Merge "Install kernel-modules package on fedora"
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
index 3562bfa..7aca8d0 100644
--- a/doc/source/faq.rst
+++ b/doc/source/faq.rst
@@ -54,7 +54,7 @@
releases other than those documented in ``README.md`` on a best-effort
basis.
-Are there any differences between Ubuntu and Centos/Fedora support?
+Are there any differences between Ubuntu and CentOS/Fedora support?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Both should work well and are tested by DevStack CI.
@@ -146,7 +146,7 @@
Upstream DevStack is only tested with master and stable
-branches. Setting custom BRANCH definitions is not guarunteed to
+branches. Setting custom BRANCH definitions is not guaranteed to
produce working results.
What can I do about RabbitMQ not wanting to start on my fresh new VM?
diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst
index 5891f68..ee29087 100644
--- a/doc/source/guides/neutron.rst
+++ b/doc/source/guides/neutron.rst
@@ -35,7 +35,7 @@
network hardware_network {
address = "172.18.161.0/24"
router [ address = "172.18.161.1" ];
- devstack_laptop [ address = "172.18.161.6" ];
+ devstack-1 [ address = "172.18.161.6" ];
}
}
@@ -43,9 +43,13 @@
DevStack Configuration
----------------------
+The following is a complete `local.conf` for the host named
+`devstack-1`. It will run all the API and services, as well as
+serving as a hypervisor for guest instances.
::
+ [[local|localrc]]
HOST_IP=172.18.161.6
SERVICE_HOST=172.18.161.6
MYSQL_HOST=172.18.161.6
@@ -57,6 +61,12 @@
SERVICE_PASSWORD=secrete
SERVICE_TOKEN=secrete
+ # Do not use Nova-Network
+ disable_service n-net
+ # Enable Neutron
+ ENABLED_SERVICES+=,q-svc,q-dhcp,q-meta,q-agt,q-l3
+
+
## Neutron options
Q_USE_SECGROUP=True
FLOATING_RANGE="172.18.161.0/24"
@@ -71,6 +81,166 @@
OVS_BRIDGE_MAPPINGS=public:br-ex
+Adding Additional Compute Nodes
+-------------------------------
+
+Let's suppose that after installing DevStack on the first host, you
+also want to do multinode testing and networking.
+
+Physical Network Setup
+~~~~~~~~~~~~~~~~~~~~~~
+
+.. nwdiag::
+
+ nwdiag {
+ inet [ shape = cloud ];
+ router;
+ inet -- router;
+
+ network hardware_network {
+ address = "172.18.161.0/24"
+ router [ address = "172.18.161.1" ];
+ devstack-1 [ address = "172.18.161.6" ];
+ devstack-2 [ address = "172.18.161.7" ];
+ }
+ }
+
+
+After DevStack installs and configures Neutron, traffic from guest VMs
+flows out of `devstack-2` (the compute node) and is encapsulated in a
+VXLAN tunnel back to `devstack-1` (the control node) where the L3
+agent is running.
+
+::
+
+ stack@devstack-2:~/devstack$ sudo ovs-vsctl show
+ 8992d965-0ba0-42fd-90e9-20ecc528bc29
+ Bridge br-int
+ fail_mode: secure
+ Port br-int
+ Interface br-int
+ type: internal
+ Port patch-tun
+ Interface patch-tun
+ type: patch
+ options: {peer=patch-int}
+ Bridge br-tun
+ fail_mode: secure
+ Port "vxlan-c0a801f6"
+ Interface "vxlan-c0a801f6"
+ type: vxlan
+ options: {df_default="true", in_key=flow, local_ip="172.18.161.7", out_key=flow, remote_ip="172.18.161.6"}
+ Port patch-int
+ Interface patch-int
+ type: patch
+ options: {peer=patch-tun}
+ Port br-tun
+ Interface br-tun
+ type: internal
+ ovs_version: "2.0.2"
+
+Open vSwitch on the control node, where the L3 agent runs, is
+configured to de-encapsulate traffic from compute nodes, then forward
+it over the `br-ex` bridge, where `eth0` is attached.
+
+::
+
+ stack@devstack-1:~/devstack$ sudo ovs-vsctl show
+ 422adeea-48d1-4a1f-98b1-8e7239077964
+ Bridge br-tun
+ fail_mode: secure
+ Port br-tun
+ Interface br-tun
+ type: internal
+ Port patch-int
+ Interface patch-int
+ type: patch
+ options: {peer=patch-tun}
+ Port "vxlan-c0a801d8"
+ Interface "vxlan-c0a801d8"
+ type: vxlan
+ options: {df_default="true", in_key=flow, local_ip="172.18.161.6", out_key=flow, remote_ip="172.18.161.7"}
+ Bridge br-ex
+ Port phy-br-ex
+ Interface phy-br-ex
+ type: patch
+ options: {peer=int-br-ex}
+ Port "eth0"
+ Interface "eth0"
+ Port br-ex
+ Interface br-ex
+ type: internal
+ Bridge br-int
+ fail_mode: secure
+ Port "tapce66332d-ea"
+ tag: 1
+ Interface "tapce66332d-ea"
+ type: internal
+ Port "qg-65e5a4b9-15"
+ tag: 2
+ Interface "qg-65e5a4b9-15"
+ type: internal
+ Port "qr-33e5e471-88"
+ tag: 1
+ Interface "qr-33e5e471-88"
+ type: internal
+ Port "qr-acbe9951-70"
+ tag: 1
+ Interface "qr-acbe9951-70"
+ type: internal
+ Port br-int
+ Interface br-int
+ type: internal
+ Port patch-tun
+ Interface patch-tun
+ type: patch
+ options: {peer=patch-int}
+ Port int-br-ex
+ Interface int-br-ex
+ type: patch
+ options: {peer=phy-br-ex}
+ ovs_version: "2.0.2"
+
+`br-int` is a bridge that the Open vSwitch mechanism driver creates,
+which is used as the "integration bridge" where ports are created, and
+plugged into the virtual switching fabric. `br-ex` is an OVS bridge
+that is used to connect physical ports (like `eth0`), so that floating
+IP traffic for tenants can be received from the physical network
+infrastructure (and the internet), and routed to tenant network ports.
+`br-tun` is a tunnel bridge that is used to connect OpenStack nodes
+(like `devstack-2`) together. This bridge is used so that tenant
+network traffic, using the VXLAN tunneling protocol, flows between
+each compute node where tenant instances run.
+
+
+
+DevStack Compute Configuration
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The host `devstack-2` has a very minimal `local.conf`.
+
+::
+
+ [[local|localrc]]
+ HOST_IP=172.18.161.7
+ SERVICE_HOST=172.18.161.6
+ MYSQL_HOST=172.18.161.6
+ RABBIT_HOST=172.18.161.6
+ GLANCE_HOSTPORT=172.18.161.6:9292
+ ADMIN_PASSWORD=secrete
+ MYSQL_PASSWORD=secrete
+ RABBIT_PASSWORD=secrete
+ SERVICE_PASSWORD=secrete
+ SERVICE_TOKEN=secrete
+
+ ## Neutron options
+ PUBLIC_INTERFACE=eth0
+ ENABLED_SERVICES=n-cpu,rabbit,q-agt
+
+Network traffic from `eth0` on the compute nodes is then NAT'd by the
+controller node that runs Neutron's `neutron-l3-agent` and provides L3
+connectivity.
+
Neutron Networking with Open vSwitch and Provider Networks
==========================================================
diff --git a/files/debs/general b/files/debs/general
index 9b27156..1215147 100644
--- a/files/debs/general
+++ b/files/debs/general
@@ -8,6 +8,7 @@
graphviz # needed for docs
iputils-ping
libffi-dev # for pyOpenSSL
+libjpeg-dev # Pillow 3.0.0
libmysqlclient-dev # MySQL-python
libpq-dev # psycopg2
libssl-dev # for pyOpenSSL
diff --git a/files/rpms-suse/general b/files/rpms-suse/general
index 651243d..34a2955 100644
--- a/files/rpms-suse/general
+++ b/files/rpms-suse/general
@@ -9,6 +9,7 @@
graphviz # docs
iputils
libffi-devel # pyOpenSSL
+libjpeg8-devel # Pillow 3.0.0
libmysqlclient-devel # MySQL-python
libopenssl-devel # to rebuild pyOpenSSL if needed
libxslt-devel # lxml
@@ -26,3 +27,4 @@
tcpdump
unzip
wget
+zlib-devel
diff --git a/files/rpms/general b/files/rpms/general
index cfd9479..40b06f4 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -12,6 +12,7 @@
java-1.7.0-openjdk-headless # NOPRIME rhel7
java-1.8.0-openjdk-headless # NOPRIME f21,f22
libffi-devel
+libjpeg-turbo-devel # Pillow 3.0.0
libxml2-devel # lxml
libxslt-devel # lxml
libyaml-devel
diff --git a/functions-common b/functions-common
index e252139..5c97aee 100644
--- a/functions-common
+++ b/functions-common
@@ -73,42 +73,39 @@
# - A `devstack-admin` entry for the `admin` user for the `admin` project.
# write_clouds_yaml
function write_clouds_yaml {
- local clouds_yaml
+ # The location is a variable to allow for easier refactoring later to make it
+ # overridable. There is currently no usecase where doing so makes sense, so
+ # it's not currently configurable.
- sudo mkdir -p /etc/openstack
+ CLOUDS_YAML=/etc/openstack/clouds.yaml
+
+ sudo mkdir -p $(dirname $CLOUDS_YAML)
sudo chown -R $STACK_USER /etc/openstack
- # XXX: to be removed, see https://review.openstack.org/237149/
- # careful not to sudo this, incase ~ is NFS mounted
- mkdir -p ~/.config/openstack
- for clouds_path in /etc/openstack ~/.config/openstack ; do
- clouds_yaml=$clouds_path/clouds.yaml
-
- CA_CERT_ARG=''
- if [ -f "$SSL_BUNDLE_FILE" ]; then
- CA_CERT_ARG="--os-cacert $SSL_BUNDLE_FILE"
- fi
- $TOP_DIR/tools/update_clouds_yaml.py \
- --file $clouds_yaml \
- --os-cloud devstack \
- --os-region-name $REGION_NAME \
- --os-identity-api-version 3 \
- $CA_CERT_ARG \
- --os-auth-url $KEYSTONE_AUTH_URI \
- --os-username demo \
- --os-password $ADMIN_PASSWORD \
- --os-project-name demo
- $TOP_DIR/tools/update_clouds_yaml.py \
- --file $clouds_yaml \
- --os-cloud devstack-admin \
- --os-region-name $REGION_NAME \
- --os-identity-api-version 3 \
- $CA_CERT_ARG \
- --os-auth-url $KEYSTONE_AUTH_URI \
- --os-username admin \
- --os-password $ADMIN_PASSWORD \
- --os-project-name admin
- done
+ CA_CERT_ARG=''
+ if [ -f "$SSL_BUNDLE_FILE" ]; then
+ CA_CERT_ARG="--os-cacert $SSL_BUNDLE_FILE"
+ fi
+ $TOP_DIR/tools/update_clouds_yaml.py \
+ --file $CLOUDS_YAML \
+ --os-cloud devstack \
+ --os-region-name $REGION_NAME \
+ --os-identity-api-version 3 \
+ $CA_CERT_ARG \
+ --os-auth-url $KEYSTONE_AUTH_URI \
+ --os-username demo \
+ --os-password $ADMIN_PASSWORD \
+ --os-project-name demo
+ $TOP_DIR/tools/update_clouds_yaml.py \
+ --file $CLOUDS_YAML \
+ --os-cloud devstack-admin \
+ --os-region-name $REGION_NAME \
+ --os-identity-api-version 3 \
+ $CA_CERT_ARG \
+ --os-auth-url $KEYSTONE_AUTH_URI \
+ --os-username admin \
+ --os-password $ADMIN_PASSWORD \
+ --os-project-name admin
}
# trueorfalse <True|False> <VAR>
@@ -1373,7 +1370,7 @@
# Helper to launch a process in a named screen
# Uses globals ``CURRENT_LOG_TIME``, ```LOGDIR``, ``SCREEN_LOGDIR``, `SCREEN_NAME``,
-# ``SERVICE_DIR``, ``USE_SCREEN``
+# ``SERVICE_DIR``, ``USE_SCREEN``, ``SCREEN_IS_LOGGING``
# screen_process name "command-line" [group]
# Run a command in a shell in a screen window, if an optional group
# is provided, use sg to set the group of the command.
@@ -1393,8 +1390,12 @@
echo "SCREEN_LOGDIR: $SCREEN_LOGDIR"
echo "log: $real_logfile"
if [[ -n ${LOGDIR} ]]; then
- screen -S $SCREEN_NAME -p $name -X logfile "$real_logfile"
- screen -S $SCREEN_NAME -p $name -X log on
+ if [[ "$SCREEN_IS_LOGGING" == "True" ]]; then
+ screen -S $SCREEN_NAME -p $name -X logfile "$real_logfile"
+ screen -S $SCREEN_NAME -p $name -X log on
+ fi
+ # If logging isn't active then avoid a broken symlink
+ touch "$real_logfile"
ln -sf "$real_logfile" ${LOGDIR}/${name}.log
if [[ -n ${SCREEN_LOGDIR} ]]; then
# Drop the backward-compat symlink
@@ -1433,7 +1434,7 @@
}
# Screen rc file builder
-# Uses globals ``SCREEN_NAME``, ``SCREENRC``
+# Uses globals ``SCREEN_NAME``, ``SCREENRC``, ``SCREEN_IS_LOGGING``
# screen_rc service "command-line"
function screen_rc {
SCREEN_NAME=${SCREEN_NAME:-stack}
@@ -1453,7 +1454,7 @@
echo "screen -t $1 bash" >> $SCREENRC
echo "stuff \"$2$NL\"" >> $SCREENRC
- if [[ -n ${LOGDIR} ]]; then
+ if [[ -n ${LOGDIR} ]] && [[ "$SCREEN_IS_LOGGING" == "True" ]]; then
echo "logfile ${LOGDIR}/${1}.log.${CURRENT_LOG_TIME}" >>$SCREENRC
echo "log on" >>$SCREENRC
fi
diff --git a/lib/zookeeper b/lib/zookeeper
index e62ba8a..6637d52 100644
--- a/lib/zookeeper
+++ b/lib/zookeeper
@@ -69,7 +69,12 @@
# start_zookeeper() - Start running processes, including screen
function start_zookeeper {
- start_service zookeeper
+ # Starting twice Zookeeper on Ubuntu exits with error code 1. See LP#1513741
+ # Match both systemd and sysvinit output
+ local running="(active \(running\)|start/running)"
+ if ! is_ubuntu || ! sudo /usr/sbin/service zookeeper status | egrep -q "$running"; then
+ start_service zookeeper
+ fi
}
# stop_zookeeper() - Stop running processes (non-screen)
diff --git a/stack.sh b/stack.sh
index 103e7e9..825ed96 100755
--- a/stack.sh
+++ b/stack.sh
@@ -93,6 +93,20 @@
exit 1
fi
+# OpenStack is designed to run at a system level, with system level
+# installation of python packages. It does not support running under a
+# virtual env, and will fail in really odd ways if you do this. Make
+# this explicit as it has come up on the mailing list.
+if [[ -n "$VIRTUAL_ENV" ]]; then
+ echo "You appear to be running under a python virtualenv."
+ echo "DevStack does not support this, as we my break the"
+ echo "virtualenv you are currently in by modifying "
+ echo "external system-level components the virtualenv relies on."
+ echo "We reccommend you use a separate virtual-machine if "
+ echo "you are worried about DevStack taking over your system."
+ exit 1
+fi
+
# Provide a safety switch for devstack. If you do a lot of devstack,
# on a lot of different environments, you sometimes run it on the
# wrong box. This makes there be a way to prevent that.
@@ -178,7 +192,7 @@
# Warn users who aren't on an explicitly supported distro, but allow them to
# override check and attempt installation with ``FORCE=yes ./stack``
-if [[ ! ${DISTRO} =~ (precise|trusty|vivid|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then
+if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then
echo "WARNING: this script has not been tested on $DISTRO"
if [[ "$FORCE" != "yes" ]]; then
die $LINENO "If you wish to run this script anyway run with FORCE=yes"
diff --git a/stackrc b/stackrc
index 3033b27..76a5756 100644
--- a/stackrc
+++ b/stackrc
@@ -103,6 +103,16 @@
# be disabled for automated testing by setting this value to False.
USE_SCREEN=True
+# When using screen, should we keep a log file on disk? You might
+# want this False if you have a long-running setup where verbose logs
+# can fill-up the host.
+# XXX: Ideally screen itself would be configured to log but just not
+# activate. This isn't possible with the screerc syntax. Temporary
+# logging can still be used by a developer with:
+# C-a : logfile foo
+# C-a : log on
+SCREEN_IS_LOGGING=$(trueorfalse True SCREEN_IS_LOGGING)
+
# Passwords generated by interactive devstack runs
if [[ -r $RC_DIR/.localrc.password ]]; then
source $RC_DIR/.localrc.password
diff --git a/tools/worlddump.py b/tools/worlddump.py
index 1b337a9..97e4d94 100755
--- a/tools/worlddump.py
+++ b/tools/worlddump.py
@@ -86,8 +86,10 @@
def ebtables_dump():
+ tables = ['filter', 'nat', 'broute']
_header("EB Tables Dump")
- _dump_cmd("sudo ebtables -L")
+ for table in tables:
+ _dump_cmd("sudo ebtables -t %s -L" % table)
def iptables_dump():