Merge "Drop Fedora support"
diff --git a/doc/source/guides/nova.rst b/doc/source/guides/nova.rst
index d0fb274..705d427 100644
--- a/doc/source/guides/nova.rst
+++ b/doc/source/guides/nova.rst
@@ -122,7 +122,7 @@
.. code-block:: shell
$ openstack --os-compute-api-version 2.37 server create --flavor cirros256 \
- --image cirros-0.6.1-x86_64-disk --nic none --wait test-server
+ --image cirros-0.6.2-x86_64-disk --nic none --wait test-server
.. note:: ``--os-compute-api-version`` greater than or equal to 2.37 is
required to use ``--nic=none``.
diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst
index b244ca5..f54fca9 100644
--- a/doc/source/plugin-registry.rst
+++ b/doc/source/plugin-registry.rst
@@ -70,7 +70,6 @@
openstack/networking-bgpvpn `https://opendev.org/openstack/networking-bgpvpn <https://opendev.org/openstack/networking-bgpvpn>`__
openstack/networking-generic-switch `https://opendev.org/openstack/networking-generic-switch <https://opendev.org/openstack/networking-generic-switch>`__
openstack/networking-hyperv `https://opendev.org/openstack/networking-hyperv <https://opendev.org/openstack/networking-hyperv>`__
-openstack/networking-odl `https://opendev.org/openstack/networking-odl <https://opendev.org/openstack/networking-odl>`__
openstack/networking-powervm `https://opendev.org/openstack/networking-powervm <https://opendev.org/openstack/networking-powervm>`__
openstack/networking-sfc `https://opendev.org/openstack/networking-sfc <https://opendev.org/openstack/networking-sfc>`__
openstack/neutron `https://opendev.org/openstack/neutron <https://opendev.org/openstack/neutron>`__
diff --git a/files/apache-keystone.template b/files/apache-keystone.template
index 1a353e5..d99e8e6 100644
--- a/files/apache-keystone.template
+++ b/files/apache-keystone.template
@@ -23,6 +23,7 @@
%SSLLISTEN% %SSLENGINE%
%SSLLISTEN% %SSLCERTFILE%
%SSLLISTEN% %SSLKEYFILE%
+%SSLLISTEN% SSLProtocol -all +TLSv1.3 +TLSv1.2
%SSLLISTEN%</VirtualHost>
Alias /identity %KEYSTONE_BIN%/keystone-wsgi-public
diff --git a/files/apache-neutron.template b/files/apache-neutron.template
index c7796b9..358e87f 100644
--- a/files/apache-neutron.template
+++ b/files/apache-neutron.template
@@ -24,6 +24,7 @@
%SSLLISTEN% %SSLENGINE%
%SSLLISTEN% %SSLCERTFILE%
%SSLLISTEN% %SSLKEYFILE%
+%SSLLISTEN% SSLProtocol -all +TLSv1.3 +TLSv1.2
%SSLLISTEN%</VirtualHost>
Alias /networking %NEUTRON_BIN%/neutron-api
diff --git a/files/dnsmasq-for-baremetal-from-nova-network.conf b/files/dnsmasq-for-baremetal-from-nova-network.conf
deleted file mode 100644
index 66a3751..0000000
--- a/files/dnsmasq-for-baremetal-from-nova-network.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-enable-tftp
-tftp-root=/tftpboot
-dhcp-boot=pxelinux.0
diff --git a/files/rpms/general b/files/rpms/general
index b6866de..8a5755c 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -6,9 +6,11 @@
gcc-c++
gettext # used for compiling message catalogs
git-core
+glibc-langpack-en # dist:rhel9
graphviz # needed only for docs
httpd
httpd-devel
+iptables-nft # dist:rhel9
iptables-services
java-1.8.0-openjdk-headless
libffi-devel
diff --git a/functions-common b/functions-common
index 63144d6..5e1aa34 100644
--- a/functions-common
+++ b/functions-common
@@ -412,9 +412,9 @@
# - os_VENDOR
# - os_PACKAGE
function GetOSVersion {
- # CentOS Stream 9 does not provide lsb_release
+ # CentOS Stream 9 and RHEL 9 do not provide lsb_release
source /etc/os-release
- if [[ "${ID}${VERSION}" == "centos9" ]]; then
+ if [[ "${ID}${VERSION}" == "centos9" ]] || [[ "${ID}${VERSION}" =~ "rhel9" ]]; then
os_RELEASE=${VERSION_ID}
os_CODENAME="n/a"
os_VENDOR=$(echo $NAME | tr -d '[:space:]')
@@ -520,6 +520,7 @@
[ "$os_VENDOR" = "openEuler" ] || \
[ "$os_VENDOR" = "RedHatEnterpriseServer" ] || \
[ "$os_VENDOR" = "RedHatEnterprise" ] || \
+ [ "$os_VENDOR" = "RedHatEnterpriseLinux" ] || \
[ "$os_VENDOR" = "Rocky" ] || \
[ "$os_VENDOR" = "CentOS" ] || [ "$os_VENDOR" = "CentOSStream" ] || \
[ "$os_VENDOR" = "AlmaLinux" ] || \
@@ -609,9 +610,10 @@
echo "the project to the \$PROJECTS variable in the job definition."
die $LINENO "ERROR_ON_CLONE is set to True so cloning not allowed in this configuration"
fi
- git_timed clone $git_clone_flags $git_remote $git_dest
+ git_timed clone --no-checkout $git_clone_flags $git_remote $git_dest
cd $git_dest
- git checkout $git_ref
+ git_timed fetch $git_clone_flags origin $git_ref
+ git_timed checkout FETCH_HEAD
elif [[ "$RECLONE" = "True" ]]; then
# if it does exist then simulate what clone does if asked to RECLONE
cd $git_dest
diff --git a/lib/apache b/lib/apache
index 4d68b49..76eae9c 100644
--- a/lib/apache
+++ b/lib/apache
@@ -137,6 +137,8 @@
elif is_fedora; then
sudo rm -f /etc/httpd/conf.d/000-*
install_package httpd python3-mod_wsgi
+ # rpm distros dont enable httpd by default so enable it to support reboots.
+ sudo systemctl enable httpd
# For consistency with Ubuntu, switch to the worker mpm, as
# the default is event
sudo sed -i '/mod_mpm_prefork.so/s/^/#/g' /etc/httpd/conf.modules.d/00-mpm.conf
diff --git a/lib/neutron b/lib/neutron
index 368a1b9..a6de722 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -1112,24 +1112,6 @@
# Functions for Neutron Exercises
#--------------------------------
-function delete_probe {
- local from_net="$1"
- net_id=`_get_net_id $from_net`
- probe_id=`neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}'`
- neutron-debug --os-tenant-name admin --os-username admin probe-delete $probe_id
-}
-
-function _get_net_id {
- openstack --os-cloud devstack-admin --os-region-name="$REGION_NAME" --os-project-name admin --os-username admin --os-password $ADMIN_PASSWORD network list | grep $1 | awk '{print $2}'
-}
-
-function _get_probe_cmd_prefix {
- local from_net="$1"
- net_id=`_get_net_id $from_net`
- probe_id=`neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}' | head -n 1`
- echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id"
-}
-
# ssh check
function _ssh_check_neutron {
local from_net=$1
diff --git a/lib/nova b/lib/nova
index 21067f3..888a2e2 100644
--- a/lib/nova
+++ b/lib/nova
@@ -115,7 +115,7 @@
# The following NOVA_FILTERS contains SameHostFilter and DifferentHostFilter with
# the default filters.
-NOVA_FILTERS="AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,SameHostFilter,DifferentHostFilter"
+NOVA_FILTERS="ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,SameHostFilter,DifferentHostFilter"
QEMU_CONF=/etc/libvirt/qemu.conf
@@ -1036,6 +1036,10 @@
# by the compute process.
configure_console_compute
+ # Set rebuild timeout longer for BFV instances because we likely have
+ # slower disk than expected. Default is 20s/GB
+ iniset $NOVA_CPU_CONF DEFAULT reimage_timeout_per_gb 60
+
# Configure the OVSDB connection for os-vif
if [ -n "$OVSDB_SERVER_LOCAL_HOST" ]; then
iniset $NOVA_CPU_CONF os_vif_ovs ovsdb_connection "tcp:$OVSDB_SERVER_LOCAL_HOST:6640"
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 7992306..ba2e98e 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -69,7 +69,7 @@
$REQUIREMENTS_DIR/upper-constraints.txt -- libvirt-python
if is_ubuntu; then
- install_package qemu-system libvirt-clients libvirt-daemon-system libvirt-dev python3-libvirt
+ install_package qemu-system libvirt-clients libvirt-daemon-system libvirt-dev python3-libvirt systemd-coredump
if is_arch "aarch64"; then
install_package qemu-efi
fi
diff --git a/lib/tempest b/lib/tempest
index 9fa989a..2f62f6e 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -149,11 +149,10 @@
# ramdisk and kernel images. Takes 3 arguments, an array and two
# variables. The array will contain the list of active image UUIDs;
# if an image with ``DEFAULT_IMAGE_NAME`` is found, its UUID will be
-# set as the value of *both* other parameters.
+# set as the value img_id ($2) parameters.
function get_active_images {
declare -n img_array=$1
declare -n img_id=$2
- declare -n img_id_alt=$3
# start with a fresh array in case we are called multiple times
img_array=()
@@ -161,7 +160,6 @@
while read -r IMAGE_NAME IMAGE_UUID; do
if [ "$IMAGE_NAME" = "$DEFAULT_IMAGE_NAME" ]; then
img_id="$IMAGE_UUID"
- img_id_alt="$IMAGE_UUID"
fi
img_array+=($IMAGE_UUID)
done < <(openstack --os-cloud devstack-admin image list --property status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
@@ -170,13 +168,12 @@
function poll_glance_images {
declare -n image_array=$1
declare -n image_id=$2
- declare -n image_id_alt=$3
local -i poll_count
poll_count=$TEMPEST_GLANCE_IMPORT_POLL_LIMIT
while (( poll_count-- > 0 )) ; do
sleep $TEMPEST_GLANCE_IMPORT_POLL_INTERVAL
- get_active_images image_array image_id image_id_alt
+ get_active_images image_array image_id
if (( ${#image_array[*]} >= $TEMPEST_GLANCE_IMAGE_COUNT )) ; then
return
fi
@@ -228,7 +225,7 @@
declare -a images
if is_service_enabled glance; then
- get_active_images images image_uuid image_uuid_alt
+ get_active_images images image_uuid
if (( ${#images[*]} < $TEMPEST_GLANCE_IMAGE_COUNT )); then
# Glance image import is asynchronous and may be configured
@@ -236,7 +233,7 @@
# it's possible that this code is being executed before the
# import has completed and there may be no active images yet.
if [[ "$GLANCE_USE_IMPORT_WORKFLOW" == "True" ]]; then
- poll_glance_images images image_uuid image_uuid_alt
+ poll_glance_images images image_uuid
if (( ${#images[*]} < $TEMPEST_GLANCE_IMAGE_COUNT )); then
echo "Only found ${#images[*]} image(s), was looking for $TEMPEST_GLANCE_IMAGE_COUNT"
exit 1
@@ -252,13 +249,22 @@
1)
if [ -z "$image_uuid" ]; then
image_uuid=${images[0]}
- image_uuid_alt=${images[0]}
fi
+ image_uuid_alt=$image_uuid
;;
*)
if [ -z "$image_uuid" ]; then
image_uuid=${images[0]}
- image_uuid_alt=${images[1]}
+ if [ -z "$image_uuid_alt" ]; then
+ image_uuid_alt=${images[1]}
+ fi
+ elif [ -z "$image_uuid_alt" ]; then
+ for image in ${images[@]}; do
+ if [[ "$image" != "$image_uuid" ]]; then
+ image_uuid_alt=$image
+ break
+ fi
+ done
fi
;;
esac
diff --git a/lib/tls b/lib/tls
index e0c7500..a1e162d 100644
--- a/lib/tls
+++ b/lib/tls
@@ -527,6 +527,7 @@
<VirtualHost $f_host:$f_port>
SSLEngine On
SSLCertificateFile $DEVSTACK_CERT
+ SSLProtocol -all +TLSv1.3 +TLSv1.2
# Disable KeepAlive to fix bug #1630664 a.k.a the
# ('Connection aborted.', BadStatusLine("''",)) error
diff --git a/stack.sh b/stack.sh
index e9617ee..ad88eab 100755
--- a/stack.sh
+++ b/stack.sh
@@ -406,7 +406,10 @@
# Patch: https://github.com/rpm-software-management/dnf/pull/1448
echo "[]" | sudo tee /var/cache/dnf/expired_repos.json
elif [[ $DISTRO == "rhel9" ]]; then
+ # for CentOS Stream 9 repository
sudo dnf config-manager --set-enabled crb
+ # for RHEL 9 repository
+ sudo dnf config-manager --set-enabled codeready-builder-for-rhel-9-x86_64-rpms
# rabbitmq and other packages are provided by RDO repositories.
_install_rdo
diff --git a/stackrc b/stackrc
index 8820c62..dcc0ce4 100644
--- a/stackrc
+++ b/stackrc
@@ -674,7 +674,7 @@
#IMAGE_URLS="https://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img" # cirros full disk image
-CIRROS_VERSION=${CIRROS_VERSION:-"0.6.1"}
+CIRROS_VERSION=${CIRROS_VERSION:-"0.6.2"}
CIRROS_ARCH=${CIRROS_ARCH:-$(uname -m)}
# Set default image based on ``VIRT_DRIVER`` and ``LIBVIRT_TYPE``, either of
@@ -804,7 +804,7 @@
SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT=${SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT:-5}
# Service graceful shutdown timeout
-WORKER_TIMEOUT=${WORKER_TIMEOUT:-90}
+WORKER_TIMEOUT=${WORKER_TIMEOUT:-80}
# Common Configuration
# --------------------
diff --git a/tools/dbcounter/dbcounter.py b/tools/dbcounter/dbcounter.py
index 0ed7bb8..86e5529 100644
--- a/tools/dbcounter/dbcounter.py
+++ b/tools/dbcounter/dbcounter.py
@@ -96,20 +96,18 @@
This reads "hists" from from a queue fed by _log_event() and
writes (db,op)+=count stats to the database after ten seconds
of no activity to avoid triggering a write for every SELECT
- call. Write no less often than every thirty seconds and/or 100
- pending hits to avoid being starved by constant activity.
+ call. Write no less often than every sixty seconds to avoid being
+ starved by constant activity.
"""
LOG.debug('[%i] Writer thread running' % os.getpid())
while True:
to_write = {}
- total = 0
last = time.time()
- while time.time() - last < 30 and total < 100:
+ while time.time() - last < 60:
try:
item = self.queue.get(timeout=10)
to_write.setdefault(item, 0)
to_write[item] += 1
- total += 1
except queue.Empty:
break
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index 0ec426b..faea44f 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -36,6 +36,12 @@
# Disable selinux to avoid configuring to allow Apache access
# to Horizon files (LP#1175444)
if selinuxenabled; then
+ #persit selinux config across reboots
+ cat << EOF | sudo tee /etc/selinux/config
+SELINUX=permissive
+SELINUXTYPE=targeted
+EOF
+ # then disable at runtime
sudo setenforce 0
fi
diff --git a/tools/ping_neutron.sh b/tools/ping_neutron.sh
index 73fe3f3..ab8e8df 100755
--- a/tools/ping_neutron.sh
+++ b/tools/ping_neutron.sh
@@ -30,7 +30,8 @@
This provides a wrapper to ping neutron guests that are on isolated
tenant networks that the caller can't normally reach. It does so by
-creating a network namespace probe.
+using either the DHCP or Metadata network namespace to support both
+ML2/OVS and OVN.
It takes arguments like ping, except the first arg must be the network
name.
@@ -44,6 +45,12 @@
exit 1
}
+# BUG: with duplicate network names, this fails pretty hard since it
+# will just pick the first match.
+function _get_net_id {
+ openstack --os-cloud devstack-admin --os-region-name="$REGION_NAME" --os-project-name admin --os-username admin --os-password $ADMIN_PASSWORD network list | grep $1 | head -n 1 | awk '{print $2}'
+}
+
NET_NAME=$1
if [[ -z "$NET_NAME" ]]; then
@@ -53,12 +60,11 @@
REMAINING_ARGS="${@:2}"
-# BUG: with duplicate network names, this fails pretty hard.
-NET_ID=$(openstack network show -f value -c id "$NET_NAME")
-PROBE_ID=$(neutron-debug probe-list -c id -c network_id | grep "$NET_ID" | awk '{print $2}' | head -n 1)
+NET_ID=`_get_net_id $NET_NAME`
+NET_NS=$(ip netns list | grep "$NET_ID" | head -n 1)
# This runs a command inside the specific netns
-NET_NS_CMD="ip netns exec qprobe-$PROBE_ID"
+NET_NS_CMD="ip netns exec $NET_NS"
PING_CMD="sudo $NET_NS_CMD ping $REMAINING_ARGS"
echo "Running $PING_CMD"