Merge "Add a target for, and link to, minimal config docs"
diff --git a/files/debs/swift b/files/debs/swift
index b32b439..0089d27 100644
--- a/files/debs/swift
+++ b/files/debs/swift
@@ -1,4 +1,5 @@
curl
+make
memcached
# NOTE python-nose only exists because of swift functional job, we should probably
# figure out a more consistent way of installing this from test-requirements.txt instead
diff --git a/files/rpms/general b/files/rpms/general
index bc0d6c7..e17d6d6 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -28,3 +28,4 @@
net-tools
java-1.7.0-openjdk-headless # NOPRIME rhel7,f20
java-1.8.0-openjdk-headless # NOPRIME f21,f22
+pyOpenSSL # version in pip uses too much memory
diff --git a/functions-common b/functions-common
index f1aca29..f442211 100644
--- a/functions-common
+++ b/functions-common
@@ -62,6 +62,9 @@
$xtrace
}
+function isset {
+ [[ -v "$1" ]]
+}
# Control Functions
# =================
@@ -765,6 +768,27 @@
echo $user_role_id
}
+# Gets or adds group role to project
+# Usage: get_or_add_group_project_role <role> <group> <project>
+function get_or_add_group_project_role {
+ # Gets group role id
+ local group_role_id=$(openstack role list \
+ --group $2 \
+ --project $3 \
+ --column "ID" \
+ --column "Name" \
+ | grep " $1 " | get_field 1)
+ if [[ -z "$group_role_id" ]]; then
+ # Adds role to group
+ group_role_id=$(openstack role add \
+ $1 \
+ --group $2 \
+ --project $3 \
+ | grep " id " | get_field 2)
+ fi
+ echo $group_role_id
+}
+
# Gets or creates service
# Usage: get_or_create_service <name> <type> <description>
function get_or_create_service {
diff --git a/inc/ini-config b/inc/ini-config
index 0d6d169..26401f3 100644
--- a/inc/ini-config
+++ b/inc/ini-config
@@ -205,16 +205,6 @@
$xtrace
}
-function isset {
- nounset=$(set +o | grep nounset)
- set +o nounset
- [[ -n "${!1+x}" ]]
- result=$?
- $nounset
- return $result
-}
-
-
# Restore xtrace
$INC_CONF_TRACE
diff --git a/lib/glance b/lib/glance
old mode 100755
new mode 100644
diff --git a/lib/heat b/lib/heat
index 0930776..5cb0dbf 100644
--- a/lib/heat
+++ b/lib/heat
@@ -335,6 +335,7 @@
" -i $heat_pip_repo_apache_conf
enable_apache_site heat_pip_repo
restart_apache_server
+ sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $HEAT_PIP_REPO_PORT -j ACCEPT || true
}
# Restore xtrace
diff --git a/lib/ironic b/lib/ironic
index fcf1a54..c8481ab 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -370,6 +370,7 @@
iniset $IRONIC_CONF_FILE glance swift_container glance
iniset $IRONIC_CONF_FILE glance swift_temp_url_duration 3600
iniset $IRONIC_CONF_FILE agent heartbeat_timeout 30
+ iniset $IRONIC_CONF_FILE agent agent_erase_devices_priority 0
fi
if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
diff --git a/lib/keystone b/lib/keystone
index 1e39ab6..7b41812 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -366,6 +366,12 @@
# demo demo Member, anotherrole
# invisible_to_admin demo Member
+# Group Users Roles Tenant
+# ------------------------------------------------------------------
+# admins admin admin admin
+# nonadmin demo Member, anotherrole demo
+
+
# Migrated from keystone_data.sh
function create_keystone_accounts {
@@ -407,8 +413,14 @@
get_or_add_user_project_role $another_role $demo_user $demo_tenant
get_or_add_user_project_role $member_role $demo_user $invis_tenant
- get_or_create_group "developers" "default" "openstack developers"
- get_or_create_group "testers" "default"
+ local admin_group=$(get_or_create_group "admins" \
+ "default" "openstack admin group")
+ local non_admin_group=$(get_or_create_group "nonadmins" \
+ "default" "non-admin group")
+
+ get_or_add_group_project_role $member_role $non_admin_group $demo_tenant
+ get_or_add_group_project_role $another_role $non_admin_group $demo_tenant
+ get_or_add_group_project_role $admin_role $admin_group $admin_tenant
# Keystone
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
diff --git a/lib/neutron b/lib/neutron
deleted file mode 120000
index 00cd722..0000000
--- a/lib/neutron
+++ /dev/null
@@ -1 +0,0 @@
-neutron-legacy
\ No newline at end of file
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
old mode 100755
new mode 100644
index d3dd8dd..c6d9296
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -801,7 +801,7 @@
fi
if [[ "$add_ovs_port" == "True" ]]; then
- ADD_OVS_PORT="sudo ovs-vsctl add-port $to_intf $from_intf"
+ ADD_OVS_PORT="sudo ovs-vsctl --may-exist add-port $to_intf $from_intf"
fi
sudo ip addr del $IP_BRD dev $from_intf; sudo ip addr add $IP_BRD dev $to_intf; $ADD_OVS_PORT; $ADD_DEFAULT_ROUTE
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 60707cf..1a8e0e4 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -14,8 +14,11 @@
# Defaults
# --------
-# if we should turn on massive libvirt debugging
-DEBUG_LIBVIRT=$(trueorfalse False DEBUG_LIBVIRT)
+# Turn on selective debug log filters for libvirt.
+# (NOTE: Enabling this by default, because the log filters enabled in
+# 'configure_libvirt' function further below are _selective_ and not
+# extremely verbose.)
+DEBUG_LIBVIRT=$(trueorfalse True DEBUG_LIBVIRT)
# Installs required distro-specific libvirt packages.
function install_libvirt {
@@ -24,13 +27,13 @@
install_package libvirt-bin libvirt-dev
pip_install libvirt-python
install_package libguestfs0
- #install_package python-guestfs
+ install_package python-guestfs
#pip_install <there-si-no-guestfs-in-pypi>
elif is_fedora || is_suse; then
install_package kvm
install_package libvirt libvirt-devel
pip_install libvirt-python
- #install_package python-libguestfs
+ install_package python-libguestfs
fi
# Restart firewalld after install of libvirt to avoid a problem
@@ -99,9 +102,9 @@
# source file paths, not relative paths. This screws with the matching
# of '1:libvirt' making everything turn on. So use libvirt.c for now.
# This will have to be re-visited when Ubuntu ships libvirt >= 1.2.3
- local log_filters="1:libvirt.c 1:qemu 1:conf 1:security 3:object 3:event 3:json 3:file 1:util"
+ local log_filters="1:libvirt.c 1:qemu 1:conf 1:security 3:object 3:event 3:json 3:file 1:util 1:qemu_monitor"
else
- local log_filters="1:libvirt 1:qemu 1:conf 1:security 3:object 3:event 3:json 3:file 1:util"
+ local log_filters="1:libvirt 1:qemu 1:conf 1:security 3:object 3:event 3:json 3:file 1:util 1:qemu_monitor"
fi
local log_outputs="1:file:/var/log/libvirt/libvirtd.log"
if ! grep -q "log_filters=\"$log_filters\"" /etc/libvirt/libvirtd.conf; then
diff --git a/lib/tempest b/lib/tempest
index b3a4c7b..331a56b 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -331,6 +331,7 @@
iniset $TEMPEST_CONFIG compute flavor_ref $flavor_ref
iniset $TEMPEST_CONFIG compute flavor_ref_alt $flavor_ref_alt
iniset $TEMPEST_CONFIG compute ssh_connect_method $ssh_connect_method
+ iniset $TEMPEST_CONFIG compute fixed_network_name $PRIVATE_NETWORK_NAME
# Compute Features
# Run ``verify_tempest_config -ur`` to retrieve enabled extensions on API endpoints
@@ -400,10 +401,12 @@
fi
# Scenario
- iniset $TEMPEST_CONFIG scenario img_dir "$FILES/images/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec"
+ SCENARIO_IMAGE_DIR=${SCENARIO_IMAGE_DIR:-$FILES/images/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec}
+ iniset $TEMPEST_CONFIG scenario img_dir $SCENARIO_IMAGE_DIR
iniset $TEMPEST_CONFIG scenario ami_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-blank.img"
iniset $TEMPEST_CONFIG scenario ari_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-initrd"
iniset $TEMPEST_CONFIG scenario aki_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-vmlinuz"
+ iniset $TEMPEST_CONFIG scenario img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img"
# Large Ops Number
iniset $TEMPEST_CONFIG scenario large_ops_number ${TEMPEST_LARGE_OPS_NUMBER:-0}
@@ -468,6 +471,7 @@
# Baremetal
if [ "$VIRT_DRIVER" = "ironic" ] ; then
iniset $TEMPEST_CONFIG baremetal driver_enabled True
+ iniset $TEMPEST_CONFIG baremetal unprovision_timeout 300
iniset $TEMPEST_CONFIG compute-feature-enabled change_password False
iniset $TEMPEST_CONFIG compute-feature-enabled console_output False
iniset $TEMPEST_CONFIG compute-feature-enabled interface_attach False
diff --git a/stack.sh b/stack.sh
index 8ab8234..adcaa21 100755
--- a/stack.sh
+++ b/stack.sh
@@ -1214,6 +1214,9 @@
elif is_service_enabled $DATABASE_BACKENDS && is_service_enabled n-net; then
NM_CONF=${NOVA_CONF}
if is_service_enabled n-cell; then
+ # Create a small network in the API cell
+ $NOVA_BIN_DIR/nova-manage --config-file $NM_CONF network create "$PRIVATE_NETWORK_NAME" $FIXED_RANGE 1 $FIXED_NETWORK_SIZE $NETWORK_CREATE_ARGS
+ # Everything else should go in the child cell
NM_CONF=${NOVA_CELLS_CONF}
fi
diff --git a/stackrc b/stackrc
index c27ead3..0d8f059 100644
--- a/stackrc
+++ b/stackrc
@@ -46,16 +46,18 @@
# This allows us to pass ``ENABLED_SERVICES``
if ! isset ENABLED_SERVICES ; then
- # Compute (Glance / Keystone / Nova (+ nova-network))
- ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-cond,n-sch,n-novnc,n-xvnc,n-cauth
+ # Keystone - nothing works without keystone
+ ENABLED_SERVICES=key
+ # Nova - services to support libvirt based openstack clouds
+ ENABLED_SERVICES=,n-api,n-cpu,n-net,n-cond,n-sch,n-novnc
+ # Glance services needed for Nova
+ ENABLED_SERVICES=,g-api,g-reg
# Cinder
ENABLED_SERVICES+=,c-sch,c-api,c-vol
- # Heat
- ENABLED_SERVICES+=,h-eng,h-api,h-api-cfn,h-api-cw
# Dashboard
ENABLED_SERVICES+=,horizon
# Additional services
- ENABLED_SERVICES+=,rabbit,tempest,mysql
+ ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat
fi
# SQLAlchemy supports multiple database drivers for each database server
diff --git a/tests/functions.sh b/tests/functions.sh
index 874d022..126080f 100755
--- a/tests/functions.sh
+++ b/tests/functions.sh
@@ -196,3 +196,20 @@
echo "is_package_installed() on deleted package failed"
fi
fi
+
+# test isset function
+echo "Testing isset()"
+you_should_not_have_this_variable=42
+
+if isset "you_should_not_have_this_variable"; then
+ echo "OK"
+else
+ echo "\"you_should_not_have_this_variable\" not declared. failed"
+fi
+
+unset you_should_not_have_this_variable
+if isset "you_should_not_have_this_variable"; then
+ echo "\"you_should_not_have_this_variable\" looks like declared variable. failed"
+else
+ echo "OK"
+fi