Merge "lib/neutron: set variables needed for sane l3 agent setup"
diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst
index 17da67b..58d393a 100644
--- a/doc/source/plugin-registry.rst
+++ b/doc/source/plugin-registry.rst
@@ -108,7 +108,6 @@
networking-mlnx `git://git.openstack.org/openstack/networking-mlnx <https://git.openstack.org/cgit/openstack/networking-mlnx>`__
networking-nec `git://git.openstack.org/openstack/networking-nec <https://git.openstack.org/cgit/openstack/networking-nec>`__
networking-odl `git://git.openstack.org/openstack/networking-odl <https://git.openstack.org/cgit/openstack/networking-odl>`__
-networking-ofagent `git://git.openstack.org/openstack/networking-ofagent <https://git.openstack.org/cgit/openstack/networking-ofagent>`__
networking-onos `git://git.openstack.org/openstack/networking-onos <https://git.openstack.org/cgit/openstack/networking-onos>`__
networking-ovn `git://git.openstack.org/openstack/networking-ovn <https://git.openstack.org/cgit/openstack/networking-ovn>`__
networking-ovs-dpdk `git://git.openstack.org/openstack/networking-ovs-dpdk <https://git.openstack.org/cgit/openstack/networking-ovs-dpdk>`__
diff --git a/files/debs/neutron b/files/debs/neutron
index 2307fa5..e30f678 100644
--- a/files/debs/neutron
+++ b/files/debs/neutron
@@ -2,6 +2,7 @@
dnsmasq-base
dnsmasq-utils # for dhcp_release only available in dist:precise
ebtables
+haproxy # to serve as metadata proxy inside router/dhcp namespaces
iptables
iputils-arping
iputils-ping
diff --git a/files/rpms-suse/neutron b/files/rpms-suse/neutron
index e9abc6e..d1cc73f 100644
--- a/files/rpms-suse/neutron
+++ b/files/rpms-suse/neutron
@@ -2,6 +2,7 @@
dnsmasq
dnsmasq-utils # dist:opensuse-12.3,opensuse-13.1
ebtables
+haproxy # to serve as metadata proxy inside router/dhcp namespaces
iptables
iputils
mariadb # NOPRIME
diff --git a/files/rpms/neutron b/files/rpms/neutron
index 2e49a0c..a4e029a 100644
--- a/files/rpms/neutron
+++ b/files/rpms/neutron
@@ -2,6 +2,7 @@
dnsmasq # for q-dhcp
dnsmasq-utils # for dhcp_release
ebtables
+haproxy # to serve as metadata proxy inside router/dhcp namespaces
iptables
iputils
mysql-devel
diff --git a/files/rpms/nova b/files/rpms/nova
index 45f1c94..a368c55 100644
--- a/files/rpms/nova
+++ b/files/rpms/nova
@@ -9,10 +9,6 @@
iputils
kernel-modules # dist:f23,f24,f25
kpartx
-kvm # NOPRIME
-libvirt-bin # NOPRIME
-libvirt-devel # NOPRIME
-libvirt-python # NOPRIME
libxml2-python
m2crypto
mysql-devel
@@ -21,7 +17,6 @@
numpy # needed by websockify for spice console
parted
polkit
-qemu-kvm # NOPRIME
rabbitmq-server # NOPRIME
sqlite
sudo
diff --git a/functions b/functions
index 89ee367..1aa7517 100644
--- a/functions
+++ b/functions
@@ -12,7 +12,7 @@
# ensure we don't re-source this in the same environment
[[ -z "$_DEVSTACK_FUNCTIONS" ]] || return 0
-declare -r _DEVSTACK_FUNCTIONS=1
+declare -r -g _DEVSTACK_FUNCTIONS=1
# Include the common functions
FUNC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)
@@ -664,6 +664,16 @@
}
+# running_in_container - Returns true otherwise false
+function running_in_container {
+ if grep -q lxc /proc/1/cgroup; then
+ return 0
+ fi
+
+ return 1
+}
+
+
# enable_kernel_bridge_firewall - Enable kernel support for bridge firewalling
function enable_kernel_bridge_firewall {
# Load bridge module. This module provides access to firewall for bridged
diff --git a/functions-common b/functions-common
index 0d1b01f..a86cfd8 100644
--- a/functions-common
+++ b/functions-common
@@ -37,12 +37,12 @@
# ensure we don't re-source this in the same environment
[[ -z "$_DEVSTACK_FUNCTIONS_COMMON" ]] || return 0
-declare -r _DEVSTACK_FUNCTIONS_COMMON=1
+declare -r -g _DEVSTACK_FUNCTIONS_COMMON=1
# Global Config Variables
-declare -A GITREPO
-declare -A GITBRANCH
-declare -A GITDIR
+declare -A -g GITREPO
+declare -A -g GITBRANCH
+declare -A -g GITDIR
TRACK_DEPENDS=${TRACK_DEPENDS:-False}
@@ -306,7 +306,7 @@
# ``os_PACKAGE`` - package type: ``deb`` or ``rpm``
# ``os_CODENAME`` - vendor's codename for release: ``xenial``
-declare os_VENDOR os_RELEASE os_PACKAGE os_CODENAME
+declare -g os_VENDOR os_RELEASE os_PACKAGE os_CODENAME
# Make a *best effort* attempt to install lsb_release packages for the
# user if not available. Note can't use generic install_package*
@@ -361,7 +361,7 @@
# Translate the OS version values into common nomenclature
# Sets global ``DISTRO`` from the ``os_*`` values
-declare DISTRO
+declare -g DISTRO
function GetDistro {
GetOSVersion
@@ -1556,7 +1556,7 @@
# Append the process to the screen rc file
screen_rc "$name" "$command"
- screen -S $SCREEN_NAME -p $name -X stuff "$command & echo \$! >$SERVICE_DIR/$SCREEN_NAME/${name}.pid; fg || echo \"$name failed to start\" | tee \"$SERVICE_DIR/$SCREEN_NAME/${name}.failure\"$NL"
+ screen -S $SCREEN_NAME -p $name -X stuff "$command & echo \$! >$SERVICE_DIR/$SCREEN_NAME/${name}.pid; fg || echo \"$name failed to start. Exit code: \$?\" | tee \"$SERVICE_DIR/$SCREEN_NAME/${name}.failure\"$NL"
}
# Screen rc file builder
@@ -2376,9 +2376,9 @@
# Resolution is only in whole seconds, so should be used for long
# running activities.
-declare -A _TIME_TOTAL
-declare -A _TIME_START
-declare -r _TIME_BEGIN=$(date +%s)
+declare -A -g _TIME_TOTAL
+declare -A -g _TIME_START
+declare -r -g _TIME_BEGIN=$(date +%s)
# time_start $name
#
diff --git a/inc/python b/inc/python
index 2bdc097..a4819c2 100644
--- a/inc/python
+++ b/inc/python
@@ -19,7 +19,7 @@
# PROJECT_VENV contains the name of the virtual environment for each
# project. A null value installs to the system Python directories.
-declare -A PROJECT_VENV
+declare -A -g PROJECT_VENV
# Python Functions
diff --git a/lib/cinder b/lib/cinder
index 767fd00..c17cea0 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -315,7 +315,7 @@
fi
if is_service_enabled ceilometer; then
- iniset $CINDER_CONF oslo_messaging_notifications driver "messaging"
+ iniset $CINDER_CONF oslo_messaging_notifications driver "messagingv2"
fi
if is_service_enabled tls-proxy; then
diff --git a/lib/glance b/lib/glance
index 58f1def..6125f45 100644
--- a/lib/glance
+++ b/lib/glance
@@ -57,7 +57,7 @@
GLANCE_SWIFT_STORE_CONF=$GLANCE_CONF_DIR/glance-swift-store.conf
GLANCE_GLARE_CONF=$GLANCE_CONF_DIR/glance-glare.conf
GLANCE_GLARE_PASTE_INI=$GLANCE_CONF_DIR/glance-glare-paste.ini
-GLANCE_V1_ENABLED=${GLANCE_V1_ENABLED:-True}
+GLANCE_V1_ENABLED=${GLANCE_V1_ENABLED:-False}
if is_ssl_enabled_service "glance" || is_service_enabled tls-proxy; then
GLANCE_SERVICE_PROTOCOL="https"
@@ -112,7 +112,7 @@
iniset $GLANCE_REGISTRY_CONF DEFAULT workers "$API_WORKERS"
iniset $GLANCE_REGISTRY_CONF paste_deploy flavor keystone
configure_auth_token_middleware $GLANCE_REGISTRY_CONF glance $GLANCE_AUTH_CACHE_DIR/registry
- iniset $GLANCE_REGISTRY_CONF oslo_messaging_notifications driver messaging
+ iniset $GLANCE_REGISTRY_CONF oslo_messaging_notifications driver messagingv2
iniset_rpc_backend glance $GLANCE_REGISTRY_CONF
iniset $GLANCE_REGISTRY_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT"
@@ -125,7 +125,7 @@
iniset $GLANCE_API_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/
iniset $GLANCE_API_CONF paste_deploy flavor keystone+cachemanagement
configure_auth_token_middleware $GLANCE_API_CONF glance $GLANCE_AUTH_CACHE_DIR/api
- iniset $GLANCE_API_CONF oslo_messaging_notifications driver messaging
+ iniset $GLANCE_API_CONF oslo_messaging_notifications driver messagingv2
iniset_rpc_backend glance $GLANCE_API_CONF
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
iniset $GLANCE_API_CONF DEFAULT container_formats "ami,ari,aki,bare,ovf,tgz"
diff --git a/lib/neutron b/lib/neutron
index 10f488d..9a2a75a 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -52,9 +52,13 @@
NEUTRON_CORE_PLUGIN_CONF_PATH=$NEUTRON_CONF_DIR/plugins/$NEUTRON_CORE_PLUGIN
NEUTRON_CORE_PLUGIN_CONF=$NEUTRON_CORE_PLUGIN_CONF_PATH/$NEUTRON_CORE_PLUGIN_CONF_FILENAME
+NEUTRON_METERING_AGENT_CONF_FILENAME=${NEUTRON_METERING_AGENT_CONF_FILENAME:-metering_agent.ini}
+NEUTRON_METERING_AGENT_CONF=$NEUTRON_CONF_DIR/$NEUTRON_METERING_AGENT_CONF_FILENAME
+
NEUTRON_AGENT_BINARY=${NEUTRON_AGENT_BINARY:-neutron-$NEUTRON_AGENT-agent}
NEUTRON_L3_BINARY=${NEUTRON_L3_BINARY:-neutron-l3-agent}
NEUTRON_META_BINARY=${NEUTRON_META_BINARY:-neutron-metadata-agent}
+NEUTRON_METERING_BINARY=${NEUTRON_METERING_BINARY:-neutron-metering-agent}
# Public facing bits
if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then
@@ -79,7 +83,7 @@
PUBLIC_BRIDGE_MTU=${PUBLIC_BRIDGE_MTU:-1500}
# Additional neutron api config files
-declare -a _NEUTRON_SERVER_EXTRA_CONF_FILES_ABS
+declare -a -g _NEUTRON_SERVER_EXTRA_CONF_FILES_ABS
# Functions
# ---------
@@ -158,15 +162,7 @@
iniset $NEUTRON_CONF DEFAULT auth_strategy $NEUTRON_AUTH_STRATEGY
configure_auth_token_middleware $NEUTRON_CONF neutron $NEUTRON_AUTH_CACHE_DIR keystone_authtoken
-
- iniset $NEUTRON_CONF nova auth_type password
- iniset $NEUTRON_CONF nova auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"
- iniset $NEUTRON_CONF nova username nova
- iniset $NEUTRON_CONF nova password $SERVICE_PASSWORD
- iniset $NEUTRON_CONF nova user_domain_id default
- iniset $NEUTRON_CONF nova project_name $SERVICE_TENANT_NAME
- iniset $NEUTRON_CONF nova project_domain_id default
- iniset $NEUTRON_CONF nova region_name $REGION_NAME
+ configure_auth_token_middleware $NEUTRON_CONF nova $NEUTRON_AUTH_CACHE_DIR nova
# Configure VXLAN
# TODO(sc68cal) not hardcode?
@@ -193,7 +189,9 @@
iniset $NEUTRON_CORE_PLUGIN_CONF ovs local_ip $HOST_IP
fi
- enable_kernel_bridge_firewall
+ if ! running_in_container; then
+ enable_kernel_bridge_firewall
+ fi
fi
# DHCP Agent
@@ -245,10 +243,6 @@
iniset $NEUTRON_CONF DEFAULT bind_port "$NEUTRON_SERVICE_PORT_INT"
fi
- if is_ssl_enabled_service "nova"; then
- iniset $NEUTRON_CONF nova cafile $SSL_BUNDLE_FILE
- fi
-
if is_ssl_enabled_service "neutron"; then
ensure_certificates NEUTRON
@@ -259,9 +253,7 @@
# Metering
if is_service_enabled neutron-metering; then
- source $TOP_DIR/lib/neutron_plugins/services/metering
- neutron_agent_metering_configure_common
- neutron_agent_metering_configure_agent
+ cp $NEUTRON_DIR/etc/metering_agent.ini.sample $NEUTRON_METERING_AGENT_CONF
neutron_service_plugin_class_add metering
fi
}
@@ -300,7 +292,7 @@
function configure_neutron_nova_new {
iniset $NOVA_CONF DEFAULT use_neutron True
iniset $NOVA_CONF neutron auth_type "password"
- iniset $NOVA_CONF neutron auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"
+ iniset $NOVA_CONF neutron auth_url "$KEYSTONE_SERVICE_URI/v3"
iniset $NOVA_CONF neutron username neutron
iniset $NOVA_CONF neutron password "$SERVICE_PASSWORD"
iniset $NOVA_CONF neutron user_domain_name "Default"
@@ -400,9 +392,9 @@
service_protocol="http"
fi
- local opts = ""
- opts+="--config-file $NEUTRON_CONF"
- opts+="--config-file $NEUTRON_CORE_PLUGIN_CONF"
+ local opts=""
+ opts+=" --config-file $NEUTRON_CONF"
+ opts+=" --config-file $NEUTRON_CORE_PLUGIN_CONF"
local cfg_file
for cfg_file in ${_NEUTRON_SERVER_EXTRA_CONF_FILES_ABS[@]}; do
opts+=" --config-file $cfg_file"
@@ -410,7 +402,7 @@
# Start the Neutron service
# TODO(sc68cal) Stop hard coding this
- run_process neutron-api "$NEUTRON_BIN_DIR/neutron-server $ops"
+ run_process neutron-api "$NEUTRON_BIN_DIR/neutron-server $opts"
if is_ssl_enabled_service "neutron"; then
ssl_ca="--ca-certificate=${SSL_BUNDLE_FILE}"
@@ -462,7 +454,7 @@
fi
if is_service_enabled neutron-metering; then
- run_process neutron-metering "$AGENT_METERING_BINARY --config-file $NEUTRON_CONF --config-file $METERING_AGENT_CONF_FILENAME"
+ run_process neutron-metering "$NEUTRON_METERING_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_METERING_AGENT_CONF"
fi
}
@@ -490,7 +482,10 @@
local plugins=""
plugins=$(iniget $NEUTRON_CONF DEFAULT service_plugins)
- plugins+=",${service_plugin_class}"
+ if [ $plugins ]; then
+ plugins+=","
+ fi
+ plugins+="${service_plugin_class}"
iniset $NEUTRON_CONF DEFAULT service_plugins $plugins
}
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
index b381b64..ccab527 100644
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -141,10 +141,10 @@
# These config files are relative to ``/etc/neutron``. The above
# example would specify ``--config-file /etc/neutron/file1`` for
# neutron server.
-declare -a Q_PLUGIN_EXTRA_CONF_FILES
+declare -a -g Q_PLUGIN_EXTRA_CONF_FILES
# same as Q_PLUGIN_EXTRA_CONF_FILES, but with absolute path.
-declare -a _Q_PLUGIN_EXTRA_CONF_FILES_ABS
+declare -a -g _Q_PLUGIN_EXTRA_CONF_FILES_ABS
Q_RR_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf
@@ -798,7 +798,7 @@
}
function _configure_neutron_ceilometer_notifications {
- iniset $NEUTRON_CONF oslo_messaging_notifications driver messaging
+ iniset $NEUTRON_CONF oslo_messaging_notifications driver messagingv2
}
function _configure_neutron_metering {
diff --git a/lib/neutron_plugins/linuxbridge_agent b/lib/neutron_plugins/linuxbridge_agent
index dfed49b..f2302e3 100644
--- a/lib/neutron_plugins/linuxbridge_agent
+++ b/lib/neutron_plugins/linuxbridge_agent
@@ -67,7 +67,9 @@
fi
if [[ "$Q_USE_SECGROUP" == "True" ]]; then
iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
- enable_kernel_bridge_firewall
+ if ! running_in_container; then
+ enable_kernel_bridge_firewall
+ fi
else
iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
fi
diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base
index 1a97001..50b9ae5 100644
--- a/lib/neutron_plugins/ovs_base
+++ b/lib/neutron_plugins/ovs_base
@@ -80,7 +80,9 @@
function _neutron_ovs_base_configure_firewall_driver {
if [[ "$Q_USE_SECGROUP" == "True" ]]; then
iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver iptables_hybrid
- enable_kernel_bridge_firewall
+ if ! running_in_container; then
+ enable_kernel_bridge_firewall
+ fi
else
iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver noop
fi
diff --git a/lib/nova b/lib/nova
index f5ab201..a36a740 100644
--- a/lib/nova
+++ b/lib/nova
@@ -247,7 +247,7 @@
sudo rm -f $(apache_site_config_for nova-metadata)
}
-# _config_nova_apache_wsgi() - Set WSGI config files of Keystone
+# _config_nova_apache_wsgi() - Set WSGI config files of Nova API
function _config_nova_apache_wsgi {
sudo mkdir -p $NOVA_WSGI_DIR
@@ -575,7 +575,7 @@
# Set the oslo messaging driver to the typical default. This does not
# enable notifications, but it will allow them to function when enabled.
- iniset $NOVA_CONF oslo_messaging_notifications driver "messaging"
+ iniset $NOVA_CONF oslo_messaging_notifications driver "messagingv2"
iniset_rpc_backend nova $NOVA_CONF
iniset $NOVA_CONF glance api_servers "${GLANCE_SERVICE_PROTOCOL}://${GLANCE_HOSTPORT}"
@@ -631,7 +631,7 @@
function init_nova_service_user_conf {
iniset $NOVA_CONF service_user send_service_user_token True
iniset $NOVA_CONF service_user auth_type password
- iniset $NOVA_CONF service_user auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT"
+ iniset $NOVA_CONF service_user auth_url "$KEYSTONE_SERVICE_URI"
iniset $NOVA_CONF service_user username nova
iniset $NOVA_CONF service_user password "$SERVICE_PASSWORD"
iniset $NOVA_CONF service_user user_domain_name "$SERVICE_DOMAIN_NAME"
@@ -664,6 +664,10 @@
$NOVA_BIN_DIR/nova-manage --config-file $NOVA_CELLS_CONF db sync
$NOVA_BIN_DIR/nova-manage --config-file $NOVA_CELLS_CONF cell create --name=region --cell_type=parent --username=$RABBIT_USERID --hostname=$RABBIT_HOST --port=5672 --password=$RABBIT_PASSWORD --virtual_host=/ --woffset=0 --wscale=1
$NOVA_BIN_DIR/nova-manage cell create --name=child --cell_type=child --username=$RABBIT_USERID --hostname=$RABBIT_HOST --port=5672 --password=$RABBIT_PASSWORD --virtual_host=child_cell --woffset=0 --wscale=1
+
+ # Creates the single cells v2 cell for the child cell (v1) nova db.
+ nova-manage --config-file $NOVA_CELLS_CONF cell_v2 create_cell \
+ --transport-url $(get_transport_url child_cell) --name 'cell1'
fi
}
@@ -704,9 +708,13 @@
recreate_database nova
recreate_database nova_cell0
- # Migrate nova database. If "nova-manage cell_v2 simple_cell_setup" has
- # been run this migrates the "nova" and "nova_cell0" database.
- # Otherwise it just migrates the "nova" database.
+ # map_cell0 will create the cell mapping record in the nova_api DB so
+ # this needs to come after the api_db sync happens. We also want to run
+ # this before the db sync below since that will migrate both the nova
+ # and nova_cell0 databases.
+ nova-manage cell_v2 map_cell0 --database_connection `database_connection_url nova_cell0`
+
+ # Migrate nova and nova_cell0 databases.
$NOVA_BIN_DIR/nova-manage --config-file $NOVA_CONF db sync
if is_service_enabled n-cell; then
@@ -716,6 +724,10 @@
# Run online migrations on the new databases
# Needed for flavor conversion
$NOVA_BIN_DIR/nova-manage --config-file $NOVA_CONF db online_data_migrations
+
+ # create the cell1 cell for the main nova db where the hosts live
+ nova-manage cell_v2 create_cell --transport-url $(get_transport_url) \
+ --name 'cell1'
fi
create_nova_cache_dir
@@ -885,7 +897,9 @@
run_process n-crt "$NOVA_BIN_DIR/nova-cert --config-file $api_cell_conf"
if is_service_enabled n-net; then
- enable_kernel_bridge_firewall
+ if ! running_in_container; then
+ enable_kernel_bridge_firewall
+ fi
fi
run_process n-net "$NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf"
@@ -964,20 +978,6 @@
fi
}
-# create_cell(): Group the available hosts into a cell
-function create_cell {
- # NOTE(danms): map_cell0 always returns 1 right now; remove this when that is fixed
- (nova-manage cell_v2 map_cell0 --database_connection `database_connection_url nova_cell0`|| true)
-
- if ! is_service_enabled n-cell; then
- nova-manage cell_v2 simple_cell_setup --transport-url $(get_transport_url)
- else
- nova-manage --config-file $NOVA_CELLS_CONF --verbose cell_v2 map_cell_and_hosts \
- --transport-url $(get_transport_url child_cell) --name 'cell1'
- nova-manage db sync
- fi
-}
-
# Restore xtrace
$_XTRACE_LIB_NOVA
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 47b054b..56bb6bd 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -34,18 +34,21 @@
#pip_install_gr <there-si-no-guestfs-in-pypi>
elif is_fedora || is_suse; then
# On "KVM for IBM z Systems", kvm does not have its own package
- if [[ ! ${DISTRO} =~ "kvmibm1" ]]; then
+ if [[ ! ${DISTRO} =~ "kvmibm1" && ! ${DISTRO} =~ "rhel7" ]]; then
install_package kvm
fi
- # there is a dependency issue with kvm (which is really just a
- # wrapper to qemu-system-x86) that leaves some bios files out,
- # so install qemu-kvm (which shouldn't strictly be needed, as
- # everything has been merged into qemu-system-x86) to bring in
- # the right packages. see
- # https://bugzilla.redhat.com/show_bug.cgi?id=1235890
- install_package qemu-kvm
+
+ if [[ ${DISTRO} =~ "rhel7" ]]; then
+ # This should install the latest qemu-kvm build,
+ # which is called qemu-kvm-ev in centos7
+ # (as the default OS qemu-kvm package is usually rather old,
+ # and should be updated by above)
+ install_package qemu-kvm
+ fi
+
install_package libvirt libvirt-devel
pip_install_gr libvirt-python
+
fi
}
diff --git a/lib/placement b/lib/placement
index e7ffe33..4cc5cd8 100644
--- a/lib/placement
+++ b/lib/placement
@@ -100,7 +100,7 @@
function configure_placement_nova_compute {
iniset $NOVA_CONF placement auth_type "password"
- iniset $NOVA_CONF placement auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"
+ iniset $NOVA_CONF placement auth_url "$KEYSTONE_SERVICE_URI/v3"
iniset $NOVA_CONF placement username placement
iniset $NOVA_CONF placement password "$SERVICE_PASSWORD"
iniset $NOVA_CONF placement user_domain_name "$SERVICE_DOMAIN_NAME"
diff --git a/lib/tempest b/lib/tempest
index 128e972..a9461d4 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -17,7 +17,7 @@
# - ``PUBLIC_NETWORK_NAME``
# - ``VIRT_DRIVER``
# - ``LIBVIRT_TYPE``
-# - ``KEYSTONE_SERVICE_PROTOCOL``, ``KEYSTONE_SERVICE_HOST`` from lib/keystone
+# - ``KEYSTONE_SERVICE_URI``, ``KEYSTONE_SERVICE_URI_V3`` from lib/keystone
#
# Optional Dependencies:
#
@@ -257,7 +257,7 @@
iniset $TEMPEST_CONFIG volume build_timeout $BUILD_TIMEOUT
# Identity
- iniset $TEMPEST_CONFIG identity uri "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:5000/v2.0/"
+ iniset $TEMPEST_CONFIG identity uri "$KEYSTONE_SERVICE_URI/v2.0/"
iniset $TEMPEST_CONFIG identity uri_v3 "$KEYSTONE_SERVICE_URI_V3"
iniset $TEMPEST_CONFIG identity user_lockout_failure_attempts $KEYSTONE_LOCKOUT_FAILURE_ATTEMPTS
iniset $TEMPEST_CONFIG identity user_lockout_duration $KEYSTONE_LOCKOUT_DURATION
@@ -273,13 +273,11 @@
if [ "$ENABLE_IDENTITY_V2" == "True" ]; then
# Run Identity API v2 tests ONLY if needed
iniset $TEMPEST_CONFIG identity-feature-enabled api_v2 True
- iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v2}
else
# Skip Identity API v2 tests by default
iniset $TEMPEST_CONFIG identity-feature-enabled api_v2 False
- # Use v3 auth tokens for running all Tempest tests
- iniset $TEMPEST_CONFIG identity auth_version v3
fi
+ iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v3}
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
iniset $TEMPEST_CONFIG identity ca_certificates_file $SSL_BUNDLE_FILE
@@ -290,6 +288,10 @@
iniset $TEMPEST_CONFIG identity-feature-enabled security_compliance True
fi
+ # TODO(rodrigods): This is a feature flag for bug 1590578 which is fixed in
+ # Newton and Ocata. This option can be removed after Mitaka is end of life.
+ iniset $TEMPEST_CONFIG identity-feature-enabled forbid_global_implied_dsr True
+
# Image
# We want to be able to override this variable in the gate to avoid
# doing an external HTTP fetch for this test.
diff --git a/stack.sh b/stack.sh
index 94315e1..4cee385 100755
--- a/stack.sh
+++ b/stack.sh
@@ -761,6 +761,7 @@
run_phase stack pre-install
install_rpc_backend
+restart_rpc_backend
# NOTE(sdague): dlm install is conditional on one being enabled by configuration
install_dlm
@@ -952,11 +953,6 @@
fi
-# Finalize queue installation
-# ----------------------------
-restart_rpc_backend
-
-
# Export Certificate Authority Bundle
# -----------------------------------
@@ -1368,7 +1364,7 @@
# Do this late because it requires compute hosts to have started
if is_service_enabled n-api; then
if is_service_enabled n-cpu; then
- create_cell
+ $TOP_DIR/tools/discover_hosts.sh
else
# Some CI systems like Hyper-V build the control plane on
# Linux, and join in non Linux Computes after setup. This
diff --git a/stackrc b/stackrc
index 95f017b..c3b94d0 100644
--- a/stackrc
+++ b/stackrc
@@ -5,7 +5,7 @@
# ensure we don't re-source this in the same environment
[[ -z "$_DEVSTACK_STACKRC" ]] || return 0
-declare -r _DEVSTACK_STACKRC=1
+declare -r -g _DEVSTACK_STACKRC=1
# Find the other rc files
RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)
@@ -109,7 +109,7 @@
# base name of the directory from which they are installed. See
# enable_python3_package to edit this variable and use_python3_for to
# test membership.
-export ENABLED_PYTHON3_PACKAGES="nova,glance,cinder,uwsgi"
+export ENABLED_PYTHON3_PACKAGES="nova,glance,cinder,uwsgi,python-openstackclient"
# Explicitly list services not to run under Python 3. See
# disable_python3_package to edit this variable.
@@ -636,9 +636,6 @@
IMAGE_URLS+=","
fi
case "$VIRT_DRIVER" in
- openvz)
- DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ubuntu-12.04-x86_64}
- IMAGE_URLS+="http://download.openvz.org/template/precreated/ubuntu-12.04-x86_64.tar.gz";;
libvirt)
case "$LIBVIRT_TYPE" in
lxc) # the cirros root disk in the uec tarball is empty, so it will not work for lxc
@@ -656,13 +653,6 @@
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-0.3.4-x86_64-disk}
IMAGE_URLS+="http://ca.downloads.xensource.com/OpenStack/cirros-0.3.4-x86_64-disk.vhd.tgz"
IMAGE_URLS+=",http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-x86_64-uec.tar.gz";;
- ironic)
- # NOTE(lucasagomes): The logic setting the default image
- # now lives in the Ironic tree
- ;;
- *) # Default to Cirros qcow2 image file
- DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img}
- IMAGE_URLS+="http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img";;
esac
DOWNLOAD_DEFAULT_IMAGES=False
fi