TEMPEST_BRANCH which is mostly set as master so
that Tempest master is run to test the env. With
stable branch going to EM state and Tempest master
might not work due to incompatibility of code or
requirements. In that case we pin the Tempest so that
older Tempest can be used for their testing.
Till now for ocata, pike and, queens we used the gerrit style
ref to pin the Tempest which is not preferred way. We should be
able to use the tag name on TEMPEST_BRANCH.
This commit explicitly checkout the tag set in TEMPEST_BRANCH
as git_clone does not checkout the tag directly until RECLONE
is true or tempest dir does not exist.
After this stable branch or job can set the tag directly with name.
For exmaple: TEMPEST_BRANCH=23.0.0.
Also use the stable/ocata upper constraint in Tempest venv.
Related--Bug: 1861308
[1] https://review.opendev.org/#/c/704840/
Change-Id: I15942917ec96e0f0e17639ea3296e356cdfeb832
The URL for rdo-release package is version-less and redirects to latest
stable version. This becomes problematic when stacking older stable
versions as dependencies might not be met or newer and incompatibile
ones might get installed.
Closes-Bug: #1833696
Change-Id: Icb07dcb4c9a3950a3c31a3a8dcb8d0b4c713fdb1
(cherry picked from commit 8b31dce38b)
(cherry picked from commit fb3b6e4baa)
(cherry picked from commit ed120e335f)
(cherry picked from commit 6f3696c168)
Tempest master started doing the strict JSON schema validation
for volume API. With that validation Tempest master started
failing on Ocata branch as new field in Cinder API added after
Ocata is still seen in Ocata API verison. Means new field added
in microverison is still seen in older microversion also.
Whether Cinder API can be fixed or not is different topic but as
per Tempest stable branch support policy[1], current Tempest master
does not support Ocata branch which is EM and if Temepst master
does not work on EM branches then solution is to use the Tempest
working tag for that EM branch.
Tempest 20.0.0 is supported Tag for Ocata so let's use that for Ocata
testing instead of Tempest master.
Related-Bug: 1843762
[1] https://docs.openstack.org/tempest/latest/stable_branch_support_policy.html
Change-Id: If5a0710360be448aa0c9e36fd22657b122dad66b
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.
This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.
This update should result in no functional change.
For more information see the thread at
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html
Change-Id: Ib02316a43b18bdbfee29aa157a7a0438b9b2fdc9
CentOS tests have reverted to using upstream for EPEL rather than
local mirrors, introducing some unnecessary instability. The root of
the problem is that /etc/nodepool/provider disappeared with zuulv3, so
we now always re-install the EPEL repo and overwrite the local EPEL
.repos files that were made during test setup and point to local
mirrors.
The other change is that we stopped installing the RDO repositories on
the testing nodes too. That we were incorrectly taking this path and
reinstalling EPEL has hidden the removal of these packages from the
base image in the test, since it ends up installing them too.
Split the install into two parts -- epel and RDO. Check for
/etc/ci/mirror_info.sh (the sourcable mirror script provided by base
test setup) and if so, just enable EPEL so we get the CI-mirror
version correctly. Install the RDO repositories (if not already
installed) unconditionally.
(Cherry-Picked from dc04b5aa24)
Change-Id: Iccb045a6695deb10da4d68a5694e1fa45ccbb810
The os-fping API was deprecated in nova in
I92064cbcb5f6414da0c9d294f912a860428af698. I can't see anything
obviously using it on codesearch.
This is only in EPEL for centos, which I'm trying to remove. But I
think less dependencies is always better than more in general hence
the removal.
This is essentially a revert of
Ibdc7479a9038321e4fc3953774a6f3e1dac90530
Change-Id: I163fc48c860bae2a92c83cfdaed26b2e54630e20
(cherry picked from commit bc6c992e3c)
legacy-periodic-tempest-dsvm-oslo-latest-full-master
runs only on master, remove it. This needs to stay in project-config.
Change-Id: I81e66ddb0976bb4bb7a7cd8efbbae3bda551191d
(cherry picked from commit 6403b1447f)
the swift and devstack-plugin-ceph jobs have been renamed, follow rename
and use in-repo jobs.
Depends-On: https://review.openstack.org/543048
Change-Id: Idccc21e47b2cc04e5eeab4db7f7fb7cf156f8049
This is a mechanically generated patch to complete step 1 of moving
the zuul job settings out of project-config and into each project
repository.
Because there will be a separate patch on each branch, the branch
specifiers for branch-specific jobs have been removed.
Because this patch is generated by a script, there may be some
cosmetic changes to the layout of the YAML file(s) as the contents are
normalized.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I4f262c7dd9fedf16cdd0898f9171f882919c13b1
Story: #2002586
Task: #24327
- Remove extra spaces
- Fix a missing space in the generated option string
- Fix a fatal typo
Change-Id: Ieca1c3e3c7e2ff59089ef45435e126ce7ff4f9b5
Closes-Bug: #1667073
(cherry picked from commit ed887d8b9f)
It looks pip 10 failed the uninstallation of distutils installed
packages. This patch temporarily cap the version of pip to work-around.
Closes-Bug: #1763966
Change-Id: I8bf80efc04883cd754c19bea0303064080112c6e
(cherry picked from commit f99d1771ba)
The old code was strip()ing the version string instead of split()ing the
version string so we always got the first character of the version
string. This worked fine as long as the pip version was single digit but
as soon as it rolls over to '10.stuff' we will compare:
pip version 1 (instead of 10) > 6
Which fails bceause 1 is less than six. Instaed we really do want to
compare 10 > 6 so use split on '.' instead.
Closes-Bug: #1764046
Change-Id: Ic7d0c04d7fa77774ab2d70fb9d11f182becec553
(cherry picked from commit 065779517f)
This changes bumps NOVA_READY_TIMEOUT to 120s by default in Pike
and older because the UCA shipped libvirt (2.5.0) is very slow
to start up (taking almost a minute at times)
Change-Id: Ia5fd8654e062533a55de2e78d84128027c73c094
The function was introduced in [0] using a hardcoded timeout of 60
seconds which turns out to be too small on slow machines. Create a new
global variable NOVA_READY_TIMEOUT instead so that users can
override the timeout if necessary.
[0] I32eb59b9d6c225a3e93992be3a3b9f4b251d7189
Co-Authored-By: Mohammed Naser <mnaser@vexxhost.com>
Change-Id: I0cd7f193589a1a0776ae76dc30cecefe7ba9e5db
'deactivate_image' feature flag was added long back during kilo
cycle. Tempest is going to remove this feature flag.
Depends-On: I843d4c64f24407d9d217005d5ea59d50d7ad62e7
Change-Id: I1ae8efc0e62acc5e05c1c00dc8970b74d8b16da0
The sphinx jobs need to find doc requirements in either
test-requiremnts.txt or doc/requirements.txt. Putting them directly in
to tox.ini, not so much.
Amended to use matching stable/ocata requirements.
Change-Id: I98a43b511a6949fa4f00c26eec224d24d6fa6588
(cherry picked from commit 4187d2fc4a)
As described in the change, "pip freeze" has issues with the way
zuulv3 clones repos without a remote. This is an attempt to use "pip
list" to check for local install
Change-Id: I33d25f86b6afcadb4b190a0f6c53311111c64521
(cherry picked from commit ae9c6ab759)
(cherry picked from commit 4358418d7d)
This adds packages to suse for systemd python linkages as well as
apache2 and which. And configures mod_proxy and mod_proxy_uwsgi with
a2enmod.
We also properly query if apache mods are enabled to avoid running
into systemd service restart limits. Enable mod_version across the board
as we use it and it may not be enabled by default (like in SUSE).
Also in addition to enabling mod_ssl we enable the SSL flag so that TLS
will work...
Finally we tell the system to trust the devstack CA.
Change-Id: I3442cebfb2e7c2550733eb95a12fab42e1229ce7
(cherry picked from commit 35649ae0d2)
With cell v2, on initial bring up, discover hosts can't run unless all
the compute nodes have checked in. The documentation says that you
should run ``nova service-list --binary nova-compute`` and see all
your hosts before running discover hosts. This isn't really viable in
a multinode devstack because of how things are brought up in parts.
We can however know that stack.sh will not complete before the compute
node is up by waiting for the compute node to check in before
completing. This happens quite late in the stack.sh run, so shouldn't
add any extra time in most runs.
Cells v1 and Xenserver don't use real hostnames in the service table
(they encode complex data that is hostname like to provide more
topology information than just hostnames). They are exempted from this
check.
Related-Bug: #1708039
Change-Id: I32eb59b9d6c225a3e93992be3a3b9f4b251d7189
(cherry picked from commit c2fe916fc7)
Sometimes when doing worlddump would see a command line like this:
sudo ip netns exec (id: ip addr
This would cause an error to be seen in console.log:
2017-02-07 00:03:03.659570 | /bin/sh: 1: Syntax error: "(" unexpected
This is caused by there sometimes being extra data returned from the
'ip netns' command [1]. For example it might look like:
qrouter-0805fd7d-c493-4fa6-82ca-1c6c9b23cd9e (id: 1)
qdhcp-bb2cc6ae-2ae8-474f-adda-a94059b872b5 (id: 0)
[1] https://lwn.net/Articles/629715/
Change-Id: Icece442023125ef55696b8d92a975d37e358b1b4
Closes-Bug: 1653969
(cherry picked from commit c6e6939e89)
This patch increase host_subset_size when ironic is used to 999
to minimize race conditions.
Change-Id: I0874fe3b3628cb3e662ee01f24c4599247fdc82d
(cherry picked from commit 0525e77d9f)
In Fedora mariadb, cracklib has been enabled [0] in order to verify the
password strength.
Disable cracklib in Fedora devstack in order to allow simple passwords
in dev environments.
[0] https://src.fedoraproject.org/cgit/rpms/mariadb.git/
commit: 9442da192282aa74f43e86c96202109a173bbaba
Change-Id: I2d5e965f0f19f86992794eec78134e862899c931
(cherry picked from commit 13e81ad1cf)
As a follow on to I4c269a7f3d63ee9a976e7c3636fc3e5e8dab9ae3; the
quoting gets tricky when putting arbitrary command-substitution
strings into saved echo-able strings. As they say, "the only winning
move is not to play" :)
An alternative proposal is to not write this into a script but just
dump info into a file. To my mind, this has several advantages --
avoid getting involved in quoting, not dropping a script into the
global environment -- it's just as easy to "cat" -- and the plain-text
file can be collected as an artifact during log collection (also moved
git commit line to separate line for easier parsing during log search,
etc).
-- Note
This is a combined cherry-pick of the following
2c0faca038 - add version
3415521d56 - fix to ^
07cbc44942 - this change
2c0faca and 3415522 were not merged to this branch at the time to
avoid breakage. This brings consistency across the open branches.
Change-Id: Ic7391dd087657c0daf74046e4a052c53f4eb6e1a
With the key manager refactoring in nova and cinder, the key manager
class will need to be explicitly set.
Nova key manager refactoring: Ib563b0ea4b8b4bc1833bf52bf49a68546c384996
Cinder key manager refactoring: Ief8885bb4ca8d62b03cf1a52c25dd0e62c835bfe
Related-Bug: #1704875
Change-Id: I733279864ee1a4aaffc9c8eed81b5e12f8d8821b
(cherry picked from commit a5b72b053e)
Now that mysql.qcow2 has been removed, we only have 4 images to worry
about. This fixes cache-devstack element for openstack-infra.
Change-Id: Ia06f0e0679e253a1a6614f7c38abf1f5cd13991b
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(Cherry-picked from 331b3de88e)
We no longer host this on tarballs.o.o, additionally it is no longer
used my trove.
Change-Id: I2034e8ebc530704d6e63a231056f92e14a8654e4
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
In master branch of noVNC project file vnc_auto.html was renamed to
vnc_lite.html Because of that nova-novncproxy looks for file that
actually doesn't exist.
We need to change branch of noVNC to latest stable, because other
projects are not ready yet to rename the path. Those projects
depends on noVNC package installed in system, but it is too old
for now for both CentOS (version 0.5) and Ubuntu (version 0.4).
The only way to make noVNC console working on Devstack is to change
the branch to stable one.
Unit test also has to be modified in order to ignore novnc repo
from checking against cloning non-master branch.
Change-Id: Iaf4761aedf93bc6b914a6a0c5cf1cfedcc29583c
Closes-bug: #1692513
In order to test whether live migration is backward compatible
we need to live migrate VM back and forth between two versions
of nova. This configuration option will allow to reuse existing
tests just by adding if condition in a method that invokes live
migration and validates outcome:
* If set to False, it will use existing behaviour
* If set to True, it will live migrate VM, validate whether it
succeded, then live migrate the same VM once again and again
validate the result
Depends-On: Icaeca404ec3e4b8f3cd489789fdac6117740ec43
Change-Id: I8da2b3bd0c08d9a3111d3531c346d06bd52cae7b
(cherry picked from commit 8a92b7f1de)
KEYSTONE_SERVICE_API is the keystone endpoint and it is what we should
use. The admin url should DIAF - but until it does, it CERTAINLY should
not be the thing we put into clouds.yaml.
Change-Id: If8196a04f852f633e0b7548793f68c92376aa6da
(cherry picked from commit e43f60ba2a)
We recently disabled EPEL in openstack-infra, enable it again.
Change-Id: I213b302b34b740354d63b69e8ac7f4e1b3d3cdd7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
(cherry picked from commit bc4b8eb5bf)
This is a partial backport of:
https://review.openstack.org/#/c/435126
We have only opted to backport the removal of openvz image.
openvz is not in the nova tree, and is referencing a crazy old image,
we're going to assume that if anyone is using this they can build a
devstack plugin.
Change-Id: I9d33b98263c3d52a95b9983e90eb0b341fa1d363
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Keystone v3 API is CURRENT and the v2 API is deprecated now.
So we need to change the default config of auth_version to fit
for current API status.
Change-Id: I801e6740258ddea2a1b628a209970e0307d39d12
(cherry picked from commit dc6e550218)
Libvirt live migration requires netcat. It appears that newer UCA
packages may not automagically pull this in so explicitly list it as a
dependency of nova compute here. Note that netcat/netcat-traditional do
not appear to work and netcat-openbsd is required.
Change-Id: If2dbc53d082fea779448998ea12b821bd037a14e
(cherry picked from commit 3d4c6d2dd1)
When an apache worker gets a proxy error, it will not retry talking to
the backend server until the retry timeout expires. We bring up the
proxy server *before* the backend server, and poll it. If we are
running a small number of workers, there is a likely chance that we're
going to hit one that errored before the backend was up, thus failing
for now real reason.
Set this to 0 instead to mean always retry failed connections.
Change-Id: I9e584f087bd375f71ddf0c70f83205c425094a17
Ref: https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypass
(cherry picked from commit a1446b960f)
We have had issues with libvirt 1.3.1 which is stock on Xenial. Try
using 2.5.0 from UCA instead.
Related-Bug: 1643911
Related-Bug: 1646779
Related-Bug: 1638982
Change-Id: Ia4434541c71f050fe1ffb54f4c4c1e302391d00b
(cherry picked from commit c9a9e415b9)
Was using the '-ne' integer comparison operator to compare UUID
values. This caused error messages like:
/opt/stack/new/devstack/lib/tempest: line 226: [[: dfae26ac-1780-4677-902d: value too great for base (error token is "902d")
Change it to use '!=' string comparison operator
Change-Id: Ib7c9197dd0fe58addf33b4f82beea6de64f6b10b
(cherry picked from commit 3345a6d316)
Since https://review.openstack.org/#/c/438325 landed
it only works for Centos 7, but not for other
RHEL-based distributions: Virtuozzo and, probably, RHEV.
Both of above have own version for qemu-kvm package: qemu-kvm-vz and qemu-kvm-rhev,
accordingly. These packages provide "qemu-kvm", like qemu-kvm-ev,
and, when you call "yum install qemu-kvm", they replace the default OS package.
Change-Id: I46da627c0da8925064862fdc283db81591979285
(cherry picked from 008aa3e095)
For the latest qemu-kvm, you have to use the qemu-kvm-ev package,
which is based off the qemu-kvm-rhev package, which is explained in
[1] but you probably can't read it. The gist is, that qemu-kvm-rhev
is a later build of kvm that is incompatible with the base version
provided. qemu-kvm-rhev is only provided with the RHV (ovirt) and
RHOS (openstack) products. CentOS rebuilds this package as
qemu-kvm-ev as part of it's virtualisation SIG.
I9a972e3fde2e4e552f6fc98350820c07873c3de3 has bumped up the minimum
qemu version to 2.1.0. It seems there is a an issue (bug #1668164)
where having the qemu-system package installed gets picked up if
installed, and reports the incorrect version to nova, causing failure.
This removes the installs from files/rpms/nova as it is all being done
in function-libvirt. We only install the qemu-kvm-ev package on
centos and remove the old work-around.
[1] https://access.redhat.com/solutions/629513
[2] https://wiki.centos.org/SpecialInterestGroup/Virtualization
Change-Id: Ide91b261f35fb19d8bd7155ca016fa3b76a45ea1
(cherry picked from commit 52bb64105f)
When variables use the 'declare' directive, it is by default a local
variable. While other variables have global scope.
For example:
declare -A AN_ARRAY # local in scope
foo=1 # global in scope
This causes errors to occur as some of the variables will be local only
and others will be global.
Update the code, as appropriate, so that variables using the 'declare'
directive also include the '-g' flag to have them also be global. Not
every instance of a declared variable has been updated.
Closes-Bug: #1669509
Co-Authored-By: John L. Villalovos <john.l.villalovos@intel.com>
Change-Id: I2180b68fe861ad19c6d4ec0df0f9f8a528347862
(cherry picked from commit afef8bf097)
This was not supposed to be merged yet, it breaks grenade.
There needs to be a fix applied to master and then included in this backport.
This reverts commit f61ca5fd61.
Change-Id: I6321039117dcff80bb87e43f0e49082071018936
Calling enable_kernel_bridge_firewall inside a
container, devstack will crash because it tries to
load a kernel module by calling 'sudo modprobe' on
net.bridge.
Change-Id: Id4718c065d5a8c507d49f38e19c2796a64221aa4
Closes-Bug: #1662194
(cherry picked from commit 0bf75a471e)
Use pip_install_gr so we get the version pinned by requirements. The
depends-on is an example of where we're trying to pin to workaround
issues.
Depends-On: I9c57c08a150571c5bb62235d502839394d53a4c1
Change-Id: I780cca681b12a3e9d228dbf2fd9fa6e8ab1a82e1
(cherry picked from commit 1e7f738f28)
On stable branches, we are supposed to hard code the extension list of
what API extensions are available when we branch the project so that
test cases against new features will be skipped. However, we didn't do
this on Ocata release.
Change-Id: I1a4d1ea8c8d34b8cd1020e76597db6c67f85f6ec
Currently placement api section will be configured on controller
only if service n-cpu is running. It breaks multi node setup.
Closes-Bug: #1667219
Change-Id: I8b0f60f253859f704bb9831d7dac8f55df353ac7
(cherry picked from commit f58b373563)
This commit switches devstack to use the published qcow2 cirros image
instead of the AMI version. Using AMI was mostly a historical artifact
dating pretty far back, but in the real world no one really uses AMI
images with openstack clouds. This change reflects that and also
enables tempest ro remove its deprecated config options for using AMI
as a fallback on misconfiguration (which was just there to support
devstack's defaults)
Change-Id: Id65ebae73b28da7185cb349b714b659af51ef77f
(cherry picked from commit 6fc332d852)
This commit sets the max microversions on the ocata branch so that
tempest doesn't try to run tests that require a newer api version.
Change-Id: Id033dde91b6a7aa09aca2332fe815fd72be90438
The dedicated RPC worker is overkill in single or multinode
devstack deployments. Also metadata API workers was left
default, which meant they were as many as the CPU cores.
Related-bug: 1656386
Change-Id: Ibbf7787dfa48e13a51f961f3e0ee2b8f49964759
Cells v1 apparently doesn't support the swap volume API which
was recently enabled for testing in change:
92575baa6b
Rather than revert that change, we should just handle the cells
v1 case and not enable that test in that environment.
Change-Id: I80f52e8299641098d90d3c374a80770fc45b8122
Closes-Bug: #1660511
tools/discover_hosts.sh is run by devstack-gate, and breaks all dsvm job
that doesn't use nova.
nova-manage is perhaps not installed if nova services are not enabled.
This change checks the presence of nova-.
Change-Id: Ic555d241f98d0fa027897c69a7115d1be88f6c96
This adds a simple script to run the
'nova-manage cell_v2 discover_hosts'
command which will be used by
devstack-gate to discover the compute
hosts after devstack is fully setup.
This allows us to manage the branches
where this can run from devstack rather
than require branch logic in devstack-gate.
Change-Id: Icc595d60de373471aa7ee8fb9f3a81fc12d80438
Depends-On: I4823737246a8e9cc4eaebf67ff6bdba8bf42ab29
If the NoVNC service is enabled, enable vnc_console in tempest.conf.
This will allow tempest tests that interact with VNC to be executed.
Change-Id: Idb38a3b11e2f61f23adf1ec23c04ddccd72e7539
Depends-On: I09aed8de28f1ba2637382e870134ced38808df29
This provides a single setup_logging function which builds consistent
colorization if the config supports it, otherwise builds the identity
strings that we need to actually keep track of requests.
Change-Id: Iffe30326a5b974ad141aed6288f61e0d6fd18ca9
This makes setup_colorized_logging be a thing which takes a single
parameter and doesn't let projects do things differently. It also
changes the order of values from user / project to project / user to
represent the hierachy more clearly.
Change-Id: I8c0ba7da54be588e3e068734feb4f78ed7c5a14a
An initial install for devstack-tools, this will need to use all the
fun pip extra variables for installation, however the current
pip_install always prefers python2, and we only want to do python3
here.
Change-Id: I3dcdb35130f76fad81cb7b0d4001b7e96efbbd84
The test that is in tempest for this feature is
specific to LVM and will *not* work for other backends
regardless of them supporting the feature. It shouldn't
default to enabled for everyone, only for LVM.
If others want to opt-in they can, but its definitely
the minority that would.
Change-Id: I21347f2a5069059e6413208b254d5acd246faaea
In the incoming XenServer, it failed to install conntrack-tools
in Dom0 due to the bash script which is trying to find the correct
CentOS release version to be used in yum command. This patch is to
fix the problem
Change-Id: If7f169e118ccb7c29fc479c361417a916dc40b40
For some reason we were defaulting the name of the cell0 database
to nova_api_cell0 instead of nova_cell0. Devstack inherited that to
make things work, but we don't really want that. This patch makes us
use the proper name and create the cell0 mapping accordingly. As a
side effect, it also starts the process of unifying the cellsv1 and
cellsv2 paths by creating the cell0 mapping the same for both.
Change-Id: I4e7f6c5eaa068c98e5c4ef3feaee50d8e4f5d484
Findutils added in release 4.2.3 a new --delete action for deleting
matching files. This action performs better than -exec rm {} \;
because it doesn't have to spawn an external process. This change
uses a new action whenever is possible.
Change-Id: Iff16a86b18e924cfe78ac7c6107910940ce51e03
$ipv6_modes should always be passed when creating the
default IPv6 subnet, not just when fixed_range_v6 is
set. Without it the default was DHCPv6, which cirros
doesn't support out of the box. Was broken in
change-over from neutron to openstack cli.
Change-Id: Iadd39b1ce02fe0b3781bd3ae04adfd20d7e12d9f
Closes-bug: #1656098
Since cellsv2 setup is no longer optional, we can't even exclude
cellsv1 from this step. Since cellsv1 users can't use the simple
command, this does the individual steps as needed.
Depends-On: Icfbb17cce8ce8b03dc8b7b4ffb202db01e5218a6
Change-Id: I3c9101a34b2bb0804fc4deda62dbb8637e7b8f94
The only virt driver in nova that supports the swap volume API is
libvirt so enable testing that in Tempest only if using libvirt.
Depends on two changes:
1. The Tempest change that adds the new config option and test.
Depends-On: I2d4779de8d21aa84533f4f92d347e932db2de58e
2. A nova fix for correctly waiting for the block copy job in the guest
to complete.
Depends-On: I0c52917a5555a70c4973f37dea1aebf878dd73b4
Change-Id: Ibb6b309574d2c6a06fcecb0626ea21527fb7f412
Only a few Cinder backends support the 'manage snapshot' feature. So
we need a feature flag here. Luckily the LVM driver does support this
feature so default the feature flag to True in devstack(/Gate) but
introduce a variable to tweak the config.
Change-Id: Ifcb9f91059f08bdf2faf2a8d65229aba5742ee1c
Depends-On: I77be1cf85a946bf72e852f6378f0d7b43af8023a
Hypervisor XenServer will change to use os-xenapi in the future,
this will need DevStack changes, this patch is to remove install
Dom0 plugins part to our own DevStack plugins.
Change-Id: Ic327135b893a77672fd42af919f47f181e932773
The logic to set the default image for Ironic has been moved into the
Ironic tree. This patch is just removing it from DevStack.
Change-Id: Iaeb177f194adc83e40d86696e5553f9f72bbd1f9
Depends-On: Id828b41dc44113ce1cd094ce5fc245989699d4ff
The PCI-DSS feature has been introduced during the Newton
release and its settings are disabled by default. This
patch adds the possibility to enable some of them during
DevStack setup.
Change-Id: If6b5eb3e3cbc43eb241c94d18af80ad50be08772
Depends-On: Id97ca26f93b742cc3d8d49e98afc581f22360504
* iniuncomment followed by iniset for reseller_prefix just adds a
duplicate line in the config file that configparser does not like
so just remove the uncomment
* fall back to http:// url for glance->swift keystone authentication
* insecure flag to talk to swift
Depends-On: I51d56d16a5b175bd45dee09edc0b2748d72a5d06
Change-Id: I02ed01e20f8dce195c51273e8384130af53384ce
Currently if PHYSICAL_NETWORK and PUBLIC_PHYSICAL_NETWORK are
same then duplicate entry is created in ml2_conf.ini like below:
flat_networks = public,public,
With this patch, if PHYSICAL_NETWORK and PUBLIC_PHYSICAL_NETWORK
are same then add only PHYSICAL_NETWORK to flat_networks in
ml2_conf.ini
Change-Id: Iae4d1ee3882f6d96b4e4abd52ecc673a620563b5
Closes-Bug: #1654148
This commit switches how scripts we use to launch the installed version
in the path. Previously the scripts were manually executed in the source
repo, but this has issues if you're trying to run with py3 in a system
where python == py2. Setuptools already does the shebang magic for us
at install time, so we just need to use the installed version of the
script.
Change-Id: Iaa4d80ec607a2aa200400330e16cad3a4ca782ac
According to the feedback in the TC meeting [1], we renamed the Nova
virt driver from "docker" to "zun" [2] to avoid name collision
to nova-docker. This rename also help to clarify the difference
between these two drivers.
[1] http://eavesdrop.openstack.org/meetings/tc/2016/
tc.2016-11-29-20.01.log.html
[2] https://review.openstack.org/#/c/414651/
Change-Id: I747080953ae4d1d35ed334831100413b6e4466c4
The domain_name to be used needs to be $SERVICE_DOMAIN_NAME, as this is
changed in devstack from "Default" to "service".
Change-Id: I6351c1b2ca7ea4448e13eb87455bff4058df4fa7
Previous this was set the zake, but that was revert to missing
dependencies issue and because zake is a test fixture and not somthing
to deploy.
This change configures the Cinder dlm with this one is zookeeper.
And it installs tooz and the extra dependencies needed for the
zookeeper driver.
To do it, this commit have to introduce a new method for package
installation: 'pip_install_gr_extras package extra1,extra2'.
Change-Id: Idca310c08e345db59840eb31434c6cb1f849fa70
nova-network has been deprecated since Netwon and Nova change
I8388c29ad310cd8800084b4d5c026013158bfbed is switching the default
value of use_neutron to True, so we need devstack to explicitly
set use_neutron=False when running and configuring nova-network.
Part of blueprint use-neutron-by-default
Change-Id: I82721b5d10711401b9b0ebc2b0ed07cc8287bbf7
Really close to getting swift and keystone under uwsgi working, so
let's white list them. Won't affect any existing jobs, so we should
be good.
Change-Id: I51d56d16a5b175bd45dee09edc0b2748d72a5d06
Now that Liberty is EOLed, the feature flag is not needed anymore.
Change-Id: I5206535761773d4bcb02ebb8f25d1b0c1b59110c
Depends-On: If0b2168080a0b0ecdc6682ef69856a0879f4f6d3
CLI tests have been removed from Tempest in
I4f8638f1c048bbdb598dd181f4af272ef9923806
Dashboard tests have been removed from Tempest in
I2a69ebed2947a5ab5e5ca79557130bd093e168dd
Change-Id: I6df74a07e209b07fd3feae762c9cdab16e09414f
The snapshot_backup feature flag was introduced in
Ib695e60c2ed7edf30c8baef9e00f0307b1156551 to enable Tempest tests
introduced in I1964ce6e1298041f8238d76fa4b7029d2d23bbfb
But I1964ce6e1298041f8238d76fa4b7029d2d23bbfb was never merged so that
feature flag was never really useful.
Change-Id: I4e0bc786d2320907cb101fc788ad51444628537d
Use trueorfalse to normalize the values for USE_PYTHON3
Install 3.5 instead of 3.4 When USE_PYTHON3 is specified.
Also, since not many packages are classified correctly, fallback
to looking for just "Programming Language :: Python :: 3" and
log a message for the package to highlight the problem.
Also special case some services that are *almost* ready
Depends-On: Id48e1b328230fcdf97ed1cb4b97f4c3f9cf6eb8a
Depends-On: Ib7d9aa0e0b74a936002e0eea0b3af05102b06a62
Change-Id: I243ea4b76f0d5ef57a03b5b0798a05468ee6de9b
The placement API configuration was binding a specific port *and* was supporting
to be called by the default HTTPd ports using a Location directive.
Given that the corresponding service catalog entry for the placement service type
doesn't mention the specific application port but is rather using the default
port 80, we can remove that specific port and just use the default config.
Note that we still need to use a VirtualHost directive for the specific placement
config because ErrorLog is only scoped for either server or virtualhost but can't
be set for a Location (or a Directory) context.
Change-Id: I9a26dcff4b879cf9e82e43a3d1aca2e4fe6aa3e6
This moves setting of RABBIT_HOST from stack.sh to lib/rpc_backend
so it may be used in grenade runs, which don't have the defaulted
value from stack.sh. The RABBIT_HOST is needed in order to call
get_transport_url in lib/rpc_backend.
Change-Id: I504f7fac7bb9a8c158e20046dbd1dd2d507db02b
Closes-Bug: #1649586
Depends-On: I3d4d7b309e50f4e2970cda55aada02d68c4fa705
Services that run inside Apache use tail -f on the corresponding log
file to display output in the screen session. However, they also use sed
to replace some control characters, and this means that the output is
buffered. This results in debugging experiences that range from
"impossible" (the log you want isn't shown) to "Kafkaesque nightmare"
(the log you want isn't shown, except that sometimes it is, and
sometimes it isn't even though you double-checked and you're completely
sure that you must have output a log, but when you check back later you
realise it actually is and you wonder if history is actually not mutable
after all and begin to question what is real and what is not).
This adds the --unbuffered option to ensure streaming output.
Change-Id: I665ff5f047156401d8152f478d834ac40ff31658
Now that the placement service is mandatory for running Nova in Ocata,
we want to enable it by default when running devstack by default.
In the past, we added a placement-client service with
I04a655fbc58913b3d607400a7f677be299499142
Devstack-gate will also be able to run a multinode devstack with the
help of Ibd760c642e3c1ffff2dd61be48e30530b0d24720
Change-Id: I273c3c8299ee329bed425f3e7cd4b583ed1187a4
Neutron doesn't use any arptables based firewall rules. This should
somewhat optimize kernel packet processing performance.
I think the setting came from:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf
but does not apply to the way we use iptables.
Change-Id: I41796c76172f5243e4f9c4902363abb1f19d0d12
Closes-Bug: #1651765
If 'RECREATE_KEYSTONE_DB=False' database won't be recreated.
It would be useful for multinode Grenade tests for Keystone. This parameter
will help us to deploy multiple services on different machines talking to
the same DB.
Devstack recreates Keystone DB each time during Keystone service installation.
If our controller node is already deployed, Keystone DB already contains
important information about OpenStack services and their endpoints. When
the second Keystone node is being deployed, we don't want to delete
records about controllers' services endpoints.
Partially-Implements: bp rolling-upgrade-testing
Change-Id: Ia8d07b4295ca165be01e44466c95d5275f596e83
When doing multinode devstack we need a way to specify that we've
enabled for the placement service. We use a pseudo service of
placement-client for this.
Change-Id: I04a655fbc58913b3d607400a7f677be299499142
The current code assumes that there exists a public openstack network
and uses that assumption to set the public_network_id variable in
tempest lib. If NEUTRON_CREATE_INITIAL_NETWORKS is set to false this
step will fail as there is no public network to be found. This change
adds a check for NEUTRON_CREATE_INITIAL_NETWORKS before attempting to
set this variable.
Change-Id: I62e74d350d6533fa842d64c15b01b1a3d42c71c2
Closes-Bug: #1645900
Different versions of Ubuntu ship with different versions of Java.
Trusty had 7, Xenial has 8, and so on. This causes problems when we
hardcode a versioned package name into our dep lists as that version may
not exist everywhere. Thankfully Ubuntu provides a default-jre-headless
package that we can use instead that maps properly onto whatever java
version is correct.
Change-Id: I4e5da215c8f7aa426494686d5043995ce5d3c3af
* Set ml2_type_flat setting so that the public flat network is created
correctly
* Set securitygroup driver correctly
It should be set as:
[securitygroup]
firewall_driver = iptables
Change-Id: I7369b45fbc5a47ce958693c67a1902a8cb24f367
When creating a service user we allow the user to be created with a
different role. Currently in auth_token middleware we want to check that
the service token is specified with the service role so we should always
add the service role and optionally add additional roles.
Change-Id: Ie954a679674b4795079b539ebc8d4d2dcbd7dacc
When using local.conf in multinode envs not everything is going to be
defined in all places. Eventually we probably want to make it so we
have a host role for these sections or something. But for now warn
instead of die when we can't find a config var.
Change-Id: I6959099373f035fbfe9e540a44e4c52b8e7c95c0
Closes-Bug: #2000824
Since I21ae13a6c029e8ac89484faa212434911160fd51 nova-manage db sync
may try to make a request to api db in order to get cell mapping and
will fail, as the db is not created yet. While this is non fatal, we
could avoid the error anyway.
Change-Id: I19483e9420071d484f029779bcc8c6d623c210ce
Related-Bug: #1631033
the python-xml is a subpackage from the standard cpython package that
that contains elementtree and other bits that are needed almost
everywhere in OpenStack but isn't installed on a absolutely minimal
openSUSE Leap installation. This package doesn't exist on pip but
is a SUSE only invention, so just treat it similar to a bindep.
Change-Id: I82887c2e6895740d1b16d1269574519450ca783e
Starting with SLE12 SP2 and with openSUSE Leap the distro-shipped
openvswitch is the normal systemd openvswitch.service service file
and no longer the older openvswitch-switch Sysv5 init script. Add
a special case for that.
Change-Id: I5152f2585c3d4d18853988d6290039d6b1713b99
Now all configuration are present in Ironic tempest plugin
and those are going to be removed from tempest in
Id518a6d87d0949737cd1c50cb6a83149b85e5f85
Patch- I73c649625d106fc7f068e12e21eaacba8f43cbbb set
those in ironic devstack plugin.
We can remove all baremetal config setting from devstack.
Along with moved one this patch deletes other unused baremetal
config setting.
Change-Id: If826321ebc0c20ea372d206d49383f3826c9b547
Depends-On: Id518a6d87d0949737cd1c50cb6a83149b85e5f85
Depends-On: I73c649625d106fc7f068e12e21eaacba8f43cbbb
On Ubuntu nodes, devstack tries to predefine the initial mysql root
password by doing some debconf-set-selections, but these will not take
effect if the corresponding package has been installed earlier. So
just try to set it every time, like we do on other distros.
Change-Id: I2c167051fc5e53dd0ccf82a60ab085cd9cdea28d
create_cell requires n-api and at least one n-cpu up and running. If
we have a configuration where it is not guarunteed that there is an
n-cpu at the end of a devstack run we have to skip this step and make
the user run it manually later.
Change-Id: I2287ab29f3c1a7252271dcce81673ef365615296
Role "root" it is hardcode.
In general case role name comes from local.conf: string "DATABASE_USER="
Change-Id: Iedfca48e04d23c313851f48d68ac40ba29340805
The linuxbridge agent for Neutron expects that the public bridge will
already be created by the time it starts. On devstack, this only occurs
as part of the l3 agent configuration. If a compute node doesn't have an
l3 agent and is using a linuxbridge agent, then br-ex won't be created
and the process will not be able to start (causing stack.sh to fail).
This causes the gate-grenade-dsvm-neutron-linuxbridge-multinode-nv gate
to fail. To avoid the issue, skip the bridge mappings setup unless L3 is
configured. This is done in a backward compatible fashion: if localrc
uses the old q-l3 tags, the is_service_enabled neutron-l3 would not be
able to succeed.
Closes-Bug: #1643562
Change-Id: I292ff0dc080fb84b5f879ba2f00f03eff295b55b
libguestfs does not work on ubuntu because the kernel is not
world readable. This breaks file injection with libvirt.
See https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725
for more details.
The workaround proposed by Ubuntu is to relax the kernel ACL
if needed, so we need to do that in case file injection is
enabled on an Ubuntu host running libvirt.
Partial-bug: #1646002
Change-Id: I405793b9e145308e51a08710d8e5df720aec6fde
We need a local.conf processing phase after every run phase which lets
us override config options after that point. We didn't explicitly
support this for test-config before, which broke some CI systems when
we moved tempest to use this later phase.
Closes-Bug: #1646391
Change-Id: I7d693afa19acf3e8231e84e45b7a868628ebdbc0
This single global variable is no longer useful as we have multiple
repositories and devstack plugins nowadays.
Also, add a utility function, neutron_server_config_add, for devstack
plugins to add an extra config file.
Related-Bug: #1599936
Change-Id: I90112823ef96ae2fba97d7b09b00bec8cb816d8d
So that it can be used by functions like _determine_config_server,
which is used like RESULT=$(_determine_config_server).
Change-Id: Ia4e641c5529b95ada30ae662221f370bc7fa88a7
To avoid using legacy functions accidentially.
Depends-On: Ida1f83b6b3ef9b76be13c063c7e35a8703214078
Change-Id: I3ff136fc8330c92007cdfe91b77d7f9865eabd8d
XenServer already support OVS native mode and I have a patch for
configuring it https://review.openstack.org/#/c/372952/ which
is fine. But we have another patch which revert the usage of
ml2_confi.ini and ml2_conf.ini.domU
https://review.openstack.org/#/c/396573/. Both patches work well
separately. But the two should have some dependent relationship.
Once one merged, the other should change accordingly. Sorry that
we missed the dependency.
This patch is to fix the ovs config based on reverted ml2_conf.ini
and ml2_conf.ini.domU to make sure we configure the correct IP for
ovs agent
Change-Id: Ib53e37e210cc849f161dd6630f81e5b2331a91d5
Similar to 30ab23cd9b, fix the
plugin name to avoid warnings like:
WARNING stevedore.named [-] Could not load neutron.plugins.ml2.plugin.Ml2Plugin
Change-Id: Ibb45f1305816b255ba2419ba662d9e29eff68f58
Neutron has changed to use ovs native interface by default, but when
the hypervisor is XenServer, we cannot use ovs native interface without
extra configurations in neutron-openvswitch-agent(q-agt) in compute
node.
This patch is to add the needed configurations automatically during
deployment, so user needn't to do it manually and restart q-agt.
Change-Id: Ibc69d3cdb4d75833f2ac16840c62bcacf460dd4f
We are seeing connection errors to the proxy occasionally. These errors
do not result in a logged http request or error to the backends,
resulting in a theory that the proxy itself may just not be able to
handle the number of connections. More than double the total number of
connections that will be accepted by the proxy in an attempt to fix
this.
Change-Id: Iefa6c43451dd1f95927528d2ce0003c84248847f
Related-bug: 1630664
There may be cases when the configuration of the OVS is different
from the default one. This enables one to make use of the neutron
configuration file to contain all of the OVS settings.
Change-Id: I728cf8cdc653667c076b07b39c13c1278281c01b
Closes-bug: #1645691
The order of the steps were a bit confusing for the first timers
in the devstack document. So, changed the order of installation
steps to make it clear.
Change-Id: Ifaa051887dab95719b9ca5d1b2fbe2f5f549d269
Closes-Bug: #1627939
The current coding fails to process local.conf like
the following. Note: This example is taken from a
real use case. [1]
[[post-config|$NEUTRON_CONF]]
[qos]
notification_drivers = midonet
[[post-config|$NEUTRON_CONF]]
[quotas]
# x10 of default quotas (at the time of writing)
quota_network=100
quota_subnet=100
quota_port=500
quota_router=100
quota_floatingip=500
quota_security_group=100
quota_security_group_rule=1000
[1] https://review.openstack.org/#/c/400627/
Closes-Bug: #1583214
Change-Id: Ie571b5fa5a33d9ed09f30ba7c7724b958ce17616
Horizon is removing run_tests in favour of tox during Ocata, as part of
https://blueprints.launchpad.net/horizon/+spec/enhance-tox. To complete
this move, we need to remove any reliance on run_tests.
Change-Id: Ia8ad073aee68d1660d3bb5a68ec07516d8ce0665
In the 'Private Network Addressing' section of the doc,
there are references to FIXED_RANGE when referring to V6
networks. These have been changed to FIXED_RANGE_V6.
Also fixed a few typos and grammatical errors when
giving the doc a quick read-through looking for more
references to FIXED_RANGE.
Change-Id: Iaa530c476ce2b36a3f616945ddd2e24fa599a16c
If devstack is deployed in the VM with defined
public IP address (like 192.168.10.6) it is not possible to
access the Horizon from the browser.
This is because DEBUG=True means that ALLOWED_HOSTS, if not set,
is equal to ['localhost', '127.0.0.1', '[::1]'] according
to Django's documentation.
Change-Id: I0ab2b57e459dbfa3b01b3e9388bbcefac076a142
Co-Authored-By: David Lyle <dklyle0@gmail.com>
Closes-Bug: #1643050
Using devstack on a RHEL based system results in
"Listen 0.0.0.0:80" being added to the
/etc/httpd/conf/httpd.conf.
This configures Apache to only listen to port 80 on an IPv4 interface.
This makes it not possible to access Horizon via IPv6 without
re-configuring and restarting httpd.
Removing this sed leaves the default "Listen 80" from the rpm package,
which binds to all interfaces and will allow connection to Horizon
via IPv6.
Change-Id: I9fe8cbebff0ca6a30ceeaae0f7e035c9bb828d44
No need to explain how to enable Neutron now that it's enabled by
default. Keep but reformat the 'how to enable swift' part though.
Change-Id: I3f9b7796fad10abf1039e4c68eb2cd5ef6cdbc99
Since 4b49e409f8 devstack
started to use reload instead of restart.
Using reload in devstack for a fresh install,
does not makes too much sense unless multiple service
plugin touches the same service configs.
Systemd rejects to reload something,
which was not loaded before.
$ sudo /bin/systemctl reload httpd
httpd.service is not active, cannot reload.
We will switch to `reload-or-restart` action instead of `reload`,
it is more likely the action what the previous patch wanted.
Change-Id: I70d597fbe4a8923d937ba8432e29edefb27d1058
The linuxbridge agent for Neutron expects that the public bridge will
already be created by the time it starts. On devstack, this only occurs
as part of the l3 agent configuration. If a compute node doesn't have an
l3 agent and is using a linuxbridge agent, then br-ex won't be created
and the process will not be able to start (causing stack.sh to fail).
This causes the gate-grenade-dsvm-neutron-linuxbridge-multinode-nv gate
to fail.
Closes-Bug: #1643562
Change-Id: I6f441c6febb5070ad885569d9c798634d0272b6c
Change dddb2c7b5f recently
changed devstack to enable the Cinder image cache by default
and changed to use thinly provisioned LVM volumes by default.
Since then we've had a spike in thin LVM snapshot test failures
in the gate, which is by far our top gate bug at 219 hits in the
last 10 days.
So unless there is a fix on the Cinder side, this changes the
default lvm_type back to 'default' for thick provisioning.
Change-Id: I1c53bbe40177fe104ed0a222124bbc45c553b817
Related-Bug: #1642111
Without this parameter, when we set GIT_DEPTH,
it may happen that we clone only master and
then cannot checkout branch
Change-Id: I39376914f8bfc286a308c99db6bc92cddab195b5
The intent was to make any ipv6 safe addr range bigger than a /64 a /64
when setting the fixed range. Unfortunately the awk only emited the mask
and not the addr. Fix this by sprinkling the address back in.
Fixes-Bug: 1643055
Change-Id: I526d4c748fd404ecb3c77afcbb056aa95090c409
If devstack is deployed in the VM with defined
public IP address (like 192.168.10.6) it is not possible to
access the Horizon from the browser.
This is because DEBUG=True means that ALLOWED_HOSTS, if not set,
is equal to ['localhost', '127.0.0.1', '[::1]'] according
to Django's documentation.
Change-Id: I74ae99569dafa10eee7066713a05fb49183e3fca
Currently devstack assumes that the network used for ssh
validation is the private network. This patch adds a hook that
sets the network used for ssh validation based on whether or not
provider networking is being used. It also moves the function
'is_provider_network' into functions-common as it will now be
used by both tempest and neutron.
Change-Id: I265c9e26c9bfb18b7e201f27d8912b8bec235872
We should be using $VOLUME_GROUP_NAME instead since Icehouse.
$VOLUME_GROUP_NAME has been introduced in
I93b8ef32832269d730c76a6dc24ddb4f20c6d9df and $VOLUME_GROUP is nowadays
only use as a fallback to $VOLUME_GROUP_NAME.
As a code comment in lib/lvm says it we kept the $VOLUME_GROUP around as
"for compatibility with icehouse-generation Grenade". Icehouse is long
gone so now seems a good time to remove any usage of $VOLUME_GROUP.
Change-Id: Id3051b5a196c45266c39fde4f08401aaacf0f6bd
When using zypper remove, include the -y option to avoid stack.sh from
hanging waiting for user confirmation. Due to output buffering, the
script could hang before giving the user the prompt to enter Y to
continue, making it unclear why the script was hanging.
Change-Id: I5ea761e5ae0829439953c385f8e7d0546acba886
Closes-Bug: 1642736
Swift port base was changed in Ifd95b99004aead5ddc8ae1a8dd3ccd9c4f2abe91
but we forgot to update the rsyncd.conf. This patch update the rsyncd.conf
file.
Change-Id: Id457c047c672a810c4c0c7721b6beeb01b719879
When using the enable_plugin command and grenade jobs it can be
easy to enable the same plugin twice, as the grenade job has a
registration section and the configuration in project-config can also
enable it due to code-reuse in project-config.
If a plugin is enabled twice it will likely fail, though it won't be
obvious that it was due to the plugin being enabled multiple times.
This change makes it so if it sees the same plugin name is enabled
more than once it will die and an error message outputted.
Change-Id: I9f1d7e58b861b04473b6a57c9ad404203fb7277a
The switch to using subnetpools caused quite a bit of confusion
because it didn't respect the value of FIXED_RANGE. This caused
conflicts in the gate with it's default IPv4 value of 10.0.0.0/8.
This patch does a few things to address the issue:
* It introduces the IPV4_ADDRS_SAFE_TO_USE and IPV6_ADDRS_SAFE_TO_USE
values and adjusts all of the FIXED_RANGE and SUBNETPOOL_PREFIX values
to dervive from them by default.
* This addresses the concern that was raised about implying that
SUBNETPOOL_PREFIX and FIXED_RANGE are equivalent when setting
SUBNETPOOL_PREFIX=FIXED_RANGE by default. Now we have a new value
for the operator specify a chunk of addresses that are safe to
use for private networks without implementation implications.
* Backwards compatibility is maintained by alloing users to override
override all of these values.
* The default for IPV4_ADDRS_SAFE_TO_USE uses /22 instead of /24
* Because we want to be able to use subnetpools for auto allocated
topologies and we want to be able to have a large chunk of
instances on each network, we needed a little more breathing room
in the default v4 network size.
* SUBNET_POOL_SIZE_V4 default is changed from 24 to 26
* In conjuction with this change and the one above, the default
subnetpool will support up to 16 64-address allocations.
* This should be enough to cover any regular gate scenarios.
* If someone wants a bigger/smaller subnet, they can ask for that
in the API request, change this value themselves, or use a different
network entirely.
* FIXED_RANGE_V6 defaults to a max prefix of /64 from IPV6_ADDRS_SAFE_TO_USE
* This avoids the private subnet in the non-subnetpool case from being
larger than /64 to avoid issues identified in rfc 7421.
* Users can still explicitly set this value to whatever they want.
This 'max' behavior is only for the default.
* This allows IPV6_ADDRS_SAFE_TO_USE to default to a /56, which leaves
tons of room for v6 subnetpools.
Closes-Bug: #1629133
Change-Id: I7b32804d47bec743c0b13e434e6a7958728896ea
This removes the logic to add a route pointing to the IPv4
tenant private network range since the router is performing
SNAT. If reaching the IPs via the route worked at all, it was
by accident since this behavior is certainly not guaranteed
by Neutron.
Change-Id: If45e3fc15c050cfbac11b57c1eaf137dd7ed816f
XenAPI requires two instances of L2Agent: the standard one manages OVS
bridges in DomU and the service name is called as q-agt in Devstack;
the other new L2Agent manages OVS bridges in Dom0 and the service name
is called as q-domuA. In order to support the new agent q-domuA, it
requires some XenAPI-specific configurations. But unfortunately those
XenAPI-specific configurations were configured in the standard agent
file, meaning other changes made to the standard agent file would not
have the correct effect. So it has caused issues, for example, floating
IP addresses are not reachable.
This fix is to move the XenAPI-specific configurations from the stardard
agent configuration file to the XenAPI-specific agent configuration file
so that it won't impact the standard agent's behavior.
Change-Id: I45944e84a1f81d016aa00da6d782801ee8457ea4
Currently the x509 certificate setup is done after all the
openstack services have been deployed. This is OK because
none of the services require that the x509 certs exist
when they are being deployed. With the integration of TLS
into the nova novnc proxy (and later spice & serial proxy)
service, x509 certs will need to exist before Nova is
deployed.
The CA setup must thus be moved earlier in the devstack
deployment flow, prior to the setup of any services. One
part of the CA setup, however, fixes up the global cert
bundle locations and this can only be done after the
python requests module is install, thus must remain in
its current location.
Change-Id: Idcd264fb73bb88dc2f4280c53c013dfe4364afff
This removes all of the heat code from the devstack tree, in favor of the
devstack plugin in Heat's tree.
Depends-On: I4bed1e5cef5afa7b049b07640086a86a3f881e13
Depends-On: Ic392bcc24bc374ee8511a94f1d8f6ac23131c7e3
Change-Id: I5b60422bf1f5fa78aa8f3383f7a222e0356d9e42
The deprecated AMI image file opts will be removed soon.
See https://review.openstack.org/#/c/338377.
So we can't use the fallback mechanism anymore. This patch is to
specify the correct image parameters for XenServer.
Change-Id: Ic287a3ed1725c42ea29022158bc9720c9a96533f
Previously the usage of neutron debug ports was removed by
5e01c47e4d but there was still call to
teardown_neutron_debug. Recently a change to devstack-gate
1d6cc0771a3399300117f488e9d71e7ea46a4d82 caused that call to be
triggered and breaking the gate-devstack-dsvm-updown job.
This patch deletes the call and comments regarding setup_neutron_debug
and teardown_neutron_debug.
Change-Id: Ifdacb0cec1307db469bd66f551474539184cf2cd
Besides updating to OSC CLI, this patch also fixes an argument name typo
present before in 'nova keypair-add' (--pub_key should be --pub-key).
Specifying $OS_PROJECT_NAME in case user is associated to multiple
projects containing security groups with same name (e.g. 'default').
Change-Id: I776f6edfc4c6c798a39d3260827a18c695f05c87
Nova is going to land a database migration in Ocata
under change I72fb724dc13e1a5f4e97c58915b538ba761c582d
which enforces that at least the simple cells v2 setup
is performed, which creates the cell mappings, cell0 and
host mappings. Before we can land that change in Nova
we have to make cells v2 setup a default in the integrated
gate jobs.
Depends-On: Ie44e615384df464516aa30b9044b5e54b7d995bb
Change-Id: If1af9c478e8ea2420f2523a9bb8b70fafddc86b7
The neutron client is going to be deprecated during the
Ocata timeframe, so it is time to start switching to the
openstack client to invoke networking commands.
use of neutron client in neutron-legacy has been left as is.
The command for setting the router gateway is left as follow up.
Change-Id: I0a63e03d7d4a08ad6c27f2729fc298322baab397
When using neutron network under xenserver, we must enable linux bridge
in Dom0 as neutron will use linux bridge qbr in compute node for
security group. But by default XenServer use openvswitch and disabled
linux bridge. This patch is to remove this restriction.
Change-Id: I0e8124ff2323810fdc46c717a750ce7e8f4aa0c6
The initial start of the neutron OVS agent always prints
a warning:
WARNING stevedore.named [] Could not load
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
There's an alias for that in setup.cfg called
iptables_hybrid that would avoid it.
Change-Id: I3f5bf782f4f27dc123e462e494741a8a941641ec
This patch sets Keystone v3 as default in services
configuration files and in the openrc and stackrc scripts.
Change-Id: I24546f02067ea23d088d383b85e3a78d7b43f166
Partially-Implements: bp keystonev3
When using XenServer, it will create two neutron-openvswitch-agent
q-agt and q-domua even it's single box environment, but it didn't
stop the q-domua, this patch is to stop q-domua in unstack.sh
Change-Id: I511ed534bfb7d5fe6136f6a0b33f1d749d30862c
Closes-Bug: #1631721
This commit removes some config values for tempest that no
longer exist in tempest/config.py therefore are no longer needed
in tempest.conf.
Change-Id: I5778973012e57e8d9df9bf864590f8ed7fe05561
Sets the port_security feature flag in tempest.conf
if the port_security extension is enabled, which it's not
by default in neutron but is set by default in devstack.
This adds global variable for setting the port_security
extension in ml2.conf and in tempest.conf so we only have
to set this in one place.
Depends-On: I1efd5c838aa0d73cc6e8864e3041eea25850198d
Change-Id: I6334b200e42edd785f74cfb41520627393039619
Related-Bug: #1624082
this is the first patch in a series to actually make fernet the default
token provider in keystone. the patches for grenade, release notes, and
actually switching the value in keystone all depend on this patch first.
reasons for switching over:
- fernet tokens are the recommended token provider
- the install guide for newton recommends deployers use fernet tokens [0]
- we previously attempted this switch but ran into timing issues [1],
the timing issues have been resolved [2]
[0] http://docs.openstack.org/newton/install-guide-ubuntu/keystone-install.html
[1] 153db26970
[2] https://review.openstack.org/#/q/topic:make-fernet-default
Change-Id: I3b819ae8d2924f3bece03902e05d1a8c5e5923f1
The devstack ldap configuration for keystone is still using some
old options that are no longer valid. The write support is
being removed this release. And in previous releases, the ldap
assignment driver support was removed and was not removed here.
Change-Id: I538626b681eaee6a7ac10dfbc29605b73fbe13bf
To avoid it being created multiple times for multinode setup.
Note: This reverts "Enable neutron to work in a multi node setup"
(commit 88f8558d87) partly and fixes
the issue differently.
The configuration in question uses the new lib/neutron. (not neutron-legacy)
In that case, calling create_neutron_initial_network from stack.sh directly
is a wrong way, as create_neutron_initial_network is sourced by
neutron-legacy. The new neutron code should not rely on the legacy one.
Closes-Bug: #1613069
Change-Id: I868afeb065d80d8ccd57630b90658e330ab94251
Q_ variables belong to neutron-legacy.
These are True by default in neutron.
Remove them in favor of post-config meta section.
Change-Id: If691a79b09003f85a07c9f33e0379a2b21e48141
Until the policy changes land for Nova, Glance, etc, this
value is not used. Additionally, by having it set, it actually
makes it hard/impossible for the required changes to land in
the other services. Disable/comment out the changes in the
Keystone specific lib file for now, and we will re-enable once
the Services can make use of them.
Change-Id: Ia1de9083c21107dac2f0abb56bda166bdb37a69d
The ceph cinder backend script was setting the wrong
config option in cinder.conf for the secret uuid. This
was being masked by a bug in nova which is failing on
this bug when trying to fix the nova bug...right. It
makes sense.
See:
http://docs.ceph.com/docs/master/rbd/rbd-openstack/#configuring-cinder
Change-Id: I4655cae3212d589177d2570403b563a83aad529a
Closes-Bug: #1635488
It's not used, and a recent change to trim down projects lists in
devstack-gate broke devstack in the gate that enabled heat.
Change-Id: I405423bdc9ba8dd9b30fce6fdceacccf662d5da3
Ubuntu wily support is EOL so lets make room for yakkety.
Change-Id: Ib13d43f6d89bdf7c684cd34655a077a13e237be3
Signed-off-by: Chuck Short <chuck.short@canonical.com>
This reverts commit 6930ba312f.
By reverting this patch we are no longer using the bandaid fix mentioned
in the code. The latest openstackclient release (3.3.0) fixes the bug.
Related-Bug: 1619274
Change-Id: I20e3c5a92b97bf46c8d2318cd37044f0f36e1745
We should not require any special role for heat
since very long time.
We should use the same roles as with the primary user.
Change-Id: Id9150f94c30505ed0da33b8fbc2a5a7bd4fcf5d0
When tls is enabled, we aren't bringing the logs to the forefront,
which makes it hard to debug when things go wrong. This does that.
Change-Id: I7c6c7e324e16da6b9bfa44f4bad17401ca4ed7e3
The prior art on other options in the same document seemed to be
calling out the default in a pre-formatted block after describing the
possible values.
I believe the default value for the option was first changed [1], then
the docs were fixed [2], then the information was unintentionally
dropped from the docs [3].
1. Related-Change: If0e0b818355e4cb1338f7fa72af5e81e24361574
2. Related-Change: Ib6603b4f6ea0b4079f9a4ea46e723ecbb2ea371d
3. Related-Change: Iddd27cb54f1d9f062b9c47ff9ad6a2bef3650d6b
Change-Id: I662403db3b08a351a680587440ad1f15a6f8ee5d
doing a clean.sh / stack.sh cycle with USE_SSL=True was failing
because we were no longer cleaning up the keystone site fully, so some
of the early mod_ssl queries hit an invalid apache configuration.
Change-Id: Ic6f3f601e532ec50c0234d928c25b378d9e95e32
This fix replaces Q_USE_PROVIDERNET_FOR_PUBLIC with
Q_USE_PROVIDER_NETWORKING in the error messages introduced by
[1].
The error is thrown when provider networking with IPv6 has been
requested via local.conf, but no provider IPv6 range or provider
IPv6 gateway is provided. But if a provider network should be used
over the private network is determined along the variable
Q_USE_PROVIDER_NETWORKING and not Q_USE_PROVIDERNET_FOR_PUBLIC.
The variable Q_USE_PROVIDERNET_FOR_PUBLIC determines if a provider
network should be used as public network. This happens a few lines
later in the code and is not related to those error messages.
[1] https://review.openstack.org/#/c/326638/1/lib/neutron_plugins/
services/l3
Change-Id: I50aa1e9d2027eef598c95404851e51c31a397fbb
This creates log files per proxy vhost and sets the log level to info to
help debug potential issues with tls proxying.
Change-Id: I02a62224662b021b35c293909ba045b4b74e1df8
If DLM is enabled, cinder should be configured to use the correct
backend url for the dlm.
At the moment only zookeeper is supported, as it is the only backend
currently supported in devstack.
Change-Id: I7afc8dc95bc5b3f11b888e10607615c1212c45f4
As long as nova already supports an Identity v3 auth flow when talking
to ironic (Id837d26bb21c158de0504627e488c0692aef1e24), make it use
v3 by default.
This way we don't fail in a keystone v3-only situation, for
example.
Change-Id: I028dfb52108d0630f47a53f8b420b70d4979eb55
Some of the clouds used for CI use the 10.2xx.0.0/16 range
for VMs, and collide with the wider 10.0.0.0/8.
This setting allows for creation of 256 subnets out of the pool.
Change-Id: I48c86f94098f1501f0e7f90a265dda7e81440eb0
Closes-Bug: 1629133
Added an option to make subnetpools to be optional
as it ignores the public network specified in
FIXED_RANGE.
DocImpact
Change-Id: Ic89ceca76afda67da5545111972c3348011f294f
Closes-Bug: #1628267
With the plan [1] to stop enabling it by Neutron iptables firewall
driver itself, deployment tools should catch up and enable the firewall
themselves.
This is needed for distributions that decided to disable the kernel
firewall by default (upstream kernel has it enabled). This is also
needed for distributions that ship newer kernels but don't load the
br_netfilter module before starting nova-network or Neutron iptables
firewall driver. In the latter case, firewall may not work, depending on
the order of operations executed by the driver.
To isolate devstack setups from the difference in distribution
kernel configuration and version, the following steps are done:
- we load bridge kernel module, and br_netfilter if present, to get
access to sysctl knobs controlling the firewall;
- once knobs are available, we unconditionally set them to 1, to make
sure the firewall is in effect.
More details at:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf
[1] I9137ea017624ac92a05f73863b77f9ee4681bbe7
Change-Id: Id6bfd9595f0772a63d1096ef83ebbb6cd630fafd
Related-Bug: #1622914
Nova ships with an empty policy.json file which it does not need.
oslo.policy previously required the empty file to be there but as of
version 1.14.0 it is possible to run with no policy file at all. Since
there are no policies defined in the sample file let's no install it.
Change-Id: I85a251376dfe38caa4b100861bf764014a98bc37
Depends-On: I09fa842ffbe75bed269cef6edc9c82d18bfe9297
When dots are used with sysctl, they are reinterpreted as slashes.
Route devices can have dots in their names, so when they are used in a
sysctl command that also uses dots, its dot will be replaced with a
slash, causing an error.
Change-Id: Ie32126a3aa8d646568d7d37ec4874419b9658935
Closes-Bug: #1627770
The motivation is to make it more friendly with lib/neutron.
ie. independent from lib/neutron-legacy
Change-Id: I19821b009cbf1bc715a6c7b2854e4c77d2041ec4
urllib3 1.18 was released today and contains new more correct hostname
matching that takes into account the ipAddress portion of a certificate
and disallows matching an IP Address against a DNS hostname.
Change-Id: I37d247b68911dc85f55adec6a7952ed321c1b1d8
The /identity_admin endpoint is the port 80/443 equivalent of the
service that typically runs on port 35357. In v2 some operations must be
performed on the admin endpoint whereas on v3 the services on 5000 and
35357 are exactly the same. This would be why the service was mounted at
/identity_v2_admin however that is misleading because both the v2 and v3
services are present on that endpoint.
This is particularly confusing because we set this as the OS_AUTH_URL
endpoint and it makes it seem like we are doing v2 authentication when
we are not.
Change-Id: If73735026079fb19ca5bd44b3a4dc1f507b5c99d
With [1] glance_store introduced default settings for user_domain_id and
project_domain_id. Sadly since these are always passed to the keystone
client, they override any settings to user_domain_name and
project_domain_name that are made in the config, leading to authentication
failures.
So as a workaround until [2] is fixed, we explicitly place the corresponding
domain_ids into the config.
[1] https://review.openstack.org/297665
[2] https://bugs.launchpad.net/tempest/+bug/1620999
Change-Id: Ica81a1a176614392291f2db4cc6398ed30663aed
To support multinode testing where we just copy the CA to all the
instances don't remake the CA if it already exists.
The end result is that you can trusty a single chain and all your
clients will be happy regardless of which host they are talking to.
Change-Id: I90892e6828a59fa37af717361a2f1eed15a87ae4
TIL:
Similarly, all the END rules are merged, and executed when all the
input is exhausted (or when an exit statement is executed).
i.e. matching YUM_FAILED calls "exit", which falls through to the END
rules which calls "exit result" ... which is zero. i.e. if the return
code is 1 then we actually hide that and return with zero.
This is rather annoying because errors that should halt to alert us of
a package install failure pass through, only for you to have to debug
much later on seemingly unrelated problems.
This always sets "result" and thus should be returning the right
thing. I've updated the documentation to hopefully make it clearer
what's going on.
Change-Id: Ia15b7dc55efb8d3e3e945241b67a468b8a914672
In Debian jessie and later release,there is no packages
called "qemu-kvm" for AArch64. Also modify the libguestfs0
packages for AArch64
Closes-bug: #1612182
Change-Id: I5eb6bd137896eb9abfc4f8dbb41b41105e4820cd
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
Instead of only using the userrc_early when keystone
is an enabled service we will do it on all runs of
stack.sh. This way services can be split up more
across devstack nodes, and you can do configuration
requiring credentials on nodes that don't install
keystone.
Change-Id: I74574ae9f45a74bcbcc8e3149228ecb795ab4fb7
Stud is now abandonware (see https://github.com/bumptech/stud) and is
not packaged in xenial. Lets use Apache for SSL termination since its
there already.
Change-Id: Ifcba410f5969521e8b3d30f02795541c1661f83a
The flag ENABLE_DEBUG_LOG_LEVEL indicates if this should be
set or not.
This will now be supported in Neutron.
Change-Id: I3afe0546b379873247fee1ef9f4cc2708a7b5713
Some systems may have more than one default route.
Set up iptables NAT rules on all v4 default route devices.
Accept RAs on all v6 default route devices.
Closes-Bug: #1624773
Change-Id: If58509297497ea33c6c156f083a4394000bd0561
The use_usb_tablet option is replaced by the pointer_model
option.
Depends-On: Id18b5503799922e4096bde296a9e7bb4f2a994aa
Change-Id: Ic2a49f88df988c6404c1c72e9ee28a487e4f7908
There is a bit of a weird history here, but the net is we're not
installing python-guestfs when ENABLE_FILE_INJECTION is set, which
it is in the gate-tempest-dsvm-neutron-full-ssh job, which makes
file injection (personality) tests fail.
The history:
Commit 0ae942b41c moved installing
python-guestfs to the hypervisor-libvirt file and it was conditional
on a flag to enable file injection and the backing distro.
Commit a3c94468ba removed the ability
to configure nova for file injection, which never made any Tempest
tests fail because we didn't have a job that tested file injection
with ssh, which is what gate-tempest-dsvm-neutron-full-ssh does.
Commit 6d3670a652 added the ability
back to enable file injection and the gate-tempest-dsvm-neutron-full-ssh
job uses it, but missed added the condition back in from 0ae942b41
which installed the python-guestfs package. This change adds that
back in.
Change-Id: I1c1ef093b70007100646c086dc5724cd64751d00
Closes-Bug: #1622649
A couple of hundred of these were added with
Ia02f4e1819ac47b12b4ce4381e04253eb26e9f70 and you can see in some of
the proposals at I21fd2b3866efe66dd1f7173003c2521688aa7fd6 they're
starting to match. Just ignore packaging repos as they're not really
relevant for the purposes of plugin list.
Change-Id: Iaf9e0c0fb672a70c3aee1bbcf587bb0d387e5945
Configure the linux bridge physical interface to use the interface for
the default route on the current host. In the future we should consider
using a dangling interface so that we aren't affecting the host
instances networking but this roughly matches what testing has been
using in the past.
Change-Id: I7859437f97e6cab929e90208fe56f7efd62dfe01
Ubuntu's LVM packaging does not support thin provisioning by
default:
/usr/sbin/thin_check: execvp failed: No such file or directory
This is fixed with install of thin-provisioning-tools.
Change-Id: I31f572934ea94cae6e2aea27a2c731ee5bca68d3
Closes-Bug: #1615134
The default get_pip url regulary times out when starting devstack
from behind company firewalls. Making this a configureable variable,
user can make use of internal git-pip.py mirrors without modifying
any code.
Change-Id: I66a5534d51ab23a4d8586c27d37b4b6b8a6892c9
This patch setup cellsv2 for Nova after plugin initialization phase.
Since this requires compute hosts to be started, we need to do it
after we have initialized all other plugins. Things like ironic
aren't setup when we were running this as part of nova setup, and
thus this command can fail.
When cellsv1 is used (n-cell is enabled) skip calling
cells_v2 simple_cell_setup, which will never have hosts
at the top level and which will always fail.
Change-Id: Ic7d0115da51d6ea17ee49071af259a7789c62ab9
Depends-On: I9bbaa4c92503222c9fd015fe075926b50f3dcc8c
In some initialization conditions (having never ran stack.sh) the
result of unstack.sh is dependent on if the user had previously
installed lvm2 or disabled the cinder service.
This change makes all results the same with a bit of LBYL.
There's also a drive-by to put a comment back where it belongs after
being accidentally moved in the related change.
Related-Change: I09b1a7bee0785e5e1bb7dc96158a654bd3f15c83
Change-Id: I9a7e052677d60cbbbdd582877f3c6c48c387f668
Closes-Bug: #1619195
Catalog caching was disabled due to bug 1537617, but this has been
fixed for some time. Re-enabling to get some performance back.
Change-Id: Ic0edf5c70a5040edf3393dbd1e110ab5fb56c110
Related-Bug: 1537617
Keystone had a problem where there was a memcached socket
opened very early on startup which then got shared between
worker processes when running under uwsgi. This can be
prevented by setting lazy-apps so this is the recommended
setting.
See http://uwsgi-docs.readthedocs.io/en/latest/ThingsToKnow.html
"""uWSGI tries to (ab)use the Copy On Write semantics of the
fork() call whenever possible. By default it will fork after
having loaded your applications to share as much of their
memory as possible. If this behavior is undesirable for some
reason, use the lazy-apps option. This will instruct uWSGI to
load the applications after each worker’s fork(). Beware as
there is an older options named lazy that is way more invasive
and highly discouraged (it is still here only for backward
compatibility) """
Change-Id: I6f271dc906528f0c86060452deaf15df81b267d2
Related-Bug: 1600394
This moves setting of RABBIT_USERID from stack.sh to lib/rpc_backend
so it may be used in grenade runs, which don't have the defaulted
value from stack.sh. The RABBIT_USERID is needed in order to call
get_transport_url in lib/rpc_backend.
Change-Id: I6f211e9102f79418f9f94a15784f91c4150ab8a7
As part of Nova cellsv2 there is now a third database that must be setup
for use by Nova. This database is an exact copy of the 'nova' database.
Only do this if NOVA_CONFIGURE_CELLSV2 is overridden.
Change-Id: I8775b8066ba85fbdbcdfb42c28cb567fc7759fe5
If we left the ansi color codes in apache logs, we can run a sed
script to convert the escaped escapes back to ansi escapes which make
the logs colorized again.
There are 8 \ because we need to end up with 2 in the final sed, and
we get interopolated twice. How much fun is escape interpolation? All
the fun.
Change-Id: Id8531cf03ba80f0df62f20add02e757bd63d4f2d
We should use the standard install nova-placement-api script which is
managed by the python package instead of a one off copy procedure.
Depends-On: I00d032554de273d7493cfb467f81687c08fd5389
Change-Id: I74b39d6a0cedea7c18ce8080dcddb43d13df1de8
After I00847bb6733febf105855ae6fc577a7c904ec4b4, we cannot see the
test result (testr_result.html) on gate jobs.
So let's revert the patch for verifying the test result on the gate.
Change-Id: I9db1ff9f43b22d1634a43c7d5e502cc205aa26f2
Closes-Bug: #1617476
Fix the comment to actually be a comment. Regenerate page.
Although we've got a pretty cool system for generating this, I wonder
if anyone actually looks at it? Maybe it's just helpful as a form of
SEO.
Change-Id: I15aaa983716f9ee897293c2954ca7ae561951372
All jobs using ceph as a storage backend have been moved over
to using the devstack-plugin-ceph repo in project-config so we
should be safe to remove the now unused lib/ceph file.
The files are left in place because the devstack plugin does not
install xfsprogs but it's used by the create_disk function.
And the ceph cinder backend file is left in place since the
devstack-plugin-ceph repo uses that by setting
CINDER_ENABLED_BACKENDS=${CINDER_ENABLED_BACKENDS:-ceph}.
Change-Id: I3fb09fc92bc6ab614e86d701ea46d5741a76b7a8
When the loop device is not present because something
has gone wrong, this will print an error:
"losetup: option requires an argument -- 'd'"
Just skip the losetup -d in this case.
Change-Id: Iedc439b1ae924e9a599f6522eb081b83d43190c7
Uses lib/placement, but relies on some functionality from
lib/nova. This leads to some weirdness since the nova has
special status in stack.sh. If/when placement is extracted
it may be good to follow the devstack plugin structure
instead.
Because the placement code is currently a part of nova, there
are dependencies in lib/placement on a some $NOVA_* variable
and, if virtenv is being used, the virtualenv used by nova.
Because placement currently runs using nova's configuration
settings, not a lot actually happens in lib/placement: apache
is configured and keystone accounts and endpoints are created.
If PLACEMENT_DB_ENABLED is true then a separate placement db
will be configured.
When complete the initial version of the placement service will
provide support for managing resource providers, inventories and
allocations.
The placement api only runs under mod-wsgi.
Change-Id: I53dd3e6b41de17387a0e179fc9ac64c143b6a9eb
Neutron openvswitch agent running in compute node will control the
actual connection of the VMs in Dom0 via conntrack-tools, but Dom0
doesn't install conntrack-tools RPM by default.
This patch is to add such support with XenServer 7.0 and above.
Change-Id: Iec56db761015d4b7baa5a5f54314f4ff3fa67e02
Ensure the virtlogd service is started, to work-around various
platform issues where it isn't started correctly.
Closes-Bug: #1603009
Change-Id: I548b377df6b2f0c287429e4387ee33184a82a64d
With the addition of encrypted credential in keystone, we need to be able to
add setup steps in devstack to configure the credential repository with
encryption keys.
Depends-On: I97e7701bc5b8765d207cc721793643bcefa2d4e2
Depends-On: Id3e8922adc154cfec5f7a36613e22eb0b49eeffe
Change-Id: I433da9a257daa21ec3b5996b2bca571211f1fbba
p-c patches have merged, neutron-lbaas removal is in the merge queue.
This reverts commit b3f26cb66c.
Depends-On: I506949e75bc62681412358ba689cb07b16311b68
Change-Id: I98d62c13ef90b20a9c67ef4f1720efcaa366fb31
Because neutron sets ipv6 forwarding settings, we stop accepting RAs
from IPv6-only host environments. This leads to a loss of external
connectivity, which is bad for zuul running tests and stuff.
Setting accept_ra to 2 will cause the RAs to be accepted.
Change-Id: Ia044fff2a1731ab6c04f82aea47096b425e0c0a0
On the controller node where devstack is being run should create
the neutron network. The compute node should not.
The the case that we want to run a multi-node neutron setup we need
to configure the following (in the case that a plugin does not
have any agents running on the compute node):
ENABLED_SERVICES=n-cpu,neutron
In addition to this the code did not enable decomposed plugins to
configure their nova configurations if necessary.
This patch ensure that the multi-node support works.
Change-Id: I8e80edd453a1106ca666d6c531b2433be631bce4
Closes-bug: #1613069
Removing the explicit enablment of Neutron services, as with [1] they are configured as defaults in stackrc.
[1] https://review.openstack.org/#/c/350750/
Change-Id: Ic8910cd28fe37842f7d824e68bd2ea705e7e52de
By default, FIXED_RANGE and NETWORK_GATEWAY (and the
IPv6 equivalents) are in the same subnet. But if
FIXED_RANGE is over-ridden in local.conf we could
create a subnet with an invalid gateway address.
Since neutron will pick the lowest host IP as the
gateway by default, do not specify them unless the
user has specifically set them.
Do this for both the private and public subnets, as
well as the public IPv4 subnet.
Change-Id: Ifc71400a3af1f131bb8a9722188e13de5bd3c806
We really should be using the metadata server more in our normal
testing, this changes the default to use it.
Change-Id: I8ef14e6110da1160163c0106e32032d27226f929
memcache_pool is there to keep a limited number of thread-associated
connections open rather than a connection for every thread. If you
don't have a huge number of threads it doesn't offer anything.
Keystone is an example of a service where memcache_pool doesn't
improve things -- eventlet isn't supported anymore and more threads
is not useful due to GIL.
As such, keystone cache backend is changed to dogpile.cache.memcached.
See https://review.openstack.org/357407 for the oslo.cache help text
change.
Change-Id: I4452a8c4968073cdea4c0f384453a5a28519fa08
CEPH_CONF does not exist anymore, resulting both cinder-volume and
cinder-backup being configured with an empty rbd_ceph_conf option.
Using CEPH_CONF_FILE to fix this.
Change-Id: I1aa590aba900a4a94698917e45a0ea5c6f497f18
Signed-off-by: Sébastien Han <seb@redhat.com>
The plugin creates subnetpools but does not use them when creating the
default subnets. It uses CIDR values that overlap with the
default pools. Change this to use the subnetpools.
Change-Id: I6171c13507e420f146801d323cb1011be36c1e8c
Closes-bug: 1613717
'quota_injected_file_path_bytes' has been renamed to
'quota_injected_file_path_length' long time ago, this patch fixes this
issue in devstack.
Change-Id: I5d3c52c5ded5321435d2d395b682c4c0725279a7
Since support for sections was added to devstack local.conf parsing
we don't need this, and actually prefer just using the
sections in local.conf.
Change-Id: I5908fdf7ad127997bb1f4a6bbb16d0d8cf073ddd
Change the order of variable declarations in stackrc so that setting
custom DEST in local.conf is also affecting DATA_DIR, SERVICE_DIR and
SUBUNIT_OUTPUT.
Change-Id: I00847bb6733febf105855ae6fc577a7c904ec4b4
Closes-Bug: #1285720
There is no longer a trace of these options anywhere in the
Neutron codebase. These can be safely removed.
Change-Id: Ibf00e158248e2a20248917c8cfc0011d30da6a82
There is currently a hole in our testing that lets os-client-config,
which sits at the bottom of the dependency chain for some key pieces
like neutronclient and python-openstackclient, introduce gate breakages.
Step one in fixing this is allowing os-client-config to be optionally
installed from source so that jobs can be put into its gate to exercise
its master vs devstack installs.
Additionally, osc-lib is a new and lovely library that's going to need
the same things.
We're putting both in install_oslo, even though they're not oslo
libraries, because that'll make grenade work properly.
Co-Authored-By: Monty Taylor <mordred@inaugust.com>
Change-Id: I747480b6063a62e82ca2b030f274d3e87bf28b3b
Run "nova-manage cell_v2 simple_cell_setup --transport_url ..." after
Nova is started. This will add all compute hosts into a new cell, and
setup a db for cell0.
Change-Id: I50a955b97d0e18426406c15397bdfbc9e807d908
Depends-On: I559f9c87e89926414b368cac9442dec4eadcb89b
This explains the current state of networking in devstack, and a
couple of scenarios that people might want to try out for local
testing.
Change-Id: I2be35f4345bf9306c981ef6f0186b48da7d06772
It turns out we never really had a document on how to work with
devstack in the devstack docs. At one point this was just cultural
knowledge passed down, but with the size of our community, we can't
rely on that any more.
Change-Id: I28f896ea507ccbba5164ebfc5415d22207f52e98
This config option is requied in order for nova notificaions to
function, and enabling it doesn't cause any harm (there is another
option for turning notifications on).
Change-Id: I309af6cc43af485f795c368d304ebe71fceb1a03
This value defaults to something not (necessarily) in our fixed range,
which will cause spurious test behavior. We know the value for this, so
just configure it properly.
Change-Id: I0ee3b71f509377dc7174ce97575e60ee2095f893
Before the code in the extra.d plugins was removed from the devstack
tree they could define the order they ran. When this code is decomposed
into a plugin, there is still a need to do some form of ordering. This
caused problems with the Ironic devstack plugin and Tempest because the
code is run in this order:
1. The tempest configuration is run from extra.d, processing
DEFAULT_INSTANCE_TYPE, and writing the flavor_ref to tempest.conf
2. The Ironic devstack plugin is run, creating the flavor needed for
DEFAULT_INSTANCE_TYPE
This leads to build failures as tempest can not find the required
flavor, so it writes which ever flavor it can find at the time into
flavor_ref. Ironic now has code it its devstack plugin duplicated from
the tempest plugin to work around this problem until this is merged.
This patch fixes this by using the test-config phase to move the tempest
plugin as late as possible in the devstack process.
Change-Id: I3d98692e69d94756e0034c83a247e05d85177f02
This enables a new test in Tempest to run on a per-branch
basis since by default it's disabled because it won't pass
on liberty given the bug fix isn't in liberty and won't be
backported there.
Depends-On: I20b8d5d2a300c83a59bdb33374fc20447ce2ede3
Change-Id: I18fd5e0978795fec39a763e1e0f07d758905b9b8
Related-Bug: #1175464
We don't run q-metering in default single host configuration, so we
should make it so that tempest won't attempt to test for it either.
Change-Id: I928be70e3b10fc3753fd1081631e54fa839b671d
===Set bridge_mappings for linux bridge===
The external network physnet needs a bridge_mapping to the public
bridge when the L2 agent is responsible for wiring.
===Add PUBLIC_PHYSICAL_NETWORK to flat_networks===
This network must be present in the ML2 flat_networks config if
flat_networks is specified.
===Set ext_gw_interface to PUBLIC_BRIDGE in provider net case===
ext_gw_interface must be a bridge in a bridge_mapping when
Q_USE_PROVIDERNET_FOR_PUBLIC is used.
Closes-Bug: #1605423
Change-Id: I95d63f8dfd21499c599d425678bf5327b599efcc
The devstack docs have gotten a bit meandering so even the quick start
guide doesn't get you to a working setup without referencing other
pages. This attempts to pull this back in a bit.
Change-Id: I608331cbdae9cbe4f3e8bd3814415af0390a54d0
A change was made to tempest.conf for volume multibackend. Previously,
tempest used the following, with a limit of 2 backends:
backend1_name = BACKEND1
backend2_name = BACKEND2
That was changed to accomodate >2 backends. tempest.conf now uses a comma
separated list:
backend_names=BACKEND1,BACKEND2,BACKEND3
devstack/lib/cinder uses a comma separated list with "type:backend_name":
enabled_backends = lvm:BACKEND1,ceph:BACKEND2
This is in order to use scripts in devstack/lib/cinder_backends to setup
devstack basked on "type".
This patch allows parsing of the CINDER_ENABLED_BACKENDS to pass the proper
backend_name to tempest.
Change-Id: I76973c3fad4998a0f9e534fc9f6a271c1923f7b3
When running a default devstack environment, having guests that
actually can resolve DNS, so that they can do package updates from
well known hosts. This addresses a gap between nova-net and neutron
behavior in devstack.
Change-Id: I42fdc2716affd933e9158f1ef7ecb20bc664ef21
nova-net is deprecated, and it's long time to switch to neutron by
default. This patch does that, and has an auto configuration mode that
mostly just works for the basic case.
It does this by assuming that unless the user specifies an interface
for it to manage, that it will not automatically have access to a
physical interface. The floating range is put on br-ex (per normal),
fixed ranges stay on their OVS interfaces.
Because there is no dedicated interface managed by neutron, we add an
iptables rule which allows guests to route out. While somewhat
synthetic, it does provide a working out of the box developer
experience, and is not hugely more synthetic then all the other
interface / route setup we have to do for the system.
You should be able to run this with a local.conf of just
[[local|localrc]]
ADMIN_PASSWORD=pass
DATABASE_PASSWORD=pass
RABBIT_PASSWORD=pass
SERVICE_PASSWORD=pass
And get a working neutron on a single interface box
Documentation will come in subsequent patches, however getting the
code out there and getting feedback is going to help shape this
direction.
Change-Id: I185325a684372e8a2ff25eae974a9a2a2d6277e0
This reverts commit f327b1e119.
The problem being addressed in the original commit was that
rejoin-stack.sh would run with the user's locale, instead of C that
was set in stack.sh
We overlooked that this gets pulled in by openrc, so it is overriding
the user's locale when using clients, etc.
rejoin-stack.sh was removed in
I2f61bb69cc110468a91dcaa4ee7653ede7048467 so we don't have to worry
about that part. A revert to not touch the user's locale seems
appropriate.
Change-Id: I7c858bb92ce7ba5b5d323bf3ad6776100026c7a2
Closes-Bug: #1608687
This was used solely by bigswitch, and everyone else has moved over to
devstack plugins. Cleaning this out makes the core logic much simpler.
Depends-On: I8fd2ec6e651f858d0ce109fc335189796c3264b8
(grenade removal)
Change-Id: I47769fc7faae22d263ffd923165abd48f0791a2c
The horizon cleanup function wasn't being called at all during
cleanup which left the Apache configuration.
Change-Id: Iff5336d0c5e79cfc82f1c648afaabb869d86020e
Seeing a race condition where lib/neutron code tries to
set the MTU on br-ex before it exists.
Thanks to some good grepping by sdague, it appears that the difference
between lib/neutron and lib/neutron-legacy is that the initial bridge
being created is br-int while in lib/neutron the initial bridge
created is br-ex, which means there must be some kind of warm-up that
occurs between the first bridge that is created by ovs-vswitchd and the
second, and the second one created is much faster.
So instead, let's just wait for the bridge to be created successfully.
Change-Id: I271dc8b6ae5487c80d2a22153b3fc45fb247707f
In case q-fwaas is enabled. It will causes the q-l3 failed to start
because the DevStack gave a redundant --config-file option to start q-l3
This is a follow-up patch of 84409516d5
to remove fwaas from DevStack completely.
Change-Id: I630969b3556bcffba506cab02a09cc83f4430c88
Closes-Bug: #1608401
The privsep helper should have a sane default for all libraries,
pushing this into devstack means we cheat past a part of the upgrade
that we really shouldn't be.
Change-Id: I52259e2023e277e8fd62be5df4fd7f799e9b36d7
The default for GUEST_INTERFACE_DEFAULT now uses the ip command
to find an interface; so it will work on multiple distributions.
XenAPI should not be setting a specific interface here, as it will
almost always be wrong. In most cases, the calculated value for
GUEST_INTERFACE_DEFAULT will be a better default.
PUBLIC_INTERFACE_DEFAULT makes even less sense as it's often an
internal bridge for devstack scenarios.
In both cases, the right way to override these is to set
GUEST_INTERFACE / PUBLIC_INTERFACE in the localrc rather than
changing the _DEFAULT values.
Change-Id: I0cf84438d778bf1a2481328165513c59167490e2
Currentlly, the *.pyc files could not be removed in any scripts or
functions. But the redundant files would lead stack.sh not to find the
correct script for some versions after branch switched from master to
stable/mitaka in migration_helpers.sync_database_to_version.
So this commit adds the process of cleaning all the *.pyc files in
clean.sh.
It is needed to execute clean.sh before re-stack.sh to prevent the
exception.
Change-Id: I9ba0674d6b20b13c0a26b22cd5d1939daa121a94
Closes-Bug: #1599124
In the 25.0.0 release [1] of setuptools during any install
operation the package in not overwritten. If a package is
installed from another requirement via pip and then it is
installed again from git, it is not updated causing
check_libs_from_git to fail.
[1] https://setuptools.readthedocs.io/en/latest/history.html#v25-0-0
Change-Id: Ibaa1d4157816ea649f4452756fbde25951347001
Closes-Bug: #1605998
On RHEL-based systems pip and yum share the same installation
directory for virtualenv. If yum pulls in the python-virtualenv
package (e.g. due to a dependency) it will clobber what pip has
already installed. The file tools/fixup_stuff.sh tries to ensure that
the proper virtualenv package is installed via pip. If virtualenv has
already been installed via pip, then clobbered by yum, pip skips the
install since it appears as if virtualenv is already installed and at
the correct version.
The reinstall of virtualenv must use the --force-reinstall argument to
pip to fix up the damage done by yum.
Change-Id: Ib0edf6c4ee8a510e9d671213de35d787f56acfed
Closes-Bug: #1599863
Add a VirtualHost that defines the necessary options for
enabling SSL. The existing keystone Apache configuration already
does all the location handling.
Change-Id: I836a471a7258f14f051d3dd8bdb428286b5a11aa
Relying on 'external_network_bridge=br-ex' for the L3
agent has been deprecated in Neutron. This patch adjusts
the devstack defaults to setup Neutron in the preferred
manner (empty external_network_bridge value and
correct bridge_mappings for the L2 agent).
This will also help with correct MTU calculations now that
the external network will have the correct segmentation
type on it ('flat' now instead of 'vxlan' by default).
Related-Bug: #1511578
Related-Bug: #1603493
Change-Id: Id20e67aba5dfd2044b82c700f41c6e648b529430
We have new feature in cinder and new test for it.
The test is skipped by default.
Need to add flag to unskip this test on master and
Mitaka.
new test: I1964ce6e1298041f8238d76fa4b7029d2d23bbfb
Change-Id: Ib695e60c2ed7edf30c8baef9e00f0307b1156551
For AArch64, KVM don't recognize the cpu-mode "none",
so change the default cpu-mode as host-passthrough for
generating nova.conf
Change-Id: I94a22e5a15a974b9c11e9f9fd996857453b6e2ca
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
This variable can be used to accommodate for underlying infrastructure
that does not provide full 1500-sized traffic, or maybe instead gives
access to Jumbo frames.
Change-Id: I38a80bac18673a30842a7b997d0669fed5aff976
Related-Bug: #1603268
The change Ibb7423d243d57852dada0b6298463bbdfc6dc63c that introduced the
os-brick plugin introduced a flaw where the xtrace state wasn't restored
after the end of the plugin's execution. The end behavior is that devstack's
logs were with way less information, difficulting the debugging of the build.
This patch fixes the variable that was intended to hold the xtrace state (it
was using cinder's) and restoring the state at the end of the script.
Change-Id: I47c6c794a9704049b089142eca5603d1183f8a10
Replicated Yi Zhao's fix for re-adding ipv6 addresses to neutron-legacy
(review I9ff62023dbc29a88aec3c48af331c0a49a1270bb).
Previously, re-stacking failed with "File exists" for ipv6 addresses
on br-ex. With this change, the existing address is replaced on
br-ex with the appropriate address.
Change-Id: I6e6235132a34469f4e68b5bb3cf51ebdf01c83a2
Fedora 22 reaches its EOL on 19-JUL-2016[1]. Remove it as
officially supported distribution.
The current two supported Fedora distributions are Fedora 23 and Fedora
24. (Change Ia4a58de4973ef228735c48b33453a0562dc65258 already added
support for Fedora 24.)
[1] https://fedoramagazine.org/fedora-22-end-of-life-2016-july/
Change-Id: I5b4e1ddb6165a9065e80e84175246678a7356f18
This removes several config flags for Tempest
now that juno and kilo are end of life. Tempest
has already removed these flags too.
Change-Id: I748429e73073f4202f77dfe1002687f76ee9a451
This option to install os-brick from git was only added
into lib/cinder previously. When testing all-in-one nodes
this worked fine, but if you have multi-node setups with
compute nodes that don't install any c-* services we
only get packaged os-brick. With this change non-cinder
nodes can now test against unreleased os-bricks.
Change-Id: Ibb7423d243d57852dada0b6298463bbdfc6dc63c
The common code for metering calls _neutron_service_plugin_class_add,
which despite the description only just appends a service plugin to
$Q_SERVICE_PLUGIN_CLASSES - it doesn't actually write it into a
configuration file.
So for now, read out the configuration, and append metering to it, then
write it back out.
Change-Id: Ice96cca8b43dcd54f2aa81461000a4597db8260d
This is necessary to make it possible to filter out compute nodes,
which don't support such type of images.
Change-Id: I347953876e2057e6f3dca71c2f5e8b638b85aaf8
Option was deleted from Tempest config file. Also test scenario
was deleted. See commit I93b2fb33e97381f7c1e0cb1ef09ebc5c42c16ecc
Change-Id: I750e50ba7cf8fca1dde391c2620b4a815d6b02a1
Closes-Bug: #1599619
File injection is disabled by default for the libvirt
driver in nova. This adds a variable to enable file
injection for the libvirt driver and is also used
to configure tempest.conf for running personality
tests.
Change-Id: I34790fadeffd6e3fdc65bd9feed3d6e62316896c
Related-Bug: #1598581
Change 9ce99a44cf85e431227536e2251ef05b52e61524 disabled file
injection with the libvirt driver by default back in Icehouse,
so devstack doesn't need to do this explicitly anymore.
Change-Id: Id0c521f6f624367bd497463c8c2d99488548fcff
This adds a set of local.conf modifying functions which make it easier
for consuming projects like devstack-gate to programatically add
elements to local.conf structured files.
Change-Id: I3427968c2bd43aba12b3619acc27f73c74f0dabb
Co-Authored-By: fumihiko kakuma <kakuma@valinux.co.jp>
This will have devstack setup the Cinder internal tenant and generic
image-volume cache by default. If left alone it will use reasonable
defaults.
More information about configuration options and the cache can be found
here: http://docs.openstack.org/admin-guide/blockstorage_image_volume_cache.html
As part of this we switch the default lvm type to thin so it will
work more efficiently with the image cache.
Change-Id: I0b2cc261736f32d38d43c60254f0dc7225b24c01
Implements: blueprint cinder-image-volume-cache
In Aarch64, the default cdrom bus is scsi, and the default scsi
controller is virtio-scsi. The cdrom with virtio bus will not be
recognized by the instance.
Change-Id: Ib8cec79f9e9083239092fa7348793ee3b64a9c94
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
Change I4a10a49db97d413349bcfceeb8c4164936fbcc40 added colorful PS4 via
tput. However, if TERM is not set (as is the case when stacking
noninteractively), tput errors with the following:
tput: No value for $TERM and no -T specified
...twice for every log message, thus flooding the logs.
This change set turns LOG_COLOR off by default for noninteractive
execution. If LOG_COLOR is set to True when noninteractive (TERM is
unset), obviate the above errors by passing tput a simple -T.
Change-Id: I0f8ad82375cde463160bad5bd9918f1e4b19326d
Closes-Bug: 1576405
wait_for_service just checked to see if the remote service
was started, not that it was returning data. This caused
problems when the service was behind a proxy because the
proxy would respond quickly but the service may not have
fully started.
Wait for a non-503 HTTP response code and non-7 exit code
(connection error) from curl
Return an error if a successful connection cannot be made.
Change-Id: I059a12b1b920f703f28aca0e2f352714118dee97
Add support for the "geneve" ML2 plugin type driver. The
networking-ovn ML2 mechanism driver uses geneve for its
project network type. Geneve is part of core neutron but
didn't have any DevStack configuration for it. This patch
set adds the necessary options. It also removes the default
for ML2 type drivers to rely on the neutron default and
consolidates the tunnel ranges default for gre, vxlan and
geneve by using TENANT_TUNNEL_RANGES.
Change-Id: Id75651dfe57a07045a6932a0369668f33c7eef09
Partial-Bug: #1588966
The 'neutron_plugin_configure_l3_agent' function expects a path to a
configuration file as a parameter. This was not done for one call,
resulting in the generation of a 'DEFAULT' file in the DevStack
directory along with an invalid L3 configuration file. Resolve this.
Change-Id: I5781cb1ec4cfc1699e61dbc324d0bdb824b56be1
MacVTap mechanism driver and agent have been added during
Mitaka [1][2]. Now adding the related doc to run a
multinode devstack with MacVTap compute nodes.
[1] https://review.openstack.org/209538
[2] https://review.openstack.org/275306
Depends-On: I0dd4c0d34d5f1c35b397e5e392ce107fb984b0ba
Change-Id: Ie743a207a5faeab2e2a7274fda503699f3072e98
Due to the fix [1] of neutron-refactor, some flat network usages of devstack
installation start fale.
This fix enables ML2_L3_PLUGIN to be set to empty to solve the problem.
By default l3_router_plugin.L3RouterPlugin will be set to ML2_L3_PLUGIN,
and for neutron, in such of configuration, router (ASA some others) will be
set into supported_extension_aliases,
then devstack will create a router that we do not want in a flat network.
Before fix [1], we can disable q-l3 to aviod the issue.
But now we don't, and we need this fix to disable the whole L3 plugin.
[1] https://review.openstack.org/318145
Change-Id: I61a2142d5121e0af4cc6cdf50e6bceafaf791fb0
Config auth_plugin in trustee group is deprecated.
Change to use auth_type in trustee group instead.
Closes-Bug: 1592482
Change-Id: Ib90d9c0299887201b37d26254693dc6b007a41dc
CINDERCLIENT_REPO cannot refer to both python-cinderclient.git
and python-brick-cinderclient-ext.git so make sure
the overrides have different names.
Bug introduced by: I6d0f09950ea1200d3367a53aa4a3eea9be7abc66
Change-Id: I9cbbf71ba08ef5394537d7b294846faa3c5be5bd
Implements Blueprint: configure-tempest-volume-microversion
Related to: I3d9b3fe288333721bf3b2c6c988949f2f253bfcc
Change-Id: I80c6a0c46c667291c6f7fe2a036717504c110314
Tempest introduced a new ability to use domain scoped tokens for
identity v3 admin APIs. Since domain scoped tokens can be used
with the base keystone policy used in the gate, and the
pre-provisioned admin user is assigned a role on the domain, turn
the option alway on.
Change-Id: Ib1bb958eee076364b407fc03e77e6882d92147d2
Depends-on: I91ca907992428a5a14fb8d48a4fad105d2906e27
I352362cf59e492fa9f7725190f0243f2436ac347 switched this to vercmp, but
using single-quote (') will mean that the kernel version isn't
actually expanded for the comparision.
I guess, like the original change, the fact it isn't working is
hidden. Trusty seems to have 3.13 ... I can't imagine we support
anything before this ... so I'd also be happy if someone with some OVS
knowledge wants to just delete it.
(This change was originally an alternative to
I352362cf59e492fa9f7725190f0243f2436ac347 but got the quoting right)
Change-Id: I9fa514885c20b1135fb0680cf61fc04628fbecbe
Closes-Bug: #1580850
privsep will default to invoking privsep-helper directly
via sudo, which won't work for people with a locked down
sudo config. To deal with this we should explicitly
configure the os-vif plugins to use nova-rootwrap for
running privsep-helper. This change makes such a change
for the two official in-tree os-vif plugins.
Change-Id: I3d26251206a57599385f2b9f3e0ef7d91daafe35
keystone was configured to connect to memcached on the host IP
address. Unfortunately, memcached is only listening on localhost,
so this setting actually hurts performance as keystone fails to
connect to the memcached server. There's no indication of this in
the keystone logs since this is just how memcache client works
(ignoring errors).
You can verify this by
1) in /etc/memcached.conf, set -vv
2) restart memcached: service memcached restart
3) watch /var/log/memcached.log
4) There will be no output
with this change, there will be output in /var/log/memcached.log
Also the performance should be a lot better.
Change-Id: I95d798d122e2a95e27eb1d2c4e786c3cd844440b
If you are using provider networking, and have IP_VERSION set to include
IPv6 (which we do by default) - you must set the required variables.
If you do not want this behavior, set IP_VERSION=4
This arose from a third party CI system which was configured[1] to have
provider networking, but would explode when hitting the router IPv6
setup step[2] since there was no IPv6 subnet created, and IPV6_SUBNET_ID
would be empty, causing a python-neutronclient error and causing
stack.sh to exit.
[1]: http://paste.openstack.org/show/508710/
[2]: https://github.com/openstack-dev/devstack/blob/c35110e7c5c35dd1edc310dc3d0bb8693e58d336/lib/neutron_plugins/services/l3#L320
Change-Id: I267799b62284c3086ed7c3e2d8a9cbadb9ddcd60
The local.conf docs talk about phases which don't exist for config
file processing, which makes it more confusing then it needs to be.
Change-Id: If7f9255eab0535c3d57a2fd5f1bc18ba4d0801aa
To properly test the integration between Glance CORS feature and
Horizon Javascript environment uploading image files directly to Glance
(using this feature), we need to enable CORS support for Glance in
integration tests. Adding corresponding Devstack variable to configure
Glance in such a way that it accepts direct requests from Horizon
Javascript is the prerequisite step for the integration testing of this
feature.
By default Horizon and Glance are located on the same host, hence
default value cors.allowed_origin = http://$SERVICE_HOST should work.
If a more complicated setup is desired, where Horizon is located on a
different host, GLANCE_CORS_ALLOWED_ORIGIN environment variable should
be exported to Devstack.
Partially implements blueprint: horizon-glance-large-image-upload
Change-Id: I4881fb6631c2daa2ad8946210eff4bb021957374
When running tempest testcase test_minimum_basic_scenario will always fail
due to lack of configuration [scenario] img_disk_format=vhd in tempest.conf
This patchset is to add this configuration when XenServer is used.
Change-Id: I4b916200e6eefb62f148ec8b644fb23ffc7e00a6
Closes-Bug: #1589787
Currently a hardcoded value is used for the DEPLOYWAIT timeout in
tempest. The patch in review 269249 adds a config option to use
instead of this hardcoded value. This patch allows the value to be
set via the BUILD_TIMEOUT variable.
Change-Id: Id79014fd6e07f93029111f6c28e3537e2e39be9f
Related-Bug: 1526466
XenServer 7.0 has changed some iso files' name, this made devstack script
install_os_domU.sh failed to install VM before installing OpenStack. This
patch is to fix the problem, make install_os_domU.sh support 7.0 and other
prior versions of XenServer
Change-Id: I49459bfff2b101fc6927eb4578c5eb47cc8c3ad6
This change adjusts a few instances of `--config-file=foo` to
`--config-file foo` (no `=`) in order to make neutron command
lines more consistent and easier to match in sudoers/rootwrap
filters.
This is particularly useful for oslo.privsep, which needs to start a
helper command with the same `--config-file` arguments (see
Ia9675dff9232e0e987a836ecaf9e842eb5c3cb18).
Change-Id: I91fe18f66f3c3bc2ccd1ca8be91be2915ed3e3ec
I ran some tests locally that showed that when using the uwsgi
deploy the keystone server wasn't using all the processes
available. When I switched from "threads" to "processes" the
concurrent performance improved considerably. So I'm proposing
that devstack switch to processes to improve performance.
Change-Id: I8cfe9272e098e636441b7cfb51bff08d62c3336e
As part of the process of deprecating Glance's V1, the glance team would
like to start testing V2-only environments. Therefore, this change
provides a way to force other services to use V2.
Change-Id: I87e77d07964eac01e9a796817cbc88bd6e59c721
Cinder uses my_ip config option to provide iscsi_targets. It gets
defaulted to the IP of the first interface in the system, which is fine
for some cases, but for example with Vagrant first interface can be used
only to contact with host machine.
To get over it we should set my_ip to HOST_IP from local.conf and this
commit implements that.
Change-Id: I4d2960d92f388ac689dfa6b436dc8bfc1e129fbf
Closes-Bug: 1588825
Future oslo.messaging is going to deprecate usage of driver-specific
options for hosts/port/user/password options.
This change uses transport_url that exists since a while now and
works with all drivers (even devstack handles only the rabbit one).
Change-Id: I3006b96ff93a3468249177c31c359c2f9ddc5db6
For the tempest plugin install inside the tox venv to hold we need to
ensure that it's the last thing run that touches the tox venv before
devstack ends. Otherwise there is a chance we'll recreate the venv in
a later step of installing and configuring tempest. This commit
moves the plugin installation into it's own function and calls that
function as last phase of the tempest setup to make sure it runs last.
Change-Id: Ie253171537e8c5a9887cc30aba1cad4b31e57663
This plugin was using a deprecated function, vercmp_numbers(),
that wasn't actually working properly because the call to
'deprecated' at the beginning was causing garbage to be
returned to the caller. For example, this was always in
stack.sh.log when using OVS:
.../lib/neutron_plugins/ovs_base: line 57: [: too many arguments
Update to use vercmp() like all other users in devstack, and
remove all the old code.
Change-Id: I352362cf59e492fa9f7725190f0243f2436ac347
Two things:
(a) Add the log filter to capture libvirt CPU manipulation driver
related error messages when things fallout (e.g. CPU model
comparision failures during live migration).
(b) While we're at it, remove the "1:qemu_monitor" log filter, because
the existing filter "1:qemu" should take care of logging the
interactions with QEMU monitor console. This is the case since
the introduction of VIR_LOG_INIT() macro in upstream libvirt,
which performs a substring match on a given file name. (Available
from libvirt version v1.2.10 onwards).
Change-Id: I75befd52d9f892eb5a6236eee9a397fab7602ecc
Looks like f24 does not have any special change compared to the
previous release, we just need to add f24 where f23 present.
Change-Id: Ia4a58de4973ef228735c48b33453a0562dc65258
This didn't break functionality but it would use a global instead
of a local variable so nested calls to time_* might have issues.
Change-Id: If61ef07c4ce15f1a356975a0b0611fdf5e49109a
Added to requirements:
https://review.openstack.org/309084
Functional tests were added
https://review.openstack.org/265811
But they still use the version of python-brick-cinderclient-ext from pip.
This change updates devstack to pull in the changes from
python-brick-cinderclient-ext patch sets instead, when configured to do so.
Change-Id: I6d0f09950ea1200d3367a53aa4a3eea9be7abc66
Needed-by: I34f3b5ceaad7a50b1e9cadcc764f61c0aabe086d
A new tempest test is being added in https://review.openstack.org/#/c/285541/
but it is not supported in the Kilo and Liberty branches. This patch
turns on this feature flag at Devstacks's side.
According to tempest policies, this patch must be merged first so the
test can actually run.
Change-Id: I52458a0b36e1dba233667311b35f6c3931e2e66c
Depends-On: Ie69dae09c2b42e825e9d51abf158fc14788387d1
This commit just adds a sanity check output to lib/tempest. It will
use tempest list-plugins to print a table of installed plugins after
the pip install phase is run for any provided plugins. This will
enable users to check that the plugins they think they're running are
detected by tempest.
Change-Id: Icff286da6c68ec9a57f2288458976341bc095875
If a plugin has the L3 API extension available, issue the L3 API
extension calls that creates routers and networks
Change-Id: I77e269ce0025054bcf2a2f4156124f2921ba2d59
lib/keystone sets KEYSTONE_AUTH_URI and KEYSTONE_SERVICE_URI that
other projects should use rather than building the URL themselves.
This will allow us to more easily drop the port altogether.
Change-Id: I7467aae680215f3045d32a088af2187e1eba8169
When the nova backend is LVM we set some libvirt configs
in nova.conf. Those should happen in the libvirt plugin
file rather than the generic nova file since it's specific
to running nova-compute with libvirt.
Change-Id: I37a63a5fba2e9eea4daafe4ec390b2e7aac236f3
This reverts commit 181588b9ba.
Since this change landed on 4/29 it's been the cause of the
top two gate failures (besides known latent infra issues) and
hasn't had good progress on landing a fix, so until it's a
priority for the keystone team we need to revert this change
to get the integrated gate jobs moving again.
Change-Id: I588a84c5179eab072d21bc1394aea2df00929650
Related-Bug: #1577558
Related-Bug: #1578866
When running a compute node that only runs n-cpu and neutron-agent,
there are still configuration items that are needed by the agent that
reside in $NEUTRON_CONF - such as the rabbit rpc information.
Change-Id: Ib7f5dde3afb0c19dc88f351c99bc669217952a14
If the nodepool info file is around, assume we're on a OpenStack CI
node and skip re-installing EPEL & RDO
Change-Id: Ife80af015b26514098e0633f568e3da35b9eea8c
Neutron L3 may implement a variety of extensions: router, external-net,
dvr, ext-gw-mode, extraroute, l3-ha, etc. The public network uuid is
only going to be made available if and only if the external-net extension
is available, because that's the one that provides Floating IP support.
Rather than making Tempest aware of q-l3 service (when q-* services
are supposed to be legacy), it is better to tune this configuration
based on the extension availability. This decouples Tempest from
Neutron setup internals.
Change-Id: I4889fc3d21bd221785b507995f1b3da0e8f52b46
Related-bug: 1582119
Wrong container name in devstack "All-In-One Single LXC Container" manual.
Link: http://docs.openstack.org/developer/devstack/guides/lxc.html
After creating "devstack" container with below command
sudo lxc-create -n devstack -t ubuntu -f devstack-lxc.conf -- --packages=bsdmainutils,git
The name should be 'devstack' instead of 'p2' in the below command
ssh ubuntu@$(sudo lxc-info -n p2 | awk '/IP/ { print $2 }')).
Change-Id: I7a84b97b03b2dd4338f1d946b7eafb8ec6e3767d
Closes-bug: #1582248
For client debugging that invokes multiple libs it can be useful
to have all libs directly in git and not listing all of them
in LIBS_FROM_GIT.
TrivialFix
Change-Id: Ie631cc4045231ebbe8177d2d113e47e4bf83f61c
This patch enables account management by default in Swift. This will be
leveraged by Tempest test cases validating account management APIs.
Depends-On: Id29f5ca48f92cd139535be7064107b8a61b02856
Change-Id: Ic01432939ed9b4cf0cbf20e3244d4d76847f539f
This patch replaces Q_L3_ENABLED with is_service_enabled q-l3.
Both of them idicates wherever Neutron L3 agent is enabled or not.
Change-Id: I33f0f5a6174d1d170bc2ac1c2e3a096d88d17cc1
This commit adds a deprecation warning for lib/neutron-legacy. Right
now lib/neutron isn't quite in a place where we can use it by default
but we're getting close. As soon as it's passing in the gate we plan
to make a switch over and a hard delete of lib/neutron-legacy. To give
any users which have a hard dependency on it (which is not actually
a supported use case) a heads up this adds the deprecation warning
in front of that change.
Change-Id: Idf1faf2e9dd497f9b97abfcc6e796ca72d60d955
The commit message of 2a242519f7 indicated
that neutron-metadata-agent was the correct name for the metadata
proxy, but parts of the code were not consistent.
Change-Id: I52f08266a169aeb9005c0f84296fc814d05b90d4
When creating service users, the assumption is that the service
project lies within the service domain, so create it there.
Change-Id: I4880e789f5eaf340634ceb792397eef12a5a6b51
Closes-Bug: 1580998
This is a follow up patch of [1].
In [1], source has been moved from lib/neutron-legacy to lib/neutron_plugins/services/l3.
However, one necessary function of is_provider_network is lost.
And this cause devstack install fail.
[1]https://review.openstack.org/168438/
Change-Id: I413b3577ec5b11ee0ee01f2368364117962494bb
I goofed when moving it over, and it looks like the calls
to _move_neutron_addresses_route got clobbered.
Changes like a0d1b0151a ended up getting
dropped on the floor, so let's reintroduce them.
Change-Id: I3bbfbc56e2c663c47a03659a1dff96443c13af47
There are a few CI efforts going on related to jobs that use the lvm
image backend for the libvirt driver in Nova. We don't want to waste
time zero'ing out volumes during CI runs, so we need a way to configure
nova to not clear the volumes in these jobs.
This change adds a variable used to set the CONF.libvirt.volume_clear
value in nova.conf. If the variable isn't set, Nova just uses the default.
This will be set to 'none' in the jobs that are going to use LVM.
Co-Authored-By: Matt Riedemann <mriedem@us.ibm.com>
Change-Id: I1e97ba6ab4772a87192ae2689a25050d432358ab
This helps fix an issue where an IPv4 address is moved from an interface
and you lose your SSH session.
Change-Id: Idf37ccbaa6f615fcc714d49c3f0c00c893f56021
Background for this work can be read on the mailing list:
http://lists.openstack.org/pipermail/openstack-dev/2016-May/094063.html
Usage of the new Neutron is by setting the following in
ENABLED_SERVICES:
* neutron-api
* neutron-l3
* neutron-agent
* neutron-dhcp
* neutron-metadata-agent
For now, the new neutron library supports just the ML2 plugin, with the
Open vSwitch and Linux Bridge agents supported. All other Neutron
plugins should be creating their own DevStack plugin if they wish for
DevStack to support them. Many of them already do.
Other notable changes compared to neutron-legacy:
* Rely on the Neutron defaults, and force Neutron to make
sane defaults instead of all kinds of knobs in DevStack.
* Default to rootwrap daemon support
* Use the security group driver by default
* interface_driver can now use NEUTRON_AGENT (linuxbridge, openvswitch), since
they are entrypoints in neutron's setup.cfg
* Use NEUTRON_AGENT variable to determine which agent to run
Works with NEUTRON_AGENT set to either "linuxbridge" or "openvswitch"
Default is openvswitch for the time being.
* Set ML2 configuration for VXLAN support
* Remove Xen hypervisor stuff - it should be a plugin
* Move L3 crud into separate service file:
There's a lot of L3 configuration that was in the main neutron file, but
a lot of it is self contained and can be moved into its own file.
The new l3 service file will contain all the previous L3 plumbing and
configuration that the OpenStack Gate expects, while also eventually
moving the whole l3 network creation step into a single hook that can be
overridden by plugins.
* Introduce a check for a function "neutron_plugin_create_initial_networks" which
will become the mechanism through which different topologies, and
networking plugins can create and wire the initial networks that are
created during a stack.sh run.
The new lib/neutron is considered experimental, and followup patches
will build upon this one. Existing users of lib/neutron-legacy should
remain unharmed.
Co-Authored-By: Hirofumi Ichihara <ichihara.hirofumi@lab.ntt.co.jp>
Co-Authored-By: Dean Troyer <dtroyer@gmail.com>
Change-Id: I31b6362c6d9992f425f2dedbbeff2568390a93da
This seems to break Ironic gate with n-cpu not starting
any more.
This reverts commit c527ded91b.
Change-Id: Idfb01448e8ecf53fbd2e1df61c8f08f3107981ac
Closes-Bug: #1579683
As can be seen in logs of the periodic generation job, our cgit does a
weird thing where sometimes it returns a 404 page with content, and
sometimes a zero response (see [1] for example, the last number is
response size). This appears to be an openstack CI issue; possibly
due to cgit caching or similar (see [2] for manual test). It will
have to be investigated with the host apache logs.
This is resulting in a lot of projects incorrectly being picked up as
having plugins (I7116571d2a2b1fc3a61e5f1ed46ac2cbc244775a). I'm not
sure if this problem is also releated to the original status-code
issues mentioned in the code, but testing shows that cgit is correctly
returning 404's for missing files (you can see in the logs [1]). Thus
switch the logic to examine the return code which avoids this issue.
[1] http://logs.openstack.org/periodic/propose-devstack-plugins-list/e55790c/console.html.gz#_2016-05-04_06_46_51_660
[2] http://paste.openstack.org/show/496434/
Change-Id: I6a06347d91d091441f6f7b70f99aba6d8e9add4b
Currently, the db sync operation does not specify the config dir or
config file.
If there is a config file in the home path, it will use this one,
but not the right one devstack write.
Set config file to these operations.
Change-Id: Id1fbc3d85280c19596f5ebd301c46bcf018fa2f6
Closes-Bug: #1578098
CoreOS cloud image is compressed with bz2 extension [1]. In such
case, we need to decompress the image before uploading it to glance.
[1] https://coreos.com/os/docs/latest/booting-on-openstack.html
Change-Id: I705d0813d180aefaa2507c00d1ae40af07d12fcf
Export the 'short_source' function so that it will be present in the
environment for child shell scripts. Do this because we are passing PS4
to the child shell scripts and it is using 'short_source'
Don't do an 'env_keep' in the sudoers file for PS4, since it is
difficult to also pass along the 'short_source' function.
Change-Id: I9781010d6eb336d02939c7fd47f18bedeae5ccc6
Closes-Bug: #1563443
Devstack installs elasticsearch version 1.4.2 by default.
This version is really out of date and you can't run kibana
4.x against it. We are working towards 2.x support [0],
but in the meantime would like our example to install a more
recent version of ES.
[0] http://lists.openstack.org/pipermail/openstack-dev/2016-April/092583.html
Change-Id: I9ca244f8b817dd9c5f6d7435e347df28282db0a9
This commit adds a new phase to the devstack plugin interface for
configuring test environments. It runs after everything in devstack
(except for the final output commands) to ensure that tempest or
any other dependency is installed prior to running it.
Change-Id: I52128756f18d3857963a0687de77f7cdfd11fb3e
the referenced file was removed with the following change
Ie7f4b265368f1d10a8908d75e11d625b2cc39e7c
Change-Id: I0e25b1f38e0969037d1c8af367432da56bb12e92
This commit adds a new variable to lib/tempest to provide the plugins
that should be installed into common tox venv that gets created. In
order to make this work the workarounds to handle migrating to a common
tox venv have to be removed otherwise the plugins could be installed in
a venv that isn't used.
Change-Id: I63658b8d8dfa999e0feb79f8f2968f2b32e3ff57
Depends-On: Iab2e6e04b6c5795a4d0c8214564106525b942308
In order to support the effort to unify the tox venvs being created
by tempest this commit temporarily cases the path of the venv being
created. Once tempest is updated to only use .tox/tempest we can
remove the if blocks and just use it unconditionally.
Change-Id: I34a69020eee07156e64026781a3c0bffdb5ab415
As we are creating a domain with id 'default' and name
'Default', we should iniset the correct name.
Change-Id: If67338fbbd255b8aa1b91e18e4cf8213baebab95
When running in httpd, keystone accepts requests on /identity and
/identity_v2_admin.
The path endpoints should be preferred over the ports so keystone
is configured to point applications to the path endpoints by
setting admin_endpoint and public_endpoint.
Change-Id: I34569b9e03c3f36748c92d803349e22a7ee1a633
Tempest-lib, as a standalone project, is deprecated in favor of a
"lib/" directory inside Tempest's repo. So remove the installation
of tempest-lib in DevStack.
Change-Id: I507bfe875777fd25bbe5d67c861f3fca99faa22d
There are two implementation code for similar API in Nova repository.
One is newer: v2.1 API, another is legacy: v2 API. v2.1 API has been
used as the default API since Liberty and legacy v2 API has been marked
as deprecated. We have used and tested v2.1 API so well and now is
nice time to remove legacy API code based on the consensus of the
design summit of Austin.
This patch removes NOVA_V2_LEGACY which set up legacy API code.
NOTE: The gate job which uses this NOVA_V2_LEGACY option has been
removed already since Iac81b7d569b76b99e9d86eaa5001ae7f9b78cdfe.
Partially implements blueprint remove-legacy-v2-api-code
Change-Id: I0e16b7ce608d7eeb3a35fd77e66531dfc8c142ef
I think the objective of the line is to display message, but it was
also echoing entire line before printing the message.
Change-Id: I758759638003deec3205983863f4b7e23ba94e89
Signed-off-by: Sachin Patil <psachin@redhat.com>
In a multiregion installation of devstack, conflicts occur in the
creation of images, networks, or volume types, when the region is not
set.
This patch adjusts commands to include the region, and
also adjusts the region_name in the nova configuration section of
neutron.conf to include the region.
Change-Id: Ifedff6a124fa49d57cc7b2f35916d8d96f5e5f7a
The nova check in is_service_enabled() is loading the nova repo
when ENABLED_SERVICES=ovn-northd. Add a comma before each of the
checks to prevent this error with any of the other services.
Change-Id: I9deee735812cde44ea5140b1ad76848f02576609
Closes-Bug: #1574431
Commit 020586fab4 removed support
for g-search as it was promoted to its own project. The devstack
plugin for Searchlight triggers the installation of elasticsearch,
so it can be removed from upstream devstack.
Change-Id: Iada75fc59c66b776c506431f93deb668ab0a84b9
This minor release of bashate just fixes one small issue with python3
compatability. This is an alternative to
Ic91b5ce8cb85e376573f9bf3659d2a86cc437179.
Change-Id: Ie5ad29003cf80a332b9a9258749757a15de79966
This commit fixes breaking change [0].
Long driver names like 'nova.virt.libvirt.libvirtDriver' are
no longer available and 'libvirt.libvirtDriver' should be used
instead.
Reference:
[0] https://review.openstack.org/309504
Change-Id: I27a1b75b921c7401bc8614caadfd1e09e7dd5d65
Closes-Bug: 1574990
Change I24546f02067ea23d088d383b85e3a78d7b43f165 aimed to use
keystone v3 as default in devstack. The change was later reverted in
Ia792b23119c00089542ba08879dca1c29dc80945 because it broke some
projects.
This patch contains a small portion of the first change to set the
environment variables $OS_USER_DOMAIN_ID and $OS_PROJECT_DOMAIN_ID in
openrc, so that users don't have to set them manually when using
keystone v3.
Change-Id: Ie4c316d60590d55830d417f13817298dac70864f
Partially-Implements: bp keystonev3
Closes-Bug: 1387814
Since I380dd20e5ed716a0bdf92aa02c3730359b8136e4 , tempest options
tempest_username and tempest_tenant_name have been added.
However, they are never used at all.
So this patch removes them for the cleanup.
Change-Id: Ic40047c5903d664e4a2d5eea88ff788e39d1e416
This reverts commit 7d1ec43004.
This broke the sahara and layer4 dsvm jobs. The layer4 job
is voting on tempest changes so tempest is also broken.
Change-Id: Ide69f10cd85bf7ff0d86bc8cba56dedd26850362
Partial-Bug: #1573868
We really should only have code that create endpoints once, making all
osc calls get_or_set adds 3 seconds per call for no really good
reason.
This also stops creating the internal endpoints in the service
catalog. It's a pattern that we're trying not to propogate, so lets
not have it in devstack any more.
Change-Id: Ia8cefe43753900d62117beae330db46deb6a9fc9
When using XenServer as hypervisor, install_os_domU.sh will create
integration bridge for compute node when neutron network is used.
But it should provide a way to allow moving of the VM to another
host (with a different XEN_INTEGRATION_BRIDGE) for easier install.
This patch is to provide the way to let user have the chance to
configure integration bridge themselves
Change-Id: If923a5e978e77fc091d24b6e1fe7a83a3375da09
As Nova hypervisor uses deprecated parameters when trying to
authenticate to Ironic, as well as a hardcoded /v2.0 endpoint, a fatal
error occurs when creating a keystone v3-only devstack.
This patch updates auth parameters (ironic section in nova.conf) that Nova
uses when trying to connect to Ironic to v3 parameters.
Change-Id: I2d7ebf750115613aa917448f20daaece614633ef
The bug #1542282 added Q_PLUGIN_CONF_PATH to the comment on how to use
Q_PLUGIN_EXTRA_CONF_FILES. But the right variable name is
Q_PLUGIN_EXTRA_CONF_PATH; this patch fixes this comment.
Change-Id: I6b6b39068fe54509b1bb8af47ae0b21dd77c444a
Related-Bug: #1469434
Closes-Bug: #1542282
Use the fernet token provider as the default for keystone.
The Keystone token provider of choice is changing from UUID to Fernet.
However, due the the need for multi-site keystone deploys to have keys
kept in sync, we cannot change the default in upstream Keystone
without breaking existing deployments. Fernet requires a deliberate
setup step like what is done in devstack. Making the change in
devstack documents the expected setup.
Change-Id: I8c0db244634b0861b0eb3c48fe6ede153f7f04f2
Currently there is added an obsolote/wrong '/' when passing
Q_PLUGIN_EXTRA_CONF_FILES to the service start arguments.
Thats not a problem when using absolute paths, but wrong for
relative paths. This patch removes that extra '/'.
Change-Id: I2136d39889eaf83ecfcc711c733e95e261f455e0
Closes-Bug: #1572192
Make it possible to construct the service users in their own seperate
domain. Changing this away from Default will not work for everyone yet,
though it does work for basic service interaction however enabling it
will allow us to start testing and hopefully gating that services aren't
relying on v2 only concepts.
Change-Id: I7e73df5dd1caabf355783da2bc0f3007ade92fba
This environment is used by the normal docs job, add it.
Manually add requirements needed for doc building.
Change-Id: I1be193d113683966f6a76e862713f3a550543168
Related bug #1469434 fixed the usage comments for
Q_PLUGIN_EXTRA_CONF_FILES. However that change didn't
make it into neutron-legacy. This patch updates the comments
in neutron-legacy to reflect proper assignment of
Q_PLUGIN_EXTRA_CONF_FILES as well indicate
Q_PLUGIN_CONF_PATH is required when using extra conf files.
Change-Id: I447f1158d333ac4a35c4903a509146a62d93b272
Related-Bug: #1469434
Closes-Bug: #1542282
Those reports may be helpful when debugging neutron gate issues.
pgrep is backwards compatible with old Solaris tools, which means it
does not match with commands that are longer than 15 characters. To
avoid that for neutron agent names which are longer than that, we need
to pass -f argument to match against the full cmdline.
Also killall instead of kill + pgrep in a subshell.
Change-Id: I9b3801e927c0e80443ed76e38cd8e3618e888e49
Create specific heat_stack_owner role to be used by
tempest tests, rather than using _member_ which is not
automatically created in keystone v3.
Change-Id: Iff13a47e360b628bc48a8cb897d9368af49db01b
Partial-Bug: #1539692
devstack failed to install because glance:
Could not determine a suitable URL for the plugin
patch I618ea8e27b49af360c905df85af06d9b1eef8407 tries
to fix this problem, but with a wrong way because path is not
correct, the clouds.yaml is not under /path/to/devstack/~/.config/openstack/
but ~/.config/openstack.
patch I8af6bd465f74099c560dddba6b5221dd79cbc965 tries to
fix this problem, but with a worng way to specify the path,
~$STACK_USER/.config/openstack/clouds.yaml will not expand with
a variable, only const string can.
$ whoami
zqfan
$ touch ~/.config/openstack/clouds.yaml
$ export STACK_USER=zqfan
$ rm -rf ~$STACK_USER/.config/openstack/clouds.yaml
$ ls ~/.config/openstack/
clouds.yaml
Change-Id: I549817d2f4638be615991c1726b39d270ba71357
ref: I618ea8e27b49af360c905df85af06d9b1eef8407
If the variable SWIFT_STORAGE_IPS contains a space-separated list of
IPs, we can use this to create consistent rings across all proxy and
storage nodes.
Change-Id: If9307196dc7e74e4a842c95503958ae2d7f7acc7
This is a follow-on to I6f392d3c16726f6dd734184dcf3014fb4f388207 to
note the variable is kept for backwards compatibility.
Change-Id: I1008b2d4e2baf82e1aa531d9eaf96a084beb69aa
The WIP prefix and the statement
"This can't merge until p-c no longer references lbaas jobs."
Should have been an indication that this patch is not quite ready to
go in as is.
This reverts commit 130c3adb0e.
Change-Id: I57d5f9f2e66b1bdf6fca70074bc1d5678de65f38
This is a fairly opinionated change to do some spring cleaning on the
documentation.
The current output of shocco as rendered at [1] is completely broken.
I can not see that it is worth us maintaining this. Honestly, the
github page does a better job at showing the scripts with a bit of
formatting. The "changes" page is similarly useless today. cgit or
github show allow browsing of changes in the repo better. Both are
removed along with support scripts.
When you currently hit the first page, it gives no clue as to what
DevStack actually is. Add a paragraph explaining that, and link to
the cgit for easy source browsing.
stackrc.rst is not necessary; the stuff about database backends is
already discussed in configuration.rst; move the things about service
repos into a section of configuration.rst.
The discussion in openrc.rst is moved into the configuration.rst file.
localrc.conf.rst was just a paragraph pointing back to
configuration.rst; this is removed.
The variables described in exercise.rst are moved into a separate
section of configuration.rst
[1] http://docs.openstack.org/developer/devstack/#scripts
Change-Id: Ie7f4b265368f1d10a8908d75e11d625b2cc39e7c
When devstack fails, some or all bridges may not exist.
This change allows an only existing bridge to executes ovs-ofctl command.
And fix duplicate ofp version specified in protocol option of ovs-ofctl.
Change-Id: Ied01de727ca9b867ce87db358f72ae44838b63af
This removes Oracle Linux 6 support ("OracleLinux") which, like RHEL6,
is now unsupported. "OracleServer" matches Oracle Linux 7.
Change-Id: I35b1c7d0b103c509283dba0f6551453e7d8ac4cc
Closes-Bug: #1568634
This commit adds an execution bit to generate-devstack-plugins-list.sh.
This should be useful for users.
Change-Id: I12d0a257eb1d487979d044c2e52e824a6ea4c02d
In stack.sh, REGION_NAME is used to set environment variable
OS_REGION_NAME before using OpenStack client to configure accounts
for services. OpenStack client will try to find Keystone endpoint
in REGION_NAME to send the requests.
However, in the case of deploying multiple DevStack instances in
different regions with shared Keystone, Keystone is only running
in one the of region. When installing DevStack for the region that
does not host Keystone, OpenStack client will fail to find the
Keystone endpoint and thus DevStack fails to start.
This patch fixes this bug by introducing KEYSTONE_REGION_NAME for
user to specify which region Keystone is running in. Document of
multi-region setup is also updated.
Change-Id: I3e82c7ff69326d4171623299ffecea103d40c80d
Closes-Bug: #1540802
Most of the tempest utilities need at least a partially setup
configuration file to work properly. This is because most of them
make api requests in order to perform the expected operations.
This causes a bit of a chicken and egg problem when we rely on
these utilities for configuration purposes since we don't know if
we have enough of a configuration file to run things. This previously
wasn't an issue because all we needed to run was verify-tempest config
and it wasn't in a critical path just for api extension discovery and
it wasn't relied on. But, with the addition of tempest preprovisioned
credentials we rely on a tempest util to create the credentials we
use for running things. We need to ensure the util has as complete of
a config file when it's run to ensure that everything is in the
correct state.
This commit moves the running of all tempest utils and the associated
iniset calls to the end of the configure_tempest function to ensure
that the utils have as complete a config file as possible.
Additionally, it makes all tempest util calls are venv isolated. (which
is mostly future proofing for when things are branched on stable)
Change-Id: I5844aed4e134fbc7210aa0eca83500e260915b7b
The test job "gate-tempest-dsvm-cells" uses the Nova cells concept.
This triggered a deprecation warning:
WARNING oslo_config.cfg [...]
Option "rabbit_virtual_host" from group "DEFAULT" is deprecated.
Use option "rabbit_virtual_host" from group "oslo_messaging_rabbit".
This change removes that warning.
Change-Id: Ieaf437ecbf58edb8994f6afcb0ac2afcd5585a1e
Variables PUBLIC_INTERFACE_DEFAULT and GUEST_INTERFACE_DEFAULT
are only use to provide default value, deployment script should
not use such values directly
Closes-Bug: #1566768
Change-Id: Ib543b416df861086fa2edbe7df769b224d0b0add
Make the warning in the auto-generated file stand-out a bit more, so
people don't waste time trying to add entries that appear
automatically.
Change-Id: Icf4290e1fad21ce72af54c178bafcce0b287cdf6
Change 0b9e378cca2be4e034ad401d71fbe4470907f93a moved the
api_paste_config from the DEFAULT group to the wsgi group
and deprecated it's usage in DEFAULT.
Change-Id: I283db638e76b986d3e728c6caf34a0b3f37fc9b6
Ubuntu vivid support is EOL lets make room for xenial.
Change-Id: I21c4966c80e0b5fc2b1a7448020dd1c75e0070ad
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Fix the table with a bottom border. Regenerate the plugin list using
the script to make sure it works this time.
Change-Id: Iab3eb3879fd6017c55259e470477e4a9e34514e2
This makes us depend on n-api being enabled, which should avoid running
this on subnodes, where it fails because of no credentials.
Change-Id: I209bd59cd57be27c3375f5a2074361307abcafe9
Closes-Bug: #1567065
Nova API itself supports both URL modes:
with project-id and without project-id
However, we are changing service catalogs for removing project-id
based on the discussion.
We have agreement on https://review.openstack.org/#/c/181393 like the
following:
- Standard required naming for endpoints (versioned vs. unversioned,
contains project ID vs. no project ID).
* We want unversioned endpoints so that the user can get
information about multiple available versions in a given cloud.
* We do not want project ID, account ID, or tenant ID as part of
the resource URI for an OpenStack API endpoint.
So this patch removes project-id from Nova service catalog for this
direction.
Change-Id: Ifd74152727b5c0c75924419a7a52e024a69ce72c
Make sure the table is separated out from header and footer content so
it actually gets picked up as a table.
Change-Id: I60a24b2476a55cfbf5c864a1c27ce5b98e699886
This sets all the internal variables and service users that are set to
use project instead of tenant for clarity.
Change-Id: I4aa833bac2ee2281c5f2881f7ae1fd8e7c759f74
This makes devstack create default flavors in nova, like cinder, now
that nova no longer hard-codes them into its database.
The flavors created here match the legacy default flavors that nova
kept for so long, and also creates a new devstack-namespaces set of
flavors which are likely more useful for people.
Change-Id: Ic275887e97221d9ce5ce6f12cdcfb5ac94e300b0
Cinder was the only project with a script in driver_certs. That cert is
no longer required for Cinder as we now just require that third party CI
is run for all drivers before acceptance.
This removes the cinder cert test script and the now empty driver_certs
directory.
Change-Id: I8d0867c4720f324b8dbf3c64ddf66ff267996d10
As part of the "reduce confusion on tenant_id" we need to change as
many references as possible over to project_id.
Change-Id: Ia665312f24672b106e12fde93b60f142620c3a45
Currently ovs-ofctl command is executed for only default ofp version
(OpenFlow10).
Some Neutron's plugin uses OpenFlow13 and in that case ovs-ofctl fails.
This chage allows us to get ovs info for all ofp versions supported by ovs.
And adds dump by dump-ports and dump-ports-desc.
Change-Id: I2d3c42835a5ad0f5ebf540e8127762f466347c9c
Neutron had a lot of work done during the Mitaka cycle to fix MTU
issues, so let's see if Neutron can stand on its own.
This commit reverts 06cfce3756
Neutron patches:
I6ffc8973c9b8f46cc19922ff04fdd2d23646b878
I4096a3e7704032fa4aa5c3aa8bcaec4e38d0d06d
I6a10c4dfc1f2198667f3d02528e2ca8020cb5bb8
Ic091fa78dfd133179c71cbc847bf955a06cb248a
Idf6221fee2c7da86123b330ad3c235ecc6868242
I6859ebdde1f7e3a8163b49d705620e522ada606a
Change-Id: Ie88c7ebb29adadde530217c95e2f38aacb119dc8
In I33525e2b83a4497a57ec95f62880e0308c88b34f, we switched
from zookeeper to dlm. Somehow this got left behind.
Change-Id: I41d13d33c9a81271d4a9752cbe98c0028a17ab1e
Since commit 7580a0c3e3, openrc
print a WARNING message to stdout, it will break the zsh script
in faq.rst. This patch redirect openrc output to /dev/null.
Change-Id: Iaba03634d7a234cd4d120477f91ef56d0595cdf6
Closes-Bug: #1563940
Printing the total makes it easier to compare runs at a glance. Clean
up the output a little, and use some consistent, name-spaced globals
while we're there.
Note the total runtime is at the top to avoid giving the impression
that it is the sum of the components below, since you can nest/overlap
timers (I made that mistake in a prior change :). It might be a fun
exercise in tree building to one day track the overlaps and present a
nice nested breakdown.
Change-Id: I878ce03813d21138df493b82bceff3aaa7f83064
Ceilometer uses a devstack plugin for a while now, so there should not
be any need for this file in the main devstack repository.
Change-Id: I3577c52b106c63c465a40ea3740eb5b8384e900e
This is a normal step in the process for upgrade and is now
required for migration of flavors from the main DB to the API DB.
Since we previously made a bad decision to encode those flavors into
the first database migration, that means that even on new installs we
need to run these.
Deployment tools are going to be running this command any time they
do anything to the database post-deployment, which means adding this
to devstack is putting it in line with what normal deployments will
be doing.
Change-Id: I8ab03af9d2f4974f26a7f8487ec978caea957e45
Since change Ie38deadf190db33863c99d4610157349484ac10f ceilometer does
not use spidermonkey which needed libnspr4-dev to be installed. Thus the
requirement can be removed now.
Change-Id: Ib0685181f1cc4c9b58411a1679ac9dec1812f683
OS_CACERT was being added directly to the environment rather
than usercc_early. This caused an untrusted CA error to be
thrown.
Ensure that SERVICE_HOST is in the Subject Alt. Names of the
issued TLS server cert. The gate sets it to 127.0.0.1 which
wasn't being handled. Only the FQDN of the host and actual
IP address of the machine were being added.
Change-Id: I8a91dffe1a5263d2bcc99ea406a8556045b52be2
auch configuration in the nova section in neutron.conf was
still setup manually. Just reuse the function
configure_auth_token_middleware() for configuration to simplify
the code.
Change-Id: Ib5a7e9212e2d1242bdbec75cf3fac13d5c42a2e2
This commit moves the auth setup for tempest config to occur before
we run tempest verify-config. The API requests that command runs
require auth and in the case we run tempest without admin creds set
the config file will not have any credentials to run the query with.
By moving the auth setup to occur before this it will ensure tempest
is always configured with credentials before we run the command.
Change-Id: I6d11b24e4492f1fde3aa3a7a239c40d63111bfa1
Previously the swift blocks only ran if s-proxy is enabled, which
prevents a multinode configuration. We should run these blocks if any
swift services are enabled, and push proxy specific conditionals one
step lower.
Change-Id: I540a97615b3c19f882c8673b1a4a29cd47e36aa8
Lbaas devstack support is now in the neutron-lbaas repo, so we can move
towards removing it here. This will explode hard, but let's start peeling
the onion.
This can't merge until p-c no longer references lbaas jobs.
Change-Id: I1c49877bab53f6b25385302420086b25e3eeeebf
Make our usual admin user to be a real admin,
and open the way for improving the per project
policy.json files.
Change-Id: I133a5953d209bc1edbd03ecfae750f77e3eaa64d
Related-Change: https://review.openstack.org/#/c/242232
PS4 can include functions, so when running in the LOG_COLORS=True mode
provide a grey function line so that it's easier to visually
distinguish the content from the location.
Also make it so the main prompt chunks off all the common path, which
means we can printf to 40 characters and have a pretty reasonable and
readable PS4.
Change-Id: I4a10a49db97d413349bcfceeb8c4164936fbcc40
Check that a public and/or private network exists before calling
probe-create for it, to avoid an error in the case where that
network hasn't been created
Change-Id: If01cec47dc4ab02b5d78074b1354df10dc23b384
Closes-bug: #1560629
It seems pip distinguishes paths with .. or extra / for constraints.
For example, the following directories are considered different.
/path/to/dir
/path/to//dir
/path/to/dir/subdir/..
This commit tries to normalize the given directory name to avoid
"Could not satisfy constraints for 'xxxx': installation from path
or url cannot be constrained to a version" error due to directory
name mismatch.
Reference: https://github.com/pypa/pip/pull/3582
Closes-Bug: #1542545
Change-Id: Iae9d58c27d3b10bca16e4a471507c4d5c16439a0
hexdump is used in common function generate_hex_string which is
used by nova and heat. The current general dependencies do not
have this dependency covered, instead it is usually pulled in by
other implicit dependencies when a full devstack is built. In
cases where only a subset is built (like just Heat and keystone)
hexdump is missing.
Added unit tests for the generate_hex_string function.
Depends-On: Ib47d802a31a0f4c2a49daa7e6698e37c70a2365a
Change-Id: I77c8c2019fb8b8174cdfaed3e56ebf728f0732b7
Closes-Bug: #1558672
In future Nova will use os-vif library for some communication with Neutron.
This patch add ability to install os-vif library that requires for run
tempest-jobs for new patches, that used os-vif.
Change-Id: I28e48afd3c740b1aa50c994d99f660f095e7deda
We've had a couple of cases where plugin names are longer than our
table width.
Take the fixed-with table-header out of the header file, and generate
it dynamically based on first-column width. To simplify, take
advantage that RST allows a variable-length last column and so don't
specify it's width.
Add a link to the cgit URL for each project you can click on to browse
the source (link text remains the git:// URL).
Add some logging so you can see what the python generator is doing,
should you run it.
Change-Id: I5d5e692039bbb30b2508119412472dac1d105c08
Apparently this is intentional as a joke on devstack leaking
passwords, but the dual meaning of the word confuses people. Let's
change it before we get yet another review fixing it.
Change-Id: I3bee03612f6ea197362aab04a37f81043f77f235
Insert the unversioned keystone URLs into the service catalog. Services
should be able to determine the correct URL for their work from this.
Depends-On: I931f0c558aafc8dfaa5519744c6e4e7fcffc3205
Change-Id: I6171f782a1dd397720a9b2a3393b30ae5aca0cc2
When detecting os_VENDOR, the lsb_release output may be different
from what is expected today. This patch fixes the detection.
Change-Id: I850ad1acbc2397c73e7cc85c1765cba6ba2f98d4
After reviewing I5b1d49be8d9e3e331826e30182fba70f099b5e7f and
I161a157895b4ed0c9ea5a7a00302e30f4ad75ed3 - I have come to the
determination that this really should be in a DevStack plugin.
If both of the patches under review were to merge, we would be blessed
with at least the following variables:
OVS_NICS_FROM_BRIDGES
OVS_NIC_MAPPINGS
OVS_BRIDGE_MAPPINGS
OVS_PHYSICAL_BRIDGE
PHYSICAL_NETWORK
PUBLIC_PHYSICAL_NETWORK
Which really is not good. Let's just push this into a plugin, I don't
want to deal with it.
This reverts commit 3095ff5132.
Change-Id: I746022f5db93d3333101a014692fbdcd790a0004
This all started with an investigation into Fedora's use of ecua2ools
package. This package is a bit of a nightmare because it pulls in a
lot of other system-python packages.
For Ubuntu, this package was removed in
I47b7e787771683c2fc4404e586f11c1a19aac15c. However, it is not
actually a "pure python" package as described in that change, in that
it is not installable from pypi. I can't see how you could actually
run exercises/euca.sh on Ubuntu unless you installed euca2ools by hand
-- ergo I suggest it is totally unused, because nobody seems to have
reported problems.
In the mean time, ec2 api has moved to a plugin [1] anyway where the
recommendation in their README is to use the aws cli from amazon.
Thus remove all the parts related to EC2 and ecua2ools from base
devstack.
[1] https://git.openstack.org/cgit/openstack/ec2-api
Change-Id: I8a07320b59ea6cd7d1fe8bce61af84b5a28fb39e
Normally a standalone uwsgi server would run in "master" mode -- it
handles signals to reload the processes. I tried this originally
with keystone but found that the server didn't shut down when
unstacking. The reason it didn't shut down is because (by default)
uwsgi does a reload on SIGTERM & SIGHUP rather than shutting down by
default, see [1].
Setting "die-on-term = true" & "exit-on-reload = true" changes the
uwsgi server to shut down when unstacking.
[1] http://uwsgi-docs.readthedocs.org/en/latest/Management.html#reloading-the-server
Change-Id: I145fef185d4a31078295941779e175b7452a5760
There was a lot of duplication in the uwsgi options between the
admin and public config files. The options common to both are
moved into their own section.
Change-Id: I5519c7d4d8b8446a7a5fdb8033852655d8a2c67b
keytone has removed it's CLI and will release a new version
when Newton begins. As part of the removal process we also
need to remove the bash completion script, which is currently
failing devstack gates.
Change-Id: I132b862bde5b4173bf34beae12a7a882f5a96314
This command has never completely worked to restart DevStack.
It periodically prompts attempts to work around this brokenness
in ways that harm other functions. Let's finally remove it.
Requiring a complete re-run of DevStack after a reboot has always
been intentional.
TODO: follow-up cleaning all of the screen hackage if this merges.
Change-Id: I2f61bb69cc110468a91dcaa4ee7653ede7048467
This change provides better handling of tgtadm --op show
output as input of tgt-admin --delete command. In situation
where no output of the first command is present no tgt-admin
command is run.
Change-Id: Ief5e1d50dd679f4d47cffef29ff07e54cc37f80a
Closes-bug: 1554997
1.4 was released in 2012. I think we can assume everyone is running
something newer.
http://openvswitch.org/releases/NEWS-1.4.0
Change-Id: I3cfe99d2647800ae3ffb32c9e6749d03224c2967
* memcache_servers is a deprecated name for memcached_servers.
See: keystonemiddleware/auth_token/__init__.py#n287
NOTE: memcache_serves in the cache section is valid option for
oslo.cache. See oslo_cache/_opts.py#n65
Depends-on: Id65f1bff8e38c777fa406d88ac6a2355d6033d94
Change-Id: I3e1230b139e710a0433e71ce118ca246d7c6a0e6
We made assumptions on the platform for sorting purposes, which turned
out to break with new images being deployed. Explicitly setting LC_ALL
should make this work.
Change-Id: Id65f1bff8e38c777fa406d88ac6a2355d6033d94
Not having a header or footer should not be a fatal error
especially now that we have removed the footer entirely.
Change-Id: Ibbf3e513b8faa016dc2dac8d11ab4f499b3fc51c
Use the additional keystone-manage parameters to setup the identity
endpoint in the service catalog rather than manually fetching a token
for this.
Change-Id: I6f5be1df205dee8f3251b4eb413e00ae64f00f07
Currently Devstack (and devstack gate) uses the default
max_file_size of for Swift (5GB). However the loopback file
is only 1 or 2 GB is size.
We are looking at setting a default FALLOCATE_RESERVE in swift
https://review.openstack.org/#/c/288011.
Because of this our max file size test fails due to the max_file_size
and devstacks loopback size being too small.
This patch sets this to a more sane size by default inside DevStack.
See the gerrit link above for more details.
Tempest uses a loopback of 6GB, so in this case the swift default of 5GB
should be fine.
Change-Id: If09eab7d16ae67bd252020e00e8812ff252f065b
Update bashate to 0.5.0 release. We got things ready for this with
I3fd5d55236e90c2f2c25243af87adaf0c1b763e2.
I'm not sure what I was thinking in
I9e4b1c0dc9e0f709d8e76f9c9bf1c9478b2605ed when I added ".orig" files
to the list of files to check. Ignore diff/merge files.
Change-Id: I8bb0c8b39972abb775b4e5556e79d2e17005bc8c
The trove image is one of the larger ones we cache, and after
double-checking it is still used as part of the
gate-tempest-dsvm-trove tests (although integration tests seem use
their own dib-built version)
Add some notes to clarify the situation with this image.
Change-Id: I2319dd5811d6bd215d1e8778eca5b4c9399f0efb
Aside from notes, the content of the footer is entirely redundant
with the detected plugins list, so let's remove it.
Change-Id: I346b59705c5b0716a18087f6800f568fb1f4c9a8
This uses the new use_neutron variable instead of the crazy class
path. This helps us test the use of this in our jobs.
Change-Id: Ic6d0cc4b7a0df6b3f5336ee58886f7edff26e846
Depends-On: I1c2eb51d10ba6370492a911f59370b9870646a38
Change I380dd20e5ed716a0bdf92aa02c3730359b8136e4 updated the tempest
configuration to stop creating a bunch of globals. But as part of
that refactor it started using $admin_password as the password
argument for tempest-account generator, which is never defined.
This commit rectifies the situation by using the correct variable
$password.
Change-Id: Ieeed58751e5784020e04bcc2911ac74791662110
If /usr/bin/which is not available, the current code
doesn't detect i.e. /usr/bin/zypper . Using "command -v" solved
the problem.
Change-Id: I1c281c3184d69cd9dc2418295b6a392d8e5693e0
Virtuozzo is a RHEL-based distribution serving as a platform OS
to host proprietary container virtualization
(formerly, Parallels Cloud Server).
We moved away from CloudLinux distribution, which has actually
no support in Devstack (no such clause in is_fedora).
As it was us who introduced CloudLinux, by this patch
we replace it with Virtuozzo distribution.
More info on Virtuozzo company here: http://virtuozzo.com
Change-Id: Ib8a77e4611ebc05bc0aa50bb83ab79c412e21c74
If a command we trigger fails for some reason, it's worth logging
details about the failure (like return code).
Change-Id: Ib19aa474eccdd11e138a4f55e125935b621bca05
The agent_* drivers in Ironic are not yet capable of deploying partition
images. The code in DevStack was aware of that but it was looking at the
agent_ssh driver specifically.
This patch is fixing this assumption and extending that conditional for
all agent drivers.
Change-Id: I416faa9ef6fba9621cd664d5a0747b1e80e281d1
postgresql 9.3 don't create /etc/postgresql and related conf file by
default. So we need start the pg_createcluster in devstack if has not
started after package installed.
Change-Id: I2b348658d79b23b5f21871b33d8023499b2fb956
Close-bug: #1552051
We need to do a substring match on the vendor here. As most releases return
"openSUSE project" for the vendor.
Change-Id: Ia05db8d93b5e3f42cb6a9c8d77616ca9f7c32039
Now that the devstack pluging periodic proposal job is in place,
add a note to the header to try to head off confusion.
Change-Id: I1c740ff768f831548970142a8bd024abe1763fdf
This patch ensures that lib/tempest doesn't call nova when heat is
enabled and nova is disabled.
Change-Id: I2debbae1bb82ecace1058e99ab172272393fb5ea
Closes-bug: #1549708
Since I93e9f312a94aeb086925e069a83ec1d3d3419423 yum_install isn't safe
under errexit. This means it really only works when called by
tools/install_prereqs.sh because for some reason, we don't set that
there.
However, there is a problem with the retry logic when detecting failed
installs. A failed package install should stop further progress, but
with the current retry logic it just goes ahead and retries the
installation, which then incorrectly passes. You can see this
happening in a test like [1].
In our detection scripts, make a failed package or missing packages
exit with error-code 2, and "die" when we see this to correctly stop.
[1] http://logs.openstack.org/81/285881/1/check/gate-tempest-dsvm-platform-fedora23-nv/a83be30/logs/devstacklog.txt.gz
Change-Id: I4ea5515fa8e82a66aefa3ec3a48b823b645274f7
Setting OFFLINE=True in local.conf should enable stack.sh to run multiple
times without an internet connection. This was broken for some cases
when recreation of tox venv for tempest was forced in lib/tempest.
This change makes recreation of tox venv enabled only when OFFLINE mode is
disabled.
Change-Id: I2bf6caf60038a3690378eead905b35e9175ac356
Closes-Bug: #1550537
Since EXPERIMENTAL Glance v3 API has been removed in favor of
standalone API implementation was added we need to add some
changes in devstack to support it.
Implements blueprint: move-v3-to-glare
Depends-On: I5b7bd4cdcc5f2a40fc4a5f74bcc422fd700c4fb0
Change-Id: Iced3c68010eb6bcd2a6a1ec8f1c6883f84cbe77f
If tools/generate-devstack-plugins-list.sh is invoked with a parameter,
as is the case with the proposal job, copy the generated list thither
so that git will actually generate a diff.
Change-Id: I874a521bba7f402f5c07e28d6ebb086e77873795
This removes the fs-based git code path for detecting devstack plugins
as requested in I2c5c9282a8ad80014cad171a4dfbdc8f26044cd1
Change-Id: I6d1567c2545b866c433381d19587beb08c281c53
When os-brick starts using privsep, it will need to know how to invoke
its privileged half. Amazingly the name of the rootwrap executable
isn't anywhere else in the config, so the privsep default uses just
"sudo" (no rootwrap).
We need to either:
1. set the privsep command line to use nova-rootwrap in nova.conf (and
similar in other configs), or
2. add the privsep-helper line to sudoers and bypass rootwrap entirely.
This change implements (1) for devstack (nova only for now, cinder to
follow shortly).
Change-Id: I90dc41bc77993bd83b80c92286e015e14f290b45
When os-brick starts using privsep, it will need to know how to invoke
its privileged half. Amazingly the name of the rootwrap executable
isn't anywhere else in the config, so the privsep default uses just
"sudo" (no rootwrap).
We need to either:
1. set the privsep command line to use cinder-rootwrap in
cinder.conf (and similar in other configs), or
2. add the privsep-helper line to sudoers and bypass rootwrap entirely.
This change implements (1) for devstack/cinder and is similar to the
corresponding nova change in I90dc41bc77993bd83b80c92286e015e14f290b45
Change-Id: I8a0b1728cc66c4861f69623b1b16b1f759b57b25
Skip with a notification that a command was not found when trying
to run a dump that relies on optional external command.
Otherwise we produce noise in the error output that is misleading.
Change-Id: I0e3d99da8c54d2912463ecba7c1783864a7c7fc7
Closes-Bug: #1548833
Closes-Bug: #1506873
When running pkg/elasticsearch.sh the following files are created:
.localrc.password
files/elasticsearch-1.4.2.noarch.rpm
files/elasticsearch-1.4.2.noarch.rpm.sha1.gen
files/elasticsearch-1.4.2.noarch.rpm.sha1.txt
Change-Id: Ie2ab8b7fe72f51cb350e1f46ca97570b84047ac4
Closes-Bug: #1548201
Since https://review.openstack.org/#/c/281779/2 have been
merged the telemetry integration job is broken.
Unfortunatly, it can't be fixed on our side, because we have to
rename SERVICE_TENANT_NAME in many devstack plugin, we can't merge thing
until all plugins have been fixed.
So this change restores SERVICE_TENANT_NAME, to be able to switch to SERVICE_PROJECT_NAME.
Related-bug: #1548634
Change-Id: I14ebf23aa63f0f153b934ad213a6209d22e73e9d
Commit 7dbcfae introduced a subnetpool needed for the
auto-configured-topology Neutron extension. However, it allows
only up to 4 tenants, then you'd hit an error about no more
available IPs. This patch changes the size of the subnetpool
and the subnets it creates.
Change-Id: I4f43bebc52fb20e39853a1632fe31506958f5071
The uwsgi keystone jobs are failing with an error like
+ devstack/functions-common:_run_process:L1391: setsid uwsgi /etc/keystone/keystone-uwsgi-admin.ini
+ devstack/functions-common:_run_process:L1395: exit 0
execvp: No such file or directory
I think this is because uwsgi isn't installed on the images. The fix
is to pip install it.
Also, use the full path to the uwsgi executable (even though execvp
is used) because eventlet (calling keystone-all) does.
Also, the uwsgi process wasn't shutting down on ./unstack.sh. This
is worked around by not running master process.
Change-Id: Id02e16c5149ba3dfa13051e87cfccd8e505b7362
lib/tempest is using / setting a ton of globals, a lot which don't
look used. As a first step to converting over to s/tenant/project/
make all of these local which means they can not be impacting anything
outside of this function. That will make them safe to change names
later.
Change-Id: I380dd20e5ed716a0bdf92aa02c3730359b8136e4
This replaces the use of TENANT variables with PROJECT ones during the
initial setup. The openrc will still export a OS_TENANT_NAME because
many tools (cinderclient, glanceclient amoung them) will not function
without it. We warn when we do that.
Change-Id: I824b1121842eb5821034071874bf1bb2d7c3631e
override-defaults mechanism allows us to define
s_neutron_plugin_security_group before loading lib/neutron,
and we no longer need to have a plugin-specific file in
the master DevStack repository.
Change-Id: Ib0f6e3d9463357d2dd66a2d61b8c722fa1f0bfba
Depends-On: I8b19b8f1b0694a96132f158146848aee7d14e8ff
Neutron implemented an extension to allow users to automatically
provision a basic network topology to connect their instances.
One of the requirements for this feature is to be able to mark
an external network to be the one to be used for external
connectivity. Another requirement is subnetpools, which are
used to determine the IP space to allocate for private tenant
networks.
This patch codifies these requirements. The provisioning
needs to be made conditional based on the extensions
needed for this to work correctly.
Partially-implements: blueprint get-me-a-network
Change-Id: I43ce5d65e754f131f7ca1ce2088a397d266cf821
In the "I can't believe I missed this" category -- the existing strip
method removes shortest match (%); which fails when you put another #
in the comment (like "refer to bug#1234"). Change to the longest
match which should strip everything from the first "#" to the end
(since that's going to be the longest).
Change-Id: I47f5e710ebd87b0f54549732e7d64cf42c7a6b65
The devstack plugins list can be generated through web requests in
environments (such as the proposal slave) that lack copies of all
the relevant git repositories.
One downside to this is that there is no way of getting the last
modification time of the plugin.
Change-Id: I2c5c9282a8ad80014cad171a4dfbdc8f26044cd1
in fedora postgresql is the service name and postgresql-server is
the package.[1]
os: Fedora release 23 (Twenty Three)
psql: psql (PostgreSQL) 9.4.5
i'm not entirely sure when this changed, but it's devstack is broken
in above environment.
[1]https://fedoraproject.org/wiki/PostgreSQL
Change-Id: Id940fed2a777ca469ce77402e1136251ba572359
The DevStack module of Ironic added a new configuration variable called
IRONIC_IS_HARDWARE that can be set to True/False to indicate that we are
setting up devstack to deploy physical or virtual machines (see the
depends flag). Prior to that, the devstack code assumed that if the
driver name loaded is != *_ssh then it's a physical hardware but now we
need to kill this assumption because we have means (see the virtualbmc
utility) to test drivers such as pxe_ipmitool and agent_ipmitool using
virtual machines.
Depends-On: I5edc51c7fc8b6f0bb7fe4ca129596709a32eb93e
Related-Bug: #1544642
Change-Id: I8b6363bbe280ddd2720c570851bc40e2804a40e2
These flags were not functioning as described. Check if UNSTACK_ALL is
set in env or -a flag is set when calling script.
Change-Id: I128d32b1e74ee46e24a9eb2e81560e58137b1553
Closes-Bug: #1546687
This reverts commit 8a3b7d424d.
This change masked a non-backward compatible change made to the
Neutron core API. This is being cleaned up and thus this workaround
is no longer required.
Depends-on: Idf516ed9db24d779742cdff0584b48182a8502d6
Change-Id: I6695a6e17df1a395ada4ecf2b063b2c20870d99d
There's no need to change these Tempest's default anymore.
The feature flags are left in Tempest so that downstream distros can
continue to use Tempest to test Juno.
Change-Id: I99f286d0febb1675b8feb91b6801ad0b159da332
We don't have a new bashate release yet, but this fixes some minor
issues when used with bashate trunk.
The only two things triggered are stricter checking of assignment in
local declartions (catches quotes) and one instance of evaluating
arithmetic result in tools/xen/functions.
Therefore, hopefully, this change has no effect!
Change-Id: I3fd5d55236e90c2f2c25243af87adaf0c1b763e2
Update to bashate 0.4.0. The biggest change in this is that bashate
does a syntax check with "bash -n" which can be useful
Change-Id: Iff625ef2181dfaba28349dc17de0749faddec539
Adds LinuxMint to the distro checking. This allows linux mint with
the FORCE option to run. This will not fix for other distros that
do not pass the checks.
Change-Id: I42599c1bd851d2b61a56a3960f42ad051aab1727
Closes-Bug: #1545864
It was pointed out in I42599c1bd851d2b61a56a3960f42ad051aab1727 that
after I46a2c36d95327087085df07cb797eb91249a893c we now die if we can't
determine DISTRO, rather than take a guess.
After some consideration, I don't consider this a regression. This
default matching was basically only working for LinuxMint, because we
already have some matching there for setting os_PACKAGE that makes us
know the platform is Ubuntu-ish.
However, I would certainly agree it is not particularly clear as to
why. This just adds some comments explaining why we can not just add
a default DISTRO fall-through and directs implementors on how to add
support for their platform.
Change-Id: I4b07259be1427d86a7154906646073d08dd07294
Keystone is going to remove support for eventlet. Rather than only
have one way to run keystone (in Apache Httpd with mod_wsgi), we
should continue to gate on multiple wsgi containers to ensure that
keystone remains container-agnostic. The suggested alternative
container is uwsgi.
To run keystone in uwsgi rather than httpd or eventlet, set the
following env var in local.conf:
KEYSTONE_DEPLOY=uwsgi
There's a lot of options to uwsgi. Here's some protips:
http://uwsgi-docs.readthedocs.org/en/latest/ThingsToKnow.html
Change-Id: If3b49879ce5181c16f0f0ab0db12fa55fe810a41
Currently there's a boolean KEYSTONE_USE_MOD_WSGI to switch between
running keystone in mod_wsgi and eventlet. We've got a need to
support more/different deployment options (e.g., uwsgi), so a
boolean is inadequate.
A new input variable KEYSTONE_DEPLOY is introduced that can be
set to mod_wsgi or eventlet (and other values in future) to
control how keystone is deployed. KEYSTONE_USE_MOD_WSGI is
deprecated.
Change-Id: I9b2815e6f007309f088346df9ac48e6a24ae3656
Enable use of memory cache by default for Heat. It will provide a boost
for various test builds and will help test this configuration.
Change-Id: I06183138d54c1cb971a58a158a15f3f5b25cba4d
It makes it a bit easier to read the output since each new command is
now visually separated from the output of the previous one.
Change-Id: If441c61bb6f13f85f771dd31609b10d3dd1ee93c
Neutron hugely relies on namespaces, so we should try to dump
internal IP stack state for non-root network namespaces.
Change-Id: Ib980d22fbf3c6b680473754fa2b1684c2ef91b72
This patch enables the virtual console for Power systems /dev/hvc0
and sets scsi bus and virtio-scsi model as default.
The virtual console hvc0 enables full console including dmesg.
High performance virtio-scsi driver keeps the efficient design of
virtio-blk with effective SCSI passthrough.
Change-Id: I0b5cd4a15d30f06fc7993555d91d6907bd1acbd7
We have a fix in Nova which should make this unessessary,
revert to see if that's true.
This reverts commit 61aa0e9f19.
Change-Id: If109af452ad583417e3a3a3ef1c9b545f1ec9b89
Running OpenStack in a container can be a useful workflow for developers.
The primary benefits are faster performance and lower memory overhead
while still providing a suitable level of isolation.
The guide walks the user through procedure for configuring an LXC container
and deploying OpenStack in it using devstack. It also discusses the limitations
of this setup - particularly related to cinder.
Change-Id: I2e0921fd118cfe98cef86ba110a94b3edccf9a29
Horizon now uses the WEBROOT to populate the value of $webroot in
the CSS code. The CUSTOM_THEME_PATH pointing to the webroot theme
to explicitly set the same value is no longer necessary.
Closes-Bug: 1540801
Change-Id: Ic212796ee0905751ac3fd619bbbc902d25ea10d5
This was removed in commit 19363fc1e7 as
an unneeded F21 dependency, but due to missing dependencies as
described in the bug, /usr/lib/rpm/redhat/redhat-hardened-cc1 is
required and is provided by this package.
Change-Id: I2c0c3b0198d795d947fd77005fd7528de561dfcb
This is just another code path for little benefit in devstack which is
going to rot out. We should be opinionated here and only support the
dynamic catalog.
Change-Id: I4e5c7e86aefe72fc21c77d423033e9b169318fec
The keystoneauth1 library replaces the auth_plugin option
with auth_type. In neutron.conf, change [nova] auth_plugin
to auth_type. In nova.conf, change [neutron] auth_plugin to
auth_type.
Change-Id: Ifbd26b8999e453f4cd875e1be3ae1211bdd8fb2a
As of 9de8f7230d069e4da9736f09ad5d17773315b476 nova is now attempting
to import libosinfo packages, so install them for goodness sake.
Change-Id: Ib481dda475dd2975a513052478be0007aa1cf4a8
Related-Bug: #1543288
This commit is a workaround for respecting upper-constraints. Since
we're using tox to handle setting up a venv and running tempest
commands we need to manually install the constrained packages inside
the tox venvs. This patch does that for all the venvs being created by
devstack via tox. However, since tempest has additional tox jobs
defined if those are run via devstack those will default to the
default pip install -U -r requirements.txt defined in tempest's
tox.ini.
Change-Id: I7f84dfb67a3c97003947aefd8a7e3c6454106db4
Closes-Bug: #1543841
This commit will unblock the world breakage caused by the recent
cliff release. This exposes a hole in our constraints usage in
devstack. We need to fix this bug for real in devstack and cliff,
but that will take a few minutes to an hour or so. So let's just
change the usage in the meantime, we can revert this when things
are fixed for real.
Related-Bug: #1543841
Depends-On: Ic63612dc50e064a3a69b88618e394ba17e083c22
Change-Id: I19e477fa5068474bc3471307732f89adaafb2952
If FUNCNAME[0] is undefined and 'set -u' has been used it will cause the
devstack run to fail.
Handle undefined values in PS4.
Closes-Bug: #1543749
Change-Id: I06a013a5e7683e3a3461ff06361d867f61d48e6a
There are some parts of devstack we should really delete, but we have
no idea who is using them. Push out some deprecations so we can look
at this through logstash.
Change-Id: Id5c8748606cce16f64e978ad7ac9309bebac0eb7
Remove the microseconds from the apache logs and move back to using
milliseconds. There is no longer any 2.2 workarounds in the keystone
setup process.
Change-Id: I8787eee41fbde1f9794aeffe1e862af0d5117bc3
Having multiple clouds with the same name in clouds.yaml confuses
openstack client config and it may not choose the intended cloud.
Unfortunately the new alt_demo user's clouds.yaml config used a
duplicate name creating confusion for clouds.yaml consumers.
Correct this by using a unique cloud name, devstack-alt, for use by the
alt_demo user.
Change-Id: I2cb8f10ab5abfedf76ead309f237730ce8ce2ad4
After staring at a bunch of logs, try to crisp up the ps4 output for
maximum readability.
This also adds PS4 to all calling scripts by having a common PS4 in
stackrc. It should make understanding when clean fails a bit more
straight forward.
Change-Id: Ia1f8dff5c1102c32c146a020a9f033c65d2c50de
Tweak a code comment based on a review comment from Steve Martinelli in
https://review.openstack.org/#/c/275121/ where the alt_demo user is now
always created.
Change-Id: I9e9a769f601e52c030e9f6953f1746788c24a185
Allows the definition of the global variable OVS_BRIDGE_MAPPINGS (e.g.
in local.conf) to automatically trigger the creation of multiple OVS
bridges. For example:
OVS_BRIDGE_MAPPINGS=physnet1:br-br-enp0s20f1,physnet2:br-enp0s20f2
should automatically yield the creation of two bridges, respectively
associated to the two physical networks declared,
by simply running DevStack with the OVS agent enabled.
Documentation has also been added to doc/source/guides/neutron.rst.
Change-Id: I79dc0213c9d70ba628621c4c0f65481783590085
Closes-Bug: #1535835
The g-search service was promoted to its own project and it's now called
Searchlight. This patch removes that code from devstack.
Change-Id: I9dd7ce62f0339911e025329b8a841792219ea02b
For testing reasons it's typically very useful to have a second non
admin user to cross check that it can't do a thing to the first
user. It was useful enough we always created it with tempest (though
we didn't always use it).
This makes devstack always create an alt_demo user, which is available
in occ as devstack-alt. This will help us unwind some of the keystone
v3 breaks with functional tests using keystone cli to build this
second user.
Change-Id: Iaaf02469180563e2d8c413fee0ee66ada2296cfa
It seems like the fallout from this was not well sorted.
A lot of things aren't working, and there is still vestigial
v2 bits left behind.
This should have come with a much greater warning and some
spot checking of additional services working with this.
This reverts commit b162a1d58c.
Change-Id: Ia792b23119c00089542ba08879dca1c29dc80945
This generates the plugin-registry document from a static header,
a scan of openstack/ git repositories, and a static footer. It
is intended to be run by a periodic job proposal bot to keep the
list of plugins current.
Change-Id: Ia04ab72900c8efd5d5289fbd7632201dcaa3e5d9
Full class path style configuration of options scheduler_host_manager
and scheduler_driver are deprecated because of dependent changes. This
commit changes the related configurations to use entrypoints in setting
up nova scheduler in devstack.
Related to blueprint scheduler-driver-use-stevedore
Depends-On: I8c169e12d9bfacdbdb1dadf68b8a1fa98c5ea5bc
Depends-On: I3fd42ead44487a21eb5cfaf5a91209277ce30ad0
Change-Id: Iad96c270073b63719237cf9a9aa1c2dc4daa213a
Add:
export PS4='+(${BASH_SOURCE}:${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }'
To stack.sh to provide additional debug info. This will show the
filename, line number, function name, and the content of the line.
An example output line:
+++(/opt/stack/old/devstack/functions-common:675): get_field(): local data field
Info on this PS4 variable found at:
http://wiki.bash-hackers.org/scripting/debuggingtips
Change-Id: I272df6c79f6ff7afa8f102da24706558d9169eda
This was something we used a while back, but since support
for sections was added to devstack local.conf parsing we
don't need this, and actually prefer just using the
sections in local.conf.
Here's an example of how to achieve the same thing via
local.conf sections:
CINDER_ENABLED_BACKENDS=solidfire
TEMPEST_VOLUME_DRIVER=SolidFireDriver
TEMPEST_VOLUME_VENDOR="SolidFire Inc"
TEMPEST_STORAGE_PROTOCOL=iSCSI
[[post-config|$CINDER_CONF]]
[DEFAULT]
CINDER_ENABLED_BACKENDS=solidfire
[solidfire]
volume_driver=cinder.volume.drivers.solidfire.SolidFireDriver
san_ip=192.168.160.3
san_login=admin
san_password=admin
volume_backend_name=solidfire
Change-Id: I8068fd4fb14510b15c31edf490283454f167f6c6
Enable keystone caching since there is now a memcache server available
for the middlewares to cache validation. Offload queries to the
keystone backend to memcache as well.
Change-Id: I6d1d28f5b974e79d44d1e86ea53c666e3f5771df
Live migration will not currently work with a multi-node DevStack
environment due to the libvirtd process running as root and the compute
process trying to use the stack user's SSH keys with the default live
migration URI.
The multi-node documentation is updated to outline how to configure the
SSH keys between the source and destination stack and root users so that
live migration will work as expected.
Co-Authored-By: Taylor Peoples <tpeoples@us.ibm.com>
Change-Id: Ifed7e95cd5ba43a05a4099a3664cbefde3e0a749
Closes-Bug: #1487262
This patch sets Keystone v3 as default in services
configuration files and in the openrc and stackrc scripts.
Change-Id: I24546f02067ea23d088d383b85e3a78d7b43f165
Partially-Implements: bp keystonev3
Use the preferred logging_user_identity_format option to specify an alternative context format
in log files. The removal of defining logging_context_format_string brings this more inline
with optimal production configuration of using the defined default. logging_user_identity_format
is set in devstack to maintain current compatibility of names instead of ids.
Change-Id: I3807d76b91b6cc1614b4a9a203509f8e1ad7146d
The pip issue pypa/pip#3384 has already been fixed after pip 8.0.1
released. But leave the facility to easy flip this on in the future.
TrivialFix
Change-Id: I49658ce4056c773943321270defd461bbf3e9fb9
fixed ips are not cross host accessible in our current config. So
always configure tempest to use floating ips.
Change-Id: I1cf605229070024c9d5d29c7a08967aa505fda7b
Option "verbose" from group "DEFAULT" is deprecated for removal.
Its value may be silently ignored in the future.
If this option is not set explicitly, there is no such warning.
Furthermore, the default value of verbose is true, so there is
no need to set this value in config files.
TrivialFix
Change-Id: I581238e661c2eb0c29dd915d1b1e4773dcdeb4c8
Commit d5004a3802 introduced the package
"redhat-rpm-config" to make the Fedora 21 gate job running again.
As we dropped the F21 support in December 2015 with
commit 90bc586772 we don't need
this package anymore.
Change-Id: I71b969b7fd6651082451f6c4fd1e01d205771a11
Devstack used in development is about things coming and going
quickly. The long dhcp leases mean that we might miss a release, and
keep a stale lease around for way too long. See if this helps.
Change-Id: I9a58a4e64777f56ad7ec66242a319f985469469e
Instead of using in-process caching for tokens per service per
worker (disabled by default now), use a shared memcache to cache
token validation(s). This should both offload/speedup validations
and avoid the issues surrounding inconsistent validation responses
when using in-process caching [since each worker caches separately].
Change-Id: Ifc17c27744dac5ad55e84752ca6f68169c2f5a86
In RHEL under proxy, installation by stack.sh failed
because of rdo-release.rpm install failure.
This patch fixes install command for rdo-release.rpm
because it is caused by lack of http(s)_proxy.
Change-Id: I176d1e140f52e1bb0343170ba4d90c06b98d5a99
Closes-Bug: #1536478
We don't write files here anymore, but it's higher in the precedence
order than the /etc/openstack/clouds.yaml file we do write. Some
developers who have long-lived devstacks who update infrequently have
been bitten by the leftover file.
Change-Id: I8af6bd465f74099c560dddba6b5221dd79cbc965
Setting path_mtu to reflect mtu for physical devices that handle traffic
issued from br-tun makes ml2 plugin to calculate mtu for tenant networks
properly, considering encapsulation headers. After that, calculated mtu
values can be propagated into instances (currently, only DHCP approach
is implemented; RA support for IPv6 subnets is under review).
This change allows to run tunnelled tenant networks in multinode when
underlying physical devices don't support jumbo frames.
Note: changing the default value in neutron would not be backwards
compatible, since it could slow down east-west tunnelled traffic in
clouds that run on jumbo-aware networks.
Change-Id: I8287677c7ad0f13fa9f5cb194f9372d04b78cb61
Related-Bug: #1527675
Not all yum failures has to be considered
catastrofic failures also because install_package
function should implement the same behavior in Fedora,
CentOS and Ubuntu. Let return the error to be solved at higher
level.
Change-Id: I93e9f312a94aeb086925e069a83ec1d3d3419423
Closes-Bug: #1522590
Pip 8 just release which made uninstalling distutils installed packages
fatal. This was previously a deprecation warning and is now causing all
dsvm jobs to fail.
Depends-On: I511d216d9d8619c7cf919c482aaead4e833cdaac
Change-Id: I22f5c3af1adf96cfbd5747122f915a82e947843a
This commit adds a success output for the entire devstack run to the
subunit output. Ideally we wouldn't need this, but because we don't
have timing data for every single operation performed by devstack we
need to do this to track the total duration of the devstack run.
To capture failures this commit adds saving a devstack event when we
trip the exit_trap. This will save a similar result to the stream in
the successful case, but instead mark it as a failure.
Depends-On: Icc7df33e4d73ba6322af38fbdf3aea230f2fcf4d
Change-Id: I07112dde996c3e2c73f5aafc9b73d33d26374633
It turns out that we need to be even more restrictive on the cpu flags
we expose as some clouds don't expose vme or ssse3.
Fixes-Bug: 1535799
Change-Id: I6c8c1101771d1c5496884be7a405285472ae803a
the /etc/openstack directory needs to be removed with sudo privs,
the loop at the end will not suffice.
Change-Id: Icc0ac45f9216d538ca214176d90241f973a4687b
It was probably finally removed by one of recent refactoring changes.
Now ironic gate fails due to Swift trying to access it to override OS_AUTH_URL.
This change drops this override and just uses OS_AUTH_URL.
Closes-Bug: #1535245
Change-Id: I145bec110c4299e61f2bce49df41dcd82e5d462d
lib/glance restricts the disk_formats to those supported by XenAPI, so
tempest needs a similar restriction for the disk_formats tested.
Confirmed as passing internal Citrix CI (affected tempest jobs are
currently disabled in voting XenServer CI until this change lands)
Change-Id: Iefa5b16a3fa1789ed583426ea47ebb22e6cb571e
OSprofiler is now under Oslo:
https://review.openstack.org/#/c/103825/
And we really need this patch to make proper dsvm job for
OSprofiler
Change-Id: I20f59c52c147303de01544dc975a82b4a741a1b9
We are seeing a lot of gate failures as vm(s) are unable to acquire
DHCP leases:
https://bugs.launchpad.net/nova/+bug/1532809
we need to set log_file for nova-dhcpbridge configuration, so clone
the nova.conf and set the log_file properly to a path where the
CI can pick up from for analysis.
Change-Id: Iec4fe3f2235da9d1f5bd399d4ffc45af516c58ce
override-defaults mechanism allows us to define
s_neutron_plugin_security_group before loading lib/neutron,
and we no longer need to have a plugin-specific file in
the master DevStack repository.
Change-Id: I37d5012e89cb3650e4f325b6d77d70f28f87d3e7
Depends-On: I5e02acd288e53dd06a369d348ec77ead57d476fd
override-defaults mechanism allows us to define
s_neutron_plugin_security_group before loading lib/neutron,
and we no longer need to have a plugin-specific file in
the master DevStack repository.
Change-Id: I78a4e05fa72b1dd545b8d9e97a8fd8fdbf23739c
Depends-On: Id6765245459c1aff3aab27dbc60d320ce2951b38
As of I8bf7cbaa7015bb61656ab90ccc8f944aaeebb095, Nova
removed the n-obj service, so we should cleanup
Change-Id: I7db3796a6448decb4ac5e66d980f487c7d1f394e
The existing GetOSVersion has a lot of unused code which is wrong in
several ways
- the only path tested in upstream CI is with lsb_release, because
it's pre-installed on all nodes
- the /etc/redhat-release checking probably still works, but is
unnecessary
- If using lsb_release, os_UPDATE has never actually been set.
- the /etc/SuSE-release branch checking is broken if the lsb package
is actually installed. lsb checking does not set os_UPDATE but yet
the SuSE DISTRO setting relies on this to set a patch level (and so
does some of the rpm tags). SuSE 11 is up to update 3, but the rpm
matching is stuck hard-coded to update 2. I'm guessing
installation is actually broken there.
- the debian checking branch is broken. The VERSION tags have been
removed and were not supposed to be relied on anyway (see notes in
[1])
This simplifies things:
- remove OSX checking (moved here after discussions in
I31d0fdd30928ecc8d959a95838b1d3affd28ac6f)
- only use the output of lsb_release.
- A small best-effort check to pre-install lsb packages if not
detected (that avoids chicken-egg-problem of package-install
wrappers relying on os_* flags).
- The unset os_UPDATE is removed. It's only previous use was for
setting separate suse versions in the DISTRO element for matching
during package installs (since removed)
- DISTRO setting is modified to use the parts of os_RELEASE it wants.
Per-above, this is the correct place to parse out specifics.
- Call out the is_* functions, which are a better way to detect
platforms
- Export the variables as read-only, since they shouldn't be reset
[1] http://sources.debian.net/src/base-files/7.5/debian/changelog/
Change-Id: I46a2c36d95327087085df07cb797eb91249a893c
Add diskimage-builder to the list of libraries so it can be installed
from source to be tested in gate.
Change-Id: I6cefac1eb4ebf0196a6b4d4bfc038c00921f0d70
This reverts commit 00b5f4af92.
This patch was merged before the timeout was merged to
tempest. This means that devstack is currently referencing
a non-existent config option. As such I think it needs to be reverted.
Change-Id: I947261dc330ef35efce1ecd805ba6e649e81a6aa
there are a few lingering instances of SERVICE_TOKEN in the docs
and some of the scripts in tools.
Change-Id: I9d2147eea6639db1f4ea15a259c147eecfc339ff
Be gone ADMIN_TOKEN, long live keystone-manage bootstrap.
This patch reworks the initial setup for keystone by using
the new bootstrap command. After a minimal service catalog
has been created, using this process, we simply authenticate
as usual.
implements bp: bootstrap
Depends-On: I113c6934b6b83ceff23a94101967a6df1126873f
Change-Id: Ia1475d461eab60b68c6a0356714b21c7f92e0194
test_volume_services works incorrect with host info if it includes
backend name (host@backend). The test is skipped by default for
Liberty and Kilo gates. Need to add flag to unskip this test in new release.
This fix related with bug #1530144 in service-list filter.
Change-Id: Ifdc0bab819c05a00cd0c20316bd81961cf6aeb88
Fix an issue where apt-get consistently hangs due to a SIGTTIN being
received. This occurs on a 'vanilla' devstack-gate VM, when running an
ironic-grenade job.
Upstream has a bug related to this:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555632http://www.gnu.org/software/libc/manual/html_node/Job-Control-Signals.html
Macro: int SIGTTIN
A process cannot read from the user's terminal while it is running
as a background job. When any process in a background job tries to
read from the terminal, all of the processes in the job are sent a
SIGTTIN signal. The default action for this signal is to stop the
process. For more information about how this interacts with the
terminal driver, see Access to the Terminal.
Change-Id: I8b1f3dccf329bb88e017eff7492da5e701b4892c
Closes-Bug: #1532080
Not all yum failures has to be considered
catastrofic failures also because install_package
function should implement the same behavior in Fedora,
CentOS and Ubuntu. Let return the error to be solved at higher
level.
Change-Id: Ia33bb98f47017f6ec00eb3b7261ed42d72efc573
Closes-Bug: #1522590
Boolean logic used in install_package was wrong:
on nominal flow packages were actually installed twice.
This should fix it.
Change-Id: Ia465414936b272d04523a11f83d6ded378fe1daf
Closes-Bug: #1518544
Change 4d8c03a3 added logic to enable rabbit on Fedora/CentOS systems
whether or not rabbit is enabled. This corrects that to only enable
rabbit when it is configured as such.
Change-Id: I270e79ff989176770d65df1ac0ac4e2c4382bb9a
Signed-off-by: Kyle Mestery <mestery@mestery.com>
On Ubuntu, after a successful ./stack.sh and ./unstack.sh, if one
"apt-get purge tgt", then the directory /etc/tgt/stack.d/ still
exist (i.e it is not purged) but /etc/tgt/targets.conf is removed.
Thus any subsequent ./stack.sh would fail to configure
/etc/tgt/targets.conf properly.
Change-Id: I252789f3f39bd64b5a1e7d9abb923386d2a158dd
Add "KVM for IBM z Systems" to the list of Fedora-like distros.
As the distribution does not have a dedicated kvm package,
prevent the installation of the kvm package during the libvirt
setup.
Change-Id: Ibb5c60797d6867264f9dea7fea85cdf1d7c72ded
Solve the devstack ./rejoin-stack.sh when is reboot-safe in RHEL 7.
Enable mysql, postgresql, rabbitmq-server, openvswitch service when on boot.
Change-Id: I3ce9fc58ccc76092ad08314de1c3c9339ebfb3b5
Related-Bug: #1486833
Keystone further broken apart the assignment backend into: role,
resource, and assignment. We should define the backends in the
config file and allow users to override the default by passing in
their own value.
Change-Id: Ieb22c428609d3db852814c7eceb77efa6bbde633
The default filters of nova don't contain SameHostFilter and
DifferentHostFilter, so we cannot test them on the gate.
This patch makes these filters available for the development.
Change-Id: Ia6b4847e9bb21048d254d0a460ae4c5be896b17b
Closes-Bug: #1526620
If you configure devstack with the following three values,
for example:
PHYSICAL_NETWORK=eth0
PUBLIC_INTERFACE=eth0
OVS_PHYSICAL_BRIDGE=br-eth0
This will cause devstack to create an OVS bridge, create a port for
eth0, and add it to the bridge (along with it's IP address).
The problem is that on unstack the port is never deleted from OVS,
so eth0 gets "trapped", not showing up in any of the OVS commands,
but not usable by the system. The only workaround is to unload the
OVS kernel module.
There needs to be an 'ovs-vsctl del-port ...' call at the end of
_move_neutron_addresses_route() on unstack - the antidote to the
'ovs-vsctl add-port ...', that happened on stack.
Closes-Bug: #1516801
Change-Id: Id2ff60f1f8e8fffff1eaffd68d9de4f6aa772943
Keystone now provides an "ldap" in extras to install its ldap
dependencies so devstack doesn't have to track the python
dependencies itself.
Installation of the extras is done in an extra install line. This is
slightly redundant, however this pattern works much better from an
install stand point as it supports an arbitrarily large number of
extras.
Partial-Bug: 1479962
Change-Id: If0f0ff48f3d6b3c414f2d6fcd747ecf45a397658
Recent pip supports using [extras] to install extra dependencies
from the project setup.cfg. Add support so that projects can take
advantage of it.
For example, if devstack is configured to use ldap, install the
extra ldap dependencies using:
setup_develop $KEYSTONE_DIR ldap
Partial-Bug: 1479962
Change-Id: Ic13d95b99aaa4d3854b2723343e90f5de6b98aa2
Fedora 21 reached its End Of Life (EOL) on 1-DEC-2015[1]; remove it as
supported distribution.
- stack.sh: Remove Fedora 21 from list of supported distributions.
- tools/fixup_stuff.sh: Make the minimum Fedora version to be F22 in
from a conditional check in 'Python packages' section
- files/rpms/general: Remove 'f21' from NOPRIME.
- lib/ceph: Remove 'f21' from the check_os_support_ceph() function.
- doc/source/index.rst: s/Fedora 21/Fedora 22/
- pkg/elasticsearch.sh: Remove the 'if' conditional in the
install_elasticsearch() function.
[1] https://fedoramagazine.org/fedora-21-end-life-december-1st/
Change-Id: Ifbcc3dd783ff2f362a464fbf4ca22f20cc2c658e
Change I855ffe9c7a75e9943106af0f70cf715c34ae25c5 and
I368fec44858bd97fc6a314fb20eed2b10932cbb1 added timing
infrastructure which hides the return value of
the main commands. Restore the prior behaviour.
Change-Id: I4a536abefa7824ac6d42e7bbbf1079d9cc055984
Closes-Bug: #1518545
Those were originally used to bootstrap with admin-token from keystone,
but the openstack client is fully configured now, leaving no reason to
not just use the actual users that are there.
Change-Id: I80bdee33a78a97f5d3910aa36dc331f19780d2f1
We're trying to get things to use volume v2 by default. devstack already
deploys a v2 endpoint. Tell clouds.yaml that this devstack cloud is a v2
enabled cloud.
Change-Id: I6f792ce65153389aa1ee133e9bd363c394b28534
Closes-Bug: 1467589
This function returns list of sections from specified INI file.
It is needed for I7938f26015d953efdf720774b5ad2cee4068ac90.
'iniget_sections' is needed for automatic node enrollment to
Ironic from INI syntax file.
Change-Id: I52a69ad3bc8fc528e7f20e6b03a98f327acaaa74
Implements: blueprint ironic-ml2-integration
XenServer install with devstack doesn't support local.conf, this fix
is to add support for using local.conf and backward-compatibility of
localrc
Change-Id: Ie494e01f8f1ecb8720e14392ef3f12d5a5a01dcd
Closes-Bug: #1528520
We cannot restore a backup to a larger volume on ceph because it
fails with status "error_restoring". This patch adds read/write
permissions to volumes pool for backup user. We need such permissions
to change volume size during restoring backup when the backup is
smaller than a volume.
Change-Id: I794c1126bcee4e07baf5a9dcfee779fd61da5636
Closes-Bug: 1519749
Option "auth_plugin" from group "keystone_authtoken" is deprecated.
Use option "auth_type" from group "keystone_authtoken".
Change-Id: I01371bd924114d6470e960a91a3045fe7dc22339
Closes-Bug: #1528746
Neutron-rootwrap-daemon cannot be killed when you stop
neutron services, so here we add the right command in
the neutron stop-service scripts.
Change-Id: I91fefb277427e0e16ff59760b7255e4c7eee1792
Closes-Bug: #1525601
Latest tox causes failures:
File "/usr/local/lib/python2.7/dist-packages/tox/config.py", line 1140, in processcommand
argv = list(shlexer)
File "/usr/lib/python2.7/shlex.py", line 269, in next
token = self.get_token()
File "/usr/lib/python2.7/shlex.py", line 96, in get_token
raw = self.read_token()
File "/usr/lib/python2.7/shlex.py", line 172, in read_token
raise ValueError, "No closing quotation"
ValueError: No closing quotation
This is caused by a backwards incompatible change in tox:
https://bitbucket.org/hpk42/tox/issues/181
Change-Id: Ic28c634cf806394cfa82b61cb45be60b8f40a61a
Currently, the function create_heat_accounts uses the OS_URL and
OS_TOKEN environment variables. This is a bad choice for several
reasons, most importantly we are sending the "ADMIN_TOKEN" value
as a header. There is also no reason to not use a standard admin
user to create these resources.
Change-Id: I70b41d69917b9e53ad09c2c61e022ef09a50acfd
This commit updates lib/tempest to stop using deprecated config
options when tempest is configured.
Change-Id: I65b56ff681d6c27094380693c953fbc3664eceb0
The creation of the IPv6 subnet with provider networks does not
specifiy the correct parameters:
. V6_NETWORK_GATEWAY is specified but never set
- created new IPV6_PROVIDER_NETWORK_GATEWAY
. PROVIDER_SUBNET_NAME_V6 is specified but never set
- created new IPV6_PROVIDER_SUBNET_NAME
. FIXED_RANGE_V6 is being used
- created new IPV6_PROVIDER_FIXED_RANGE
. subnetpool_id is incorrect
- changed to subnetpool
Related-Bug: #1507870
Closes-Bug: #1417410
Change-Id: I9a1ad11bc54529080ec84d4677fa5633708890c7
This removes all of the ironic code from the devstack tree, in favor of
the devstack plugin in Ironic's tree.
Depends-On: I659e3de5c64df798441798ff48ba5c9c0506585a
Depends-On: I2c52bc014f1b0dbc6b0ae22a4deb4132b4c28621
Change-Id: I5125fce295c79600781469c2f48bea80e7600081
Default value needs to be set for service_provider config item in
neutron_vpnaas.conf. This is to support backward compatability
for using the enable_service q-vpn. It should be noted that the
recommended way to use VPN is the devstack plugin.
Change-Id: I0d5960c81c47a138087d480527eff2a8eef59445
Closes-bug: #1527483
Tempest does not test EC2 by default anymore:
Ib5e24e19bcba9808a9f49fe7f328668df77fe4f9
So we don't need to run nova ec2 API service by default.
Change-Id: Ieec0ca1361baf0978d96e69e1134f699c1af3bb9
See review 258670 for more information. The preceeding patch
consolidates Ironic timeouts into one blanket timeout. This
patch sets the new timeout via the BUILD_TIMEOUT variable and
removes the deprecated timeouts.
Change-Id: I320461b2b40aa2b68afc38a901a5933e39aac1b6
Related-Bug: #1526863
See if using fixed IPs for connectivity to hosts is more reliable than
floating ips, which really were not intended for these purposes (at
least in nova-net).
Change-Id: I251710ee9186a68bb3ddc58ca803c33b81c8ac49
Previously horizon configuration and start are done too early
and as a result horizon init and start need to be run twice
after horizon plugins are enabled.
- horizon config was done before "run_phase stack install"
- horizon init and start were done before "run_phase stack post-config"
This commit rearrange horizon setup to the appropriate phases
defined in the devstack plugin interface.
- Configuration of horizon settings is moved to configure_horizon.
- horizon config is now called between run_phase stack install
and post-config.
- horizon init and start are now called between run_phase stack
post-config and extra.
Change-Id: I8bf2ceaf7734c4f7cec68bc05d7cdbae81ef311e
All keystone extensions have been moved into cores and are
enabled by default, there is no need to configure the extension
in devstack but configure it in devstack will block the
install process.
Change-Id: I7d21b122c641f601295ee7ece3583404b3874dbd
Closes-Bug: #1526033
Generate the Neutron VPNaaS sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Icef8f7e8f0e8e78bfffa7a5af3f9f2300376b115
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I4a6094b8218dfd320d05bfb1e3bc121e8930c551
SQLALCHEMY_DATABASE_DRIVER is no longer used
after If6d8d08e5b7b7c48ca012677b536d71058def6fd .
Also, remove mysql connector packages from the install list.
Closes-Bug: #1523377
Related-Bug: #1493304
Change-Id: I5ecbc3b0bac989faa5c46d3c2866558a505414d8
/etc/libvirt is not world-readable (at least on Fedora and RHEL) so
use sudo with the grep that checks whether we have already configured
libvirtd logging. Also, change the regex so we don't count commented
out logging config.
Change-Id: I67484b28aafd0fa828385321fa96d9141cb4cb59
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
n-api log output WARNINGs that vnc config options group 'DEFAULT'
is deprecated. New vnc config options group is 'vnc'.
This is change of Nova.[1]
This patch changes the vnc config options group 'DEFAULT' to 'vnc'.
[1] https://bugs.launchpad.net/nova/+bug/1447528
Change-Id: If54f750bac83298e90bdca27b5992fe2e5fbb712
Closes-Bug: 1483583
Cinder API was pinned to v1 due to openstackclient missing some of the
v2 commands, as reported in osc bug 1475060. That bug has since been
marked invalid, but its intent was covered by the blueprint:
https://blueprints.launchpad.net/python-openstackclient/+spec/volume-v2
This removes the pinning to the v1 API now that osc supports v2. Also
removing the enablement of v1 as it was deprecated three releases ago
and we would like to get more coverage on v2.
Change-Id: Ia4d97734738d026c8721791669110778ff5eb6e5
Generate the Neutron LBaaS sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Iae1e581ec2bea9c0ced700229effcc716d53fe4e
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I25507f3bc6e995580aa91a912c2cf4110757df15
This adds a flag to skip ironic code if the ironic devstack plugin is in
use. This flag will be set to true in ironic's devstack plugin to
indicate that the plugin should be in control, rather than devstack.
This is for the transition period only, and will be removed with the
rest of the ironic code in the devstack tree, once the gate
is configured to use the ironic plugin.
Change-Id: Id01d97fd13fa9f866d645ec5077834ddb78b2b89
Docs specify that this file should be override_defaults, when really
devstack looks for override-defaults.
Change-Id: I3900ec4d16ffb48c6969dac5081ea2817536c246
Using absolute names for the symlink breaks in quite a few ways;
* when creating a tar file of the logs,
* when serving via NFS,
or any other case where the directory gets transferred to
a different machine.
So just create the symlink with relative names, then they'll work
in any location.
Change-Id: I432a69754985fc71feb0068b7adca01066d7bc1b
Many projects like Nova, Ironic etc have implemented the
microversions for versioning their APIs.
Tempest is going to tests those microversions -
I57b78b4c0543b6fb0533b556886a19a03297555e.
For testing microversion in Tempest on gate, we need to set
a valid range of microversion in Tempest config and based on that
Tempest will run appropriate tests.
This commit adds the below range options for compute microversion testing-
- [None, 'latest'] - for master branch as default
- [None, None] - for tests running on v2.0
- option to set the range.
Depends-On: I81e86faca6f8c0ffb7da22154a62236ac25cf0c0
Partially implements blueprint api-microversions-testing-support
Change-Id: I171b862d1bba1af467f5b9a76288216c39e2adda
There are some inter-related changes required to avoid using legacy
fallback/deprecated paths in heat, which result in warnings in the
log, e.g because we fall-back to reusing keystone auth_token
configuration instead of heat specific sections.
To fix this:
- Don't explicitly set deferred_auth_method=trusts, as this is now
the default (since kilo)
- Create a new "trustee" section containing configuration used for
the password auth-plugin associated with deferred authentication
via trusts (support for this was added during liberty to enable
us to stop incorrectly using the keystone auth_token config)
- Create a "clients_keystone" section to avoid falling back to the
legacy behavior of stealing the uri from auth_token.
This also means we can remove the FIXME and auth_token auth_uri
mentioned by jamielennox.
Change-Id: Ie34332a7aec3b9b271df0759dd6ab66b45302832
Related-Bug: #1300246
Generate the Neutron FWaaS sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Ic8208850a27408c8fbeed80ecdb43345aa7dfaa4
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I8e9113dfb88e5290f6eedd012d1a52fc35c3c88c
Previously, devstack would disable ironic's cleaning phase if a driver
with "agent" in the name was used. However, we have begun using the IPA
ramdisk for all tests in the gate, which caused cleaning to be run for
the "pxe_ssh" job which therefore fails due to timeouts.
As a result, for now, we need to always disable cleaning.
As a point of record, we should actually be testing cleaning in the
gate. However, running 'shred' on the disks of a nested VM is too slow
and causes the gate to timeout // take too long. Some options have been
discussed for ways to test the callback mechanism but avoid actually
running 'shred' on the disks.
This needs to be revisited.
Change-Id: Id15cf6cc49122b08e557e44871b31a8c0d20b55d
Related-to-Bug: #1517277
This removes the generic extras.d support, which we said we'd do at
Mitaka-1. In tree extras.d continues to function as before, though we
need stories to get ceph and ironic into plugins, and a better
solution for Tempest.
Change-Id: I8b134446dc08a2c3852423ca71af2f469f85496e
Ubuntu's apt mirroring mechanism produces inconsistent mirrors pretty
regularly. The devstack-gate apt-get update model seems to have been
more effective getting past this than what we did in devstack. Adopt
that method for our updates.
Change-Id: I97c7896ef38b275aacb4f933fc849acee1bab858
Add USE_PYTHON3 and PYTHON3_VERSION variables to allow services to use
python 3 if they indicate support in their python package metadata.
Tested in Heat here -> I837c2fba682ab430d50e9f43913f2fed20325a7a.
Project config change to add a dedicated job to Heat is here -> I0837e62d6ccc66397a5e409f0961edd4be31f467
Change-Id: I079e18b58b214bf8362945c253d6d894ca8b1a6b
When outputting these error strings, turn off the tracing so the user
can actually read it. Also reword the "not root" user message so it
fits into a standard terminal window length.
Change-Id: I466c60865bc1128f4edd219f831a9c6cffa67829
Parital-Bug: #1517199
There are two bugs in add_sudo_secure_path.
Firstly we don't properly check if the file exists, so always append
the new line. This will overwrite any existing changes.
Secondly the logic for checking if the path exists is inverted, so we
miss adding paths when we should. This particularly causes failures
when installing with virtualenv's since the paths are inside the
virtualenv, rather than the standard system locations.
Change-Id: I646fe0c68958470d464fe4f3d81d5c17dd6f2ab6
Closes-bug: #1521241
Generate the neutron core sample config files by using the oslo
generator. The files are generated with a .sample extension and
replace the static example configuration files.
Once the generation code is delivered, the static config files
will be removed.
Change-Id: Ic37a16b6cf8eb92030649f1fc8b198738a8cc104
Related-blueprint: autogen-neutron-conf-file
Partial-bug: #1199963
Depends-On: I1c6dc4e7d479f1b7c755597caded24a0f018c712
Co-Authored-By: Louis Taylor <louis@kragniz.eu>
Heat does not support Keystone Trusts when deployed in standalone
mode. This change forces an error when HEAT_DEFERRED_AUTH is set
to anything other than "password" if HEAT_STANDALONE is True and
advises of the acceptable setting.
Change-Id: Ib4ee9d9af396093137a2a0f99f1b18ae153ccdb3
Closes-Bug: #1463837
- To add, initialize and set up a valiable named IP_UP
- To bring up interface after moving IP to OVS bridge
Change-Id: I70f5974c115be6f7e7422a9a325f36cf3b71455a
Closes-Bug: #1469596
I noticed this when debugging some grenade issues failures.
An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.
We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.
When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).
The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.
The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.
Some files had already discovered this. In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste. This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.
Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
Add a pointer to installing clients via LIBS_FROM_GIT to local.conf
sample. Mention in the git tree setup that the projects within are
usually installed via released pip versions.
Change-Id: I245094e51ea4a8ce983f6a1e48b6ab7ca5d309d0
The build_timeout for the ironic baremetal build is at
340s. Modify the unprovision_timeout and active_timeout
to match BUILD_TIMEOUT to avoid frequent failures during
IPA gate jobs.
Change-Id: Idfdc54210e33c71719c7fd0c905d0b802809e173
Related-Bug: #1393099
The root cause is that when provider network is used, devstack
is trying to build ovs related interface.
We need to make a condition such that if linux bridge is used, don't
build any ovs related interface.
Change-Id: I7f26ce7893a0ecce55b3467cd5621abf25745b8e
Closes-bug: #1509705
Add instructions on creating a user to the documentation, and call out
that the standard cloud-users are probably ok too
Change-Id: I1119a43f1d5ae7c0c208bf0cc16e2f7bee29a69d
Forced creation of incremental backup is not
implemented in old release (Juno and Kilo).
The test is skipped by default for Juno and Kilo gates.
Need to add flag to unskip this test in new release.
New test: Idde2c14aba78382b1063ce20269f4832f9fdd583
Change-Id: I565b5941d6067644fc9ca6cb0891d97f4946e031
Partial-Bug: #1506394
Fix to trove has been merged, and autogenerated flavor ID
is available since Kilo.
Related-Bug: #1333852
Change-Id: Ie4b3dd11a23fa5f91cf9ff22dd05f1afd0532cb4
We haven't been testing master on precise for a long time, and changes
are coming that won't work on precise. If people want to keep running
on precise they should realize they are on their own with it. And that
we won't block any changes that use it.
Change-Id: I3697f1c2409ad08f49793dabb37011606188e6f6
This change allows to use f23 without the FORCE=yes option.
Make sure you have latest kernel, or you have kernel-modules
installed for the running kernel.
f21 support will be removed when the gate jobs are upgraded
to use newer fedora version.
Change-Id: I6e3e64088187a7f6da745e3cfb07524fd31782ab
The existing vercmp_numbers function only handles, as the name says,
numbers. I noticed that "sort" has had a version sort for a long time
[1] and, rather than re-implement it badly, use this as a version of
vercmp that works a bit more naturally.
This is intended to be used in an "if" statement as in
prog_ver=$(prog_ver --version | grep ...)
if vercmp $prog_ver "<" 2.0; then
...
fi
A test-case is added to test the basic features and some edge-cases.
[1] http://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=4c9fae4e97d95a9f89d1399a8aeb03051f0fec96
Change-Id: Ie55283acdc40a095b80b2631a55310072883ad0d
ebtables is racing with itself when nova and libvirt attempt to create
rules at the same time in the nat table. ebtables now has an explicit
--concurrent flag, that all tools must opt into to prevent ebtables
from inherently being unsafe to run.
libvirt gained this support in 1.2.11, which is too new for our ubuntu
primary testing environment. Nova still hasn't added this support,
though even if it did, we'd run into the issue with libvirt.
We can do the most ghetto thing possible and create a wrapper for
ebtables that does explicit locking on it's own. It's pretty terrible,
but it should work. And it is the kind of work around that people
unable to upgrade libvirt will probably need to do.
This is an opt in value which we should set in the gate to True.
Related-Bug: #1501558
Change-Id: Ic6fa847eba34c21593b9df86a1c2c179534d0ba5
Swift requirement PyECLib won't bundle liberasurecode
going forward given the package is available in common
distros now. This patch adds liberasurecode-dev(el)
package to the devstack debs/rpms list for Swift as a
PyECLib build/install dependency.
Change-Id: Idbc2ca3f677f1b8153ebf3a5912f4354525a55c7
When determining the primary IP/IPv6 addresses on a system,
we can use the /sbin/ip command to filter them for us. The
resulting address is parsed the same way for both address
families, so we can use just a single command.
Change-Id: I0471ff5a258a16a23061941ac38063dbf3d7c233
Python in f23 and f22 depends on the python-pip package so removing it
results in a nonfunctional system. pip on fedora installs to /usr so pip
can safely override the system pip for all versions of Fedora.
Change-Id: I336c7ffdf00784ca8deba7d6612a08b96a0ad098
Closes-Bug: #1467569
A number of new settings are required for glance, cinder
and keystone to be installable when the tls-proxy
service is enabled.
For cinder a new public_endpoint option was added and this
needs to be set to the secure port.
Keystone needs the admin_endpoint and public_endpoints
defined otherwise during discovery the default,
non-secure versions, will be returned.
The keystone authtoken identity_uri was set at its default value
in the glance registry and API configuration files.
Change-Id: Ibb944ad7eb000edc6bccfcded765d1976d4d46d0
Closes-Bug: #1460807
Add an option to skip the EPEL & other repo installs for rhel7 based
platforms.
This option can serve two purposes; firstly as described in
I834f20e9ceae151788cec3649385da1274d7ba46 during platform bringup, a
publically available EPEL might not be available. This will allow you
to pre-configure a hand-built repo, etc. so you can continue testing.
The other thing is that in a CI system you might be frequently
building images and pre-installing EPEL/RDO etc. In that case this is
just extra work.
Change-Id: I9809449f4a43fa9b547c6e3ca92722c7f6e66d6a
stack.sh creates a user-specific configuration file ~/.my.cnf for mysql.
If devstack is installed with SERVICE_IP_VERSION=6 option in local.conf,
the IPv6 host address was stored in the ~/.my.cnf file with square
brackets. However mysql does not use bracketing for IPv6 addresses,
resulting in 'Unknown MySQL server host' error when 'mysql' command is
run. With this patch IPv6 host address is written to ~/.my.cnf without
brackets.
Closes-Bug: #1516776
Change-Id: I27a7be8c75cf6b09b4a75dc4c9d09cd36bc5ac81
Add a simple test to ensure package install files remain sorted
alphabetically (follow-on from the sorting of the files done in
I01e42defbf778626afd8dd457f93f0b02dd1a19d)
Change-Id: I75568871e92afcd81dac2c3ce18b84aa34cdd289
We wish to fail if we have >0 zero errors, not >1 errors (i.e. exactly
one error did not trigger a failure!)
This change also brings consistency to the pass & failure paths by
ensuring report_results exits in both cases, since report_results is
supposed to be the last thing run in a test file.
Change-Id: Id4721dffe13721e6c3cd71bca40c3395627e98bf
With the release of osc 1.8.0, swift support has been expanded and
we can now remove references to the swift CLI from this exercise
file. Also made minor improvements to comments.
Change-Id: I04069eb6251f8cbf8266183441b2cfdb64defd7d
Controller node wouldn't install libvirt package. The package will only
been installed at nodes which had enable nova-compute.
We only need to configure libvirt secret if it had enable nova-compute.
Change-Id: I9cd6baf1820ce9f71c276d7e8b670307833578a5
Closes-Bug: 1515960
So that it does not end up being the IP address that is picked to move
back to $PUBLIC_INTERFACE when we call _move_neutron_address_route
Change-Id: I3d29d4f11feff308f6ad5d950ef004b48ec11b67
Closes-Bug: 1514984
devstack can call python before parsing the
package requirements, so the python installation
needs to be done eralier.
Closes-Bug: #1488625
Change-Id: I85cca899aeedd741cf7dc695435d61390e260f22
Commit title says it all. I don't know how you feel about these kind
of commits, I feel like it's a waste of resources but I also feel bad
when I see big/obvious typo.
Change-Id: If048bb2dbad1a0b5a13e56b5fa1e6ea7c01eb05e
The lack of a CI for XenAPI + Neutron has meant this support has been
broken over time. This is set of one-off fixes that are needed to
reintroduce support while we work towards getting a CI functional
Related-Bug: #1495423
Change-Id: Id41fdc77c155756bda9e2e9ac0446a49f06f0603
Currently we set USE_SCREEN to SCREEN_DEV if it's set. There is a
comment to remove it once it's eracticated from CI.
AFAICT this pre-condition has been met.
Change-Id: I1423c8b9c18d1b3e34dbfe1c03be735c646a12b4
This attempts to make the zookeeper installation a bit more modular
(assuming that other folks will want to add other dlms as plugins),
and addresses the service start issues with zookeeper under
ubuntu/upstart.
Zookeeper is not going to be installed by default. Services need to
ask for it with use_dlm.
Change-Id: I33525e2b83a4497a57ec95f62880e0308c88b34f
Change I8da7dd95ae24cf06dc7bdc300fcf39947a6df093 added Pillow build deps
to nodepool thick slaves. This means that Pillow 3 will work in unit
tests.
Make the matching change to allow Pillow 3.0.0 to work under devstack.
The longer term aim is to remove temporary upper cap.
Change-Id: I2bec8cf1bfeaaa6ae329704229fdeb86d26e55c7
- Updated LBaaS v2 setup to use Octavia.
- Removed the old cirros image URL, the default should be sufficient.
- Fixed nova boot commands based on Liberty DevStack.
- Added sleeps to LBaaS v2 commands since most commands
can take a few seconds to complete.
- Added wait to load balancer creation since it can take
a few minutes to complete.
- Wrapped long lines in the descriptions.
Change-Id: Ib4a3f02ebc2606e3e16591ae3a23676cb0a6cd64
This has come up on the mailing list recently, we should just fail
early and explicitly so that people don't get way down this path and
not realize it's never going to work.
Change-Id: I8a7f001adf3a5244b8655858ebd5fc7014a4af55
Add complete localrcs, and also add a section for additional compute
nodes, to help demonstrate the OVS layout and how traffic flows over
VXLAN tunnels from compute nodes, to the L3 node, and out onto the
wire.
Closes-Bug: #1506733
Change-Id: Ibb5fd454bdcb8c13400c1e11f640c2aafc0f73ca
Taking a temporary IPv6 address created through the OS' support for
Privacy Extensions (RFC 4941) is not very useful. It would occur because
it happened to be the first in the list returned from ip(8). Instead,
grab the first IPv6 address that is not a temporary address.
Related-Bug: #1488691
Change-Id: I7f455572241e7d0c7406f173239a2270a4d8926a
When taking the IPv6 addresses from an interface, also update any routing
table entries.
Change-Id: I0424de6c5c1b0fcb7a9bc3fc1475036668cab09d
Closes-Bug: 1514494
Since f21 the kernel modules are split to multiple packages
and by default just the core modules gets installed.
nova requires iscsi_tcp module for attaching a volume
from any iscsi source (default cinder lvm setup).
On el7 it is not required.
Change-Id: I31705720ade5defd1b6d4b95bc51c2a11a5f0364
Related-Bug: #1429504
In some niche setups it is desirable to run OpenStack services under
screen, but undesirable to automatically keep a persistent log from
each service.
Add a new variable SCREEN_IS_LOGGING that controls if screen logs each
window to disk automatically.
Ideally screen itself would be configured to log but just not activate.
This isn't possible with the screerc syntax. Temporary logging can still
be used by a developer with:
C-a : logfile foo
C-a : log on
Change-Id: I2a3abf15dea95ae99ddbdfe1309382df601b7d93
On Ubuntu, if the Zookeeper service is already running, attempting
to start it again fails with non-zero exit code. This patch detects
whether ZK is already started before trying to start it.
Change-Id: If1257152de01fe5fe0351fdbb538bce083edbec0
Closes-Bug: #1513741
Currently stack.sh will fail if a value is set for
default_ipv4_subnet_pool and/or default_ipv6_subnet_pool in
neutron.conf. This is because setting either of these values
overrides the default behaviour of using the implicit (none)
subnetpool for subnet creation, and the subnetpools
specified in neutron.conf have not been created at the time
of the devstack calls to subnet-create.
This patch fixes the failure by specifying subnetpool = None
in calls to subnet-create, so that neutron will behave as
devstack expects. This parameter will no longer be required
once these configuration options are removed in the OpenStack
N release, but will be required for compatibility with Kilo,
Liberty, and Mitaka.
Change-Id: I29b2d62a022b43f6623b127af2ca303f9de847b0
Closes-Bug: #1472200
A value is never assigned, and it ends up in the nova.conf file as:
linuxnet_interface_driver =
So, let's delete it.
Change-Id: Ibc270ce6ee622eee871df1f8c11f21e8be8280ee
python-devel and the mysql/postgresql client dev-libs should all be
installed globally via the "general" installs; no need to installs
them separately
Change-Id: I91a9ace2e62a891634dbb4635ab2ad8c8dc59f91
Add a quick check so we don't reintroduce bad arguments as in
Ie1b8d09369281059d21da61b2725a457f708ae9e
Change-Id: Ibebc71791f2743eef64d6f7c2596d54a73ea92aa
neutron port-list returns a dictionary that's of random order in python 3.
This expression sometimes returns a NULL value thus failing devstack.
Add an expression that always returns a consistent ROUTER_GW_IP.
Change-Id: Id23d9afda275051ca68bcba2dfd1b6e30f02c628
I think these duplicate dependencies came in because we were not
correctly always installing "general" packages (see
Ie1b8d09369281059d21da61b2725a457f708ae9e)
Most of these are just extras for the lxml dependencies; I added zlib
devel to general for glance (seems pretty generic), and then that can
go too, as all other packages are specified.
Change-Id: I44b14ca15c64fad9daf1ac8d851704b02ea2eae0
The removal of the wheel caching code
(Ia140dc34638d893b92f66d1ba20efd9522c5923b) removed the install of the
"devlib" packages, which was being done with a call in
tools/build_wheels.sh
The idea of "devlibs" and "general" seems to be pretty much the same
thing -- global build requirements. I have removed the unused devlibs
files, and moved any missing packages into the "general" package
install file.
Change-Id: I8f34a164d6785a122394b42387d4221a7b447ae1
We are specifying the argument to get_packages incorrectly, so we are
not actually adding the packages in "general" to the list of packages.
In most cases, this is hidden as other more specific plugins/services
request their packages. However, as
I2dafd32f211fcbc9fff53030d736d97a5f1bb2df shows, not always. I think
this was uncovered by 5f8133caac
Change-Id: Ie1b8d09369281059d21da61b2725a457f708ae9e
This adds an iptables rule to allow ports 67 and 68. We see
occassionally dropped DHCP packets, which may be causing PXE failures in
ironic jobs.
I'm not 100% confident this fixes the issue, however I don't think it
can break anything and it rules out one theory.
Change-Id: I4630afb6f010a4c2cb146a79264c480c64c6e4b7
Related-Bug: #1393099
By default, devstack creates it's own test flavors for Tempest runs.
These are not in the cells API database since they are non-default
for nova so any resize tests in Tempest with cells and these custom
flavors fail.
Configure Tempest to not run resize tests if using cells and custom
flavors.
This allows us to also clean up a bunch of the resize skips found
in nova/devstack/tempest-dsvm-cells-rc.
Change-Id: I20f46024e45e32c60275703a193a56ae8cfe7eca
Closes-Bug: #1513925
With pip + upper-constraints we're nearly always over installing all
python packages because we no longer support a range, we support
*exactly* one version.
This removes a bunch of the gratuitous package installs which we're
going to install over, lxml, numpy, libvirt. All of these we had
coming from packages in the past for speed concerns, but upper
constraints removes that.
It also ensures that all the headers to build all those are in
general, so they are guarunteed available at all times.
Change-Id: Ia76de730d65c84d81c4fb2c980ae1b4d595f9f5b
tempest is already defined in stackrc as default.
Without this definition in local.conf,
tempest is installed successfully.
If it still needs "enable_service tempest" definition
on local.conf,
devstack itself has some problem.
In my environment, tempest installation works
without this definition on local.conf.
Change-Id: I25cda0142538d21bb9656b471e65ca5b018e8378
Thanks to lifeless, pip now implicitly has a wheel cache so that it
builds a wheel before every install, and uses that cache. All our
clever attempts at manually doing wheelhouse things is actually
bypassing the existing cache and making things take longer.
We should remove all of this code and just let pip do this thing,
which is does very well, and get out of the way.
Change-Id: Ia140dc34638d893b92f66d1ba20efd9522c5923b
In Tokyo, there was a cross project session on distributed
key locking:
https://etherpad.openstack.org/p/mitaka-cross-project-dlm
In support of the discussion there, we'll need support for
a zookeeper service in Devstack and ability to use libraries
like Tooz for DLM functionality.
In this review, we pick up some configuration files from
monasca-api and copy the lib/template to implement the
zookeeper lifecycle. Those services that need zookeeper
need to add "zookeeper" in ENABLED_SERVICES.
Change-Id: Icef26e5cdaa930a581e27d330e47706776a7f98f
with the release of osc 1.8.0, modifying object store account
properties is now available. use this mechanism and avoid setting
environment variable that are only helpful for swift CLI.
Change-Id: Ie51e3e2bb86162763f23d0a6bed36208811f89fc
interface_driver configuration was updated to use stevedore aliases.
This patch is to change devstack scripts to now use the aliases
instead of the previous class imports.
Closes-Bug: #1504536
Change-Id: Ic56bfcc1f9da05a999e6fd328e4dd6617e9470ff
If local.conf specifies a config file addition in the following way...
[[post-config|$MY_CONF_FILE]]
[xyz]
foo=bar
...and $MY_CONF_FILE points to a file whose directory is not writable by
the user running the script, then stack.sh aborts with the following
obscure message:
2015-09-01 08:20:08.113 | touch: setting times of '/': Permission denied
This patch modifies inc/meta-config to provide a useful error message,
such as:
2015-09-01 08:20:08.114 | could not create config file / ($MY_CONF_FILE)
This patch also modifies inc/meta-config so that it provides an error
message if $MY_CONF_FILE is empty (instead of silently ignoring this local.conf
statement):
2015-09-01 09:38:53.406 | bogus config file specification: $MY_CONF_FILE
is undefined
Change-Id: I9b78407420318548561012a8672762bc7fdd6db6
Closes-Bug: 1490881
* ReST doesn't allow monospace in italic sections.
bash$ grep -R \`\` doc/build/html/ --include "*.html"
* The code-block section "::" needed an empty line before the code,
otherwise it gets shown in the HTML output.
bash$ egrep -R "<dt>::" doc/build/html/ --include "*.html"
* Monospaced font incorrectly marked with a single back tick
bash$ egrep -nR '\w`(\s|[\.,;:])' doc/source/ --include "*.rst"
Change-Id: I66c3f685f33851c3f3f0f859996037fc24930246
Looks like this was just a typo in the original
d1498d74db816b3edbb8376ca5acb7cc5792ea5c ; replace with
environment variable
Change-Id: I877c1a570a68e926c91fc8a393217e6b18245f82
As files/keystone_data.sh has been removed in the commit
https://review.openstack.org/#/c/79366/, we should remove some
related documations and comments.
Change-Id: I7802d0052fa28d8debb7f361d36a4f108869554c
Since:
- novaclient doesn't require specify the *compute api* version
(default is 2.latest now)
- novaclient doesn't use COMPUTE_API_VERSION, since it's wrong name(
OS_COMPUTE_API_VERSION is a correct name)
we can remove COMPUTE_API_VERSION and NOVA_VERSION vars
Change-Id: I47856863e9403870b8d60c778b97d3de1a212ae1
When keystone API v3 was introduced, filtering regions when listing
endpoints was not supported (see [1]). This caused multi-region devstack
deployments to fail (see [2]). A workaround was introduced to devstack
to enable for multi-region deployments until region filtering would work
in keystone API v3.
Now that the bug related to region filtering in keystone is resolved,
the workaround should be removed.
[1]: https://bugs.launchpad.net/keystone/+bug/1482772
[2]: https://bugs.launchpad.net/devstack/+bug/1483784
Closes-Bug: #1511745
Related-Bug: #1483784
Related-Bug: #1482772
Change-Id: I52d13c3f5e7b77a7f8fb1be4dcea437988ebddfe
The 'verbose' option has been deprecated by oslo_log. Using it
results in a warning for the 'nova-manage' command and likely
many other OpenStack commands.
Change-Id: Icc11b25f56ebc62443c6afa90b9572d5c63b3882
Partial-bug: #1511505
132fbcd38ebae52bdd20da54905131b75581520f in cinder changed the
volume_clear StrOpt to use the choices kwarg which enforces the value
specified and raises a ValueError if an invalid value is set for the
option in cinder.conf.
This lets us remove the validation that devstack was doing.
Change-Id: Ia7eead6297ed0f3a972de2021170fe9c7225e856
To avoid hanging services during gracefull shutdown option
graceful_shutdown_timeout should be configured.
Closes-Bug: #1446583
Change-Id: I2b7f0df831d65c55ae8cae241478f49c9641d99f
The protocol for connections with Cinder is wrong for the Ironic script. This
patch changes the script to use $GLANCE_SERVICE_PROTOCOL, which is https when
USE_SSL=true or tls-proxy is on ENABLED_SERVICES.
Change-Id: I4d4c6f9dc6f6ee53166db109848dca64334b8748
Adds the $ENABLE_HEAT_PLUGINS variable, which should be a list of
the names of the plugins the user wishes to install.
Change-Id: I2ba90002a8fad1cdce6543c89dc37c5912fe133e
Bashate 0.3.2 has a few new checks -- firstly make sure some of the
plugins have #!/bin/bash, and fix up a couple of "local" changes that
were missed by I9c8912a8fd596535589b207d7fc553b9d951d3fe
Change-Id: I9e4b1c0dc9e0f709d8e76f9c9bf1c9478b2605ed
The libvirt+lxc backend in nova does not support shelve, image snapshot
or any volume-related actions (so pretty much anything to do with
cinder), so we need to configure tempest to not run tests that hit those
operations/service when using libvirt/lxc.
This is part of an overall effort to get a CI job running for nova with
the libvirt+lxc configuration per:
Ic07c39e219121ba6b8b20de2b83a193bb735133d
Change-Id: I4decfcc5a5dfbabdecb3eb9fc93f1d1d6c2af805
Add templates for running Heat API services via
apache mod_wsgi. Also add appropriate functions to
lib/heat for configuring Heat.
Change-Id: I1bdd678c44ddfa616a9db7db85ff6f490ff08947
After having migrated the copies of clouds.yaml to just consume from
/etc, remove the duplicate copy.
Change-Id: I036704734785958c95d2234917d7b40bd797a375
This fails in the environment where sudo does not have permissions to
write in /home/$USER folder, e.g. [1]
Also clean-up the comment/variable usage a bit; the location isn't
actually variable at all (and that's fine, but we don't need a global
here)
[1] http://144.76.193.39/ci-artifacts/228979/10/Nova-ML2-Sriov/console.html.gz
Change-Id: I6807eae9d1c27219aa7c19de29f24fa851aa787c
When nova-api and nova-ec2-api services are started by Apache
(it can be done with devstack config option NOVA_USE_MOD_WSGI=True)
log files contained duplication of timestamp value.
Change-Id: I5439ea8f89ca3073600456f67220e9d3f5257d97
Closes-Bug: #1510517
The neutron use_namespaces option is deprecated since Kilo, it's time
remove it from neutron and devstack.
Related-bug: #1508188
Change-Id: I4feb2a15c7e1e4bfdbed2531b18b8e7d798ab3cc
A new project olos.privsep has been created but failes sdvm testing as
even though the library is added ro PROJECTS and LIBS_FROM_GIT it isn't
installed by devstack.
Add oslo.privsep to the install_oslo function
Change-Id: Ia4d56747d56dcfe50889ebbdf9d553df13e1b950
This patch alows specifiying a deviation of the swift default port 8080 with
variable SWIFT_DEFAULT_BIND_PORT. The created endpoints in keystone for
object-store and the backup_swift_url in cinder.conf will use variable
SWIFT_DEFAULT_BIND_PORT instead of the fixed port 8080.
Change-Id: I47bbcf77368c430718fb8f29b7de1ff305e64422
Closes-Bug: #1489767
This commit fixes an issue with the tempest configuration when
TEMPEST_HAS_ADMIN is disabled. Without admin credentials tempest
is unable to create credentials at all so enabling tenant isolation
is not going to work. Previously devstack wasn't setting it one way
or the other when TEMPEST_HAS_ADMIN was set, which results in the
default of being enabled. So jobs that try to run tempest without
admin were failing.
Change-Id: Iff496cb5cbf29f17c130cfad746b48d8547ca965
Since nova-ec2-api service was removed from nova it is not
needed in devstack.
Change-Id: I91d4be02a1a9c2ca4d18256d9a37a5c2559f53b7
Closes-Bug: #1530798
There are more than one user that need to access clouds.yaml values
in tests. Rather than copying the file everywhere, simply output
it to /etc/openstack.
However, we have things copying it at the moment, so output to
both places. A follow up patch will remove the homedir version.
Change-Id: I21d3c2ad7a020a5ab02dc1ab532feae70b718892
beacuse of the stackforge project move to openstack project,
so change the document url to git://git.openstack.org/openstack/.
Change-Id: I1628c0aeb62ee519867fdaee56386e22978c4271
The path is tools/build_wheels.sh, but in the Makefile which is
tools/build-wheels.sh. Modify it to the correct one.
Change-Id: If297b65b539403af10a73adbbadfcd8281d40009
Closes-Bug: #1507699
After devstack runs ./stack.sh, there is a file named userrc_early
which contains sensitive information is created, we should add it
to ignore list, because it is only for end user debugging.
Change-Id: Ic99c279ec6a3606dc6f6ba9a7612b5ca7a2b6b10
I want to release a new bashate, but I also don't want to risk
consuming it before fully testing it. By pinning here, we can run all
our usual CI on new versions before accepting them.
Additionally, allow substitution of the bashate dependency via an
environment variable. We can use this in a bashate test to substitute
a path to a checkout with any changes applied.
Change-Id: I165c4d66db8b7bdcff235ef7d8c99029637bb76a
Cells doesn't support the os-attach-interfaces API so disable those
tests in Tempest if running with Cells.
Change-Id: I5c7884407868eae70ea125f3f893c73214c04c75
After I9c8912a8fd596535589b207d7fc553b9d951d3fe this approach leads
to a failure and breaks (at least) ironic-inspector gate.
Change-Id: I19bb8ada9a6f42d375838cc88a376715918c2a3e
There is no need to test here whether v2 is disabled or not. V3
Authentication will always be available and we should just use that.
Change-Id: I0d2d76ebdf261917f1a2b23c65f0f843ae50f49a
The interactive password prompt currently saves to .localrc.auto
However, this is removed when you re-run stack; that is required as it
is how we source the localrc bits of local.conf, and we want the
users' changes to be picked up.
The passwords, however, should remain constant, because everything has
already been setup with them. So write them to a separate file. Note
we source before localrc so it can still overwrite them.
Some minor flow-changes too
Change-Id: I9871c8b8c7569626faf552628de69b811ba4dac0
Closes-Bug: #1505872
The os_RELEASE for RHEL is 7.1 (for example). Which does not work for comparisons
to an integer. And, while I am at it, change base_path to not use a hard-coded
directory.
Change-Id: I64a04810cc7ba4668c2cb7a8df79c206301e9e16
OVS_PHYSICAL_BRIDGE is not always set, like when you don't need specify the
bridge mapping, and also it has no default value. So we need to add
verification of OVS_PHYSICAL_BRIDGE in cleanup_neutron function where we refer
to it.
Change-Id: I69d113a7f3f7e67b09cb72fa0b0d3bba188e783a
Close-Bug: #1474634
These functions commonly externally called (as part of stackrc
inclusion, even) and do a fair bit of iteration over long
service-lists, which really fills up the logs of devstack and grenade
with unnecessary details.
The functions are well tested by unit-tests, so we are very unlikely
to need to debug internal issues with them in a hurry. Thus turn
logging down for them.
Change-Id: I63b9a05a0678c7e0c7012f6d768c29fd67f090d2
In Tempest config, `image-feature-enabled deactivate_image` is
enabled twice. This patch removes one of the redundant call to iniset.
Change-Id: Idbfcd6d6ee171c2c83736e17bbaf3d7a32c738b1
In neutron-legacy function _move_neutron_addresses_route, there are
few lines trying to figure out the bridge IP by assuming that the
bridge IP will be always same as the HOST_IP, this is not always true.
When the nic bears the HOST_IP and the nic which will be used as the
public network are different nics, the code in that method fails.
Eventually the function fails with network unreachable error.
This patch set fixes the problem, so that when HOST_IP and the IP for
the bridge are different, devstack will still be setup correctly.
Change-Id: I4d67f61c2ffd93f1e8ea2f8fe3b551044fab294e
Closes-bug: #1498538
this adds a timing infrastructure to devstack to account for time
taken up by set of operations. The first instance of this is
accounting the time taken up by doing apt_get calls.
Change-Id: I855ffe9c7a75e9943106af0f70cf715c34ae25c5
In this guide, multiple interfaces in DevStack is only used when doing
provider networking, so let's go ahead and just put the information
inside the provider network section. That way it won't be confusing.
Change-Id: I66f58ffb936230e72ac4cf8c04668e25dac5b17a
This prevents bleed out of the i variable to other functions that
might call this inside their own iteration loop.
Change-Id: I42d0c287a6f4bb24ae3871de9abb7e0de98a8462
Also remove variable definitions from compute node localrc that is only
applicable on the control node.
Change-Id: I37b00611ff08d8973f21af7db340d287b1deb4af
With the advent of plugins and their settings files it has become
possible to disable_service in local.conf only to have the service
re-enabled in a plugin settings file. This happens because of
processing order.
To get around this the disable_service function now aggregates
service names into a DISABLED_SERVICES variable which is then checked
during enable_service. If something tries to enable something that
was previously disabled, a warning is produced in the log and the
service is not enabled.
Then after all configuration has been sourced a final check is to
done by verify_disabled_services to confirm that something has not
manually adjusted ENABLED_SERVICES to overcome a previously called
disable_service. If something has, the stack dies with an error.
Change-Id: I0f9403f44ed2fe693a46cd02486bd94043ce6b1a
Closes-Bug: #1504304
As a follow-on to I8cefb58f49dcd2cb2def8a5071d0892af520e7f7, put in
some detection around missing variable-to-test arguments in
trueorfalse.
Correct a couple of places where we were passing in blank strings,
resulting in the default always being applied.
Add test-cases and enhance the documentation a little.
Depends-On: I8cefb58f49dcd2cb2def8a5071d0892af520e7f7
Change-Id: Icc0eb3808a2b6583828d8c47f0af4181e7e2c75a
This lets you specify that devstack should not be run by the user on
the box that you are on. Helps with running commands in the wrong
window.
Change-Id: I7aa26df1a2e02331d596bbfefb0697937787252f
This will make curl fail on pypi errors, and should prevent corrupt
images from pypi going offline for a few hours randomly, which it does
from time to time.
Closes-Bug: #1503909
Change-Id: Ib4a740b7d1772e1e36aa701e42d3ac0f0ee12883
If get-pip servers fall over and return 503 for a few hours (which
they do medium regularly) we'll cache crud html, and everything will
suck. We know this script should be python, so if it isn't, delete it.
Change-Id: Ia9f6f7c7217939bc1ab5745f4a9d568acfbf04c8
Setup the log output before calling functions like
check_path_perm_sanity that want to write out to
the error log.
Change-Id: I9815965257c399a48f8cf0f344814d954137aecb
Closes-Bug: #1500834
one cron job attempts to print debug text into stderr; so the file
of /root/dead.letter gets created and its size grows continuously.
It could eventually threaten dom0 disk space. Maybe there are two
solutions: one is to redirect the output to a specific log file;
and rotate log files in the script. And the other one is simply
to redirect the output /dev/null. By considering the function of
this cron job and the printed contents are straight and simple,
this patch set goes with the later solution.
Change-Id: I4875e5e3837e6f0249e314c6c5f408c79145c6c1
Closes-Bug: 1503966
As a follow-on to the issues raised by
I069f46f95656655ae7ba8f3dd929f47eae594b68, rather than a re-write of
create_userrc.sh logic, create a temporary userrc that can be helpful
for debugging until we have the whole system bootstrapped
Change-Id: I3325acffd259cf7f6f4a153c88037cfe8405ca50
we were unconditionally adding -z to the curl command even if the file
doesn't exist that we are referencing. That produces a scary warning
for users. Lets not do that.
Change-Id: Id2860c1c702510b0f8fd496abce579d0fa3ff867
This adds a warning for extras.d usage. This will give us something to
keep an eye on in logstash to build up the list of projects that will
break at Mitaka-1.
This also makes the deprecated handling done through a function, which
will hopefully make it more consistent in the future.
Change-Id: Icd393bc3e7095fe58be0fd13ef74fece3aa5c5f1
At the moment the following md and conf files are handled with shocco.
This should not be the case.
* samples/local.conf
* lib/neutron_thirdparty/README.md
* lib/neutron_plugins/README.md
Change-Id: I11ea5ebda111e6cdab71d3cffaeb4f16443bfd3c
Ia0957b47187c3dcadd46154b17022c4213781112 proposes to have bashate
find instances of setting a local value. The issue is that "local"
always returns 0, thus hiding any failure in the commands running to
set the variable.
This is an automated replacement of such instances
Depends-On: I676c805e8f0401f75cc5367eee83b3d880cdef81
Change-Id: I9c8912a8fd596535589b207d7fc553b9d951d3fe
Ia0957b47187c3dcadd46154b17022c4213781112 detects setting local
variables with subshell commands.
Although this is a particuarly benign case, it trips the test. Rather
than putting in an ignore for this, we can easily change it to make
the test pass. This seems better than putting in special work-arounds
to bashate, etc.
Change-Id: I37c3967c0f2d780a636a7d26cda83755085c5c69
Metadata agent now talks to neutron-server thru AMQP, so there is no use
for API access configuration.
Change-Id: I8f81eea91fe3448d5098e77312f64f2eaba68a68
Depends-On: I254c575c66214f50fb93a94c46c4c9caebfc2937
Closes-Bug: #1502947
Guests with large memory requirements can use default flavors, so
removing the special flavor for ppc64 since new qemu requires more
memory - http://wiki.qemu.org/ChangeLog/2.4 - PowerPC.
Users should set DEFAULT_INSTANCE_TYPE to one of the default
flavors available in local.conf, as m1.tiny.
DocImpact
Change-Id: I0fd275dc7342cc2daa83e9a2bd79d30e7defa3e4
Since Ic2532676e46e93f129d590d1fa7a044ef65f50fb bashate warns on
long-lines. Traditionally, for whatever reason, devstack hasn't cared
too much about long lines unless it really damages readability.
So ignore this to avoid thousands of warnings on the long lines. Note
even though released bashate doesn't have this, ignoring a missing
test doesn't matter.
Change-Id: I16aeaa3b334fac1eec5085f2cfe26c81c53023a8
This is being removed from the Neutron tree, so there is
no need to keep it here anymore.
Change-Id: Ice869bc445cb9dab6f227c30d38fb9b7ba04442b
Depends-on: I949a51873ee5af654b577952d423dd29a6ced8e7
The default bind_port (6011-6013) in the sample config files for swift
use port numbers that are in the range registered by X11 (6000-6063) and
can prevent swift from starting if the ports are in use.
We should use an unregistered range (6611-6613).
Change-Id: Ifd95b99004aead5ddc8ae1a8dd3ccd9c4f2abe91
Closes-Bug: #1254328
Kill them twice to make sure they're good'n'dead. There is a supposed
fix to oslo-incubator code, but we're working around that here in the
meantime with this change.
This returned in Liberty.
Change-Id: I02a7af995dc7de857c4efcf2cef2f95d357c007a
Related-Bug: #1446583
(cherry picked from commit 953baa7998f253681ed31013fd18bd8aa8098b34)
These files have acquired execute permissions that
are not strictly necessary because they are being
sourced, and not intended to be run separately.
Restore to 644
Change-Id: I0b8654123416a07521502b61610ca45c94494a07
There has been a ton of fall out from this change, and I
think it's been premature. We should revert and try again
when more of the client space supports this.
This reverts commit a29434460e.
Change-Id: I1658dc48a024627be0fdb39c46137aaa3d9b911a
When moving to Python 3, we also need to install test-requriements
to allow projects to install any python 3 test dependencies they
might be missing otherwise.
Change-Id: I2d19aa2f7ec8de869a82aa7764ab72cc8693101f
When I deploy linuxbridge-agent and enable tunneling,
the configuration of neutron isn't right. It lacks
the whole section [vxlan] to be properly configured.
Change-Id: Ib3bfe0f3445f466f4dbb36f7f0cb0d940114e7f6
Closes-Bug: #1481126
This reverts commit f768787bdd.
And sets OS_AUTH_VERSION so swift CLI doesn't fall flat when
not using v2 keystone
Change-Id: If44a7e0d85e48020a3c90d8c5c027513129f0f3b
If `DATABASE_TYPE` is configured in `local.conf`, the database backend
is currently configured with `initialize_database_backends` even if no
database backend is enabled.
On a multi-nodes Devstack environment, such as devstack-vagrant, the
compute node currently fails because it does not have PyMysql. This
compute node has no database backend enabled, but has to connect to
the database on another node.
We should install the python client if DATABASE_TYPE is set, even
if no database backend is enabled.
Closes-Bug: 1501001
Change-Id: Iffd5f7243a0dfdbe56cf6b9a87b96ed7678c81dd
Commit 1ce19ab76d dropped API_WORKERS from
nproc/2 to nproc/4 and also started using API_WORKERS for the number of
conductor workers, so in gate runs that dropped conductor workers from 8
to 2. We're now seeing instance build timeouts in the large ops job.
This change goes back to nproc/2 for the large ops job (VIRT_DRIVER=='fake').
Closes-Bug: #1500615
Change-Id: Ie6ef855fce0a99c930d479b7459c15b69e8de499
This change adds apache templates for Cinder API services.
Also add possibility to switch between the old and new ways
to setup Cinder API.
Related Cinder blueprint:
https://blueprints.launchpad.net/cinder/+spec/non-eventlet-wsgi-app
Change-Id: Icfad40ee6998296727a95613199e5c2d87bd0a45
Depends-On: Ifbab059001d1567b1f7b394c0411a9ca4629f846
Co-Authored-By: Ivan Kolodyazhny <e0ne@e0ne.info>
We can just directly install the latest RDO repo rather than having to
keep this up-to-date. I don't think there is actually much there we
need any more; there was a lot more coming from RDO in the centos6
days. openvswitch is one big one, however.
Change-Id: I42b8bc1aea8ff61770987eecd5fc3b8309c1e210
The function guru_meditation_report() currently uses the User-defined
signal SIGUSR1 to kill a Nova Compute process so that a Guru Meditation
Report is generated.
Testing locally, in a DevStack instance, manually attempting to kill a
Nova compute process [kill -s USR1 `pgrep nova-compute`] does not result
in process being terminated, and no error report generated.
It turns out[1] that SIGUSR1 is used by Apache 'mod_wsgi'.
Using the signal SIGUSR2 resolves this issue (i.e. 'nova-compute'
process is terminated, and the Guru Meditation Report is generated).
So, use USR2, instead of USR1.
Corresponding oslo.reports related commit[2].
[1] https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIRestrictSignal
[2] 45b1c02d113051d147e54ef921ce8e94135542d8 -- guru_meditation_report:
Use SIGUSR2 instead of SIGUSR1
[3] Original DevStack commit that brought in this change --
2ebe993b25
Change-Id: I8a7eaf71b83edca3c80074d6bf2d471e3db6142b
This patch adds an admin role assignment for the admin user on
the default domain as part of the Keystone configuration stage.
Closes-Bug: #1494081
Change-Id: I91c88917bd51be4572e4970c94e65d866798df26
Commit 2ad1a42ca6 broke entirely the
Apache configuration for Keystone when used without a port on the
/identity URL. This patch fixes that.
Change-Id: I47805138c66456c9c5fa9af1f4ac33b03d0ce5b9
Now gate will tests Nova v2.1 as default and separate jobs
for v2 legacy and v2 compatible APIs -
I86a627b8ec7b1246452a16c10dcfb1ad5f83bdef
This commit cleanup the options used for old v2.1 jobs.
Separate options are provided for Nova APIs testing-
Ie6b7e4290d9a1d9789d04099b3b31c9a557bc22b
Depends-On: Ie0430cedb7a8136c04b9fb7d08746293aab79f42
To remove old V2.1 jobs.
Change-Id: Ibbed44e1c41ec1e6b3675317f08061810762796c
Currently horizon configures keystone using v3 only if v2 is not
available. Really we should just always be using v3.
Change-Id: Icac4d90b617209da75abf33f8e25ffc021c45fdb
Future work toward visualization of DevStack and devstack-gate performance
would benefit greatly from the availability of machine-parsable DStat output.
This patch outputs an additional logfile to $LOGDIR, `dstat-csv.log`, using
DStat's built-in CSV logging functionality.
An additional instance of DStat is started during start_dstat that outputs
to CSV-formatted text without `--top-cpu-adv` and `-top-io-adv` enabled, as
these plugins are currently incompatible with CSV output. To facilitate this,
a new `dstat.sh` script is added to $TOP_DIR/tools/ to act as a daemon to
manage the two processes.
Change-Id: I826c94c35b6a109308b4f132c181ff7a1f63bc7b
Depends-On: I534fb1f9356a7948d2fec0aecc7f275e47362a11
We do not need the HOST_IP to be detected in order to be able to list
our images. So just set that to some dummy value before sourcing
functions.
This will allow tools like disk-image-builder to work regardless of
whether get_default_host_ip succeeds or not.
Change-Id: I9c22d2066e34309e70e56076e3d17c5db6ecee06
In test_functions.sh, There aren't export_proxy_variables() tests.
This patch add test of export_proxy_variables to test_funstions.sh.
Change-Id: I76f2bab84f4019961e612b0bff0ab66646b6e160
2015-07-15 23:31:51 +09:00
256 changed files with 8949 additions and 7528 deletions
The Kilo release of OpenStack will support Version 2 of the neutron load balancer. Until now, using OpenStack `LBaaS V2 <http://docs.openstack.org/api/openstack-network/2.0/content/lbaas_ext.html>`_ has required a good understanding of neutron and LBaaS architecture and several manual steps.
Starting in the OpenStack Liberty release, the
`neutron LBaaS v2 API <http://developer.openstack.org/api-ref-networking-v2-ext.html>`_
is now stable while the LBaaS v1 API has been deprecated. The LBaaS v2 reference
driver is based on Octavia.
Phase 1: Create DevStack + 2 nova instances
--------------------------------------------
First, set up a vm of your choice with at least 8 GB RAM and 16 GB disk space, make sure it is updated. Install git and any other developer tools you find useful.
First, set up a vm of your choice with at least 8 GB RAM and 16 GB disk space,
make sure it is updated. Install git and any other developer tools you find useful.
Please note here that the "10.0.0.3" and "10.0.0.5" in the above commands are the IPs of the nodes (in my test run-thru, they were actually 10.2 and 10.4), and the address of the created LB will be reported as "vip_address" from the lbaas-loadbalancer-create, and a quick test of that LB is "curl that-lb-ip", which should alternate between showing the IPs of the two nodes.
Please note here that the "10.0.0.3" and "10.0.0.5" in the above commands are the IPs of the nodes
(in my test run-thru, they were actually 10.2 and 10.4), and the address of the created LB will be
reported as "vip_address" from the lbaas-loadbalancer-create, and a quick test of that LB is
"curl that-lb-ip", which should alternate between showing the IPs of the two nodes.
redhat-rpm-config # missing dep for gcc hardening flags, see rhbz#1217376
screen
tar
tcpdump
unzip
util-linux
wget
which
bc
libyaml-devel
gettext # used for compiling message catalogs
net-tools
java-1.7.0-openjdk-headless # NOPRIME rhel7
java-1.8.0-openjdk-headless # NOPRIME f21,f22
pyOpenSSL # version in pip uses too much memory
iptables-services # NOPRIME f21,f22
zlib-devel
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.