Merge "Add liberasurecode-dev as a swift dependency"
diff --git a/doc/source/guides/devstack-with-lbaas-v2.rst b/doc/source/guides/devstack-with-lbaas-v2.rst
index 4e5f874..f3bd2fe 100644
--- a/doc/source/guides/devstack-with-lbaas-v2.rst
+++ b/doc/source/guides/devstack-with-lbaas-v2.rst
@@ -1,13 +1,17 @@
-Configure Load-Balancer in Kilo
+Configure Load-Balancer Version 2
=================================
-The Kilo release of OpenStack will support Version 2 of the neutron load balancer. Until now, using OpenStack `LBaaS V2 <http://docs.openstack.org/api/openstack-network/2.0/content/lbaas_ext.html>`_ has required a good understanding of neutron and LBaaS architecture and several manual steps.
+Starting in the OpenStack Liberty release, the
+`neutron LBaaS v2 API <http://developer.openstack.org/api-ref-networking-v2-ext.html>`_
+is now stable while the LBaaS v1 API has been deprecated. The LBaaS v2 reference
+driver is based on Octavia.
Phase 1: Create DevStack + 2 nova instances
--------------------------------------------
-First, set up a vm of your choice with at least 8 GB RAM and 16 GB disk space, make sure it is updated. Install git and any other developer tools you find useful.
+First, set up a vm of your choice with at least 8 GB RAM and 16 GB disk space,
+make sure it is updated. Install git and any other developer tools you find useful.
Install devstack
@@ -24,6 +28,7 @@
[[local|localrc]]
# Load the external LBaaS plugin.
enable_plugin neutron-lbaas https://git.openstack.org/openstack/neutron-lbaas
+ enable_plugin octavia https://git.openstack.org/openstack/octavia
# ===== BEGIN localrc =====
DATABASE_PASSWORD=password
@@ -42,13 +47,13 @@
ENABLED_SERVICES+=,horizon
# Nova
ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch
- IMAGE_URLS+=",https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img"
# Glance
ENABLED_SERVICES+=,g-api,g-reg
# Neutron
ENABLED_SERVICES+=,q-svc,q-agt,q-dhcp,q-l3,q-meta
- # Enable LBaaS V2
+ # Enable LBaaS v2
ENABLED_SERVICES+=,q-lbaasv2
+ ENABLED_SERVICES+=,octavia,o-cw,o-hk,o-hm,o-api
# Cinder
ENABLED_SERVICES+=,c-api,c-vol,c-sch
# Tempest
@@ -69,11 +74,11 @@
::
#create nova instances on private network
- nova boot --image $(nova image-list | awk '/ cirros-0.3.0-x86_64-disk / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node1
- nova boot --image $(nova image-list | awk '/ cirros-0.3.0-x86_64-disk / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node2
+ nova boot --image $(nova image-list | awk '/ cirros-.*-x86_64-uec / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node1
+ nova boot --image $(nova image-list | awk '/ cirros-.*-x86_64-uec / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node2
nova list # should show the nova instances just created
- #add secgroup rule to allow ssh etc..
+ #add secgroup rules to allow ssh etc..
neutron security-group-rule-create default --protocol icmp
neutron security-group-rule-create default --protocol tcp --port-range-min 22 --port-range-max 22
neutron security-group-rule-create default --protocol tcp --port-range-min 80 --port-range-max 80
@@ -91,9 +96,16 @@
::
neutron lbaas-loadbalancer-create --name lb1 private-subnet
+ neutron lbaas-loadbalancer-show lb1 # Wait for the provisioning_status to be ACTIVE.
neutron lbaas-listener-create --loadbalancer lb1 --protocol HTTP --protocol-port 80 --name listener1
+ sleep 10 # Sleep since LBaaS actions can take a few seconds depending on the environment.
neutron lbaas-pool-create --lb-algorithm ROUND_ROBIN --listener listener1 --protocol HTTP --name pool1
+ sleep 10
neutron lbaas-member-create --subnet private-subnet --address 10.0.0.3 --protocol-port 80 pool1
+ sleep 10
neutron lbaas-member-create --subnet private-subnet --address 10.0.0.5 --protocol-port 80 pool1
-Please note here that the "10.0.0.3" and "10.0.0.5" in the above commands are the IPs of the nodes (in my test run-thru, they were actually 10.2 and 10.4), and the address of the created LB will be reported as "vip_address" from the lbaas-loadbalancer-create, and a quick test of that LB is "curl that-lb-ip", which should alternate between showing the IPs of the two nodes.
+Please note here that the "10.0.0.3" and "10.0.0.5" in the above commands are the IPs of the nodes
+(in my test run-thru, they were actually 10.2 and 10.4), and the address of the created LB will be
+reported as "vip_address" from the lbaas-loadbalancer-create, and a quick test of that LB is
+"curl that-lb-ip", which should alternate between showing the IPs of the two nodes.
diff --git a/doc/source/plugins.rst b/doc/source/plugins.rst
index 8bd3797..b8da7e1 100644
--- a/doc/source/plugins.rst
+++ b/doc/source/plugins.rst
@@ -19,7 +19,16 @@
external repositories. The plugin interface assumes the following:
An external git repository that includes a ``devstack/`` top level
-directory. Inside this directory there can be 2 files.
+directory. Inside this directory there can be 3 files.
+
+- ``override_defaults`` - a file containing global variables that
+ will be sourced before the lib/* files. This allows the plugin
+ to override the defaults that are otherwise set in the lib/*
+ files.
+
+ For example, override_defaults may export CINDER_ENABLED_BACKENDS
+ to include the plugin-specific storage backend and thus be able
+ to override the default lvm only storage backend for Cinder.
- ``settings`` - a file containing global variables that will be
sourced very early in the process. This is helpful if other plugins
@@ -38,7 +47,7 @@
- ``plugin.sh`` - the actual plugin. It is executed by devstack at
well defined points during a ``stack.sh`` run. The plugin.sh
- internal structure is discussed bellow.
+ internal structure is discussed below.
Plugins are registered by adding the following to the localrc section
diff --git a/extras.d/README.md b/extras.d/README.md
index 7c2e4fe..4cec14b 100644
--- a/extras.d/README.md
+++ b/extras.d/README.md
@@ -14,10 +14,13 @@
entire `stack.sh` variable space is available. The scripts are
sourced with one or more arguments, the first of which defines the hook phase:
- source | stack | unstack | clean
+ override_defaults | source | stack | unstack | clean
- source: always called first in any of the scripts, used to set the
- initial defaults in a lib/* script or similar
+ override_defaults: always called first in any of the scripts, used to
+ override defaults (if need be) that are otherwise set in lib/* scripts
+
+ source: called by stack.sh. Used to set the initial defaults in a lib/*
+ script or similar
stack: called by stack.sh. There are four possible values for
the second arg to distinguish the phase stack.sh is in:
diff --git a/files/ebtables.workaround b/files/ebtables.workaround
new file mode 100644
index 0000000..c8af51f
--- /dev/null
+++ b/files/ebtables.workaround
@@ -0,0 +1,23 @@
+#!/bin/bash
+#
+# Copyright 2015 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#
+# This is a terrible, terrible, truly terrible work around for
+# environments that have libvirt < 1.2.11. ebtables requires that you
+# specifically tell it you would like to not race and get punched in
+# the face when 2 run at the same time with a --concurrent flag.
+
+flock -w 300 /var/lock/ebtables.nova /sbin/ebtables.real $@
diff --git a/files/rpms/general b/files/rpms/general
index 40b06f4..2804682 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -8,9 +8,9 @@
gettext # used for compiling message catalogs
git-core
graphviz # needed only for docs
-iptables-services # NOPRIME f21,f22
+iptables-services # NOPRIME f21,f22,f23
java-1.7.0-openjdk-headless # NOPRIME rhel7
-java-1.8.0-openjdk-headless # NOPRIME f21,f22
+java-1.8.0-openjdk-headless # NOPRIME f21,f22,f23
libffi-devel
libjpeg-turbo-devel # Pillow 3.0.0
libxml2-devel # lxml
diff --git a/lib/ceph b/lib/ceph
index 29d2aca..f573136 100644
--- a/lib/ceph
+++ b/lib/ceph
@@ -116,7 +116,7 @@
# check_os_support_ceph() - Check if the operating system provides a decent version of Ceph
function check_os_support_ceph {
- if [[ ! ${DISTRO} =~ (trusty|f21|f22) ]]; then
+ if [[ ! ${DISTRO} =~ (trusty|f21|f22|f23) ]]; then
echo "WARNING: your distro $DISTRO does not provide (at least) the Firefly release. Please use Ubuntu Trusty or Fedora 20 (and higher)"
if [[ "$FORCE_CEPH_INSTALL" != "yes" ]]; then
die $LINENO "If you wish to install Ceph on this distribution anyway run with FORCE_CEPH_INSTALL=yes"
diff --git a/lib/databases/mysql b/lib/databases/mysql
index c2ab32e..cc74b33 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -143,7 +143,7 @@
[client]
user=$DATABASE_USER
password=$DATABASE_PASSWORD
-host=$DATABASE_HOST
+host=$MYSQL_HOST
EOF
chmod 0600 $HOME/.my.cnf
fi
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
index 7b6f1c6..85f7fc0 100644
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -256,7 +256,7 @@
# If using GRE tunnels for tenant networks, specify the range of
# tunnel IDs from which tenant networks are allocated. Can be
-# overriden in ``localrc`` in necesssary.
+# overridden in ``localrc`` in necessary.
TENANT_TUNNEL_RANGES=${TENANT_TUNNEL_RANGES:-1:1000}
# To use VLANs for tenant networks, set to True in localrc. VLANs
@@ -536,7 +536,7 @@
if is_provider_network; then
die_if_not_set $LINENO PHYSICAL_NETWORK "You must specify the PHYSICAL_NETWORK"
- die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specifiy the PROVIDER_NETWORK_TYPE"
+ die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specify the PROVIDER_NETWORK_TYPE"
NET_ID=$(neutron net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" ${SEGMENTATION_ID:+--provider:segmentation_id $SEGMENTATION_ID} --shared | grep ' id ' | get_field 2)
die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PHYSICAL_NETWORK $TENANT_ID"
@@ -834,6 +834,10 @@
_move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False "inet"
if [[ $(ip -f inet6 a s dev "$OVS_PHYSICAL_BRIDGE" | grep -c 'global') != 0 ]]; then
+ # ip(8) wants the prefix length when deleting
+ local v6_gateway
+ v6_gateway=$(ip -6 a s dev $OVS_PHYSICAL_BRIDGE | grep $IPV6_PUBLIC_NETWORK_GATEWAY | awk '{ print $2 }')
+ sudo ip -6 addr del $v6_gateway dev $OVS_PHYSICAL_BRIDGE
_move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False "inet6"
fi
@@ -1122,7 +1126,7 @@
iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY
_neutron_setup_keystone $NEUTRON_CONF keystone_authtoken
- # Configuration for neutron notifations to nova.
+ # Configuration for neutron notifications to nova.
iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES
iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 78c5978..045fc8b 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -31,6 +31,11 @@
fi
install_package libvirt-bin libvirt-dev
pip_install_gr libvirt-python
+ if [[ "$EBTABLES_RACE_FIX" == "True" ]]; then
+ # Work around for bug #1501558. We can remove this once we
+ # get to a version of Ubuntu that has new enough libvirt.
+ TOP_DIR=$TOP_DIR $TOP_DIR/tools/install_ebtables_workaround.sh
+ fi
#pip_install_gr <there-si-no-guestfs-in-pypi>
elif is_fedora || is_suse; then
install_package kvm
diff --git a/lib/rpc_backend b/lib/rpc_backend
index 03eacd8..298dcb6 100644
--- a/lib/rpc_backend
+++ b/lib/rpc_backend
@@ -58,7 +58,7 @@
# NOTE(bnemec): Retry initial rabbitmq configuration to deal with
# the fact that sometimes it fails to start properly.
# Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1144100
- # NOTE(tonyb): Extend the orginal retry logic to only restart rabbitmq
+ # NOTE(tonyb): Extend the original retry logic to only restart rabbitmq
# every second time around the loop.
# See: https://bugs.launchpad.net/devstack/+bug/1449056 for details on
# why this is needed. This can bee seen on vivid and Debian unstable
@@ -106,7 +106,7 @@
fi
}
-# iniset cofiguration
+# iniset configuration
function iniset_rpc_backend {
local package=$1
local file=$2
diff --git a/lib/stack b/lib/stack
index 47e8ce2..7d98604 100644
--- a/lib/stack
+++ b/lib/stack
@@ -14,7 +14,7 @@
# Functions
# ---------
-# Generic service install handles venv creation if confgured for service
+# Generic service install handles venv creation if configured for service
# stack_install_service service
function stack_install_service {
local service=$1
diff --git a/lib/swift b/lib/swift
index ee0238d..d7ccc24 100644
--- a/lib/swift
+++ b/lib/swift
@@ -123,13 +123,13 @@
# trace through the logs when looking for its use.
SWIFT_LOG_TOKEN_LENGTH=${SWIFT_LOG_TOKEN_LENGTH:-12}
-# Set ``SWIFT_MAX_HEADER_SIZE`` to configure the maximun length of headers in
+# Set ``SWIFT_MAX_HEADER_SIZE`` to configure the maximum length of headers in
# Swift API
SWIFT_MAX_HEADER_SIZE=${SWIFT_MAX_HEADER_SIZE:-16384}
# Set ``OBJECT_PORT_BASE``, ``CONTAINER_PORT_BASE``, ``ACCOUNT_PORT_BASE``
-# Port bases used in port number calclution for the service "nodes"
-# The specified port number will be used, the additinal ports calculated by
+# Port bases used in port number calculation for the service "nodes"
+# The specified port number will be used, the additional ports calculated by
# base_port + node_num * 10
OBJECT_PORT_BASE=${OBJECT_PORT_BASE:-6613}
CONTAINER_PORT_BASE=${CONTAINER_PORT_BASE:-6611}
diff --git a/stack.sh b/stack.sh
index 9b811b7..537f81e 100755
--- a/stack.sh
+++ b/stack.sh
@@ -192,7 +192,7 @@
# Warn users who aren't on an explicitly supported distro, but allow them to
# override check and attempt installation with ``FORCE=yes ./stack``
-if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then
+if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|f23|rhel7) ]]; then
echo "WARNING: this script has not been tested on $DISTRO"
if [[ "$FORCE" != "yes" ]]; then
die $LINENO "If you wish to run this script anyway run with FORCE=yes"
@@ -925,8 +925,8 @@
restart_rpc_backend
-# Export Certicate Authority Bundle
-# ---------------------------------
+# Export Certificate Authority Bundle
+# -----------------------------------
# If certificates were used and written to the SSL bundle file then these
# should be exported so clients can validate their connections.
diff --git a/stackrc b/stackrc
index f400047..23a4a7c 100644
--- a/stackrc
+++ b/stackrc
@@ -766,6 +766,16 @@
# Use native SSL for servers in ``SSL_ENABLED_SERVICES``
USE_SSL=$(trueorfalse False USE_SSL)
+# ebtables is inherently racey. If you run it by two or more processes
+# simultaneously it will collide, badly, in the kernel and produce
+# failures or corruption of ebtables. The only way around it is for
+# all tools running ebtables to only ever do so with the --concurrent
+# flag. This requires libvirt >= 1.2.11.
+#
+# If you don't have this then the following work around will replace
+# ebtables with a wrapper script so that it is safe to run without
+# that flag.
+EBTABLES_RACE_FIX=$(trueorfalse False EBTABLES_RACE_FIX)
# Following entries need to be last items in file
diff --git a/tests/unittest.sh b/tests/unittest.sh
index df7a8b4..2570319 100644
--- a/tests/unittest.sh
+++ b/tests/unittest.sh
@@ -92,16 +92,17 @@
fi
}
-# print a summary of passing and failing tests, exiting
-# with an error if we have failed tests
+# Print a summary of passing and failing tests and exit
+# (with an error if we have failed tests)
# usage: report_results
function report_results {
echo "$PASS Tests PASSED"
- if [[ $ERROR -gt 1 ]]; then
+ if [[ $ERROR -gt 0 ]]; then
echo
echo "The following $ERROR tests FAILED"
echo -e "$FAILED_FUNCS"
echo "---"
exit 1
fi
+ exit 0
}
diff --git a/tools/install_ebtables_workaround.sh b/tools/install_ebtables_workaround.sh
new file mode 100755
index 0000000..45ced87
--- /dev/null
+++ b/tools/install_ebtables_workaround.sh
@@ -0,0 +1,31 @@
+#!/bin/bash -eu
+#
+# Copyright 2015 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#
+# This replaces the ebtables on your system with a wrapper script that
+# does implicit locking. This is needed if libvirt < 1.2.11 on your platform.
+
+EBTABLES=/sbin/ebtables
+EBTABLESREAL=/sbin/ebtables.real
+FILES=$TOP_DIR/files
+
+if [[ -f "$EBTABLES" ]]; then
+ if file $EBTABLES | grep ELF; then
+ sudo mv $EBTABLES $EBTABLESREAL
+ sudo install -m 0755 $FILES/ebtables.workaround $EBTABLES
+ echo "Replaced ebtables with locking workaround"
+ fi
+fi