matches nothing when nova-compute isn't yet running.
Change-Id: I37cb84fe8e0b393f49b8907af16a3e44f82c46a6
Full list for liberty is as follows:
* oslo.service
* oslo.reports
* automaton
* futurist
oslo.cache was already added in the earlier review
Some of the entries are already there, though automaton was
missing in one spot. Made sure all references have all five
libraries.
Change-Id: Iffb720d46058424924469695a3ae1e4f20655f99
To avoid sourcing this twice and getting globals mixed up,
particularly when using multiple plugins, add a "header guard" that
ensures we only source it once.
In general I don't think functions/functions-common have been written
or considered to be idempotent. I don't think going down that path is
going to be a long-term solution as it's easy to break.
Change-Id: Idca49eb996d2b7ff3779ec27ed672a2da7852590
Closes-Bug: #1469178
Move the failure trap after the functions it uses, so that
"delete_all" is defined when it is triggered.
Change-Id: Icb2465d0f834b8cb2d46dca3c7df4ae06e49d9b5
In documentation like this (which is a huge boon) we should strive to be
as explicit and helpful as possible, so this change tries to be more
clear about what a project.yaml is and where one might go to create it
or change it.
Change-Id: Ia66a361fc7d79e511afa3ad903fffb122b86998b
When using IDENTITY_API_VERSION=3, the clouds.yaml must also set
auth/user_domain_id and project_domain_id.
Change-Id: If028f2935ea729276f40039a4003c07c08e91672
There is properly working is_cinder_enabled now, and this check
actualy matches ironic-inspector, breaking its devstack plugin.
Change-Id: I659ec9b9b2b49690fd075f9766ae8cbf19e81848
Closes-Bug: #1469160
Change I79a8d8ac7ad2fbd7d2fce696821d130218e43e03 removed the install
of python-libguestfs, which was actually hiding a dependency issue on
Centos. The "kvm" package is ultimately missing some bios files from
"seabios-bin" -- however with python-libguestfs installed this was
coming in via a dependency chain that pulled in qemu-kvm, which has
the dependency.
qemu-kvm is not strictly required as all the functionality is within
qemu-system-x86. But while we get [1] sorted out this restores the
job functionality.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1235890
Change-Id: I3379bc497978befac48c5af0f1035b96d030b7eb
Prior to this patch, the logic for configuring the interface used for
the L3 agent was OVS specific. This patch introduces code to correctly
identify the brq device that is used for the L3 agent when using the
Linux Bridge mechanism driver.
Change-Id: I1a36cad0fb790aaa37417a1176576293e4f2c87f
Co-Authored-By: Jens Rosenboom <j.rosenboom@x-ion.de>
This should make it easier to understand possible interactions between
rootwrap processes calling commands that might be the cause of race
bugs.
Closes-Bug: 1081524
Change-Id: Ic1f1fa42e4478a9d30f0f582a68f648935d0097d
When configured to run under Apache Httpd, keystone will also
handle requests on /identity (public) and /identity_admin (admin).
Change-Id: I4e6eb0cad1603aa0e612d0adc5431565da93870e
We have this pattern of timeout with while tests for a non infinite
while loop condition. It's enough of a pattern that we should probably
extract it into a function to make it more widely used.
Change-Id: I11afcda9fac9709acf2f52d256d6e97644d4727c
We're adding the ability to have devstack plugins, which should be
much more free to require new things not in global requirements. Our
old thinking of locking down all the requirements doesn't really work
in a plugin model.
Instead, if the project is in projects.txt, continue with the old
behavior. If it is not, do a soft update (update all the requirements
we know about, leave the ones we don't). This was previously the SOFT
requirements update mode, but now it will just be the default.
Change-Id: Ic0c6e01a6d7613d712ac9e7e4a378cc3a8ce75e6
We should use "tenant" and "user" instead of "project_name" and
"user_name" by calling setup_colorized_logging with these parameters.
Closes-Bug: #1467942
Change-Id: I484ef431ac422e25545391ed41fab45060a7b821
This patch fixes the problem of iPXE connection timing out when it's
trying to fetch the configuration files and images from the HTTP server
by accepting requests to HTTP server port on iptables.
Closes-Bug: #1467894
Change-Id: I43d66335a97c376ab64d604ff807540d0decc401
Because PIP_VIRTUAL_ENV was set for the installation of requirements,
and left around in scope, the installation of pbr no longer happened
in a global context, it instead landed inside the virtual
env. Unsetting the variable after requirements install gets us back to
where we expect.
This was an unintended side effect of the requirements-venv patch.
Change-Id: I2c4cb4305fec81a5fd237edabee78874ccd0da22
Currently those bindings are missing from SLES12, and since
they're not actually used unless file injection is enabled
(which is not by default), only conditionally depend on it.
Change-Id: I79a8d8ac7ad2fbd7d2fce696821d130218e43e03
libxml2-devel is a dependency of libxslt-devel, so we don't need
to explicitly include it. Also, since it is only really needed
by python-lxml, consolidate it into devlibs and remove the copies.
Also remove a non-existing package reference along the way
Change-Id: If9afaaa93f2c485baa1efff74d7ae58c59713de6
yum-utils provides yum-config-manager but the check for yum-utils is
currently being done after the first usage of yum-config-manager, which
fails if you don't have yum-utils already installed, so move it up
before the first usage of yum-config-manager.
Putting yum-utils in files/rpms/general doesn't help since
yum-config-manager is used in stack.sh before tools/install_prereqs.sh
is called.
Closes-Bug: #1467270
Change-Id: I74996c76838b7dc50d847e3bedb2d04dc55b4431
A lot of commands developers use require admin by default, so add a
"devstack-admin" cloud to clouds.yaml that has admin authority.
$ openstack --os-cloud devstack-admin user list
Change-Id: Ie0f1979c50901004418f8622d4ca79dc4bdadd8d
Since this patch https://review.openstack.org/#/c/171685 has been
merged in global requirements, better to switch to pip_install_gr.
Change-Id: Ibe708d4f523c32ade3c6a273f80b9c38bb03e382
On some system Cinder is not enabled so we can't assume LVM is installed. So
do not try to `sed` /etc/lvm/lvm.conf or clean LVM VG if cinder is not enabled
Change-Id: I09b1a7bee0785e5e1bb7dc96158a654bd3f15c83
The devstack plugin docs mostly referred to in tree plugins, which is
honestly something we don't want people doing. Instead restructure the
whole document to talk about external plugins as the only kinds of
plugins, and focus on a workflow to make that easy for people to work
through.
This also adds a plugin-registry page to start listing known plugins
somewhere centrally. Some sample content was added, hopefully people
will submit patches to include their plugins.
This does drop the section on hypervisor plugins. That's not currently
something that we expect a ton of people to work on, so diving into
the code for this should be fine.
Change-Id: Ifc0b831c90a1a45daa507a009d1dcffcd6e2deca
Using the swift_store_auth_address, swift_store_user and swift_store_key are
marked as deprecated in glance in favour of using a standalone config file that
provides multiple auth options.
Create and use a standalone authentication file for communicating with swift.
Change-Id: I9b5361ce6e1771781d7ae7226974604a7f9e5d00
That'll make things more clear that with the provider networking
feature in DevStack, FIXED_RANGE will be a routed IPv4 subnet that gives
routed IPv4 addresses to instances without using floating IPs.
Change-Id: Ie26d75ac5ff285a25762c4f61fd9800b0382886b
With PyMySQL in the projects we can expect things to happen more
concurrently now. The query cache is a hinderance to concurrency, and
more connections will be required.
Change-Id: Icfb8cdbb9ed39cfd7732ad05fe740e01c767af7b
The requirements repo has had a setup.cfg etc for a long time but only
recently started using it. As it now has dependencies, we need to pip
install it. To preserve compat with older requirements repos I haven't
changed the call to invoke update-requirements yet, as we still have
the update.py symlink.
The pbr install is moved before requirements to ensure we don't
trigger easy-install.
Change-Id: I7d7e91694c9145fac0ddab8a9de5f789d723c641
Nova is responsible for installing the libvirt package (if it is being
used). It is required by python-libvirt but python-libvirt only required
in ceilometer if nova compute is being used. There are some usage
scenarios where nova compute is not being used so in that case don't
install python-libvirt.
Change-Id: I0db66f1c0526e24ade98de85989a5ed8d37f0c4f
The change in 027e2ea741 included some
debugging code that should have been removed before being added. This
removes it.
Change-Id: Ia56e1eb7305683b6c00b27a727fc8e094c65a963
If the version of python-requests required is higher than
that provided by the operating system, pip will install
it from upstream.
The upstream version provides its own CA certificate bundle
based on the Mozilla bundle, and defaults to that in case
a CA certificate file is not specified for a request.
The distribution-specific packages point to the system-wide
CA bundle that can be managed by tools such as
update-ca-trust (Fedora/RHEL) and update-ca-certificates
(Debian/Ubuntu).
When installing in SSL/TLS mode, either with SSL=True or by
adding tls-proxy to ENABLED_SERVICES, if a non-systemwide
CA bundle is used, then the CA generated by devstack will
not be used causing the installation to fail.
Replace the upstream-provided bundle with a link to the
system bundle when possible.
Change-Id: I651aec93398d583dcdc8323503792df7ca05a7e7
Closes-Bug: #1459789
Part of what was decided at summit is devstack needs to return to a
more opinionated stance, the following removes support for non
RabbitMQ messaging. RabbitMQ is used by over 95% of our community
(statistically all of it), so it's a pretty clear line to draw that
this shouldn't be in tree.
iniset_rpc_backend will be our stable hook for other projects that
want to implement this out of tree. The burden on creating those out
of tree plugins will be on those that wish to support those
alternative stacks.
Change-Id: I8073a895c03ec927a2598eff6c2f01e5c82606fc
This includes requiring a domain when creating a user. This will allow us to
control where users are created in a later patch.
Adding the token to the user creation call is required because of a bad
interaction between OpenStackClient, os-client-config and keystoneclient
when dealing with v2 authentication but v3 API calls. It will be cleaned
up when we switch to v3 credentials.
Change-Id: I6ef50fd384d423bc0f13ee1016a8bdbb0650ecd9
Implements: bp keystonev3
Always use the keystone v3 API for project creation. Make domain a
required argument. Whilst we could simply default this value within the
function I think it's better to make this explicit as these are things
deployers and services need to consider.
In future we will want to figure out how we want devstack to organize domains
however I don't believe that it belongs in this patch.
Change-Id: Ib9587193c5c8419dc4b5a608246709baaddd2a52
Implements: bp keystonev3
There is a known bug that restart tgtd fails, so go the
workaround way and stopping/starting it instead.
In addition, remove the else case since unstack also
uses cleanup_cinder, which already unconditionally supports
all distros.
Change-Id: Ib70917a95f001ef36a51815f08416fa30084aad6
Following fixed were done:
1. Cleanup fixed.
2. API_WORKERS config option was added to nova config templates.
3. Nova API screen tabs were named as nova-api and nova-ec2-api.
Change-Id: I68dc6fd6c8aeffcec7f9039afd63bd1599c65682
Change [1] brings back this feature in Neutron, so we want to have
the ability to set the number of API workers the same way other
projects do.
However, this cause some instability, so we need to be careful on
how we bring it back.
[1] https://review.openstack.org/#/c/191127/
Closes-Bug: #1432189
Related-bug: #1432065
Change-Id: Id4986a49d33fa4b8a7291150488665e200525dac
Co-authored-by: Russell Bryant <rbryant@redhat.com>
Some projects (Neutron) seem to be affected more than others, so we should revert this
to allow for a more selective choice of the DB driver on a per project basis.
We can re-enable the use MySQL-python just for Neutron.
This reverts commit de8d29ed8c.
Related-Bug: #1464612
Change-Id: I889f4f8b116c413b300ab9eecc7b428a9a4afb1a
The failure rate with neutron is too high to keep this
as the default.
Related-Bug: #1464612
This reverts commit b3798af474.
Change-Id: Ie9550aeb25d472a38e3d3ef6f3711622c9221c46
Going forward, nova will have another database at the API level (similar to how
current cells has an api-level cell, with its own database). This patch creates
and initializes it so that we can start testing the migrations with grenade.
Change-Id: I0dfae32102aeda9c5d17e134527b6a18f4b88014
glance_store has now been fully migrated, so we can stop setting these
options in the config files.
Change-Id: I3c6c2eea0171227b1ed362e74bcc5b10770721be
This patch just simplifies the start function a bit by removing some
unnecessary is_service_enabled checks that just wrap run_process
calls. run_process does this exact check internally so it's not
needed here.
Change-Id: Id12a23f77ea0342854337c7d65821dd4e574dec2
Signed-off-by: Russell Bryant <rbryant@redhat.com>
This does not gracefully handle the situation where requests
is not there at the beginning. Needs to be rethought.
This reverts commit 7d350720fe.
Change-Id: I101fac0dc6fdc97b7fb0b2955cffc6b4905152e5
Sadly this is needed. We should refactor this out from all of the
plugins so we don't need to have all of these files. Adding this one
for now though.
Change-Id: Id382443fa7bef6b45237688c7e88d9e9a80a6ba1
The iptables service files are no longer included by default on
Fedora. This causes the systemctl calls in fixup_stuff.sh to fail
when disabling firewalld in favor of iptables.
Change-Id: If37691d03e3d07ca8b53c541717081beeb184c16
Closes-Bug: #1462347
Add a note about running openrc through bash for import into zsh, as
shown by Chmouel Boudjnah in I5b6c8cfedcdd36efb4cbc91831501ee5c9c3b1d1
Change-Id: I5f1c9fc3fdc045cf6fb69af13f6264a81bf5f763
Closes-Bug: #1460656
The script hardcoded http://$SERVICE_HOST/... which failed
when SSL or tls-proxy was enabled. Calculate the protocol
based on enabled services instead.
Change-Id: I192eeeafe7bf4dc5cbd382c505ffb9307651d78a
This patch separates out control of the Neutron L2 agent from
starting/stopping the rest of Neutron. This is needed for the same
reason that control of nova-compute was separated out for Nova. When
doing rolling upgrade testing with Grenade, we need to be able to stop
and upgrade everything except the L2 agent, as that is what would be
running on a compute node.
After this is in place, we can update grenade to support a partial
upgrade scenario with Neutron and run it in jenkins to ensure we don't
break live upgrade support of Neutron.
Change-Id: I7eb87fba778aff3e4514813c6232dafa99ee2912
Signed-off-by: Russell Bryant <rbryant@redhat.com>
os-brick code was pulled out of cinder and made into its own library
https://review.openstack.org/#/c/155552/
added to requirements:
https://review.openstack.org/#/c/177372/
Integration tests were added
https://review.openstack.org/#/c/188156/
But they still use the version of os-brick from pip.
This change updates devstack to pull in the changes from
os-brick patch sets instead, when configured to do so.
Needed-by: Id2bc10782847861fe4bb5e9e46245654450e38fd
Change-Id: I5359dd37dfe94bd469d5ca35f9fbaeda61b5fac4
Nova-compute is hanging in the multinode test, and its difficult to
figure out why. So trigger a guru meditation report for nova-compute in
worlddump so we can see what nova-compute is doing when it is hung.
Having a hung nova-compute causes tempest to fail and
I035fe8e3333034e44b403ed0f986220ab5b0e57a runs worlddump whenever
tempest fails.
Bug 1462305 is one of the last issues left before the multinode job is
stable enough to gate on, and this patch should make it much easier to
debug.
Change-Id: I87d7536b5992c47b8082684cc662f953113fd1a8
Related-Bug: #1462305
This requires three main changes:
* setting CEILOMETER_BIN_DIR appropriately
* running the various services with a full path
* explicitly installing optional python modules (for mongo and
virt drivers, if configured) during the install phase
In the process of making this work it was discovered that setting
CEILOMETER_BACKEND to something like 'foo' would cause the backend
to be configured to use mongodb but for the mongodb system packages
and related python modules to not be installed. Fixing this was used
to validate the install process under USE_VENV.
Change-Id: I35fbfa76bdd60a22ba90b13666b06eeb961dddb3
Retrieving the root page in the nova and glance APIs include
URLs for the various versions supported. These are by default
reported using unsecure URLs. Configure the services to report
a SSL-based URL instead.
Change-Id: I220757e53b94a5f6d19291371407220fdf54c645
Fedora 20 will reach end of life on 23-JUN-2015[1]; remove it as
supported distribution. Add Fedora 22 where applicable.
- stack.sh: Remove Fedora 20 from list of supported distributions.
- files/rpms/general: Remove 'f20' from NOPRIME.
- lib/ceph: Remove 'f20' from the check_os_support_ceph()
function.
- doc/source/index.rst: s/Fedora 20/Fedora 21/
[1] https://lists.fedoraproject.org/pipermail/devel-announce/2015-May/001586.html
Change-Id: I8f2e1ddc24c071754b1cceb5bed5bdafdc9d9f79
Deactivate image is new feature, so it cannot be default
enabled in tempest.
Change-Id: Ic33b3e2f7a9f62543680647312603bdd19b90198
Depends-On: I7880f0e2646ce8660e035ebaa19a60f5bf271b64
While the most part of MidoNet code is now externally maintained
using the external plugin mechanism, it can be still useful to
have a contact list.
Change-Id: I3e0a0586c07875ca37ce101dd169eaf78f34f7a5
If the version of python-requests required is higher than
that provided by the operating system, pip will install
it from upstream.
The upstream version provides its own CA certificate bundle
based on the Mozilla bundle, and defaults to that in case
a CA certificate file is not specified for a request.
The distribution-specific packages point to the system-wide
CA bundle that can be managed by tools such as
update-ca-trust (Fedora/RHEL) and update-ca-certificates
(Debian/Ubuntu).
When installing in SSL/TLS mode, either with SSL=True or by
adding tls-proxy to ENABLED_SERVICES, if a non-systemwide
CA bundle is used, then the CA generated by devstack will
not be used causing the installation to fail.
Replace the upstream-provided bundle with a link to the
system bundle when possible.
Change-Id: I349662ff8f851b4a7f879f89b8975a068f2d73dc
Closes-Bug: #1459789
Currently devstack unconditionally installs MySQL-python, so
we need to have its dependencies available. Since this is
transitional until the switch to PyMysql happened, lets just
add the dependency for now to have devstack working again.
Change-Id: I638b5999d35a06eee962679b1cd95950bbf2b1d7
Some distros have converted to systemd for starting RabbitMQ. This has
resulted in:
---
[Call Trace]
./stack.sh:904:restart_rpc_backend
/home/stack/projects/openstack/openstack-dev/devstack/lib/rpc_backend:201:die
[ERROR] /home/stack/projects/openstack/openstack-dev/devstack/lib/rpc_backend:201 Failed to set rabbitmq password
Error on exit
World dumping... see /opt/stack/logs/worlddump-2015-05-29-031618.txt for details
---
Because 'restart_service rabbitmq-server' returns before the server is ready to
accept connections.
Alter the retry loop to only restart the rabbitmq-server every second time
through the loop. Allowing time for the slow rabbit to start.
Closes-Bug: 1449056
Change-Id: Ibb291c1ecfd109f9ed10b5f194933364985cc1ce
Current SLE12 and openSUSE13.X versions can handle usermod's '-a' and '-G'
switches so remove the special case.
Change-Id: If0f1390a0eb8f41ffffca74525a4648cfe8ea61d
python-CherryPy and python-beautifulsoup are not needed so remove them
from the list of packages for horizon.
Change-Id: I45ddf98b5891a1f1f1da82bb4afa79ea43d156cc
libmysqld-devel is needed for installing MySQL-python. Otherwise the
following error occurs:
EnvironmentError: mysql_config not found
Change-Id: Id84d3116d5987976169d8e2f9aca754ded205880
The setting for overriding Horizon's OPENSTACK_API_VERSIONS is not
the correct format. The version should be a number, not a string.
so should be 3, not "v3".
Change-Id: I193d21514b196336796eac067417dc2aaec56433
Closes-Bug: #1460190
When running tools/build_docs.sh in a devstack dir that has also run tox
build_docs needlessly runs shocco on the .tox files.
Just skip them.
Change-Id: Ia561e49ea2214ac75bd55964f1b86872118b2031
when running tox in a devstack directory where you have previously run tox
-edocs the bashate testenv will fail as the shocco code doesn't match the
devstack style.
eg:
---
E003: Indent not multiple of 4: ' 2>/dev/null ||'
- /home/stack/projects/openstack/openstack-dev/devstack/shocco/shocco.sh : L352
<snip>
27 bashate error(s) found
---
Take the easy path and avoid running bashate in the shocco dir.
Change-Id: I5b0155332ec994afaffc5c5961902281864cff61
F22 has a stable release and working with devstack.
The change also removes the version flags regarding to the
mariadb-devel.
NOTE: You may see yum deprecation warnings, unless
you set the YUM variable to dnf.
Change-Id: I05140765bffc16faef5a29dfaba291c290bfae02
As unstack.sh does destroy all bridges, we don't have to refresh bridge
interface any more, as what is done in commit
c2dc95add6. So in this commit we will continue to
remove the related statements in lib/neutron-legacy. These statements will also
cause undefined PUBLIC_BRIDGE error.
Change-Id: I4c7617f6a245ea4e2e08f518d873b1b8adc2b807
Closes-Bug: #1454475
Devstack has continued to grow in memory requirements and now we cannot
reliably fit in 4GB, with several services being unable to start. Increase
the minimum for DomU to 6GB to leave room for virtual machines
Change-Id: Idbdfa1f36015b6af347d1ce27eb28baa360af5ef
When the property ENABLE_IDENTITY_V2 is set to
False in the local.conf file, devstack will:
* Disable the v2 API in Keystone paste config;
* Set Tempest to skip Identity v2 tests and use
v3 auth tokens to run all the other tests;
* Set Horizon to use v3 API and v3 auth tokens;
* Register the Identity endpoint as v3.
Change-Id: I2575a516244b848e5ed461e7f488c59edc41068d
Ironic have updated some parameters to have a consistent name
across drivers. This patch is updating devstack to stop using the
pxe_deploy_{kernel, ramdisk} parameters which have been deprecated since
early Kilo eliminating the deprecation warnings in the logs.
WARNING ironic.drivers.modules.pxe [-] The "pxe_deploy_kernel" parameter
is deprecated. Please update the node 267e42c8-df07-49f5-bc7f-48b566acb109
to use "deploy_kernel" instead.
WARNING ironic.drivers.modules.pxe [-] The "pxe_deploy_ramdisk" parameter
is deprecated. Please update the node 267e42c8-df07-49f5-bc7f-48b566acb109
to use "deploy_ramdisk" instead.
Change-Id: I3dcf8df130efc0c2ea35695018bedba31bf0570c
When the tls-proxy service is enabled then a separate
set of ports is used internally vs externally. The
services listen on the internal port and a proxy (stud)
listen on the "standard" port and forward requests to
the internal port.
An incorrect environment variable was being used to set
the internal port in the sahara configuration so it wasn't
listening on the correct port, causing stack.sh to fail
because it thought the service wasn't up (at least not
on the right port).
Change-Id: I3384039392be786d3c189f3e4f84e069ddaf4339
Closes-Bug: #1458984
As discussed in the Liberty Design Summit "Moving apps to Python 3"
cross-project workshop, the way forward in the near future is to
switch to the pure-python PyMySQL library as a default.
https://etherpad.openstack.org/p/liberty-cross-project-python3
Change-Id: Ic609ce136061b753ca692b37509a0b29c60bb8b5
'cidr2netmask' of function doesn't have enough test case
and test code isn't smart.
This patch adds test case and refactors test code.
Change-Id: Iab20ef06fe78316a78198ab75c0afe738a577dd6
Closes-bug: #1457989
remove_disabled_extensions do matching by '$ext_to_remove","'. So it doesn't
match an extension at the last position in extensions_list.
This patch fixes that.
Closes-Bug: #1443254
Change-Id: I194b483de797697ba06b320cf33f1bac67fc0cc7
Add the file vmware_dvs that will enable the external CI to be
run.
The patch in the VMware repo for the DVS support is:
https://review.openstack.org/#/c/177597/
Change-Id: I6dee978fd2be3818c5ce57b1dcb2917234ab61e2
I noticed this was taking an argument but not dealing with it. In
general the functions were undocumented, so I added some terse usage.
Also, the intent of the test-case was to expand the values before
using them as the message; make sure this happens by using a temp
variable.
Change-Id: Ib317ad1e9dd2a5d2232b9c64541fe4a601a2b8da
Neutron ML2 plugin introduces the first extension driver port_security, this
patch add it to be a default extension driver as a example. And also, if not
set it by default, networks like public/private which are created after the
neutron-db-manage's update, will not include the port-sec value.
Change-Id: I3035317c83d22804855517434bd8578719ce0436
Partially Implements: blueprint ml2-ovs-portsecurity
If neutron is enabled then there isn't a shared private network
between all tenants which is what is required for the
fixed_network_name config option. This commit adds a conditional
to not set that option when neutron is enabled. While not necessarily
fatal to tempest it does emit a warning on almost every server create
call if it is set with a non-existent network name.
Change-Id: I1a42fa6b0b5a93b411c08ec35df043d6ea69d453
We've bike-sheded over this before
(I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799) but I have just traced
down further issues to firewalld with neutron+ipv6 (see the bug).
In fact, as mentioned in the comments, RDO disables firewalld and the
neutron guide says to disable it [1]. The force flag is left if
anyone really wants this; but nobody is testing (or, as far as I can
tell, working on) this so bring devstack back into line and disable it
always. Note we do not remove the package; as has been found in the
puppet scripts this can lead to dependency issues.
[1] http://docs.openstack.org/developer/devstack/guides/neutron.html
Change-Id: Ief7cb33d926a9538f4eb39c74d906ee0c879de35
Partial-Bug: 1455303
Nova is being enhanced to use rootwrap as a daemon. For this effort,
we need an additional entry for nova-rootwrap-daemon in the
sudoers.d/ directory.
Needed by:
I57dc2efa39b86fa1fa20730ad70d056e87617c96
Change-Id: I80c7b9dd8e9e0f940aa4e54a95b241dfc40d3574
We can infer the binary and configuration paths just from the project
name and expanding this to the known *_DIR & *_BIN_DIR variables. A
similar thing is done for policyd settings
Change-Id: I7c6a9fa106948ae5cbcf52555ade6154623798f1
os-client-config consumes clouds.yaml files, which is now supported in
python-openstackclient and shade. It also makes for a non-envvar way of
getting config info into functional tests.
Change-Id: I1150b943f52f10d19f8434b27e8dde73a14d7843
Once the trove code is copied into the trove repo and it is used
as a devstack-plugin, we can remove trove-specific code from
devstack.
Change-Id: I8f9f1a015edb7ec1033e2eaf0b29ab15d89384ce
Depends-On: I3506dec0e6097f9c2e9267110fdfb768faa23c85
When calling os-assisted-snapshots APIs, Cinder often (by default) needs
to pass an admin token to Nova. Currently it uses the credentials of
the current user.
This will cause calls to Nova APIs for assisted volume snapshots to fail.
Configuration options should be added to specify different credentials
for talking to Nova.
Change-Id: I9e3ed53f4e1349d57a0c33518445f54ac63e36ec
Related-Bug: #1308736
configure_tempest uses python-openstackclient (OSC) and we call
configure_tempest in grenade on the new side. So we need to make sure
the version of OSC is installed matches global-requirements on new.
Change-Id: I6fae9b8b081355b45e7c8d622d8db2482d41b464
Closes-Bug: #1454467
Cinder has had an lvm_type option for quite a while
that allows the LVM driver to be configured to use
thin provisioning.
This required an additional PPA in Precise, but is
available in the default Trusty packages.
This patch adds the lvm_type option, and we'll use
it to do gate testing against the lvm_thin configuration.
Change-Id: I99c7fea131f3d79747ec75052adf8b24f41ba483
This makes it possible to list virtual site-package directories
without statically stating the python version, which is a bit ugly.
Change-Id: I3e7ac39eb43cdc4f656e0c90f3bfb23545722aef
This adds potentially helpful networking info to the world dump.
It also refactors some of the output mechanisms into reusable
functions for cleanliness in the code.
Change-Id: I39f95bd487c152925f8fadd1799149db35cffd52
With bp stevedore, keystone will load backend drivers using
stevedore entrypoints. Using the qualified class name is
deprecated.
Since stevedore is going to validate that the entrypoint is
found, there's no need to list the valid backends, so backend
validation was removed. This change will cause the server to fail
to start if the backends are misconfigured rather than using the
default one.
The names of the stevedore endpoints are "sql", "ldap", etc.,
rather than the qualified class name, so the way that these
are specified in KEYSTONE_IDENTITY_BACKEND, etc., is the same as
the stevedore entrypoint and there's no need to translate.
Change-Id: I81e4e3a6c97b0057610e6b256aff5df4da884e33
The function's comment is written as follow, however the function accepts
other values (ex. "e", "t", "T", "f", "F", etc...).
---
Accepts as False: 0 no No NO false False FALSE
Accepts as True: 1 yes Yes YES true True TRUE
---
Moreover if testval mach True or False, the function exits without resetting
xtrace.
This patch fixes the issue and add test patterns.
Change-Id: Ie48a859476faff22a4dfef466516e2d7d62ef0c0
Closes-bug: #1453687
The distro packages of nose and pylint depend on python-setuptools
on some platforms, and on some of those platforms (at least CentOS
6.x) you can't resolve dependencies on python-setuptools properly if
you've forcibly removed it already (as we do on our CI workers). It
appears that any current upstream use of these tools in relation to
DevStack-based testing is now relying on tox and pip to obtain them
instead.
Change-Id: Ibd16ac550c90364115caf57fae4f5f4cb5d5f238
The `sudo -c ${CEPH_CONF_FILE} ceph ...` in lib/ceph misplaced
`ceph`. The correct syntax is `sudo ceph -c ${CEPH_CONF_FILE} ...`,
see lib/ceph:308.
While installing ./stack.sh with ceph enabled, the above malformed
command raises a `usage: sudo -h | -K | -k | -V ...` error and stops
the installation.
This patch fixes `sudo -c ${CEPH_CONF_FILE} ceph ...` by moving
`ceph` to the right place.
Change-Id: I3da943d5a353d99b09787f804b79c1d006a09d96
Closes-bug: #1453055
The Multi-Node Setup guide in README.md
https://github.com/openstack-dev/devstack/tree/master#multi-node-setup
guides users to use
SCHEDULER=nova.scheduler.simple.SimpleScheduler
where the SimpleScheduler doesn't actually exist in nova. Even
though this is just an example, it is misleading enough for a
beginner to put SimpleScheduler into local.conf. The resulting
error message where n-sch fails to start
ImportError: No module named simple
Isn't intuitive enough and may takes the beginner long time to
locate what's wrong.
This patch replaces SimpleScheduler with a real existing
FilterScheduler in nova.
Change-Id: I14a2a5c0604ce08a498accfc3a795c1c9aa3e642
Closes-bug: #1453186
Nova commit 9b224641295af3763d011816d6399565ac7b98de removed the option
in Liberty so we can remove it's usage in devstack.
Related-Bug: #1364851
Change-Id: If051f43fb75d57c118db4e8e97895ff06fbb54e2
This change adds setting of deploy_img_dir and node_uuid baremetal
config options during tempest configuration to enable ironic w/o
glance scenario testing.
Needed for change I171e85cb8a21fae4da45028f1f798988a36f6c95
Change-Id: I6fd393390389c4c643b93198fa461fc2adc415ae
The pip_install_gr function in build_wheels.sh use requirements project.
So requirements project must exist before execute build_wheels.sh.
Then we moved install_infra function which install requirements project.
Change-Id: I8f80ecafff0f7e1942731379b70bccac338ea3b3
Closes-Bug: 1453012
Live migration of paused instances is a new Nova feature in Kilo, and will not
be backported. The compute_feature_enabled.live_migrate_paused_instances flag
defaults to False for this reason, but can be set to True here. The tempest
config option and this change can both be removed at Juno-EOL.
The related Tempest change: I5c6fd3de7ea45d1851bb40037c64ad7fb5e6dc48
Change-Id: I3a83e43d252b88c234438a224e2fbebc0a81eaff
Related-Bug: #1305062
This change extends devstack to configure the br-ex,
br-<phy> and Xenserver's br-$GUEST_INTERFACE_DEFAULT
datapaths when OVS_DATAPATH_TYPE is set.
Change-Id: I71e590de86e7526e8423140463752d6b3ad14214
Closes-Bug: #1416444
Update the default CIRROS_VERSION to 0.3.4, which has better support
for IPv6 and some other bugfixes.
Co-Authored-By: Scott Moser <smoser@ubuntu.com>
Change-Id: I03ee6e1403680fb6c421225a7cadaf8a82edf702
Depends-On: Iac9f108d947ff4a51f99c6e8ad9d1ac5b32c000a
If we fail during devstack / grenade runs, it would be nice to have
the map of iptables that are currently active as well. This makes it
handy to start figuring out what's going on when test servers don't
ping.
Change-Id: Ia31736ef2cb0221586d30c089473dfdc1db90e23
In openrc, if we set OS_CACERT, some things will expect it to be there
in pre-flight checks. But it may very well be missing. This "fails
closed" because if we find the file, we try to use it, but if we don't
find the file, and the user thought we should be using it, we'll just
not be able to verify the server's name, and the libs will fail on that.
Change-Id: Ia5d06afa74bc645c2f19711cfa37e57a377c329b
Closes-Bug: #1452036
This is an attempt to fix the cffi vs. wheels bug in a more generic
way by just ensuring that pip has installed cffi with a pip understood
version into the venv before we try to do any builds.
Related-Bug: #1451992
Change-Id: Ibc58668c53933033405b40f79b0e9ffc73a01a6f
Recently, keystoneclient.middleware has been moved from keystoneclient to
keystonemiddleware. The latter should be used.
Change-Id: Ib9489a21b988b32fc17399c08eeb60862efae034
Closes-Bug: #1452315
xattr fails to import due to being unable to build cffi bindings unless
it is imported as root beforehand.
Depends-On: I6a9d64277974933ae9b7bbe2a40b8a0eb0fa8c6a
Change-Id: I835e55bbafc7e0640987e6f3c8ee0c873f875ee0
Closes-Bug: #1451992
Inspired by keystone and rcbops-cookbooks's nova scripts,
this review adds apache2 templates for two of the Nova
services. Also add code in lib/nova to switch between
the old and new ways to these two services. The patch
depends on the Nova review mentioned below as the two
scripts that are needed will be in Nova's repository.
TODO for later would be to switch on NOVA_USE_MOD_WSGI
when ENABLE_HTTPD_MOD_WSGI_SERVICES is switched on.
Related Nova blueprint:
https://blueprints.launchpad.net/nova/+spec/run-nova-services-under-apache2
Depends-On: Idd7d3d1b3cc5770cdecea7afe6db3c89d5b2c0d0
Change-Id: I9fc0c601db2776d3e9084be84065e728e3f5d414
CINDER_SECURE_DELETE previously iniset volume_clear to none as a
side effect, however secure_delete is not documented in cinder.
Now using CINDER_VOLUME_CLEAR outright. CINDER_SECURE_DELETE is
supported but now deprecated.
Change-Id: Ic8694cf16654c23b27d23853a9f06ddf1050fa93
Closes-Bug: #1450159
In an installation with VLAN tenant networks, devstack should
not configure the local_ip (which is applicable only when
tenant_tunnels are used). This is causing failures in Neutron
for an IPv6 only setup. This patch addresses this issue, but
configuring the local_ip only when TENANT_TUNNELS are enabled.
Related-Bug: #1447693
Change-Id: I0e2a2d8b6ce0ad87f6c0d318ac522dbab50d44ee
We do a bunch of exec magic unwind in run_process that leads to a lot
of confusing lines in the logs under xtrace. Instead, disable xtrace
through these parts to ensure that the flow at the end of the day
makes more sense.
Change-Id: I91e02465240e704a1a0c0036f5073c0295be018e
There is actually no reason why we need openrc for these tests, don't
source it as it prevents some ip math errors from randomly killing
tests.
Change-Id: Iface7c21898d92e14e840379938b25844cd85565
The warn function was putting content into a side log file which made
it kind of hard to keep an eye on when warnings were actually being
issued. Let's just get this into the main output stream.
The calling of the warn function in git_timed was also incorrect, so
the output would not have been what we expected. This solves that as
well.
This will hopefully give us trackable data about how often we need to
recover from git clone errors.
Change-Id: Iee0d2df7fb788a4d34044d29ab10afdcafb9bb5a
This avoids us leaving the filter in the global lvm config. Without cleaning
this up, we can hit some failures to run stack.sh because devices are excluded
that we need to be able to see. This resets it to what it was before when
we do a cleanup.
Also, do this before we add the line, so we don't add multiple lines on
successive runs.
Closes-bug: #1437998
Change-Id: Idbf8a06b723f79ef16a7c175ee77a8c25f813244
devstack installs neutron utilities into /usr/local/bin such as
neutron-keepalived-state-change and neutron-ns-metadata-proxy.
In stead of adding individual filters to allow them to run from that
directory, this patch adds /usr/local/bin into exec_dirs.
Please also refer to I3abd1c173121dc8abb5738d1879db8ac9a98b690 for
discussion on the approach to fix the bug.
Change-Id: Iade8b5b09bb53018485c85f8372fb94dbc2ad2da
Closes-Bug: 1435971
The current sed matching mixes up common-prefix matching;
e.g. "-q-lbaas,q-lbaasv2" is changed into just "v2"
This is more verbose, but I think more reliable. See also
Ib50f782824f89ae4eb9787f11d42416704babd90.
Change-Id: I3faad0841834e24acc811c05015625cf7f848b19
Debian/Ubuntu have *helpfully* removed gdbm from the base python
package and put it into another package, which is not dragged in by
installing python. Testr doesn't function without this.
We should ensure this always gets installed.
Depends-On: If48a8444b02ee1e105bc1d9ce78a0489ea0c405b
Change-Id: I85a0ffe5ee384e055e78fd3164c27d42a86bc39d
“Speed not required” is not a sentence
Gb should be GB
added a , after floating IPs
fixed sentence around “To implement a true multi-node test of Swift
since it did not make sense
removed extra underline line after Machines
removed capitalization of service names to comply with docs conventions
https://wiki.openstack.org/wiki/Documentation/Conventions
changed to DevStack for consistency throughout
Change-Id: I531bf6b2bad62fbf9d1417b2b1ce06de3715e0f0
This commit fixes the issue that ml2 plugin
sets 'flat_networks' in ml2 configuration file as
empty. The value of 'flat_networks' need to be set
as the name of the physical network that was specified
in the localrc file (or it's default value).
Change-Id: Ib4c31f6576da57534b36aefebd1ca8cd397c6c1a
Add the response time to keystone's access log for each request. This
will be the last element in the log-line and will be represented in
microseconds.
Change-Id: I19204369af5cdf06df2237550c350dfb3ffc995d
We can see at-a-glance memory usage during the run with dstat but we
have no way to break that down into an overview of where memory is
going.
This adds a peer-service to dstat that records snapshots of the system
during peak memory usage. It checks periodically if there is less
memory available than before and, if so, records the running processes
and vm overview.
The intent is to add logic into the verify-pipeline jobs to use this
report and send statistics on peak memory usage to statsd [1]. We can
then build a picture of memory-usage growth over time. This type of
report would have allowed better insight into issues such as
introduced by Idf3a3a914b54779172776822710b3e52e751b1d1 where
memory-usage jumped dramatically after switching to pip versions of
libraries. Tracking details of memory usage is going to be an
important part of future development.
[1] http://graphite.openstack.org/
Change-Id: I4b0a8f382dcaa09331987ab84a68546ec29cbc18
event support in Ceilometer was implemented in Kilo. to enable
tests in tempest, we add an option to run tests only on Kilo+
branch.
Change-Id: Ia4a73b7df343e31e6301f8314490fd42a01b7cd0
Part of the effort to clean up the Cinder logs is to use
the resource tag in the log format. We also want to have
some consistency with other projects in how we do logging.
This change adds the logging format to cinder.conf similar to
what Nova and others use, and most importantly turns on the use
of the resource tag that's in olso_log.
We're slowly cleaning up the logging in Cinder by doing things
like replacing "Delete volume %(volume_id)s compoleted" with
("Delete volume completed successfully.", resource=volume)
It woudl be good to have these picked up as we transition so we're
not missing info. Also, there's sure to be cases where "volume"
isn't a valid dbref and we find issues that need fixed.
Change-Id: I193637fea14d97183f6a9782f37d8edcf929e0c4
This patch sets DevStack to run in dual stack networking, with both IPv4
and IPv6 networking configured. This change is required for dual stack
testing at the gate.
A different patch was created against devstack-gate to make this the
default, but the Juno branch of Neutron is missing required fixes to the
L3 agent that are present in Kilo. This was the suggested alternative.
Related-change: I3d416275f77913769b98e77f7e47bed17fc4d1cc
Co-Authored-By: Henry Gessau <gessau@cisco.com>
Co-Authored-By: Andrew Boik <dboik@cisco.com>
Depends-On: Ib66a9109cc1c7999474daca5970d0af1f70886e4
Depends-On: I0f9ea98cb84aa72cb1505fb9ff8ac61561cc1376
Depends-On: I85fe68782bc54f28f3e14aa4a1d042cb15959dac
Depends-On: I9395834f673038dc23b25eaeefe14895fe154e0e
Change-Id: If0e0b818355e4cb1338f7fa72af5e81e24361574
Encapsulate all the neutron specific things you have to do ping a
neutron guest into a separate script. Refactor the main ping_check so
all logic is contained within it.
Change-Id: Ic79d8e3a2473b978551a5635a11dba07e1020bb2
Change If132a94e53545d9134859aa508da7b9819ede2f8 introduced a small
regression; it added an "inidelete" which looks in the config file to
delete rows.
However, at least for the test-case, the config file isn't created
yet. The end result is that the test fails but we don't notice.
2015-04-17 00:55:03.169 | merge_config_file test-multiline: sed: can't read test-multiline.conf: No such file or directory
2015-04-17 00:55:03.195 | OK
So fix this up by creating the config-file if it isn't there.
Also, add "-e" to the test file so we catch things like this in the
future.
Change-Id: I43a4ecc247f19cccf51d5931dfb687adbd23d6b1
This currently does not exit with any failure code when tests are
failing. Convert it to use the helper functions from unittest.sh so
it correctly reports failures.
Change-Id: I2062d9c00ebffcc98ba75a12f480e4dd728ee080
The "die_if_not_set" test has the LINENO as a positional argument.
The existing tests are not passing this in, so they are failing.
Along with this, remove the "-x" from the invocation and hide the
output of the tests that are expected to fail to avoid confusion.
Change-Id: Ibf6b9d7bb72b9f92831e1a90292ff8b0bec7faea
run_tests.sh runs tests starting with test_*
The existing test_functions.sh is really testing true/false. Move
that to test_truefalse.sh
Then move functions.sh to test_functions.sh. This will ensure it is
run during unit testing from run-tests.sh
Change-Id: I959ac38c946da1fb47458b8c4f09157f74f0e644
Convert test_ini_config to use the "passed / failed" functions in
unittest.sh. test_meta_config wraps everything into a function; it's
not work unrolling this so just make sure it exits with non-zero if a
test fails.
Change-Id: I9e9883fdad42358255383eede9121b1d361799c8
Use the unittest helper to track test runs and correctly exit with a
failure code if there is a problem
Change-Id: Ie62f354a8cd3b8fd5986e6943a073f7955fb55ba
Add two generic "passed" and "failed" functions to the unittest
helper. Also keep a count of passed and failed tests. Later changes
will use these functions to ensure they exit with a correct return
code.
Change-Id: I8574dcb1447b04fcda3d72df0bf8605cf7488d3c
Implements: blueprint catalog-index-service
The changes to lib/glance incorporate the new g-search service.
The g-search service is optional.
To enable it add the following line to devstack/local.conf:
enable_service g-search
In addition to deploying g-search, the changes will also populate a
search type of keystone service and adds in appropriate endpoints.
Change-Id: I0272d56bc2e50e8174db78bd449f65f60f7f4000
changed to comply with doc conventions
When referring to services, use "Compute," "Image service"
and "Identity" instead of "nova," "glance," and "keystone."
Use the project names like "nova" and "keystone"
glance is officially Image service not storage
removed extra .
Change-Id: I39457c20dc2ede775fe3f3c63077133fbb6c917b
If a group is specified we modify the command to run under "sg". This
currently isn't reflected in screenrc so rejoining fails
Change-Id: I5c18ba664a6ae9ba9aaa4439a9086bc85085cd75
Closes-Bug: #1444267
The commit 279cfe7519 removed the n-crt
service from the default devstack setup. As such, the stack.sh script
begun to thrown the following error when trying to "nova x509-create-cert":
ERROR (ClientException): The server has either erred or is incapable of
performing the requested operation. (HTTP 500)
This patches reintroduces the n-crt as a default service.
Change-Id: Id9695a37e1c6df567f2c86baa4475225adcfb0ee
Closes-bug: #1441007
Now devstack will configure tls-proxy for sahara as well as for
other openstack services.
Change-Id: I7b0f2f0773cd3619a33cac66d40f3d0ce0f5432c
Closes-Bug: #1419163
Sahara will work over https in case if USE_SSL is set.
Note, this patch requires https://review.openstack.org/#/c/145383/
which is not merged yet.
Change-Id: I9e0069cfe72323a069a4205ca2f882c7a3ad17e0
Closes-Bug: #1419162
It is not clear to me why this can't use run_process? Currently we
end up with two log-files both with the same thing
- dstat.txt.gz which comes from the "tee" and is symlinked into
SCREEN_LOGDIR, so gets picked-up by the gate scripts
- screen-dstat.txt.gz which comes from screen_it
Change-Id: I00b9e09b8d44f72ff14e69dc6e4a4bd5e2a0439e
When running './stack.sh' messages are output stating that
the keystone CLI has been deprecated. These calls should be
replaced to ones utilizing the openstack CLI program instead.
Documentation examples were also updated to reflect the new syntax.
Change-Id: Ib20b8940e317d150e5f6febb618e20bd85d13f8b
Closes-Bug: #1441340
The readme currently states that a compute node in a multi-node setup
requires the glance-api service to be enabled. But actually
the glance-api service is only required on the controller node where
glance-registry is running.
Running the glance-api service on a node without glance-registry will
even lead to a failure of glance-api, as the glance cache directory
will not be created without enabling glance-registry.
Change-Id: Ie92533f3333f3fe3e2d747762e60f2f42a233e79
Closes-bug: #1441198
Some (qcow) images have .img file name extension (e.g. Cirros).
Ignore such files in files/ folder too (as we already do
with .qcow2 and .gz images).
Change-Id: Iac8593b65205e25fd3f94244a136c584d9af8eab
clean.sh picks the parent of LOGFILE and wipes it clean! So if you
set it to a log file in the users root directory, you lose everything
We should delete just the LOGFILE and cleanup LOGDIR and SCREEN_LOGDIR if
they are explicitly set.
Change-Id: I45745427dcaed3dcf0b78cc9ed680833d9d555e8
Instead of creating a network in both the API cell and child cell,
let tempest use the old behavior of not querying networks from the
API for testing server create.
Change-Id: I9809d2b2e796ff1a5ea7e4f25bbeb21bd4817a72
This operation seems vestigial, as it was added to the code when stack.sh
did not have a robust cleanup procedure. These days, unstack.sh does destroy
all bridges, therefore during subsequent stack.sh runs (or even initially, from
a clean environment), the flush operation has become superfluous.
Its removal has also been deemeded necessary to enable certain multi-node
cloud deployments, like the one available in OpenStack infra [1].
[1] https://review.openstack.org/#/c/158525/
Change-Id: I6b4e5b82958e6d29dd450f1c4c9513f6a9e5053a
When the n-cell service is enabled, we create networks in both the
API cell and the child cell. Recent changes to tempest have tests
querying networks from the API and passing them for a server create.
In order for this to work in cells, the UUIDs for the network in
the API cell and the child cell must match, else the network won't
be found in the child.
This change adds the --uuid option to the nova-manage network create
command for cells only.
Related-Bug: #1441931
Depends-On: Ib29e632b09905f557a7a6910d58207ed91cdc047
Change-Id: Ib5933b1405c0761ff727e04cda0c502a826c8eaf
For testing we can need to disable or change the rate of the heartbeat
Currently we have to set the value manually in each componments or
to write multiple [[post-config|$<APP>_CONF]] section in local.conf.
This change will allow to configure all componments at once with only two
lines.
Also, we don't set default values to continue to use oslo.messaging
defaults.
Change-Id: Ieaca60ca1cd6d7455b66ce490a9b023df431e9c3
the sleep 3 in screen_it was added to make devstack pass in the gate
with exceptionally slow test cloud nodes. In the gate we now bypass
the screen path entirely. However the sleep 3 remains and can add a
couple minutes delay into local development runs.
We're not sure yet how low this can safely be tuned, so step 1 is to
make it configurable, then get devstack team members to try various
options to see what works.
Change-Id: I0e6476176fc8589efc4e40e78c2231f704d14e45
This patch enables proper support for arm64 images by disabling VNC support
and adding several properties to the image in glance that are necessary to
boot correctly:
hw_cdrom_bus=virtio
hw_machine_type=virt
os_command_line='console=ttyAMA0'
Change-Id: I68c9a5e0e083af2f92875c3bdf70df750f6e4d8f
The install_infra() call needs to be done earlier since
pip_install_gr() depends on it. Also the fact that python module names
are supposed to be lower case but some use camel case is a problem
(for example with XenAPI).
Change-Id: I7012d77134fa0d9c746d87e837934e7dcb337e5c
Closes-Bug: #1441820
This creates a new pip_install_gr that installs from global
requirements allowed versions. Now that stable branches are getting
capped all of devstack needs to be fixed to do things like this.
Change-Id: I8fd0ef2bfc544ca2576fab09d3018f760b8848fe
I changed it so that rabbitmq always restart.
Current devstack don't restart rabbitmq in case of ubuntu. Because
rabbitmq is running at default.
But this approach have the following bug.
If rabbitmq is already installed and not running , stack.sh will
fail.
So I change it so that rabbitmq always restart.
Closes-bug: #1030798
Change-Id: Ie45446d3817b2f15631f03b2af84749fe936c67b
This reverts commit 71e82f52bd.
aioppcu now uses x86_64 so no need to list the i386 images for caching.
Change-Id: If500367c8bf3fdb4590c866e007ecd7de1ab5781
Depends-On: I839e1c724821ba2624beddb5233eda24b50c149f
The qemu-system package, and not qemu-kvm, should be installed on either
trusty- or utopic-based ARMv8 (aarch64) Ubuntu releases. Additionally,
libguestfs is not available so that is not installed.
No changes are required for vivid.
Change-Id: Id9dc1fc465bd7acab17c991c292fb531016758ad
Signed-off-by: Andrew McDermott <andrew.mcdermott@linaro.org>
With the implementation of dual-stack gateway support
as part of the Neutron multiple-ipv6-prefixes
blueprint, some of the code in the IPv6 setup in the
DevStack neutron legacy script must be removed. This
code had been added temporarily, with a TODO note
indicating that this code should be removed when
the Neutron L3 agent is modified to support
dual-stack.
Without this change, DevStack will fail to configure
the Neutron router gateway interface (there will be
no external connectivity) whenever IP_VERSION is set
to '4+6' in localrc/local.conf, since
first DevStack and later the Neutron L3 agent will be
trying to ADD the IPv6 address to the router gateway
interface.
This change also includes a modification of the
default prefix to be used for the public IPv6
subnet. The new value (2001:df8::/64) is a special
reserved prefix that will be treated as non-routable
external to the OpenStack instance.
Change-Id: I85fe68782bc54f28f3e14aa4a1d042cb15959dac
Partially-implements: blueprint multiple-ipv6-prefixes
there was a missing -or which meant we weren't running this on most of
the files in the repository.
Change-Id: If926afc8f12f6beb80d7a9af7c787b3dcc360a89
One of the earlier patchset while updating stackrc
missed on adding "+=" while adding multiple services.
Closes-Bug: #1439983
Change-Id: I74f788e15b7da05a93fc8d99c562e51386b65053
Setup of OVS may fail, if ports that are added,
are already exist. Add "--may-exist" directive to OVS
add-port command to prevent this behaviour.
Change-Id: I2280be9a63a4a6fbc747b5e32b602697b555ffa8
Closes-Bug: #1394162
Now that tempest is querying for a network before making server create
calls the fixed network needs to be known by the API cell. Server
creates should work for networks defined in both databases, but defining
a new network via the API will continue to not work.
Change-Id: I32461add0d20940a55385c8b34cd493e2561615e
In current implemetation these two urls are defined from Nova
definitions. And urls point to nova. But standalone EC2API
project has another urls that are defined in keystone catalog
in plugin setup.
I suggest to use urls from catalog to be able to test
stackforge/ec2-api by current tempest.
Change-Id: Ibec8c36a8c2fc7ea3d8fab57819adae5f7378045
euca-bundle-image can be run only if euca2ools is installed.
but now it doesn't installed and several tests for EC2 doesn't run.
Change-Id: Ib3824052d5f4155d3cb5c0ef6fe334d44de5153c
This commit ensures we also set the qcow image location in the
tempest config when we update qcow version. The tempest config has
a default value for img_file (which is incorrect) but before we can
remove the defaults in tempest we need to ensure devstack is using
it properly first. The only reason the tests weren't failing here is
because tempest falls back to using uec images (which devstack was
correctly setting config for) if qcow isn't found. The img_dir was
also hardcoded assuming a uec image, however if qcow is intended to be
used you'll need to be able to override that, which is added as
part of this commit.
Change-Id: I05af346b3c9be9560dc8846dd1f437cfbb2d5005
This patch changes the two config options required for Ironic to
successfully test cleaning in devstack.
First, we disable erase_devices clean step. Erase devices in VMs
ends up running shred on the drives for the agent driver, which is
incredibly slow and completely unneeded in devstack.
Additionally, we allow Ironic more time to complete the unprovision
after the nova instance is deleted. This time is spend in the CLEANING
state to clean up the node.
This is related to the Ironic blueprint "implement-cleaning-states".
Change-Id: I77081165a80491da3e66d8a4554b6d71fc3d9353
2 files had execute bits set on them, fix as a cleanup. These files
should not be directly executed.
Change-Id: Ic0fdb85d77a3b47ef777524faf4fcdb0d8cedece
This changes the default service list in devstack to minimize what is
running out of the box, so that it's likelihood of working in a 4G vm
is much higher.
This removes heat from the default enabled service list.
It drops the ec2 only needed n-obj and n-crt services.
It drops all the alternative consoles (xvnc, consoleauth). novnc is
fine for libvirt which is the default.
It adds dstat, because that's turned out to be so useful in debugging
things.
Change-Id: I84457260dff6f42a5c6ebcc2c60fb6e01aec9567
Enabling it by default because:
- This allows you to get the relevant logs right away when something
in the libvirt code path fails, without having to submit another
change and keep doing a 'recheck' to re-run the CI check/gate jobs
until you hit the bug.
- The libvirt log filters specified in the function
'configure_libvirt' are much more _selective_ and not a catch-all
debug option where you end up with the unhelpful situation of having
to find a "specific piece of hay in a haystack"[1].
FWIW, I always have it enabled in local test environments, and I don't
see the resulting libvirtd.log growing beyond a couple of MB for
three-four days of usage.
[1] http://lists.openstack.org/pipermail/openstack-dev/2014-January/024414.html
Change-Id: I5e0b35446075b419fe473e1db8d0bfedd7009741
We are trying to get a working 64bit qemu cpu model in the gate for nova
live migration testing. It appears that we need to make this change
prior to nova starting.
Make the change in configure_libvirt() to handle this along with the
other libvirt config updates. This allows us to restart the libvirt
service once. This function calls a python tool which parses and updates
the XML if necessary.
Change-Id: I00667713bfba67ab8cedbcb1660ff94d4f4bcc07
A lot of libvirt interactions with QEMU are via the QEMU monitor
console, which allows you to either query or modify the state of a
virtual machine. Spefici examples include: querying the status of live
block operations, live snapshot operations, live migration, etc.
Enabling the 'qemu_monitor' log filter allows us to capture precisely
what commands libvirt is sending to QEMU.
Note that the log level was intentionally set to '1' (i.e. debug) for
this specific filter, because (a) it's not extremely verbose, (b) when
something breaks, it's helpful to have the exact sequence of
interactions between libvirt and QEMU.
Change-Id: Iba95b6bd7c9f197c8d48c7d978f538e50d4e31fa
There are a couple of targets in here that some might find useful in
doing DevStack testing in multiple remote VMs.
There are some of the usual boring targets too, like stack and unstack,
that do exactly what you would expect.
Change-Id: I7974cac4cc527bacf6f183ac1f344428b05f2fdc
This previously defatuled to 'private' and aligned with devstack's
defaults but it has since been updated to 'None'. This sets the config
value according to devstack's.
Change-Id: I3f480d5480521a93992bedfe602eb20a4999263d
Closes-bug: #1438415
This is needed otherwise we fall back to the nbd code path which is
super hacky. This shouldn't have been deleted for the venv path.
Change-Id: If5cb6cb4944bd0ed3548d53c98443b76725d1c0c
PyEClib was introduced recently to swift-master. It tries
to build liberasurecode which requires the `make` binary.
Change-Id: I8acfed4f7b46a29eac36f6acbe1d66e7fff800db
Reading through the docs for the first time, the reader encounters an
instruction to provide a minimal configuration, with a link that they'd
expect to tell them how to do this.
At present the link actually takes them to the top of
configuration.html, where they read some history about how devstack's
configuration has changed over time.
This is interesting and important and should be in the docs - but in my
opinion a link about setting up a minimal configuration would be more
useful if it takes me to a place that tells them about a minimal
configuration.
To get this, I've had to an an explicit link target into
configuration.rst. I'm not hugely keen on this approach, as I don't
think it scales well. I'd be open to suggestions about other
approaches. The only idea I've had so far though is to simply move the
minimal configuration section right to the top of the page, so that a
link to the doc is a link to the minimal config - the historical
information could be moved to its own topic somewhere further down the doc.
Change-Id: I231ca1b7f17b55f09a4e058dab8ee433893f737e
The public_endpoint and admin_endpoint options are used to set the base
hostname when listing versions. If they are not provided then the
response will use the same hostname as the request was made with - which
is almost always what you actually want.
This means devstack will respond correctly to a version list when behind
a floating IP for example.
Change-Id: Idc48b9d7bee9751deb24d730fdc560b163f39dfe
Rootwrap shouldn't be a unique snowflake. Plus the binaries tend
to be called assuming PATH will find them. Not so with venvs
so we need to work around that brokenness.
Configure Cinder and Nova to use configure_rootwrap().
Change-Id: I8ee1f66014875caf20a2d14ff6ef3672673ba85a
pyOpenSSL has done a rewrite of itself in Python. This may be good
for many reasons, but memory usage is not one of them. It just about
doubles the size of at least swift, which usually consumes about 6% of
a CI testing vm's 8gb RAM. This is enough to push centos hosts into
OOM conditions and then everything falls apart.
The distro packages of pyOpenSSL are the older C-based versions, which
doesn't bring in the kitchen sink of cffi & pycparser.
Change-Id: Icd4100da1d5cbdb82017da046b00b9397813c2f2
A recently merged change Ie35cb537bb670c4773598b8db29877fb8a12ff50
and I71e2594288bae1a71dc2c8c3fb350b913dbd5e2c broke Q_USE_PUBLIC_VETH.
This commit fixes the regression.
Closes-Bug: #1436637
Change-Id: I1447bf98607143ba4954ce5ec3ed94010320baa5
Install a couple of optional feature prereqs in hypervisor plugins.
rootwrap is horribly called indirectly via PATH. The choice, other than fixing
such nonsense, is to force the path in sudo.
TODO:
* python guestfs isn't in pypi, need to specifically install it to not
use the distro package
Change-Id: Iad9a66d8a937fd0b0d1874005588c702e3d75e04
The Linux-IO is a modern way of handling targets.
Per the IRC discussions lioadm as default
seams like a better default for everyone, for now it will be
optional, but the tgtadm admin support expected to be removed when
lioadm works well with all CI (including third party).
Change-Id: Ia54c59914c1d3ff2ef5f00ecf819426bc448d0a9
during the glusterfs integration it was seen that plugins might need
to set new defaults on projects before the project files load. Create
a new override-defaults phase for that.
Intentionally not adding to the documentation yet until we're sure
this works right in the glusterfs case.
Reported-By: Deepak C Shetty <deepakcs@redhat.com>
Change-Id: I13c961b19bdcc1a99e9a7068fe91bbaac787e948
Make it possible for someone to config
PIP_UPGRADE=True
in local.conf and thus force pip_install calls to upgrade. In
automated testing this is probably a bad idea, but in manual testing
or situations where devstack is being used to spin up proof of
concepts having the option to use the latest and greatest Python
modules is a useful way of exploring the health of the ecosystem.
To help with visibility of the setting, and section has been added
in configuration.rst near other similar settings.
Change-Id: I484c954f1e1f05ed02c0b08e8e4a9c18558c05ef
When running Neutron on a single node that only has a single interface,
the following operations are required:
* Remove the IP address from the physical interface
* Add the interface to the OVS physical bridge
* Add the IP address from the physical interface to the OVS bridge
* Update the routing table
The reverse is done on cleanup.
In order run Neutron on a single interface, the $PUBLIC_INTERFACE and
$OVS_PHYSICAL_BRIDGE variables must be set.
Co-Authored-By: Brian Haley <brian.haley@hp.com>
Change-Id: I71e2594288bae1a71dc2c8c3fb350b913dbd5e2c
This commit removes the compute-admin section from the tempest config
file that devstack generates. These options have been removed from
the tempest config and aren't being used, so there is no reason to
keep them around.
Change-Id: I7500fe3b329b913c60fa505a5230db4a5d35d7f1
isset function was moved to config file related functions by accident,
this change also simplfies the isset in a bash >=4.2 way.
All supported distro has at least bash 4.2. (RHEL6 used 4.1)
Change-Id: Id644b46ff9cdbe18cde46e96aa72764e1c8653ac
This commit adds a new flag, TEMPEST_HAS_ADMIN, to enable or disable
setting admin credentials in the tempest config file. This allows for
devstack / tempest configurations where tempest doesn't have admin to
ensure it would work in public cloud scenarios.
Change-Id: Id983417801e4b276334fb9e700f2c8e6ab78f9ba
Adding `uname -a` to stack.sh to make easy to see from the devstack logs
what was the actually running kernel version.
Change-Id: I0068504bf055a588b155b0a60215440d365bf53e
Otherwise in standalone mode we use the new default of "trusts"
which won't work.
Change-Id: If18db711faf7810217af0a89d1e38590a94d8e5b
Closes-bug: 1436631
Preparing to refactor lib/neutron to support Neutron as the default
network config. lib/neutron will be renamed internally and refined
to support a couple of specific configurations.
Change-Id: I0d3773d14c4c636a4b915734784e7241f4d15474
This patch is causing blocking failures in some 3rd party CIs.
The issue can be tracked to the fact that the PUBLIC_INTERFACE
interface might have no address assigned.
This reverts commit 93b2100c98.
Partial-Bug: #1436607
Change-Id: I0943aa542b911fbcebb100543e0adbb38159b233
Because tests might force the auth version to v3, we always need
to have Member in the list of roles.
Change-Id: I06fd043e1b31ae0e5e33f4dcf898fb58f2907267
devstack is a development and test environment, but by default we were
only installing the runtime dependencies. We should install all the
testing required packages as well.
Change-Id: I7c95927b9daad15766aac9d1276b10ca62efb24c
When running Neutron on a single node that only has a single interface,
the following operations are required:
* Remove the IP address from the physical interface
* Add the interface to the OVS physical bridge
* Add the IP address from the physical interface to the OVS bridge
* Update the routing table
The reverse is done on cleanup.
In order run Neutron on a single interface, the $PUBLIC_INTERFACE and
$OVS_PHYSICAL_BRIDGE variables must be set.
Co-Authored-By: Brian Haley <brian.haley@hp.com>
Change-Id: Ie35cb537bb670c4773598b8db29877fb8a12ff50
Tempest can now do all heat tests with cirros, and heat functional
tests now load a custom test image from tarballs.o.o, so devstack
no longer needs to register the fedora cloud image.
Depends-On: I6041b8d6e7e9422f6e220d7aef0ca38857085e4b
Change-Id: I9b3ea2c157b96dee139a24f0fa6f68f6764a7d67
In order to keep redstack in synch with devstack, the conf files
referenced within devstack need to be able to be declared externally.
This change allows *_CONF values to be specified, and uses the
original values as defaults.
Change-Id: Ic67f6347b92b05619103a77e9f7ea80a299a6869
Until we have the ability to prebuild wheels so we don't spend time
compiling them during devstack runs, stop building wheels for libraries
that we still install from deb packages.
Long term we want to move away from using deb packages to install python
packages and use wheels. But until the wheel building logic is in place
so we don't have to compile wheels on each devstack run, don't waste
time compiling python libraries that we just use the packaged version of
anyway.
Change-Id: I962e2cfff223f7ab8efd5766ee0ef22229ab27bf
Stop services from throwing the following warning:
Option "rabbit_password" from group "DEFAULT" is deprecated. Use option
"rabbit_password" from group "oslo_messaging_rabbit".
Same for rabbit_hosts and rabbit_userid
Change-Id: I7da503ef50b3653b888cb243caa74b4253a495e2
This document explains the steps to configure Load-Balancer in
kilo.
Change-Id: Ic8c2f3cca80e331b7275f689051c07d863d918ea
Depends-On: I64a94aeeabe6357b5ea7796e34c9306c55c9ae67
Sahara supports running in distributed mode. Need to add this ability in
devstack.
Changes:
* configure rpc backend for sahara by default
* added sahara-api service for running api side
* added sahara-eng service for running engine side
Change-Id: I4fb9d5746b08c9b1fee0d283bcf448e47a87089b
Commit c12a78b35dc910fa97df888960ef2b9a64557254 has set the
"always" flag to be deprecated in liberty. This moves to using
"True" instead.
Change-Id: Idecf7966968369d2f372abffcab85fbf9aa097c7
unstack.sh always stop dstat process, however unstack.sh show 'dstat: no process
found' when dstat is disabled.
This patch stop function of stop_dstat, when dstat is disabled.
Change-Id: If9054826bed8a7fedd4f77ef4efef2c0ccd7f16e
Closes-Bug: #1435148
Most of the changes revolves around using MySQL rather than MariaDB,
plus enabling the addon repos on public-yum.oracle.com.
The patch just touch the areas where there is a divergence between the
Fedora and Oracle distributions and in all other cases the is_fedora
will result in the correct decision to be made and left as is.
Collapsed the is_suse and is_oraclelinux into a single check in
configure_database_mysql and cleanup_database_mysql
Added Oracle Linux to MAINTAINERS.rst
Rather than duplicating most of the Redhat version check code, added
a check in the block to do the determination if it is Oracle Linux
Change-Id: I5f1f15106329eec67aa008b17847fa44863f243f
If SWIFT_DATA_DIR is set on local.conf we need to make sure to create
the directory with proper permissions
Change-Id: If29fa53f01b4c0c8a881ec3734383ecffac334ce
Closes-Bug: 1302893
rootwrap is horribly called indirectly via PATH. The choice, other than fixing
such nonsense, is to force the path in sudo.
Change-Id: Idac07455359b347e1c617736a515c2261b56d871
Configuration options that are only relevant when running keystone
under eventlet (rather than Apache httpd) were moved to the
[eventlet_server] and [eventlet_server_ssl] groups in the
keystone.conf file to avoid confusion. This change updates devstack
to use the new non-deprecated group for these options.
Change-Id: I651a278d09f6a3a32b2e96fac87f1e5ea0f18c39
Adds USE_VENV to globally enable/disable use of virtual environments.
ADDITIONAL_VENV_PACKAGES is used to manually add packages that do not
appear in requirements.txt or test-requirements.txt to be installed
into each venv. Database Python bindings are handled this way when
a dataabse service is enabled.
Change-Id: I9cf298b936fd10c95e2ce5f51aab0d49d4b7f37f
contributing.rst doesn't add very much over the extant HACKING.rst, so
move some of the unique bits into HACKING.rst and then link that into
the documentation.
Change-Id: I0530f38eda92f8dd374c0ec224556ace6e679f54
Currently, if devstack base path includes the name of a given
service (e.g. nova), then the service's prereq packages will
not be installed. This fix changes the checking the match
against the full path of the package list file rather than the
name of a given service.
Closes-Bug: #1434314
Change-Id: Ie81352ebd5691afc6d0019f71d5b62370e8bb95f
Minimum Cinder volume size is 1GB so if Swift backend for Glance is only
1GB we can not upload volume to image.
Change-Id: Ifd4cb42bf96367ff3ada0c065fa258fa5ba635d9
Recent versions of oslo policy allow the use of a policy.d to break up
policy in a more user understandable way. Nova is going to use this in
Kilo to break out v2 and v2.1 API policy definitions.
This provides a unified helper for installing sample policies. It
makes some assumptions on project directory structure. Porting other
projects to use this can happen in the future.
Change-Id: Iec23b095176332414faf76a9c329f8bb5f3aa6c3
We should prime the groups that were created with some roles on
projects. Eventually we can add users directly to the groups
and not have to resort to individual user assignments.
Change-Id: Icebafc06859f8879c584cfd67aa51cb0c9ce48af
In kilo heat started to use keystone delegations to perform the needed
operations, as part of this the need to set the explicit role in
devstack for stack management disappeared. However, in tempest as part
of the effort to make credentials configuration more explicit an option
was added to ensure that the users created by tempest have the proper
role set for stack management in the heat tests. This commit sets the
value of this config option in tempest to be the default role _member_
to reflect that there is no separate heat_stack_owner role created
anymore. (which is the tempest default value)
Change-Id: Id98a83f0a716de0fdb5f36d03407364830e8fa5f
This change adds the dib-utils repo, and adds git_clone calls for the
required os-*-config projects.
Change-Id: I2641feb0c462d2940f2698515ff62a2ff06c0e70
A while back I added an lvm.conf file with a device filter setting
to try and clean up the LVM hangs in the gate:
(commit 0b9e76f280)
It turns out this wasn't the real problem, the real problem
is that on an LVS/VGS command LVM will attempt to open and read
all potential block devices in /dev to see if they have LVM data
on them. I initially thought the local filter would keep that
from happening, as it turns out the local filter only limits what's
returned AFTER the actual scan process. In order to keep the scan
from happening at all, either a global_filter needs to be used or
lvmetad needs to be running and enabled.
There are situations in gate tests where /dev/sdX devices are created and
deleted and the result is that we hit situations where LVM tries
to open up devices to check them even if they've been removed. The
result is we have a blocking open call from LVM that takes approx
60 seconds to time out and fail.
Ubuntu won't have a version of lvmetad until Vivid, so for now
that just leaves the global_filter as an option.
This patch adds the filter routine to the end of stack.sh. We don't
want to put the routine in lib/cinder_backend/lvm like we had it because
now we have to set the global filter for all LVM commands on the system.
So we put this as one of the last steps in stack.sh and run it if Cinder
is enabled. This way we can query PV's on the system regardless of what
other services may be running and using LVM and make sure that all of
their devices are added to the filter as well.
Also, make sure we only set this for Ubuntu as Fedora/RHEL variants
utilize lvmetad.
This patch also removes the old change that set the local filter.
DocImpact
Should add this to recommended config for Cinder on systems
that don't have lvmetad, and recommend lvmetad for those that do.
Change-Id: I5d5c48e188cbb9b4208096736807f082bce524e8
Closes-Bug: #1373513
Sometimes when certain dependencies are changed, recreating an existing
DevStack fails, as tempest is using an old existing venv for tox run,
where dependencies are not met.
This change should help developers who are reusing
their existing DevStack.
The gate should not be affected as there the vev is freshly created
anyway.
Change-Id: Ic42ba1cb0aa829c5120151d3d8cdafa4efc3ffaa
This eliminated a number of sudo calls by doing the copy/chown/chmod in
a single step and sets a common pattern.
Change-Id: I9c8f48854d5bc443cc187df0948c28b82c4d2838
The cleaning network is where ramdisks will be booted during
the cleaning process. We want to ensure nodes are being properly
cleaned on tear down.
Change-Id: Ic38de10668c97648d073fdf9a3afc59712057849
Implements: bp/implement-cleaning-states
Without these defaults, sourcing functions-common with -u turned on
(as say ./tools/build_wheels.sh does) will bail out with unset
variable errors. Also fix up quoting, and add no_proxy for zypper run
Change-Id: Ideb441634243c1c5ce7db3a375c2d98617e9d1dc
Heat can now run in standalone mode with the default v3 keystone
backend.
This change removes the installation of the v2 contrib backend.
It also configures saner defaults when HEAT_STANDALONE is True.
Using trusts and a stack-domain will never work in standalone mode
since they both require a service user which doesn't exist in
standalone mode.
Finally, this change prevents heat.conf being populated with service user options
not required by standalone mode.
Configuring the v2 backend may be reintroduced later with a dedicated
flag variable.
Change-Id: I88403e359e5e59e776b25ba1b65fae6fa8a3548e
The horizon team keeps changing how the UI is exposed. This exercise
keeps lagging and doesn't really test anything useful any more. Just
delete it.
Change-Id: Id62904868f1d4b39e33d2ad63340b5ee2177fb56
Sahara is going to remove sahara.conf.sample because it
is not gated anymore and therefore it gets out of date.
So, we need to remove copying sahara.conf from base config file
sahara.conf.sample
Change-Id: I0ddf36cfc15694dfe41fe695d577199da75ce7f1
If we set mutiple proxy (ip or url), pip install will
treat the second proxy as a command.
Add quotation marks around proxy.
expecially for no_proxy
Change-Id: I38ad3f083ba5155cda0e5e2b8f5df64492b7fecd
- Rather than using config refs, deployments should be using a tool
such as chef or puppet to set the options correctly.
- Config refs have a bug where you can only reference an option in
the DEFAULT group, which limits the usefulness, and with this
feature it's impossible to move any config options out of the
DEFAULT group, luckily this has been ignored anyways since I think
everyone realizes how broken it is.
Change-Id: I74cae09f9d75177f8efea69e7ae981ed8f14039f
The Replication V2 change to Trove moves the test
datastore from Mysql 5.5 to Mysql 5.6. This change
reflects that in devstack.
Change-Id: Ibdf32b46c200d3061975d390c872be77d19bc361
Implements: blueprint bp/replication-v2
Closes-bug: #1432686
Depends-On: I8eec708f41e791e3db04a2c7b7c12855118b64ac
The current regex only matches host interface names that consits
of "word characters" (regex \w). Intefaces having other special
chars like "-" or "." are not parsed. Examples that are not yet
matched are br-ex (ovs bridge) or enccw0.0.1234 (s390 eth device
name).
In addition it's hard to understand the the regex.
This fix is replacing the regex by a simple awk statement also
matching those names.
In addition the determination of the host_ip_iface was moved
down into the if clause, as it is only used inside.
Change-Id: I3d1b1afa32956e4e8c55c7e68cbafaf8e03e7da2
Closes-Bug: #1429903
This commit switches the default value for INSTALL_TEMPEST on master
devstack to be true. Not installing tempest by default on devstack is
confusing for devs and people working with tempest in devstack. The
venv isolation is only really required on stable branches because of
conflicting requirements, however it is not really necessary on master.
Change-Id: I368cb56fd9e0cbf59cefe24a46507d3f58b9a8e3
Currently if you `cat` the file, the bash prompt will be at a weird
position. And if you programmaticaly add a new line to this file,
the line will be, in fact, appended to the previous line.
Change-Id: I19ba018d9a934f8fdc07cc9bec50a0105f2710f9
On some environments, the current 10s timeout waiting for server
ssh-able is not enough. SSH session was killed before the command
executed by server and then break the whole stack.sh.
Change-Id: I4d842744793455d44a633dee8920a60552e8075e
The log_context format specified in glance-api and glance-reistry
are causing tracebacks. This fix changes the
project_id and user_id to tenant and user which are supported
in oslo-context. This is the format used by other projects
Change-Id: Ifbf268e9765039a0085c9af930dabf8a5cc681b8
Closes-Bug: #1431784
iniset_rpc_backend should know what section it needs to set the
config options in better than the callers. The config options
have actually been moved to different sections and the options
in the DEFAULT section are deprecated.
Change-Id: I0e07fe03c7812ef8df49e126bf71c57588635639
lib/keystone was setting up rabbit config directly rather than
using the iniset_rpc_backend function that other projects use.
Change-Id: Ic368f102c808cdbd2e4cbc1ff457cdf17a681332
Because of branchless Tempest we have to set a compute-feature-enabled
flag to test preserving preexisting ports from Neutron since the code
only works starting in Kilo and won't be backported to stable/juno or
stable/icehouse.
We can remove this flag once juno-eol happens.
Depends-On: I95469e4c2f4aa2bc4e6342860a9c222fb4fa7e16
Related-Bug: #1431724
Change-Id: I214baa3b861e29bedf6bb7b50534ac2286676dd1
With identity v3 the _member_ role is not added on the projects
automatically for the user when it's created.
Setting _member_ to tempest_roles so that tempest adds the role.
Change-Id: Iaae9286ecc6f019d36261a5c450068a650e24a28
swift middleware contained in ceilometer is now deprecated. the
middleware is available in ceilometermiddleware.
Change-Id: I6e41986245f4d95a9385dc7829479ed1199f10ac
The keystonemiddleware 1.5.0 released 2015-03-11 supports configuring
auth plugins from the paste config file. This means that swift can now
use authentication plugins for auth_token middleware.
Change-Id: Icb9f008a57b6f75e0506cbecd0a1e0f28b7dadda
elasticsearch client must be explicitly installed as it's an
optional backend requirement. this patch installs the client when
installing elasticsearch
Change-Id: I534cf0c78ab1fe7d309ef5f808bbe7b5422b403e
As per the logs:
Option "lock_path" from group "DEFAULT" is deprecated. Use option "lock_path" from group
"oslo_concurrency".
Option "sql_connection" from group "DEFAULT" is deprecated. Use option
"connection" from group "database".
Change-Id: I2109cec07ebee916c9ce0ccd24bd9a47d8d3c688
swift requires to have rsyncd running as service or behind xinetd.
/etc/xinetd.d/rsync is not shipped with f22 and the daemon mode
requires an additional package.
Adding rsync-daemon as swift dependency for f22 and f23(rawhide).
Change-Id: I33222719cabed59a261ce1b8ddedc457aa03800e
Instead of killing the screen, use stop_process which will
shut the processes when USE_SCREEN is False.
Change-Id: If0f714cb112dbf5fe9e4fdd7291cb4fb1df87f42
The current issue is that if we deploy c-vol service on a separate
machine, my_ip and SERVICE_HOST will be different, because my_ip is
the machine where c-vol service is running and SERVICE_HOST points
to the machine where the cinder api service is running. If my_ip of
c-vol in cinder.conf is set to the IP of c-api, it will cause the
issue that the volume is unable to attach. The issue can be resolved
by removing my_ip from cinder.conf.
Change-Id: I699c0b5297c60e9f9934f74684abf563f4b0e977
closes-bug: #1428013
We currently assume we are deploying ironic with the rest of
a cloud and assert that glance/neutron/nova are enabled. This
makes it a bit more flexible and allows deploying with only
the minimum required services if desired, and asserts the others
are enabled when we intend on testing nova+ironic integration.
This is required for in-tree python-ironicclient functional tests,
which we aim to run against a minimal devstack deployment.
Change-Id: I99001d151161fa225b97c3ba6b167a61aa9b59fe
We offer main devstack components the ability to install their own
system package preqreqs via files/{debs, rpms}/$service. This adds
similar functionality for plugins, who can now do the same in their
own tree at ./devstack/files/{debs, rpms}/$plugin.
Change-Id: I63af8dc54c75a6e80ca4b2a96c76233a0795aabb
The command mongo, used in lib/zaqar, is part of the package mongodb.
At the moment only mongodb-server is listed in files/rpms/zaqar-server,
mongodb has to be added there.
Change-Id: I60edeae6760addad62b9b61c3dcdecc2ff01cba7
Closes-bug: #1430939
This is mostly to detect if someone is running the script with "sh
./stack.sh" where sh is the bash-symlink that puts it in POSIX mode
(this can be invoked in other ways, but much less common).
In this case POSIXLY_CORRECT is set; so if we see that, bail out early
before we start hitting syntax errors.
Closes-Bug: #1430535
Change-Id: I7bbc4b0f656df9f6d9da2243c8caeb42d30ace95
Let pip install unittest2; pip installation can conflict with the
packaged version.
Change-Id: Iec9b35174ac68ebf713cd7462d7b5a82583d6e22
Partial-Bug: #1430592
People can leave their devstack installs around for a long time, and
in the mean time new versions of pip can be released.
The current check does not download a new version if an old one
exists. We want to check for new versions, but we also don't want the
gate jobs trying this sometimes unreliable fetch.
So add a flag-file that tells devstack if it downloaded get-pip.py
originally. If so, on each run check for a new version using curl's
"-z" flag to request only files modified since the file's timestamp.
Change-Id: I91734528f02deafabf3d18d968c3abd749751199
Closes-Bug: #1429943
We remove the code to set use_floating_ips. In old code it was set
false if we do not use neutron. However, we cannot deploy clusters
with floating ips by that. So we just use the default value, which
is set True in Sahara.
Closes-Bug: #1426226
Change-Id: Idfcdc5ab776681ddc740dc12035e04da349ea089
Region name should be set to nova.conf and cinder.conf so that
cinder volume can work in multiregion env.
Closes-Bug: #1429738
Change-Id: Ib20911c24d8daabc07e6515f4a23a745d77593ff
* config/INI functions from functions-common to to inc/ini-config
* local.conf meta-config functions from lib/config to inc/meta-config
Change-Id: I00fab724075a693529273878875cfd292d00b18a
The keystone admin token supposed to be used only
for setting up keystone and it should not be used
in any other service config.
Change-Id: Iaa9be1878e89a6bc3a84a0c57fc6f5cecc371d2f
Use authentication plugins for neutron -> nova communications and
default to using the password plugin, which defaults to using the
v3 Identity API.
Neutron config change: 13427a40768f1a4646520c6b7e3e8c988ce6e18c
Change-Id: If152b97f940286ed08767225b13dedf6ef8c2342
Neutron NEC plugin support is configured using DevStack external
plugin mechanism. The following needs to be added in local.conf:
Q_PLUGIN=nec
enable_plugin networking-nec https://git.openstack.org/stackforge/networking-nec
Also removes lib/neutron_thirdparty/trema and files/debs/trema.
DevStack external plugin for Trema Sliceable Switch is available
and the following is needed to enable it in DevStack.
enable_plugin trema-devstack-plugin https://github.com/nec-openstack/trema-devstack-plugin
Change-Id: If983b986355fcc0118b6e0446b3b295f23b3c40e
It turns out we aren't actually using this wheel since we are still
installing the deb python-numpy, and building numpy takes several
minutes which is a lot considering we do it on every single dsvm job.
So until we have wheel caching in place, and are actually using the
version we build ourselves, stop wasting time.
Change-Id: I7643c55598e5ecc29ea708c537818b37a8047d4b
While Devstack needs 4GB RAM (or more!) the JEOS
used as the base for the Devstack VM for XenServer
needs much less. Allowing the initial install to
use 1GB means we have lower requirements overall
Change-Id: Iecaeeb4db0dffcc43c5532b5d57cb041d47047a6
We weren't actually using the wheels since PIP_FIND_LINKS environmental
variable was getting lost during the sudo
Change-Id: I4a89a70df63772a16ee5a8c3f1cd86e9c7bb5242
diskimage-builder is a utility rather than a service, and is already
installed in devstack via pip when required.
lib/dib was created to allow an image to be created during a devstack
run for the heat functional tests, however this approach is no longer
being taken and there are no other known uses for lib/dib.
This change removes lib/dib and moves the pip mirror building to
lib/heat so that snapshot pip packages of the heat agent projects can
be made available to servers which the heat functional tests boot.
This also removes tripleo-image-elements, which has never
been utilised, and since images won't be created
during heat functional test runs it is no longer required.
Change-Id: Ic77f841437ea23c0645d3a34d9dd6bfd1ee28714
When running with low memory (<1024), we need to switch from the default
rootfstype from tmpfs to ramfs to ensure nodes can decompress deployment
ramdisks.
Change-Id: I1b9dd614e592d99b2f59dea899b1ed3859ae0811
A recent ironicclient commit If05d51b09d787ccfbf6f6d35d8e752d42f673601
deprecated --node_uuid, now it should use --node.
Change-Id: Ia97074bd2ce92645ac4b4151824098cb99434117
The files/rpms/general:python-virtualenv explicitly
installed this package on Fedoras.
This package is not installed on other distros by devstack
by default.
If you stack/unstack the package gets reinstalled,
and confuses the system about the installed virtual-env version.
The uninstall works in CI, but it can be problematic when you do
reinstalls on the same machine.
The uninstall introduced by
834b804d3e, this commit deos not
has any reference to the external bug what it supposed to solve.
Related RDO thread started here:
https://www.redhat.com/archives/rdo-list/2015-March/msg00015.html
Change-Id: I4a723f179bdc28d39a4910fb9e3787e9e67c354b
A typo in lib/ceph was causing REMOTE_CEPH to be defaulted whenever
lib/ceph was sourced, regardless of its existing value. The
`trueorfalse` function takes a variable name as its second argument,
not a value.
Change-Id: Iec846e0b892eaa63a0a2a59aa045bc56d5606af1
When the Trove configuration files were defined in variables, the
guestagent wasn't included. In order for profiling to continue on the
guestagent, its configuration file must be defined as well.
(See https://bugs.launchpad.net/devstack/+bug/1421403)
TROVE_GUESTAGENT_CONF is now defined.
Change-Id: Ie7cb531e2a1eca74100e2466a430e85eaf936263
Closes-Bug: #1427506
Devstack support is added using Devstack's external plugins:
https://review.openstack.org/#/c/156526
Asside to the environment variables, the following should be added to
local.conf file:
enable_plugin vmware-nsx https://git.openstack.org/stackforge/vmware-nsx
for the nsx plugin:
Q_PLUGIN=vmware_nsx
enable_service vmware_nsx
for the nsx_v plugin:
Q_PLUGIN=vmware_nsx_v
Partially-Implements: blueprint vmware-nsx-v
Change-Id: I4e03d4953bf9b5112ff75a252b61c27fadd04bf1
Signed-off-by: Roey Chen <roeyc@vmware.com>
Horizon by default using the _member_ role,
which is considered as a legacy role.
The tools/create_userrc.sh already creates the regular users,
with Member role.
Change-Id: Ibc07a0f28d0729f8a717a54e94fe014853363592
Closes-Bug: #1421616
When SERVICE_HOST is defined to literal IPv6 address
(i.e., [fdf8:f53b:82e4::179]) we will have to include
--globoff option for curl to be able to reach the various
openstack services. Using globoff works for both IPv6 and
IPv4 urls, so its safe to include this option for all curl
statements in devstack.
Closes-Bug: #1424943
Change-Id: I2afc16f2f94d7d7069b0ba61bc8348c03413e4e7
When registering endpoint with data_processing keystone transforms it
into data-processing. This problem causes sahara to not find the
endpoint afterwards
We need to have two endpoints for correct working tempest and horizon
with devstack. After resolving bug in tempest and horizon need to remove
old data_processing endpoint
Change-Id: I97827d23ffe8a1218abd61e76804b918b1b7cbe0
Partial-bug: #1356053
Use yum_install() to support proxy environment variables when
epel-release package is installed from epel-bootstrap repo.
Change-Id: I45f7a38c6c71bbce07bd0d21c1ac8a75c04113cb
Closes-Bug: 1426221
MatchMakerRedis is the only tested routing method
for ZeroMQ driver. For others, like MatchMakerLocalhost
and MatchMakerRing, it still takes some time to work
on and completely test.
MatchMakerRedis is enough to run under real-world
deployment.
Change-Id: I3b2e8e68ceebd377479d75bbb8b862ae60cfc826
Partially-Implements: blueprint zeromq
In trove-integration, a patch was submitted to change the value
of the log_dir variable in the trove-guestagent.conf.sample file.
This should be changed here as well so that devstack uses the same
location.
The devstack trove-guestagent.conf file is created by devstack, not
from the sample file, so it needs to be changed here.
(For reference, an actual trove-guestagent.conf file is created by
the cloud provider implementing Trove, who may or may not use the
sample file provided.)
See: https://review.openstack.org/#/c/157973
Change-Id: I41b8e6fe443a2eff376ffc1f92c2ed90c94530b0
Diablo is long gone. Remove debs for diablo nova volumes
Original commit that added this: I3e7c412ff125dbadd18b59af55fb7dea9ea17b07
Move open-iscsi requirement over to ironic, (ironic conductor calls
iscsiadm)
libvirt driver uses iscsiadm for iscsi based volume attaches as well.
lvm backend is supported for libvirt driver
Change-Id: I536ba0ebdb6e3fa68f0a82b3027e70d8e2f35085
This patch is adding a new boolean that can be toggled to indicate
that we should use the IPA ramdisk instead of the normal ramdisk when
deploying a node with the iSCSI methodology. Defaults to False.
Depends-On: Iaabc6ada729461f18d69ee12d01b9f1465944454
Change-Id: If4004078866d833eb946be40b6dfb204aa4a6840
The StrongSwan driver under development for kilo-3 will replace the
default reference OpenSwan driver.
In the interim though, we need to be able to run functional tests
for both drivers. This change is intending to do the additional
steps that are needed to set up for Strongswan, so that when a
functional test has IPSEC_PACKAGE=strongswan, everything will be
correct.
The intent here is to explicitly set the device driver class in
vpn_agent.ini, so that this will work for when OpenSwan is the
default (currently), when no drivers are specified, and will work
for when StrongSwan is made the default in the code.
For Ubuntu, AppArmor is disabled for charon and stroke.
Note: Both OpenSwan and StrongSwan cannot be installed on the
host at the same time.
Change-Id: Ib8467e24633230d6643d812068e4ed6ffb33f104
Partial-Bug: 1424757
Devstack support for LBaaS is being migrated to an external
plugin in the neutron-lbaas repository. The only LBaaS-
specific code that remains in devstack is a hook to support
existing configs that enable q-lbaas. In that case, load
the external plugin if necessary.
Change-Id: I592f64407ccf1e722b8d9788917879d0236acf0b
Depends-On: I64a94aeeabe6357b5ea7796e34c9306c55c9ae67
As suggested by dtroyer to resolve wheels not buildings
behind a proxy. Issue introduced in I0283b0dff9146b1b63bd821358505a93566270c6
Change-Id: Ib376469aff73a22ac2bc9d7d5a7f90081004aa8d
Closes-bug: 1426146
Syslinux >= 5.00 pxelinux.0 binary is not "stand-alone"
anymore, it depends on some c32 modules to work correctly.
See: http://www.syslinux.org/wiki/index.php/Library_modules
Closes-Bug: #1419867
Change-Id: Ia62e980052ece3d5e2abf090b5609dea31f0d6b8
image_list.sh is used to make a list of all possible images. Loop over
both x86_64 and i386 instead of just using the default arch of x86_64
For live migration we are starting to use the i386 arch based images and
don't want to cache them like all other images.
Change-Id: I47da72a0e9da3689cb085bb43ac6536094445112
Fedora-21 does not have openjdk-1.7.0 it has only 1.8.0.
This change also fixing the no op statement in the configure.
Change-Id: I6012aeb17b8e8fafa37d48aa29482702fa3491fd
Since midonet has become open source, we can build it from
external plugin scripts. The way to enable it is using the devstack
plugin approach:
disable_service n-net
enable_service q-svc
enable_service q-dhcp
enable_service q-meta
enable_plugin networking-midonet \
http://github.com/stackforge/networking-midonet
Q_PLUGIN=midonet
and should download and build the last master branch of midonet.
Change-Id: I795f92f9d3c97b2c35bac712c6edfc032eff345a
The version of pip supported by python-virtualenv has issues in
environment under proxy, hence uninstalling python-virtualenv package
and installing the latest version using pip.
Change-Id: Id749c37ab7fefa96b35f11816b56b9def5ef4b08
Closes-Bug: 1421541
Ensure that the debtcollector library is pulled in
like the other oslo libraries so that devstack can
use it where appropriate.
Also fixes 'test_libs_from_pypi.sh' to not have a huge
single line of libraries; and splits it into multiple
lines so the diffs and code can be easily looked at.
Change-Id: I35ab0ed0e20b6092a41ecb3b6f1aaf0a05f5180e
stackrc defines the isset function, but this function is already
declared in functions-common.
The stackrc sources the `functions` which sources the `functions-common`.
Change-Id: I0772c42d049833334107c2e6da3700e544ce094f
Nova has the ability to do remote interactive consoles but there is no
easy way to enable this in devstack. This change defines a service
called n-serial to enable the service. Documentation is added to a
new guide on nova, describing how to set further options in local.conf
Change-Id: I401d94b2413c62bfae9b90d2214d77bd4cfc15d5
The default apache log format is noisy. Added a custom log format
that matches the other apache log format of projects like keystone
Closes-Bug: #1222900
Change-Id: Id9a8c3a4413c778e009c56ffde6b646b8a120c8b
msgpack-python when installed from source requires a C++ compiler
installed on the system, otherwise it falls back to the python
implementation.
Change-Id: Iffe1f90f3a70780be22459c3f7a3cddfe47f01ca
As you can see in the f21 job, the python-MYSQL compilation
fails without this library.
At the first look it seams like packaging issue, so
I created bug related to this. [1]
Until the issue is addressed, the redhat-rpm-config will be
considered as build time dev dependency for f21.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1195207
Change-Id: I731828cac912d1b11eaf2269364411c77a57d76c
Following the leads of I47b7e787771683c2fc4404e586f11c1a19aac15c and as
an attempt to fix a bug blocking Zaqar's gate, this patch installs
python-redis from pypi instead of using the distro package.
Change-Id: Idfef2fe1b41b44c4cba6b6948b621bc44e77659b
In I78d51f04ed01da4ce8aa0e127be028f969d3b4f8 we turned off installing
tempest because we install it on stable branches where the stable reqs
do not equal the tempest master (branchless) reqs.
Leave this off by default since that is the behaviour we have in the
gate, and make default devstack as similar to the gate as possible. But
add an option to install tempest by default so developers can opt and
reproduce the previous behaviour.
Update the tempest section of the README with how to run tempest tests
and how to install tempest if desired.
Change-Id: Ie4ea7335a57917244873ec54658ca269ab765ce1
Let's see whether openstackclient will trigger unneeded version bump for
clients if its installation is put below all other services that are
expected to intall client libraries on proper versions on their own.
Change-Id: Ifa774219b7057112fc794a5e3d93bc963c55ba90
This is a follow-on to comments in https://review.openstack.org/156356
and https://review.openstack.org/#/c/151513/
* Remove work-around for /var/cache/pip
* Remove WHEELHOUSE setting in tools/build_wheels.sh and use the pip
default directory '<cwd>/wheelhouse'
* Remove bogus MySQL-python install
* Removed unused bits and clean up pip commands in from tools/build_venvs.sh
Closes-Bug: #1423720
Change-Id: I0283b0dff9146b1b63bd821358505a93566270c6
This commit adds installing tempest-lib from git to the tempest full
job's tox venv. Since by default tempest isn't being installed
globally anymore and when we do run tempest it is normally within a
tox venv that means previously the install from git flag isn't being
taken into account.
Change-Id: I98b0754c4a91690c9402fa2ae2c3e9ba9195d444
There were a couple of places where TOP_DIR is missing when we do a
source of content in tools. Given that working directory can change
quite often during devstack, we need to always be explicit here.
Change-Id: I14b5699637d7f5db745bccf116f440cdcbaa8d91
When the lvm package gets installed the meta service does
not gets started automatically, but it becomes enabled so it would be
running on the next reboot.
The lvm commands are configured to use this service.
In the past this issue just causes warnings in the cinder log,
but now it can lead to a real issue.
It is better to ensure it is really running,
because it speeds up the lvm related commands.
Change-Id: I17fe2c3bcf77a6505ed2b6c824c5b20807beb725
As per the graduation work items, any new libraries should be
added to lib/oslo and stackrc
partially implements bp graduate-policy
Change-Id: Ief8f28715ecff5a602d6d840d736ea07b5e7ff39
Introduce the tooling to build virtual environments.
* tools/build_venv.sh: build a venv
* introduce lib/stack to house functionality extracted from stack.sh that
is needed in other places, such as Grenade; start with stack_install_service
to wrap the venv install mechanics
* declare PROJECT_VENV array to track where project venvs should be installed
* create a venv for each project defined in PROJECT_VENV in stack_install_service()
Change-Id: I508588c0e2541b976dd94569d44b61dd2c35c01c
Qemu-utils is needed by nova-cpu, we are hitting issues with this in
multi node testing where fewer services are installed on the second
node.
Change-Id: I4b0a217a252c7862014443230dda2bcced355c93
Having DATABASE_QUERY_LOGGING enabled results in devstack turning
on verbose mysql query logging. This results in a log file
/var/log/mariadb/mariadb-slow.log that grows to 10's of GB in
size in very little time (few weeks if that). Developers never
seem to notice this exists until their host OS runs out of disk
space due to this logfile that is never truncated.
Very few people will ever look at this logged data, so a more
sensible default is False, to make the out of the box setup be
suitable for the majority. Those few people who want to debug
mysql query performance can enable it in local.conf, as will
the devstack gate setup scripts.
Depends-On: I6970d61474528f554134d0aa333cd52b7b20f309
Change-Id: Ia4a366c839ac51623bc1fbee3560dc4d848cce14
Building a bunch of virtual envs later is going to be tedious if we do not
pre-cache certain annoying-to-build packages.
* tools/build_wheels.sh: pre-build some wheels for annoying package installs
* list distro package dependencies in files/*/venv
* list packages to pre-build as wheels in files/venv-requirements.txt
* install database Python modules when setting up the database
Change-Id: Idff1ea69a5ca12ba56098e664dbf6924fe6a2e47
This commit is temporary work-around until Ironic is fixed(bug#1422632)
The reason of creating temporary work-around is following
Ironic re-uses specific values from the keystone_authtoken middleware.
So we should specify admin_user, admin_password and so on instead of username, password.
Change-Id: If8869e16a167eea0af87afda0eabcbb803627db6
Closes-Bug: #1418341 at devstack
Instead of specifying the version of a library in devstack, use the version from
global-requirements
Add new function get_from_global_requirements and use it
where it makes sense.
Change-Id: I6b2f062761ac05ef72fc6cc9993bc204faf06fa5
python libraries should be installed from upstream, not from the
distro, as much as possible. The following is a first attempt at
purging all the python libraries and making it so that they instead
should fall back to the pypi versions.
Libraries which are known to include native code are left behind.
Change-Id: I47b7e787771683c2fc4404e586f11c1a19aac15c
Some vncviewers do not support the -via option, so default to suggesting
xl console. XenCenter continues to be an option for those running
Windows.
Change-Id: I1e53fd33d309e30a60031965e589167dcbacfbbe
The $PHYSICAL_NETWORK in the error message should be
$PRIVATE_NETWORK_NAME, because the command just before this error
message refers to $PRIVATE_NETWORK_NAME.
Change-Id: I9a648f8bd0e61abde8e93bc08282c14b35ec06bd
This defines a number of variables for Trove configuration files
and options
In addition to general cleanup within devstack, this also enables
consumers to enable features such as Openstack profiling, without
the need to repeat the hardcoding of these parameters in their
local.conf
Change-Id: Ieaa999ea3ca5c4f7d320416a8d2375c9a1d03d39
closes-bug: #1421403
is_keystone_enabled() was calling is_service_enabled(), which is what called
is_keystone_enabled() in the first place. Make it work as designed and
also change calls to use the full service name. Note that this is all
still comptible with the prior usage of 'is_service_enabled key'.
Change-Id: I9c28377ecf074b7996461d2a4ca12d88dfc4d47e
Install networking-ofagent from StackForge, using DevStack's
external plugins mechanism.
The following line needs to be added to the existing local.conf settings:
enable_plugin networking-ofagent https://git.openstack.org/stackforge/networking-ofagent
Remove neutron_thirdparty/ryu, as Ryu is installed via
networking-ofagent's requirements.
Change-Id: I12287a47eac4689414f70b517ee37fb98b260e60
Partially-implements: blueprint core-vendor-decomposition
Partial-Bug: #1412653
Reverting this is probably appropriate because until we can
get Debian/Ubuntu to fix their underlying dependencies.
It's confusing a lot of people that this is no longer
available
This reverts commit 2bfb9af0c9.
Change-Id: Id352db9dcd40bfb5eb771dad42cdf04e0ce72313
Set PIP_VIRTUAL_ENV to install the package(s) into an existing virtual
environment. This works by simply using the pip command already
in the venv, and not using sudo.
Change-Id: I910e1752e58a666174f83b4f97e547851e66e655
This breaks Ironic's use of temp URLs, which the key for the service
account is configured via the Swift user.
Change-Id: I69f6f6eef4ad573f406d64d579a9811c70ac5d28
Closes-Bug: #1421006
os-vpx is only true after we know it's not a JEOS we're creating
Move the location we set the os-vpx flag to as we're starting to
prepare the VM for devstack
Change-Id: If736f3a7de171b8090b0bb905e04accb70470a90
We added an lvm filter for use when using Cinder's
LVM driver that would only scan devices that we have
actually deployed Cinder Volume Groups on.
This patch adds a simple output message to the setup
routine so we can more easily inspect what was found
and what has been set during devstack setup.
Change-Id: Iba5012caffd45dfb5143b6df954eed277445a60e
Change Id7a9366d2c6a36139240f64371002362dc2d8d3b broke the Ironic gate
by removing admin level privileges. This restores the privilege and adds
a comment to prevent the removal again (hopefully).
Change-Id: Ida1c05d9e429e24d060aef2548fc2a0c225350b8
Closes-Bug: #1421006
This reverts commit 2d7c346f0c.
Not setting DATABASE_TYPE is not a fatal error since it is
valid to create nodes which only run a subset of services,
and so a database may not be needed.
Change-Id: I7d957e628141ba333b6f38940b39845b18fba4df
In section "Configure Nested KVM for Intel-based Machines", this
sentence:
Procedure to enable nested KVM virtualization on AMD-based machines.
should (obviously) read as:
Procedure to enable nested KVM virtualization on Intel-based machines.
Change-Id: I9872a5d20a23f1cce7bf2a79bf29e1b11511b418
These have been emitting deprecated warnings for over a full release cycle:
Q_AGENT_EXTRA_AGENT_OPTS, Q_AGENT_EXTRA_SRV_OPTS, CINDER_MULTI_LVM_BACKEND
Change-Id: I3aa5cabd6ce3a0072cba08bbca1ad23d4a831219
On fedora 21, qpidd cannot authenticate user, because
cyrus-sasl-plain is no more automatically installed.
This change fixes that.
Change-Id: I74452f40723881291b8c7577e5509da1c0e4e6e5
The boot-time script (prepare_guest.sh) is one of the less reliable parts
of the install process. This change enables SSH into the host as well as
reporting of the IP address. This significantly helps debugging issues
now and enables moving of all other setup code to being executed over SSH.
Change-Id: I1555f1d91353ba8b75e2de4607df33ee20307a6e
This adds the test infrastructure for testing that unstack.sh and
clean.sh do the right thing, and actually stop what's expected. This
is designed to be used in upstream testing to make unstack and clean a
bit more certain.
It includes numerous fixes to make these pass in an errexit
environment with the gate config. The scripts still don't run under
errexit because we don't assume we've handled all possible cleanup safely.
Change-Id: I774dfb2cc934367eef2bb7ea5123197f6da7565b
get_or_add_user_role is specific to adding a role on a project.
Rename it to get_or_add_user_project_role to allow room for adding a
domain specific role function.
Change-Id: I999308098d22be9800578ae67144a3b687fbc3be
Most of the services create the service user with the admin permission.
This is unnecessary for token validation and they should be restricted
to only having the service role.
Change-Id: Id7a9366d2c6a36139240f64371002362dc2d8d3b
Now that we have a working external plugin mechanism stackforge
projects definitely don't need to be directly in devstack. These were
largely unused previously anyway.
Change-Id: I300686b2ac976d9b454404842b3f210fd7c239d9
Configure tempest with the location of the devstack CA bundle.
Fix a conditional that was looking for the "keystone" service
when it should be "key". This affected users who set
USE_SSL=True
Change-Id: I7171d7bd539443dce9f3b1a80274b7861abdcfdb
After doing a couple of external plugins I found that basically things
don't work unless you enable_service in the settings file. Document
that as a requirement, and clean up the rest of the docs around the
external plugins to be consistent with that.
Change-Id: I13aee7dbf112ce9663e8338b555a208327f89b61
Add elastic search pkg installation and start into the glance install
and start paths.
Change-Id: I53fc37225dd606f627c9f967083007613eb1f1bb
Implements: blueprint catalog-index-service
We run tempest inside of tox so no nee to install it. By not installing
it we decouple one more thing from the requirements sync.
Without this patch, due to branchless tempest, tempest must work with
master and all stable branch global requirements.
Although installing tempest should work on master, don't install it
anyway to make the user experience more uniform across master and
stable branches.
Note: Long term we can install this inside of a virtualenv
(I92648fffc1ad6af53006a0970722fd15f4e79dc2) but that logic hasn't landed
yet and installing tempest is breaking us. So leave moving this to a
virtualenv for a later patch.
Change-Id: I78d51f04ed01da4ce8aa0e127be028f969d3b4f8
Tuskar server support is proposed as an external plugin here
I67dc8420582a40e18de7d5e00094bccc1184a7f9, we should remove Tuskar
from the main devstack tree.
Change-Id: I93e97e7ae8fd03cabc1245a10588c4474d7e3728
ANL has discontinued their Ubuntu mirror. Update the target
to be the official round-robin mirror which should be more stable long-term
Change-Id: I1271301d96a44888f45664537435e31dd38ff30d
The code for creating service users is almost exactly the same. Abstract
this into a function that can be reused and standardized.
Change-Id: I3a4edbff0a928da7ef9b0097a5a8d508fdfab7ff
Change keystone so that the debug setting is always in the config
file. This way the debug setting is done consistently whether it's
run as keystone-all or in Apache httpd.
Change-Id: I10f091e32b8b12ac71f0e7f613c5d1d3f4a8cbec
Now that we have a patch to make this pluggable [1], lets remove this
from the devstack repository.
[1] https://review.openstack.org/#/c/153700/
Change-Id: Ia23f99476ec16df9cc12f63864189835a09eb644
The HOST_IP check in stackrc is useful for real users, but some cloud
nodes that infra runs don't detect it correctly, and it's not actually
required for unit tests to work right.
Change-Id: Id2aaa713aea91825021e9d8d49d19f3e40a8e6c9
Nova listens for EC2 calls now at the URL without path -
http://some.server.com:8773/
I was made in review -
https://review.openstack.org/#/c/152496/
So I suggest to change EC2 urls in keystone catalog.
Change-Id: Ia2975ce0f6a30eed6016733e12c98b5f97648307
Closes-Bug: 1417555
The neutron functional job needs to build psycopg2 which has a
dependency on postgresql dev packages.
Change-Id: Ie5c8e2bd02e148d6638f4a4c1fbf6667c30313d5
Add a document with procedure to configure KVM-based nested
virtualization on the physical host and to configure DevStack (in a VM)
to take advantage of it.
Current topics:
- Configure nested virt on Intel hosts
- Configure nested virt on AMD hosts
- Expose virt extensions to DevStack VM
- Ensure DevStack VM is using KVM
Change-Id: Ibe6fa482cc0d51183438d99680a0e10d0da652cb
Somewhat opinionated document on where we want to be going, should be
an accurate first approximation of what Dean and I have chatted about
over the last few weeks. Hopefully helpful in framing where we are
going.
Change-Id: Ia153af27a08203ffc44e37c7db73e04573d3be9f
After an unstack.sh several neutron services are left running. This
change tries to do a better (but not always successful) job of
stopping neutron agents.
stop_process does its own checking to see if a service is enabled
so we don't need to check before calling.
Change-Id: I8becbe9db56121cbc619a6d156b18f6c6d31a6e7
The simple case of a single interface doesn't work
out of the box, and this is now failing for lots of
people. We need to back up and get that working.
This reverts commit c906bb3885.
Change-Id: If20df670e06cda2d65028bceb46d257d011cf917
The boto.cfg in the TEMPEST_DIR is not read by any tool at the momement,
including tempest and euca2ools.
Adding the ssl setings to the site-wide config file.
Change-Id: Ibeab5671ac81e5092da0ee7ec1ecf867f8555082
This allows tools/* to use install_packages, etc, without having to
pull in stackrc for the $YUM definition. Alternative to
Ief944af1ab177638bf818624a216751821e6330b
Change-Id: I7fe37079240e8cabbdffdcae5ad9d21e122e43c2
When looking at issues related to opendaylight and openstack, it
helps to bump up the logs on ovsdb and neutron northbound. This
commit introduces a param for doing that:
ODL_NETVIRT_DEBUG_LOGS=True
Change-Id: I109fc61ddc44255de031341fb41bef8db5f0714f
Replace URLs for workflow documentation to appropriate parts of the
OpenStack Project Infrastructure Manual.
Change-Id: Idf519ff362731c106bbd9b63135f8dab4c7b7b92
As part of splitting neutron into pieces, one of the steps was splitting
the various bits of configuration into their respective repos. That just
happened, and this change propagates those config files into /etc/neutron
in the same manner that devstack is using for neutron.conf (and which is
done via setup.cfg, like neutron, for regular package installs.)
Required for neutron review: https://review.openstack.org/#/c/151541/
Change-Id: Ic9aec4401925eca9e1678d84662b96d346a911e3
Ceilometer as added support for an event pipeline to enable
transformations and publishing of events. this patch adds the new
event_pipeline.yaml file
Change-Id: I7018a57e7db3690d72fd7c7d5090e6e61cf73e18
Updated the supported OS release versions mentioned in stack.sh to be
consistent with what is listed in doc/source/index.rst
Change-Id: Ie9045927779a063865115e3aff1b92450a104946
Closes-Bug: #1414205
This change separates out the creation and permision setting for
the /etc/neutron so that it can be reused by functional test
setup in rootwrap deployment.
Change-Id: Ib2ad5b21630ac82a3d7ffc7b088600b2168f1ecd
The conntrack binary is included with conntrackd on rpm-based
distros but needs to be explicitly installed on ubuntu.
Change-Id: I615627c85d6aa5a465355c0ea27148f24d863a01
Move Python-related functions into inc/python
Should be transparent to all callers as it is sourced from functions-common
Change-Id: I88043830cef9211b4e0baa91bfcc7a92125afa9f
If the SCREEN_LOGDIR and LOGDIR environment variables point to the
same location, devstack creates a dstat.log which is a symlink
pointing to itself. The second invokation of devstack then fails
trying to reference this broken symlink
Change-Id: I1de2bb7983e7535b41b28f526083a0d77312ff85
Swift doesn't use olso.config and so the method of configuring swift via the
[keystone_authtoken] config options will not work. Go back to configuring swift
manually.
This will need to be fixed in either keystonemiddleware or swift as configuring
via plugin is the path to v3 authentication, service domains and new forms of
service user authentication.
Closes-Bug: #1415795
Change-Id: Ibe27116a11756072d5a300a6d3691c5f8c32317e
This reverts commit c1dbf10562.
Reverting because it is valid to run devstack without enabling an rpc
backend. For example when you run devstack on a multinode deployment
compute hosts probably shouldn't run rabbit and instead will just talk
to the rabbit server set up on the controller node. As a result we
should not die when no rpc backends are set.
Change-Id: If9a31e031552f4161d42094fa960221b4d9e893c
skip-redirect was intruduced with the first commit related
to cinder support, nobody remembers why was this undocumented option
there those times.
Change-Id: If579a93090392327bce96ddd1b562977edf762de
The regular expression used in neutron_ovs_base_cleanup omit
prefix in ovs tap ports, so wrong names are returned and used.
E.g. tap devices created for ironic in devstack are brbm-tap1
and ovs-tap1.
Change-Id: I034be6362b3d09c5296ecc413828a056712c3bd2
The default project means that a user gains token scoping information
for a project if they don't specify another. This is something we want
to discourage for user creation. User's should specify there own
authentication scope when they authenticate.
Change-Id: I42c3060d59edfcd44d04cd166bad500419dd99bc
A recent patch [1] added support for lvm ephemeral storage for nova,
but at the cost of initializing a default lvm volume group even if it
was not required. This change ensures that init of the default volume
group is only performed when nova and/or cinder are configured to use
lvm.
1: https://review.openstack.org/#/c/132333
Change-Id: I7634ca0ed0ffe1b13464e4d66744918f85149f2e
Closes-Bug: #1414820
It can take ceph-osd and ceph-mon a few seconds to complete when
they are killed. This races against the umount command in cleaup
and can often result in $CEPH_DATA_DIR failing to unmount since
it is still in use.
Wait for these processes to stop to ensure the mount point is
umounted successfully.
Change-Id: I1a635e75a68be6b14fbee52ff981b5f5a3a8eb0e
el6 is shipped with Python 2.6.x which is not expected
to be supported with the openstack kilo release.
For el6 support we need to do lot of thing differently,
which makes the code more complicated.
This change removes el6 and py26 support from devstack.
This change also removed a discontinued (1 year ago)
openSUSE 12.2 code path, which used a similar codepath as el6.
Several comment related to el6 also removed or modified.
Change-Id: Iea0b0c98a5e11fd85bb5e93c099f740fe05d2f3a
This avoids the need to define a global variable,
and tolerates extra_elements not being set when bash
flag -u is set.
Change-Id: I343951a678bed9ca3cda347a9c902e60c7b70e2d
Commit I05990c7154366350b0f9cc3e6c70d6f34238486f was incomplete
and left two references to the, now replaced, devstack.succeeded.
The impact of this is that the XVA always claims that devstack failed
to run when actually the run may have been successful
Change-Id: Ie4ac673011d77a9edc8923db94d914efe9f45d5d
Allow the elements built into the heat functional test image to
be overridden via the localrc, allows easier testing of local
images with different/additional elements.
Change-Id: Ibaf2322e0572d25461579bbb2dc8a18858f4e09c
The Cinder LVMISCSIDriver is now deprecated. As a result, default
settings in devstack are giving warnings in the Cinder volume serivce.
The LVMVolumeDriver now handles all cases, by looking at the
iscsi_helper. This will use that driver instead, which will stop the
deprecation warnings.
Closes-bug: #1413761
Change-Id: Ifbb9ce45694095ff9e30f3ca4c3859a07de8df73
We have a number of issues where LVM scan commands hang during
test runs. Looking closer at this with strace it turns out
that what seems to be happening is that we're scanning all of the
devices on the node, this includes the loop devices for swift and
other projects as well as the Cinder devices that are being attached
to the system during the test.
This is particularly messy for example when we issue a VG or LV scan
on a device like /dev/vdb and at the same time issue a detach. The
result is LVM scan commands hanging waiting for timeout.
This patch adds a function to the cinder_backend/lvm module which
is called as the last part of cinder init. If Cinder LVM is in use
as per cinder.conf this function will copy the default
/etc/lvm/lvm.conf to /etc/cinder/lvm.conf and use the cinder.conf file
and PVS to create filters so that ONLY the devices actually being used
by Cinder are included in scans.
There are two pieces to this fix; the first is to properly setup an
lvm.conf file with filters. The second step is to merge the Cinder
change that modifies the Cinder LVM commands to specify the lvm.conf
file usage.
The Cinder part of this fix can be found here:
https://review.openstack.org/#/c/148747/
Change-Id: I962b6e21cbfb6f5612b6c973053d86828ca8071a
Partial-Bug: #1373513
When running with HEAT_CREATE_TEST_IMAGE=True, it's necessary
to add dib to ENABLED_SERVICES, or the image building will fail
so check for is_service_enabled dib before we start and error
with a helpful message if it's not.
Change-Id: Ia7ee64f6f8dd628267e485a1dc67581d8896d19c
When finding no configured database, devstack prints
a suitable error in the logs
"No database enabled"
but then just carries on running, as a result the developer
is very unlikely to ever see the original error message.
Change the 'echo' to a 'die' so that it stop immediately
making the error message clearly visible.
Change-Id: Ibd86bfcb5d4a3b90a1ee7a5bd637b01124e3a6ba
When finding an invalid RPC configuration, devstack prints
a suitable error in the logs
ERROR: only one rpc backend may be enabled,
set only one of 'rabbit', 'qpid', 'zeromq'
via ENABLED_SERVICES.
but then just carries on running, as a result the developer
is very unlikely to ever see the original error message.
Change the 'echo' to a 'die' so that it stop immediately
making the error message clearly visible.
Change-Id: If108f314e1ad2ecc79f41cbca47d08c4024a23cd
Subnets for both IP version 4 and 6 are created even if IP_VERSION is set to 4.
Added two if statements to only create subnets that are nessesary.
Change-Id: I87c97741808726a260c846db48c10931e8991a74
After changing usage of "openstack role" [1] python-openstackclient
stoppped working with 1.0.1 and less. This patch bumps version to use at
least 1.0.2v.
[1] https://review.openstack.org/#/c/148361
Change-Id: I2fdca28ae97a215cff5e2a6dd7cab2d3321caa6c
Closes-bug: 1413252
This is the first step in the log file cleanup. If SCREEN_LOGDIR
is still set, symlinks will be created in the old screen log directory
so things like the devstack-gate log collector continues to work.
bp:logging-and-service-names
Change-Id: I3ac796e322a18dbd0b8b2310a08310ca159d7613
Using 'local' keyword outside a function is invalid.
Also uppercase the variables to adhere to the style.
Related: I02aba9ca82c117a1186dafc1d3c07aa04ecd1dde
Change-Id: I76d358f8ebf5145cd3c65f9a470c83d4af67fd32
The recent patch to enable shallow cloning added a method to skip
it by checking if GIT_DEPTH was null. However, this could never
be triggered because if the user specified it as null, the default
setting code would take over and set it to 1.
This patch allows the user to specify GIT_DEPTH=0 to skip the
shallow clone.
Change-Id: I00ea7ab54ed51dc3ede9ceb9ff0f11575a035d1c
Ib0538bdd23b17e519b9c917018ccc9fa8c6425c5 removed the option
API_RATE_LIMIT. So don't mention it in the documentation.
Change-Id: I9df67c3dd1b800f6a51de2cd78aeaad10ca38f7e
In Keystone, for v2 and v3 service creation, there was a bug that
allowed a service to be created with no type, which made it useless.
See reference bug for details.
Change-Id: I5d095007fe2ebc8219dc012c5b16cb4c122179cd
Related-Bug: #1404073
Since `os user role list` is being deprecated, we should start
migrating to `os role list`, which now has the required ability
to list a users role on a project as of v1.0.2 of osc.
Change-Id: I3fa8bf8f1feaac16e1cde5c55b1be00b92eaa5f6
DevStack currently lacks support for LVM ephemeral storage in Nova.
This support is important for testing of Nova's LVM backend. The
proposed change adds a default volume group, to be shared by Cinder
and Nova. It also adds a configuration option NOVA_BACKEND, which
must be LVM if it is set, that determines whether Nova should be
configured to use LVM ephemeral storage.
Change-Id: I4eb9afff3536fbcd563939f2d325efbb845081bb
Ubuntu recently upgraded from 5.1 to 5.5 so the previous debconf
settings no longer work. Removing the version number should make
the settings work for all versions of mysql
Change-Id: I6b399a06232364d3ba3bf74430b663e0b8b922ed
neutron doesn't log user_name and project_name along side req-id in
devstack logs. So, Openstack jenkins neutron check and gate jobs also
not logging user_name and project_name along side req-id.
Without knowing the user and tenant, its hard to understand what the
logs are doing when multiple tenants are using the cloud.
Nova is logging user_name and project_name by default.
So porting the same changes to neutron.
Change-Id: I10eac2e4177a898e9bcc60c08f3bd39a2ec9f31b
Closes-Bug: #1399788
This renames the log files in logs/screen that contain timestamps to put
the timestamp after '.log' and '.log.summary' in the names. This will
simplify devstack-gate's search for log files to copy to '*.log'.
dstat.txt is also renamed to dstat.log
Make LOGDIR and LOGFILE local
bp:devstack-logging-and-service-names
Change-Id: I02aba9ca82c117a1186dafc1d3c07aa04ecd1dde
This patch creates an initial network when using the Cisco n1k plugin,
as it fails otherwise.
Change-Id: Ieceac0e2518bf5ca4cd808f6719b73aad0db903b
Closes-Bug: 1399389
This value was defined in Citrix's install-devstack-xen script, so
only worked for those using that script.
Change-Id: Iab63389f41760865f2b67f6dccd57d774e889905
Fix it properly this time by forcing a PID from run.sh and using that to track.
A second issue is that upstart may run services twice, introduce a flock test
to ensure that we only run stack.sh once as running in parallel causes issues.
Change-Id: I05990c7154366350b0f9cc3e6c70d6f34238486f
MidoNet plugin needs the 'neutron_lbaas' module available when it
starts up without needing to start the LBaaS service. After the
advanced service split, however, devstack clones 'neutron_lbaas'
only when the 'lbaas' service is enabled. To get around this
conflict, clone 'neutron_lbaas' everytime midonet is configured
as the Neutron plugin.
Change-Id: Ide620db383fc44a66a84d00b2365ec2e846469fe
Closes-Bug: 1402242
This makes a bunch of variable cleanups that will let -o nounset
function, for the time being we hide nounset behind another setting
variable so that it's not on by default.
Because this is bash, and things are only executed on demand, this
probably only works in the config it was run in. Expect cleaning up
all the paths to be something that takes quite a while.
This also includes a new set of unit tests around the trueorfalse
function, because my change in how it worked, didn't. Tests are good
m'kay.
Change-Id: I71a896623ea9e1f042a73dc0678ce85acf0dc87d
Slowly trying to introduce more v3 concepts into a generic
devstack installation.
Work with description of none and description with spaces
Change-Id: I7d2fde58363698ff020f92f129f1ff7378f945a8
The purge that was previously removed was actually kind of important
to burning mysql back down to a stateless zero point. Bring this back
with the addition of doing it for mariadb as well.
Change-Id: If608db8731d9ddfb2440a37387409798619b163c
Patch 5ec6f8f1 introduced the provider network support in DevStack. However, this patch
does not include a port clean up routine during ./unstack that openvswitch complains
that the PUBLIC_INTERFACE already exists and exits when you run DevStack multiple times.
Adding --may-exist to ovs add-port command solves this problem.
Change-Id: I89dc560ffb35fccf6ceed2557047adca37054ce7
Because of lacking some options in multi-region env, neutron and
ceilometer can not work after setup a multi-region env using
devstack.
This patch adds related options for multi-region env.
Change-Id: I4de890b233366f9526fa283aa9078a4d6ed0ca23
Closes-Bug: #1409589
wget is too verbose in devstack logs [1] on image download.
Changing the progress bar style to giga, in order
to be less verbose.
http://logs.openstack.org/73/146573/2/check/
check-tempest-dsvm-full-juno/41ba988/logs/devstacklog.txt.gz#_2015-01-13_11_34_15_330
Change-Id: Ic5304893f4c97c50e7a2f29ad5cd77dba3d5a9dd
Sometimes we want to run some benchmarks on virtual machines that will be
backed by a Ceph cluster. The first idea that comes in our mind is to
use devstack to quickly get an OpenStack up and running but what about
the configuration of Devstack with this remote cluster?
Thanks to this commit it's now possible to use an already existing Ceph
cluster. In this case Devstack just needs two things:
* the location of the Ceph config file (by default devstack will look
for /etc/ceph/ceph.conf
* the admin key of the remote ceph cluster (by default devstack will
look for /etc/ceph/ceph.client.admin.keyring)
Devstack will then create the necessary pools, users, keys and will
connect the OpenStack environment as usual. During the unstack phase
every pools, users and keys will be deleted on the remote cluster while
local files and ceph-common package will be removed from the current
Devstack host.
To enable this mode simply add REMOTE_CEPH=True to your localrc file.
Change-Id: I1a4b6fd676d50b6a41a09e7beba9b11f8d1478f7
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
Fix warning:
DEPRECATION: --download-cache has been deprecated and will be removed in the
future. Pip now automatically uses and configures its cache.
1. Since version 6.0 (2014-12-22) pip has deprecated PIP_DOWNLOAD_CACHE
and now automatically uses and configures its cache.
Default new location is $HOME/.cache/pip.
2. pip gets upgraded to the latest version in tools/install_pip.sh
but if pip version<6, exit with error: "Currently installed pip version
${pip_version} does not meet meet minimum requirements"
Change-Id: I8b203ffc6d9cf588462d0d65a9703a9941d8fa71
Now that we split the neutron repository and have service configuration
files maintained in their own repos, start using them.
The old files are going to be cleaned up from the Neutron tree.
Change-Id: Iaeff0b9de88e9bcca87da1092cc888c4cc1bedfd
As of release 1.3 auth_token middleware can be configured to use any
authentication plugin. This allows us to move to the more generic
password mechanism which will default to using keystone v3 if available.
This will allow in future revisions to move the devstack service users
out of the default domain.
Work will need to be done in heat to remove it's dependency on the
(supposed to be private) keystone_authtoken CONF values.
Change-Id: Ieac26806bd420aa08fc79bbc6a11eb6a1c15c7df
Fake plugin can work with heat image. Even more, sahara uses heat
to provision instances. So, registering image in sahara image
registry.
Change-Id: Ie498fc05d0afe7f276b6f29f20a61abb58a5c676
Closes-Bug: #1402856
The acl package has been added as a test-only dependency of neutron.
It is used by the functional job in configuring postgres.
Change-Id: Ie28da793237b51cced3bd0a9b35273d9c50472e8
Sourcing the tools/install-prereqs.sh script with TOP_DIR set results
in GetDistro being called in get_packages and echoing the result.
Since all output from get_packages is assumed to be package names,
this results in the attempted installation of the non-existant 'Found'
'Distro' and '[distro name]' packages. This change removes the echo
statement to avoid this problem.
Change-Id: Idd05c31b9eec9e6209666fa16fa425cdf1f35aa2
In cinder the config options nova_catalog_info and
nova_catalog_admin_info define values to be matched when searching for
the correct compute service in the catalog.
The commit 5ad15c040fdc115bca9efb1c952279988a2a48b3 in the cinder
project has changed these defaults.
This commit sets the options in cinder.conf to the values set by
devstack.
Change-Id: I2a0b09c34fac5f63a5cdbbe05761a0857f243465
Closes-Bug: #1408734
Instead of 'localrc', 'local.conf' should be used.
Example codes to enable neutron also should follow local.conf syntax.
Change-Id: I4f4c03fdbf0f612e5b518177b29669fb202d9f7a
Closes-Bug: #1407391
1. zmq-receiver should be started in advance
2. when using zeromq driver, nova-compute relies
on nova-conductor's rpc to be initialized
This fix is totally safe and won't influence
on other services.
Change-Id: I9d7b682df4d411af24a1ff6bcad79697e32fa723
Partially-Implements: blueprint zeromq
Add an option 'ZEROMQ_MATCHMAKER' to indicate which
matchmaker driver to use.
When it indicates 'redis', the dependencies will be
installed.
Change-Id: I910b48347bad0685ea10083a3b0b243524f32095
Partially-Implements: blueprint zeromq
This patch fixes the problem in loading the plugins in devstack
by defining the "plugins" variable in "run_plugins" function of
devstack/functions-common file.
Change-Id: I9fb0e24bf1fd282931a8489e0a8ec0c9ea078520
Closes-Bug: 1408571
We need to be able to adjust Ironic's timeout for a node's deployment
callback. The default is much longer than Tempest's server build
timeout, causing Ironic deployment issues to be masked by more generic
server timeouts in the tempest logs. Being able to set this to be
lower than the nova timeout, we'll have Ironic errors that we can
fingerprint.
Change-Id: I7b8eeda504da7ffd64967bbcfa2625acf418f263
Related-bug: #1408067
This is an initial pass at plugin infrastructure for devstack which
allows specifying an external repository via:
enable_plugin <name> <giturl> [branch]
It implements the devstack specification for this at
I173dee3d57967b1d2ffd30e4868a2832aeac97ce
Change-Id: I8e4175313b3cf0b12e981122358b1288a7eb0746
Fedora 19 will reach its end of life on 6-JAN-2015
https://lists.fedoraproject.org/pipermail/announce/2014-December/003243.html
Remove it as a supported distribution and add Fedora 21
- stack.sh: Remove Fedora 19 from list of 'supported' distributions.
- tools/fixup_stuff.sh: Remove Fedora 19. Also remove the workaround
of disabling firewalld for Fedora 21.
Change-Id: If92b87d2f9a2bb95469730cda201a7981670f727
In order to support the continued testing of the libvirt driver
with lxc virtualization, certain compute features must be disabled
including rescue, resize, and suspend.
Change-Id: I52150fef11ba6e3ab2fd0acacaa3c64413c0c0d1
Some misleading configuration item will remain if we don't delete the cinder
conf everytime before we configure it.
Change-Id: Iab6a5d7bc5fdcb05b28d24b0419c0bf380a140c1
Closes-bug: #1405301
We use InnoDB everywhere, so there should be no issues with long unicode
keys. Dropped charset parameter for recreate_database since it's not
needed anymore.
Change-Id: Ib768402a9337c918309030a92ab81da17269f4f6
The reseller_prefix option cannot be added to the
swift-proxy-server.conf-sample file because it
inadvertently gets set to "TEMPAUTH" and Tempest
tests fail.
Change-Id: Ib08d6fa1926531b8966151258eae6771c99c41ca
Closes-Bug: 1404226
Devstack set auth_uri to metadata_agent.ini in _neutron_setup_keystone function.
But Metadata_agent use auth_url not auth_uri.
This is regression caused by https://review.openstack.org/#/c/122882/
Change-Id: Iac8f240558abcdc5bcee3d3c87cef5ad3bb007e8
Closes-bug: #1373859
Configure auth_token middleware in trove via the conf file rather than
the paste pipeline. This is the standard and expected mechanism.
Change-Id: Iec6bf74c9321082c35465d332aba7f5fa240cc1a
The documention does not mention that either ufw or firewalld should be
disabled to operate a devstack+Neutron environment. This change adds a
description of fault symptoms as well as a simple workaround.
Change-Id: Ie0ec614dfa56febbf6588836d2e1fc057aa8830f
There are two important reasons for this change:
- Other OpenStack components contain this code already.
- Heat store references on client/constraint/version plugins in
setup.cfg and and stevedore uses these references, so we should
install Heat after changing this part of code. As example look patch
https://review.openstack.org/#/c/86978/ for grenade job, where
heat-engine can not find two constrainsts due to changing their code
place between releases.
Change-Id: Ic6b1f70ec2d2c06002eb6877a747b7b84213c710
Closes-Bug: #1402985
As we integrated OSprofiler with Zaqar by change
I32565de6c447cd5e95a0ef54a9fbd4e571c2d820 , then service
zaqar-server requires using notification API sends profiling
data to ceilometer, so zaqar needs relevant options to make
it work.
Change-Id: Ib09b241f60dd9961e9366f69cf7fbe8388179f96
Signed-off-by: Zhi Yan Liu <zhiyanl@cn.ibm.com>
add logic for ironic to support $Q_USE_NAMESPACE, if it is false,
will not call 'ip netns' with network namespace
Change-Id: Idc4dfb49ee478486476973a41b420b9b7e11a4e0
We updated other usage of sudo to pass -H when installing pip things,
to avoid creating a .cache directory in $STACK_USER's $HOME that is
owned by root. get-pip.py also ends up creating a ~/.cache, so we
need to update sudo usage there as well.
Closes-bug: #1405626
Related-bug: #1405732
Change-Id: If791b9b25d6a4280dab19117004184e57e78d038
We go through a bunch of trouble to install setuptools via pip. Having
it in the distro install too is confusing.
Change-Id: I6875fe2a1ee6b7d296f7f44b4b1601794b136440
When not installing pbr from source always install the latest version of
pbr. It turns out that python-pbr is a system package that satisfies
many of our requirements files pbr requirements but breaks under
setuptools 8.0. Fix this by passing the -U flag to pip when installing
pbr so that we install the latest version of pbr always.
Note that we likely need to make this more generic to avoid other system
package leakage when installing packages not from source.
We should also probably bump our pbr requirements across the board to
reflect the new setuptools 8.0 world needs.
Change-Id: I23dd21cea37d26f879aa8d864ee7d371e70221ea
Fixes-bug: 1405318
In Ubuntu redis service is named as redis-server. So in this
patchset different restarting for this service at different
OSes have been added.
Change-Id: I406e3556c7b9a2bef8277f34862375c5ffd3888e
Closes-bug: #1405147
Also use sudo -H with pip so that it doesn't create a ~stack/.cache
other things can't write to as the stack user later.
Change-Id: I2134c7d8f58f8b83f33150c9ed86d87f8ccba2f3
Currently, as almost all the rpc driver of projects
have been switched to oslo.messaging, the object should
be imported via oslo.messaging rather than its own rpc lib.
Change-Id: I9633446e78cb5af21f61a26f6fb365a8ed57a85f
Partially-Implements: blueprint zeromq
Closes-Bug: #1395721
When using unstack.sh script on Debian Wheezy, i saw a failing call on
uuidgen binary:
$ ./unstack.sh
/home/stack/devstack/lib/neutron: line 83: uuidgen: command not found
Site keystone disabled.
[...]
Change-Id: I47e158abce9d090eb839c6e97d9191dc99ccfe55
This reverts commit 2191f838a7.
Approve once Setuptools 8 is silencing runtime warnings by default,
e.g. via https://github.com/jaraco/setuptools/pull/23 or a similar
patch.
Change-Id: I3c97a4d7810870c9ac058350b362930ce2af713b
This reverts commit 3b782d304e.
The blockers for setuptools 8 compatibility should all be resolved
now.
Change-Id: I6d2d63746f98f0f885816395f36022a2706fb9c5
There is no sense in using floating IPs in case of nova network.
Sahara doesn't support assigning floating IPs from
default_floating_pool. The best solution is to use private network
for management.
Change-Id: I4b3e1d52cab28fe5c8d398ca896216b47b9c4ee0
Closes-Bug: #1403680
We don't generate docs in devstack. But also, sphinx depends on babel
which has a hard depend that breaks with setuptools 8. However, pip
installed babel/sphinx should not have this problem.
Change-Id: I84a82e56f6540724d50c6201a68c480ba7645add
I43a231c9611b4cc2e390b603aa3bfb49c915bdc5 introduced a new setting
RABBIT_USERID but only set it if rabbit is enabled. In multi node
devstack the second node uses RABBIT_USERID but the service rabbit isn't
enabled on it.
Always set RABBIT_USERID, if a different message queue is used the
variable will just be ignored.
Change-Id: I8568bddda2a5c66235ecae23af58983ee94c720a
TRACKING_DEPENDS mode was added in I89677fd54635e82b10ab674ddeb9ffb3f1a755f0
TRACKING_DEPENDS creates a global virtualenv and assumes it exists for
all pip_installs (except for installing virtualenv), so we need to set
this up before any other pip install
Change-Id: Iebe6295913094b32124295e7c5e674e1cebaaa87
Accidentally only added WSGIPassAuthorization to the public port,
like all the other WSGI props, it should be added for both ports.
Change-Id: I4e52e0881df464dfb7b28e22581f462e14e37bdb
RHEL7 does not include Open vSwitch in the default repos, but it
is available via the RDO repo. This patch automatically
configures the RDO repo for RHEL7.
Move this into the existing rhel6/rhel7 section. We update RHEl6 to
the latest icehouse release, but it is not supported with Juno
Closes-Bug: #1402390
Change-Id: I4707cf68e39d9e900ec6c01331d7e124c8c4f6c4
I think this retry check has been broken since we introduced "set -e".
Unfortunately it seems the issue of rabbitmq not starting first-time
persists on centos 7 hosts occasionally, e.g. [1]:
---
+ rabbit_setuser stackrabbit secretrabbit
+ local user=stackrabbit pass=secretrabbit found= out=
++ sudo rabbitmqctl list_users
Error: unable to connect to node 'rabbit@devstack-centos7-rax-iad-100675': nodedown
DIAGNOSTICS
===========
nodes in question: ['rabbit@devstack-centos7-rax-iad-100675']
hosts, their running nodes and ports:
- devstack-centos7-rax-iad-100675: [{rabbitmqctl29293,39511}]
current node details:
- node name: 'rabbitmqctl29293@devstack-centos7-rax-iad-100675'
- home dir: /var/lib/rabbitmq
- cookie hash: KieJnx1pnllKbHVihGcDqA==
---
Fix up this retry while we investigate [2]
[1] http://logs.openstack.org/64/141864/1/check//check-tempest-dsvm-centos7/4308f0c/logs/devstacklog.txt.gz
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1144100
Change-Id: I11fb3728e08adc1e0f7acca63e5a308d24dce78e
Now that Keystone is back to UUID token defaults the use case for this
in devstack is extremely dubious, and it can be set through via
local.conf if anyone *really* cares.
Part of bp:devstack-nounset
Change-Id: I644b5b1579952959d253758b2a12b97d8a704657
The orchestration image_ref is set incorrectly if the extension is not
qcow2, as a result tempest cannot find the Glance image and the
associated tests fail.
This patch fixes the issue by handling any extension.
Change-Id: I32ffe021714590a1b1bab232b1d4f5da238bd4d8
Closes-Bug: #1402774
With multiline support for local.conf, the first line is created with
iniset, which will set *all* previous lines to the same thing, and then
subsequent lines will be added. Modify the multiline support to first
clear existing lines from the section.
This causes fatal errors with neutron.conf, which defines drivers with a bunch
of service_provider= options, and the current code ends up with the first
driver defined in local.conf being present twice.
Change-Id: If132a94e53545d9134859aa508da7b9819ede2f8
For the OS-OAUTH1 Keystone extension to fully work under Apache,
the WSGIPassAuthorization parameter must be set to On, rather
than the default of Off. This will make functional testing of
this extension much easier.
Change-Id: I5dcbdd27e7ef7a60fe3c7cb8b9c3c83b4197dfc1
Latest release of setuptool 8.0 made several versions used in
requirements.txt of OpenStack projects invalid. Instances:
* SQLAlchemy>=0.8.4,<=0.8.99,>=0.9.7,<=0.9.99 in oslo.db 1.2.0
* python-neutronclient 2.3.9.40.g9ed73c0 in openstackclient
Cap '<8.0' is set as a temporary fix until a better solution
comes up.
Change-Id: I4cfe2e4c86474ec9bf69a3c2007c0277288ea2b6
- rabbit_userid was only updated in trove.conf leaving other
trove configuration files not having this value.
- Trove service setup was broken because of this.
- Added rabbit_userid to trove-taskmanager.conf,
trove-conductor.conf and trove-guest.conf.
Change-Id: I60bd160600ec4a02c94ee5e33e4bc91c9f2aa2ed
Closes-Bug: #1402227
Do not compose a full path to the ironic ssh keyfile. Instead,
use IRONIC_KEY_FILE which will be set to the full path to the key.
This is required when IRONIC_KEY_FILE is user-specified, otherwise
we're still enrolling nodes with the default path that is only
used when generating a key.
Change-Id: Icf1ba97becc3e800caf9329a16b79cf106ac3c9a
This breaks check-heat-dsvm-functional-mysql which assumes the previous glance image name.
This reverts commit 21dbe99334.
Change-Id: I77749f3f9f1a64719447ddd25ee95bc6d3afa5b3
Newer versions of rabbitmq (3.3 and later) do not allow the 'guest'
user to access on non-local interfaces.
- Added a new config RABBIT_USERID which defaults to stackrabbit
- Invoked config scripts using that variable
Adopted from:
https://review.openstack.org/#/c/107779/
Change-Id: I43a231c9611b4cc2e390b603aa3bfb49c915bdc5
Closes-Bug: #1343354
Co-Authored-By: Scott Moser <smoser@ubuntu.com>
When ironic nodes are enrolled, their resources are not available
to the nova scheduler until after a round of ironic and nova periodic
tasks have run In addition to waiting for ironic nodes to show up in
the resource tracker, also wait for associated CPU resources. In
the worst case, this means waiting for 3 total rounds of periodic
tasks.
Change-Id: Idbbc43bf74ff5fff3d50f3494148454bb51e378f
Closes-bug: #1398128
Since Fedora 20 it has been possible to use 'dnf' as a drop-in
replacement for 'yum', and it is targetted to become the default
in Fedora 22
http://fedoraproject.org/wiki/Changes/ReplaceYumWithDNF
There are many benefits of 'dnf' over 'yum' but the biggest
from the POV of an openstack developer is its speed.
Assuming an existing running devstack install ie all required
RPMs already installed on the system. Now look at how long it
takes to run stack.sh, during which yum does not have to
actually install anything
# ./unstack.sh
# time ./stack.sh
real 11m12.193s
user 10m17.129s
sys 0m15.275s
Now, with 'export YUM=dnf' set in local.conf, run the same
test again
# ./unstack.sh
# time ./stack.sh
real 0m48.610s
user 0m28.939s
sys 0m7.801s
So, this is showing that devstack is wasting 10 minutes just
for yum to figure out that everything is already installed.
The overhead of yum vs dnf is even worse when yum has to
acutally depsolve to install new packages.
Change-Id: Ia01a5f330a47b32207586902a861bedfc8a0f6e2
Some options in openstack client like --or-show are available only
from 1.0.0. Adding this 'requirement' explictly as openstackclient
is not as part of requirements of other projects.
Change-Id: I96a98331ece15da869a3ea7af80d16fab2351329
With gerrit 2.8, and the new change screen, this will trigger syntax
highlighting in gerrit. Thus making reviewing code a lot nicer.
Change-Id: Id238748417ffab53e02d59413dba66f61e724383
The Cinder Cert script currently only runs the Tempest
tests tagged with volume.api, should be all Volume tests
to make sure we get things like attach and other commands
fully tested.
Change-Id: Ic15d2ad6d3616bfde4838873d0c79664b009ef1f
Buildroot on 64-bit systems may use /usr/lib64 to store the XAPI plugins
Add this as an option to search for.
The list is getting of acceptable paths is getting longer but some work is going
on in XAPI to allow us to query for this path, which will mean we can get
rid of this list in future.
Change-Id: I79aafb6a86032c7ab04937c9e9bec08661ecdefa
So far devstack configures tempest either for testing all extensions
or a specific subset. It does not allow users for specifying a set
of extensions which should not be exercised.
This patch adds this support. To this aim, the tempest configuration
process will scan API endpoints for active extensions using the
verify_tempest_config.py tool, and then will remove those extensions
which have been explicitly disabled by the user.
If an explicit subset of extensions to enable is passed to devstack,
tempest will use this subset, rather than the list of active
extensions.
Implements blueprint branchless-tempest-extensions
Change-Id: I263bcf04668953f414a4ef18cb98c1c373e142ad
Describe the various settings that can be made to control the
behavior of Ceilometer. Doing in lib/ceilometer for now. When there
is more something under doc may be warranted.
Change-Id: I9cd47085a5e91bae0a88f6e26f6c8bdc86c02978
Ensure both lists of oslo libraries are sorted and
add the missing oslo.context in install_oslo method
Change-Id: I5b849c97b681e65425304e05534a61140e4e1fda
This commit udpates devstack to work with the latest neutron services, which
are now in their own repositories. This will also unblock third party CI for
services testing. This also allows devstack users to run neutron with
services again.
Change-Id: I9cdd51f09edaccf218988240b48ce733d5771a65
Exploit the --or-show functionality of openstackclient,
rather than issuing two different commands at the shell level,
let the CLI handle things.
Change-Id: I1db239fd3473eb580def1c5fb28ce472a1363569
SSH creds should be in place before nodes are enrolled. If not,
ironic cannot sync power state causing nova to skip nodes in
its resource tracker.
Change-Id: I6b98ae57ce33783f69e2cf9ba357807d384b3012
Closes-bug: #1398128
This has been deleted from the nova tree, we should purge it from
devstack, as it will not work any more.
Change-Id: I20501fec140998b91c9ddfd84b7b10168624430a
During glance image-create we are currently setting a null value
for the hw_vif_model, if we are unable to introspect from the vmdk
file.
This patch adds a default value if not found.
Change-Id: I6d0f551b18f03e2a799ae14c3347652a285693f0
Gets rid of redundant globals and avoids regenerating an ssh key
for ironic if one exists. Also allows key file to be user-specified,
letting ironic use pregenerated keys.
Change-Id: Iaa6f8918bf14dae2116269a0be5039fc5afaecfa
The current parsing of the interfaces from the neutron network namespace
fails if there are other things that match 'tap' (ie, gretaps created
for other purposes) This tightens up the parsing to only match devices
starting 'tap' instead of anything containing 'tap'
Change-Id: I9a31ec8ad253da0b3c5bd7f5eb105c49850f3060
lib/nova checks NOVA_API_VERSION for setting Nova v2.1 API endpoint,
but the name of the initialization is different.
This patch fixes it.
Change-Id: I2fa234d66fe76b2a7146288adc1384b33921e178
This provides a mechanism for overriding v2 endpoint with v2.1 so that
tests can be run against a devstack to provide equivalency between the
APIs.
Change-Id: Iaaa530bda6bcdae75e86be8dbe572abe4396e8e9
The utility would fail due to the fact that the GLANCE_SERVICE_PROTOCOL
was not set.
Change-Id: Iff0b59274fa909895abd70c3a6d1da63dbd70483
Closes-bug: #1396567
Since https://review.openstack.org/#/c/128509/ heat no longer requires
the "heat_stack_owner" role by default, as we now delegate all roles
via the trust. So remove the now unnecessary role creation and assignment
from lib/heat.
Change-Id: Ia097ac9a76b3242ed6e62b11ca64c7ac7680b97c
We're moving to a model like nova where we don't maintain a static
sample config, instead providing a readme showing how to generate
it in https://review.openstack.org/#/c/138800/, so this change
is needed before we can land that change.
Change-Id: I335a33646eef72962c9036dcd1de50144d8575c8
Fixes the test string in horizon front page test so it is not failing
when header tag gets new attributes
Change-Id: Ibf62bf6f6300eeb0ab2f22086b0ff1c05c69d86b
I5b3e221d942e09134024b82acaf179dc869357e0 has removed xml_api_v2 from
Tempest config, and xml_api_v2 setting of DevStack is unnecessary now.
This patch removes it.
Change-Id: Ic85fbfda13fd352c4d513859915aaca27e894b58
When enrolling nodes into Ironic, poll nova's hypervisor-stats until
the hypervisor count reflects the number of enrolled nodes. This
eliminates a race where devstack completes and an instance is spawned
before the first post-enrollment periodic task ticks on the Nova side,
which has recently started popping up in the gate.
Change-Id: Ib3d8005e0094ee8af2d5fcb65aca6cd92736da90
Closes-bug: #1398128
TEMPEST_CONF is not set but used it. As a result the meaningless file
'DEFAULT' is created. So this commit fixes to use proper variable name.
Closes-bug: #1394969
Change-Id: If6e58f269319df3c4f71b4fc13aa855c63f7e3a3
This commit changes the path that is used as reference in the
documentation to one that is widely used in both ubuntu and debian. This
was made in order to avoid confusions (that actually happened while I
was trying out the devstack guide).
Change-Id: Ic3ce40816f79f9f522fc33ed8b4a574d7a57d586
We're in the process of establishing the CI testing with
Parallels Cloud Server plugin for libvirt.
Currently we use local clone of devstack in our infrastructure,
but we want to switch to upstream
requires extra customization of nova.conf and glance-api.conf:
nova.conf should have "images_type" and "connection_uri"
defined, and glance-api.conf to have "ploop" in disk formats
Implements: blueprint pcs-support
Change-Id: I0b073359fda8b4531cae7b8946eb52a561c82857
In multi node devstack using multi-host nova-networking, n-api-meta runs
on every machine but n-api only runs on the API node. So copy
nova-api-paste.ini if any version of n-api* is running.
Change-Id: I323f39f5080b94e22907a173a1a2bc4a324567b8
This moves setup of sgabios ROM to the ironic hypervisor library.
This is failing to backport to juno because of an error in the sideways ironic
grenade. install_ironic() is expected to setup only python things and happens
earlier than initial package installation.
Fixes-bug: #1396352
Change-Id: I75f0052045143571619e6712d57014228abf7a20
At teardown time we delete the libvirt secret but leave
nova.conf referencing the stale UUID. Remove it to make
debugging and repeated runs less error-prone.
Additionally, only try to delete secret if it Cinder is
enabled (causing it to be defined when deploying devstack).
Change-Id: Id5e1290b8dcfd79238f02e31084ab12c3d6aed5f
This commit updates the default ODL package to be tested with to the
first stable release of Helium. Critically, this includes ODL fixes
for some IPV6 issues.
Change-Id: I4eaa52a8baffdcc3a5e74cabca2f9cd7ea4ec237
The cinder endpoints should be correctly established in the service
catalog. There is no reason to provide an overriding endpoint_template.
Change-Id: I9b206fa22a8271a0fb65789d139ead35dfb1ea0d
ca_certificate_file is deprecated in favour of using the standard
options from keystoneclient session.
Change-Id: I611da719fb3a95d0a9c2f6ad43e2c083ea7d6862
Setting these kernel command line parameters will have journald log
everything to the console, which means it'll end up in the appropriate
log in the ironic-bm-logs/ directory.
Change-Id: I0f4c79436c4856a5aa72f00f1ac8c2ed534b702e
Change: I97cbede806e5c00363c7174fa1e9f286de96aab6 altered
the logic in lib/databases/mysql from installing mariadb only if
one was using rhel7 to installing it by default unless one was using
rhel6.
Change: Iae9a7a1c09f1fc83573c3926b3470955c244c401
Attempted to fix this, but only does so for precise.
Unless mariadb has become the default, I strongly prefer to keep
standard mysql as the database on ubuntu (precise or otherwise).
Closes-Bug: 1395776
Change-Id: I3afb89ae6d55405313b7219dd6daa24d9ca80f70
Zaqar has an admin mode which enables certain endpoints. This mode
should be enabled by default in devstack so that tests environments can
rely on those endpoints to be present.
Change-Id: Ic50875f4515bb631a6bf800c9338d3b6bbeaafae
apts aren't a thing, debs are. apt-get installs debs, like yum installs
rpms. Another option would be to rename rpms to yums, but that is even
sillier, considering then for suse we'd have to call it "zypper-suse" or
something, even though it would want to consume yums-general as a base.
Include a symlink to the old name to help out with grenade. The symlink
should go away later.
This is a long-standing annoyance of mine.
Related-to: I915f0e59c13d8cf5fb3549c6202f8aa2f8be0856
Change-Id: I0416180db5b6add996ce5b48c6966c1b68adbcb0
This patch partially reverts commit
15130cd5fd.
This commit was desupporting ovs and linuxbridge plugins.
But the ML2 plugin can be deployed with the linuxbridge agent.
The current patch restores the linuxbridge agent configuration
file.
Closes-Bug: #1393429
Change-Id: If824185b22e22a1de6498f1f0f2742a279235675
* Re-work the old banner logo for the Sphinx docs
* Remove the remaining leftover assets from the old web site
So this is one possibility, I retained the other logo files so we have
options to play with.
Change-Id: Iac15899780072450dc30600a719283c0e2b0c0ae
The boto client uses the ca_certificate_files value in the
Boto section of /etc/boto.cfg when making an SSL client
connection. Configure that to be the devstack SSL CA bundle
so the boto tests will pass when running against an SSL or
TLS-proxy configured devstack environment.
Change-Id: I55ae6d6e0c5b3adb4370ec93f40ae1cd47741457
Set up external_network_bridge correctly for the case
of Q_USE_PROVIDERNET_FOR_PUBLIC=True.
This is an oversight in commit 6a633fd024.
Closes-Bug: #1394826
Change-Id: I33f0fe15bafb7071d8a09899d636471f49031606
Sets up n-cpu to migrate domains via SSH. By default, hosts attempt
to connect to each other as root, so this specifies STACK_USER instead.
Change-Id: Ic6e868091c89a2cc6b2f0fada3f7e95002aaff8b
The setup should have been with setup_dev_lib, which looks up the path
from GITDIR. This should let tempest-lib src jobs function.
Change-Id: Ia160708c089adce469d878030196b6fed8acc92d
This adds unit tests for all the GIT* definitions, ensuring that for
libraries we think should be defined, they are. It exposed a bug in
glance_store definitions in the process.
The GITDIR definition for python-openstackclient is moved to stackrc
for testability.
Change-Id: Ibd9ab665f0362a84f4f7e80e80da56a4737f584e
This installs the new bash-complete file in the standard location,
alongside the rest of the completion files:
/etc/bash_completion.d/glance.bash_completion
Change-Id: I2944c47d857f7125f370b2b1ee041d1282db09c5
in Juno/Kilo, we added ceilometer purpose specific connections for:
metering, alarms, event. Rather than piggyback off oslo.db's
connection option (which gives misleading sql help message), we
should use Ceilometer specific connections.
Change-Id: I7703b73708a5807fb8de89fbb828f06b488acf69
Syslog settings were not configured at all for these two
projects. As a result, regardless of the value of the
SYSLOG environment variable, the use_syslog options for
these two projects was always set to False.
Change-Id: Iba6155d62beffa06e5bb9ac16b06082ec64d0926
Closes-Bug: #1394024
This patch enables to use the agent_ipmitool deploy driver to
deploy the ironic on real hardware, instead of virtual machine.
It also append the deploy driver name to the kernel/ramdisk
path, so that if developer switch the deploy driver after
./unstack.sh, devstack will use the correct kernel/ramdisk.
Change-Id: Iac0415f6895d037c876e137aa4f2bf2990eb47c5
After the recent patch [1] the devstack is broken for Fedora 20 with
the error "django-admin.py: command not found" during horizon setup.
This is due to differences in how django currently packaged for Fedora,
where we should use "django-admin", without the .py
This patch sets up executable alias by checking if "django-admin"
exists, and falling back on "django-admin.py".
[1] https://review.openstack.org/#/c/120940/
Change-Id: I2b6de25fe32446edbdc0418674fea8579ec739d9
Prior to that commit if ceph_version was equal to 0.80.5, the variable
substitution ${ceph_version%.*} was returning 0.80 and not 0. Using
${ceph_version%%.*} returns the desired value.
Also refactoring the version output to get a X.X format since only
major and minor are important.
Change-Id: Iab50f3c4b24a01a68acda417eae0501f00038f54
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
The Ironic API server's port and protocol are hardcoded in various
places. This updates the ironic bits to use configured values instead
and fixes a bug around iptables rule creationl.
Change-Id: I1ace68affff3afdbc0058be4d32f8044a24e9338
Closes-bug: #1393498
Adds initial support for configuring and starting the tuskar-api
service.
To enable, add the following to your localrc:
enable_service tuskar
enable_service tuskar-api
The aim of this addition is to provide a more accessible (non devtest)
way for developers to run up tuskar in a familiar devstack environment.
See the official repos for more information:
https://github.com/openstack/tuskar/https://github.com/openstack/python-tuskarclient
Change-Id: Id0c3c0d3a38100c66dbe6e3adf1f715162f99742
tempest_lib was how this was generally referred to, however that meant
that the job naming wasn't specifying the correctly src
library. Change to tempest-lib to actually test these things before
release.
Change-Id: I4c0712156d7ff71ee43747f30ab940e249d12ebc
While rst doesn't actually care about the order of headers, reviewers
sometimes do. And the build in emacs mode has a certain order
specified that it can easily rotate between.
Standardize on == h1, = h2, - h3, ~ h4 in the code.
Change-Id: I80ff6df6ef0703a3c3005809069428018bb355d4
Also reformat common configuration variables to have an additional
header level which makes it easy to direct link to specific
configuration vars when directing someone.
Reformat header markup to us a more standard == = - for h1, h2, h3
Change-Id: I10bac5a93529cdfbcde0a05f9ebdbc1799d403cd
run_tests.sh was created as an entry point for bashate. We stopped
using it now that we know how to run bashate directly in the gate.
We lost running an unrelated bashate test when that happened.
Devstack does have unit tests. We don't run them. We should.
Especially when working on things like the LIBS_FROM_GIT which is
sufficiently tricky that we really need to add unit tests to ensure
that we don't break it.
Change-Id: Ife067855569e2eae4c085471d326e8086de37332
stack.sh line 223:
if [[ is_fedora && $DISTRO == "rhel6" ]]; then
stack.sh line 234:
if [[ is_fedora && ( $DISTRO == "rhel6" || $DISTRO == "rhel7" ) ]]; then
stack.sh line 358:
if [[ is_fedora && $DISTRO == "rhel6" ]]; then
Condition [[ is_fedora && $DISTRO == "rhel6" ]] return wrong result.
This condition is equivalent to the
[[ -n is_fedora && $DISTRO == "rhel6" ]]. First expression -n is_fedora
always not null, therefore this condition the same is
[[ $DISTRO = "rhel6" ]].
Change-Id: Ida9eaa7950554bcd2f183dede7ad19522f9ca558
Closes-Bug: #1393684
After commit 6d20f090, devstack does not work on Ubuntu 12.04
because Ubuntu 12.04 does not provide mariadb but devstack expects it.
Change-Id: Iae9a7a1c09f1fc83573c3926b3470955c244c401
Making the horizon scss compilation and compression happen offline.
Potentially fixing an issue with parallel compression in devstack.
Related-Bug: #1345955
Change-Id: I066c80e06a92302a3f8dc5fd45d127fbde6cf99c
Treat the new oslo.context library just like the other Oslo
libraries. i.e. make it possible to either test with upstream
released library, or with git versions of oslo.context.
Change-Id: I2dc498324d6c405655a8e2e249465c5b351ca960
This adds sgabios to the list of packages for Ironic and configures
the libvirt domain to redirect BIOS messages to serial via sgabios,
when console logging is enabled. The sgabios package in Ubuntu
currently has an apparmor bug, so that is worked around here.
This allows visibility into early boot of Ironic nodes and should
help get to the bottom of a frequent failure we're seeing in the gate.
Change-Id: Ifd18851e2d23d198d36e67883a81afc6a92d2a58
Related-Bug: #1393099
Remove unnecessary old code from tools/build_docs.sh; it now only builds
docs for the current branch in the current working directory.
Fix the merging if the git log changes into changes.html.
Change-Id: I965dc3383b6317807ca0d47fe42648a19e96b57b
Define IP_VERSION with one of the three values 4, 6, or 4+6 in
your localrc to indicate if you intend to run your tenant data network
as either IPv4, IPv6, or dual stack respectively. Default value is 4.
If your IP_VERSION is set to 6 or 4+6, then the following variables
should be defined in your localrc:
- FIXED_RANGE_V6: The IPv6 prefix for your tenant network
- IPV6_PRIVATE_NETWORK_GATEWAY: The gateway IP with the same prefix
- IPV6_RA_MODE (with default as slaac)
- IPV6_ADDRESS_MODE (with default as slaac)
If you're going to use IPV6_RA_MODE/IPV6_ADDRESS_MODE settings other
than the defaults then you should make sure your VM image has dhcpv6
client enabled at bootup, otherwise you'll need to run it manually
after the VM is booted.
It's recommended to run the latest version of dnsmasq 2.68.
If you intend to enable internet access in your VM, make sure
your network node has IPv6 internet access, and the IPv6 prefix for
your tenant network is a GUA and routable.
Implements: blueprint ipv6-support
Change-Id: I848abf18e00e2a869697c5ef6366bc567dde448a
Co-Authored-By: John Davidge <jodavidg@cisco.com>
Use SWIFT_SERVICE_PROTOCOL when configuring backup_swift_url for
cinder configuration.
Change-Id: I09de62e8deca86b473cee969ba2c5919d4f9892d
Closes-Bug: #1393554
XML support of Nova API has been deprecated with the following
message:
XML support has been deprecated and may be removed as early
as the Juno release.
Now Kilo development cycle started, so we should disable Nova
API XML tests on Tempest.
This patch adds TEMPEST_ENABLE_NOVA_XML_API option for setting
Tempest test by devstack-gate. The default value is True because
of keeping the test coverage. After merging a devstack-gate patch
which specifes True for stable/icehouse and stable/juno, we will
set False for the master blanch.
I4acc15ce5f487738bb34a95c2261a5d05d827d8d is a Nova patch which
removes XML API support.
Change-Id: I2ab8f5c3d15b496e0b639c99bb8592533a69a265
We don't use nose anywhere in anything related to devstack. The only
legitimate OpenStack things that are still nose are horizon and swift
unittests, and it turns out we don't really run those in devstack.
Change-Id: I215e0f3664f269e0e1b8f5d5f9c70553dededddd
The current centos 7 images from rackspace do not have cloud-init
installed via pip, so this is no longer needed. This work around is
actually a little wrong too, see the bug.
Change-Id: I6642593ca2248d9e01f653cc8e70c70ba8372e50
Partial-bug: #1393073
Currently devstack create VMs and then deploy Ironic on these VMs.
Sometimes developer may want to deploy on real platform.
A separated file is required to provide the baremetal compute node
information, which includes four fields for each hardware platform,
the ipmi address, the mac address, the ipmi user name and the
password.
Change-Id: I422b43eae6edc95f15b8c40383d0ba7fbcd9b1ff
glance_store and saharaclient were missed in the last round, make
them install from released clients in this patch.
Change-Id: I2e0ed2b7fb5994ae6abd92612a67ce5fd82b3f7e
We're using all the magic variables based on python-fooclient, however
all the inline code was using fooclient for variables. So we had a
mismatch, which was kindly pointed out by some of the 3rd party ci
testers.
Change-Id: I27a56222c7e8e610fba8bf97672d2a42f5cf14ca
Noticed this on a freshly installed, minimal Fedora-21 (from
development repos):
$ ./stack.sh
[. . .]
2014-11-13 10:56:22.442 | + local exitcode=0
2014-11-13 10:56:22.453 | + sudo route add -net 10.1.0.0/24 gw 172.24.4.2
2014-11-13 10:56:22.479 | sudo: route: command not found
2014-11-13 10:56:22.488 | + exit_trap
[. . .]
Also added it to files/rpms-suse/general, just in case.
Change-Id: I77954d97e654e8f384a2016631df14e73be927fe
The trove cli has been changed in an incompatible way. Exercises
are the requirements of projects to keep functioning, if they aren't
we should fast delete them.
Related-Bug: #1391840
Change-Id: I3b61194ff220525aed202c7f7851faa0be446646
Ryu plugin was marked deprecated in Juno and will be removed for Kilo.
We (Ryu team) recommend users to migrate to ofagent, on which
we aim to concentrate our development resources by this deprecation.
Partial-Bug: #1391714
Change-Id: I1ef28818e9400664ae3d83758dc2dcf71c02f185
Modify the lib/tempest to not fail
if no nova or glance available.
* This allows performance test of keystone and neutron with
tempest (or tempest stress runner) without having system
noise from another components.
* Depending on not required components for tempest is bad practice,
tempest service decorators expected to allow tempest,
to run in more minimal system out-of-the-box.
Change-Id: Ifc40b1eb5c4b79d96a5fae919b88afecca642ca0
The PIP_USE_MIRRORS does not do anything else than adding
the --use-mirrors option to the pip command line.
The --use-mirrors is deprecated since pip-1.5,
and does not do anything else than printing a warning message.
For using alternate pypi index url this option is not required and
not sufficient. The current way for using alternate mirrors
is to defining them in the .pip/pip.conf either manually (before
devstack), or by using the PYPI_ALTERNATIVE_URL and PYPI_OVERRIDE
environment variables.
Change-Id: Ia33e783360e5661c2ef03b77e9f7af32b2633f2f
As of the Ceph Giant release, pools 'data' and 'metadata' (used for
CephFS) were removed. Thus applying the pool change command fails on
Giant since those pools don't exist anymore. Now we are checking for
every release prior to Giant and apply proper commands accordingly.
Change-Id: Ia12042899c0e6809f5b98c2e0de177bb61c8a790
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
Update the form of the links to other documents in the tree;
the generated HTML links must remain in the original form.
The layout is changed from the previous tables to a more Sphinx-y
TOC-like list.
Also editorial changes to the index page and guide titles
Change-Id: I52df0cc542754c386fb3c99d9efdf2524c11bf48
This commit fixes the name of ovs_bridge parameter and the section it is set in nova.conf by the nuage plugin
Closes-Bug: 1390256
Change-Id: I63c929e827db10d0cf5450907a273d880fc757f6
This updates the form of the links to other documents in the tree;
the generated HTML links must remain in the original form.
Change-Id: I6c2179e3b7cb5b8e2589ede84ab7d02340812e80
This makes the name of the unzipped package configurable so you can run
with releases other than the default specified in lib/opendaylight.
Change-Id: Iad879c558d742da03375cb61b0c2ef141573ffec
There were a lot of artifacts left from the HTML translation.
The toctree at the end is to suppress the errors until the remaining
docs are cleaned up.
Change-Id: I4a8f29f0be524d0a15c7c6f590ffc3ceed6ff811
Neutron external and internal networks are created by default
This commit let developers by configuration to decide if those
networks needs to be created. This is needed to test Neutron DVR
in a distributed Multi-node environment
Change-Id: I17d891d072f189925676b4557094cde1c7a71579
Closes-Bug: 1389288
Add support to passing the flat_network configuration. User can
either passing the physical network name, or use the physical
network definition
Change-Id: Ie42679f207eb14620883778314f74abf378b5cbc
This got moved around with some of the recent cleanups I think. My CI
was putting FORCE=yes into localrc which used to work. Noticed doing
some bring-up on F21
Change-Id: I7c0ea6b67b42b768278de0fd41d0c0bfbb572387
expand the devstack support for libraries from released versions to
support python-* clients and tempest_lib.
Depends-On: I81b0d228e7769758c61e5b0323ecfce8c8886d39
Change-Id: I26fac0ccf8fd4818e24618d56bf04b32306f88f6
Add options to support DHCP agent providing metadata-proxy.
In some cases, users have to disable L3 Agent. But people still
need metadata services.
Change-Id: I4664fc3a4937c3b7b5c27e74f509b683ffbedd09
INSTALL_TESTONLY_PACKAGES is assumed to be set to `True` or `False`.
However, in devstack-gate this variable is set to 0 or 1. The patch uses
the already existing `trueorfalse` function to evaluate
INSTALL_TESTONLY_PACKAGES and normalize its value.
Change-Id: I0e4a31e422bad2a31d919d9f871e24833a0faa99
Only set the keystone reserved ports when available, on some system
(like when running under containers) where this sysfs interface is not
exposed we are almost pretty sure these ports would be exclusive for our
devstack.
Change-Id: I06d7d227ae94d564c91c16119e4bbbcc6564a280
The recent GIT_DEPTH change introduced a [[ ]] construct
which doesn't work for zsh 5.0.2. Workaround it by tweaking the test.
The following is a demonstration to show how zsh behaves:
% if [[ "" ]];then echo hoge;fi
zsh: parse error near `]]'
% if [[ "x" ]];then echo hoge;fi
zsh: parse error near `]]'
% if [[ -n "" ]];then echo hoge;fi
% if [[ -n "x" ]];then echo hoge;fi
hoge
%
Closes-Bug: #1387943
Change-Id: Ia88de876dacb3664a7c3d8f5a035e8e50fddb678
The agent ramdisk gets instance images from swift, set firewall
rules to allow this.
Also configure Ironic API port using the correct variable, and
use SWIFT_DEFAULT_BIND_PORT for Swift ports everywhere.
Change-Id: Ieec8cc64e504b04a21daa49e90e2d4925f4838ee
Signing certificate directory should have 700 mode.
Before the change it was created with 755.
As a visual impact this CR removes warning from
keystonemiddleware.
Change-Id: I8483e73447348b9a9e33dfd382543978a70a9d43
Closes-Bug: #1387416
To enable policy check in Sahara we need gate tests passed.
Tests will not pass until Sahara has default policy.json (
e.g. http://logs.openstack.org/09/131609/1/check/check-tempest-dsvm-full/536d5e7/console.html).
New code will copy of policy.json if it exists.
So, for now this code will do nothing.
Once policy.json appears in etc/sahara, the code will start coping
it to sahara conf dir. This will allow to merge auth support with
gate tests passed.
Related blueprint: auth-policy
Change-Id: I98e108ff02aacb91570f97e457d67dd02779ae3d
In preparation for supporting 2 node devstack jobs, where the first node
is an all in one and the second is a compute node. Make nova config
options allow_resize_to_same_host and allow_migrate_to_same_host
configurable so we can turn them off when we have two compute nodes.
Change-Id: If6989200b56c4597d6e8506d0dda2cc75d0881f1
pyScss python module uses pcre if available for performance
and it is better to be installed.
This commit adds it for files/{apts,rpms}/horizon.
Change-Id: If711fa222d3f395efd670334c8a84f35d195dc25
Dom0's bash does not support associative arrays, however we source
`functions` and therefore our scripts fail. This change breaks the
dependency of dom0 tools on domU functions.
Fixes bug: 1379804
Change-Id: I229e2d5f07070a9236ec612d4032c94c4361a9f6
Use the same mechanism as used for nova plugin installation, thus
avoiding the need for variables in dom0. This change will also help to
move XenServer CI to neutron in the future, as the dom0 part of the
script is not executed there.
With this change, the neutron related network will always be created and
attached even if the user wants to use nova-network.
Change-Id: I8669c94e9f0aacce2990469dbabde1ff702a2769
The current test does not match file files in /lib/* because the
-wholename command is missing the preceeding \*. The whole command is
a little difficult to understand.
This re-lays the find command, using -prune to skip dot directories
and keeping a hopefully clearer flow of what is being matched.
Change-Id: Idd856e897ff97095fb116294a9187ff4b198fa26
This reverts commit e2c9fee8ed.
We have decided that we don't want to support the json-style argument
as described by bug#1374118 (see thread at [1]).
This restores the old behavior of sending the argument in
double-quotes so environment variables get expanded. As a bonus,
tests for this are added.
[1] http://lists.openstack.org/pipermail/openstack-dev/2014-October/049341.html
Change-Id: I9fc99f3716cc53366907878adb00ae6cf3898f14
Closes-Bug:#1386413
If redis is desired by local.conf via CEILOMETER_COORDINATION_URL
then make sure redis is installed and restarted.
Change-Id: Idfb7b902478049fbc240bf416db6c7d6acd67a51
Now the templated catalog driver class "TemplatedCatalog" is removed
in this patch https://review.openstack.org/#/c/125708/2 use
"keystone.catalog.backends.templated.Catalog" instead.
Change-Id: Ib9c8ea557e7171ff0c78a1e10d752ed564aff9e7
Closes-Bug: #1386562
Use the updated trove mysql image at:
tarballs.openstack.org/trove/images/ubuntu/mysql.qcow2
instead of the older deprecated image at:
tarballs.openstack.org/trove/images/ubuntu_mysql.qcow2/ubuntu_mysql.qcow2
Change-Id: If76f25dfe0f975faf1883f0a6d993c21b26e1b29
These plugins were removed in Juno.
Note: this doesn't affect the corresponding ML2 mechanism drivers.
Partial-Bug: #1323729
Change-Id: Ia8da1e20a03fef5657ba1584bf83ddd224b5d5f2
The no_wait flag can trigger a race conditon with ip addr flush
if the public bridge is not yet up. Due to this race condition
the local route for the external subnet might not be added.
The patch also renames br-ex to $PUBLIC_BRIDGE in some places
Change-Id: I11335c99dba580e7ca26b0b15b0df8dead367fdc
This creates a devstack REQUIREMENTS_MODE which is how we handle
syncing of global requirements. The default is 'strict', which is
current behavior. There is a new 'soft' mode which does a
--soft-update for projects *not* found in projects.txt, which lets
them specify additional requirements.
Change-Id: I4aa606514131b5dde67d87f5c8db5a3f3e50fc03
Depends-On: I1f195ef9ff1509659848e14ec9936ff6f66a6496
A minor mismatch in lib/neutron since now unstack.sh invokes
three functions and also start_neutron_agents() is called before
create_neutron_initial_network().
Change-Id: Ibbe68501cce4c062a9ac610cbc44188dc9bab6c8
The devstack.org build process was recently changed to run as a CI post
job, publishing the site after every commit.
Change-Id: I05ddb353fae524178a25f28f2437d4fc635167f9
Depending on how you are using devstack you probably don't need the
entire history of a project so we should allow people to specify a clone
depth to speed up the devstack process.
Change-Id: I804a5abcc80f6a81e915c0bb4dceae72486441a7
Blueprint: git-depth
download.fedoraproject.org is the mirror system, while
dl.fedoraproject.org is just one system. We have seen performance issues
with dl.fedoraproject.org and using download.fedoraproject.org was a
recommended as a solution by the folks at #fedora-admin.
Local testing on a rackspace server with dl.fedoraproject.org got about
70K/s while download.fedoraproject.org got over 1M/s
Move over to https as well.
Related-Bug: #1383928
Change-Id: I318d8844cfcfbc42c1e552e443c6b793d20f321f
If the volume vendor has spaces in it, for example “Open Source”, we
need to have quotes around the uses of the variables or the behavior
will not be as expected.
Change-Id: Ie1e99b6d6de2313e5b5b5a5d3057c136c9b34601
Config of ironic conductor currently references a non-existent variable.
This corrects it by obtaining and using the correct tenant id.
Change-Id: I4340f75b2b22a8fd3fd8dd5cb30d7e91bce4f654
The motivation for this conversion is to have DevStack's docs be
generated using a more familair workflow for OpenStack projects, using
Sphinx.
Changing from raw HTML to RST will also make it easier to contribute
more documentation, as well as making edits less of a hassle.
The majority of the work was done by using Pandoc to convert from HTML
to RST, with minor edits to the output to remove errors in Sphinx.
Change-Id: I9636017965aeade37b950ddf5bdb0c22ab9004bd
Having issues with the centos7 job, that seem to be because they use
an old snapshot that hasn't updated to the latest EPEL. Thus we
re-install it to ensure we're getting the latest.
Change-Id: I7930f3e05ee953dab80b06142c17d6aa70f2c2d1
A new configuration option is available in cinder for setting
the CA path. Configure this option in devstack when native SSL
or TLS proxy is configured.
Change-Id: I2cf9a3b8ba8e4896bd98efe0fb6f7d62fb279d90
Closes-Bug: 1384267
Swift has functional tests that check access controls
between users and projects in differing domains. Those tests
are currently skipped by default since swift tests are
configured to use keystone v2 API. In order for those
tests to pass when using keystone v3 API, a user and
project must be setup in a non-default domain.
This patch creates a domain, and a user and project in
that domain, in support of swift functional tests moving
to using keystone v3 API.
Changes:
lib/swift
- create a new domain, project and user for
swift testing
- add new project and user credentials to swift
test config file
- set correct identity service url in swift test
config file according to kesytone API version
functions-common
- add function get_or_create_domain
- modify get_or_create_user and get_or_create_project
functions to optionally specify a domain
Change-Id: I557de01bf196075f2f3adcdf4dd1b43756d8a0ae
In docs, use git.o.o URLs rather than GitHub URLs for the DevStack repo,
and don't mention GitHub when git.o.o is more appropriate.
Also, replaced GitHub logo with Git logo in quickstart.png.
Change-Id: Iab0006144f008963b8cb5be2d10ce0f360c0e6ca
I did a similar change in I8ba180be036836f37ebdbb6da36ff0be486c043e
but I guess somehow missed these ... maybe I forgot to add them to the
change.
As described originally, this causes TOT bashate to fail, so fix this
up before it gets released.
Change-Id: I5580cb46f1c8bd71c631549aab78428d95a6dc51
screen_service() can currently only be used to launch things that
pass the 'is_service_enabled' check, even though its calling functions
will have already done this. This removes such check, renames it
to screen_process() and updates its usage elsewhere.
Change-Id: I480a4560a45b131a95c1b2d2d2379aeba542a9bc
The create-nodes script currently receives a total # of VMs to create
and creates them all, generating their names on the fly. This moves
that name generation to lib/ironic and makes the script create only
single VMs as directed. This centralizes the naming of things to
lib/ironic and will make it easier to reference these things elsewhere.
Change-Id: I98e61f7188e027e690303e32aff7cd2347f6d2c2
This patch adds a return value to several empty functions that are causing stack.sh to fail when the
Cisco Neutron plugin is enabled.
Change-Id: I43987d9cc5edc53de41c27354c3a737643d1cd43
Closes-bug: 1383273
Juno brings tooz-based coordination of ceilometer central, compute
and alarm agents. If CEILOMETER_COORDINATION_URL is set it will be
used as the value for a tooz coordination backend. If memcached is
chosen, its package will be installed. Other backends, such as
zookeeper can be configured, but installation is left as an exercise
for the devstacker.
In the default devstack setup having coordination will do little as
there are only one of each agent, but this makes it a bit easier for
multi-node or multi-agent setups.
Change-Id: Ib85ccd435de3bc0ae56b5fe8c2fce6c2af9ff8d0
Recently compiled message catalogs (mo files) were removed
in Horizon and django_openstack_auth repositories.
We need to compile message catalogs to make translations
available for Horizon users. It is useful for developers too.
Change-Id: I0831e8308205c116d8e3bb8b43be7f0dd6fa0c0a
If a user wants to re-use an xva just with different proxy settings, he
can now do it, as this change will always update /etc/apt/apt.conf to
reflect the settings in the user's localrc.
Change-Id: I8a6e9c88304bc887ea8269d946e89a5ba258b126
Also, add a knob to create a veth pair instead of a bridge
to provide host connectivity for l3-agent. (Q_USE_PUBLIC_VETH)
Related: blueprint ofagent-physical-interface-mappings
Change-Id: I4c2538f0fd3fb05bfdb69e7e4c3a8462af42ba10
The OpenDaylight project recently released their latest release, codenamed
Helium. This commit updates the devstack support for OpenDaylight to this
new version, which includes changes to configuration files as well as the
startup of OpenDaylight itself.
Also update my email address in MAINTAINERS.rst.
Change-Id: I124b5e7e8ef7feb6c90de907916a9530409c4ad4
Currently when we configure the tempest with multiple LVM
backends the backend names are created as LVM_iSCSI and
LVM_iSCSI_2 which fails since the backends created by cinder
are lvmdriver-1 and lvmdriver-2.
This patch updates the backend names. Added support for
CINDER_ENABLED_BACKENDS and added todo to remove
CINDER_MULTI_LVM_BACKEND once its formally removed
Closes-Bug:#1369946
Closes-Bug:#1369942
Change-Id: If44f5eb206616afb0fbaf333f3fa6a296d4650cd
It would behave such as the contents from each meta-section in
local.conf is copied to the destination files. One exception is the multiline
options not grouped together. In that case, the contents will be grouped
together in its destination config file.
Check tests/test_config.sh for examples.
This was originally committed in https://review.openstack.org/128805.
But the original change used AWK syntax that is not supported in AWK
3.1.8, and caused syntax error on servers with that AWK version. This
patch makes the necessary change so that it's compatible with AWK
3.1.8.
Change-Id: Id1e1fe01f05bd0f19ea6e89c4f4c0f8be695dfce
Partial-Bug: #1374118
If an appliance is used as a base OS, the user might want to use that in
a different region. With this change we always update the used mirrors
in the template.
Change-Id: I7a119664efac1124e54064311c243c63c2a7944b
DevStack installs a default minimal .vimrc file for the stack user.
Unfortunately the `syntax on` config line is not recognised by the vim
installed in DomU. It results in an annoying message being displayed
whenever the user is using vi. To avoid this issue, removing the `syntax
on` line.
Change-Id: I224465cc3cdba3464ea0a9a751f250ecb6ddc9f3
If the user only want to run the installation of Ubuntu - to export the
template as an xva, it just needs to specify a non-empty value for:
EXIT_AFTER_JEOS_INSTALLATION
And the script will exit after the jeos template has been created.
Change-Id: I558e2f2b18ee23c15c7e46e2f7e74543cf26b750
Set TEMPEST_STORAGE_PROTOCOL and TEMPEST_VOLUME_VENDOR if
they are changed from their defaults, or if
TEMPEST_VOLUME_DRIVER is changed.
This maintains the current behavior of setting these options if
TEMPEST_VOLUME_DRIVER is set to something other than "default".
Change-Id: I1fb7f5db0446f97de48b97a6f451882cc51c51a4
Provide support for named proposed branches for selection logic
This syncs the get_release_name_from_branch() function from grenade.
Change-Id: I1adabf07cdc3ea6863cd30d8b6454fb40fc20288
In order to build in the Infra system, we'd like to be able to reuse the
existing doc build macros. To support that, move docs/source to
doc/source and docs/html to doc/build/html.
Change-Id: Ibd8e8e82e54c69b182120df67e6ec6908fed2908
This reverts commit 6ff21acf4c.
This commit has broken config options with colons in them.
The following is a sample configuration that no longer works:
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
[restproxy]
server_ssl=False
servers=10.211.1.9:80
server_ssl=False
With the above config and the code present that this reverts,
the 'servers' option will come out blank.
Change-Id: I328852d2d941605051a1bf5eaf0f7674191f8c48
It would behave such as the contents from each meta-section in
local.conf is copied to the destination files. One exception is the multiline
options not grouped together. In that case, the contents will be grouped
together in its destination config file.
Check tests/test_config.sh for examples.
Change-Id: I8c046b558eeb98ed221f6f1a59182d4179956ced
Partial-Bug: #1374118
When attempting to add a libvirt section with a volume_drivers entry
to $NOVA_CONF, via a post-config block in the local.conf file, I
encountered problems; the value for this attribute takes the form
driver=python.import.path.to.driver
but the value actually populated in the $NOVA_CONF was truncated at the
equals.
Taking the iscsi driver setting specified in the official nova.conf
documentation as an example, if I have the following in my local.conf
file:
[[post-config|$NOVA_CONF]]
[libvirt]
volume_drivers = iscsi=nova.virt.libvirt.volume.LibvirtISCSIVolumeDriver
I will see that the generated $NOVA_CONF has the following:
[libvirt]
volume_driver = iscsi
This occurs because the existing handling for a post-config setion, as
implemented in merge_config_file(), splits the line on the equals sign,
and then uses the first and seconds elements of the resulting array as
attribute name and value respectively.
However when an equals occurs as part of the value this results in the
value being truncated at the first equals in the value.
The fix I've implemented, based upon review feedback, extracts the
contents of $0 before the first equals as the attr name, and extracts
the remainder after the equals as the value. Then it strips the leading
and trailing whitespaces from both as appropriate.
I've also added test5 to tests/test_config.sh to test for, and verify,
correct operation when this scenario is encountered. Similarly I've
added test6 to ensure that trailing spaces in values are stripped
correctly.
Change-Id: Id0cb1e6e1cece21bc5dbf427c4d756af86fbd927
Closes-Bug: #1374482
Prior to this patch, if we wanted to boot a VM in Ceph using
libvirt_image_type we must had Cinder enabled. This patch allows you to
use libvirt_image_type without having Cinder enabled.
Change-Id: Ia61e6effc5a4ccba69f4fa48f6e9984f15bb8979
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
Id02ebdfa5cb3f6c763293876c6bb031184ebd663 introduced a small
regression which makes the command x509-create-cert fail with
'ERROR (CommandError): Invalid OpenStack Nova credentials.' for
Swift users.
The handling of specific password for Swift users was introduced
in Ifb57a43aad439ffe041e98465719a8a8eceae544
Change-Id: I3f328b1358bad0bdf7056796eabfe846dd5bae3a
Newer version of container-sync feature is introduced in Swift ver. 1.12.0.
The spec:
http://docs.openstack.org/developer/swift/overview_container_sync.html
Before this commit, Devstack does not configure any realm used in
container-sync, therefore this feature does not work.
To test this feature in CI system, moreover to show the sample
configuration of realms, Devstack now edits realms configuration file.
Change-Id: I9f1e3224403e08e725a989162729470357fe90b0
Closes-Bug: 1378646
Adds two new options to lib/dib that will help devstack slaves
use cached content and content local to cloud provides:
* DIB_BUILD_OFFLINE: This will enable DIB to rely entirely on
cached images without making any additional calls to cloud-images.ubuntu.com
to validate hashes/freshness.
* DIB_APT_SOURCES: Used to specify alternatve sources.list for image builds.
Setting this enables the addition of the apt-sources element during image
builds and is only supported for ubuntu/debian builds.
Change-Id: I9b9ca72ec551565d454610aacb86c585f0384f13
Partial-bug: #1375488
Glance is moving from [DEFAULT] to [glance_store] for this option.
Since lib/glance sets both, let's also set it in both places for now.
Failing to do this causes g-api to fail to start with error:
"Store for scheme swift not found"
Change-Id: I9e33ababf7c51f5c750f90b8b366b9892bb4c8cd
The docs incorrectly show an example of:
enable_service swift
This does not work, it must be enabled on a per swift service
basis, like:
enable_service s-proxy s-object s-container s-account
Change-Id: Ib4ed8b43f777d308f5464d45dc87735e843c0daf
If we don't single quote the extracted argument to iniset we drop any
quotes from the source. Add a simple test-case for this.
Partial-bug: #1374118
Change-Id: If2f47b64b11015e727a011c7e5f6e8ad378b90eb
When VIRT_DRIVER=fake, n-cpu processes are numbered (ie, n-cpu-1) in
start_nova. However, this scheme is not taken into account when
stopping nova, resulting in leftover n-cpu processes that fail
grenade's stop-base if USE_SCREEN=False. This special cases for the
fake driver in stop_nova_compute and ensures n-cpu(s) is shutdown
correctly.
Change-Id: Icebece9eadc4e10bb12fe4fdd2fa37d5f3983f66
Close-bug: #1378112
Make the sed the command to change the recon_cache_path into the renamed
generate_swift_config_services
Change-Id: I6092c26836320fab607eb9cd07f63189a9ba1ddd
stackrc now requires GITREPO, GITBRANCH, GITDIR and has been
dependent on functions for a while (is_package_installed). Ensure
we source the required functions file when stackrc is loaded. Avoids
unexpected issues in grenade where they may or may not have been loaded
depending on the configuration.
Closes-bug: #1377274
Change-Id: I5027cfad07af0de7ff39f424601d6f7ec5dcadae
in order to support installing from stable libraries we first need to
actually sort out all the categories our giant list of git repos fit
into. This will make it much easier to not lose one in the process.
Change-Id: I708c65428fdc7442e1661037f425e466048166d3
Apparently oslo is the hardest word in the world for me to understand
that I didn't spell correctly.
Change-Id: Id1b52529001319eaf41321118ab560711c752003
Added libvirt-dev as a system package to install with apt-get and
libvirt-devel as a system package to install with rpm.
Early drafts qualified with "testonly" (meaning to install only if
INSTALL_TESTONLY_PACKAGES is true). This is needed because installing
libvirt-python version 1.2.5 on Ubuntu 14.04 was observed to fail in
the building step if libvirt-dev is missing. Later drafts removed
that qualification, because Sean Dague said he thinks libvirt-dev[el]
is always required.
Change-Id: Ie6a272f60059a1f363630f307416b32c450a1ebb
Closes-Bug: 1362948
Nodepool images have recently migrated to being built with DIB, resulting
in strange changes in how the package dependency chain works out. This
explicitly adds required qemu packages to Ironic's apts to avoid some
not being pulled in by package dependencies alone.
Change-Id: I60373ee5ad7445cd54c8c013085b28d82bb0d085
Closes-bug: #1376863
Instead of having mongodb specific cleanup logic in `cleanup_zaqar`,
specialize it to perform clean ups based on the driver that has been
enabled.
Change-Id: I5807a83443b87b2c8d184e0cd2d5563a649c6273
Now that we are on pip 1.5.6 lets drop the workaround to make pip 1.4
work. As this is a development/testing tool requiring a newer pip
shouldn't be an issue. Also stack.sh installs pip by default.
Work around introduced in https://github.com/pypa/pip/issues/709
Change-Id: I0e7aad1d21f4fce4c020ce36685bb56893c66bdc
This patch provides a new path for installing libraries in devstack so
that it's possible to either test with upstream released libraries, or
with git versions of individual libraries.
Libraries are added by name to 3 associative arrays GITREPO,
GITBRANCH, GITDIR. When we get to the library install phase we inspect
LIBS_FROM_GIT and look for libraries by name (i.e. "oslo.config") and
if they exist we'll clone and install those libraries from
git. Otherwise we won't, and just let pip pull them as dependencies
when it needs them.
This patch provides the conversion of the oslo libraries, including
pbr.
Devstack-gate jobs for these libraries will need to change to support
actually forward testing their content.
Change-Id: I6161fa3194dbe8fbc25b6ee0e2fe3cc722a1cea4
If QPID_USERNAME is set, add the user to the QPID broker's
authentication database. Use the value of QPID_PASSWORD as the
password for the user, prompting for a password if QPID_PASSWORD is
not set. This requires that all clients provide this username and
password when connecting to the QPID broker, or the connection will be
rejected.
If QPID_USERNAME is not set (the default), disable QPID broker
authentication. This allows any client to connect to the QPID broker
without needing authentication.
Change-Id: Ibd79873379740930ce5f598018c1ca1fffda7c31
Closes-Bug: 1272399
diskimage-builder makes releases to PyPI and is not part of the
integrated release. Since it's not, we don't need to consume its
master branch - rather, we can consume its releases.
Change-Id: If9297a28604612140c39dfe44e77107d1372f0bb
When creating the account for neutron to use in keystone,
give it a service role instead of an admin role so it isn't
overprivileged with the ability to create and delete tenants.
Also set the Neutron policy.json file to allow the Neutron
account to administer Neutron.
Closes-Bug: #1344463
Change-Id: I86b15cfcffe549654c28f425c2bcf99403ac10bc
cinder_driver_cert.sh restarts volume services
and needs the SERVICE_TIMEOUT variable set, but
that was being declared in stack.sh.
Rather than create another duplicate variable in
the cert script, just move the SERVICE_TIMEOUT
variable to stackrc so it can be shared like other
common variables.
Change-Id: I650697df015fed8f400101a13b6165ac39626877
Closes-Bug: 1350221
If you're not using an XVA then the built-VM was previously Saucy, which is
not supported by openstack any more.
Change-Id: I1040d9e43d517582e76f2e1df787986b5ffbc42c
If CEILOMETER_USE_MOD_WSGI is True then the API app will
run under mod wsgi. The default is false (for now).
The changes are modeled on keystone's use of apache.
Note that these changes are dependent on
https://review.openstack.org/#/c/121823/ in ceilometer.
Using mod_wsgi allows the ceilometer api to handle "concurrent"
requests. This is extremely useful when trying to benchmark
various aspects of the service.
Change-Id: I4c220c3b52804cd8d9123b47780a98e0346ca81e
This is a pure python library that we should probably let pip
handle so that we don't accidentally only test whatever patched
version is in trusty instead of the upstream versions.
Change-Id: I93d2f9344b9f83d2397466b4bc29c97210919ed9
When setting ENABLE_DEBUG_LOG_LEVEL the keystone screen would ignore
this setting and always use the debug mode.
Change-Id: I934443c2976e936198fc93da4cca717e6cb84e6f
* DEFAULT.fixed_range isn't a valid option in nova anymore
* DEFAULT.osci_compute_workers was never a thing, it should be
DEFAULT.osapi_compute_workers
Change-Id: Ib08f3e20e4685b331385431276f890205fa76da6
In Juno cycle, we started to implement Nova v2.1 API and most part
has been implemented now.
For using/testing the API, this patch adds the endpoint setting to
devstack.
Change-Id: I25557cb2b0a1384ee11d3e1ae7d424828e766e50
Nova v3 API has disappeared in Juno cycle, and we don't test the API
now on the gate since If63dcdb2d05aa0fab0b6848a1248b6678f1ee9ad .
This patch removes the endpoint of Nova v3 API.
Change-Id: I85f87b37558a15d1eaaa781b02fec5b02bd2ab44
Configure nova, cinder, glance, swift and neutron to use SSL
on the endpoints using either SSL natively or via a TLS proxy
using stud.
To enable SSL via proxy, in local.conf add
ENABLED_SERVICES+=,tls-proxy
This will create a new test root CA, a subordinate CA and an SSL
server cert. It uses the value of hostname -f for the certificate
subject. The CA certicates are also added to the system CA bundle.
To enable SSL natively, in local.conf add:
USE_SSL=True
Native SSL by default will also use the devstack-generate root and
subordinate CA.
You can override this on a per-service basis by setting
<SERVICE>_SSL_CERT=/path/to/cert
<SERVICE>_SSL_KEY=/path/to/key
<SERVICE>_SSL_PATH=/path/to/ca
You should also set SERVICE_HOST to the FQDN of the host. This
value defaults to the host IP address.
Change-Id: I36fe56c063ca921131ad98439bd452cb135916ac
Closes-Bug: 1328226
- Horizon no longer has "enable_security_group" setting
so we need to remove it.
- There is no need to set enable_lb/firewall/vpn to True
when q-lbaas/q-fwaas/q-vpn is enabled because Horizon now checks if
Neutron ext-list and enables corresponding dashboards accordingly.
Change-Id: I37073d73e4cba0103ab1a3d935302f1cd0ef73c5
The Cisco Nexus monolithic plugin does not work without the Open
vSwitch plugin. The Open vSwitch plugin is scheduled to be removed
as per #1323729. This patch removes the Nexus Hardware switch
related code from devstack. The N1KV virtual switch related code
will still remain in the tree as it doesn't depend on Open vSwitch
plugin.
Closes-Bug: #1350387
Change-Id: I82ebb09c64589fc9b7bb790982541bc87c66e6e3
For functional testing of heat-standalone it is desirable for
heat to orchestrate on the rest of the cloud which is brought up
by devstack. This change makes the following changes to enable
this when HEAT_STANDALONE=True:
- Don't register the orchestration endpoint or create any dedicated
heat accounts
- Install and configure the heat keystone V2 auth plugin instead of
the default v3
- set heat.conf [clients_heat] url so that heat can call its own
API when no orchestration endpoint is registered
- Modify create_userrc.sh to set the required heat client env
variables to work with the standalone heat
Change-Id: Idae33bf1a9d550e2575e6390d2d7c8d3b94c401d
The current default (/var/www) leads to:
AH01797: client denied by server configuration:
/var/www/keystone/admin
For /var/www the needed permissions on SUSE are not set.
For /srv/www/htdocs/ the permissions are correct on SUSE systems.
Change-Id: I3f2df896daecdfe510d45ff121af2a8433a4d5be
The Keystone server and auth_token middleware were enhanced to
support a configurable hash algorithm.
With this change, the user can set
KEYSTONE_TOKEN_HASH_ALGORITHM=sha256
in their localrc to use the SHA256 algorithm rather than the
default md5. Any hash algorithm supported by Python's hashlib can
be used. The MD5 algorithm doesn't provide enough protection from
hash collisions and some security standards mandate a SHA2 hash
algorithm.
Change-Id: I8b373291ceb760a03c4c14aebfeb53d8d0dfbcc1
Closes-Bug: #1174499
Each project was configuring the auth_token middleware using several
lines of inisets. Since all the projects should configure the
auth_token middleware in the same way create a function and call it.
Change-Id: I3b6727d5a3bdc0ca600d8faa23bc6db32bb32260
The API_WORKERS option wasn't setting the number of admin workers
for the Keystone server when running in eventlet mode. This will
allow for control of throughput and memory usage.
Change-Id: Iecbce4a601f93784164e53d8b0c542d48f7b5650
Zaqar is a messaging service which provides support for different
messaging patterns and messaging related semantics.
This fix changes the old API name -queuing- to a more accurate name, -messaging-.
Change-Id: I07ca6ca704a4f07d88c192a5ce1a7c626de1fcea
Keep the default to 1 instead of going wild, cause Swift really would
kill the VM if we let it go (and keeps the old behavior).
Change-Id: I7449c1bb485459169b8870c871b887cbab8be865
MySQL-python is needed for keystone and we were installing it
implicitely only for apts and not for rpms. Fix keystone only devstack
install on a pristine vm.
Change-Id: I0d117513af4e2ad58635f7a7b22f7a6e3ff36a38
libvirtd is the new name of the init script in Debian testing.
libvirt-bin is still in use on Debian Wheezy.
Since I222b71962f49896063910ff2a25e4f57be4bf819, libvirtd is the
default for Debian, this break the compatibility with Debian Wheezy.
With this patch, we use libvirt-bin only if there is no
/etc/init.d/libvirtd init script.
Change-Id: I13694fef93d36c2e128e15e7dbfaec9230335585
command isn't properly parsed after switch to run_process. this
patch corrects the regression
Change-Id: Ib28d4bbf6f150854fc5aa04e3fa4eed92005ce19
Closes-Bug: #1370673
Buildroot on Ubuntu Trusty is slow to populate the vnc-port.
Wait for 20 seconds until the port is populated.
Change-Id: I50e5b5a161207d46e8ce0e304d816e8e5b68dbe8
We currently cleanup keystone apache config during stop_keystone
when mod wsgi is enabled, but only create it during initial keystone
configuration. Grenade expects to be able to stop and start the
service without reconfiguring it, using only the respective functions.
This moves cleanup of config from stop_keystone to cleanup_keystone,
and enables/disables the apache vhost during start/stop.
Closes-bug: #1365105
Change-Id: I9e57c9a763fbdb8c5737decfe797ba0e9894150b
Adding RBD as a known store in the glance-api.conf file allows us to use
Ceph as a backend for Glance.
Closes-Bug: 1369578
Change-Id: I02cbafa68ca3293cedc9fef7535e79930cc4ee5c
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
The python-qpid package is available for Ubuntu trusty, precise, and
all the supported RHEL based platforms. This package is necessary if
qpidd is configured as the RPC backend. It is the client API used to
talk to the broker, and must be installed on each system that
communicates with the broker.
Change-Id: I635d3e857aa4b769a80cb7cde405cfd6cae44d32
Neutron is now using oslo.messaging so it should be
using 'messaging' as its notification driver and not the now deprecated
full python path to the oslo-incubator notification driver.
Change-Id: Ie4a4020e59473473ad62059c66507f5b73b93375
The boto tests currently don't run because euca-bundle-image fails on
Ubuntu; e.g.
---
++ euca-bundle-image -r x86_64 \
-i /opt/stack/new/devstack/files/images/cirros-0.3.2-x86_64-uec/cirros-0.3.2-x86_64-vmlinuz \
--kernel true \
-d /opt/stack/new/devstack/files/images/s3-materials/cirros-0.3.2
euca-bundle-image: error: No such file or directory: /opt/stack/new/devstack/files/images/s3-materials/cirros-0.3.2
---
I noticed this in debugging why Fedora tests are running slower. I
think that the version of euca-bundle-image in Fedora must create the
directory if it doesn't exist, while the Ubuntu one fails.
I also think this doesn't get caught by errexit because it's running
in a special sub-shell to use other credentials.
Change-Id: I79125e956088353aa76a3f7d6d81af1e4f6a27d4
After OpenStack was installed with devstack on a single node, cold
migration always failed because the default value of
allow_migrate_to_same_host is False. This means that devstack do not
support cold migrate a VM to a same host by default.
Normally, a developer will set up OpenStack with devstack on a single
node, so it is better that we change this value to True to enable
cold migration with a single node after installed by devstack.
Change-Id: I961395f1c79d9600917b6186964c13c92a8a6266
The latest version of ofagent
(ie. after blueprint ofagent-port-monitor)
follows IptablesFirewallDriver naming scheme.
Closes-Bug: #1364731
Related: blueprint ofagent-port-monitor
Change-Id: I690aab71b1cb222ffb8b458c90740ba623b0b37e
Part 3 of a series
Re-order the setup and check bits in the top portion of stack.sh to
have a logical flow with similar things done together.
No behaviour changes are intended aside from the order of execution.
Any such changes are bugs.
* Move logging and error configuration earlier to cover initial project setup.
Change-Id: Ib16bbe20f224b1cf5e86c7a2fda0d9472c108873
The missing reference to $TOP_DIR cause stack.sh to fail when called
from outside devstack's directory
Change-Id: I7faec7720896e7dcfe60fa87fb417f22c8801eef
run_process will use screen if USE_SCREEN=True (the default),
otherwise it will simply start the requested service. Therefore
wherever screen_it used, run_process can be instead.
Where stop_screen was found it has been replaced with stop_process.
A tail_log function has been added which will tail a logfile in a
screen if USE_SCREEN is True.
lib/template has been updated to reflect the use of the new
functions.
When using sg the quoting in run_process gets very complicated.
To get around this run_process and the functions it calls accepts
an optional third argument. If set it is a group to be used with sg.
Change-Id: Ia3843818014f7c6c7526ef3aa9676bbddb8a85ca
This change adds the RPC_MESSAGING_PROTOCOL configuration option that
selects the messaging protocol that is used by the RPC backend and
client.
Some brokers can support different kinds of 'on the wire' messaging
protocols. Qpid, for example, supports both AMQP 0-10 (the default),
and AMQP 1.0. Use the RPC_MESSAGING_PROTOCOL configuration variable
to override the default protocol for those brokers that support
multiple protocol options.
This new option is necessary in order to enable the new AMQP 1.0
oslo.messaging transport as described in the blueprint.
Note well: currently this AMQP 1.0 functionality is only available on
fedora 19+ platforms. Support is WIP on ubuntu/debian and rhel/centos
7. Enabling the RPC_MESSAGING_PROTOCOL option on an unsupported
platform will cause devstack to exit with an approriate error
message.
Change-Id: Ib8dea59922844e87d6c947b5dca557f5b5fc1160
Implements: blueprint amqp10-driver-implementation
CINDER_MULTI_LVM_BACKEND is marked as deprecated and we recommend
to use CINDER_ENABLED_BACKENDS instead now. However current warning
message shows that CINDER_ENABLED_BACKENDS will be removed.
This patch fixes the message.
Change-Id: I3ca25e4273c3abebce1cfefe1ae4af622b71e993
CEPH_LOOPBACK_DISK_SIZE_DEFAULT should be more than 2GB
to make volume snapshot feature works. 2GB is not enough
because min Cinder volume size is 1GB and no snapshot
could be created.
This also fixes related Tempest tests and experimental
check-tempest-dsvm-full-ceph gate job.
Change-Id: Ifa41d0d1764d68ea02dcb32a5fc62f7f6282904d
Environments with large numbers of CPUs will create a large
number of workers which can have an unnecessarily large
impact on memory usage, particular where you know how many
workers are needed.
Change-Id: Ie4bb075310a61a0873c9e56e4974600dbb4794a1
As per the governance resolution https://review.openstack.org/119875,
projects should have a docs environment in their tox.ini testing
interface. Add one.
Change-Id: Ib3548bc23713e120089ae29b5c4e851de48cf8d3
This introduces new run_process() and screen_service() functions and sets the
groundwork to change how DevStack starts services. screen_service() is simply a
direct call to the screen portion of the old screen_it() function and is intended
to run commands that only need to run under screen, such as log file watchers.
run_process() is a replacement for screen_it() (which remains until all of the
services are updated). The usage is similar but requires updates to every current
screen_it() call to remove everything that requires the command to be interpreted
by a shell.
The old run_process() and _run_process() functions are still present as
old_run_process() and _old_run_process() to support the deprecated screen_it()
function. These will all go away in the future once all services have been
confirmed to have been changed over.
There is a similar new set of stop process functions stop_process() and
screen_stop_service(). The old screen_stop() will also remain for the deprecation
period.
As an initial test/demostration this review also includes the changes for
lib/cinder to demonstrate what is required for every service.
I included the scripts I used to test this; tests/fake-service.sh and
tests/run-process.sh are quite rough around the edges and may bite. They should
mature into productive members of the testing ecosystem someday.
Change-Id: I03322bf0208353ebd267811735c66f13a516637b
Currently, devstack can't deploy OpenStack with flat provider network.
devstack checks whether SEGMENTATION_ID is provided or not when it
deploys openstack with provider network. If it is not provided devstack
prints a error message and dies.
On the other hand, devstack also gets an error from "neutron net-create"
command even if it sets SEGMENTATION_ID with flat option.
In addition to that, because neutron allows partial specs these days,
SEGMENTATION_ID checking should be removed completely.
Also, devstack uses PHYSICAL_NETWORK both as "network name" and "physical
network name" in neutron command. If it is not provided, the command fails
to create network. So devstack should check whether PHYSICAL_NETWORK is
provided.
See also:
https://blueprints.launchpad.net/neutron/+spec/provider-network-partial-specs
Change-Id: I2273e3369c688bbce1a6e39b43635b5548cc2b98
Closes-Bug: #1362382
Install glance_store from git so we can test Glance against master. This
is useful for both, glance and glance_store gates, to make sure nothing
is broken there.
Change-Id: I6c01165c4384c41f46f2c32d64475703b3178dab
This patch copies all files from /etc/metadefs to
/etc/glance/metadefs and calls glance-manage db_load_metadefs
after successful database migration. This covers whole
process of initializing the metadata catalog.
Change-Id: I2ffd19bf543708b42229ef78dd17ee317f58e6ad
Implements: blueprint glance-metadata-definitions-support
Co-Authored-By: Travis Tripp <travis.tripp@hp.com>
Change the Nova config to use the IronicDriver from the Nova tree,
so that the copy of this driver in Ironic's tree may be deleted.
Also removes the unneeded [ironic] "sql_connection" config parameter
which was cruft copied from the nova_bm configuration in commit
06fb29c661
Change-Id: I35473b54d760bfa7395decbe6b086f64db60ab10
An error occurs because ANOTHER_ROLE variable in lib/swift is not set.
This patch gets and sets the value to another_role variable.
Change-Id: I9d67ce243eb6bb42ed7e3522ef816295847d48fa
Closes-Bug: #1363884
`stop_dstat` function was extracted into $TOP_DIR/lib/dstat in commit
e0b08d04ab but the new lib was not sourced in
unstack.sh.
Change-Id: I6878552d9f384fdd7882e52000b37ac6a60844c3
Closes-Bug: 1366713
This change uses mod_version (shipped by default on everything we care
about) to set-up version-specific config within apache rather than
within devstack scripts.
Clean up the horizon and keystone config file generation to use the
internal apache matching.
Since I6478db385fda2fa1c75ced12d3e886b2e1152852 the apache matching in
'functions' is actually duplicated. just leave get_apache_version in
lib/apache as it is used for config-file name matching in there.
Change-Id: I6478db385fda2fa1c75ced12d3e886b2e1152852
Devstack set auth_uri to metadata_agent.ini.
But auth_uri is wrong parameter for metadate_agent.
This is regression caused by https://review.openstack.org/#/c/94545/
Change-Id: I3dcf1d619b5d204937f072b3fbb9966069793680
Closes-bug: #1364684
This commit moves check to see if screen is already running after reading
stackrc, and changes messages in check if root is running DevStack.
STACK_USER is defined in stackrc, and SCREEN_NAME can be replaced with
"a non-root account".
Change-Id: I022ed1099169a3549b7e31883abe33d6298f6fa5
Closes-Bug: #1362091
The kernel and ramdisk for IPA are now uploaded separately, this
commit simplifies the download by downloading them separately.
Change-Id: I630b0a9c3d1179a6b97754f1474f62ae7da068a5
When Keystone was run in Apache Httpd the access log wasn't in a
screen. A new screen called key-access is now started with
Keystone's access log.
Change-Id: Ie1f4d4b679e1b9c87f0cea37deb25f7b6636fe01
Closes-Bug: #1359995
Install the oslo.concurrency and oslo.middleware libraries from source so
the gate tests are run against master.
Change-Id: I194fc160127ab8b4b7d0086586d8ba7f92c67076
Change I205d675ff231c0403dd135eacc8d57b45317859f modified the matching
for bashate and it has started running on this file, whereas before it
wasn't. This fixes the errors it is now picking up.
Change-Id: I7876b5c94d90f15e3b0228999c0750bfbebcaa1c
installing boto from packages pins some other pure python libraries
(like requests) in an unexpected way. As this is pure python we should
instead let this be install from pip and thus be controlled by global
requirements.
Change-Id: If5df9de8c3e1ad8faceab4b43c86134dbbc55a51
glance_store uses a new section to keep its configs. This patch
duplicates the existing, store related, config options and sets them
under the glance_store section.
Once glance is fully migrated, the old options will be removed.
Change-Id: Ie3de87cf07a321415d111e644ccbb360c7491151
An existing trove bug prevents it from functioning when Nova flavors exist
with an id that is a UUID instead of an integer, causing Tempest failures.
This sets an integer ID when creating the baremetal flavor for Ironic's use.
Change-Id: Ic090f61a9a47421117dc86b640422f00f468112c
Related-bug: #1333852
EPEL7 has updated. AFAIK there is no better way to determine this; we
could possibly scrape [1] but this just seems to replace one problem
with another (maintaining the scraping)
[1] http://download.fedoraproject.org/pub/epel/7/x86_64/repoview/epel-release.html
Change-Id: Iadf66c92fcf31edeb0f364a5b1de5d87630e9a42
sahara-dashboard has been removed in the commit:
Change-Id: I1f0e93e1dee3d065c4f00d8bf2042bebc8d45a22
However, there is still sahara-dashboard in extras.d/70-sahara.sh. This
causes an error.
/opt/stack/new/devstack/extras.d/70-sahara.sh: line 7:
/opt/stack/new/devstack/lib/sahara-dashboard: No such file or directory
So this commit just removes it.
Change-Id: Iae76dc5f92a1f0a557d43d74b9b5d2c347cc23a9
Closes-Bug: #1363828
Keystone has moved over to using a new location for the token
persistence backends (drivers). The old values will continue to
work, but this will limit the deprecation warnings for an out
of the box devstack install.
Change-Id: I7c437788c8aee0106fa7f3c37617fbd1220291ef
bp: non-persistent-tokens
Use the new ErrorLogFormat directive to make the Keystone logs
under Apache to look like the standard oslo log format.
Change-Id: Ie823abf2fa06b8ce22027c21bef455808a4a768e
this patch checks if os_VENDOR is ubuntu to launch
libvirt-bin service. Previously, is_ubuntu() was used, but
this function only detects if a deb packaging is used, so
there were no distinction between Ubuntu and Debian.
Change-Id: I222b71962f49896063910ff2a25e4f57be4bf819
Closes-Bug: 1361260
The local-vars cleanup (Iedeafa15def1fa26d4ddcbc5f670129f66e38b9d)
spanned (and missed) this fix (Ib35ffc09f6582354010ac8ca35da581ea508877a)
for volume type creation.
Change-Id: I2b95cbc946727d7708283eca0c07ba1eaddf5db8
$[ is deprecated for the more familiar $((
Required when bash8 starts testing from tox and [1] goes in
[1] https://review.openstack.org/#/c/117430/
Change-Id: I8ba180be036836f37ebdbb6da36ff0be486c043e
Install ipset if the q-agt service is enabled.
Partially implements blueprint: add-ipset-to-security
Change-Id: Ic0820a03e9823be39e26254e7c99fe2c4c811c8b
All other projects installs their clients in the same lib file as the
main services.
Remove sahara-dashboard installation
Sahara dashboard is now merged into the Horizon and enabled by default
(when data_processing endpoint is available), so, we should stop
installing it as separated dashboard.
Change-Id: I1f0e93e1dee3d065c4f00d8bf2042bebc8d45a22
Install the oslo.utils and oslo.serialization libraries from source so
the gate tests run against master.
Change-Id: I2cb35c9dfd18588e4caa11134e6a34d83324e136
Using bc 64 times in loop is too verbose and slow,
replacing the echo/bc loop with hexdump and urandom.
The hexdump approach is 75 times faster and
does not floods the debug logs.
Using the common function for generating,
this kind of string with lib/heat and by the read_password.
Change-Id: If6a86dfaf0c21e2635c6de0a7b96a8ed7ec5b507
In order to use dstat on the new side of grenade, pull dstat code into
its own lib with the function start_dstat
Change-Id: I5c908d594a6f3a90ed4b3f744002bf606841cf07
Keystone's access log was going to httpd/access.log, which is the
common place for all access logging. This made it difficult to see
Keystone accesses apart from other access. Keystone's access log
will now be keystone_access.log
This makes the Keystone configuration similar to Horizon which uses
horizon_access.log.
Change-Id: I6e5ac121302b3d138758e6c49dffa9f05ad2fb85
Partial-Bug: #1359995
Having Keystone's log level at debug caused a lot of uninteresting
Httpd-related log lines to be displayed which makes debugging more
difficult than it should be.
Rather than set the log level explicitly, Keystone will use the
Httpd server's setting, which defaults to warn.
Partial-Bug: #1359995
Change-Id: Ieef882944bafd98f7b27497a5276124b21c3e576
Neutron needs to be able to install MySQL-python in the functional
test job, which requires devstack to install mysql devel libraries as
testonly.
As per sdague's recommendation mysql devel libraries are now installed
for nova as well. In the future, any service that installs
mysql-server should also install mysql devel libraries for consistency.
Related-bug: #1346444
Change-Id: Ie715841e33a2c2d31cb4ac724b302eb98ed3366a
The normal extension for log files is .log. Log rotation should
work because the extension is as expected.
Change-Id: Ia5e42ea9d953e8395b86ab58cdef6c2d852efc94
Related-Bug: #1359995
This is only triggered if HEAT_CREATE_TEST_IMAGE is True
This custom image contains the following:
* heat-cfntools from git rather than the packaged version, which
will allow gating on heat-cfntools changes
* os-collect-config, os-apply-config, os-refresh-config, which
will allow gating on these projects, and will allow heat
software-config tests to be written
* software-config hooks from heat-templates, which will allow tempest
tests to be written for software-config with different configuration
tools (script, puppet, cfn-init etc)
The heat functional tests will soon replace the heat-slow tempest job,
so heat-slow tempest configuration will be removed after the heat
functional test job is gating.
Change-Id: I2e0490c1662a184d4c6d8c7e9ebb128e1912f1b0
These functions allow images to be built using diskimage-builder which
contain packages built from local project checkouts:
build_dib_pip_repo() - Builds a local pip repo from local projects and configures
apache to serve it
disk_image_create_upload() - Creates and uploads a diskimage-builder built image
The unused function lib/heat disk_image_create has been deleted.
Change-Id: Ia75c7c35bfd48dbe6ae3cb9c3241de0b598cbf84
This patch adds support for configuring the api_extensions
option of the various feature-$service-(enabled|disabled)
sections in tempest's configuration file.
Please note that enabled extensions for the object storage
service are specified in tempest using the discoverable_apis
configuration options.
Partially-implements: Blueprint branchless-tempest-extensions
Change-Id: Ib64c0a474b153f42f3a4a427d86275c85f107997
The api_rate_limit config option in nova has defaulted to False since
Havana per commit cfdc59860ef1482e3b064f90f719ec9e484590ce. This change
removes the variable and code that's used to set it in nova.conf since
if we left it in we'd change the default to False to match the code, and
we'd be breaking anyone that is relying on this to be True anyway.
Note that this variable exists in devstack essentially for Tempest so we
can set it in devstack-gate, which is kind of a moot point now given the
code defaults to it anyway.
Change I21dbd72f9959a4e3d62c36831df03b351a51172e removes it from
devstack-gate.
Change-Id: Ib0538bdd23b17e519b9c917018ccc9fa8c6425c5
A few projects are now gating on docs not having warnings/errors in them
during the docs build with sphinx, so developers are going to want to be
able to run 'tox -e docs' locally and fix issues.
The graphviz package is used by sphinx when building docs but you have
to get it from the distro, so this change adds the package to the
various distro lists.
Closes-Bug: #1359749
Change-Id: I7b7dee5e5d0dce6d5020b3e711f500118be163f8
This allows multinode setups to function correctly without enabling the
unneeded n-novnc and n-xvnc services on pure compute nodes.
Change-Id: Ie02734bb598d27560cf5d674c9e1d9b8dca3801f
Closes-Bug: 1342155
Create a tox.ini file to install bashate into a virtualenv for running
tests. It can be run with a command such as "tox -v -ebashate". The find
command being used is equivalent to the default list of files discovered
by bashate plus the exclusion of the .tox/ directory. Also add the .tox/
directory to the .gitignore file.
Change-Id: I94cab4e4a9118d62edfce29ead1f1e2a5f48e529
Setup the enviroment and configure Ironic to use iPXE for deployments. If
IRONIC_IPXE_ENABLED enviroment variable is True, DevStack will now start
and configure an Apache HTTP server to serve the images, will copy the
undionly.kpxe boot file in place of the standard pxelinux.0 and will set
the right configuration to Ironic to deploy the images using iPXE+HTTP.
Implements: blueprint ipxe-boot
Change-Id: I0ea40cb8bbf9236c634f803c2bde1081634679ff
Remove the tox pin that was in place to avoid issues with tox 1.7.0 and
1.7.1. Latest tox (1.7.2) is compatbile with openstack's tox.ini files
again and should work with tempest. This change is self testing and will
confirm this.
Making this change is important so that devs can stop worrying about
package version pins and helps ensure we don't get left behind by
upstream.
Change-Id: Ibf2102d6ad439dd354ae687f7aafec9ceca6cf9c
This does the local var cleanup for the account creation in the following projects:
* Ceilometer
* Glance
* Sahara
* Trove
Change-Id: I67631578f79eeaaf2814db84f0f5c19d93aee4f3
Minor cleanups in a couple ofplaces:
* Config funtions
* Stackforge
* TLS
Combined a couple of smaller changesets that are loosly related
Change-Id: Ifa16f2e4c0eca0ef3401c0dfdc4f3d91809021a5
Enabling service 'dib' will install the following repos:
* diskimage-builder
* tripleo-image-elements
* os-collect-config
* os-refresh-config
* os-apply-config
These repos are already pre-fetched in devstack-gate.
This will facilitate gating on changes in these projects by building
a custom image then running the heat-slow job against that image.
diskimage_builder is pip installed from the current git checkout
if the dib service is enabled. This allows devstack gating on
diskimage-builder changes while also allowing diskimage-builder to
be installed from releases for other scenarios (for example, ironic).
Change-Id: Ia911cdee86f5b2e2ba1557e5aa8bf392b92ef555
These projects contain agents which can be installed on custom
images. Installing these repos will allow a future change to
build a custom image containing these projects. This will allow
gating on any changes in these projects by running heat-slow
on the custom image.
The corresponding devstack-gate change is
https://review.openstack.org/#/c/92055/
Change-Id: I7b1343c094f755f79ddeb1bac3ff4c0daa3fb70c
This change installs diskimage-builder with pip instead
of from git, and only if the executable ramdisk-image-create
isn't already installed.
This allows the ironic and baremetal to consume the latest
release of diskimage-builder by default, and gives the option of
defining version constraints for which version to install.
If the dib service is enabled (which it isn't by default) then
diskimage-builder will already be installed from git and will
not be re-installed for ironic and diskimage-builder.
Change-Id: Ic6613a11e2c4fb7a1261b81cdc2cf958515e60cd
When using Ironic, ensure the private Neutron network is shared across
all tenants. This allows connectivity to the host's TFTP server from
nodes booted accross multiple tenants and more closely resembles the current
real world Ironic PXE+IPMI use cases.
Change-Id: I5d293493bafa37b1796f47aa738cfff2e3be9f59
firewalld interacts badly with the libvirt on f20, causing slow-downs
so great that it can timeout the gate.
Developers who want to leave it enabled should set FORCE_FIREWALLD=True
Change-Id: I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799
If LOGDIR is undefined, we'll end up calling worldump with the `-d` option but
pass in an empty string as the option value. This causes an argument parsing
error inside worlddump.
The proposed fix is to detect if LOGDIR is undefined, and if so, omit the `-d`
argument.
Change-Id: I77968849ebd3e3bebd2e5929b87b60fc1b6541bf
Closes-Bug: 1333321
currently, a single worker thread writes received samples into
database. this is fine for most occasions but during message
spikes, it is not enough. this patch increase amount of workers to
half the number of processors (so we can ensure ceilometer maintains
lightweight design)
this will also help validate mulitple worker setup works.
Partial-Bug: #1336755
Change-Id: I33037f2f9ebfda43238e5cd0cff75adbed65d055
3rd party ci tests have not whitelisted errors:
"Not Whitelisted Volume type with name * could not be found."
These are creating noise. Instead of requiring a backend file
for each vendor, remove the if statement and just create the
necessary type for each defined back-end.
Change-Id: Ic88efa20eb53864e4f3d22d3306841797dcd118d
This fixes an issue where --container-format was not passed to
'openstack image create'.
Change-Id: If1431c8dc8ff8e940f99e984939f5b2732bb0ee0
Closes-Bug: 1357495
Part 2 of a series
Re-order the setup and check bits in the top portion of stack.sh to
have a logical flow with similar things done together.
No behaviour changes are intended aside from the order of execution.
Any such changes are bugs.
* Consolidate DEST dir setup
* Move rpc & database init to just before project init
Change-Id: I2af1d4ed32ec34417c04592bf94fe645bb97f831
Part 1 of a series
Re-order the setup and check bits in the top portion of stack.sh to
have a logical flow with similar things done together.
No behaviour changes are intended aside from the order of execution.
Any such changes are bugs.
* Do sanity checks that have no configuration needs earlier
* Do supported distro check earlier
Change-Id: I7d15bac199d6c4382d4a4d222784d34f2707da56
Commit 0971833 added support for multiple cinder backend types.
It initially only contains lvm and nfs. The following patch adds
glusterfs to the backends supported.
Change-Id: I9d5c1dfd4e0d05fcbfe3c35172150c57aa4e6eb2
Tempest change 107685 moves allow_tenant_isolation from compute
group to auth group, making the old format deprecated.
Switching to the new format.
Change-Id: Iff79986c2564610efde4791b7e61df3db859e199
This change makes apache set process group name in the process name,
so when listing the processes the user can easily identify what's
running in each apache process. This is specially useful to debug
memory consumption or when a process consumming too much CPU.
Change-Id: I9787980052f451f452d3b8e5e51385ad5aa01e6a
Neutron L3 HA blueprint l3-high-availability requires
keepalived and conntrackd in order to work for developers as
well as for functional tests.
Change-Id: Ic32d913c2bc6fae339b4d5ec509a77df5a21de72
AUTHORS isn't really relevant in the days of git. devstack has no
formal release where it would make sense to auto-generate an AUTHORS
file either.
If you really want to see who contributes, you can run
$ git log --format='%aN <%aE>' | sort -f | uniq > AUTHORS
Change-Id: I9e154f7fdf814b4bd21a9d4cf82e46ec3db2f1ca
Q_AGENT_EXTRA_AGENT_OPTS is deprecated now and stack.sh displays
the warning that it will be removed early in "K" cycle.
Neutron ML2 devstack uses Q_AGENT_EXTRA_AGENT_OPTS to pass tunnel
configurations to Neutron plugin agents.
This commit removes the usage of Q_AGENT_EXTRA_AGENT_OPTS and
configures these config options directly.
Change-Id: I7fc1613ff78c0a8b1e80cc041b06f5d4680c34f2
Closes-Bug: #1354670
As we integrated OSprofiler with Glance:
https://review.openstack.org/#/c/105635/
glance-registry service started using notification API so it requires
proper seted up AMQP.
Change-Id: I0c4bb8a10960ed3ee06b67a209703d7ee81cf1ca
If the compute-agent starts before the collector directly
after a start or restart of the AMQP service, samples published from
the compute-agent can be lost before the collector has had a chance
to establish connections. These lost samples impact the reliability
of tests which run immediately after the service [re]start.
Note: if there is a restart of the ceilo service, but not the AMQP
service, the problem does not present itself becaue the messaging
service maintains some state on the exchanges it keeps.
Change-Id: I1c06d0511fbf93050cda56d9d2de0ff00813dfb6
Closes-bug: 1355809
Commit c2697f8735a38fb05d54ff4f82110829ead85ee9 moved
service_neutron_metadata_proxy to the neutron section.
Change-Id: I08cdaae9bded1797c663d1bfeaae61535ce64099
Moves dynamic generation of the --config-file list from local functions
to global utility functions. This breaks up the current non-obvious
dependency between start_neutron_agents and _configure_neutron_l3_agent
for setting the correct arguments for the vpn agent. This also similarly
updates generation of arguments for neutron-server and neutron-l3-agent to
use said functions. Finally, this cleans lib/neutron up a bit and moves
all default paths to config files and binaries out of local functions and
into the top-level, allowing external tools like Grenade to make use of the
library for starting Neutron services and agents currently.
Change-Id: I927dafca8a2047d6c0fd3c74569ed2521f124547
Closes-bug: #1355429
To use xiv_ds8k, set the following in localrc:
CINDER_ENABLED_BACKENDS+=,xiv:<volume-type-name>
XIV_DRIVER_VERSION=<version-string>
SAN_IP=<storage-ip-or-hostname>
SAN_LOGIN=<storage-admin-account>
SAN_PASSWORD=<storage-admin-password>
SAN_CLUSTERNAME=<cluster-name>
CONNECTION_TYPE=<connection-type> iscsi|fc
XIV_CHAP=<chap-type> disabled|enabled
Change-Id: I084ad2b2cb8e34c4a8aed77a52e90f9a9739f1f3
This change enable Sahara notifications if ceilometer is used
Partially implement: blueprint ceilometer-integration
Change-Id: I4ec79052194206481cfbbf0d848aa43bcb0c0660
Add a MAINTAINERS.rst file with two goals
1) to help seed initial reviews with relevant people. Devstack by its
nature attracts new contributors, so when they hit some obscure bug,
this will help them find out who to put on a review.
2) core reviewers can't know everything about everything. Having
someone who has flagged themselves as interested in an area sign-off
off on relevant changes can help move changes through.
Change-Id: Idf0914f55d72832a829ac99edf763ff51f71ca6c
On my devstack environments I'm now always getting the Q_AGENT
warnings even though I don't have neutron enabled. This is mostly
confusing.
For these juno warnings lets just make sure that the whole thing
only prints out in the case where we've actually got that service
enabled.
Change-Id: I7d1bb2e65594c8bee2f572ca58a1b666e5d6caed
The current code sets tunnel types for the neutron agent
even when the network type is 'vlan'. This results in the
agent not starting because 'vlan' is not a valid tunnel type.
This patch changes it so tunnel_types is not populated when
vlans are used.
This bug just now surfaced because of commit
8feaf6c951 requiring Q_ML2_TENANT_NETWORK_TYPE
to be set to avoid being set to the 'local' type.
Change-Id: If2bc57b36dad2bfb34df573581acce176604812e
Currently, it is hardcoded and not good for those who have their
own vpn plugin developed.
Change-Id: I6244040dd2abea016556cd515e06f53edbb993a0
Closes-bug: 1339977
This moves around a bunch of functionality and attempts to isolate setup
steps into discrete functions (new or existing), making them easier to
consume from outside of Devstack (ie, Grenade).
Change-Id: I480167dcc008506ec2fe8c412db4114b74496e60
Many features tested by Tempest are not relevant to baremetal deployments.
This sets compute-feature-enabled flags accordingly.
Change-Id: I8a1820946bfc5d8f8c25692f9db67df59506126e
The last non bashate change in this directory was from 2012, which
means I assume nothing down here is useful any more as this is largely
the precursor to devstack-gate.
Remove it for cleanliness reasons and to not confuse people setting
up 3rd party ci.
Change-Id: I54f06c2ff5a49a9f811df07a7cdfda4a675953c8
This was landed to try to address an issue with netns vs nbd during
icehouse development. It never really got us anywhere, and is now
just cruft.
Change-Id: Ie498fae8d1f796c1fc83459c65d0de948d1d50ce
INSTALL_TESTONLY_PACKAGES in devstack only impacts .deb/.rpm files
even though most of our test requirements are actually specified
in python. This will do an explicit install of test-requirements.txt
if pip_install is called with args that look like a directory,
and test-requirements.txt exists in that directory.
Change-Id: Id21e282ddc945c819c9c8c4d724658e28bfde785
This patch removes req_timeout from devstack as it's no longer used.
This was removed from neutron here:
Id7244cd4d9316931f4f7df1c3b41b3a894f2909a
Change-Id: Ife901479605323e32f24e11266a232fddbd6bdca
A typo has been introduced during a previous refactor, leaving us with
two neutron config files, one with domu and one with domU extension.
This fix corrects the mistake, thus always the .domU file is used.
Change-Id: Iffb6e2f70915f50ee590c375494c6f642412b543
The upstream rackspace image has a bunch of pip installed packages as
cloud-init was installed via pip due to a lack of available system
packages. This can break further system package installs, such as
markdown, which fails with
---
Error unpacking rpm package python-markdown-2.4.1-1.el7.noarch
error: unpacking of archive failed on file
/usr/lib/python2.7/site-packages/Markdown-2.4.1-py2.7.egg-info: cpio: rename
---
Because that is a directory for the pip-installed package, and a file
in the RPM
Remove all pip installed packages on rackspace images before we start
to work around this. I have filed an upstream issue with Rackspace
(ticket-id 140804-ord-0000134) and the issue is being worked on.
Change-Id: Id12d175143ed3b8e024d057d65fa67505c08042a
With rhel6 & rhel7 having a common prefix, use an exact match to make
sure we don't mix them up. This is breaking Centos7.
Change-Id: Ia4665ea78f0bafeaa2b2284a6d3de4474ea195e9
Modify instance of `glance image-list` to `openstack image list`,
in an effort to migrate all commands to unified CLI.
Change-Id: Ieef661d209606e088fbf6a3a394f9a6577667618
Rebuilding pyOpenSSL requires the SSL development libraries. This is
present in files/rpms/general, but was missed in files/apts/general.
Change-Id: Ie3c688e2d74485eb7f981363633bbddab5da7046
Change `glance image-create` commands to use `openstack image create`,
in an effort to unify the CLI.
Change-Id: I96cef118daf931b648c0483525ac7d2287fec2e0
The support of ancillary bridges (aka br-ex) is planned to be
dropped for ofagent. This commit prepares the deprecation by
providing devstack support for an alternative way to connect
public network.
Related to blueprint ofagent-port-monitor
Change-Id: I6c2ce646070db0ed248665216071499a9b5567ab
By default, Open vSwitch installs internal flows for in-band control
to bridges with controller setting. "with controller setting" part
is false for openvswitch agent but can be true for ofagent.
Unfortunately the internal flows are incompatible with our use of
the local port here to communicate with neutron router. This commit
avoids the problem by disabling the in-band control functionality.
Related to blueprint ofagent-port-monitor
Change-Id: Ia79d12da3c2224366425be5f6927859181e18909
When TRACK_DEPENDS=True, there is a circular dependency wherein virtualenv is
used to install virtualenv before a virtualenv has been established.
TRACK_DEPENDS does not work in any use case without this fix.
Change-Id: I7a6652ba091cb95dac3871b6c71edcd762a7be62
Closes-Bug: 1208867
This old setuptools egg-info file causes havoc and really weird pip
install errors. I think possibly not everyone has the
python-setuptools package installed, so it may only appear in some
situations.
Change-Id: I7ef0fa35c650e323a8945ed7c5c7754ca62a0ca5
ovs vxlan become supported on most distribution and provides
isolated `multi tenant` networking without special `vlan` aware switch.
In single node deployment you will just see the br-tun ovs bridge
created.
In multi-node setup you might need to adjust the MTU settings.
If your physical switch supports >=1550 MTU size
probably you will not see any issue.
If your guest image honors the MTU size offered via dhcp,
you can adjust your dnsmask settings with the correct (likely 1450 byte)
MTU size.
cirros (udhcp) does not honors these setting, you might need to
set lower MTU size on br-ex and/or adjust network_device_mtu option
in your local.conf.
The default changed, because it will be used with the multi-node neutron
jobs.
If you want the original behavior for whatever reason add these to your
`local.conf`:
ENABLE_TENANT_TUNNELS=False
Q_ML2_TENANT_NETWORK_TYPE=local
Change-Id: Id33ff0eca44905b3996618f1035ad984a6819b5b
Some versions of bash do not initialise a variable with declare -a
therefore with set -u bash can terminate the script.
Be more verbose in declaring the array if it is not set
Change-Id: I6ec2b6e986aeffe539a2ab93432fa7af9e5a4f5d
Icehouse is for long behind our back, so let's remove that hack.
Conflicts:
lib/oslo
This reverts commit db5fadb5cb.
Change-Id: I06d3b0a8779ba51e05c439832ef3b7dbdc97ded1
Includes:
* Change Precise to Trusty
* Add the new plugin phase
* Remove deprecated config options
* much, much more
Change-Id: I0385f18a3256ad37a611e505e49572f27b3bcc10
When creating the trove datastore, get the guest image id from glance.
The trove guest image gets uploaded along with all the other
images specified in $IMAGE_URLS. It is not necessary to upload
it again in init_trove.
Also: add xenapi case to stackrc for trove guest image
Closes-Bug: 1339818
Change-Id: I2973af27ab93182fcd674f874daba1036d767d52
The BUILD_TIMEOUT is hardcoded in lib/tempest. This patch
enables people to pass a custom BUILD_TIMEOUT parameter
Change-Id: I260c32e7ed6bf9a49a6bc40272a5535afbca2731
According to the comments in stack.sh the configuration parameter
Q_DHCP_EXTRA_DEFAULT_OPTS should be removed during the Juno cycle.
Change-Id: I3b38ff57f00e93e6d9692f516291f7129584bc74
According to the comments in stack.sh the configuration parameter
EXTRA_OPTS should be removed during the Juno cycle.
Change-Id: Ic71d38d6f9b8a8949e45ce3321d593ee2f8feb40
Commit 7062b12b9b introduced
a bug where the default_volume_type is set to 'lvm' but
that is not the volume-type that's actually created, that
is 'lvmdriver-1' in gate runs, so we see a ton of
VolumeTypeNotFoundByName for the 'lvm' volume type in the
cinder-api logs.
This simply sets the default_volume_type to the volume
type that's created in the create_volume_types function.
Also renames the default_type variable to default_name to
be consistent with variable naming in the rest of the
cinder script.
Change-Id: Ib35ffc09f6582354010ac8ca35da581ea508877a
Closes-Bug: #1348786
There is not reason to enable this additional repository anymore.
All the important packages are either in wheezy or wheezy-backports.
Change-Id: I47af16ba6b507fc929b0d2948c757f4060ba93a5
According to the comments in stack.sh the configuration parameter
Q_SRV_EXTRA_DEFAULT_OPTS should be removed during the Juno cycle.
Change-Id: I2a00c924cd51dab00b56cdab1e48e32ffa007de4
According to the comments in stack.sh the configuration parameter
EXTRA_BAREMETAL_OPTS should be removed during the Juno cycle.
Change-Id: I8564d16e56d1f77d3afa4af9a50fbffa3da8bfe5
This commit adds statement to copy the file /ironic.bash_completion
file to the default bash completion directory.
Change-Id: I436d46dbac0895a8ca14d085fec041981435936c
The binary 'msgfmt' is not installed as part of python-gettext for Trusty
(Ubuntu 14.04), so gettext needs to be installed from apt.
Change-Id: I415814559d82be453e978a0d92a0cdb38f105683
Closes-Bug: 1331328
This ensures that SERVICE_PROTOCOL is available to other consumers
of the devstack environment like grenade.
Change-Id: I702d7d239e50dd1446d55c076c7a7c57768486ff
Closes-Bug: 1335953
the tls code was leaking out $service as a global variable, which
was causing all manner of confusing errors in grenade trying to
use that variable name. All lower case vars should be localize.
Change-Id: I74fa597f20ee7c714cab83490b42d874ea93db02
Reasons:
- trove.sh should use native python client to exercise Trove API
Changes:
- adding datastore and datastore version exercises
Change-Id: I041465e5bda6ad9ec3f597ecc290612b8baef09c
Closes-Bug: #1346743
The new lib installs a full Ceph cluster. It can be managed
by the service init scripts. Ceph can also be installed in
standalone without any other components.
This implementation adds the auto-configuration for
the following services with Ceph:
* Glance
* Cinder
* Cinder backup
* Nova
To enable Ceph simply add: ENABLED_SERVICES+=,ceph to your localrc.
If you want to play with the Ceph replication, you can use the
CEPH_REPLICAS option and set a replica. This replica will be used for
every pools (Glance, Cinder, Cinder backup and Nova). The size of the
loopback disk used for Ceph can also be managed thanks to the
CEPH_LOOPBACK_DISK_SIZE option.
Going further pools, users and PGs are configurable as well. The
convention is <SERVICE_NAME_IN_CAPITAL>_CEPH_<OPTION> where services are
GLANCE, CINDER, NOVA, CINDER_BAK. Let's take the example of Cinder:
* CINDER_CEPH_POOL
* CINDER_CEPH_USER
* CINDER_CEPH_POOL_PG
* CINDER_CEPH_POOL_PGP
** Only works on Ubuntu Trusty, Fedora 19/20 or later **
Change-Id: Ifec850ba8e1e5263234ef428669150c76cfdb6ad
Implements: blueprint implement-ceph-backend
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
The original workaround was for an init script that grabbed stdout.
This was some time ago and I think it's safe to remove.
It can be a problem on Fedora; out-of-the-box some old F20 images can
have a broken dependency when rabbitmq installs. With this in place,
all helpful output goes into the temp log file, but it is never shown
because the install_packages function exits the script. Thus things
just stop and you have no idea why.
Change-Id: I2f5b934492a8c9d7b93e89fdcfa776bf15f25cb8
Other projects do a setup_develop in install_*. This standard is used by
grenade to do installations. Currently grenade uses install ceilometer
as part of the upgrade script, but this doesn't actually install the new
ceilometer.
Change-Id: I4e44bec6574e6a4fcfc252418bc267191aef28fb
Closes-Bug: #1347178
Cirros may be also built in other architectures other than
x86_64 (ex: ppc). This option should be broader,
so adding a new variable CIRROS_ARCH
Change-Id: I9fcd3f15e04bb581cf647ad49172c7d698e8e574
'Error deleting conntrack entries' appears in all
n-net. Adding conntrack-tools/conntrack as nova dependency,
in order to eliminate this issue.
Change-Id: Ief9deeb3349a07e22fb365e58f3368c847f845ef
I expect the sample local.conf file to contain all the required
variables. However, after copying samples/local.conf, the stack.sh
script still asks for SERVICE_TOKEN.
This commit adds the SERVICE_TOKEN definition to local.conf so that a
new user can just copy samples/local.conf, edit it, and have a running
stack.sh without the mild annoyance of having more variables to set.
Change-Id: Ifb163c7f67c80037d8b10458f2df458a20da4667
Some distros (Debian) don't have sbin in PATH for non-root users.
Nova (and possibly other services) assumes that it can invoke "sysctl"
without sudo.
Change-Id: Iced21fc1378af309fb49688f9b63f2cd8383e304
Closes-Bug: #1300800
I think since probably fdf1cffbd5
devstack on RHEL6 fails and it comes down to:
---
2014-07-17 05:05:49.235 | +++ openstack role create admin -f value -c id
2014-07-17 05:05:49.615 | ERROR: cliff.app Service Unavailable (HTTP 503)
[Thu Jul 17 15:05:46 2014] [error] [client 10.0.2.15]
(13)Permission denied: mod_wsgi (pid=30125): Unable to connect to WSGI
daemon process 'keystone-public' on
'/etc/httpd/logs/wsgi.30098.0.1.sock' after multiple attempts.
---
The apache user doesn't have permissons to this directory. Adding
WSGISocketPath to /var/run solves it
Change-Id: If4b74019b6bd389b576fc981154bb1b3aa471c9b
python2.6 doesn't have argparse, required by outfilter.py. This
package is a dependency on cloud-init, so this problem is often masked
in many testing environments.
Change-Id: Ia564f1b8a7b540faa7bbdbd1a1a290c591901682
It is no longer used for anything, nor does it seem to be
needed in the modern world of get-pip.py.
Change-Id: I5554514dd862a2004454daf295abbcf9cf9f2bfb
The default_volume_type option doesn't support comma separated
arguments. We can only select one default volume type.
We have a variable that contains the default volume type, so we simply use it.
Closes-Bug: 1342569
Change-Id: Ibd080442f00f3d446ec374fc5906f0778d449007
Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
Some tests, such as test_minimum_basic_scenario, assume qcow and if
a qcow image does not exit, falls back to the euc image.
This change ensures these tests work in the stock XenServer environment.
Change-Id: I718f178f7e5e0fa4eebd17a49caf5254124092e3
Now that the Neutron database is healed we no longer need a
plugin-specific name for it.
Related Blueprint: db-migration-refactor
Change-Id: If25e77444f115817e5570bb447bde5b9c8d6e686
This value of ignore_users in the guest config needs to be set
correctly to ignore the local os_admin user for the trove functional
tests to pass in a devstack-gate environment.
Change-Id: Ia31dfe8f2eab4b24790b6be0dbc474cf50f39afa
This patch introduces a new Neutron config option: Q_DVR_MODE.
The possible values are:
- legacy : No DVR functionality
- dvr_snat: Controller/single node DVR
- dvr : Compute node in multi-node DVR
When DVR is enabled the following configuration changes will be
in place:
- neutron.conf
- router_distributed=True
- l3_agent.ini
- agent_mode=$Q_DVR_MODE
- ovs_neutron_plugin.ini:
- enable_distributed_routing=True
- l2_population=True
- tunnel_types=vxlan
Supports-blueprint: neutron-ovs-dvr
Change-Id: I669e054a8489fe7ac7f5c00df6535349d477e8c4
Apache sometimes is slow to release the port (from the kernel's
perspective) which can cause restarts of apache to fail due to the
requested port already being bound. This fix introduces a small sleep
between the stop and start to help make apache deployments a bit
more resilient.
Change-Id: I9697d71f3cb2d8d5da8fe7ffa8b3e1ade9d52afd
Closes-Bug: #1342256
Stack.log is created by stack.sh, which is started by run.sh. Using
the pid from run.sh doesn't mean that stack.log has been created yet
so wait for the log to be created before tailing
Change-Id: I86e563478949cb7bbe0d1afd80b790ba70328e3a
This is the first step in supporting multiple Cinder backend types at
once. It initially converts the existing hard-coded multi-lvm support
to a new cinder_backends driver form. Eventually the cinder_plugins
will be converted to this form so they can be enabled more than just
one at a time using CINDER_ENABLED_BACKENDS.
The default configuration should be identical to the previous defaults,
including for both True and False values of CINDER_MULTI_LVM_BACKEND.
The existing cinder_plugins are expected to be removed when this is
complete. They should continue to work until they have been converted.
Add wait for c-api to ensure it is started before continuing.
Change-Id: I93b8ef32832269d730c76a6dc24ddb4f20c6d9df
Python-mock is needed by most of OpenStack for testability. Add
this is a testonly package. This should fix current issues with
functional tests in OpenStack that use devstack, but not tox to
run their tests.
Closes-Bug: #1341507
Change-Id: I26cbe42ace75554bae993a6d849c3b4ac649c78e
This feature provides the user with a means of easily configuring
the required Openvswitch datapath type. (Netdev, dpdk, etc)
Define the OVS_DATAPATH_TYPE variable in the devstack configuration file
local.conf.
This feature enables Intel(R) DPDK vSwitch and netdev DPDK vhost.
Implements blueprint config-ovs-datapath-type
Change-Id: I5698720960b1ac532c790d3e5735c5cef36d5e3d
We know what the GUEST_PASSWORD will be, so set it during DomU
installation; therefore if the installation fails for any reason
we have a correct GUEST_PASSWORD set rather than the obscure and
undocumented 'r00tme'
Change-Id: I684646a74f2cede43667a40556e247955e042ae4
Previously if Ceilometer service was enabled,
configuration option to enable Neutron network
notifications was not set. This fixes it.
Change-Id: Ia53d9db1828ef2daa0ce637b2a2635795856502c
Closes-Bug: #1340754
The HOST_IP address is being used as IP address
for end-point tunnel configruation. A new variable is
needed to specify a different IP address for the tunnel
end-point that Neutron will use
Change-Id: Ic7fb4853df167e78bf882af6a712b903db754dc2
Closes-bug: #1340433
Now that we have multiple workers running by default
in various projects (nova/cinder/glance/trove), the
postgresql job is failing intermittently with connection
failures to the database.
The default max_connections for postgresql is 100 so here
we double that.
Note that the default max_connections for mysql used to
be 100 but is now 151, so this change brings the postgresql
configuration more in line with mysql.
Change-Id: I2fcae8184a82e303103795a7bf57c723e27190c9
Closes-Bug: #1338841
libffi-dev/libffi-devel can be requested for rebuilding the
python clients which is an un-skipable part of the devstack install.
Promoting the libffi-devel to a general dependency.
Change-Id: I1dac7fd536b94de1e49aaf335ac29ffae1bd39d1
An additional call hook for the extras.d plugins that is called before
any service installation occurs turns out to be needed by Ceph and
useful for other plugins.
This is called between the installation of the system packages listed
as prerequisites and the installation of the actual services.
Change-Id: Id723bdc7542182d2b2eff40c0dc0127307f094c5
Rabbitmq credentials in keystone.conf should be updated according
to localrc
This is done mostly to enable keystone notifications.
There are 2 cases where we can use notifications from keystone:
A) Collect audit notifications in ceilometer
B) Collect profiling data
Change-Id: I381d4d670755aa691743caa02df7dc55e05784c2
Make the default run mode of Keystone HTTPD + mod_wsgi. This will
enable gating on Keystone under mod_wsgi.
Depends On: https://review.openstack.org/#/c/100764/
Change-Id: I4b664a1d6c9bbb1ff999158f3a8c8ab3bd8d891b
Added a global toggle for enabling HTTPD + mod_wsgi for services
that default deploy to running under Apache. When the variable
``ENABLE_HTTPD_MOD_WSGI_SERVICES`` is set to ``True`` any service
that recommends deploying under HTTPD + mod_wsgi, will be run
under Apache.
If ``ENABLE_HTTPD_MOD_WSGI_SERVICES`` is set to ``False`` the
any service that is defaulted to running under HTTPD + mod_wsgi
will (if capable) be run in an alternate deployment strategy (e.g.
eventlet).
Updated Swift and Keystone to have individual toggles for deploying
under HTTPD + mod_wsgi. This is done to allow for gate to run on
the services under mod_wsgi where appropriate. Toggles are
``KEYSTONE_USE_MOD_WSGI`` and ``SWIFT_USE_MOD_WSGI`` and are both
defaulted to "False" (do not deploy under HTTPD + mod_wsgi).
Change-Id: Id3b121b8f1cde369d184b586e0d875bdbda34813
Revert the default required RAM for Ironic nodes from 1024MB to 512MB.
Ironic now passes a kernel parameter to deploy ramdisks that avoids use
of tmpfs and lowers minimum memory requirements.
Change-Id: I20226c496fdd06ecfc6769a60b6d6f82887130a8
The list of recent commits to the DevStack repo is now generated
by tools/build_docs.sh from the last 6 month of the git log.
Change-Id: Idefdb5d5188ab7e743af131e3d6cb132382d25d4
The libvirt log filter settings match against the filename of
the libvirt source emitting the log message. Normally these
file names are relative to the source tree root, but in the
Ubuntu binary packages these have somehow ended up as absolute
filenames from the OS root. This means that a log filter of
'1:libvirt' which is only intended to match src/libvirt.c
will in fact match every single file. This caused enourmous
log files on Ubuntu hosts running the gate.
The fix is to use '1:libvirt.c' as a more specific filename
match, but we can't do this unconditionally because libvirt
>= 1.2.3 does not use filenames for log filter matching
anymore. So only change the match on Ubuntu hosts for now,
since that's where the original problem lies.
While doing this, also turn off the logging of object ref
and unref operations, since those pollute the logs with lots
of noise.
Change-Id: I71b67507a4e68a7bff0c358857aaaac08ef0c420
the previous addition to trove was done in a way that it was not
possible to discover from nodepool. This fixes our ability to do
that, especially with non-default on services.
Change-Id: I8ca682354e0d4e2eb9cf05f40c6dd783de1c6355
Add the keystonemiddleware repository to devstack to support testing
with tempest and stable branches.
Change-Id: Ib635465e6568d9cd51d6e432ec8b8633a27d19ce
Certificates and the index were left in the data directory after
running unstack. That would break devstack on the next run.
partial blueprint devstack-https
Change-Id: I6eb552a76fb29addf4d02254c027e473d6805df1
The docs/source has been introduced by change-id:
Ide5f7d980a294c7a9f8a3decaed0939f1c239934, but clean.sh try to clean
whole docs direcotry, which is not right.
Meanwhile, there are directories in FILES_TO_CLEAN variable, which means
rm -f will not work. We need to use rm -rf.
Change-Id: I4e10d70d5638ce7e7a9215f5bd848422aa90aad3
Closes-Bug: #1335399
Without libyaml-devel package installed (on Fedora-20),
running ./stack throws:
[. . .]
build/temp.linux-x86_64-2.7/check_libyaml.c:2:18: fatal error: yaml.h:
No such file or directory #include <yaml.h> ^ compilation terminated.
libyaml is not found or a compiler error: forcing --without-libyaml
[. . .]
Adding this dependency to files/rpms/general resolves it. Also added to
files/apts/general.
Change-Id: If1aa23bf3fc76ea2b321c3725dd07050ddd4b825
This reverts commit 0afa912e99.
This possibly made things worse, though it times in with the
trusty add, so it's hard to tell. Revert to see if grenade gets
better.
Change-Id: Ic399957fc9d4a7da28b030cdf895df061b2567c8
Related-Bug: #1331274
Stud was marked as precise-only. In reality it's only not available in
lucid. All supported distributions are ok now.
partial blueprint devstack-https
Change-Id: Ie86f345102cfddcca5387be514b67641ef750313
rhel7 testing has been fairly stable with redhatci bot testing beta
and RC builds for some time. Centos7 testing is now coming online
with the nightly builds. Thus no need to require the unsupported flag
any more.
Change-Id: Iceab5c1d8b713f1f96b5751cf988fe060cfeff58
Without this option will appear as an error:
Skip interval_task because Keystone error:
Authorization Failed: Unable to establish connection to
http://localhost:5000/v2.0/tokens
Closes-Bug: #1325383
Change-Id: I42fe92596d9d475f2c5b2a6aa6b49d2b7b821c54
The heat-slow job using the Fedora-20 image as L2 guest, the
currently used version is affected by the heartbleed issue and
the Mb-Bios bug issue observed with emulation.
This version of the Fedora cloud image uses the no_timer_check
kernel parameter, which solves the MP-Bios Bug issue.
The Image tested with ~3000 heat-slow job, without any issue.
Change-Id: I9ce9b7769c2d91e630b0362f2c2c6ac9066defbc
Closes-Bug: #1312199
Closes-Bug: #1297560
When the qume used with Linux image without
a para-virtualized timer, various timing issues can happen,
if the qemu process preempted in the wrong time, for example
at timer test.
The issues less like happens on low load, high core number
host system, but it can happen.
For soft qemu (TCG) generally recommended to explicitly disable the
timer check.
Pre-caching the Fedora `gate edition` image, which contains the
the no_timers_check option.
Related-Bug: #1297560
Partial-Bug: #1312199
Change-Id: Id5cd01a92a047b7859914e5bb017c15ee443b4d5
Our Trusty test nodes do not include libkrb5-dev by default, and it is
needed to install some of the python libraries keystone uses (kerberos,
brought in by requests-kerberos).
Partial bug: #1334326
Change-Id: I1fdaa46c4590e69da82365dee578c1aa0ec95e80
The check to $service_port must be done using http. It's
$KEYSTONE_SERVICE_PORT that may use either the http or https protocol.
partial blueprint devstack-https
Change-Id: I8ae081e9710c54396b765210336a7de331947086
As of Juno, Cinder will be deprecating the Cinder V1 API and setting it
to not be enabled by default. We'll make it enabled in devstack to
continue tests while it's supported.
Change-Id: Ia09eed0375a73c69a29b1aa379b5bd9fd3a1f5b7
On kernels >= 3.13 for Ubuntu, there is no need to install the
openvswitch-datapath-dkms package anymore. Consequently we don't need the
dkms package anymore, nor the linux headers.
Update the opendaylight devstack code to correctly check for this and make
the right decision.
While here, also utilize get_packages() and common code where possible.
Change-Id: Idd6a71951f6f77b6e3c4e536e735dfead6a40bc1
Closes-Bug: #1331111
Rerunning stack.sh after some failure unrelated to ssl setup will fail
due to certificates already existing in the CA index. Don't regenerate
them instead. This is a workaround making devstack development easier
rather than something typical user would run into.
Change-Id: Icfd4cb5132c8c9297eb73159e592b7006295184f
Update the trove bits to actually upload the trove guest image to
glance, and create the datastore and datastore version objects that
are associated with the guest image ID.
Change-Id: I6c5c56b3fac981e91cdd7ed60079a5649b8dfea8
While installing devstack in XenServer's DomU we can easily
track the output so end-users have much more visibility of
both what is going on and what (if anything!) went wrong.
Change-Id: I7d12a13cea9dffda6c1388ce711b6adf76cae72c
Ceilometer filter was previously removed from the Swift
configuration to avoid useless Ceilometer logs in the Swift
ones. This was fixed by setting only warning log level for
this Ceilometer part of the pipeline to keep only important
ones.
Change-Id: I8c41355bb98dbf3bb59ec792221b05ea936086b7
Partial-Bug: #1294789
Github recently removed some sslv3 ciphers - wget seems to only
enable a subset of the ciphers available so fails now, but curl
continues to succeed.
Use --no-sessionid to work around
https://bugzilla.redhat.com/show_bug.cgi?id=1098711
Change-Id: Ia110bd2d0a222e438189c10a9c1a236bd7ea3d0e
Change 4f7bf6963a introduced finding the
endpoint via "openstack endpoint show" only. Previously that output
was piped through grep, etc. so it handled fell back to a blank
output when the endpoints were not available.
Ignore failures of this command so the blank output is matched
Change-Id: Iae2f09784ffa38efd2f858513bf284c84c32edac
Currently pip will get the package from the https://pypi.python.org server.
For CI, it's a problem as Internet connection can be down,
the pypi server down, etc...
The usecase is for a company/user that maintain a local pypi mirror
and give the option to use this server instead of the official one
Change-Id: I83aac4646cb78827a92c9636d78238f8a6118642
Implements: blueprint support-local-pypi-server
One of the major gate failures is do to something being wrong with
the apt mirrors. The Acquire group provides an implicit retry on
network operations which seems like it might be helpful here.
Ref: http://linux.die.net/man/5/apt.conf
Change-Id: I099f47ed86ad6a3d4296bff4cce75e7f7d946d27
Related-Bug: #1286635
This is fundamentally a library. As such we should setup_install
so that we can possibly pin it, otherwise we *always* get the
git version instead.
Change-Id: Ia815f2675cf535bb05a7e8eda853690171559b86
when we exit poorly, start building a tool for doing a capture
as to why. This tool is expected to be consumed directly from
grenade as well.
Change-Id: Ia1bc1c2e259587035ca7252baceec25fa464cb82
The hand-maintained static HTML docs for DevStack have been in a
GitHub gh-pages branch; move them into the master branch in
preparation for hosting them in openstack.org infrastructure.
By default tools/build_docs.sh now builds the static HTML output
into docs/html.
Change-Id: Ide5f7d980a294c7a9f8a3decaed0939f1c239934
Commit 4b6e75b5f8037adbf63ac2f03dca17f0c8c0bc08 added support
of a neutron section. This updates the code to make use of
that section.
Change-Id: Ib9a0f2aeb0d91adeb567f79917804f0a89fdb6e1
Devstack was setting its own default for Keystone's token format, so
when Keystone's default token format changed then devstack needed to
be updated. With this change, devstack will only override Keystone's
token format if KEYSTONE_TOKEN_FORMAT is set explicitly. PKI setup
is assumed to be needed unless the KEYSTONE_TOKEN_FORMAT is set to
UUID.
Change-Id: Idfa78e93abd80273dadcf37007a024bb6a783a48
There is a timing window where we might lose the commands being
stuffed into screen because bash is spawning. In those cases, loop
around and try building screen sessions again.
Change-Id: I49247de06bbd59424cb10fb9a8db145907be5138
Related-Bug: #1331274
The project-specific receiver command nova-rpc-zmq-receiver
has been replaced with oslo-messaging-zmq-receiver.
We need to update devstack code accordingly.
Change-Id: I7696c649fa818ecb523b698ea4a23f70da60147d
Closes-Bug: 1279739
Commit 5cacad3508570ce70b1f9ef620e0508169687fda added support
of a neutron section. This updates the code to make use of
that section.
Change-Id: I86119476fde5066182d3aadcee5985019202647a
It would be useful for development, reviewing and testing to add
support for django_openstack_auth to devstack.
This change adds the integration tests to the openstack_auth
list of test: https://review.openstack.org/#/c/86528/
Change-Id: Ifbd336b83f6b2beb23996b599ec820232c13efdd
Closes-Bug: #1262121
Since merge_config_file() tries to create an unsubstituted config file,
stack.sh fails due to permission denied in the file creation when you
use '[[post-config|/$Q_PLUGIN_CONF_FILE]]' and the file does not exist.
This patch deletes unnecessary 'touch' command, because the file will
be made by 'iniset' function in the next command line with evaled
string from 'configfile'.
This patch also fixes merge_config_group() to use evaled 'configfile'
when it checks the directory of the config file exists.
Change-Id: I608847a34143b5c6a1708c180186dd88a32dd44b
Closes-bug: #1294213
Cinder has been using oslo.messaging since Icehouse so it should be
using 'messaging' as its notification driver and not the now deprecated
full python path to the oslo-incubator notification driver.
Change-Id: I3edca1ff54e51b464cc1b23935c8530e2e242fee
The RHEL 7 and RHEL 6 optional repos have different names. This enables
the correct repo depending on the release.
Change-Id: I6772c9903a5b9e98cb870d586629564126a6119a
HP Cloud 1.1 is quite slow per core. So much so that grenade is
often failing to start services because bash in a screen session
isn't ready in 1.5s. Double this to 3s to try to decrease failures
in the gate.
We should instead do this via some readiness check to decrease
races.
Change-Id: I2b066a687916742e966190f00b5b06a795d4a014
The complexity of the awk script was pretty high, and it would
be good to do it in summaries as well, which starts to get a bit
squirelly. Instead bring over the outfilter.py from grenade and
use it for the timestamping.
Any additional overhead from python should be offset from not
shelling out to date on every line of output.
Change-Id: Ic2b86ddba3e7f6520a0fd35599b01143936c6deb
I346ee0248c03e60716bd7dc4a5ee4493610867cb broke the XenServer CI as
devstack was still setting the deprecated config options.
Change-Id: Icd84212e97a9d5e007745be8096fa552bc23cb6f
auth_token middleware now accepts a standard URL string as the parameter
identity_uri instead of specifying protocol etc individually. Change the
services over to use this.
Also changes over some other places in which the auth fragments are used
individually to the new variables and fixes up some misconfigurations of
auth_token.
identity_uri option was release in keystoneclient 0.8.0
Change-Id: Iac13bc3d08c524a6a0f39cdfbc1009e2f5c45c2a
1024Mb memory is too much for single instance.
approximately 4 GiB memory used even without a booted VM.
The heat auto-scaling scenario needs to boot 3 VM
(currently disabled), if any other test running in parallel
and boots up a vm it would easily can cause OOM an
issue.
The heat-slow job can work with 128 MiB instance memory,
but this change reduces it just to 512 MiB (safer for the guest),
and enough to avoid OOM issues on the host,
and let us to heve more vm at the same time.
The m1.tiny flavor is not good because now it has a hard coded
1 GiB disk limit and the f20 image requires 2 GiB.
Setting the disk size to '0' -> automatically use the virtual size
of the image.
Using multiple cores does not really helps in boot time :(,
but it might cause higher host load. (More locking)
Reducing the core number to 1.
Change-Id: Ice7c1253d15e91fd1c02bc8c6809335aaebfff4a
Reserve Keystone ports from the ephemeral range as early as reasonably
possible in the fixup_stuff.sh process to reduce the likelihood that the
port will be in use. This does not completely resolve the issue
where Keystone's IANA assigned port falls into Linux's ephemeral
range, but this should reduce the occurrences. The default ports
are 35357 and 35358.
Change-Id: I8cfb53d8f90c1ff1fb1083c59fefabca3d14323b
Partial-Bug: #1253482
This commit adds a new env variable, TEMPEST_NOVA_API_V3 to set
whether the tempest api v3 tests are enabled.
Change-Id: If14deb80f271061e70fae6c3d13b210ac0dd9399
Ironic's reference / recommended driver is the "pxe_ipmitool" driver,
which requires the 'ipmitool' package and system binary. Thus,
devstack should install it.
Also, Ironic will soon be validating that ipmitool is present in the
system path when loading the pxe_ipmitool driver, as it does for other
drivers (seamicro, pyghmi) that have external dependencies.
Causing devstack to install this package when Ironic is enabled will
also help users who wish to test Ironic against physical hardware that
has IPMI support, without having to perform additional manual steps
(like enabling the pxe_ipmitool driver and installing the ipmitool
packge by hand).
Change-Id: I13da5f8978b280b192f9b033c348a11bfc44c9d2
The f20 gate job is failing on hpcloud images
(official F20 cloud image), with enforcing selinux.
Setting selinux to permissive on all Fedoras.
Currently selinux policies are violated, when
- horizon/httpd tries to access a files without
httpd_t friendly security label.
- horizon/httpd_t tries to connect to openstack
service port, without an allowing policy.
- swift tryes rsync content without an authorized
security label and without rsync_full_access sebool.
- ..
In permissive mode you will be able to track,
the missing policies and labels by checking
the /var/log/auidit/audit.log*
The enforcing mode might be turned on in the future,
when all label and policy configured correctly.
Change-Id: I6dad705dd11b9eb5f01ce67814f05d294b3979a5
The official F20 cloud image does not contains the firewalld,
there is nothing to restart, and it fails the installation.
The previous workaround change, assumed all is_fedoras has
a restartable firewalld without ensuring is it installed at all.
RHEL6 even does not have a firewalld.
Closes-bug: #1329102
Change-Id: I3d119ce48af81b30bf02b01c2cd386612ac6ef90
The '--no-wait' flag will not wait for ovs-vswitchd to reconfigure after
changes have been made to the database. This causes a race condition as
the bridge may or may not be up when 'ip addr flush dev $PUBLIC_BRIDGE' is
called. This commit removes the '--no-wait' flag which is safe as the
openvswitch services are already started earlier in stack.sh
Change-Id: I73ef1b731295d03b0f064c5f786196284c3e39ce
Closes-bug: #1328962
Pass deploy kernel and deploy ramdisk as parameters to the driver
to enable Ironic to support different deploy provisioning
methods using the same flavor. This patch is part of the
https://blueprints.launchpad.net/ironic/+spec/add-node-instance-info
work which is separating the instance-level data from the driver-leval
data in the Node's resource of Ironic, once it's finished another patch
will be submitted to DevStack to remove the part of the code which is
adding the deploy kernel and deploy ramdisk parameters to the flavor,
for now a TODO was left inline as a reminder.
Change-Id: Id7cfb17cc6f6133964be139bfedbca1dc644b9cd
Implements: blueprint add-node-instance-info
Ensure that apache2ctl is only called if apache2 is being used when
setting up Keystone. This patch corrects a case where apache2ctl
is being called at the time lib/keystone is being sourced. This
error breaks attempts to deploy Keystone under apache unless
apache is already installed at the time stack.sh is run.
Change-Id: I02d426438fa1246effd68c6bb3c3358910ed4c05
Allow enable/disable_apache_sites() on Fedora to gracefully fail if the
config is not present. This is primarily an issue when the config from
a previous run is not completely cleaned out (unstack.sh vs clean.sh).
Make APACHE_CONFIG_DIR fully qualified and overrideable in local.conf.
Also fix Horizon's handling of its Apache config file to be removed
in clean.sh.
Change-Id: I78a5de579dd3b02fa2e4e7e00ac0aabe71b531ad
The changes to devstack to set nova api/conductor workers to 4 predated
commit 75c96a48fc7e5dfb59d8258142b01422f81b0253 to default the workers
equal to the number of CPUs, so this change just removes the hard-coding
from devstack and relies on nova's defaults for number of workers.
Change-Id: I384fc9eeb7a7eddf4679a6852203307a92d88a93
On ubuntu, if we run into an error installing the package, it can be
because of transient upstream errors with repo sync state. Although
retrying the update won't fix it all of the time, it's low cost enough
to be worth a try before we totally give up.
Related-bug: 1286818
Change-Id: I522ac0d0bd8f82dc98f386c89f66c2b743efa525
look at all interfaces that ip link shows as being up, then filter
them for ^e or ^p devices. Should hold even after the bridges get
built.
Change-Id: If6b1e623f9d146c2430dc8a4a007997290b90846
Support for .dist-info directories was added in setuptools 0.6.28.
At this moment, Ubuntu Precise 12.04 provides setuptools 0.6.24
which is too old for our needs.
Six is installed from wheel which uses the .dist-info directory.
For six to be found, we need to install setuptools >= 0.6.28.
Updating setuptools to the latest version using pip will provide use
the needed version to make six discoverable.
Closes-bug: #1326811
Change-Id: I761d0aeb2b8b593cee38d512afc8fed6a2d1fe37
The libvirt-daemon-driver-network pulls the dnsmasq,
on hosts where the n-cpu installed with libvirt backend.
But nothing installs it if you have only n-net or q-dhcp,
on the given hosts.
dnsmasq-utils does not depends on dnsmasq,
because it can work with other local dhcp servers.
Change-Id: I17a769df3bd51ca608c1728e892009125eea42ed
curl dying ends up being a really unclear failure condition, and
hard to fingerprint in the gate. We should make this much more
explicit when we die.
Also, don't trust the upstream filename, because all the rest of
our logic would break if it changes anyway.
Change-Id: Ibc2a96b33471d24c597af0d7af896fb10523156f
get-pip.py is now on a CDN, and is the prefered way to get pip.
Remove the default path of using pip tarballs from pypi and use
get-pip.py on from here on.
Closes-Bug: #1326539
Change-Id: I0661f7c6913ba6b3e1d00b30e22740d150bfd060
Keystone added support for a compressed token provider, PKIZ. This
change adds support to devstack. Set the KEYSTONE_TOKEN_FORMAT
option to "PKIZ" to configure Keystone to use it.
Change-Id: I123eef661c85cc805e950f1179b48e885078d40f
The previous apache/horizon a688bc6510
change left horizon disabled on Fedora.
Closes-Bug: #1326126
Change-Id: I79f84bb63471f84c6b37538e8dfe2bcca3ce3eac
this might obviate the need for postgresql in the gate, as it will
make mysql act more strict. Suggested by Monty during Atlanta
summit on test matrix.
Change-Id: Ibfcb0959159f3b84fe35a1198d481bff308da0d4
Grenade, and possibly other components, re-use parts of devstack
libraries. This provides basic echo_* functions to avoid missing
commands in several libraries.
Change-Id: I972d6208055a8c4ca4c9bfd5383ad3c7159d5cbe
This patch would set the IPv6 subnet extended attributes flag
to True. The following thread has some additional information.
https://review.openstack.org/#/c/96723/
Change-Id: Ie6ac42646cc2a4d808c05126bf7dd51f2b03ee6b
Partially implements: bp tempest-ipv6-attributes-support
Without --config-file option ironic-dbsync creates SQLite database
in the current directory, instead of migrating MySQL database.
Change-Id: Ib733dbf9198a037114f6221e974acb29d109ff22
Rather than continue to be bit by conf updates
from external sources, Cinder is going to join
the party and cease generation of the sample.conf
as part of the unit tests.
First step however is to not attempt to copy it
from cinder/etc/cinder in the devstack setup.
This just removes that cp operation, nothing
in that sample conf was modfied from defaults
so it wasn't really doing anything anyway.
Change-Id: I727b1747ff36d775ef881e93e3b9a8528a17a4df
On Ubuntu 14.04, the site configuration file must have a .conf suffix for a2ensite and a2dissite to
recognise it. a2ensite and a2dissite ignore the .conf suffix used as parameter. The default sites'
files are 000-default.conf and default-ssl.conf.
On Ubuntu 12.04, the site configuration file may have any format, as long as it is in
/etc/apache2/sites-available/. a2ensite and a2dissite need the entire file name to work. The default
sites' files are default and default-ssl.
On Fedora, any file in /etc/httpd/conf.d/ whose name ends with .conf is enabled.
On RHEL and CentOS, things should hopefully work as in Fedora.
This change puts all distribution-related site configuration file name differences in lib/apache and
the other services gets the file name for its sites using the new exported function
apache_site_config_for <sitename>.
It also makes Fedora disabled sites use the .conf.disabled suffix instead of removing the .conf from
the file name.
The table below summarizes what should happen on each distribution:
+----------------------+--------------------+--------------------------+--------------------------+
| Distribution | File name | Site enabling command | Site disabling command |
+----------------------+--------------------+--------------------------+--------------------------+
| Ubuntu 12.04 | site | a2ensite site | a2dissite site |
| Ubuntu 14.04 | site.conf | a2ensite site | a2dissite site |
| Fedora, RHEL, CentOS | site.conf.disabled | mv site.conf{.disabled,} | mv site.conf{,.disabled} |
+----------------------+--------------------+--------------------------+--------------------------+
Change-Id: Ia2ba3cb7caccb6e9b65380f9d51d9d21180b894e
Closes-bug: #1313765
the interface default of eth0 has become more wrong since we've
got a generation of Linux distros that don't use eth* as their
interface naming. Instead of that do a slightly more clever, but
probably still wrong thing, of picking an interface that exists
and is a physical interface.
This is still overridable, however won't cause really cryptic
failures in nova-compute because it's trying to use an interface
that doesn't exist *really* late in the network creation.
Change-Id: I93016ff5a25678de76254418155c839a269486a0
the defaults in tempest will be set to 1s in a related change,
so we can remove these.
Change-Id: I05d8b4f08614fdf92611e3ff34d124fe918bd457
Depends-On: If8332d4be8515ac574cbbf4e00cbe0a75b6ebc5d
When SSL is enabled in Keystone, the path to the Keystone CA file
needs to be set in ca_file in the clients_keystone section.
Change-Id: Ic324e09b42a96d0ba31e13f8e8042cb3ac24d0b6
Closes-Bug: 1324207
$USER may be undefined (resulting in an error exit from stack.sh)
or may be the current $USER rather than the target $STACK_USER
(which may or may not be the same) which could lead to errors
later.
This change brings about consistency: the rest of stack.sh always
uses $STACK_USER.
This same problem may be present in lib/marconi.
Change-Id: Idff2bee88de4e1da11cd5765a03646caf3ede24f
An updated libvirt package to address [1] is in Fedora 20 now, so we
don't need this work-around. Modify the comments of the other part of
the work-around (restart of services) and link to the most relevant
bug
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1098376
Change-Id: I47fba7b4f273162c2af1e37902a512041449750b
Install packages ryu requires explicitly becuase they are
no longer covered by neutron's requirements.
(They used to be until very recently.)
Closes-Bug: #1323136
Change-Id: I6a603d95c053ac1deba59d8e479dbaf1a70293f3
Some of the test cases in tempest related to quota use
admin_tenant_name, ideally it should use admin_tenant_id.
As tempest.conf file does not contains admin_tenant_id
it should also be updated. tempest.conf file is generated
by devstack while setup of openstack, changes should be made
in devstack so as to put admin_tenant_id in tempest conf file.
Change-Id: I62baf5b1e21ebf8d3b511624c54741015b304955
Closes-Bug: #1321624
One of the recent patches introduced a syntax error in the marconi
script. This patch fixes the issue & gets marconi running in
devstack again.
Change-Id: I46a039f72174c4898869983de03a1e29cbe435bf
Another proposed change fetches endpoints from the Keystone catalog as
long as the *_url opts are not present. This change will make Trove on
DevStack use the catalog.
Note: This must merge after https://review.openstack.org/68015.
Change-Id: I397254e72823ab7c7b28014d4fa18e2cefb79e6d
Closes-Bug: #1222891
patch breaks gate (see any logs/screen-ceilometer-acentral.txt.gz
after this patch)
This reverts commit 4c11089739.
Change-Id: I684d50be1b4d580d385a8bb74b3539b1305ec330
Invalid parsing of openstackclient output was introduced in
I03c17cfc9740c3eb257152c95d9c4f021db2c89e. Here command lines
was changed to get urls with no parsing.
Also default EC2_URL was fixed.
Change-Id: Ic46a9989321cf6310c56edeeb737c603a4f9c1ed
The FakeVirt driver shouldn't need custom scheduling options, so it run
instead of a real virt driver for testing purposes. This simplifies the
use case where someone wants to run the FakeVirt driver along side a
real driver so someone can test there cloud application without wasting
real instances.
Since the FakeVirt driver should look like it has near infinite resources,
turn on Core, Ram and Disk filters to make sure the drive works with them
enabled.
Change-Id: Ic7ec87e4d497d9db58eec93f2b304fe9770a2bbc
Related-Bug: #1268943
OpenDaylight
OpenDaylight needs to know the physical network mapping
used with vlan tenant isolation. This is similar to how
the bridge_mappings cofig is used to map the physical
network to the bridge,
i.e. bridge_mappings=physnet1:br-eth1,physnet2:br-eth2.
OpenDaylight needs the physical network device itself:
provider_mappings=physnet1:eth1,physnet2:eth2.
OpenDaylight needs the mapping because the device port is
used when pushing flows. The neutron API's provide the
physical provider network value for example as physnet1.
DocImpact:
Use of VLANs with ML2 and the OpenDaylight mechanism driver
requires OpenDaylight Helium or newer to be installed.
Closes-Bug: #1315492
Change-Id: If7af9ce5735b01c35315a54c79355ca87b72c4b4
This patch fixes various typos that prevent the neutron nova
notification options from working.
Change-Id: Ia3fb1e02008b338e2d08e927346397292be4e398
Closes-Bug: #1321347
Fedora libvirtd fails to start on Xen instances (i.e. rackspace
instances) due to [1]. This works around the issue until it can be
fixed upstream.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1098376
Change-Id: I3790b5025982730263a6a84fce596e80f09efd5a
Lot of packages explicitly requires gcc now, but almost all of
the components needs it.
Always keep gcc in hand-range.
files/rpms/general: always installs the libxlst2-devel, not just on
RHEL 6, package recompile capability always handy and these are small
packages anyway.
Change-Id: Ia7d0e1938fb2453e3c02b979f99d6d179c6a24c6
Generally a ubuntu template is supplied - but in the case
where it is not, we need to source functions before sourcing
stackrc (Through xenrc)
Change-Id: I8325cf1c6f83946b7798e6d1bb8278e86831d3c4
I tried using devstack on a cloud image that didn't have openssl, so
it generated blank passwords and gave an error about openssl missing.
Using urandom should not require more than minimal shell tools.
Change-Id: Ib3091183eb1d85fc8cf7c76e47da24a04ae4791f
openstack endpoint show identity will not be successful without
admin permissions; this causes exercise.sh to fail because it
claims keystone is not present
Change-Id: I769d70d0439c0b4c7e174a0adad7adcf1938095e
Closes-bug: 1317507
The files changed in this commit had incorrect bash syntax in that they were
assigning variables (=) instead of checking if they were equal (==). The
incorrect checks were preventing the configuration of VLANs with the Neutron
ML2 plugin.
Change-Id: I4b54bb5c69cc836c22900bd7a966197e9c616076
Fix Trove to use the PUBLIC_NETWORK_GATEWAY if neutron is enabled.
This is needed since in this case the guestagent is able to reach
the devstack host only via the public PUBLIC_NETWORK_GATEWAY and
not via the private NETWORK_GATEWAY.
Change-Id: I61ee707e16d0222e7f479369e769cbe7ef2de7d7
With the increasing number of entries in the service_catalog header,
some projects will have a header bigger than 8192 and Swift cannot
handle headers of this size. Solum is the first one to have this issue
As a temporary hack to fix Solum's gate, we are increasing
the value of the max_header_size parameter in our "lib" script.
This patch makes this settings global to all projects using devstack,
so that in a near future, if a project has a service_catalog header
bigger than 8192, it doesn't have the same problems we had.
Closes bug 1316585
Change-Id: I5c15f8f9531839353c3d99e46d920688058ec33c
Simplifying the steps between devstack install and tempest run, by
* installing tox<1.7, bacuse 1.7 is not compatible with our tox.ini
* installing and patching 'discover' when the python version is 2.6
Change-Id: I8008837d2fae6cebeeeb051b63066279ca477e01
We're upgrading sahara architecture, so, we've added an alias to run
sahara in all-in-one process.
Change-Id: I7f92e13c1a9b15070c5ec46428ca3949190abfc9
On Fedora with the default configuration TFTP will listen only
on IPv6 endpoint, making imporrible for a node to reach TFTP.
This patch forces TFTP to listen on IPv4 endpoint by modifying
Xinet.d template.
Change-Id: I1ed315fae38816c8e0c2a736261d1c3736f437ff
Ensure that the VHOST and the scripts used to enable keystone under
mod_wsgi are properly cleaned up.
Change-Id: I76a748b0fd5f1a5182d10e425202857c5621e25a
When Keystone is configured under mod_wsgi, Keystone configuration
requires debugging to be enabled as the debug flag cannot be passed
via cli arguments.
Because Apache 2.2 (default for a number of distributions) does not
support passing an explicit format to the ErrorLog, Keystone under
mod_wsgi ends up with duplicated timestamps in the Keystone log.
This patchset eliminates the %(asctime) and %(msecs) substitution
targets from the log format options when Keystone is configured
under mod_wsgi.
Change-Id: I0bf32db6e53cb653921162cb1957eb988b819815
PLUMgrid plugin for Neutron supports to load dynamically a back-end driver.
This parameter has been added in the plugin configuration file.
Change-Id: I1698a8fa558841aeb94476bc8c7f103b21f2a2d3
Closes-bug: #1315466
Add a new variable, IRONIC_VM_EPHEMERAL_DISK, to specify the size
of the ephemeral disk. Default will be zero to match the current
behavior.
Change-Id: Ia8a8ef364a85fc803b93fb936212de0894a19bd8
Devstack gate slaves have locked down local iptables firewalls.
Ironic nodes boot on an 'external' network and require TFTP
and Ironic API access back to the node via its HOST_IP. This inserts
the required rules to the top of the INPUT chain.
Change-Id: I2e5dfa2346d45fdd549a3a3fbc255f190195cdd6
The documentation stated that, to enable Keystone running on Apache,
one should set:
APACHE_ENABLED_SERVICES+=keystone,swift
However, it actually works with:
APACHE_ENABLED_SERVICES+=key,swift
Change-Id: I8cc92e9426d7fc3117b30df01babdb50576328af
Closes-bug: #1311461
lib/tempest had code to set -o errexit and restore the setting after
configure_tempest had run. This code didn't work, but it is no longer
necessary since we set errexit for all of devstack (see change 88521;
Change-Id Ia477e04567046a7fcdedf699423165bc577b72ad).
This changeset removes the errexit handling code from lib/tempest.
Change-Id: I2b0bc3c55a5d9bbb688f1e2e8e0fe133830a4172
SSL can be enabled in Keystone when devstack is executed.
Horizon was not being configured to use the SSL port so
authentication was failing.
Change-Id: I253766d359aaab0bd1f844a8a637adc77e8eee2b
Closes-Bug: 1293749
Set the default RAM for Ironic BM VMs to 1GB to ensure DIB produced deployment
ramdisks function correctly across older and newer kernels, regardless of
rootfstype.
Change-Id: Ifc15a4430aa63c3599e7fd76f5116dc7b728ead0
Closes-bug: #1311987
Glance will reject images that it doesn't understand, and only certain drivers can
use qcow2 images. This means for systems without qcow2 support, devstack
will fail to run until this change is merged.
Change-Id: Ic92815f3d32880e987456c0428953dddaa81c94c
Because *swift* in no more allowed in ENABLED_SERVICES (see
I78222d7ee2ea8a281962129d5bcf06c118469510) swift3 middleware to
swift could not be installed anymore. This patch thighten a check
to allow swift3 (but not swift) in ENABLED_SERVICES.
Change-Id: I194f66ae7e5163e0e6178561b09f55024fdaa607
The last spinner process active in non-verbose mode does not get killed
when stack.sh exits -- the spinner keeps spinning indefinitely.
Killing the spinner in err_exit cleans up no matter how the program
got terminated.
Because the code to kill the spinner is now called regardless of
whether spinners are in use, it has to check LAST_SPINNER_PID or the
kill command without an argument will trigger the ERR trap (or EXIT
with an error status, depending on where program execution stops).
This patch resurrects and fixes an abandoned changeset, hence:
Co-Authored-By: Adalberto Medeiros <adalbas@linux.vnet.ibm.com>
Fixes bug 1302112
Change-Id: I2d5b27971889b672361e9173bf6faf38fb1a1ec6
Just like the beginning of every other release, remove the deprecated
config option aliases that were marked as deprecated in Icehouse.
Nova patch - https://review.openstack.org/#/c/88456/
Change-Id: Idd051c516002030e8e191c7b8d31f1ff408e1c7d
Make devstack users able to specify enabled plugins. By default enable
vanilla, hdp and fake plugins. Fake plugin is needed for gate testing.
Change-Id: Ia557eafe19b7d8eb62b6511d8d5331a106ef4bc2
OpenDaylight integration with Openstack requires some extra configuration
information to be set in the ovsdb via the other_config value. Currently
only the local ip address is set. bridge_mappings needs to be added to support
vlan isolation.
This requires changing the form of the existing ovs-vsctl command to set
the other_config value. The current command does a replace so the last
command to run overwrites any other values. The command is changed to
append values instead.
Change-Id: Ia001ecf27c8f5ace05af014ecce0b13f6d490ac1
The problem was in the screenrc file generated, where the
following command appeared:
sg libvirtd "ceilometer-agent-compute
--config-file /etc/ceilometer/ceilometer.conf"^M"
The final "^M" was not then parsed.
Change-Id: Ie6c5b1c9e3d196a3a9c343c2afb46435711c10f5
Closes-bug: #1311666
This patch adds daemon flag to marconi script. This change was
needed to run the latest build of marconi-server in background.
Since mongodb can not be used with marconi until gate is updated
to Ubuntu 14.04, we are changing our backend to sqlite.
Change-Id: I1a4148bd545818d5e943257be2f6e752ce43f793
Ridiculous patch to remove a not true anymore code comment. If
one wants to have Devstack get a heat compatible image, one
should add HEAT_FETCHED_TEST_IMAGE=Fedora-i386-20-20131211.1-sda
in his localrc
Change-Id: I2702a322fe1332be5c1301bb32710288ec683350
If q-vpn is enabled, the Neutron neutron-vpn-agent is started
instead of the neutron-l3-agent, but only neutron-l3-agent receives
the fwaas_driver config when q-fwaas is enabled. This ensures the FW driver
config is passed to either so that a properly configured agent is running
when the FWAAS extensions are enabled.
Closes-bug: #1310858
Change-Id: I237d2831a6b87ae46dfef047d3dc0b85fa6423d3
The default image used is cirros 0.3.0, which is out-dated and
does not support cloud-init for config drive. By upgrading to
0.3.2, we gain config drive support testing in our tempest runs.
Change-Id: Ibe7f70f1fb457d210b891b19ba3b5be94b2343f0
There were competing patches to implement this feature in Ironic.
Patch I2da37409cea98731a2ca18dfe7298861fde37783 calls the option
'enabled_drivers', which is more consistent with other option names.
Change-Id: Ifa7eae594c6d9ea743a17b4c31e407501bba8467
libvirt_cpu_mode was renamed to libvirt.cpu_mode
libvirt_type was renamed to libvirt.virt_type
This patch is needed before I346ee0248c03e60716bd7dc4a5ee4493610867cb can
land.
Change-Id: Ie8a39147ece3a3c86f4b146fa0af3641b1079319
Swift was missing an 'if [[ $SYSLOG != "False" ]]' statement which is used
by other services, and therefor failed with a 'No such file or directory'
error when 'SYSLOG=False' was set in localrc.
Closes-Bug: 1308461
Change-Id: I8655a955ebb322516d92bee418b93d4cc23bdc5c
Some options defined in ceilometer.service should be in service_credentials
section instead of DEFAULT, which is deprecated since Havana.
Change-Id: I69077394a77f379db2be593a9fa15d414015610a
* dnsmasq-utils is also required on openSUSE 13.1 (for dhcp_release)
* make sure that iscsid is actually started. On openSUSE it's not
started by default.
Change-Id: Ibceb7ce1372ca74010bdc9f44258a5a25182adc6
The sshd reconfiguration to listen on port 2222 provides no
benefit and complicates deployment on some systems. This removes
the reconfiguration and instead just confirms SSH connectivity.
Default SSH host and ports are left configurable, but the port now
reflects the default 22.
Change-Id: Iaf7c71854c3741a505a79037ffb8c86ace74fc27
pip failed to insall packages with the http_proxy and https_proxy localrc
environment variables. indeed, the case of the variables was uppercase
and these variables are normally lowercase.
Change-Id: I73054aafd353ccf53986f0ec05426f6a2c4e2240
Closes-Bug: 1307492
Logs console output of VMs created for use by Ironic to
$DATA_DIR/ironic/logs. This gives Jenkins something to archive
that will be useful for debugging any deployment ramdisk issue
blocking provisioning.
Change-Id: I7d234a6a13dbe8579f685e46d7712dae497272a5
Includes two enhancements to support VPNaaS and allow other
vendor implementation support. Goal is to provide a solution
for VPN .ini files until a more general solution can be defined
to handle all reference and vendor .ini files.
First, the /opt/stack/neutron/etc/vpn_agent.ini file is copied
to /etc/neutron, to allow the selected device drivers for agent
to be specified. Both reference and vendor implementations can
be uncommented in this file, prior to stacking.
Second, to allow vendor VPN implementations to provide an .ini
file to the agent at start-up time, an environment variable is
defined and can be set in the localrc to specify one or more
.ini files. The desire is NOT to include vendor settings in the
global vpn_agent.ini.
Change-Id: Ia8250db660216a5296cb6ba2af1538b8c90d187c
Closes-Bug: 1301552
When the Cisco Nexus monolithic plugin is configured in the localrc,
stack.sh fails with the error message:
sed: can't read /etc/neutron/plugins/cisco/cisco_plugins.ini:
No such file or directory
This failure was introduced with the merge of change set 76992
(bug #1285884). Change set 76992 removed the copying of
Q_PLUGIN_EXTRA_CONF_FILES from the neutron project area to directories
under /etc/neutron. This copy from neutron to /etc is required by the
Cisco Nexus monolithic plugin, since this plugin follows the original
model for generating extra config files based on localrc settings:
- Copy default config file(s) from neutron project to /etc using
a relative path (relative to neutron and relative to /)
- Modify the copies of the config file(s) using localrc settings
- Add a --config-file command line setting for neutron server which
points to the modified config file(s) under /etc
The fix is to add the copying of the default versions of the extra
config files from neutron to /etc into the cisco devstack script.
Change-Id: Ifbae197ed591f7cccfd6d51eae2b21e31eb0a409
Closes-Bug: #1295411
Cirros 0.3.2 is fixing the host name setting issue, which
is required for turning on the tempest instance validation tests.
Change-Id: I1b87740ab02c4eb0a8df653a35e1f85d40abda51
Related-Bug: #1132686
2014-03-20 23:12:58 +01:00
364 changed files with 20965 additions and 15771 deletions
@@ -2,13 +2,18 @@ DevStack is a set of scripts and utilities to quickly deploy an OpenStack cloud.
# Goals
* To quickly build dev OpenStack environments in a clean Ubuntu or Fedora environment
* To describe working configurations of OpenStack (which code branches work together? what do config files look like for those branches?)
* To make it easier for developers to dive into OpenStack so that they can productively contribute without having to understand every part of the system at once
* To quickly build dev OpenStack environments in a clean Ubuntu or Fedora
environment
* To describe working configurations of OpenStack (which code branches
work together? what do config files look like for those branches?)
* To make it easier for developers to dive into OpenStack so that they can
productively contribute without having to understand every part of the
system at once
* To make it easy to prototype cross-project features
* To provide an environment for the OpenStack CI testing on every commit to the projects
* To provide an environment for the OpenStack CI testing on every commit
to the projects
Read more at http://devstack.org.
Read more at http://docs.openstack.org/developer/devstack
IMPORTANT: Be sure to carefully read `stack.sh` and any other scripts you
execute before you run them, as they install software and will alter your
@@ -20,9 +25,9 @@ in a clean and disposable vm when you are first getting started.
The DevStack master branch generally points to trunk versions of OpenStack
components. For older, stable versions, look for branches named
stable/[release] in the DevStack repo. For example, you can do the
following to create a grizzly OpenStack cloud:
following to create a Newton OpenStack cloud:
git checkout stable/grizzly
git checkout stable/newton
./stack.sh
You can also pick specific OpenStack project releases by setting the appropriate
@@ -30,7 +35,7 @@ You can also pick specific OpenStack project releases by setting the appropriate
`stackrc` for the default set). Usually just before a release there will be
milestone-proposed branches that need to be tested::
@@ -42,327 +47,44 @@ your VM. To start a dev cloud run the following NOT AS ROOT (see
./stack.sh
When the script finishes executing, you should be able to access OpenStack endpoints, like so:
When the script finishes executing, you should be able to access OpenStack
endpoints, like so:
* Horizon: http://myhost/
* Keystone: http://myhost:5000/v2.0/
We also provide an environment file that you can use to interact with your cloud via CLI:
We also provide an environment file that you can use to interact with your
cloud via CLI:
# source openrc file to load your environment with OpenStack CLI creds
. openrc
# list instances
nova list
If the EC2 API is your cup-o-tea, you can create credentials and use euca2ools:
# source eucarc to generate EC2 credentials and set up the environment
. eucarc
# list instances using ec2 api
euca-describe-instances
# DevStack Execution Environment
DevStack runs rampant over the system it runs on, installing things and uninstalling other things. Running this on a system you care about is a recipe for disappointment, or worse. Alas, we're all in the virtualization business here, so run it in a VM. And take advantage of the snapshot capabilities of your hypervisor of choice to reduce testing cycle times. You might even save enough time to write one more feature before the next feature freeze...
DevStack runs rampant over the system it runs on, installing things and
uninstalling other things. Running this on a system you care about is a recipe
for disappointment, or worse. Alas, we're all in the virtualization business
here, so run it in a VM. And take advantage of the snapshot capabilities
of your hypervisor of choice to reduce testing cycle times. You might even save
enough time to write one more feature before the next feature freeze...
``stack.sh`` needs to have root access for a lot of tasks, but uses ``sudo``
for all of those tasks. However, it needs to be not-root for most of its
work and for all of the OpenStack services. ``stack.sh`` specifically
does not run if started as root.
``stack.sh`` needs to have root access for a lot of tasks, but uses
``sudo`` for all of those tasks. However, it needs to be not-root for
most of its work and for all of the OpenStack services. ``stack.sh``
specifically does not run if started as root.
This is a recent change (Oct 2013) from the previous behaviour of
automatically creating a ``stack`` user. Automatically creating
user accounts is not the right response to running as root, so
that bit is now an explicit step using ``tools/create-stack-user.sh``.
Run that (as root!) or just check it out to see what DevStack's
expectations are for the account it runs under. Many people simply
use their usual login (the default 'ubuntu' login on a UEC image
for example).
DevStack will not automatically create the user, but provides a helper
script in ``tools/create-stack-user.sh``. Run that (as root!) or just
check it out to see what DevStack's expectations are for the account
it runs under. Many people simply use their usual login (the default
'ubuntu' login on a UEC image for example).
# Customizing
You can override environment variables used in `stack.sh` by creating file
name `local.conf` with a ``localrc`` section as shown below. It is likely
that you will need to do this to tweak your networking configuration should
you need to access your cloud from a different host.
[[local|localrc]]
VARIABLE=value
See the **Local Configuration** section below for more details.
# Database Backend
Multiple database backends are available. The available databases are defined in the lib/databases directory.
`mysql` is the default database, choose a different one by putting the
following in the `localrc` section:
disable_service mysql
enable_service postgresql
`mysql` is the default database.
# RPC Backend
Multiple RPC backends are available. Currently, this
includes RabbitMQ (default), Qpid, and ZeroMQ. Your backend of
choice may be selected via the `localrc` section.
Note that selecting more than one RPC backend will result in a failure.
Q_AGENT This specifies which agent to run with the ML2 Plugin (either `openvswitch` or `linuxbridge`).
Q_ML2_PLUGIN_MECHANISM_DRIVERS The ML2 MechanismDrivers to load. The default is none. Note, ML2 will work with the OVS and LinuxBridge agents by default.
Q_ML2_PLUGIN_TYPE_DRIVERS The ML2 TypeDrivers to load. Defaults to all available TypeDrivers.
Q_ML2_PLUGIN_GRE_TYPE_OPTIONS GRE TypeDriver options. Defaults to none.
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS VXLAN TypeDriver options. Defaults to none.
Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS VLAN TypeDriver options. Defaults to none.
# Heat
Heat is disabled by default. To enable it you'll need the following settings
If you would like to use Xenserver as the hypervisor, please refer to the instructions in `./tools/xen/README.md`.
# Additional Projects
DevStack has a hook mechanism to call out to a dispatch script at specific
points in the execution of `stack.sh`, `unstack.sh` and `clean.sh`. This
allows upper-layer projects, especially those that the lower layer projects
have no dependency on, to be added to DevStack without modifying the core
scripts. Tempest is built this way as an example of how to structure the
dispatch script, see `extras.d/80-tempest.sh`. See `extras.d/README.md`
for more information.
# Multi-Node Setup
A more interesting setup involves running multiple compute nodes, with Neutron networks connecting VMs on different compute nodes.
You should run at least one "controller node", which should have a `stackrc` that includes at least:
disable_service n-net
enable_service q-svc
enable_service q-agt
enable_service q-dhcp
enable_service q-l3
enable_service q-meta
enable_service neutron
You likely want to change your `localrc` section to run a scheduler that
will balance VMs across hosts:
SCHEDULER=nova.scheduler.simple.SimpleScheduler
You can then run many compute nodes, each of which should have a `stackrc` which includes the following, with the IP address of the above controller node:
ENABLED_SERVICES=n-cpu,rabbit,g-api,neutron,q-agt
SERVICE_HOST=[IP of controller node]
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
Q_HOST=$SERVICE_HOST
MATCHMAKER_REDIS_HOST=$SERVICE_HOST
# Cells
Cells is a new scaling option with a full spec at http://wiki.openstack.org/blueprint-nova-compute-cells.
To setup a cells environment add the following to your `localrc` section:
enable_service n-cell
Be aware that there are some features currently missing in cells, one notable one being security groups. The exercises have been patched to disable functionality not supported by cells.
# Local Configuration
Historically DevStack has used ``localrc`` to contain all local configuration and customizations. More and more of the configuration variables available for DevStack are passed-through to the individual project configuration files. The old mechanism for this required specific code for each file and did not scale well. This is handled now by a master local configuration file.
# local.conf
The new config file ``local.conf`` is an extended-INI format that introduces a new meta-section header that provides some additional information such as a phase name and destination config filename:
[[ <phase> | <config-file-name> ]]
where ``<phase>`` is one of a set of phase names defined by ``stack.sh``
and ``<config-file-name>`` is the configuration filename. The filename is
eval'ed in the ``stack.sh`` context so all environment variables are
available and may be used. Using the project config file variables in
the header is strongly suggested (see the ``NOVA_CONF`` example below).
If the path of the config file does not exist it is skipped.
The defined phases are:
* **local** - extracts ``localrc`` from ``local.conf`` before ``stackrc`` is sourced
* **post-config** - runs after the layer 2 services are configured and before they are started
* **extra** - runs after services are started and before any files in ``extra.d`` are executed
* **post-extra** - runs after files in ``extra.d`` are executed
The file is processed strictly in sequence; meta-sections may be specified more than once but if any settings are duplicated the last to appear in the file will be used.
[[post-config|$NOVA_CONF]]
[DEFAULT]
use_syslog = True
[osapi_v3]
enabled = False
A specific meta-section ``local|localrc`` is used to provide a default
``localrc`` file (actually ``.localrc.auto``). This allows all custom
settings for DevStack to be contained in a single file. If ``localrc``
exists it will be used instead to preserve backward-compatibility.
[[local|localrc]]
FIXED_RANGE=10.254.1.0/24
ADMIN_PASSWORD=speciale
LOGFILE=$DEST/logs/stack.sh.log
Note that ``Q_PLUGIN_CONF_FILE`` is unique in that it is assumed to *NOT*
start with a ``/`` (slash) character. A slash will need to be added:
[[post-config|/$Q_PLUGIN_CONF_FILE]]
DevStack can be extensively configured via the configuration file
`local.conf`. It is likely that you will need to provide and modify
this file if you want anything other than the most basic setup. Start
by reading the [configuration guide](doc/source/configuration.rst) for
details of the configuration file and the many available options.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.