Merge "Don't hardcode glance protocol when finding trove guest image"
diff --git a/doc/source/guides/multinode-lab.rst b/doc/source/guides/multinode-lab.rst
index a63260f..0b1ebb9 100644
--- a/doc/source/guides/multinode-lab.rst
+++ b/doc/source/guides/multinode-lab.rst
@@ -167,6 +167,7 @@
::
+ [[local|localrc]]
HOST_IP=192.168.42.12 # change this per compute node
FLAT_INTERFACE=eth0
FIXED_RANGE=10.4.128.0/20
diff --git a/functions-common b/functions-common
index 48edba8..9f8476e 100644
--- a/functions-common
+++ b/functions-common
@@ -575,7 +575,7 @@
RECLONE=$(trueorfalse False $RECLONE)
- if [[ "$GIT_DEPTH" ]]; then
+ if [[ -n "${GIT_DEPTH}" ]]; then
git_clone_flags="$git_clone_flags --depth $GIT_DEPTH"
fi
@@ -993,6 +993,8 @@
local file_to_parse
local service
+ INSTALL_TESTONLY_PACKAGES=$(trueorfalse False $INSTALL_TESTONLY_PACKAGES)
+
if [[ -z "$package_dir" ]]; then
echo "No package directory supplied"
return 1
@@ -1599,6 +1601,7 @@
$cmd_pip install \
$pip_mirror_opt $@
+ INSTALL_TESTONLY_PACKAGES=$(trueorfalse False $INSTALL_TESTONLY_PACKAGES)
if [[ "$INSTALL_TESTONLY_PACKAGES" == "True" ]]; then
local test_req="$@/test-requirements.txt"
if [[ -e "$test_req" ]]; then
diff --git a/lib/ceilometer b/lib/ceilometer
index 9046b9d..483cd27 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -242,6 +242,18 @@
fi
}
+# install_redis() - Install the redis server.
+function install_redis {
+ if is_ubuntu; then
+ install_package redis-server
+ else
+ # This will fail (correctly) where a redis package is unavailable
+ install_package redis
+ fi
+
+ restart_service redis
+}
+
# install_ceilometer() - Collect source and prepare
function install_ceilometer {
git_clone $CEILOMETER_REPO $CEILOMETER_DIR $CEILOMETER_BRANCH
@@ -249,6 +261,8 @@
if echo $CEILOMETER_COORDINATION_URL | grep -q '^memcached:'; then
install_package memcached
+ elif echo $CEILOMETER_COORDINATION_URL | grep -q '^redis:'; then
+ install_redis
fi
}
diff --git a/lib/ironic b/lib/ironic
index 0a84e47..cf005a7 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -279,7 +279,7 @@
else
die $LINENO "SWIFT_ENABLE_TEMPURLS must be True to use agent_ssh driver in Ironic."
fi
- iniset $IRONIC_CONF_FILE glance swift_endpoint_url http://${HOST_IP}:8080
+ iniset $IRONIC_CONF_FILE glance swift_endpoint_url http://${HOST_IP}:${SWIFT_DEFAULT_BIND_PORT:-8080}
iniset $IRONIC_CONF_FILE glance swift_api_version v1
local tenant_id=$(get_or_create_project $SERVICE_TENANT_NAME)
iniset $IRONIC_CONF_FILE glance swift_account AUTH_${tenant_id}
@@ -523,7 +523,11 @@
sudo modprobe nf_nat_tftp
# nodes boot from TFTP and callback to the API server listening on $HOST_IP
sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true
- sudo iptables -I INPUT -d $HOST_IP -p tcp --dport 6385 -j ACCEPT || true
+ sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_HOSTPORT -j ACCEPT || true
+ if [ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]; then
+ # agent ramdisk gets instance image from swift
+ sudo iptables -I INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true
+ fi
}
function configure_tftpd {
@@ -678,6 +682,10 @@
restart_service xinetd
sudo iptables -D INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true
sudo iptables -D INPUT -d $HOST_IP -p tcp --dport 6385 -j ACCEPT || true
+ if [ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]; then
+ # agent ramdisk gets instance image from swift
+ sudo iptables -D INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true
+ fi
sudo rmmod nf_conntrack_tftp || true
sudo rmmod nf_nat_tftp || true
}
diff --git a/lib/sahara b/lib/sahara
index 7f59cc1..6d1bef5 100644
--- a/lib/sahara
+++ b/lib/sahara
@@ -108,6 +108,7 @@
# Create auth cache dir
sudo mkdir -p $SAHARA_AUTH_CACHE_DIR
sudo chown $STACK_USER $SAHARA_AUTH_CACHE_DIR
+ sudo chmod 700 $SAHARA_AUTH_CACHE_DIR
rm -rf $SAHARA_AUTH_CACHE_DIR/*
configure_auth_token_middleware $SAHARA_CONF_FILE sahara $SAHARA_AUTH_CACHE_DIR
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index 1732ecc..b8beb01 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -50,17 +50,24 @@
# exception into the Kernel for the Keystone AUTH ports.
keystone_ports=${KEYSTONE_AUTH_PORT:-35357},${KEYSTONE_AUTH_PORT_INT:-35358}
-# Get any currently reserved ports, strip off leading whitespace
-reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
+# only do the reserved ports when available, on some system (like containers)
+# where it's not exposed we are almost pretty sure these ports would be
+# exclusive for our devstack.
+if sysctl net.ipv4.ip_local_reserved_ports >/dev/null 2>&1; then
+ # Get any currently reserved ports, strip off leading whitespace
+ reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
-if [[ -z "${reserved_ports}" ]]; then
- # If there are no currently reserved ports, reserve the keystone ports
- sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports}
+ if [[ -z "${reserved_ports}" ]]; then
+ # If there are no currently reserved ports, reserve the keystone ports
+ sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports}
+ else
+ # If there are currently reserved ports, keep those and also reserve the
+ # keystone specific ports. Duplicate reservations are merged into a single
+ # reservation (or range) automatically by the kernel.
+ sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports},${reserved_ports}
+ fi
else
- # If there are currently reserved ports, keep those and also reserve the
- # keystone specific ports. Duplicate reservations are merged into a single
- # reservation (or range) automatically by the kernel.
- sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports},${reserved_ports}
+ echo_summary "WARNING: unable to reserve keystone ports"
fi