Merge "Ironic: Remove deprecated parameters"
diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst
index 3030c7b..b0a8907 100644
--- a/doc/source/guides/neutron.rst
+++ b/doc/source/guides/neutron.rst
@@ -131,6 +131,11 @@
subnet that exists in the private RFC1918 address space - however in
in a real setup FLOATING_RANGE would be a public IP address range.
+Note that extension drivers for the ML2 plugin is set by
+`Q_ML2_PLUGIN_EXT_DRIVERS`, and it includes 'port_security' by default. If you
+want to remove all the extension drivers (even 'port_security'), set
+`Q_ML2_PLUGIN_EXT_DRIVERS` to blank.
+
Neutron Networking with Open vSwitch and Provider Networks
==========================================================
diff --git a/lib/horizon b/lib/horizon
index f953f5c..ab6e758 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -97,7 +97,14 @@
_horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_DEFAULT_ROLE \"Member\"
_horizon_config_set $local_settings "" OPENSTACK_HOST \"${KEYSTONE_SERVICE_HOST}\"
- _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v2.0\""
+
+ if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ # Only Identity v3 API is available; then use it with v3 auth tokens
+ _horizon_config_set $local_settings "" OPENSTACK_API_VERSIONS {\"identity\":\"v3\"}
+ _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v3\""
+ else
+ _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v2.0\""
+ fi
if [ -f $SSL_BUNDLE_FILE ]; then
_horizon_config_set $local_settings "" OPENSTACK_SSL_CACERT \"${SSL_BUNDLE_FILE}\"
diff --git a/lib/keystone b/lib/keystone
index b0907c7..7a949cf 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -197,6 +197,12 @@
KEYSTONE_PASTE_INI="$KEYSTONE_CONF"
fi
+ if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ # Only Identity v3 API should be available; then disable v2 pipelines
+ inidelete $KEYSTONE_PASTE_INI composite:main \\/v2.0
+ inidelete $KEYSTONE_PASTE_INI composite:admin \\/v2.0
+ fi
+
configure_keystone_extensions
# Rewrite stock ``keystone.conf``
diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2
index 8853777..2733f1f 100644
--- a/lib/neutron_plugins/ml2
+++ b/lib/neutron_plugins/ml2
@@ -31,6 +31,9 @@
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS:-vni_ranges=1001:2000}
# Default VLAN TypeDriver options
Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-}
+# List of extension drivers to load, use '-' instead of ':-' to allow people to
+# explicitly override this to blank
+Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-port_security}
# L3 Plugin to load for ML2
ML2_L3_PLUGIN=${ML2_L3_PLUGIN:-neutron.services.l3_router.l3_router_plugin.L3RouterPlugin}
@@ -113,6 +116,8 @@
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 type_drivers=$Q_ML2_PLUGIN_TYPE_DRIVERS
+ populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 extension_drivers=$Q_ML2_PLUGIN_EXT_DRIVERS
+
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 $Q_SRV_EXTRA_OPTS
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2_type_gre $Q_ML2_PLUGIN_GRE_TYPE_OPTIONS
diff --git a/lib/tempest b/lib/tempest
index 5599684..059709d 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -310,7 +310,15 @@
iniset $TEMPEST_CONFIG identity admin_tenant_id $ADMIN_TENANT_ID
iniset $TEMPEST_CONFIG identity admin_domain_name $ADMIN_DOMAIN_NAME
fi
- iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v2}
+ if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ # Only Identity v3 is available; then skip Identity API v2 tests
+ iniset $TEMPEST_CONFIG identity-feature-enabled v2_api False
+ # In addition, use v3 auth tokens for running all Tempest tests
+ iniset $TEMPEST_CONFIG identity auth_version v3
+ else
+ iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v2}
+ fi
+
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
iniset $TEMPEST_CONFIG identity ca_certificates_file $SSL_BUNDLE_FILE
fi
diff --git a/stackrc b/stackrc
index 938a09a..09ba3e9 100644
--- a/stackrc
+++ b/stackrc
@@ -87,9 +87,6 @@
# Set the default Nova APIs to enable
NOVA_ENABLED_APIS=ec2,osapi_compute,metadata
-# Configure Identity API version: 2.0, 3
-IDENTITY_API_VERSION=2.0
-
# Whether to use 'dev mode' for screen windows. Dev mode works by
# stuffing text into the screen windows so that a developer can use
# ctrl-c, up-arrow, enter to restart the service. Starting services
@@ -106,6 +103,22 @@
source $RC_DIR/.localrc.auto
fi
+# Configure Identity API version: 2.0, 3
+IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-2.0}
+
+# Set the option ENABLE_IDENTITY_V2 to True. It defines whether the DevStack
+# deployment will be deploying the Identity v2 pipelines. If this option is set
+# to ``False``, DevStack will: i) disable Identity v2; ii) configure Tempest to
+# skip Identity v2 specific tests; and iii) configure Horizon to use Identity
+# v3. When this option is set to ``False``, the option IDENTITY_API_VERSION
+# will to be set to ``3`` in order to make DevStack register the Identity
+# endpoint as v3. This flag is experimental and will be used as basis to
+# identify the projects which still have issues to operate with Identity v3.
+ENABLE_IDENTITY_V2=$(trueorfalse True ENABLE_IDENTITY_V2)
+if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ IDENTITY_API_VERSION=3
+fi
+
# Enable use of Python virtual environments. Individual project use of
# venvs are controlled by the PROJECT_VENV array; every project with
# an entry in the array will be installed into the named venv.
diff --git a/tests/test_ip.sh b/tests/test_ip.sh
index c53e80d..f8c2058 100755
--- a/tests/test_ip.sh
+++ b/tests/test_ip.sh
@@ -12,51 +12,41 @@
echo "Testing IP addr functions"
-if [[ $(cidr2netmask 4) == 240.0.0.0 ]]; then
- passed "cidr2netmask(): /4...OK"
-else
- failed "cidr2netmask(): /4...failed"
-fi
-if [[ $(cidr2netmask 8) == 255.0.0.0 ]]; then
- passed "cidr2netmask(): /8...OK"
-else
- failed "cidr2netmask(): /8...failed"
-fi
-if [[ $(cidr2netmask 12) == 255.240.0.0 ]]; then
- passed "cidr2netmask(): /12...OK"
-else
- failed "cidr2netmask(): /12...failed"
-fi
-if [[ $(cidr2netmask 16) == 255.255.0.0 ]]; then
- passed "cidr2netmask(): /16...OK"
-else
- failed "cidr2netmask(): /16...failed"
-fi
-if [[ $(cidr2netmask 20) == 255.255.240.0 ]]; then
- passed "cidr2netmask(): /20...OK"
-else
- failed "cidr2netmask(): /20...failed"
-fi
-if [[ $(cidr2netmask 24) == 255.255.255.0 ]]; then
- passed "cidr2netmask(): /24...OK"
-else
- failed "cidr2netmask(): /24...failed"
-fi
-if [[ $(cidr2netmask 28) == 255.255.255.240 ]]; then
- passed "cidr2netmask(): /28...OK"
-else
- failed "cidr2netmask(): /28...failed"
-fi
-if [[ $(cidr2netmask 30) == 255.255.255.252 ]]; then
- passed "cidr2netmask(): /30...OK"
-else
- failed "cidr2netmask(): /30...failed"
-fi
-if [[ $(cidr2netmask 32) == 255.255.255.255 ]]; then
- passed "cidr2netmask(): /32...OK"
-else
- failed "cidr2netmask(): /32...failed"
-fi
+function test_cidr2netmask {
+ local mask=0
+ local ips="128 192 224 240 248 252 254 255"
+ local ip
+ local msg
+
+ msg="cidr2netmask(/0) == 0.0.0.0"
+ assert_equal "0.0.0.0" $(cidr2netmask $mask) "$msg"
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == $ip.0.0.0"
+ assert_equal "$ip.0.0.0" $(cidr2netmask $mask) "$msg"
+ done
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == 255.$ip.0.0"
+ assert_equal "255.$ip.0.0" $(cidr2netmask $mask) "$msg"
+ done
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == 255.255.$ip.0"
+ assert_equal "255.255.$ip.0" $(cidr2netmask $mask) "$msg"
+ done
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == 255.255.255.$ip"
+ assert_equal "255.255.255.$ip" $(cidr2netmask $mask) "$msg"
+ done
+}
+
+test_cidr2netmask
if [[ $(maskip 169.254.169.254 240.0.0.0) == 160.0.0.0 ]]; then
passed "maskip(): /4...OK"
diff --git a/tests/test_truefalse.sh b/tests/test_truefalse.sh
index ebd9650..2689589 100755
--- a/tests/test_truefalse.sh
+++ b/tests/test_truefalse.sh
@@ -19,7 +19,8 @@
for default in True False; do
for name in one captrue lowtrue uppertrue capyes lowyes upperyes; do
- assert_equal "True" $(trueorfalse $default $name) "\$(trueorfalse $default $name)"
+ local msg="trueorfalse($default $name)"
+ assert_equal "True" $(trueorfalse $default $name) "$msg"
done
done
@@ -33,7 +34,8 @@
for default in True False; do
for name in zero capfalse lowfalse upperfalse capno lowno upperno; do
- assert_equal "False" $(trueorfalse $default $name) "\$(trueorfalse $default $name)"
+ local msg="trueorfalse($default $name)"
+ assert_equal "False" $(trueorfalse $default $name) "$msg"
done
done
}
diff --git a/tests/unittest.sh b/tests/unittest.sh
index 69f19b7..93aa5fc 100644
--- a/tests/unittest.sh
+++ b/tests/unittest.sh
@@ -17,6 +17,8 @@
PASS=0
FAILED_FUNCS=""
+# pass a test, printing out MSG
+# usage: passed message
function passed {
local lineno=$(caller 0 | awk '{print $1}')
local function=$(caller 0 | awk '{print $2}')
@@ -25,9 +27,11 @@
msg="OK"
fi
PASS=$((PASS+1))
- echo $function:L$lineno $msg
+ echo "PASS: $function:L$lineno $msg"
}
+# fail a test, printing out MSG
+# usage: failed message
function failed {
local lineno=$(caller 0 | awk '{print $1}')
local function=$(caller 0 | awk '{print $2}')
@@ -38,10 +42,16 @@
ERROR=$((ERROR+1))
}
+# assert string comparision of val1 equal val2, printing out msg
+# usage: assert_equal val1 val2 msg
function assert_equal {
local lineno=`caller 0 | awk '{print $1}'`
local function=`caller 0 | awk '{print $2}'`
local msg=$3
+
+ if [ -z "$msg" ]; then
+ msg="OK"
+ fi
if [[ "$1" != "$2" ]]; then
FAILED_FUNCS+="$function:L$lineno\n"
echo "ERROR: $1 != $2 in $function:L$lineno!"
@@ -49,10 +59,13 @@
ERROR=$((ERROR+1))
else
PASS=$((PASS+1))
- echo "$function:L$lineno - ok"
+ echo "PASS: $function:L$lineno - $msg"
fi
}
+# print a summary of passing and failing tests, exiting
+# with an error if we have failed tests
+# usage: report_results
function report_results {
echo "$PASS Tests PASSED"
if [[ $ERROR -gt 1 ]]; then