Merge "Fix stacking without preconfigured DATABASE_PASSWORD"
diff --git a/.zuul.yaml b/.zuul.yaml
index b5ab127..d76403a 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -107,6 +107,16 @@
- controller
- nodeset:
+ name: devstack-single-node-openeuler-20.03-sp2
+ nodes:
+ - name: controller
+ label: openEuler-20-03-LTS-SP2
+ groups:
+ - name: tempest
+ nodes:
+ - controller
+
+- nodeset:
name: openstack-two-node
nodes:
- name: controller
@@ -432,7 +442,7 @@
PUBLIC_BRIDGE_MTU: '{{ external_bridge_mtu }}'
devstack_services:
# Shared services
- dstat: true
+ dstat: false
etcd3: true
memory_tracker: true
mysql: true
@@ -441,7 +451,7 @@
subnode:
devstack_services:
# Shared services
- dstat: true
+ dstat: false
memory_tracker: true
devstack_localrc:
# Multinode specific settings
@@ -507,7 +517,7 @@
# Core services enabled for this branch.
# This list replaces the test-matrix.
# Shared services
- dstat: true
+ dstat: false
etcd3: true
memory_tracker: true
mysql: true
@@ -557,7 +567,7 @@
# Core services enabled for this branch.
# This list replaces the test-matrix.
# Shared services
- dstat: true
+ dstat: false
memory_tracker: true
tls-proxy: true
# Nova services
@@ -685,6 +695,20 @@
q-agt: true
- job:
+ name: devstack-platform-openEuler-20.03-SP2
+ parent: tempest-full-py3
+ description: openEuler 20.03 SP2 platform test
+ nodeset: devstack-single-node-openeuler-20.03-sp2
+ voting: false
+ timeout: 9000
+ vars:
+ configure_swap_size: 4096
+ devstack_localrc:
+ # NOTE(wxy): OVN package is not supported by openEuler yet. Build it
+ # from source instead.
+ OVN_BUILD_FROM_SOURCE: True
+
+- job:
name: devstack-no-tls-proxy
parent: tempest-full-py3
description: |
@@ -789,6 +813,7 @@
- devstack-platform-centos-8-stream
- devstack-platform-centos-9-stream
- devstack-platform-debian-bullseye
+ - devstack-platform-openEuler-20.03-SP2
- devstack-multinode
- devstack-unit-tests
- openstack-tox-bashate
diff --git a/doc/source/index.rst b/doc/source/index.rst
index 08ce4cb..feb50ce 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -38,7 +38,7 @@
Start with a clean and minimal install of a Linux system. DevStack
attempts to support the two latest LTS releases of Ubuntu, the
-latest/current Fedora version, CentOS/RHEL 8 and OpenSUSE.
+latest/current Fedora version, CentOS/RHEL 8, OpenSUSE and openEuler.
If you do not have a preference, Ubuntu 20.04 (Focal Fossa) is the
most tested, and will probably go the smoothest.
diff --git a/files/ldap/manager.ldif.in b/files/ldap/manager.ldif.in
index 2f1f139..d3b9be8 100644
--- a/files/ldap/manager.ldif.in
+++ b/files/ldap/manager.ldif.in
@@ -1,4 +1,4 @@
-dn: olcDatabase={${LDAP_OLCDB_NUMBER}}hdb,cn=config
+dn: olcDatabase={${LDAP_OLCDB_NUMBER}}${LDAP_OLCDB_TYPE},cn=config
changetype: modify
replace: olcSuffix
olcSuffix: ${BASE_DN}
diff --git a/files/rpms/ceph b/files/rpms/ceph
index 33a55f8..93b5746 100644
--- a/files/rpms/ceph
+++ b/files/rpms/ceph
@@ -1,3 +1,3 @@
ceph # NOPRIME
-redhat-lsb-core # not:rhel9
+redhat-lsb-core # not:rhel9,openEuler-20.03
xfsprogs
diff --git a/files/rpms/general b/files/rpms/general
index 33da0a5..163a7c8 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -16,6 +16,7 @@
libxml2-devel # lxml
libxslt-devel # lxml
libyaml-devel
+make # dist:openEuler-20.03
net-tools
openssh-server
openssl
@@ -27,7 +28,8 @@
python3-devel
python3-pip
python3-systemd
-redhat-rpm-config # missing dep for gcc hardening flags, see rhbz#1217376
+redhat-rpm-config # not:openEuler-20.03 missing dep for gcc hardening flags, see rhbz#1217376
+systemd-devel # dist:openEuler-20.03
tar
tcpdump
unzip
diff --git a/files/rpms/nova b/files/rpms/nova
index 9522e57..9e8621c 100644
--- a/files/rpms/nova
+++ b/files/rpms/nova
@@ -6,7 +6,7 @@
genisoimage # not:rhel9 required for config_drive
iptables
iputils
-kernel-modules
+kernel-modules # not:openEuler-20.03
kpartx
parted
polkit
diff --git a/files/rpms/swift b/files/rpms/swift
index b6009a3..faf0a31 100644
--- a/files/rpms/swift
+++ b/files/rpms/swift
@@ -1,5 +1,5 @@
curl
-liberasurecode-devel
+liberasurecode-devel # not:openEuler-20.03
memcached
rsync-daemon
sqlite
diff --git a/functions-common b/functions-common
index 80f4355..e593328 100644
--- a/functions-common
+++ b/functions-common
@@ -388,7 +388,7 @@
elif [[ -x $(command -v zypper 2>/dev/null) ]]; then
sudo zypper -n install lsb-release
elif [[ -x $(command -v dnf 2>/dev/null) ]]; then
- sudo dnf install -y redhat-lsb-core
+ sudo dnf install -y redhat-lsb-core || sudo dnf install -y openeuler-lsb
else
die $LINENO "Unable to find or auto-install lsb_release"
fi
@@ -459,6 +459,10 @@
# Drop the . release as we assume it's compatible
# XXX re-evaluate when we get RHEL10
DISTRO="rhel${os_RELEASE::1}"
+ elif [[ "$os_VENDOR" =~ (openEuler) ]]; then
+ # The DISTRO here is `openEuler-20.03`. While, actually only openEuler
+ # 20.03 LTS SP2 is fully tested. Other SP version maybe have bugs.
+ DISTRO="openEuler-$os_RELEASE"
else
# We can't make a good choice here. Setting a sensible DISTRO
# is part of the problem, but not the major issue -- we really
@@ -510,6 +514,7 @@
fi
[ "$os_VENDOR" = "Fedora" ] || [ "$os_VENDOR" = "Red Hat" ] || \
+ [ "$os_VENDOR" = "openEuler" ] || \
[ "$os_VENDOR" = "RedHatEnterpriseServer" ] || \
[ "$os_VENDOR" = "RedHatEnterprise" ] || \
[ "$os_VENDOR" = "CentOS" ] || [ "$os_VENDOR" = "CentOSStream" ] || \
@@ -558,7 +563,12 @@
[ "$os_PACKAGE" = "deb" ]
}
-
+function is_openeuler {
+ if [[ -z "$os_PACKAGE" ]]; then
+ GetOSVersion
+ fi
+ [ "$os_VENDOR" = "openEuler" ]
+}
# Git Functions
# =============
diff --git a/lib/apache b/lib/apache
index 4bea07d..cbe61ad 100644
--- a/lib/apache
+++ b/lib/apache
@@ -82,19 +82,10 @@
apxs="apxs"
fi
- # This varies based on packaged/installed. If we've
- # pip_installed, then the pip setup will only build a "python"
- # module that will be either python2 or python3 depending on what
- # it was built with.
- #
- # For package installs, the distro ships both plugins and you need
- # to select the right one ... it will not be autodetected.
- UWSGI_PYTHON_PLUGIN=python3
-
if is_ubuntu; then
local pkg_list="uwsgi uwsgi-plugin-python3 libapache2-mod-proxy-uwsgi"
install_package ${pkg_list}
- elif is_fedora; then
+ elif is_fedora && ! is_openeuler; then
# Note httpd comes with mod_proxy_uwsgi and it is loaded by
# default; the mod_proxy_uwsgi package actually conflicts now.
# See:
@@ -122,7 +113,6 @@
popd
# delete the temp directory
sudo rm -rf $dir
- UWSGI_PYTHON_PLUGIN=python
fi
if is_ubuntu || is_suse ; then
@@ -283,7 +273,7 @@
# configured after graceful shutdown
iniset "$file" uwsgi worker-reload-mercy $WORKER_TIMEOUT
iniset "$file" uwsgi enable-threads true
- iniset "$file" uwsgi plugins http,${UWSGI_PYTHON_PLUGIN}
+ iniset "$file" uwsgi plugins http,python3
# uwsgi recommends this to prevent thundering herd on accept.
iniset "$file" uwsgi thunder-lock true
# Set hook to trigger graceful shutdown on SIGTERM
@@ -336,7 +326,7 @@
iniset "$file" uwsgi die-on-term true
iniset "$file" uwsgi exit-on-reload false
iniset "$file" uwsgi enable-threads true
- iniset "$file" uwsgi plugins http,${UWSGI_PYTHON_PLUGIN}
+ iniset "$file" uwsgi plugins http,python3
# uwsgi recommends this to prevent thundering herd on accept.
iniset "$file" uwsgi thunder-lock true
# Set hook to trigger graceful shutdown on SIGTERM
diff --git a/lib/cinder_backups/swift b/lib/cinder_backups/swift
index d7c977e..c7ec306 100644
--- a/lib/cinder_backups/swift
+++ b/lib/cinder_backups/swift
@@ -24,6 +24,9 @@
# to use it.
iniset $CINDER_CONF DEFAULT backup_driver "cinder.backup.drivers.swift.SwiftBackupDriver"
iniset $CINDER_CONF DEFAULT backup_swift_url "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_"
+ if is_service_enabled tls-proxy; then
+ iniset $CINDER_CONF DEFAULT backup_swift_ca_cert_file $SSL_BUNDLE_FILE
+ fi
}
# init_cinder_backup_swift: nothing to do
diff --git a/lib/databases/postgresql b/lib/databases/postgresql
index 618834b..1f347f5 100644
--- a/lib/databases/postgresql
+++ b/lib/databases/postgresql
@@ -95,7 +95,6 @@
function install_database_postgresql {
echo_summary "Installing postgresql"
- deprecated "Use of postgresql in devstack is deprecated, and will be removed during the Pike cycle"
local pgpass=$HOME/.pgpass
if [[ ! -e $pgpass ]]; then
cat <<EOF > $pgpass
diff --git a/lib/ldap b/lib/ldap
index 5a53d0e..ea5faa1 100644
--- a/lib/ldap
+++ b/lib/ldap
@@ -33,14 +33,17 @@
if is_ubuntu; then
LDAP_OLCDB_NUMBER=1
+ LDAP_OLCDB_TYPE=mdb
LDAP_ROOTPW_COMMAND=replace
elif is_fedora; then
LDAP_OLCDB_NUMBER=2
+ LDAP_OLCDB_TYPE=hdb
LDAP_ROOTPW_COMMAND=add
elif is_suse; then
# SUSE has slappasswd in /usr/sbin/
PATH=$PATH:/usr/sbin/
LDAP_OLCDB_NUMBER=1
+ LDAP_OLCDB_TYPE=hdb
LDAP_ROOTPW_COMMAND=add
LDAP_SERVICE_NAME=ldap
fi
@@ -56,6 +59,7 @@
local slappass=$2
sed -e "
s|\${LDAP_OLCDB_NUMBER}|$LDAP_OLCDB_NUMBER|
+ s|\${LDAP_OLCDB_TYPE}|$LDAP_OLCDB_TYPE|
s|\${SLAPPASS}|$slappass|
s|\${LDAP_ROOTPW_COMMAND}|$LDAP_ROOTPW_COMMAND|
s|\${BASE_DC}|$LDAP_BASE_DC|
@@ -157,7 +161,7 @@
slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION
slapd slapd/domain string Users
slapd shared/organization string $LDAP_DOMAIN
- slapd slapd/backend string HDB
+ slapd slapd/backend string ${LDAP_OLCDB_TYPE^^}
slapd slapd/purge_database boolean true
slapd slapd/move_old_database boolean true
slapd slapd/allow_ldap_v2 boolean false
diff --git a/lib/libraries b/lib/libraries
index 67ff21f..9ea3230 100755
--- a/lib/libraries
+++ b/lib/libraries
@@ -38,6 +38,7 @@
GITDIR["oslo.context"]=$DEST/oslo.context
GITDIR["oslo.db"]=$DEST/oslo.db
GITDIR["oslo.i18n"]=$DEST/oslo.i18n
+GITDIR["oslo.limit"]=$DEST/oslo.limit
GITDIR["oslo.log"]=$DEST/oslo.log
GITDIR["oslo.messaging"]=$DEST/oslo.messaging
GITDIR["oslo.middleware"]=$DEST/oslo.middleware
@@ -102,6 +103,7 @@
_install_lib_from_source "oslo.context"
_install_lib_from_source "oslo.db"
_install_lib_from_source "oslo.i18n"
+ _install_lib_from_source "oslo.limit"
_install_lib_from_source "oslo.log"
_install_lib_from_source "oslo.messaging"
_install_lib_from_source "oslo.middleware"
diff --git a/lib/nova b/lib/nova
index 5fcccff..1420183 100644
--- a/lib/nova
+++ b/lib/nova
@@ -315,6 +315,10 @@
sudo systemctl daemon-reload
fi
+ # set chap algorithms. The default chap_algorithm is md5 which will
+ # not work under FIPS
+ iniset -sudo /etc/iscsi/iscsid.conf DEFAULT "node.session.auth.chap_algs" "SHA3-256,SHA256"
+
# ensure that iscsid is started, even when disabled by default
restart_service iscsid
fi
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 63882e0..3e7d280 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -90,7 +90,7 @@
install_package libvirt libvirt-devel python3-libvirt
if is_arch "aarch64"; then
- install_package edk2.git-aarch64
+ install_package edk2-aarch64
fi
fi
diff --git a/lib/tempest b/lib/tempest
index ab80217..bdbd3ca 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -119,7 +119,7 @@
local tmp_c
tmp_c=$1
if [[ $TEMPEST_VENV_UPPER_CONSTRAINTS == "master" ]]; then
- (cd $REQUIREMENTS_DIR && git show origin/master:upper-constraints.txt) > $tmp_c
+ (cd $REQUIREMENTS_DIR && git show master:upper-constraints.txt) > $tmp_c
else
echo "Using $TEMPEST_VENV_UPPER_CONSTRAINTS constraints in Tempest virtual env."
cat $TEMPEST_VENV_UPPER_CONSTRAINTS > $tmp_c
diff --git a/roles/apache-logs-conf/tasks/main.yaml b/roles/apache-logs-conf/tasks/main.yaml
index bd64574..6b7ea37 100644
--- a/roles/apache-logs-conf/tasks/main.yaml
+++ b/roles/apache-logs-conf/tasks/main.yaml
@@ -64,6 +64,7 @@
'Debian': '/etc/apache2/sites-enabled/'
'Suse': '/etc/apache2/conf.d/'
'RedHat': '/etc/httpd/conf.d/'
+ 'openEuler': '/etc/httpd/conf.d/'
- name: Discover configurations
find:
diff --git a/stack.sh b/stack.sh
index 6b5625e..0659212 100755
--- a/stack.sh
+++ b/stack.sh
@@ -227,7 +227,7 @@
# Warn users who aren't on an explicitly supported distro, but allow them to
# override check and attempt installation with ``FORCE=yes ./stack``
-SUPPORTED_DISTROS="bullseye|focal|f34|opensuse-15.2|opensuse-tumbleweed|rhel8|rhel9"
+SUPPORTED_DISTROS="bullseye|focal|f34|opensuse-15.2|opensuse-tumbleweed|rhel8|rhel9|openEuler-20.03"
if [[ ! ${DISTRO} =~ $SUPPORTED_DISTROS ]]; then
echo "WARNING: this script has not been tested on $DISTRO"
@@ -278,6 +278,12 @@
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
+# TODO(wxy): Currently some base packages are not installed by default in
+# openEuler. Remove the code below once the packaged are installed by default
+# in the future.
+if [[ $DISTRO == "openEuler-20.03" ]]; then
+ install_package hostname
+fi
# Configure Distro Repositories
# -----------------------------
diff --git a/stackrc b/stackrc
index 4fc09af..681e9de 100755
--- a/stackrc
+++ b/stackrc
@@ -403,6 +403,10 @@
GITREPO["oslo.i18n"]=${OSLOI18N_REPO:-${GIT_BASE}/openstack/oslo.i18n.git}
GITBRANCH["oslo.i18n"]=${OSLOI18N_BRANCH:-$TARGET_BRANCH}
+# oslo.limit
+GITREPO["oslo.limit"]=${OSLOLIMIT_REPO:-${GIT_BASE}/openstack/oslo.limit.git}
+GITBRANCH["oslo.limit"]=${OSLOLIMIT_BRANCH:-$TARGET_BRANCH}
+
# oslo.log
GITREPO["oslo.log"]=${OSLOLOG_REPO:-${GIT_BASE}/openstack/oslo.log.git}
GITBRANCH["oslo.log"]=${OSLOLOG_BRANCH:-$TARGET_BRANCH}
diff --git a/tests/test_libs_from_pypi.sh b/tests/test_libs_from_pypi.sh
index ce1b344..839e3a1 100755
--- a/tests/test_libs_from_pypi.sh
+++ b/tests/test_libs_from_pypi.sh
@@ -45,6 +45,7 @@
ALL_LIBS+=" keystoneauth ironic-lib neutron-lib oslo.privsep"
ALL_LIBS+=" diskimage-builder os-vif python-brick-cinderclient-ext"
ALL_LIBS+=" castellan python-barbicanclient ovsdbapp os-ken os-resource-classes"
+ALL_LIBS+=" oslo.limit"
# Generate the above list with
# echo ${!GITREPO[@]}
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index fe5dafa..750849d 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -148,8 +148,32 @@
sudo rm -rf /usr/lib/python3/dist-packages/simplejson-*.egg-info
}
+function fixup_openeuler {
+ if ! is_openeuler; then
+ return
+ fi
+
+ if is_arch "x86_64"; then
+ arch="x86_64"
+ elif is_arch "aarch64"; then
+ arch="aarch64"
+ fi
+
+ # Some packages' version in openEuler are too old, use the newer ones we
+ # provide in oepkg. (oepkg is an openEuler third part yum repo which is
+ # endorsed by openEuler community)
+ (echo '[openstack-ci]'
+ echo 'name=openstack'
+ echo 'baseurl=https://repo.oepkgs.net/openEuler/rpm/openEuler-20.03-LTS-SP2/budding-openeuler/openstack-master-ci/'$arch'/'
+ echo 'enabled=1'
+ echo 'gpgcheck=0') | sudo tee -a /etc/yum.repos.d/openstack-master.repo > /dev/null
+
+ yum_install liberasurecode-devel
+}
+
function fixup_all {
fixup_ubuntu
fixup_fedora
fixup_suse
+ fixup_openeuler
}