Merge "Fix Apache Site configuration for openSUSE"
diff --git a/functions-common b/functions-common
index f0ab5f8..613a86c 100644
--- a/functions-common
+++ b/functions-common
@@ -1081,7 +1081,7 @@
# sleep to allow bash to be ready to be send the command - we are
# creating a new window in screen and then sends characters, so if
# bash isn't running by the time we send the command, nothing happens
- sleep 1.5
+ sleep 3
NL=`echo -ne '\015'`
# This fun command does the following:
diff --git a/lib/ceilometer b/lib/ceilometer
index a4be7af..286f199 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -164,9 +164,7 @@
iniset $CEILOMETER_CONF service_credentials os_password $SERVICE_PASSWORD
iniset $CEILOMETER_CONF service_credentials os_tenant_name $SERVICE_TENANT_NAME
- iniset $CEILOMETER_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $CEILOMETER_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $CEILOMETER_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $CEILOMETER_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $CEILOMETER_CONF keystone_authtoken admin_user ceilometer
iniset $CEILOMETER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
iniset $CEILOMETER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
diff --git a/lib/cinder b/lib/cinder
index d5ee17e..4183676 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -233,9 +233,7 @@
inicomment $CINDER_API_PASTE_INI filter:authtoken admin_password
inicomment $CINDER_API_PASTE_INI filter:authtoken signing_dir
- iniset $CINDER_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $CINDER_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $CINDER_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $CINDER_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $CINDER_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
iniset $CINDER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $CINDER_CONF keystone_authtoken admin_user cinder
diff --git a/lib/databases/mysql b/lib/databases/mysql
index ea22d14..0ccfce5 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -88,6 +88,7 @@
# set default db type to InnoDB
sudo bash -c "source $TOP_DIR/functions && \
iniset $MY_CONF mysqld bind-address 0.0.0.0 && \
+ iniset $MY_CONF mysqld sql_mode STRICT_ALL_TABLES && \
iniset $MY_CONF mysqld default-storage-engine InnoDB"
diff --git a/lib/glance b/lib/glance
index 51e4399..4eb0ada 100644
--- a/lib/glance
+++ b/lib/glance
@@ -89,9 +89,7 @@
iniset $GLANCE_REGISTRY_CONF DEFAULT sql_connection $dburl
iniset $GLANCE_REGISTRY_CONF DEFAULT use_syslog $SYSLOG
iniset $GLANCE_REGISTRY_CONF paste_deploy flavor keystone
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $GLANCE_REGISTRY_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $GLANCE_REGISTRY_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
configure_API_version $GLANCE_REGISTRY_CONF $IDENTITY_API_VERSION
iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
@@ -107,9 +105,7 @@
iniset $GLANCE_API_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
iniset $GLANCE_API_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/
iniset $GLANCE_API_CONF paste_deploy flavor keystone+cachemanagement
- iniset $GLANCE_API_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $GLANCE_API_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $GLANCE_API_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $GLANCE_API_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $GLANCE_API_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
configure_API_version $GLANCE_API_CONF $IDENTITY_API_VERSION
iniset $GLANCE_API_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
@@ -128,7 +124,7 @@
# Store the images in swift if enabled.
if is_service_enabled s-proxy; then
iniset $GLANCE_API_CONF DEFAULT default_store swift
- iniset $GLANCE_API_CONF DEFAULT swift_store_auth_address $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/
+ iniset $GLANCE_API_CONF DEFAULT swift_store_auth_address $KEYSTONE_SERVICE_URI/v2.0/
iniset $GLANCE_API_CONF DEFAULT swift_store_user $SERVICE_TENANT_NAME:glance-swift
iniset $GLANCE_API_CONF DEFAULT swift_store_key $SERVICE_PASSWORD
iniset $GLANCE_API_CONF DEFAULT swift_store_create_container_on_put True
@@ -147,7 +143,7 @@
iniset $GLANCE_CACHE_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
iniset $GLANCE_CACHE_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_url
- iniset $GLANCE_CACHE_CONF DEFAULT auth_url $KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0
+ iniset $GLANCE_CACHE_CONF DEFAULT auth_url $KEYSTONE_AUTH_URI/v2.0
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_tenant_name
iniset $GLANCE_CACHE_CONF DEFAULT admin_tenant_name $SERVICE_TENANT_NAME
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_user
diff --git a/lib/heat b/lib/heat
index fe75ec9..e27943a 100644
--- a/lib/heat
+++ b/lib/heat
@@ -107,9 +107,7 @@
fi
# keystone authtoken
- iniset $HEAT_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $HEAT_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $HEAT_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $HEAT_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
configure_API_version $HEAT_CONF $IDENTITY_API_VERSION
iniset $HEAT_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
@@ -118,7 +116,7 @@
iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR
# ec2authtoken
- iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
+ iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0
# paste_deploy
[[ "$HEAT_STANDALONE" = "True" ]] && iniset $HEAT_CONF paste_deploy flavor standalone
@@ -269,7 +267,7 @@
if [[ "$HEAT_STACK_DOMAIN" == "True" ]]; then
# Note we have to pass token/endpoint here because the current endpoint and
# version negotiation in OSC means just --os-identity-api-version=3 won't work
- KS_ENDPOINT_V3="$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v3"
+ KS_ENDPOINT_V3="$KEYSTONE_SERVICE_URI/v3"
D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KS_ENDPOINT_V3 \
--os-identity-api-version=3 domain create heat \
--description "Owns users and projects created by heat" \
diff --git a/lib/ironic b/lib/ironic
index 0656980..d53e1ad 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -162,11 +162,9 @@
function configure_ironic_api {
iniset $IRONIC_CONF_FILE DEFAULT auth_strategy keystone
iniset $IRONIC_CONF_FILE DEFAULT policy_file $IRONIC_POLICY_JSON
- iniset $IRONIC_CONF_FILE keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $IRONIC_CONF_FILE keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $IRONIC_CONF_FILE keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $IRONIC_CONF_FILE keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $IRONIC_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
- iniset $IRONIC_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
+ iniset $IRONIC_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI
iniset $IRONIC_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $IRONIC_CONF_FILE keystone_authtoken admin_user ironic
iniset $IRONIC_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
diff --git a/lib/keystone b/lib/keystone
index 6b8863e..849ea75 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -55,7 +55,7 @@
KEYSTONE_ASSIGNMENT_BACKEND=${KEYSTONE_ASSIGNMENT_BACKEND:-sql}
# Select Keystone's token format
-# Choose from 'UUID' and 'PKI'
+# Choose from 'UUID', 'PKI', or 'PKIZ'
KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-PKI}
# Set Keystone interface configuration
@@ -87,6 +87,10 @@
KEYSTONE_SERVICE_PROTOCOL="https"
fi
+# complete URIs
+KEYSTONE_AUTH_URI=${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_AUTH_HOST}:${KEYSTONE_AUTH_PORT}
+KEYSTONE_SERVICE_URI=${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}
+
# Functions
# ---------
# cleanup_keystone() - Remove residual data files, anything left over from previous
@@ -202,6 +206,8 @@
if [[ "$KEYSTONE_TOKEN_FORMAT" = "UUID" ]]; then
iniset $KEYSTONE_CONF token provider keystone.token.providers.uuid.Provider
+ elif [[ "$KEYSTONE_TOKEN_FORMAT" = "PKIZ" ]]; then
+ iniset $KEYSTONE_CONF token provider keystone.token.providers.pkiz.Provider
fi
iniset $KEYSTONE_CONF database connection `database_connection_url keystone`
@@ -382,7 +388,7 @@
# Initialize keystone database
$KEYSTONE_DIR/bin/keystone-manage db_sync
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
+ if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" || "$KEYSTONE_TOKEN_FORMAT" == "PKIZ" ]]; then
# Set up certificates
rm -rf $KEYSTONE_CONF_DIR/ssl
$KEYSTONE_DIR/bin/keystone-manage pki_setup
diff --git a/lib/neutron b/lib/neutron
index e918286..6c0ca06 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -726,7 +726,7 @@
iniset $Q_META_CONF_FILE DEFAULT nova_metadata_ip $Q_META_DATA_IP
iniset $Q_META_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND"
- _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True True True
+ _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True True
}
@@ -868,18 +868,9 @@
local section=$2
local use_auth_url=$3
local skip_auth_cache=$4
- local use_service_port=$5
- local keystone_port=$KEYSTONE_AUTH_PORT
- if [[ -n $use_service_port ]]; then
- keystone_port=$KEYSTONE_SERVICE_PORT
- fi
- if [[ -n $use_auth_url ]]; then
- iniset $conf_file $section auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_AUTH_HOST:$keystone_port/v2.0"
- else
- iniset $conf_file $section auth_host $KEYSTONE_SERVICE_HOST
- iniset $conf_file $section auth_port $keystone_port
- iniset $conf_file $section auth_protocol $KEYSTONE_SERVICE_PROTOCOL
- fi
+
+ iniset $conf_file $section auth_uri $KEYSTONE_SERVICE_URI
+ iniset $conf_file $section identity_uri $KEYSTONE_AUTH_URI
iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME
iniset $conf_file $section admin_user $Q_ADMIN_USERNAME
iniset $conf_file $section admin_password $SERVICE_PASSWORD
diff --git a/lib/nova b/lib/nova
index 76929b1..9dd6bb0 100644
--- a/lib/nova
+++ b/lib/nova
@@ -456,9 +456,7 @@
# Add keystone authtoken configuration
- iniset $NOVA_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $NOVA_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $NOVA_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $NOVA_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $NOVA_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $NOVA_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
iniset $NOVA_CONF keystone_authtoken admin_user nova
diff --git a/lib/nova_plugins/hypervisor-ironic b/lib/nova_plugins/hypervisor-ironic
index e72f7c1..c068c74 100644
--- a/lib/nova_plugins/hypervisor-ironic
+++ b/lib/nova_plugins/hypervisor-ironic
@@ -48,7 +48,7 @@
# ironic section
iniset $NOVA_CONF ironic admin_username admin
iniset $NOVA_CONF ironic admin_password $ADMIN_PASSWORD
- iniset $NOVA_CONF ironic admin_url $KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0
+ iniset $NOVA_CONF ironic admin_url $KEYSTONE_AUTH_URI/v2.0
iniset $NOVA_CONF ironic admin_tenant_name demo
iniset $NOVA_CONF ironic api_endpoint http://$SERVICE_HOST:6385/v1
iniset $NOVA_CONF ironic sql_connection `database_connection_url nova_bm`
diff --git a/lib/nova_plugins/hypervisor-xenserver b/lib/nova_plugins/hypervisor-xenserver
index c37969b..0dba471 100644
--- a/lib/nova_plugins/hypervisor-xenserver
+++ b/lib/nova_plugins/hypervisor-xenserver
@@ -49,9 +49,9 @@
fi
read_password XENAPI_PASSWORD "ENTER A PASSWORD TO USE FOR XEN."
iniset $NOVA_CONF DEFAULT compute_driver "xenapi.XenAPIDriver"
- iniset $NOVA_CONF DEFAULT xenapi_connection_url "$XENAPI_CONNECTION_URL"
- iniset $NOVA_CONF DEFAULT xenapi_connection_username "$XENAPI_USER"
- iniset $NOVA_CONF DEFAULT xenapi_connection_password "$XENAPI_PASSWORD"
+ iniset $NOVA_CONF xenserver connection_url "$XENAPI_CONNECTION_URL"
+ iniset $NOVA_CONF xenserver connection_username "$XENAPI_USER"
+ iniset $NOVA_CONF xenserver connection_password "$XENAPI_PASSWORD"
iniset $NOVA_CONF DEFAULT flat_injected "False"
# Need to avoid crash due to new firewall support
XEN_FIREWALL_DRIVER=${XEN_FIREWALL_DRIVER:-"nova.virt.firewall.IptablesFirewallDriver"}
diff --git a/lib/tempest b/lib/tempest
index af32a9d..6bb6109 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -316,10 +316,10 @@
if [[ ! -z "$HEAT_CFN_IMAGE_URL" ]]; then
iniset $TEMPEST_CONFIG orchestration image_ref $(basename "$HEAT_CFN_IMAGE_URL" ".qcow2")
fi
- # build a specialized heat flavor that is likely to be fast
+ # build a specialized heat flavor
available_flavors=$(nova flavor-list)
if [[ ! ( $available_flavors =~ 'm1.heat' ) ]]; then
- nova flavor-create m1.heat 451 1024 0 2
+ nova flavor-create m1.heat 451 512 0 1
fi
iniset $TEMPEST_CONFIG orchestration instance_type "m1.heat"
iniset $TEMPEST_CONFIG orchestration build_timeout 900
diff --git a/lib/trove b/lib/trove
index 82c8c96..e467c90 100644
--- a/lib/trove
+++ b/lib/trove
@@ -133,9 +133,8 @@
# Copy api-paste file over to the trove conf dir and configure it
cp $TROVE_LOCAL_CONF_DIR/api-paste.ini $TROVE_CONF_DIR/api-paste.ini
TROVE_API_PASTE_INI=$TROVE_CONF_DIR/api-paste.ini
- iniset $TROVE_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $TROVE_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $TROVE_API_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
+
+ iniset $TROVE_API_PASTE_INI filter:authtoken identity_uri $KEYSTONE_AUTH_URI
iniset $TROVE_API_PASTE_INI filter:authtoken cafile $KEYSTONE_SSL_CA
iniset $TROVE_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $TROVE_API_PASTE_INI filter:authtoken admin_user trove
@@ -158,7 +157,7 @@
# (Re)create trove taskmanager conf file if needed
if is_service_enabled tr-tmgr; then
- TROVE_AUTH_ENDPOINT=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT//v$IDENTITY_API_VERSION
+ TROVE_AUTH_ENDPOINT=$KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION
iniset $TROVE_CONF_DIR/trove-taskmanager.conf DEFAULT rabbit_password $RABBIT_PASSWORD
iniset $TROVE_CONF_DIR/trove-taskmanager.conf DEFAULT sql_connection `database_connection_url trove`
diff --git a/stack.sh b/stack.sh
index d2f18d4..68ae1e4 100755
--- a/stack.sh
+++ b/stack.sh
@@ -548,25 +548,14 @@
exec 3>&1
if [[ "$VERBOSE" == "True" ]]; then
# Set fd 1 and 2 to write the log file
- exec 1> >( awk -v logfile=${LOGFILE} '
- /((set \+o$)|xtrace)/ { next }
- {
- cmd ="date +\"%Y-%m-%d %H:%M:%S.%3N | \""
- cmd | getline now
- close("date +\"%Y-%m-%d %H:%M:%S.%3N | \"")
- sub(/^/, now)
- print > logfile
- fflush(logfile)
- print
- fflush("")
- }' ) 2>&1
+ exec 1> >( ./tools/outfilter.py -v -o "${LOGFILE}" ) 2>&1
# Set fd 6 to summary log file
- exec 6> >( tee "${SUMFILE}" )
+ exec 6> >( ./tools/outfilter.py -o "${SUMFILE}" )
else
# Set fd 1 and 2 to primary logfile
- exec 1> "${LOGFILE}" 2>&1
+ exec 1> >( ./tools/outfilter.py -o "${LOGFILE}" ) 2>&1
# Set fd 6 to summary logfile and stdout
- exec 6> >( tee "${SUMFILE}" >&3 )
+ exec 6> >( ./tools/outfilter.py -v -o "${SUMFILE}" >&3 )
fi
echo_summary "stack.sh log $LOGFILE"
@@ -583,7 +572,7 @@
exec 1>/dev/null 2>&1
fi
# Always send summary fd to original stdout
- exec 6>&3
+ exec 6> >( ./tools/outfilter.py -v >&3 )
fi
# Set up logging of screen windows
@@ -924,7 +913,7 @@
start_keystone
# Set up a temporary admin URI for Keystone
- SERVICE_ENDPOINT=$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0
+ SERVICE_ENDPOINT=$KEYSTONE_AUTH_URI/v2.0
if is_service_enabled tls-proxy; then
export OS_CACERT=$INT_CA_DIR/ca-chain.pem
@@ -1357,7 +1346,7 @@
# If Keystone is present you can point ``nova`` cli to this server
if is_service_enabled key; then
- echo "Keystone is serving at $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/"
+ echo "Keystone is serving at $KEYSTONE_SERVICE_URI/v2.0/"
echo "Examples on using novaclient command line is in exercise.sh"
echo "The default users are: admin and demo"
echo "The password: $ADMIN_PASSWORD"
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index a410543..f1dc76a 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -35,6 +35,30 @@
FILES=$TOP_DIR/files
+# Keystone Port Reservation
+# -------------------------
+# Reserve and prevent $KEYSTONE_AUTH_PORT and $KEYSTONE_AUTH_PORT_INT from
+# being used as ephemeral ports by the system. The default(s) are 35357 and
+# 35358 which are in the Linux defined ephemeral port range (in disagreement
+# with the IANA ephemeral port range). This is a workaround for bug #1253482
+# where Keystone will try and bind to the port and the port will already be
+# in use as an ephemeral port by another process. This places an explicit
+# exception into the Kernel for the Keystone AUTH ports.
+keystone_ports=${KEYSTONE_AUTH_PORT:-35357},${KEYSTONE_AUTH_PORT_INT:-35358}
+
+# Get any currently reserved ports, strip off leading whitespace
+reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
+
+if [[ -z "${reserved_ports}" ]]; then
+ # If there are no currently reserved ports, reserve the keystone ports
+ sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports}
+else
+ # If there are currently reserved ports, keep those and also reserve the
+ # keystone specific ports. Duplicate reservations are merged into a single
+ # reservation (or range) automatically by the kernel.
+ sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports},${reserved_ports}
+fi
+
# Python Packages
# ---------------
diff --git a/tools/outfilter.py b/tools/outfilter.py
new file mode 100755
index 0000000..9686a38
--- /dev/null
+++ b/tools/outfilter.py
@@ -0,0 +1,87 @@
+#!/usr/bin/env python
+#
+# Copyright 2014 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# This is an output filter to filter and timestamp the logs from grenade and
+# devstack. Largely our awk filters got beyond the complexity level which were
+# sustainable, so this provides us much more control in a single place.
+#
+# The overhead of running python should be less than execing `date` a million
+# times during a run.
+
+import argparse
+import datetime
+import re
+import sys
+
+IGNORE_LINES = re.compile('(set \+o|xtrace)')
+HAS_DATE = re.compile('^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}.\d{3} \|')
+
+
+def get_options():
+ parser = argparse.ArgumentParser(
+ description='Filter output by devstack and friends')
+ parser.add_argument('-o', '--outfile',
+ help='Output file for content',
+ default=None)
+ parser.add_argument('-v', '--verbose', action='store_true',
+ default=False)
+ return parser.parse_args()
+
+
+def skip_line(line):
+ """Should we skip this line."""
+ return IGNORE_LINES.search(line) is not None
+
+
+def main():
+ opts = get_options()
+ outfile = None
+ if opts.outfile:
+ outfile = open(opts.outfile, 'a', 0)
+
+ # otherwise fileinput reprocess args as files
+ sys.argv = []
+ while True:
+ line = sys.stdin.readline()
+ if not line:
+ return 0
+
+ # put skip lines here
+ if skip_line(line):
+ continue
+
+ # this prevents us from nesting date lines, because
+ # we'd like to pull this in directly in grenade and not double
+ # up on devstack lines
+ if HAS_DATE.search(line) is None:
+ now = datetime.datetime.utcnow()
+ line = ("%s | %s" % (
+ now.strftime("%Y-%m-%d %H:%M:%S.%f")[:-3],
+ line))
+
+ if opts.verbose:
+ sys.stdout.write(line)
+ sys.stdout.flush()
+ if outfile:
+ outfile.write(line)
+ outfile.flush()
+
+
+if __name__ == '__main__':
+ try:
+ sys.exit(main())
+ except KeyboardInterrupt:
+ sys.exit(1)