Compare commits

...

55 Commits

Author SHA1 Message Date
elajkat 5986c350ae Handle_tags and branches for unmaintained also
Related-Bug: #2056276
Change-Id: Iaa34624d1d85cadf1b45bec780ef8d97dd054041
(cherry picked from commit 92b65a84cc)
(cherry picked from commit 0c1e594e45)
(cherry picked from commit d59e528c74)
(cherry picked from commit c52f50ee8c)
(cherry picked from commit c755ca9219)
(cherry picked from commit d7b71cb65b)
2024-09-18 11:23:30 +00:00
Dan Smith 275a84f929 Try to reduce mysql memory usage
These are a few tweaks I applied to my own memory-constrained cloud
instances that seemed to help. I have lower performance requirements
so this may make things worse and not better, but it's worth seeing
what the impact is. I'll admit to not knowing the full impact of these
as they're mostly collected from various tutorials on lowering memory
usage.

Enable this for now on devstack-multinode

Change-Id: I7b223391d3de01e3e81b02076debd01d9d2f097c
(cherry picked from commit 7567359755)
(cherry picked from commit b12cc4181c)
(cherry picked from commit c4a1f86548)
2024-09-05 10:12:45 +02:00
OpenStack Release Bot 0cf2370bc5 Update .gitreview for unmaintained/xena
Also set TARGET_BRANCH=unmaintained/xena

Change-Id: I896879fbb71c787675da7552fc00e0c13f52b7fe
2024-07-23 14:47:40 +12:00
Clark Boylan 37f0673893 Drop devstack-gate roles from devstack zuul jobs
Devstack-gate has been retired and relying on a retired repo for roles
in zuul produces errors (because the roles are no longer in the HEAD of
the repo). It doesn't look like devstack actually relies on these roles
in d-g (if it does they can be ported into devstack instead) so we just
drop the roles specifier for d-g in the devstack job.

NOTE(elod.illes): nova-ceph-multistore job is broken in this branch, so
it is set as non-voting in check queue and removed from gate queue
until it gets fixed.

Change-Id: I28a39b31f71153a602d41cefe621a216d09a290f
(cherry picked from commit d487302e60)
(cherry picked from commit 503116557a)
2024-05-16 17:55:54 +02:00
Jeremy Stanley de9a15adbc Drop the devstack-single-node-centos-7 nodeset
OpenDev is preparing to remove centos-7 nodes on March 15[*]. This
change drops one nodeset definition which is the last remaining
reference on DevStack's master branch.

[*] https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/message/A2YIY5L7MVYSQMTVZU3L3OM7GLVVZPLK/

Change-Id: Icd487e1012263a9b0bc13b529d31ff2025108adf
(cherry picked from commit c7472801f7)
2024-03-04 19:28:25 +00:00
Alfredo Moralejo b050ce8253 Use RDO official CloudSIG mirrors for C9S deployments
Instead of using RDO Trunk repo server, CentOS official mirrors provide
a most reliable infrastructure and supports EMS which is required when
enabling FIPS in C9S.

RDO didn't publish official release rpms for Xena and Wallaby, install
"rdo-release-yoga" release rpm for Xena. Devstack only uses RDO repository for binary dependencies such as rabbitmq, openvswitch.

Change 0da88c4af0 is squashed in this
commit.

Closes-Bug: #2020661
Closes-Bug: #2020434
Change-Id: Icd99f467d47aaafaaf3ee8f2a3c4da08842cb672
(cherry picked from commit b2ad00cb66)
(cherry picked from commit 4062cc0f85)
2023-09-25 09:26:19 +00:00
jskunda 431b5c2ed5 git: git checkout for a commit hash combinated with depth argument
This patch: https://review.opendev.org/c/openstack/devstack/+/882299
provides functionality, that commit hash can be passed as last arugment,
however when GIT_DEPTH is set, it fails, as in:

timeout -s SIGINT 0 git clone https://github.com/ovn-org/ovn.git ./ovn
--depth 1 --branch 03b95a4566a15f7544f4cdf35629dacede4dcf55
fatal: Remote branch 03b95a4566a15f7544f4cdf35629dacede4dcf55
not found in upstream origin

Closes-Bug: #2023020
Change-Id: I748354964a133e028e12458cc9014d6d014cbdb9
2023-08-02 15:44:06 +02:00
Zuul 5abbcc79b6 Merge "Fix installation of OVS/OVN from sources" into stable/xena 2023-06-28 10:48:28 +00:00
Zuul ad6d4ac7c5 Merge "git: support git checkout for a commit hash" into stable/xena 2023-05-21 09:00:08 +00:00
Slawek Kaplonski 9794f48abb Fix installation of OVS/OVN from sources
This patch changes user who runs ovsdb-server and ovn-nortd services
to root.
It also adds installation of the libssl dev package before compilation
of the openvswitch if TLS service is enabled.

Co-Authored-By: Fernando Royo <froyo@redhat.com>

Closes-Bug: #1987832
Change-Id: I83fc9250ae5b7c1686938a0dd25d66b40fc6c6aa
(cherry picked from commit 3de92db663)
2023-05-09 19:51:34 +00:00
Ghanshyam Mann 3530762178 [stable-only]: Set system_scope_supported
There is a new config option 'system_scope_supported'
added in glance-tempest-plugin
- https://review.opendev.org/c/openstack/glance-tempest-plugin/+/882363

which control whether or not to test the system scope asserts.

System scope is supported in glance only till stable/yoga so
setting the new flag to True for <=stable/yoga

Depends-On: https://review.opendev.org/c/openstack/glance-tempest-plugin/+/882363

Change-Id: I0e4a65a9887505e63b824a40c0dacea4a8396ea0
(cherry picked from commit fece4f466c)
2023-05-04 17:57:41 -05:00
Ihar Hrachyshka 5a47f37134 git: support git checkout for a commit hash
git_clone assumes a branch or a tag is passed as the last argument, and
it fails when a commit hash is passed, as in:

timeout -s SIGINT 0 git clone https://github.com/ovn-org/ovn.git
/opt/stack/ovn --branch 36e3ab9b47e93af0599a818e9d6b2930e49473f0
Cloning into '/opt/stack/ovn'...
fatal: Remote branch 36e3ab9b47e93af0599a818e9d6b2930e49473f0 not found
in upstream origin

Change-Id: Id1328d7cba418fa7c227ae9db4fe83c09fd06035
(cherry picked from commit e8915786e1)
2023-05-04 20:08:20 +00:00
Rajat Dhasmana 8d2aeb5bbf Create multiattach volume type for tempest
Creating multiattach volume is a non-admin operation but creating
multiattach volume type is an admin operation.
Previously cinder allowed creating multiattach volumes without a
volume type but that support is being removed with[1].
The change requires updating tempest tests[2] but some tempest
tests are non-admin, which require admin priviledges to create the
multiattach volume type.
Based on the last discussion with tempest team[3], the proposed
solution is to create a multiattach volume type in devstack,
if ENABLE_VOLUME_MULTIATTACH is True, and use it in tempest
tests. Similar to how admins create multiattach volume types
for non-admin users.

This patch creates a multiattach volume type if
ENABLE_VOLUME_MULTIATTACH is True. Also we set the multiattach
type name as a tempest config option 'volume_type_multiattach'.

[1] https://review.opendev.org/c/openstack/cinder/+/874865
[2] https://review.opendev.org/c/openstack/tempest/+/875372
[3] https://meetings.opendev.org/irclogs/%23openstack-cinder/%23openstack-cinder.2023-03-13.log.html#t2023-03-13T18:47:56

Change-Id: Icd3690565bf7b27898cd206641e612da3993703d
(cherry picked from commit 1898a683be)
(cherry picked from commit 16594b7b2a)
Conflicts: lib/cinder
    conflicts due to nvme support being added in 2023.1
    https://review.opendev.org/c/openstack/devstack/+/814193
(cherry picked from commit 977b591ee1)
(cherry picked from commit 4e2fe3a468)
2023-03-15 19:32:58 +00:00
Balazs Gibizer 977539d154 Use proper sed separator for paths
I941ef5ea90970a0901236afe81c551aaf24ac1d8 added a sed command that
should match and delete path values but used '/' as sed separator. This
leads to error in unstack.sh runs when the path also contains '/':

+./unstack.sh:main:188 sudo sed -i '/directory=/opt/stack/ d' /etc/gitconfig
sed: -e expression #1, char 13: unknown command: `o'

So this patch replace '/' separator with '+'.

Change-Id: I06811c0d9ee7ecddf84ef1c6dd6cff5129dbf4b1
(cherry picked from commit 7191c5e7e7)
(cherry picked from commit 7cfe94664f)
2023-02-05 17:05:21 +00:00
Ghanshyam Mann 4ed816a945 Make sdk functional job voting again
sdks job is fixed in osc requirements.txt change(depends-on)
so making it voting again

Depends-On: https://review.opendev.org/c/openstack/python-openstackclient/+/872340
Change-Id: I221e0c7510d4255cdad738898881b223328bd373
2023-01-31 11:58:59 -06:00
Ghanshyam Mann cb891834be Fix setting the tempest virtual env constraints env var
Devstack set the env var TOX_CONSTRAINTS_FILE/UPPER_CONSTRAINTS_FILE
which are used to use the constraints during Tempest virtual env installation.
Those env var are set to non-master constraint when we need to use non-master
constraints but when we need to use the master constraints we do not set/reset
them point to master constraints. This create the issue when running the grenade
job where we run Tempest on the old devstack as well as in the new devstack.
When tempest is installed on old devstack then old tempest is used and it sets
these env var to stable/<branch> constraints (this is the case when old devstack
(the stable branch is in EM phase) uses the old tempest not the master tempest),
all good till now. But the problem comes when in the same grenade script run
upgrade-tempest install the master tempest (when new devstack branches are in
the 'supported' phase and use the master tempest means) and are supposed to use
the master constraints. But the TOX_CONSTRAINTS_FILE/UPPER_CONSTRAINTS_FILE env
var set by old tempest is used by the tempest and due to a mismatch in constraints
it fails.

This happened when we tried to pin the stable/wallaby with Tempest 29.0.0
- https://review.opendev.org/c/openstack/devstack/+/871782

and table/xena grenade job failed (stable/xena use master tempest and supposed
to use master constraints)
- https://zuul.opendev.org/t/openstack/build/fb7b2a8b562c42bab4c741819f5e9732/log/controller/logs/grenade.sh_log.txt#16641

We should set/reset those constraint env var to master constraints if configuration
tell devstack to use the master constraints.

Making openstacksdk-functional-devstack job non voting as this is
failing 100% on stable/xena
- https://zuul.openstack.org/builds?job_name=openstacksdk-functional-devstack&branch=stable%2Fxena&skip=0

[1] https://github.com/openstack/devstack/blob/71c3c40c269a50303247855319d1d3a5d30f6773/lib/tempest#L124

Closes-Bug: #2003993
Change-Id: I5e938139b47f443a4c358415d0d4dcf6549cd085
(cherry picked from commit 7fe998109b)
(cherry picked from commit 30a7d790b6)
(cherry picked from commit febdb122e4)
2023-01-30 20:48:27 -06:00
Ghanshyam Mann 4356a64a00 [stable-only] Pin tox<4 in run-both.yaml playbook also
We pinned tox<4 in ensure-tox pre.yaml playbook
- https://review.opendev.org/q/I9a138af94dedc0d8ce5a0d519d75779415d3c30b

but did not realize that it is used in run-both.yaml playbook
also where we should pin too.

Depends-On: https://review.opendev.org/c/openstack/swift/+/869521

Change-Id: I4407f7036e3fd51ac79f68791151c3f9cd03bd01
(cherry picked from commit 689b399e3a)
(cherry picked from commit ff4cd115cc)
2023-01-07 05:19:33 +00:00
Ghanshyam Mann 1c064ef80a Pin tox<4.0.0 for <=stable/zed branch testing
Tox 4.0.0 has some incompatible changes, epecially more
strict on allowlist_externals. Tempest recently changed
allowlist_externals not to be *[1] causing the failure
on jobs where lib/tempest failing to run the tempest
as command in virtual env.

----------
venv: commands[0]> tempest verify-config -uro /tmp/tmp.qH5KgJHTF4
venv: failed with tempest is not allowed, use allowlist_externals to allow it
------

We do not need to test/fix the <=stable/zed branches with tox 4.0.0
and pinning them with the compatible tox version of the time stable
brnaches were releaased is better way.

This commit proposes:
1. Pinning the tox<4.0.0 for <=stable/ze branches testing
2. Workaround to unblock the master gate by pinning it <4.0.0 but
we should make our testing compatible with tox 4.0.0 soon.

Depends-On: https://review.opendev.org/c/openstack/devstack/+/867069

Related-Bug: #1999183

[1] https://review.opendev.org/c/openstack/tempest/+/865314 devstack based job started failing to run tempest command on venv.

Change-Id: I9a138af94dedc0d8ce5a0d519d75779415d3c30b
(cherry picked from commit ba54baa425)
(cherry picked from commit a3227ba0c0)
(cherry picked from commit 395f447085)
2022-12-09 02:54:03 +00:00
Zuul a298dc5fa0 Merge "Stop running devstack-no-tls-proxy on stable branch" into stable/xena 2022-12-06 20:13:57 +00:00
Martin Kopec a508507f1f Stop running devstack-no-tls-proxy on stable branch
Let's run devstack-no-tls-proxy job only on master periodic.

Change-Id: I4c0a5144da2549fe988bbabe8536e9a9873e1cf7
2022-11-29 17:09:18 +01:00
Martin Kopec e0c09e5f33 Remove centos-8/9-stream jobs on stable/xena
The following 2 already n-v jobs have been failing:
* devstack-platform-centos-8-stream - most of 2022
* devstack-platform-centos-9-stream - last 2 months

Considering that there isn't a lot of traffic on stable/xena
and we have a centos job in newer branches so any backport
patch gets tested there, the commit removes those 2 jobs
not to waste CI resources.

Change-Id: Id218cf2ad5fbb9cae5828972366fe85911e500b2
2022-11-24 00:32:01 +00:00
Zuul ca891ebfe7 Merge "lib/tempest: add wait for Glance image import" into stable/xena 2022-10-05 20:08:16 +00:00
June Yi 4c0a573982 Respect constraints on tempest venv consistently
In case of online mode, there is a procedure to recreate tempest venv.
For consistency of tempest venv during the entire stack.sh process,
add logic to consider the TEMPEST_VENV_UPPER_CONSTRAINTS option here.

Closes-bug: #1980483
Signed-off-by: June Yi <june.yi@samsung.com>
Change-Id: I0cea282152fd363af8671cab1b5f733ebe2bd4df
(cherry picked from commit 8355e81306)
2022-08-30 17:20:18 +01:00
Zuul 25aa75dd6b Merge "Support CentOS Stream 9" into stable/xena 2022-08-10 10:52:24 +00:00
Zuul 7908fa7e08 Merge "Fix tls-proxy on newer versions of openssl" into stable/xena 2022-08-10 10:52:22 +00:00
Alfredo Moralejo f624631bfa Support CentOS Stream 9
This patch includes changes required to run devstack on CentOS Stream 9
which has been already published in official repos by CentOS team [1]:

- Add RDO deps repository for CS9.
- remove xinetd package from installation for swift. Note that
  rsync-daemon is installed which should work fine.
- Replace genisoimage by xorriso in CS9.
- Use /etc/os-release to identify the distro in CS9 as it doesn't
  provide lsb_release command.
- Use pip from rpm package instead of from get-pip.py as done in Fedora.
- Add non-voting job devstack-platform-centos-9-stream to the check
  pipeline.

Depends-On: https://review.opendev.org/c/openstack/devstack/+/848364
Change-Id: Ic67cddabd5069211dc0611994b8b8360bcd61bef
(cherry picked from commit 5ea4c3c18c)
2022-07-01 16:06:12 +00:00
Michael Johnson 89caa37288 Fix tls-proxy on newer versions of openssl
Newer versions of openssl (CentOS9Stream for example) do not like using sha1.
Devstack will fail on these systems[1] with the following error:
801B93DCE77F0000:error:03000098:digital envelope routines:do_sigver_init:invalid digest:crypto/evp/m_sigver.c:333:
This patch updates the tls-proxy code in devstack to use sha256 instead of sha1 which allows devstack to complete when tls-proxy is enabled.

[1] https://zuul.opendev.org/t/openstack/build/1d90b22a39c74e24a8390861b3c5f957/log/job-output.txt#5535

Closes-Bug: #1962600

Change-Id: I71e1371affe32f070167037b0109a489d196bd31
(cherry picked from commit 35bc600da1)
2022-07-01 16:00:21 +00:00
Gorka Eguileor 0d22380971 Reduce memory consumption in Cinder services
This patch reduces memory usage on the Cinder Volume and Backup services
by tuning glibc.

The specific tuning consist on disabling the per thread arenas and
disabling dynamic thresholds.

The Cinder Backup service suffers from high water mark memory usage and
uses excessive memory.  As an example just after 10 restore operations
the service uses almost 1GB of RAM and does not ever free it afterwards.
With this patch the memory consumption of the service is reduced down to
almost 130MB.  If we add a revert from Cinder (Change-Id
I43a20c8687f12bc52b014611cc6977c4c3ca212c) it goes down to 100MB during
my tests.

This glibc tuning is not applied to all Python services because I
haven't done proper testings on them and at first glance they don't seem
to have such great improvements.

Related-bug: #1908805
Change-Id: Ic9030d01468b3189350f83b04a8d1d346c489d3c
(cherry picked from commit d5af514ac9)
(cherry picked from commit eb16f28ab2)
2022-06-30 15:00:29 +02:00
yatinkarel 41c19b2751 Allow to skip stop of ovn services
Grenade jobs stop services, check fip connectivity
for a nova server and then upgrade to next release.

But since ovn data plane and db services are stopped along
with other services, fip connectivity fails as a result.

We shouldn't stop these services along with other
neutron services. This patch adds a new variable
"SKIP_STOP_OVN" which can be used by grenade jobs
to skip stop of ovn services.

This will also fix the ovn grenade jobs.

Also source fixup_stuff.sh so function fixup_ovn_centos
is available. It's already sourced in stack.sh but
that's not used in grenade run.

Change-Id: I94818a19f19973779cb2e11753d2881d54dfa3bc
(cherry picked from commit 6f545e2567)
2022-06-03 03:53:03 +00:00
yatinkarel c8d8915be0 Configure placement section in neutron conf
Without it segment plugin fails to connect with
placement api. Configure the placement section
if service is deployed.

Closes-Bug: #1973783
Change-Id: Ie7f37770a04f622735cf2263c601257669ab5064
(cherry picked from commit 92a34dbe95)
2022-05-23 06:50:13 +00:00
Brian Rosmaita 2a5aeff28c lib/tempest: add wait for Glance image import
Glance image import is asynchronous and may be configured to do image
conversion.  If image import is being used, it's possible that the
tempest configuration code is executed before the import has
completed and there may be no active images yet.  In that case,
we will poll glance every TEMPEST_GLANCE_IMPORT_POLL_INTERVAL seconds
(default: 1) to see if there are TEMPEST_GLANCE_IMAGE_COUNT active
images (default: 1) up to TEMPEST_GLANCE_IMPORT_POLL_LIMIT times
(default: 12).

You can see an example of the issue this patch addresses in real
life:
https://review.opendev.org/c/openstack/glance/+/841278/1#message-456096e48b28e5b866deb8bf53e9258ee08219a0

Change-Id: Ie99f12691d9062611a8930accfa14d9540970cc5
(cherry picked from commit 111a38b4d6)
(cherry picked from commit e754b600f2)
2022-05-19 19:23:19 +00:00
Dan Smith d86f23b153 Write safe.directory items to system git config
This is necessary for more consistent behavior across multiple
distro versions. Apparently somewhere along the way, git started
looking at the current user's home directory instead of $HOME.

Related-Bug: https://bugs.launchpad.net/devstack/+bug/1968798

Change-Id: I941ef5ea90970a0901236afe81c551aaf24ac1d8
(cherry picked from commit 4baeb3b51f)
(cherry picked from commit 9616d22938)
2022-04-18 21:04:07 -05:00
Ian Wienand 8d7562e7c8 Mark our source trees as safe for git to use as other users
git commit [1] introduced a new behaviour to work around a CVE that
disallows any git operations in directories not owned by the current
user.

This may seem unrelated to installation, but it plays havoc with PBR,
which calls out to git to get to get revision history.  So if you are
"pip install"-ing from a source tree you don't own, the PBR git calls
in that tree now fail and the install blows up.

This plays havoc with our model.  Firstly, we checkout all code as
"stack" then install it globally with "sudo" (i.e. root) -- which
breaks.  We also have cases of essentially the opposite -- checkouts
we have installed as root, but then run tox in them as a regular user;
tox wants to install the source in its venv but now we have another
user conflict.

This uses the only available configuration option to avoid that by
globally setting the source directories we clone as safe.  This is an
encroachment of the global system for sure, but is about the only
switch available at the moment.  For discussion of other approaches,
see [2].

Related-Bug: https://bugs.launchpad.net/devstack/+bug/1968798

[1] https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9
[2] https://review.opendev.org/c/openstack/devstack/+/837636

Depends-On: https://review.opendev.org/c/openstack/devstack/+/837746
Change-Id: Ib9896a99b6d6c4d359ee412743ce30512b3c4fb7
(cherry picked from commit 676dcaf944)
2022-04-13 09:41:28 -07:00
Ade Lee 58163a9c82 Set chap algorithms for FIPS if not openeuler
The default CHAP algorithm for iscsid is md5, which is disallowed
under fips.  We will set the chap algorithm to "SHA3-256,SHA256",
which should work under all configurations.

For some reason, setting the CHAPAlgorithms as in c3b705138
breaks OpenEuler.  Making this conditional so that tests continue
to pass.

Change-Id: Iaa740ecfbb9173dd97e90485bad88225caedb523
(cherry picked from commit ac958698d0)
2022-02-10 16:26:37 +00:00
Ian Wienand 381cf373ab Remove Fedora testing from stable branch
Fedora tests are maintained on master branch only

Change-Id: I947022db335f30756bad5eeec943b9e84b0b31aa
2022-02-03 11:27:18 +11:00
Rodolfo Alonso Hernandez 13da39fc2e Add python3.6 pip support
Since pip v22, python3.6 is not supported (the minimum version is
python3.7). This patch adds the reference for the pip3.6 URL to be
used instead of the default one.

Closes-Bug: #1959600
Change-Id: Iab2c391d5388461fe9e9037cee81884ce8032e72
(cherry picked from commit a756f4b968)
2022-02-02 06:31:01 +00:00
Ghanshyam Mann 092894cefb Stop installing Tempest at system wide for stable branch
As added in notes for INSTALL_TEMPEST variable we need to set
this as False for stable branch so that devstack does not
install Tempest at system wide.

- https://github.com/openstack/devstack/blob/stable/xena/lib/tempest#L61

This should be done at the time when we cut the stable branch but
we forgot to do that for wallaby and xena. I have updated the QA
release wiki[1] for this to take care in future.

[1] https://wiki.openstack.org/wiki/QA/releases#Projects_with_only_Branches

Change-Id: I65304f66b3fe9c372fad8d4b521d0219833c1bf1
2022-01-17 10:17:53 -06:00
Dr. Jens Harbott 09c83cf07e Don't enable the dstat service in CI jobs
We still are seeing regular job failures because the pcp package fails
to install. Assume that we can still enable it on demand when someone
needs to debug specific job issues, let us just disable it by default.

Related-Bug: 1943184
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: I32ef8038e21c818623db9389588b3c6d3f98dcad
(cherry picked from commit 134205c138)
2022-01-07 08:18:56 +00:00
Zuul 8389f9756e Merge "Fix mysqladmin failure for Fedora 34 and mariadb" into stable/xena 2022-01-06 09:15:02 +00:00
Miguel Lavalle 68ef16134d Fix mysqladmin failure for Fedora 34 and mariadb
mysqladmin is incorrectly installed in Fedora 34 with mariadb. This
causes the failure of Zuul Fedora based jobs. The issue is a conflict
between mariadb and community mysql that is described in [1] and [2].

The workaround is to explicitly install package "mariadb"

Also configure an increased swap size like for the other platform jobs
in order to avoid OOM issues.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=2026933
[2] https://lists.launchpad.net/maria-discuss/msg06179.html

Closes-Bug: #1956116
Change-Id: Icf6d7e1af5130689ea10b29d37cc9b188b2c9754
(cherry picked from commit c1a75c6a50)
2022-01-05 15:34:58 +00:00
Dr. Jens Harbott f590210fd8 Fix tempest upper-constraints
When deploying devstack in a stable branch, the master branch is
available locally only in a CI environment where Zuul prepares all
available branches. For a non-CI deployment we need to stick to using
the remote branch as was the case before [0].

While the situation on the master branch isn't really broken, we apply
the fix here anyway so that future stable branches are created in a
working state.

[0] I5d42ac6b54bf20804d7e5faa39d1289102318b64

Closes-Bug: #1956219
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: Ib7719cb2d48b34db70f885e0afe77d904abba3b5
(cherry picked from commit 2ef4a4c851)
2022-01-05 13:30:16 +00:00
yatinkarel 55a25a0ea4 Use upper-constraints from in review changes
Currently upper-constraints.txt is not getting used
from in-review changes of requirements project and
leading to merge of broken requirements[1].

Use master branch to fetch constraints instead of
the remote branch.

[1] https://review.opendev.org/c/openstack/requirements/+/822575

Depends-On: https://review.opendev.org/c/openstack/requirements/+/823128
Change-Id: I5d42ac6b54bf20804d7e5faa39d1289102318b64
(cherry picked from commit 05e622ead2)
2021-12-30 05:42:10 +00:00
Dr. Jens Harbott fe59f94632 Further fixup for Ubuntu cloud images
The official Ubuntu cloud images have some further python pkgs
preinstalled that conflict with our requirements. Allow to
overwrite them.

Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Closes-Bug: 1871485
Change-Id: I793c250cae5e7b9bc835b7016d790d1f9ae8a7f3
(cherry picked from commit 61a37bff9a)
2021-12-16 14:44:17 +00:00
Lee Yarwood ee629cc775 nova: Ensure each compute uses a unique iSCSI initiator
The current initiator name embedded in our CI images is not unique at
present and can often cause failures during live migrations with
attached volumes. This change ensures the name is unique by running
iscsi-iname again and overwriting the existing name.

We could potentially do this during the image build process itself but
given that devstack systems are not supposed to be multi-purpose this
should be safe to do during the devstack run.

Closes-Bug: #1945983
Change-Id: I9ed26a17858df96c04be9ae52bf2e33e023869a5
(cherry picked from commit 714826d1a2)
2021-10-07 09:42:13 +01:00
Zuul 5d8cb0f7f3 Merge "Cap Volume, Swift, and Volume API extensions list for stable/xena" into stable/xena 2021-09-30 16:02:33 +00:00
Ghanshyam Mann e71d653ff7 Cap Volume, Swift, and Volume API extensions list for stable/xena
Change-Id: I0729fec0184a809252bc8adae0c2ab9a955dc69c
2021-09-29 13:12:32 +00:00
Ghanshyam Mann 20775ac096 Re-enable nova-ceph-multistore job
nova-ceph-multistore was failing on stable branch
as it was picking master version of base job instead
of stable one. There is issue in job variant in base
ceph job which is now fixed by depends-on.

Re-enable it in devstack gate.

Depends-On: https://review.opendev.org/c/openstack/devstack-plugin-ceph/+/811348
Depedns-On: https://review.opendev.org/c/openstack/devstack-plugin-ceph/+/811478
Change-Id: Ia7f53b41f2450fb0dd7743f7dc7024cd987feeb7
2021-09-28 14:43:02 -05:00
Jens Harbott 135c46671f Fix uwsgi config for trailing slashes
The apache mod_proxy documentation[0] says that trailing slashes need to
match for the ProxyPass statement. Since adding a slash to the redirected
url would break things that need to access endpoints like /identity
without anything added, we need to drop the trailing slash for the
target URL. See [1] for the discussion of the CVE fix that changed the
previous behavior.

For stable/xena the nova-ceph-multistore job is currently broken,
drop it for now, it can be re-added when they got fixed.

[0] https://httpd.apache.org/docs/trunk/mod/mod_proxy.html#proxypass
[1] https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1945274

Depends-On: https://review.opendev.org/c/openstack/devstack/+/811445
Change-Id: Ia6b1a41957833fba87a2e6f048d2483267632385
2021-09-28 20:02:34 +02:00
Zuul b7d2460bfe Merge "Cap max microversions for stable/xena" into stable/xena 2021-09-25 12:17:51 +00:00
Zuul 24bc90b1d2 Merge "Update stackrc for stable/xena branch" into stable/xena 2021-09-25 12:17:50 +00:00
Ghanshyam Mann 9e07cbb087 Cap max microversions for stable/xena
This commit cap the max microversions for compute
and volume API for stable/xena.

Compute- https://docs.openstack.org/nova/latest/reference/api-microversion-history.html#maximum-in-xena
Volume- https://docs.openstack.org/cinder/latest/contributor/api_microversion_history.html#maximum-in-xena
Placement- https://docs.openstack.org/placement/latest/placement-api-microversion-history.html#support-consumer-type-in-allocations-usage-and-reshaper

Change-Id: I971138997ca75bbeb6f7ee09ce6e44e3ef752c7a
2021-09-24 18:07:29 -05:00
Ghanshyam Mann fabaaa7824 Update stackrc for stable/xena branch
Change-Id: I1b42d2c2626710c2e81bff03dc1fb7dd5e854673
2021-09-24 13:37:56 -05:00
Clark Boylan 5d794033e2 Remove the zuul pragma to match master and feature/r1
This xena branch should not provide configs to master and feature/r1.
Doing so causes devstack's pre-run playbook to run twice as we run both
master's and xena's pre-run playbooks. This then fails because the
configure-swap role is not idempotent.

We fix this by detaching xena from master here and let master run master
configs and xena runs xena configs.

Change-Id: I1b3a463211b65b6aaa3e0e127a1b32962ad6bf9f
2021-09-24 09:51:50 -07:00
OpenStack Release Bot 776655bd15 Update TOX_CONSTRAINTS_FILE for stable/xena
Update the URL to the upper-constraints file to point to the redirect
rule on releases.openstack.org so that anyone working on this branch
will switch to the correct upper-constraints list automatically when
the requirements repository branches.

Until the requirements repository has as stable/xena branch, tests will
continue to use the upper-constraints list on master.

Change-Id: I6ba1a15a36fcb764cb4ef746daffb8b7e3cc7c8e
2021-09-24 12:53:14 +00:00
OpenStack Release Bot c7caa796bf Update .gitreview for stable/xena
Change-Id: I415fdc48705895d7f75a8b17c7d6dc8e43a7ac34
2021-09-24 12:53:10 +00:00
26 changed files with 361 additions and 160 deletions
+1
View File
@@ -2,3 +2,4 @@
host=review.opendev.org
port=29418
project=openstack/devstack.git
defaultbranch=unmaintained/xena
+19 -64
View File
@@ -1,11 +1,3 @@
- pragma:
# NOTE(gtema): this is required for the changes in SDK feature/r1 branch to
# be using devstack
# TODO(gtema): delete this once r1 branch is merged into master
implied-branches:
- master
- feature/r1
- nodeset:
name: openstack-single-node
nodes:
@@ -46,16 +38,6 @@
nodes:
- controller
- nodeset:
name: devstack-single-node-centos-7
nodes:
- name: controller
label: centos-7
groups:
- name: tempest
nodes:
- controller
- nodeset:
name: devstack-single-node-centos-8-stream
nodes:
@@ -67,20 +49,20 @@
- controller
- nodeset:
name: devstack-single-node-opensuse-15
name: devstack-single-node-centos-9-stream
nodes:
- name: controller
label: opensuse-15
label: centos-9-stream
groups:
- name: tempest
nodes:
- controller
- nodeset:
name: devstack-single-node-fedora-latest
name: devstack-single-node-opensuse-15
nodes:
- name: controller
label: fedora-34
label: opensuse-15
groups:
- name: tempest
nodes:
@@ -293,7 +275,6 @@
required-projects:
- opendev.org/openstack/devstack
roles:
- zuul: opendev.org/openstack/devstack-gate
- zuul: opendev.org/openstack/openstack-zuul-jobs
vars:
devstack_localrc:
@@ -412,7 +393,7 @@
PUBLIC_BRIDGE_MTU: '{{ external_bridge_mtu }}'
devstack_services:
# Shared services
dstat: true
dstat: false
etcd3: true
memory_tracker: true
mysql: true
@@ -421,7 +402,7 @@
subnode:
devstack_services:
# Shared services
dstat: true
dstat: false
memory_tracker: true
devstack_localrc:
# Multinode specific settings
@@ -487,7 +468,7 @@
# Core services enabled for this branch.
# This list replaces the test-matrix.
# Shared services
dstat: true
dstat: false
etcd3: true
memory_tracker: true
mysql: true
@@ -538,7 +519,7 @@
# Core services enabled for this branch.
# This list replaces the test-matrix.
# Shared services
dstat: true
dstat: false
memory_tracker: true
tls-proxy: true
# Nova services
@@ -598,21 +579,14 @@
description: |
Simple multinode test to verify multinode functionality on devstack side.
This is not meant to be used as a parent job.
vars:
devstack_localrc:
MYSQL_REDUCE_MEMORY: true
# NOTE(ianw) Platform tests have traditionally been non-voting because
# we often have to rush things through devstack to stabilise the gate,
# and these platforms don't have the round-the-clock support to avoid
# becoming blockers in that situation.
- job:
name: devstack-platform-centos-8-stream
parent: tempest-full-py3
description: CentOS 8 Stream platform test
nodeset: devstack-single-node-centos-8-stream
voting: false
timeout: 9000
vars:
configure_swap_size: 4096
- job:
name: devstack-async
parent: tempest-full-py3
@@ -635,23 +609,6 @@
devstack_services:
tls-proxy: false
- job:
name: devstack-platform-fedora-latest
parent: tempest-full-py3
description: Fedora latest platform test
nodeset: devstack-single-node-fedora-latest
voting: false
- job:
name: devstack-platform-fedora-latest-virt-preview
parent: tempest-full-py3
description: Fedora latest platform test using the virt-preview repo.
nodeset: devstack-single-node-fedora-latest
voting: false
vars:
devstack_localrc:
ENABLE_FEDORA_VIRT_PREVIEW_REPO: true
- job:
name: devstack-tox-base
parent: devstack
@@ -725,8 +682,6 @@
- devstack
- devstack-ipv6
- devstack-enforce-scope
- devstack-platform-fedora-latest
- devstack-platform-centos-8-stream
- devstack-async
- devstack-multinode
- devstack-unit-tests
@@ -764,6 +719,7 @@
- ^.*\.rst$
- ^doc/.*$
- nova-ceph-multistore:
voting: false
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
@@ -797,10 +753,13 @@
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
- nova-ceph-multistore:
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
# TODO(elod.illes): nova-ceph-multistore is broken in this branch,
# so it is set as non-voting in check queue and commented out here
# in gate queue until the job gets fixed.
# - nova-ceph-multistore:
# irrelevant-files:
# - ^.*\.rst$
# - ^doc/.*$
# Please add a note on each job and conditions for the job not
# being experimental any more, so we can keep this list somewhat
# pruned.
@@ -850,8 +809,4 @@
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
- devstack-platform-fedora-latest-virt-preview
- devstack-no-tls-proxy
periodic:
jobs:
- devstack-no-tls-proxy
+1 -1
View File
@@ -1,3 +1,3 @@
ceph # NOPRIME
redhat-lsb-core
redhat-lsb-core # not:rhel9
xfsprogs
+2 -1
View File
@@ -1,9 +1,10 @@
cryptsetup
dosfstools
genisoimage
genisoimage # not:rhel9
iscsi-initiator-utils
libosinfo
lvm2
sg3_utils
# Stuff for diablo volumes
sysfsutils
xorriso # not:rhel8
+2 -1
View File
@@ -3,7 +3,7 @@ curl
dnsmasq # for q-dhcp
dnsmasq-utils # for dhcp_release
ebtables
genisoimage # required for config_drive
genisoimage # not:rhel9 required for config_drive
iptables
iputils
kernel-modules
@@ -13,3 +13,4 @@ polkit
rabbitmq-server # NOPRIME
sqlite
sudo
xorriso # not:rhel8
+1 -1
View File
@@ -4,4 +4,4 @@ memcached
rsync-daemon
sqlite
xfsprogs
xinetd # not:f34
xinetd # not:f34,rhel9
+46 -11
View File
@@ -346,12 +346,19 @@ function _ensure_lsb_release {
# - os_VENDOR
# - os_PACKAGE
function GetOSVersion {
# We only support distros that provide a sane lsb_release
_ensure_lsb_release
# CentOS Stream 9 does not provide lsb_release
source /etc/os-release
if [[ "${ID}${VERSION}" == "centos9" ]]; then
os_RELEASE=${VERSION_ID}
os_CODENAME="n/a"
os_VENDOR=$(echo $NAME | tr -d '[:space:]')
else
_ensure_lsb_release
os_RELEASE=$(lsb_release -r -s)
os_CODENAME=$(lsb_release -c -s)
os_VENDOR=$(lsb_release -i -s)
os_RELEASE=$(lsb_release -r -s)
os_CODENAME=$(lsb_release -c -s)
os_VENDOR=$(lsb_release -i -s)
fi
if [[ $os_VENDOR =~ (Debian|Ubuntu|LinuxMint) ]]; then
os_PACKAGE="deb"
@@ -561,8 +568,10 @@ function git_clone {
echo "the project to the \$PROJECTS variable in the job definition."
die $LINENO "Cloning not allowed in this configuration"
fi
# '--branch' can also take tags
git_timed clone $git_clone_flags $git_remote $git_dest --branch $git_ref
git_timed clone --no-checkout $git_clone_flags $git_remote $git_dest
cd $git_dest
git_timed fetch $git_clone_flags origin $git_ref
git_timed checkout FETCH_HEAD
elif [[ "$RECLONE" = "True" ]]; then
# if it does exist then simulate what clone does if asked to RECLONE
cd $git_dest
@@ -588,6 +597,18 @@ function git_clone {
fi
fi
# NOTE(ianw) 2022-04-13 : commit [1] has broken many assumptions
# about how we clone and work with repos. Mark them safe globally
# as a work-around.
#
# NOTE(danms): On bionic (and likely others) git-config may write
# ~stackuser/.gitconfig if not run with sudo -H. Using --system
# writes these changes to /etc/gitconfig which is more
# discoverable anyway.
#
# [1] https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9
sudo git config --system --add safe.directory ${git_dest}
# print out the results so we know what change was used in the logs
cd $git_dest
git show --oneline | head -1
@@ -1447,6 +1468,7 @@ function write_user_unit_file {
local command="$2"
local group=$3
local user=$4
local env_vars="$5"
local extra=""
if [[ -n "$group" ]]; then
extra="Group=$group"
@@ -1460,6 +1482,9 @@ function write_user_unit_file {
iniset -sudo $unitfile "Service" "KillMode" "process"
iniset -sudo $unitfile "Service" "TimeoutStopSec" "300"
iniset -sudo $unitfile "Service" "ExecReload" "$KILL_PATH -HUP \$MAINPID"
if [[ -n "$env_vars" ]] ; then
iniset -sudo $unitfile "Service" "Environment" "$env_vars"
fi
if [[ -n "$group" ]]; then
iniset -sudo $unitfile "Service" "Group" "$group"
fi
@@ -1474,6 +1499,7 @@ function write_uwsgi_user_unit_file {
local command="$2"
local group=$3
local user=$4
local env_vars="$5"
local unitfile="$SYSTEMD_DIR/$service"
mkdir -p $SYSTEMD_DIR
@@ -1488,6 +1514,9 @@ function write_uwsgi_user_unit_file {
iniset -sudo $unitfile "Service" "NotifyAccess" "all"
iniset -sudo $unitfile "Service" "RestartForceExitStatus" "100"
if [[ -n "$env_vars" ]] ; then
iniset -sudo $unitfile "Service" "Environment" "$env_vars"
fi
if [[ -n "$group" ]]; then
iniset -sudo $unitfile "Service" "Group" "$group"
fi
@@ -1535,10 +1564,14 @@ function _run_under_systemd {
local systemd_service="devstack@$service.service"
local group=$3
local user=${4:-$STACK_USER}
if [[ -z "$user" ]]; then
user=$STACK_USER
fi
local env_vars="$5"
if [[ "$command" =~ "uwsgi" ]] ; then
write_uwsgi_user_unit_file $systemd_service "$cmd" "$group" "$user"
write_uwsgi_user_unit_file $systemd_service "$cmd" "$group" "$user" "$env_vars"
else
write_user_unit_file $systemd_service "$cmd" "$group" "$user"
write_user_unit_file $systemd_service "$cmd" "$group" "$user" "$env_vars"
fi
$SYSTEMCTL enable $systemd_service
@@ -1559,18 +1592,20 @@ function is_running {
# If the command includes shell metachatacters (;<>*) it must be run using a shell
# If an optional group is provided sg will be used to run the
# command as that group.
# run_process service "command-line" [group] [user]
# run_process service "command-line" [group] [user] [env_vars]
# env_vars must be a space separated list of variable assigments, ie: "A=1 B=2"
function run_process {
local service=$1
local command="$2"
local group=$3
local user=$4
local env_vars="$5"
local name=$service
time_start "run_process"
if is_service_enabled $service; then
_run_under_systemd "$name" "$command" "$group" "$user"
_run_under_systemd "$name" "$command" "$group" "$user" "$env_vars"
fi
time_stop "run_process"
}
+1 -1
View File
@@ -303,7 +303,7 @@ function write_uwsgi_config {
apache_conf=$(apache_site_config_for $name)
iniset "$file" uwsgi socket "$socket"
iniset "$file" uwsgi chmod-socket 666
echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}/\" retry=0 " | sudo tee -a $apache_conf
echo "ProxyPass \"${url}\" \"unix:${socket}|uwsgi://uwsgi-uds-${name}\" retry=0 " | sudo tee -a $apache_conf
enable_apache_site $name
restart_apache_server
fi
+31 -13
View File
@@ -91,6 +91,8 @@ CINDER_VOLUME_CLEAR=$(echo ${CINDER_VOLUME_CLEAR} | tr '[:upper:]' '[:lower:]')
# Default to lioadm
CINDER_ISCSI_HELPER=${CINDER_ISCSI_HELPER:-lioadm}
VOLUME_TYPE_MULTIATTACH=${VOLUME_TYPE_MULTIATTACH:-multiattach}
# EL and SUSE should only use lioadm
if is_fedora || is_suse; then
if [[ ${CINDER_ISCSI_HELPER} != "lioadm" ]]; then
@@ -549,8 +551,13 @@ function start_cinder {
fi
run_process c-sch "$CINDER_BIN_DIR/cinder-scheduler --config-file $CINDER_CONF"
run_process c-bak "$CINDER_BIN_DIR/cinder-backup --config-file $CINDER_CONF"
run_process c-vol "$CINDER_BIN_DIR/cinder-volume --config-file $CINDER_CONF"
# Tune glibc for Python Services using single malloc arena for all threads
# and disabling dynamic thresholds to reduce memory usage when using native
# threads directly or via eventlet.tpool
# https://www.gnu.org/software/libc/manual/html_node/Memory-Allocation-Tunables.html
malloc_tuning="MALLOC_ARENA_MAX=1 MALLOC_MMAP_THRESHOLD_=131072 MALLOC_TRIM_THRESHOLD_=262144"
run_process c-bak "$CINDER_BIN_DIR/cinder-backup --config-file $CINDER_CONF" "" "" "$malloc_tuning"
run_process c-vol "$CINDER_BIN_DIR/cinder-volume --config-file $CINDER_CONF" "" "" "$malloc_tuning"
# NOTE(jdg): For cinder, startup order matters. To ensure that repor_capabilities is received
# by the scheduler start the cinder-volume service last (or restart it) after the scheduler
@@ -565,6 +572,23 @@ function stop_cinder {
stop_process c-vol
}
function create_one_type {
type_name=$1
property_key=$2
property_value=$3
# NOTE (e0ne): openstack client doesn't work with cinder in noauth mode
if is_service_enabled keystone; then
openstack --os-region-name="$REGION_NAME" volume type create --property $property_key="$property_value" $type_name
else
# TODO (e0ne): use openstack client once it will support cinder in noauth mode:
# https://bugs.launchpad.net/python-cinderclient/+bug/1755279
local cinder_url
cinder_url=$CINDER_SERVICE_PROTOCOL://$SERVICE_HOST:$CINDER_SERVICE_PORT/v3
OS_USER_ID=$OS_USERNAME OS_PROJECT_ID=$OS_PROJECT_NAME cinder --os-auth-type noauth --os-endpoint=$cinder_url type-create $type_name
OS_USER_ID=$OS_USERNAME OS_PROJECT_ID=$OS_PROJECT_NAME cinder --os-auth-type noauth --os-endpoint=$cinder_url type-key $type_name set $property_key="$property_value"
fi
}
# create_volume_types() - Create Cinder's configured volume types
function create_volume_types {
# Create volume types
@@ -572,19 +596,13 @@ function create_volume_types {
local be be_name
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
be_name=${be##*:}
# NOTE (e0ne): openstack client doesn't work with cinder in noauth mode
if is_service_enabled keystone; then
openstack --os-region-name="$REGION_NAME" volume type create --property volume_backend_name="${be_name}" ${be_name}
else
# TODO (e0ne): use openstack client once it will support cinder in noauth mode:
# https://bugs.launchpad.net/python-cinderclient/+bug/1755279
local cinder_url
cinder_url=$CINDER_SERVICE_PROTOCOL://$SERVICE_HOST:$CINDER_SERVICE_PORT/v3
OS_USER_ID=$OS_USERNAME OS_PROJECT_ID=$OS_PROJECT_NAME cinder --os-auth-type noauth --os-endpoint=$cinder_url type-create ${be_name}
OS_USER_ID=$OS_USERNAME OS_PROJECT_ID=$OS_PROJECT_NAME cinder --os-auth-type noauth --os-endpoint=$cinder_url type-key ${be_name} set volume_backend_name=${be_name}
fi
create_one_type $be_name "volume_backend_name" $be_name
done
if [[ $ENABLE_VOLUME_MULTIATTACH == "True" ]]; then
create_one_type $VOLUME_TYPE_MULTIATTACH $VOLUME_TYPE_MULTIATTACH "<is> True"
fi
# Increase quota for the service project if glance is using cinder,
# since it's likely to occasionally go above the default 10 in parallel
# test execution.
+11 -1
View File
@@ -143,6 +143,16 @@ function configure_database_mysql {
iniset -sudo $my_conf mysqld log-queries-not-using-indexes 1
fi
if [[ "$MYSQL_REDUCE_MEMORY" == "True" ]]; then
iniset -sudo $my_conf mysqld read_buffer_size 64K
iniset -sudo $my_conf mysqld innodb_buffer_pool_size 16M
iniset -sudo $my_conf mysqld thread_stack 192K
iniset -sudo $my_conf mysqld thread_cache_size 8
iniset -sudo $my_conf mysqld tmp_table_size 8M
iniset -sudo $my_conf mysqld sort_buffer_size 8M
iniset -sudo $my_conf mysqld max_allowed_packet 8M
fi
restart_service $MYSQL_SERVICE_NAME
}
@@ -176,7 +186,7 @@ EOF
if is_oraclelinux; then
install_package mysql-community-server
elif is_fedora; then
install_package mariadb-server mariadb-devel
install_package mariadb-server mariadb-devel mariadb
sudo systemctl enable $MYSQL_SERVICE_NAME
elif is_suse; then
install_package mariadb-server
+7 -1
View File
@@ -133,6 +133,9 @@ Q_NOTIFY_NOVA_PORT_DATA_CHANGES=${Q_NOTIFY_NOVA_PORT_DATA_CHANGES:-True}
VIF_PLUGGING_IS_FATAL=${VIF_PLUGGING_IS_FATAL:-True}
VIF_PLUGGING_TIMEOUT=${VIF_PLUGGING_TIMEOUT:-300}
# Allow to skip stopping of OVN services
SKIP_STOP_OVN=${SKIP_STOP_OVN:-False}
# The directory which contains files for Q_PLUGIN_EXTRA_CONF_FILES.
# /etc/neutron is assumed by many of devstack plugins. Do not change.
_Q_PLUGIN_EXTRA_CONF_PATH=/etc/neutron
@@ -603,7 +606,7 @@ function stop_mutnauq {
stop_mutnauq_other
stop_mutnauq_l2_agent
if [[ $Q_AGENT == "ovn" ]]; then
if [[ $Q_AGENT == "ovn" && $SKIP_STOP_OVN != "True" ]]; then
stop_ovn
fi
}
@@ -896,6 +899,9 @@ function _configure_neutron_service {
configure_keystone_authtoken_middleware $NEUTRON_CONF nova nova
# Configuration for placement client
configure_keystone_authtoken_middleware $NEUTRON_CONF placement placement
# Configure plugin
neutron_plugin_configure_service
}
+4 -2
View File
@@ -383,6 +383,8 @@ function install_ovn {
sudo mkdir -p $OVS_PREFIX/var/log/ovn
sudo chown $(whoami) $OVS_PREFIX/var/log/ovn
else
# Load fixup_ovn_centos
source ${TOP_DIR}/tools/fixup_stuff.sh
fixup_ovn_centos
install_package $(get_packages openvswitch)
install_package $(get_packages ovn)
@@ -595,7 +597,7 @@ function _start_ovs {
dbcmd+=" --remote=db:hardware_vtep,Global,managers $OVS_DATADIR/vtep.db"
fi
dbcmd+=" $OVS_DATADIR/conf.db"
_run_process ovsdb-server "$dbcmd"
_run_process ovsdb-server "$dbcmd" "" "$STACK_GROUP" "root"
# Note: ovn-controller will create and configure br-int once it is started.
# So, no need to create it now because nothing depends on that bridge here.
@@ -683,7 +685,7 @@ function start_ovn {
local cmd="/bin/bash $SCRIPTDIR/ovn-ctl --no-monitor start_northd"
local stop_cmd="/bin/bash $SCRIPTDIR/ovn-ctl stop_northd"
_run_process ovn-northd "$cmd" "$stop_cmd"
_run_process ovn-northd "$cmd" "$stop_cmd" "$STACK_GROUP" "root"
else
_start_process "$OVN_NORTHD_SERVICE"
fi
+6
View File
@@ -86,9 +86,15 @@ function prepare_for_ovs_compilation {
install_package kernel-devel-$KERNEL_VERSION
install_package kernel-headers-$KERNEL_VERSION
if is_service_enabled tls-proxy; then
install_package openssl-devel
fi
elif is_ubuntu ; then
install_package linux-headers-$KERNEL_VERSION
if is_service_enabled tls-proxy; then
install_package libssl-dev
fi
fi
}
+13 -1
View File
@@ -298,6 +298,9 @@ function configure_nova {
fi
fi
# Ensure each compute host uses a unique iSCSI initiator
echo InitiatorName=$(iscsi-iname) | sudo tee /etc/iscsi/initiatorname.iscsi
if [[ ${ISCSID_DEBUG} == "True" ]]; then
# Install an override that starts iscsid with debugging
# enabled.
@@ -311,6 +314,14 @@ EOF
sudo systemctl daemon-reload
fi
# set chap algorithms. The default chap_algorithm is md5 which will
# not work under FIPS.
# FIXME(alee) For some reason, this breaks openeuler. Openeuler devs should weigh in
# and determine the correct solution for openeuler here
if ! is_openeuler; then
iniset -sudo /etc/iscsi/iscsid.conf DEFAULT "node.session.auth.chap_algs" "SHA3-256,SHA256"
fi
# ensure that iscsid is started, even when disabled by default
restart_service iscsid
fi
@@ -475,7 +486,8 @@ function create_nova_conf {
fi
# nova defaults to genisoimage but only mkisofs is available for 15.0+
if is_suse; then
# rhel provides mkisofs symlink to genisoimage or xorriso appropiately
if is_suse || is_fedora; then
iniset $NOVA_CONF DEFAULT mkisofs_cmd /usr/bin/mkisofs
fi
+134 -18
View File
@@ -58,7 +58,7 @@ BUILD_TIMEOUT=${BUILD_TIMEOUT:-196}
# This must be False on stable branches, as master tempest
# deps do not match stable branch deps. Set this to True to
# have tempest installed in DevStack by default.
INSTALL_TEMPEST=${INSTALL_TEMPEST:-"True"}
INSTALL_TEMPEST=${INSTALL_TEMPEST:-"False"}
# This variable is passed directly to pip install inside the common tox venv
# that is created
@@ -71,6 +71,17 @@ TEMPEST_VOLUME_VENDOR=${TEMPEST_VOLUME_VENDOR:-$TEMPEST_DEFAULT_VOLUME_VENDOR}
TEMPEST_DEFAULT_STORAGE_PROTOCOL="iSCSI"
TEMPEST_STORAGE_PROTOCOL=${TEMPEST_STORAGE_PROTOCOL:-$TEMPEST_DEFAULT_STORAGE_PROTOCOL}
# Glance/Image variables
# When Glance image import is enabled, image creation is asynchronous and images
# may not yet be active when tempest looks for them. In that case, we poll
# Glance every TEMPEST_GLANCE_IMPORT_POLL_INTERVAL seconds for the number of
# times specified by TEMPEST_GLANCE_IMPORT_POLL_LIMIT. If you are importing
# multiple images, set TEMPEST_GLANCE_IMAGE_COUNT so the poller does not quit
# too early (though it will not exceed the polling limit).
TEMPEST_GLANCE_IMPORT_POLL_INTERVAL=${TEMPEST_GLANCE_IMPORT_POLL_INTERVAL:-1}
TEMPEST_GLANCE_IMPORT_POLL_LIMIT=${TEMPEST_GLANCE_IMPORT_POLL_LIMIT:-12}
TEMPEST_GLANCE_IMAGE_COUNT=${TEMPEST_GLANCE_IMAGE_COUNT:-1}
# Neutron/Network variables
IPV6_ENABLED=$(trueorfalse True IPV6_ENABLED)
IPV6_SUBNET_ATTRIBUTES_ENABLED=$(trueorfalse True IPV6_SUBNET_ATTRIBUTES_ENABLED)
@@ -115,7 +126,16 @@ function set_tempest_venv_constraints {
local tmp_c
tmp_c=$1
if [[ $TEMPEST_VENV_UPPER_CONSTRAINTS == "master" ]]; then
(cd $REQUIREMENTS_DIR && git show origin/master:upper-constraints.txt) > $tmp_c
(cd $REQUIREMENTS_DIR &&
git show master:upper-constraints.txt 2>/dev/null ||
git show origin/master:upper-constraints.txt) > $tmp_c
# NOTE(gmann): we need to set the below env var pointing to master
# constraints even that is what default in tox.ini. Otherwise it can
# create the issue for grenade run where old and new devstack can have
# different tempest (old and master) to install. For detail problem,
# refer to the https://bugs.launchpad.net/devstack/+bug/2003993
export UPPER_CONSTRAINTS_FILE=https://releases.openstack.org/constraints/upper/master
export TOX_CONSTRAINTS_FILE=https://releases.openstack.org/constraints/upper/master
else
echo "Using $TEMPEST_VENV_UPPER_CONSTRAINTS constraints in Tempest virtual env."
cat $TEMPEST_VENV_UPPER_CONSTRAINTS > $tmp_c
@@ -126,6 +146,48 @@ function set_tempest_venv_constraints {
fi
}
# Makes a call to glance to get a list of active images, ignoring
# ramdisk and kernel images. Takes 3 arguments, an array and two
# variables. The array will contain the list of active image UUIDs;
# if an image with ``DEFAULT_IMAGE_NAME`` is found, its UUID will be
# set as the value of *both* other parameters.
function get_active_images {
declare -n img_array=$1
declare -n img_id=$2
declare -n img_id_alt=$3
# start with a fresh array in case we are called multiple times
img_array=()
while read -r IMAGE_NAME IMAGE_UUID; do
if [ "$IMAGE_NAME" = "$DEFAULT_IMAGE_NAME" ]; then
img_id="$IMAGE_UUID"
img_id_alt="$IMAGE_UUID"
fi
img_array+=($IMAGE_UUID)
done < <(openstack --os-cloud devstack-admin image list --property status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
}
function poll_glance_images {
declare -n image_array=$1
declare -n image_id=$2
declare -n image_id_alt=$3
local -i poll_count
poll_count=$TEMPEST_GLANCE_IMPORT_POLL_LIMIT
while (( poll_count-- > 0 )) ; do
sleep $TEMPEST_GLANCE_IMPORT_POLL_INTERVAL
get_active_images image_array image_id image_id_alt
if (( ${#image_array[*]} >= $TEMPEST_GLANCE_IMAGE_COUNT )) ; then
return
fi
done
local msg
msg="Polling limit of $TEMPEST_GLANCE_IMPORT_POLL_LIMIT exceeded; "
msg+="poll interval was $TEMPEST_GLANCE_IMPORT_POLL_INTERVAL sec"
warn $LINENO "$msg"
}
# configure_tempest() - Set config files, create data dirs, etc
function configure_tempest {
if [[ "$INSTALL_TEMPEST" == "True" ]]; then
@@ -167,13 +229,21 @@ function configure_tempest {
declare -a images
if is_service_enabled glance; then
while read -r IMAGE_NAME IMAGE_UUID; do
if [ "$IMAGE_NAME" = "$DEFAULT_IMAGE_NAME" ]; then
image_uuid="$IMAGE_UUID"
image_uuid_alt="$IMAGE_UUID"
get_active_images images image_uuid image_uuid_alt
if (( ${#images[*]} < $TEMPEST_GLANCE_IMAGE_COUNT )); then
# Glance image import is asynchronous and may be configured
# to do image conversion. If image import is being used,
# it's possible that this code is being executed before the
# import has completed and there may be no active images yet.
if [[ "$GLANCE_USE_IMPORT_WORKFLOW" == "True" ]]; then
poll_glance_images images image_uuid image_uuid_alt
if (( ${#images[*]} < $TEMPEST_GLANCE_IMAGE_COUNT )); then
echo "Only found ${#images[*]} image(s), was looking for $TEMPEST_GLANCE_IMAGE_COUNT"
exit 1
fi
fi
images+=($IMAGE_UUID)
done < <(openstack --os-cloud devstack-admin image list --property status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
fi
case "${#images[*]}" in
0)
@@ -393,7 +463,7 @@ function configure_tempest {
# NOTE- To avoid microversion tests failure on stable branch, we need to change "tempest_compute_max_microversion"
# for stable branch on each release which should be changed from "latest" to max supported version of that release.
local tempest_compute_min_microversion=${TEMPEST_COMPUTE_MIN_MICROVERSION:-None}
local tempest_compute_max_microversion=${TEMPEST_COMPUTE_MAX_MICROVERSION:-"latest"}
local tempest_compute_max_microversion=${TEMPEST_COMPUTE_MAX_MICROVERSION:-"2.90"}
# Reset microversions to None where v2.0 is running which does not support microversion.
# Both "None" means no microversion testing.
if [[ "$TEMPEST_COMPUTE_TYPE" == "compute_legacy" ]]; then
@@ -484,7 +554,7 @@ function configure_tempest {
fi
iniset $TEMPEST_CONFIG volume-feature-enabled volume_revert $(trueorfalse False TEMPEST_VOLUME_REVERT_TO_SNAPSHOT)
local tempest_volume_min_microversion=${TEMPEST_VOLUME_MIN_MICROVERSION:-None}
local tempest_volume_max_microversion=${TEMPEST_VOLUME_MAX_MICROVERSION:-"latest"}
local tempest_volume_max_microversion=${TEMPEST_VOLUME_MAX_MICROVERSION:-"3.66"}
if [ "$tempest_volume_min_microversion" == "None" ]; then
inicomment $TEMPEST_CONFIG volume min_microversion
else
@@ -533,13 +603,17 @@ function configure_tempest {
iniset $TEMPEST_CONFIG volume storage_protocol "$TEMPEST_STORAGE_PROTOCOL"
fi
if [[ $ENABLE_VOLUME_MULTIATTACH == "True" ]]; then
iniset $TEMPEST_CONFIG volume volume_type_multiattach $VOLUME_TYPE_MULTIATTACH
fi
# Placement Features
# Set the microversion range for placement.
# Setting [None, latest] range of microversion which allow Tempest to run all microversions tests.
# NOTE- To avoid microversion tests failure on stable branch, we need to change "tempest_placement_max_microversion"
# for stable branch on each release which should be changed from "latest" to max supported version of that release.
local tempest_placement_min_microversion=${TEMPEST_PLACEMENT_MIN_MICROVERSION:-None}
local tempest_placement_max_microversion=${TEMPEST_PLACEMENT_MAX_MICROVERSION:-"latest"}
local tempest_placement_max_microversion=${TEMPEST_PLACEMENT_MAX_MICROVERSION:-"1.38"}
if [ "$tempest_placement_min_microversion" == "None" ]; then
inicomment $TEMPEST_CONFIG placement min_microversion
else
@@ -601,6 +675,8 @@ function configure_tempest {
done
iniset $TEMPEST_CONFIG enforce_scope glance "$GLANCE_ENFORCE_SCOPE"
# NOTE(gmann): system scope is supported for <=stable/yoga only
iniset $TEMPEST_CONFIG glance_api system_scope_supported "True"
iniset $TEMPEST_CONFIG enforce_scope cinder "$CINDER_ENFORCE_SCOPE"
@@ -617,13 +693,13 @@ function configure_tempest {
local tmp_cfg_file
tmp_cfg_file=$(mktemp)
cd $TEMPEST_DIR
if [[ "$OFFLINE" != "True" ]]; then
tox -revenv-tempest --notest
fi
local tmp_u_c_m
tmp_u_c_m=$(mktemp -t tempest_u_c_m.XXXXXXXXXX)
set_tempest_venv_constraints $tmp_u_c_m
if [[ "$OFFLINE" != "True" ]]; then
tox -revenv-tempest --notest
fi
tox -evenv-tempest -- pip install -c $tmp_u_c_m -r requirements.txt
rm -f $tmp_u_c_m
@@ -660,7 +736,26 @@ function configure_tempest {
DISABLE_NETWORK_API_EXTENSIONS+=", l3_agent_scheduler"
fi
local network_api_extensions=${NETWORK_API_EXTENSIONS:-"all"}
DEFAULT_NET_EXT="address-scope,agent,allowed-address-pairs,auto-allocated-topology"
DEFAULT_NET_EXT+=",availability_zone,binding,default-subnetpools,dhcp_agent_scheduler"
DEFAULT_NET_EXT+=",dvr,ext-gw-mode,external-net,extra_dhcp_opt,extraroute,flavors"
DEFAULT_NET_EXT+=",l3-flavors,l3-ha,l3_agent_scheduler,multi-provider,net-mtu"
DEFAULT_NET_EXT+=",network-ip-availability,network_availability_zone,pagination"
DEFAULT_NET_EXT+=",port-security,project-id,provider,quotas,quota_details,rbac-policies"
DEFAULT_NET_EXT+=",revision-if-match,router,router_availability_zone,security-group,service-type,sorting"
DEFAULT_NET_EXT+=",standard-attr-description,standard-attr-revisions,standard-attr-tag,standard-attr-timestamp"
DEFAULT_NET_EXT+=",subnet-service-types,subnet_allocation,net-mtu-writable,ip-substring-filtering"
DEFAULT_NET_EXT+=",availability_zone_filter,filter-validation,empty-string-filtering,port-mac-address-regenerate"
DEFAULT_NET_EXT+=",port-security-groups-filtering,fip-port-details,binding-extended"
DEFAULT_NET_EXT+=",subnet_onboard,l3-port-ip-change-not-allowed,agent-resources-synced"
DEFAULT_NET_EXT+=",floatingip-pools,rbac-security-groups,subnetpool-prefix-ops,router-admin-state-down-before-update"
DEFAULT_NET_EXT+=",rbac-subnetpool,tag-ports-during-bulk-creation,stateful-security-group,address-group,extraroute-atomic"
DEFAULT_NET_EXT+=",port-numa-affinity-policy,rbac-address-scope,security-groups-remote-address-group,trunk,trunk-details"
DEFAULT_NET_EXT+=",rbac-address-group,port-device-profile"
#New in Xena
DEFAULT_NET_EXT+=",multiple-external-gateways,qos-pps-minimum,l3-ext-ndp-proxy,rbac-bgpvpn"
DEFAULT_NET_EXT+=",qos-pps,ecmp_routes,bgp,floating-ip-port-forwarding-port-ranges"
local network_api_extensions=${NETWORK_API_EXTENSIONS:-$DEFAULT_NET_EXT}
if [[ ! -z "$DISABLE_NETWORK_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
network_api_extensions=${NETWORK_API_EXTENSIONS:-$(iniget $tmp_cfg_file network-feature-enabled api_extensions | tr -d " ")}
@@ -672,7 +767,10 @@ function configure_tempest {
fi
iniset $TEMPEST_CONFIG network-feature-enabled api_extensions $network_api_extensions
# Swift API Extensions
local object_storage_api_extensions=${OBJECT_STORAGE_API_EXTENSIONS:-"all"}
DEFAULT_SWIFT_OPT="account_quotas,bulk_delete,bulk_upload,container_quotas"
DEFAULT_SWIFT_OPT+=",container_sync,crossdomain,formpost,ratelimit,slo"
DEFAULT_SWIFT_OPT+=",staticweb,tempauth,tempurl,versioned_writes"
local object_storage_api_extensions=${OBJECT_STORAGE_API_EXTENSIONS:-$DEFAULT_SWIFT_OPT}
if [[ ! -z "$DISABLE_OBJECT_STORAGE_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
object_storage_api_extensions=${OBJECT_STORAGE_API_EXTENSIONS:-$(iniget $tmp_cfg_file object-storage-feature-enabled discoverable_apis | tr -d " ")}
@@ -681,7 +779,20 @@ function configure_tempest {
fi
iniset $TEMPEST_CONFIG object-storage-feature-enabled discoverable_apis $object_storage_api_extensions
# Cinder API Extensions
local volume_api_extensions=${VOLUME_API_EXTENSIONS:-"all"}
DEFAULT_VOL_EXT="OS-SCH-HNT,backups,capabilities,cgsnapshots,consistencygroups"
DEFAULT_VOL_EXT+=",encryption,os-admin-actions,os-availability-zone"
DEFAULT_VOL_EXT+=",os-extended-services,os-extended-snapshot-attributes"
DEFAULT_VOL_EXT+=",os-hosts,os-quota-class-sets,os-quota-sets"
DEFAULT_VOL_EXT+=",os-services,os-snapshot-actions,os-snapshot-manage"
DEFAULT_VOL_EXT+=",os-snapshot-unmanage,os-types-extra-specs,os-types-manage"
DEFAULT_VOL_EXT+=",os-used-limits,os-vol-host-attr,os-vol-image-meta"
DEFAULT_VOL_EXT+=",os-vol-mig-status-attr,os-vol-tenant-attr,os-volume-actions"
DEFAULT_VOL_EXT+=",os-volume-encryption-metadata,os-volume-manage"
DEFAULT_VOL_EXT+=",os-volume-transfer,os-volume-type-access"
DEFAULT_VOL_EXT+=",os-volume-unmanage,qos-specs,scheduler-stats"
local volume_api_extensions=${VOLUME_API_EXTENSIONS:-$DEFAULT_VOL_EXT}
if [[ ! -z "$DISABLE_VOLUME_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
volume_api_extensions=${VOLUME_API_EXTENSIONS:-$(iniget $tmp_cfg_file volume-feature-enabled api_extensions | tr -d " ")}
@@ -697,7 +808,12 @@ function configure_tempest {
# install_tempest() - Collect source and prepare
function install_tempest {
git_clone $TEMPEST_REPO $TEMPEST_DIR $TEMPEST_BRANCH
pip_install 'tox!=2.8.0'
# NOTE(gmann): Pinning tox<4.0.0 for stable/zed and lower. Tox 4.0.0
# released after zed was released and has some incompatible changes
# and it is ok not to fix the issues caused by tox 4.0.0 in stable
# beanches jobs. We can continue testing the stable/zed and lower
# branches with tox<4.0.0
pip_install 'tox!=2.8.0,<4.0.0'
pushd $TEMPEST_DIR
# NOTE(gmann): checkout the TEMPEST_BRANCH in case TEMPEST_BRANCH
# is tag name not master. git_clone would not checkout tag because
+3 -3
View File
@@ -169,7 +169,7 @@ default_md = default
[ req ]
default_bits = 1024
default_md = sha1
default_md = sha256
prompt = no
distinguished_name = req_distinguished_name
@@ -261,7 +261,7 @@ function make_cert {
if [ ! -r "$ca_dir/$cert_name.crt" ]; then
# Generate a signing request
$OPENSSL req \
-sha1 \
-sha256 \
-newkey rsa \
-nodes \
-keyout $ca_dir/private/$cert_name.key \
@@ -301,7 +301,7 @@ function make_int_CA {
if [ ! -r "$ca_dir/cacert.pem" ]; then
# Create a signing certificate request
$OPENSSL req -config $ca_dir/ca.conf \
-sha1 \
-sha256 \
-newkey rsa \
-nodes \
-keyout $ca_dir/private/cacert.key \
+7 -1
View File
@@ -5,4 +5,10 @@
bindep_profile: test
bindep_dir: "{{ zuul_work_dir }}"
- test-setup
- ensure-tox
# NOTE(gmann): Pinning tox<4.0.0 for stable/zed and lower. Tox 4.0.0
# released after zed was released and has some incompatible changes
# and it is ok not to fix the issues caused by tox 4.0.0 in stable
# beanches jobs. We can continue testing the stable/zed and lower
# branches with tox<4.0.0
- role: ensure-tox
ensure_tox_version: "<4"
+7 -1
View File
@@ -6,6 +6,12 @@
bindep_profile: test
bindep_dir: "{{ zuul_work_dir }}"
- test-setup
- ensure-tox
# NOTE(gmann): Pinning tox<4.0.0 for stable/zed and lower. Tox 4.0.0
# released after zed was released and has some incompatible changes
# and it is ok not to fix the issues caused by tox 4.0.0 in stable
# beanches jobs. We can continue testing the stable/zed and lower
# branches with tox<4.0.0
- role: ensure-tox
ensure_tox_version: "<4"
- get-devstack-os-environment
- tox
@@ -43,9 +43,9 @@
base_branch={{ devstack_sources_branch }}
if git branch -a | grep "$base_branch" > /dev/null ; then
git checkout $base_branch
elif [[ "$base_branch" == stable/* ]]; then
elif [[ "$base_branch" == stable/* ]] || [[ "$base_branch" == unmaintained/* ]]; then
# Look for an eol tag for the stable branch.
eol_tag=${base_branch#stable/}-eol
eol_tag="${base_branch#*/}-eol"
if git tag -l |grep $eol_tag >/dev/null; then
git checkout $eol_tag
git reset --hard $eol_tag
+25 -8
View File
@@ -227,7 +227,7 @@ write_devstack_version
# Warn users who aren't on an explicitly supported distro, but allow them to
# override check and attempt installation with ``FORCE=yes ./stack``
SUPPORTED_DISTROS="focal|f34|opensuse-15.2|opensuse-tumbleweed|rhel8"
SUPPORTED_DISTROS="focal|f34|opensuse-15.2|opensuse-tumbleweed|rhel8|rhel9"
if [[ ! ${DISTRO} =~ $SUPPORTED_DISTROS ]]; then
echo "WARNING: this script has not been tested on $DISTRO"
@@ -300,13 +300,26 @@ function _install_epel {
}
function _install_rdo {
if [[ "$TARGET_BRANCH" == "master" ]]; then
# rdo-release.el8.rpm points to latest RDO release, use that for master
sudo dnf -y install https://rdoproject.org/repos/rdo-release.el8.rpm
else
# For stable branches use corresponding release rpm
rdo_release=$(echo $TARGET_BRANCH | sed "s|stable/||g")
sudo dnf -y install https://rdoproject.org/repos/openstack-${rdo_release}/rdo-release-${rdo_release}.el8.rpm
if [[ $DISTRO == "rhel8" ]]; then
if [[ "$TARGET_BRANCH" == "master" ]]; then
# rdo-release.el8.rpm points to latest RDO release, use that for master
sudo dnf -y install https://rdoproject.org/repos/rdo-release.el8.rpm
else
# For stable branches use corresponding release rpm
rdo_release=$(echo $TARGET_BRANCH | sed "s|stable/||g")
sudo dnf -y install https://rdoproject.org/repos/openstack-${rdo_release}/rdo-release-${rdo_release}.el8.rpm
fi
elif [[ $DISTRO == "rhel9" ]]; then
if [[ "$TARGET_BRANCH" == "master" ]]; then
# rdo-release.el9.rpm points to latest RDO release, use that for master
sudo dnf -y install https://rdoproject.org/repos/rdo-release.el9.rpm
else
# RDO didn't publish official releases for Xena and Wallaby, only RDO Trunk repos.
# Since the RDO Trunk server does not support EMS, FIPS jobs will fail to use it.
# Use "rdo-release-yoga" release rpm for both xena and wallaby jobs.
rdo_release="yoga"
sudo dnf -y install https://rdoproject.org/repos/openstack-${rdo_release}/rdo-release-${rdo_release}.el9.rpm
fi
fi
sudo dnf -y update
}
@@ -385,6 +398,10 @@ if [[ $DISTRO == "rhel8" ]]; then
# RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1154272
# Patch: https://github.com/rpm-software-management/dnf/pull/1448
echo "[]" | sudo tee /var/cache/dnf/expired_repos.json
elif [[ $DISTRO == "rhel9" ]]; then
sudo dnf config-manager --set-enabled crb
# rabbitmq and other packages are provided by RDO repositories.
_install_rdo
fi
# Ensure python is installed
+9 -4
View File
@@ -13,15 +13,15 @@ RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)
# Source required DevStack functions and globals
source $RC_DIR/functions
# Set the target branch. This is used so that stable branching
# Set the target branch. This is used so that unmaintained branching
# does not need to update each repo below.
TARGET_BRANCH=master
TARGET_BRANCH=unmaintained/xena
# Cycle trailing projects need to branch later than the others.
TRAILING_TARGET_BRANCH=master
# And some repos do not create stable branches, so this is used
# to make it explicit and avoid accidentally setting to a stable
# And some repos do not create unmaintained branches, so this is used
# to make it explicit and avoid accidentally setting to an unmaintained
# branch.
BRANCHLESS_TARGET_BRANCH=master
@@ -205,6 +205,11 @@ ADDITIONAL_VENV_PACKAGES=${ADITIONAL_VENV_PACKAGES:-""}
# (currently only implemented for MySQL backend)
DATABASE_QUERY_LOGGING=$(trueorfalse False DATABASE_QUERY_LOGGING)
# This can be used to reduce the amount of memory mysqld uses while running.
# These are unscientifically determined, and could reduce performance or
# cause other issues.
MYSQL_REDUCE_MEMORY=$(trueorfalse False MYSQL_REDUCE_MEMORY)
# Set a timeout for git operations. If git is still running when the
# timeout expires, the command will be retried up to 3 times. This is
# in the format for timeout(1);
-12
View File
@@ -95,19 +95,7 @@ function test_libs_exist {
echo "test_libs_exist PASSED"
}
function test_branch_master {
for lib in $ALL_LIBS; do
if [[ ${GITBRANCH[$lib]} != "master" ]]; then
echo "GITBRANCH for $lib not master (${GITBRANCH[$lib]})"
exit 1
fi
done
echo "test_branch_master PASSED"
}
set -o errexit
test_libs_exist
test_branch_master
test_all_libs_upto_date
+2
View File
@@ -167,6 +167,8 @@ function fixup_ubuntu {
# overwriting works. So this hacks around those packages that
# have been dragged in by some other system dependency
sudo rm -rf /usr/lib/python3/dist-packages/PyYAML-*.egg-info
sudo rm -rf /usr/lib/python3/dist-packages/pyasn1_modules-*.egg-info
sudo rm -rf /usr/lib/python3/dist-packages/simplejson-*.egg-info
}
function fixup_all {
+21 -12
View File
@@ -38,7 +38,7 @@ FILES=$TOP_DIR/files
# [1] https://opendev.org/openstack/project-config/src/branch/master/nodepool/elements/cache-devstack/source-repository-pip
PIP_GET_PIP_URL=${PIP_GET_PIP_URL:-"https://bootstrap.pypa.io/get-pip.py"}
LOCAL_PIP="$FILES/$(basename $PIP_GET_PIP_URL)"
PIP_GET_PIP36_URL=${PIP_GET_PIP36_URL:-"https://bootstrap.pypa.io/pip/3.6/get-pip.py"}
GetDistro
echo "Distro: $DISTRO"
@@ -57,12 +57,21 @@ function get_versions {
function install_get_pip {
if [[ "$PYTHON3_VERSION" = "3.6" ]]; then
_pip_url=$PIP_GET_PIP36_URL
_local_pip="$FILES/$(basename $_pip_url)-py36"
else
_pip_url=$PIP_GET_PIP_URL
_local_pip="$FILES/$(basename $_pip_url)"
fi
# If get-pip.py isn't python, delete it. This was probably an
# outage on the server.
if [[ -r $LOCAL_PIP ]]; then
if ! head -1 $LOCAL_PIP | grep -q '#!/usr/bin/env python'; then
echo "WARNING: Corrupt $LOCAL_PIP found removing"
rm $LOCAL_PIP
if [[ -r $_local_pip ]]; then
if ! head -1 $_local_pip | grep -q '#!/usr/bin/env python'; then
echo "WARNING: Corrupt $_local_pip found removing"
rm $_local_pip
fi
fi
@@ -76,20 +85,20 @@ function install_get_pip {
# Thus we use curl's "-z" feature to always check the modified
# since and only download if a new version is out -- but only if
# it seems we downloaded the file originally.
if [[ ! -r $LOCAL_PIP || -r $LOCAL_PIP.downloaded ]]; then
if [[ ! -r $_local_pip || -r $_local_pip.downloaded ]]; then
# only test freshness if LOCAL_PIP is actually there,
# otherwise we generate a scary warning.
local timecond=""
if [[ -r $LOCAL_PIP ]]; then
timecond="-z $LOCAL_PIP"
if [[ -r $_local_pip ]]; then
timecond="-z $_local_pip"
fi
curl -f --retry 6 --retry-delay 5 \
$timecond -o $LOCAL_PIP $PIP_GET_PIP_URL || \
$timecond -o $_local_pip $_pip_url || \
die $LINENO "Download of get-pip.py failed"
touch $LOCAL_PIP.downloaded
touch $_local_pip.downloaded
fi
sudo -H -E python${PYTHON3_VERSION} $LOCAL_PIP
sudo -H -E python${PYTHON3_VERSION} $_local_pip
}
@@ -118,7 +127,7 @@ if [[ -n $PYPI_ALTERNATIVE_URL ]]; then
configure_pypi_alternative_url
fi
if is_fedora && [[ ${DISTRO} == f* ]]; then
if is_fedora && [[ ${DISTRO} == f* || ${DISTRO} == rhel9 ]]; then
# get-pip.py will not install over the python3-pip package in
# Fedora 34 any more.
# https://bugzilla.redhat.com/show_bug.cgi?id=1988935
+1 -1
View File
@@ -35,7 +35,7 @@ commands = bash -c "find {toxinidir} \
[testenv:docs]
deps =
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/xena}
-r{toxinidir}/doc/requirements.txt
allowlist_externals = bash
setenv =
+5
View File
@@ -185,3 +185,8 @@ fi
clean_pyc_files
rm -Rf $DEST/async
# Clean any safe.directory items we wrote into the global
# gitconfig. We can identify the relevant ones by checking that they
# point to somewhere in our $DEST directory.
sudo sed -i "\+directory = ${DEST}+ d" /etc/gitconfig