Merge "lib/cinder: Align endpoint creation code"
diff --git a/doc/requirements.txt b/doc/requirements.txt
index ffce3ff..7980b93 100644
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@@ -4,8 +4,4 @@
docutils
sphinx>=2.0.0,!=2.1.0 # BSD
openstackdocstheme>=2.2.1 # Apache-2.0
-nwdiag
-blockdiag
-sphinxcontrib-blockdiag
-sphinxcontrib-nwdiag
zuul-sphinx>=0.2.0
diff --git a/doc/source/assets/images/neutron-network-1.png b/doc/source/assets/images/neutron-network-1.png
new file mode 100644
index 0000000..7730ca9
--- /dev/null
+++ b/doc/source/assets/images/neutron-network-1.png
Binary files differ
diff --git a/doc/source/assets/images/neutron-network-2.png b/doc/source/assets/images/neutron-network-2.png
new file mode 100644
index 0000000..9199351
--- /dev/null
+++ b/doc/source/assets/images/neutron-network-2.png
Binary files differ
diff --git a/doc/source/assets/images/neutron-network-3.png b/doc/source/assets/images/neutron-network-3.png
new file mode 100644
index 0000000..34f03ed
--- /dev/null
+++ b/doc/source/assets/images/neutron-network-3.png
Binary files differ
diff --git a/doc/source/conf.py b/doc/source/conf.py
index 2e17da1..bb03572 100644
--- a/doc/source/conf.py
+++ b/doc/source/conf.py
@@ -23,14 +23,14 @@
# Add any Sphinx extension module names here, as strings. They can be extensions
# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
-extensions = [ 'sphinx.ext.autodoc',
- 'zuul_sphinx',
- 'openstackdocstheme',
- 'sphinxcontrib.blockdiag',
- 'sphinxcontrib.nwdiag' ]
+extensions = [
+ 'sphinx.ext.autodoc',
+ 'zuul_sphinx',
+ 'openstackdocstheme',
+]
# openstackdocstheme options
-openstackdocs_repo_name = 'openstack-dev/devstack'
+openstackdocs_repo_name = 'openstack/devstack'
openstackdocs_pdf_link = True
openstackdocs_bug_project = 'devstack'
openstackdocs_bug_tag = ''
diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst
index 2c25a1c..fb36b3e 100644
--- a/doc/source/guides/neutron.rst
+++ b/doc/source/guides/neutron.rst
@@ -41,19 +41,8 @@
`local.conf` exhibited here assumes that 1500 is a reasonable MTU to
use on that network.
-.. nwdiag::
-
- nwdiag {
- inet [ shape = cloud ];
- router;
- inet -- router;
-
- network hardware_network {
- address = "172.18.161.0/24"
- router [ address = "172.18.161.1" ];
- devstack-1 [ address = "172.18.161.6" ];
- }
- }
+.. image:: /assets/images/neutron-network-1.png
+ :alt: Network configuration for a single DevStack node
DevStack Configuration
@@ -100,21 +89,8 @@
Physical Network Setup
~~~~~~~~~~~~~~~~~~~~~~
-.. nwdiag::
-
- nwdiag {
- inet [ shape = cloud ];
- router;
- inet -- router;
-
- network hardware_network {
- address = "172.18.161.0/24"
- router [ address = "172.18.161.1" ];
- devstack-1 [ address = "172.18.161.6" ];
- devstack-2 [ address = "172.18.161.7" ];
- }
- }
-
+.. image:: /assets/images/neutron-network-2.png
+ :alt: Network configuration for multiple DevStack nodes
After DevStack installs and configures Neutron, traffic from guest VMs
flows out of `devstack-2` (the compute node) and is encapsulated in a
@@ -222,8 +198,6 @@
used so that project network traffic, using the VXLAN tunneling
protocol, flows between each compute node where project instances run.
-
-
DevStack Compute Configuration
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -268,30 +242,8 @@
Physical Network Setup
----------------------
-.. nwdiag::
-
- nwdiag {
- inet [ shape = cloud ];
- router;
- inet -- router;
-
- network provider_net {
- address = "203.0.113.0/24"
- router [ address = "203.0.113.1" ];
- controller;
- compute1;
- compute2;
- }
-
- network control_plane {
- router [ address = "10.0.0.1" ]
- address = "10.0.0.0/24"
- controller [ address = "10.0.0.2" ]
- compute1 [ address = "10.0.0.3" ]
- compute2 [ address = "10.0.0.4" ]
- }
- }
-
+.. image:: /assets/images/neutron-network-3.png
+ :alt: Network configuration for provider networks
On a compute node, the first interface, eth0 is used for the OpenStack
management (API, message bus, etc) as well as for ssh for an
diff --git a/doc/source/index.rst b/doc/source/index.rst
index a5a11e2..70871ef 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -133,6 +133,8 @@
You can ``source openrc`` in your shell, and then use the
``openstack`` command line tool to manage your devstack.
+You can :ref:`create a VM and SSH into it <ssh>`.
+
You can ``cd /opt/stack/tempest`` and run tempest tests that have
been configured to work with your devstack.
diff --git a/doc/source/networking.rst b/doc/source/networking.rst
index e65c7ef..05b4f34 100644
--- a/doc/source/networking.rst
+++ b/doc/source/networking.rst
@@ -68,7 +68,7 @@
.. warning::
This is not a recommended configuration. Because of interactions
- between ovs and bridging, if you reboot your box with active
+ between OVS and bridging, if you reboot your box with active
networking you may lose network connectivity to your system.
If you need your guests accessible on the network, but only have 1
@@ -114,3 +114,125 @@
``FIXED_RANGE_V6`` will just use the value of that directly.
``SUBNETPOOL_PREFIX_V6`` will just default to the value of
``IPV6_ADDRS_SAFE_TO_USE`` directly.
+
+.. _ssh:
+
+SSH access to instances
+=======================
+
+To validate connectivity, you can create an instance using the
+``$PRIVATE_NETWORK_NAME`` network (default: ``private``), create a floating IP
+using the ``$PUBLIC_NETWORK_NAME`` network (default: ``public``), and attach
+this floating IP to the instance:
+
+.. code-block:: shell
+
+ openstack keypair create --public-key ~/.ssh/id_rsa.pub test-keypair
+ openstack server create --network private --key-name test-keypair ... test-server
+ fip_id=$(openstack floating ip create public -f value -c id)
+ openstack server add floating ip test-server ${fip_id}
+
+Once done, ensure you have enabled SSH and ICMP (ping) access for the security
+group used for the instance. You can either create a custom security group and
+specify it when creating the instance or add it after creation, or you can
+modify the ``default`` security group created by default for each project.
+Let's do the latter:
+
+.. code-block:: shell
+
+ openstack security group rule create --proto icmp --dst-port 0 default
+ openstack security group rule create --proto tcp --dst-port 22 default
+
+Finally, SSH into the instance. If you used the Cirros instance uploaded by
+default, then you can run the following:
+
+.. code-block:: shell
+
+ openstack server ssh test-server -- -l cirros
+
+This will connect using the ``cirros`` user and the keypair you configured when
+creating the instance.
+
+Remote SSH access to instances
+==============================
+
+You can also SSH to created instances on your DevStack host from other hosts.
+This can be helpful if you are e.g. deploying DevStack in a VM on an existing
+cloud and wish to do development on your local machine. There are a few ways to
+do this.
+
+.. rubric:: Configure instances to be locally accessible
+
+The most obvious way is to configure guests to be locally accessible, as
+described `above <Locally Accessible Guests>`__. This has the advantage of
+requiring no further effort on the client. However, it is more involved and
+requires either support from your cloud or some inadvisable workarounds.
+
+.. rubric:: Use your DevStack host as a jump host
+
+You can choose to use your DevStack host as a jump host. To SSH to a instance
+this way, pass the standard ``-J`` option to the ``openstack ssh`` / ``ssh``
+command. For example:
+
+.. code-block::
+
+ openstack server ssh test-server -- -l cirros -J username@devstack-host
+
+(where ``test-server`` is name of an existing instance, as described
+:ref:`previously <ssh>`, and ``username`` and ``devstack-host`` are the
+username and hostname of your DevStack host).
+
+This can also be configured via your ``~/.ssh/config`` file, making it rather
+effortless. However, it only allows SSH access. If you want to access e.g. a
+web application on the instance, you will need to configure an SSH tunnel and
+forward select ports using the ``-L`` option. For example, to forward HTTP
+traffic:
+
+.. code-block::
+
+ openstack server ssh test-server -- -l cirros -L 8080:username@devstack-host:80
+
+(where ``test-server`` is name of an existing instance, as described
+:ref:`previously <ssh>`, and ``username`` and ``devstack-host`` are the
+username and hostname of your DevStack host).
+
+As you can imagine, this can quickly get out of hand, particularly for more
+complex guest applications with multiple ports.
+
+.. rubric:: Use a proxy or VPN tool
+
+You can use a proxy or VPN tool to enable tunneling for the floating IP
+address range of the ``$PUBLIC_NETWORK_NAME`` network (default: ``public``)
+defined by ``$FLOATING_RANGE`` (default: ``172.24.4.0/24``). There are many
+such tools available to do this. For example, we could use a useful utility
+called `shuttle`__. To enable tunneling using ``shuttle``, first ensure you
+have allowed SSH and HTTP(S) traffic to your DevStack host. Allowing HTTP(S)
+traffic is necessary so you can use the OpenStack APIs remotely. How you do
+this will depend on where your DevStack host is running. Once this is done,
+install ``sshuttle`` on your localhost:
+
+.. code-block:: bash
+
+ sudo apt-get install sshuttle || yum install sshuttle
+
+Finally, start ``sshuttle`` on your localhost using the floating IP address
+range. For example, assuming you are using the default value for
+``$FLOATING_RANGE``, you can do:
+
+.. code-block:: bash
+
+ sshuttle -r username@devstack-host 172.24.4.0/24
+
+(where ``username`` and ``devstack-host`` are the username and hostname of your
+DevStack host).
+
+You should now be able to create an instance and SSH into it:
+
+.. code-block:: bash
+
+ openstack server ssh test-server -- -l cirros
+
+(where ``test-server`` is name of an existing instance, as described
+:ref:`previously <ssh>`)
+
+.. __: https://github.com/sshuttle/sshuttle
diff --git a/lib/databases/postgresql b/lib/databases/postgresql
index b21418b..2aa38cc 100644
--- a/lib/databases/postgresql
+++ b/lib/databases/postgresql
@@ -46,6 +46,10 @@
createdb -h $DATABASE_HOST -U$DATABASE_USER -l C -T template0 -E utf8 $db
}
+function _exit_pg_init {
+ sudo cat /var/lib/pgsql/initdb_postgresql.log
+}
+
function configure_database_postgresql {
local pg_conf pg_dir pg_hba check_role version
echo_summary "Configuring and starting PostgreSQL"
@@ -53,7 +57,9 @@
pg_hba=/var/lib/pgsql/data/pg_hba.conf
pg_conf=/var/lib/pgsql/data/postgresql.conf
if ! sudo [ -e $pg_hba ]; then
+ trap _exit_pg_init EXIT
sudo postgresql-setup initdb
+ trap - EXIT
fi
elif is_ubuntu; then
version=`psql --version | cut -d ' ' -f3 | cut -d. -f1-2`
diff --git a/lib/swift b/lib/swift
index 1ebf073..3659624 100644
--- a/lib/swift
+++ b/lib/swift
@@ -844,14 +844,14 @@
function swift_configure_tempurls {
# note we are using swift credentials!
- openstack --os-cloud "" \
- --os-region-name $REGION_NAME \
- --os-auth-url $KEYSTONE_SERVICE_URI \
- --os-username=swift \
- --os-password=$SERVICE_PASSWORD \
- --os-user-domain-name=$SERVICE_DOMAIN_NAME \
- --os-project-name=$SERVICE_PROJECT_NAME \
- --os-project-domain-name=$SERVICE_DOMAIN_NAME \
+ openstack --os-cloud="" \
+ --os-region-name="$REGION_NAME" \
+ --os-auth-url="$KEYSTONE_SERVICE_URI" \
+ --os-username="swift" \
+ --os-password="$SERVICE_PASSWORD" \
+ --os-user-domain-name="$SERVICE_DOMAIN_NAME" \
+ --os-project-name="$SERVICE_PROJECT_NAME" \
+ --os-project-domain-name="$SERVICE_DOMAIN_NAME" \
object store account \
set --property "Temp-URL-Key=$SWIFT_TEMPURL_KEY"
}
diff --git a/stackrc b/stackrc
index 0b3e1c6..ab1f8a6 100644
--- a/stackrc
+++ b/stackrc
@@ -249,7 +249,7 @@
# Setting the variable to 'ALL' will activate the download for all
# libraries.
-DEVSTACK_SERIES="2024.2"
+DEVSTACK_SERIES="2025.1"
##############
#
