Merge "Don't set external_network_bridge by default"
diff --git a/functions-common b/functions-common
index 8d32bb4..f0940e5 100644
--- a/functions-common
+++ b/functions-common
@@ -992,7 +992,7 @@
}
# Gets or creates endpoint
-# Usage: get_or_create_endpoint <service> <region> <publicurl> <adminurl> <internalurl>
+# Usage: get_or_create_endpoint <service> <region> <publicurl> [adminurl] [internalurl]
function get_or_create_endpoint {
# NOTE(jamielennnox): when converting to v3 endpoint creation we go from
# creating one endpoint with multiple urls to multiple endpoints each with
@@ -1004,9 +1004,13 @@
# endpoints they need.
local public_id
public_id=$(_get_or_create_endpoint_with_interface $1 public $3 $2)
- _get_or_create_endpoint_with_interface $1 admin $4 $2
- _get_or_create_endpoint_with_interface $1 internal $5 $2
-
+ # only create admin/internal urls if provided content for them
+ if [[ -n "$4" ]]; then
+ _get_or_create_endpoint_with_interface $1 admin $4 $2
+ fi
+ if [[ -n "$5" ]]; then
+ _get_or_create_endpoint_with_interface $1 internal $5 $2
+ fi
# return the public id to indicate success, and this is the endpoint most likely wanted
echo $public_id
}
diff --git a/lib/cinder b/lib/cinder
index 870ee0b..767fd00 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -125,12 +125,6 @@
done
fi
-# Change the default nova_catalog_info and nova_catalog_admin_info values in
-# cinder so that the service name cinder is searching for matches that set for
-# nova in keystone.
-CINDER_NOVA_CATALOG_INFO=${CINDER_NOVA_CATALOG_INFO:-compute:nova:publicURL}
-CINDER_NOVA_CATALOG_ADMIN_INFO=${CINDER_NOVA_CATALOG_ADMIN_INFO:-compute:nova:adminURL}
-
# Environment variables to configure the image-volume cache
CINDER_IMG_CACHE_ENABLED=${CINDER_IMG_CACHE_ENABLED:-True}
@@ -268,8 +262,15 @@
configure_auth_token_middleware $CINDER_CONF cinder $CINDER_AUTH_CACHE_DIR
- iniset $CINDER_CONF DEFAULT nova_catalog_info $CINDER_NOVA_CATALOG_INFO
- iniset $CINDER_CONF DEFAULT nova_catalog_admin_info $CINDER_NOVA_CATALOG_ADMIN_INFO
+ # Change the default nova_catalog_info and nova_catalog_admin_info values in
+ # cinder so that the service name cinder is searching for matches that set for
+ # nova in keystone.
+ if [[ -n "$CINDER_NOVA_CATALOG_INFO" ]]; then
+ iniset $CINDER_CONF DEFAULT nova_catalog_info $CINDER_NOVA_CATALOG_INFO
+ fi
+ if [[ -n "$CINDER_NOVA_CATALOG_ADMIN_INFO" ]]; then
+ iniset $CINDER_CONF DEFAULT nova_catalog_admin_info $CINDER_NOVA_CATALOG_ADMIN_INFO
+ fi
iniset $CINDER_CONF DEFAULT auth_strategy keystone
iniset $CINDER_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
@@ -395,24 +396,18 @@
get_or_create_endpoint \
"volume" \
"$REGION_NAME" \
- "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(project_id)s" \
- "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(project_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(project_id)s"
get_or_create_service "cinderv2" "volumev2" "Cinder Volume Service V2"
get_or_create_endpoint \
"volumev2" \
"$REGION_NAME" \
- "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(project_id)s" \
- "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(project_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(project_id)s"
get_or_create_service "cinderv3" "volumev3" "Cinder Volume Service V3"
get_or_create_endpoint \
"volumev3" \
"$REGION_NAME" \
- "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v3/\$(project_id)s" \
- "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v3/\$(project_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v3/\$(project_id)s"
configure_cinder_internal_tenant
diff --git a/lib/databases/mysql b/lib/databases/mysql
index 89ae082..7bbcace 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -94,7 +94,7 @@
# Change bind-address from localhost (127.0.0.1) to any (::) and
# set default db type to InnoDB
iniset -sudo $my_conf mysqld bind-address "$SERVICE_LISTEN_ADDRESS"
- iniset -sudo $my_conf mysqld sql_mode STRICT_ALL_TABLES
+ iniset -sudo $my_conf mysqld sql_mode TRADITIONAL
iniset -sudo $my_conf mysqld default-storage-engine InnoDB
iniset -sudo $my_conf mysqld max_connections 1024
iniset -sudo $my_conf mysqld query_cache_type OFF
diff --git a/lib/glance b/lib/glance
index 26c4150..58f1def 100644
--- a/lib/glance
+++ b/lib/glance
@@ -314,8 +314,6 @@
get_or_create_endpoint \
"image" \
"$REGION_NAME" \
- "$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
- "$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT"
# Note(frickler): Crude workaround for https://bugs.launchpad.net/glance-store/+bug/1620999
@@ -331,8 +329,6 @@
get_or_create_endpoint "artifact" \
"$REGION_NAME" \
- "$GLANCE_SERVICE_PROTOCOL://$GLANCE_GLARE_HOSTPORT" \
- "$GLANCE_SERVICE_PROTOCOL://$GLANCE_GLARE_HOSTPORT" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_GLARE_HOSTPORT"
fi
}
diff --git a/lib/keystone b/lib/keystone
index 474af8b..530f3b4 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -384,8 +384,7 @@
admin_project=$(openstack project show "admin" -f value -c id)
local admin_user
admin_user=$(openstack user show "admin" -f value -c id)
- local admin_role
- admin_role=$(openstack role show "admin" -f value -c id)
+ local admin_role="admin"
get_or_add_user_domain_role $admin_role $admin_user default
@@ -403,13 +402,20 @@
get_or_create_role ResellerAdmin
# The Member role is used by Horizon and Swift so we need to keep it:
- local member_role
- member_role=$(get_or_create_role "Member")
+ local member_role="member"
+
+ # Captial Member role is legacy hard coded in Horizon / Swift
+ # configs. Keep it around.
+ get_or_create_role "Member"
+
+ # The reality is that the rest of the roles listed below honestly
+ # should work by symbolic names.
+ get_or_create_role $member_role
# another_role demonstrates that an arbitrary role may be created and used
# TODO(sleepsonthefloor): show how this can be used for rbac in the future!
- local another_role
- another_role=$(get_or_create_role "anotherrole")
+ local another_role="anotherrole"
+ get_or_create_role $another_role
# invisible project - admin can't see this one
local invis_project
@@ -654,8 +660,7 @@
--bootstrap-service-name keystone \
--bootstrap-region-id "$REGION_NAME" \
--bootstrap-admin-url "$KEYSTONE_AUTH_URI" \
- --bootstrap-public-url "$KEYSTONE_SERVICE_URI" \
- --bootstrap-internal-url "$KEYSTONE_SERVICE_URI"
+ --bootstrap-public-url "$KEYSTONE_SERVICE_URI"
}
# Restore xtrace
diff --git a/lib/neutron b/lib/neutron
index 9b032b7..19568ea 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -330,8 +330,6 @@
"network" "Neutron Service")
get_or_create_endpoint $neutron_service \
"$REGION_NAME" \
- "$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/" \
- "$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/" \
"$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/"
fi
}
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
index af91470..b381b64 100644
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -410,8 +410,6 @@
get_or_create_endpoint \
"network" \
"$REGION_NAME" \
- "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
- "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/"
fi
}
diff --git a/lib/neutron_plugins/services/l3 b/lib/neutron_plugins/services/l3
index cead46f..e87a30c 100644
--- a/lib/neutron_plugins/services/l3
+++ b/lib/neutron_plugins/services/l3
@@ -385,7 +385,7 @@
# If the external network has not already been set as the default router
# gateway when configuring an IPv4 public subnet, do so now
if [[ "$IP_VERSION" == "6" ]]; then
- openstack --os-cloud devstack-admin --os-region "$REGION_NAME" set --external-gateway $EXT_NET_ID $ROUTER_ID
+ openstack --os-cloud devstack-admin --os-region "$REGION_NAME" router set --external-gateway $EXT_NET_ID $ROUTER_ID
fi
# This logic is specific to using the l3-agent for layer 3
diff --git a/lib/nova b/lib/nova
index 4d336f6..4c26420 100644
--- a/lib/nova
+++ b/lib/nova
@@ -161,6 +161,14 @@
TEST_FLOATING_POOL=${TEST_FLOATING_POOL:-test}
TEST_FLOATING_RANGE=${TEST_FLOATING_RANGE:-192.168.253.0/29}
+# Other Nova configurations
+# ----------------------------
+
+# ``NOVA_USE_SERVICE_TOKEN`` is a mode where service token is passed along with
+# user token while communicating to external RESP API's like Neutron, Cinder
+# and Glance.
+NOVA_USE_SERVICE_TOKEN=$(trueorfalse False NOVA_USE_SERVICE_TOKEN)
+
# Functions
# ---------
@@ -407,16 +415,12 @@
get_or_create_endpoint \
"compute_legacy" \
"$REGION_NAME" \
- "$nova_api_url/v2/\$(project_id)s" \
- "$nova_api_url/v2/\$(project_id)s" \
"$nova_api_url/v2/\$(project_id)s"
get_or_create_service "nova" "compute" "Nova Compute Service"
get_or_create_endpoint \
"compute" \
"$REGION_NAME" \
- "$nova_api_url/v2.1" \
- "$nova_api_url/v2.1" \
"$nova_api_url/v2.1"
fi
@@ -618,6 +622,22 @@
fi
iniset $NOVA_CONF DEFAULT dhcpbridge_flagfile "$NOVA_CONF_DIR/nova-dhcpbridge.conf"
+
+ if [ "$NOVA_USE_SERVICE_TOKEN" == "True" ]; then
+ init_nova_service_user_conf
+ fi
+}
+
+function init_nova_service_user_conf {
+ iniset $NOVA_CONF service_user send_service_user_token True
+ iniset $NOVA_CONF service_user auth_type password
+ iniset $NOVA_CONF service_user auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT"
+ iniset $NOVA_CONF service_user username nova
+ iniset $NOVA_CONF service_user password "$SERVICE_PASSWORD"
+ iniset $NOVA_CONF service_user user_domain_name "$SERVICE_DOMAIN_NAME"
+ iniset $NOVA_CONF service_user project_name "$SERVICE_PROJECT_NAME"
+ iniset $NOVA_CONF service_user project_domain_name "$SERVICE_DOMAIN_NAME"
+ iniset $NOVA_CONF service_user auth_strategy keystone
}
function init_nova_cells {
diff --git a/lib/placement b/lib/placement
index 871e282..e7ffe33 100644
--- a/lib/placement
+++ b/lib/placement
@@ -132,8 +132,6 @@
get_or_create_endpoint \
"placement" \
"$REGION_NAME" \
- "$placement_api_url" \
- "$placement_api_url" \
"$placement_api_url"
}
diff --git a/lib/swift b/lib/swift
index 03fd454..5b510e5 100644
--- a/lib/swift
+++ b/lib/swift
@@ -636,8 +636,7 @@
"object-store" \
"$REGION_NAME" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(project_id)s" \
- "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT" \
- "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(project_id)s"
+ "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT"
local swift_project_test1
swift_project_test1=$(get_or_create_project swiftprojecttest1 default)
diff --git a/lib/tempest b/lib/tempest
index 937436d..128e972 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -48,10 +48,6 @@
TEMPEST_CONFIG=$TEMPEST_CONFIG_DIR/tempest.conf
TEMPEST_STATE_PATH=${TEMPEST_STATE_PATH:=$DATA_DIR/tempest}
-NOVA_SOURCE_DIR=$DEST/nova
-
-BUILD_INTERVAL=1
-
# This is the timeout that tempest will wait for a VM to change state,
# spawn, delete, etc.
# The default is set to 196 seconds.
@@ -415,14 +411,11 @@
iniset $TEMPEST_CONFIG scenario img_disk_format vhd
iniset $TEMPEST_CONFIG scenario img_container_format ovf
else
- SCENARIO_IMAGE_DIR=${SCENARIO_IMAGE_DIR:-$FILES/images/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec}
- SCENARIO_IMAGE_FILE="cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img"
+ SCENARIO_IMAGE_DIR=${SCENARIO_IMAGE_DIR:-$FILES}
+ SCENARIO_IMAGE_FILE=$DEFAULT_IMAGE_NAME
fi
iniset $TEMPEST_CONFIG scenario img_dir $SCENARIO_IMAGE_DIR
iniset $TEMPEST_CONFIG scenario img_file $SCENARIO_IMAGE_FILE
- iniset $TEMPEST_CONFIG scenario ami_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-blank.img"
- iniset $TEMPEST_CONFIG scenario ari_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-initrd"
- iniset $TEMPEST_CONFIG scenario aki_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-vmlinuz"
# If using provider networking, use the physical network for validation rather than private
TEMPEST_SSH_NETWORK_NAME=$PRIVATE_NETWORK_NAME
@@ -442,10 +435,10 @@
TEMPEST_VOLUME_MANAGE_SNAPSHOT=${TEMPEST_VOLUME_MANAGE_SNAPSHOT:-True}
fi
iniset $TEMPEST_CONFIG volume-feature-enabled manage_snapshot $(trueorfalse False TEMPEST_VOLUME_MANAGE_SNAPSHOT)
- # TODO(ynesenenko): Remove the volume_services flag when Liberty and Kilo will correct work with host info.
- iniset $TEMPEST_CONFIG volume-feature-enabled volume_services True
+
# TODO(ameade): Remove the api_v3 flag when Mitaka and Liberty are end of life.
iniset $TEMPEST_CONFIG volume-feature-enabled api_v3 True
+ iniset $TEMPEST_CONFIG volume-feature-enabled api_v1 $(trueorfalse False TEMPEST_VOLUME_API_V1)
local tempest_volume_min_microversion=${TEMPEST_VOLUME_MIN_MICROVERSION:-None}
local tempest_volume_max_microversion=${TEMPEST_VOLUME_MAX_MICROVERSION:-"latest"}
if [ "$tempest_volume_min_microversion" == "None" ]; then
diff --git a/lib/tls b/lib/tls
index e044066..f9ef554 100644
--- a/lib/tls
+++ b/lib/tls
@@ -524,7 +524,7 @@
KeepAlive Off
<Location />
- ProxyPass http://$b_host:$b_port/ retry=5 disablereuse=on keepalive=off nocanon
+ ProxyPass http://$b_host:$b_port/ retry=5 nocanon
ProxyPassReverse http://$b_host:$b_port/
</Location>
ErrorLog $APACHE_LOG_DIR/tls-proxy_error.log
diff --git a/stackrc b/stackrc
index d8d0ee4..afe385c 100644
--- a/stackrc
+++ b/stackrc
@@ -614,7 +614,7 @@
#IMAGE_URLS="http://smoser.brickies.net/ubuntu/ttylinux-uec/ttylinux-uec-amd64-11.2_2.6.35-15_1.tar.gz" # old ttylinux-uec image
#IMAGE_URLS="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img" # cirros full disk image
-CIRROS_VERSION=${CIRROS_VERSION:-"0.3.4"}
+CIRROS_VERSION=${CIRROS_VERSION:-"0.3.5"}
CIRROS_ARCH=${CIRROS_ARCH:-"x86_64"}
# Set default image based on ``VIRT_DRIVER`` and ``LIBVIRT_TYPE``, either of
@@ -634,9 +634,9 @@
lxc) # the cirros root disk in the uec tarball is empty, so it will not work for lxc
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-rootfs}
IMAGE_URLS+="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-rootfs.img.gz";;
- *) # otherwise, use the uec style image (with kernel, ramdisk, disk)
- DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec}
- IMAGE_URLS+="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec.tar.gz";;
+ *) # otherwise, use the qcow image
+ DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img}
+ IMAGE_URLS+="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img";;
esac
;;
vsphere)
@@ -650,9 +650,9 @@
# NOTE(lucasagomes): The logic setting the default image
# now lives in the Ironic tree
;;
- *) # Default to Cirros with kernel, ramdisk and disk image
- DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec}
- IMAGE_URLS+="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec.tar.gz";;
+ *) # Default to Cirros qcow2 image file
+ DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img}
+ IMAGE_URLS+="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img";;
esac
DOWNLOAD_DEFAULT_IMAGES=False
fi
diff --git a/tools/worlddump.py b/tools/worlddump.py
index 1ce931e..1244dfb 100755
--- a/tools/worlddump.py
+++ b/tools/worlddump.py
@@ -17,6 +17,8 @@
"""Dump the state of the world for post mortem."""
+from __future__ import print_function
+
import argparse
import datetime
from distutils import spawn