Merge "Add new parameter RECREATE_KEYSTONE_DB"
diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst
index 358e1e4..a6f509e 100644
--- a/doc/source/plugin-registry.rst
+++ b/doc/source/plugin-registry.rst
@@ -95,6 +95,7 @@
networking-brocade `git://git.openstack.org/openstack/networking-brocade <https://git.openstack.org/cgit/openstack/networking-brocade>`__
networking-calico `git://git.openstack.org/openstack/networking-calico <https://git.openstack.org/cgit/openstack/networking-calico>`__
networking-cisco `git://git.openstack.org/openstack/networking-cisco <https://git.openstack.org/cgit/openstack/networking-cisco>`__
+networking-dpm `git://git.openstack.org/openstack/networking-dpm <https://git.openstack.org/cgit/openstack/networking-dpm>`__
networking-fortinet `git://git.openstack.org/openstack/networking-fortinet <https://git.openstack.org/cgit/openstack/networking-fortinet>`__
networking-generic-switch `git://git.openstack.org/openstack/networking-generic-switch <https://git.openstack.org/cgit/openstack/networking-generic-switch>`__
networking-huawei `git://git.openstack.org/openstack/networking-huawei <https://git.openstack.org/cgit/openstack/networking-huawei>`__
@@ -121,6 +122,7 @@
neutron-vpnaas `git://git.openstack.org/openstack/neutron-vpnaas <https://git.openstack.org/cgit/openstack/neutron-vpnaas>`__
nimble `git://git.openstack.org/openstack/nimble <https://git.openstack.org/cgit/openstack/nimble>`__
nova-docker `git://git.openstack.org/openstack/nova-docker <https://git.openstack.org/cgit/openstack/nova-docker>`__
+nova-dpm `git://git.openstack.org/openstack/nova-dpm <https://git.openstack.org/cgit/openstack/nova-dpm>`__
nova-lxd `git://git.openstack.org/openstack/nova-lxd <https://git.openstack.org/cgit/openstack/nova-lxd>`__
nova-mksproxy `git://git.openstack.org/openstack/nova-mksproxy <https://git.openstack.org/cgit/openstack/nova-mksproxy>`__
nova-powervm `git://git.openstack.org/openstack/nova-powervm <https://git.openstack.org/cgit/openstack/nova-powervm>`__
diff --git a/files/apache-placement-api.template b/files/apache-placement-api.template
index b89ef96..011abb9 100644
--- a/files/apache-placement-api.template
+++ b/files/apache-placement-api.template
@@ -1,6 +1,8 @@
-Listen %PUBLICPORT%
-
-<VirtualHost *:%PUBLICPORT%>
+# NOTE(sbauza): This virtualhost is only here because some directives can
+# only be set by a virtualhost or server context, so that's why the port is not bound.
+# TODO(sbauza): Find a better way to identify a free port that is not corresponding to an existing
+# vhost.
+<VirtualHost *:8780>
WSGIDaemonProcess placement-api processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
WSGIProcessGroup placement-api
WSGIScriptAlias / %PUBLICWSGI%
diff --git a/files/debs/general b/files/debs/general
index a1f2a4b..c121770 100644
--- a/files/debs/general
+++ b/files/debs/general
@@ -2,6 +2,7 @@
bridge-utils
bsdmainutils
curl
+default-jre-headless # NOPRIME
g++
gcc
gettext # used for compiling message catalogs
@@ -17,7 +18,6 @@
libxslt1-dev # lxml
libyaml-dev
lsof # useful when debugging
-openjdk-7-jre-headless # NOPRIME
openssh-server
openssl
pkg-config
diff --git a/functions-common b/functions-common
index cc1d42b..9423f9e 100644
--- a/functions-common
+++ b/functions-common
@@ -1678,7 +1678,7 @@
local logfile=$2
if [[ "$USE_SCREEN" = "True" ]]; then
- screen_process "$name" "sudo tail -f $logfile | sed 's/\\\\\\\\x1b/\o033/g'"
+ screen_process "$name" "sudo tail -f $logfile | sed -u 's/\\\\\\\\x1b/\o033/g'"
fi
}
diff --git a/lib/databases/postgresql b/lib/databases/postgresql
index 14425a5..1f347f5 100644
--- a/lib/databases/postgresql
+++ b/lib/databases/postgresql
@@ -47,7 +47,7 @@
}
function configure_database_postgresql {
- local pg_conf pg_dir pg_hba root_roles version
+ local pg_conf pg_dir pg_hba check_role version
echo_summary "Configuring and starting PostgreSQL"
if is_fedora; then
pg_hba=/var/lib/pgsql/data/pg_hba.conf
@@ -85,8 +85,8 @@
restart_service postgresql
# Create the role if it's not here or else alter it.
- root_roles=$(sudo -u root sudo -u postgres -i psql -t -c "SELECT 'HERE' from pg_roles where rolname='root'")
- if [[ ${root_roles} == *HERE ]];then
+ check_role=$(sudo -u root sudo -u postgres -i psql -t -c "SELECT 'HERE' from pg_roles where rolname='$DATABASE_USER'")
+ if [[ ${check_role} == *HERE ]];then
sudo -u root sudo -u postgres -i psql -c "ALTER ROLE $DATABASE_USER WITH SUPERUSER LOGIN PASSWORD '$DATABASE_PASSWORD'"
else
sudo -u root sudo -u postgres -i psql -c "CREATE ROLE $DATABASE_USER WITH SUPERUSER LOGIN PASSWORD '$DATABASE_PASSWORD'"
diff --git a/lib/keystone b/lib/keystone
index 0d54dee..825fe44 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -445,14 +445,16 @@
#
# create_service_user <name> [role]
#
-# The role defaults to the service role. It is allowed to be provided as optional as historically
+# We always add the service role, other roles are also allowed to be added as historically
# a lot of projects have configured themselves with the admin or other role here if they are
# using this user for other purposes beyond simply auth_token middleware.
function create_service_user {
- local role=${2:-service}
-
get_or_create_user "$1" "$SERVICE_PASSWORD" "$SERVICE_DOMAIN_NAME"
- get_or_add_user_project_role "$role" "$1" "$SERVICE_PROJECT_NAME" "$SERVICE_DOMAIN_NAME" "$SERVICE_DOMAIN_NAME"
+ get_or_add_user_project_role service "$1" "$SERVICE_PROJECT_NAME" "$SERVICE_DOMAIN_NAME" "$SERVICE_DOMAIN_NAME"
+
+ if [[ -n "$2" ]]; then
+ get_or_add_user_project_role "$2" "$1" "$SERVICE_PROJECT_NAME" "$SERVICE_DOMAIN_NAME" "$SERVICE_DOMAIN_NAME"
+ fi
}
# Configure the service to use the auth token middleware.
diff --git a/lib/placement b/lib/placement
index 165c670..93b72eb 100644
--- a/lib/placement
+++ b/lib/placement
@@ -47,7 +47,6 @@
# Public facing bits
PLACEMENT_SERVICE_PROTOCOL=${PLACEMENT_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
PLACEMENT_SERVICE_HOST=${PLACEMENT_SERVICE_HOST:-$SERVICE_HOST}
-PLACEMENT_SERVICE_PORT=${PLACEMENT_SERVICE_PORT:-8778}
# Functions
# ---------
@@ -55,7 +54,7 @@
# Test if any placement services are enabled
# is_placement_enabled
function is_placement_enabled {
- [[ ,${ENABLED_SERVICES} =~ ,"placement-" ]] && return 0
+ [[ ,${ENABLED_SERVICES} =~ ,"placement-api" ]] && return 0
return 1
}
@@ -68,7 +67,6 @@
# _config_placement_apache_wsgi() - Set WSGI config files
function _config_placement_apache_wsgi {
local placement_api_apache_conf
- local placement_api_port=$PLACEMENT_SERVICE_PORT
local venv_path=""
local nova_bin_dir=""
nova_bin_dir=$(get_python_exec_prefix)
@@ -89,7 +87,6 @@
sudo cp $FILES/apache-placement-api.template $placement_api_apache_conf
sudo sed -e "
- s|%PUBLICPORT%|$placement_api_port|g;
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%PUBLICWSGI%|$nova_bin_dir/nova-placement-api|g;
s|%SSLENGINE%|$placement_ssl|g;
@@ -101,12 +98,7 @@
" -i $placement_api_apache_conf
}
-# configure_placement() - Set config files, create data dirs, etc
-function configure_placement {
- if [ "$PLACEMENT_DB_ENABLED" != False ]; then
- iniset $PLACEMENT_CONF placement_database connection `database_connection_url placement`
- fi
-
+function configure_placement_nova_compute {
iniset $NOVA_CONF placement auth_type "password"
iniset $NOVA_CONF placement auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"
iniset $NOVA_CONF placement username placement
@@ -121,7 +113,13 @@
# established by the nova api. This avoids, for the time, being,
# creating redundant configuration items that are just used for
# testing.
+}
+# configure_placement() - Set config files, create data dirs, etc
+function configure_placement {
+ if [ "$PLACEMENT_DB_ENABLED" != False ]; then
+ iniset $PLACEMENT_CONF placement_database connection `database_connection_url placement`
+ fi
_config_placement_apache_wsgi
}
@@ -160,10 +158,6 @@
# start_placement_api() - Start the API processes ahead of other things
function start_placement_api {
- # Get right service port for testing
- local service_port=$PLACEMENT_SERVICE_PORT
- local placement_api_port=$PLACEMENT_SERVICE_PORT
-
enable_apache_site placement-api
restart_apache_server
tail_log placement-api /var/log/$APACHE_NAME/placement-api.log
diff --git a/pkg/elasticsearch.sh b/pkg/elasticsearch.sh
index 856eaff..fefd454 100755
--- a/pkg/elasticsearch.sh
+++ b/pkg/elasticsearch.sh
@@ -83,7 +83,7 @@
return
fi
if is_ubuntu; then
- is_package_installed openjdk-7-jre-headless || install_package openjdk-7-jre-headless
+ is_package_installed default-jre-headless || install_package default-jre-headless
sudo dpkg -i ${FILES}/elasticsearch-${ELASTICSEARCH_VERSION}.deb
sudo update-rc.d elasticsearch defaults 95 10
diff --git a/stack.sh b/stack.sh
index f4bac30..1817f61 100755
--- a/stack.sh
+++ b/stack.sh
@@ -869,6 +869,16 @@
configure_placement
fi
+# create a placement-client fake service to know we need to configure
+# placement connectivity. We configure the placement service for nova
+# if placement-api or placement-client is active, and n-cpu on the
+# same box.
+if is_service_enabled placement placement-client; then
+ if is_service_enabled n-cpu; then
+ configure_placement_nova_compute
+ fi
+fi
+
if is_service_enabled horizon; then
# django openstack_auth
install_django_openstack_auth