Merge "Add ability to specify cinder lvm_type option"
diff --git a/MAINTAINERS.rst b/MAINTAINERS.rst
index 20e8655..eeb1f21 100644
--- a/MAINTAINERS.rst
+++ b/MAINTAINERS.rst
@@ -45,6 +45,13 @@
Neutron
~~~~~~~
+MidoNet
+~~~~~~~
+
+* Jaume Devesa <devvesa@gmail.com>
+* Ryu Ishimoto <ryu@midokura.com>
+* YAMAMOTO Takashi <yamamoto@midokura.com>
+
OpenDaylight
~~~~~~~~~~~~
@@ -75,12 +82,6 @@
Tempest
~~~~~~~
-Trove
-~~~~~
-
-* Nikhil Manchanda <SlickNik@gmail.com>
-* Michael Basnight <mbasnight@gmail.com>
-
Xen
~~~
* Bob Ball <bob.ball@citrix.com>
diff --git a/clean.sh b/clean.sh
index 7db519b..74bcaee 100755
--- a/clean.sh
+++ b/clean.sh
@@ -51,7 +51,6 @@
source $TOP_DIR/lib/heat
source $TOP_DIR/lib/neutron-legacy
source $TOP_DIR/lib/ironic
-source $TOP_DIR/lib/trove
# Extras Source
@@ -130,7 +129,7 @@
fi
# Clean up venvs
-DIRS_TO_CLEAN="$WHEELHOUSE ${PROJECT_VENV[@]}"
+DIRS_TO_CLEAN="$WHEELHOUSE ${PROJECT_VENV[@]} .config/openstack"
rm -rf $DIRS_TO_CLEAN
# Clean up files
diff --git a/doc/source/conf.py b/doc/source/conf.py
index 3e9aa45..6e3ec02 100644
--- a/doc/source/conf.py
+++ b/doc/source/conf.py
@@ -26,7 +26,7 @@
# Add any Sphinx extension module names here, as strings. They can be extensions
# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
-extensions = [ 'oslosphinx' ]
+extensions = [ 'oslosphinx', 'sphinxcontrib.blockdiag', 'sphinxcontrib.nwdiag' ]
todo_include_todos = True
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index 1cc7083..8e2e7ff 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -391,7 +391,7 @@
ENABLED_SERVICES=n-vol,n-cpu,n-net,n-api
IP Version
- | Default: ``IP_VERSION=4``
+ | Default: ``IP_VERSION=4+6``
| This setting can be used to configure DevStack to create either an IPv4,
IPv6, or dual stack tenant data network by setting ``IP_VERSION`` to
either ``IP_VERSION=4``, ``IP_VERSION=6``, or ``IP_VERSION=4+6``
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
index d3b491f..b09d386 100644
--- a/doc/source/faq.rst
+++ b/doc/source/faq.rst
@@ -2,151 +2,157 @@
FAQ
===
-- `General Questions <#general>`__
-- `Operation and Configuration <#ops_conf>`__
-- `Miscellaneous <#misc>`__
+.. contents::
+ :local:
General Questions
=================
-Q: Can I use DevStack for production?
- A: No. We mean it. Really. DevStack makes some implementation
- choices that are not appropriate for production deployments. We
- warned you!
-Q: Then why selinux in enforcing mode?
- A: That is the default on current Fedora and RHEL releases. DevStack
- has (rightly so) a bad reputation for its security practices; it has
- always been meant as a development tool first and system integration
- later. This is changing as the security issues around OpenStack's
- use of root (for example) have been tightened and developers need to
- be better equipped to work in these environments. ``stack.sh``'s use
- of root is primarily to support the activities that would be handled
- by packaging in "real" deployments. To remove additional protections
- that will be desired/required in production would be a step
- backward.
-Q: But selinux is disabled in RHEL!
- A: Today it is, yes. That is a specific exception that certain
- DevStack contributors fought strongly against. The primary reason it
- was allowed was to support using RHEL6 as the Python 2.6 test
- platform and that took priority time-wise. This will not be the case
- with RHEL 7.
-Q: Why a shell script, why not chef/puppet/...
- A: The script is meant to be read by humans (as well as ran by
- computers); it is the primary documentation after all. Using a
- recipe system requires everyone to agree and understand chef or
- puppet.
-Q: Why not use Crowbar?
- A: DevStack is optimized for documentation & developers. As some of
- us use `Crowbar <https://github.com/dellcloudedge/crowbar>`__ for
- production deployments, we hope developers documenting how they
- setup systems for new features supports projects like Crowbar.
-Q: I'd like to help!
- A: That isn't a question, but please do! The source for DevStack is
- at
- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
- and bug reports go to
- `LaunchPad <http://bugs.launchpad.net/devstack/>`__. Contributions
- follow the usual process as described in the `developer
- guide <http://docs.openstack.org/infra/manual/developers.html>`__. This Sphinx
- documentation is housed in the doc directory.
-Q: Why not use packages?
- A: Unlike packages, DevStack leaves your cloud ready to develop -
- checkouts of the code and services running in screen. However, many
- people are doing the hard work of packaging and recipes for
- production deployments. We hope this script serves as a way to
- communicate configuration changes between developers and packagers.
-Q: Why isn't $MY\_FAVORITE\_DISTRO supported?
- A: DevStack is meant for developers and those who want to see how
- OpenStack really works. DevStack is known to run on the
- distro/release combinations listed in ``README.md``. DevStack is
- only supported on releases other than those documented in
- ``README.md`` on a best-effort basis.
-Q: What about Fedora/RHEL/CentOS?
- A: Fedora and CentOS/RHEL are supported via rpm dependency files and
- specific checks in ``stack.sh``. Support will follow the pattern set
- with the Ubuntu testing, i.e. only a single release of the distro
- will receive regular testing, others will be handled on a
- best-effort basis.
-Q: Are there any differences between Ubuntu and Fedora support?
- A: Neutron is not fully supported prior to Fedora 18 due lack of
- OpenVSwitch packages.
-Q: Why can't I use another shell?
- A: DevStack now uses some specific bash-ism that require Bash 4, such
- as associative arrays. Simple compatibility patches have been accepted
- in the past when they are not complex, at this point no additional
- compatibility patches will be considered except for shells matching
- the array functionality as it is very ingrained in the repo and project
- management.
-Q: But, but, can't I test on OS/X?
- A: Yes, even you, core developer who complained about this, needs to
- install bash 4 via homebrew to keep running tests on OS/X. Get a Real
- Operating System. (For most of you who don't know, I am referring to
- myself.)
+Can I use DevStack for production?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+DevStack is targeted at developers and CI systems to use the raw
+upstream code. It makes many choices that are not appropriate for
+production systems.
+
+Your best choice is probably to choose a `distribution of OpenStack
+<https://www.openstack.org/marketplace/distros/distribution>`__.
+
+Why a shell script, why not chef/puppet/...
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The script is meant to be read by humans (as well as ran by
+computers); it is the primary documentation after all. Using a recipe
+system requires everyone to agree and understand chef or puppet.
+
+I'd like to help!
+~~~~~~~~~~~~~~~~~
+
+That isn't a question, but please do! The source for DevStack is at
+`git.openstack.org
+<https://git.openstack.org/cgit/openstack-dev/devstack>`__ and bug
+reports go to `LaunchPad
+<http://bugs.launchpad.net/devstack/>`__. Contributions follow the
+usual process as described in the `developer guide
+<http://docs.openstack.org/infra/manual/developers.html>`__. This
+Sphinx documentation is housed in the doc directory.
+
+Why not use packages?
+~~~~~~~~~~~~~~~~~~~~~
+
+Unlike packages, DevStack leaves your cloud ready to develop -
+checkouts of the code and services running in screen. However, many
+people are doing the hard work of packaging and recipes for production
+deployments.
+
+Why isn't $MY\_FAVORITE\_DISTRO supported?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+DevStack is meant for developers and those who want to see how
+OpenStack really works. DevStack is known to run on the distro/release
+combinations listed in ``README.md``. DevStack is only supported on
+releases other than those documented in ``README.md`` on a best-effort
+basis.
+
+Are there any differences between Ubuntu and Centos/Fedora support?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Both should work well and are tested by DevStack CI.
+
+Why can't I use another shell?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+DevStack now uses some specific bash-ism that require Bash 4, such as
+associative arrays. Simple compatibility patches have been accepted in
+the past when they are not complex, at this point no additional
+compatibility patches will be considered except for shells matching
+the array functionality as it is very ingrained in the repo and
+project management.
+
+Can I test on OS/X?
+~~~~~~~~~~~~~~~~~~~
+
+Some people have success with bash 4 installed via homebrew to keep
+running tests on OS/X.
+
+Can I at least source ``openrc`` with ``zsh``?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+People have reported success with a special function to run ``openrc``
+through bash for this
+
+.. code-block:: bash
+
+ function sourceopenrc {
+ pushd ~/devstack >/dev/null
+ eval $(bash -c ". openrc $1 $2;env|sed -n '/OS_/ { s/^/export /;p}'")
+ popd >/dev/null
+ }
+
Operation and Configuration
===========================
-Q: Can DevStack handle a multi-node installation?
- A: Indirectly, yes. You run DevStack on each node with the
- appropriate configuration in ``local.conf``. The primary
- considerations are turning off the services not required on the
- secondary nodes, making sure the passwords match and setting the
- various API URLs to the right place.
-Q: How can I document the environment that DevStack is using?
- A: DevStack includes a script (``tools/info.sh``) that gathers the
- versions of the relevant installed apt packages, pip packages and
- git repos. This is a good way to verify what Python modules are
- installed.
-Q: How do I turn off a service that is enabled by default?
- A: Services can be turned off by adding ``disable_service xxx`` to
- ``local.conf`` (using ``n-vol`` in this example):
+Can DevStack handle a multi-node installation?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Yes, see :doc:`multinode lab guide <guides/multinode-lab>`
+
+How can I document the environment that DevStack is using?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+DevStack includes a script (``tools/info.sh``) that gathers the
+versions of the relevant installed apt packages, pip packages and git
+repos. This is a good way to verify what Python modules are
+installed.
+
+How do I turn off a service that is enabled by default?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Services can be turned off by adding ``disable_service xxx`` to
+``local.conf`` (using ``n-vol`` in this example):
::
disable_service n-vol
-Q: Is enabling a service that defaults to off done with the reverse of the above?
- A: Of course!
+Is enabling a service that defaults to off done with the reverse of the above?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Of course!
::
enable_service qpid
-Q: How do I run a specific OpenStack milestone?
- A: OpenStack milestones have tags set in the git repo. Set the appropriate tag in the ``*_BRANCH`` variables in ``local.conf``. Swift is on its own release schedule so pick a tag in the Swift repo that is just before the milestone release. For example:
+How do I run a specific OpenStack milestone?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+OpenStack milestones have tags set in the git repo. Set the
+appropriate tag in the ``*_BRANCH`` variables in ``local.conf``.
+Swift is on its own release schedule so pick a tag in the Swift repo
+that is just before the milestone release. For example:
::
[[local|localrc]]
- GLANCE_BRANCH=stable/juno
- HORIZON_BRANCH=stable/juno
- KEYSTONE_BRANCH=stable/juno
- NOVA_BRANCH=stable/juno
- GLANCE_BRANCH=stable/juno
- NEUTRON_BRANCH=stable/juno
- SWIFT_BRANCH=2.2.1
+ GLANCE_BRANCH=stable/kilo
+ HORIZON_BRANCH=stable/kilo
+ KEYSTONE_BRANCH=stable/kilo
+ NOVA_BRANCH=stable/kilo
+ GLANCE_BRANCH=stable/kilo
+ NEUTRON_BRANCH=stable/kilo
+ SWIFT_BRANCH=2.3.0
-Q: Why not use [STRIKEOUT:``tools/pip-requires``]\ ``requirements.txt`` to grab project dependencies?
- [STRIKEOUT:The majority of deployments will use packages to install
- OpenStack that will have distro-based packages as dependencies.
- DevStack installs as many of these Python packages as possible to
- mimic the expected production environment.] Certain Linux
- distributions have a 'lack of workaround' in their Python
- configurations that installs vendor packaged Python modules and
- pip-installed modules to the SAME DIRECTORY TREE. This is causing
- heartache and moving us in the direction of installing more modules
- from PyPI than vendor packages. However, that is only being done as
- necessary as the packaging needs to catch up to the development
- cycle anyway so this is kept to a minimum.
-Q: What can I do about RabbitMQ not wanting to start on my fresh new VM?
- A: This is often caused by ``erlang`` not being happy with the
- hostname resolving to a reachable IP address. Make sure your
- hostname resolves to a working IP address; setting it to 127.0.0.1
- in ``/etc/hosts`` is often good enough for a single-node
- installation. And in an extreme case, use ``clean.sh`` to eradicate
- it and try again.
-Q: How can I set up Heat in stand-alone configuration?
- A: Configure ``local.conf`` thusly:
+What can I do about RabbitMQ not wanting to start on my fresh new VM?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This is often caused by ``erlang`` not being happy with the hostname
+resolving to a reachable IP address. Make sure your hostname resolves
+to a working IP address; setting it to 127.0.0.1 in ``/etc/hosts`` is
+often good enough for a single-node installation. And in an extreme
+case, use ``clean.sh`` to eradicate it and try again.
+
+Configure ``local.conf`` thusly:
::
@@ -156,22 +162,25 @@
KEYSTONE_SERVICE_HOST=<keystone-host>
KEYSTONE_AUTH_HOST=<keystone-host>
-Q: Why are my configuration changes ignored?
- A: You may have run into the package prerequisite installation
- timeout. ``tools/install_prereqs.sh`` has a timer that skips the
- package installation checks if it was run within the last
- ``PREREQ_RERUN_HOURS`` hours (default is 2). To override this, set
- ``FORCE_PREREQ=1`` and the package checks will never be skipped.
+Why are my configuration changes ignored?
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+You may have run into the package prerequisite installation
+timeout. ``tools/install_prereqs.sh`` has a timer that skips the
+package installation checks if it was run within the last
+``PREREQ_RERUN_HOURS`` hours (default is 2). To override this, set
+``FORCE_PREREQ=1`` and the package checks will never be skipped.
Miscellaneous
=============
-Q: ``tools/fixup_stuff.sh`` is broken and shouldn't 'fix' just one version of packages.
- A: [Another not-a-question] No it isn't. Stuff in there is to
- correct problems in an environment that need to be fixed elsewhere
- or may/will be fixed in a future release. In the case of
- ``httplib2`` and ``prettytable`` specific problems with specific
- versions are being worked around. If later releases have those
- problems than we'll add them to the script. Knowing about the broken
- future releases is valuable rather than polling to see if it has
- been fixed.
+``tools/fixup_stuff.sh`` is broken and shouldn't 'fix' just one version of packages.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Stuff in there is to correct problems in an environment that need to
+be fixed elsewhere or may/will be fixed in a future release. In the
+case of ``httplib2`` and ``prettytable`` specific problems with
+specific versions are being worked around. If later releases have
+those problems than we'll add them to the script. Knowing about the
+broken future releases is valuable rather than polling to see if it
+has been fixed.
diff --git a/doc/source/guides/multinode-lab.rst b/doc/source/guides/multinode-lab.rst
index b2617c9..27d71f1 100644
--- a/doc/source/guides/multinode-lab.rst
+++ b/doc/source/guides/multinode-lab.rst
@@ -178,7 +178,7 @@
MYSQL_HOST=192.168.42.11
RABBIT_HOST=192.168.42.11
GLANCE_HOSTPORT=192.168.42.11:9292
- ENABLED_SERVICES=n-cpu,n-net,n-api,c-sch,c-api,c-vol
+ ENABLED_SERVICES=n-cpu,n-net,n-api,c-vol
NOVA_VNC_ENABLED=True
NOVNCPROXY_URL="http://192.168.42.11:6080/vnc_auto.html"
VNCSERVER_LISTEN=$HOST_IP
diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst
index 3030c7b..bdfd3a4 100644
--- a/doc/source/guides/neutron.rst
+++ b/doc/source/guides/neutron.rst
@@ -5,11 +5,77 @@
This guide will walk you through using OpenStack neutron with the ML2
plugin and the Open vSwitch mechanism driver.
-Network Interface Configuration
-===============================
-To use neutron, it is suggested that two network interfaces be present
-in the host operating system.
+Using Neutron with a Single Interface
+=====================================
+
+In some instances, like on a developer laptop, there is only one
+network interface that is available. In this scenario, the physical
+interface is added to the Open vSwitch bridge, and the IP address of
+the laptop is migrated onto the bridge interface. That way, the
+physical interface can be used to transmit tenant network traffic,
+the OpenStack API traffic, and management traffic.
+
+
+Physical Network Setup
+----------------------
+
+In most cases where DevStack is being deployed with a single
+interface, there is a hardware router that is being used for external
+connectivity and DHCP. The developer machine is connected to this
+network and is on a shared subnet with other machines.
+
+.. nwdiag::
+
+ nwdiag {
+ inet [ shape = cloud ];
+ router;
+ inet -- router;
+
+ network hardware_network {
+ address = "172.18.161.0/24"
+ router [ address = "172.18.161.1" ];
+ devstack_laptop [ address = "172.18.161.6" ];
+ }
+ }
+
+
+DevStack Configuration
+----------------------
+
+
+::
+
+ HOST_IP=172.18.161.6
+ SERVICE_HOST=172.18.161.6
+ MYSQL_HOST=172.18.161.6
+ RABBIT_HOST=172.18.161.6
+ GLANCE_HOSTPORT=172.18.161.6:9292
+ ADMIN_PASSWORD=secrete
+ MYSQL_PASSWORD=secrete
+ RABBIT_PASSWORD=secrete
+ SERVICE_PASSWORD=secrete
+ SERVICE_TOKEN=secrete
+
+ ## Neutron options
+ Q_USE_SECGROUP=True
+ FLOATING_RANGE="172.18.161.1/24"
+ FIXED_RANGE="10.0.0.0/24"
+ Q_FLOATING_ALLOCATION_POOL=start=172.18.161.250,end=172.18.161.254
+ PUBLIC_NETWORK_GATEWAY="172.18.161.1"
+ Q_L3_ENABLED=True
+ PUBLIC_INTERFACE=eth0
+ Q_USE_PROVIDERNET_FOR_PUBLIC=True
+ OVS_PHYSICAL_BRIDGE=br-ex
+ PUBLIC_BRIDGE=br-ex
+ OVS_BRIDGE_MAPPINGS=public:br-ex
+
+
+
+
+
+Using Neutron with Multiple Interfaces
+======================================
The first interface, eth0 is used for the OpenStack management (API,
message bus, etc) as well as for ssh for an administrator to access
@@ -131,6 +197,11 @@
subnet that exists in the private RFC1918 address space - however in
in a real setup FLOATING_RANGE would be a public IP address range.
+Note that extension drivers for the ML2 plugin is set by
+`Q_ML2_PLUGIN_EXT_DRIVERS`, and it includes 'port_security' by default. If you
+want to remove all the extension drivers (even 'port_security'), set
+`Q_ML2_PLUGIN_EXT_DRIVERS` to blank.
+
Neutron Networking with Open vSwitch and Provider Networks
==========================================================
diff --git a/doc/source/index.rst b/doc/source/index.rst
index 4435b49..f15c306 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -10,6 +10,7 @@
overview
configuration
plugins
+ plugin-registry
faq
changes
hacking
@@ -19,9 +20,9 @@
#. Select a Linux Distribution
- Only Ubuntu 14.04 (Trusty), Fedora 20 and CentOS/RHEL 7 are
- documented here. OpenStack also runs and is packaged on other flavors
- of Linux such as OpenSUSE and Debian.
+ Only Ubuntu 14.04 (Trusty), Fedora 21 (or Fedora 22) and CentOS/RHEL
+ 7 are documented here. OpenStack also runs and is packaged on other
+ flavors of Linux such as OpenSUSE and Debian.
#. Install Selected OS
@@ -173,7 +174,6 @@
* `lib/swift <lib/swift.html>`__
* `lib/tempest <lib/tempest.html>`__
* `lib/tls <lib/tls.html>`__
-* `lib/trove <lib/trove.html>`__
* `lib/zaqar <lib/zaqar.html>`__
* `unstack.sh <unstack.sh.html>`__
* `clean.sh <clean.sh.html>`__
@@ -182,7 +182,6 @@
* `extras.d/50-ironic.sh <extras.d/50-ironic.sh.html>`__
* `extras.d/60-ceph.sh <extras.d/60-ceph.sh.html>`__
* `extras.d/70-sahara.sh <extras.d/70-sahara.sh.html>`__
-* `extras.d/70-trove.sh <extras.d/70-trove.sh.html>`__
* `extras.d/70-tuskar.sh <extras.d/70-tuskar.sh.html>`__
* `extras.d/70-zaqar.sh <extras.d/70-zaqar.sh.html>`__
* `extras.d/80-tempest.sh <extras.d/80-tempest.sh.html>`__
@@ -242,6 +241,5 @@
* `exercises/sahara.sh <exercises/sahara.sh.html>`__
* `exercises/sec\_groups.sh <exercises/sec_groups.sh.html>`__
* `exercises/swift.sh <exercises/swift.sh.html>`__
-* `exercises/trove.sh <exercises/trove.sh.html>`__
* `exercises/volumes.sh <exercises/volumes.sh.html>`__
* `exercises/zaqar.sh <exercises/zaqar.sh.html>`__
diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst
new file mode 100644
index 0000000..2dd70d8
--- /dev/null
+++ b/doc/source/plugin-registry.rst
@@ -0,0 +1,73 @@
+..
+ Note to reviewers: the intent of this file is to be easy for
+ community members to update. As such fast approving (single core +2)
+ is fine as long as you've identified that the plugin listed actually exists.
+
+==========================
+ DevStack Plugin Registry
+==========================
+
+Since we've created the external plugin mechanism, it's gotten used by
+a lot of projects. The following is a list of plugins that currently
+exist. Any project that wishes to list their plugin here is welcomed
+to.
+
+Official OpenStack Projects
+===========================
+
+The following are plugins that exist for official OpenStack projects.
+
++--------------------+-------------------------------------------+--------------------+
+|Plugin Name |URL |Comments |
++--------------------+-------------------------------------------+--------------------+
+|magnum |git://git.openstack.org/openstack/magnum | |
++--------------------+-------------------------------------------+--------------------+
+|trove |git://git.openstack.org/openstack/trove | |
++--------------------+-------------------------------------------+--------------------+
+|zaqar |git://git.openstack.org/openstack/zarar | |
++--------------------+-------------------------------------------+--------------------+
+
+
+
+Drivers
+=======
+
++--------------------+-------------------------------------------------+------------------+
+|Plugin Name |URL |Comments |
++--------------------+-------------------------------------------------+------------------+
+|dragonflow |git://git.openstack.org/openstack/dragonflow |[d1]_ |
++--------------------+-------------------------------------------------+------------------+
+|odl |git://git.openstack.org/openstack/networking-odl |[d2]_ |
++--------------------+-------------------------------------------------+------------------+
+
+.. [d1] demonstrates example of installing 3rd party SDN controller
+.. [d2] demonstrates a pretty advanced set of modes that that allow
+ one to run OpenDayLight either from a pre-existing install, or
+ also from source
+
+Alternate Configs
+=================
+
++-------------+------------------------------------------------------------+------------+
+| Plugin Name | URL | Comments |
+| | | |
++-------------+------------------------------------------------------------+------------+
+|glusterfs |git://git.openstack.org/stackforge/devstack-plugin-glusterfs| |
++-------------+------------------------------------------------------------+------------+
+| | | |
++-------------+------------------------------------------------------------+------------+
+
+Additional Services
+===================
+
++-------------+------------------------------------------+------------+
+| Plugin Name | URL | Comments |
+| | | |
++-------------+------------------------------------------+------------+
+|ec2-api |git://git.openstack.org/stackforge/ec2api |[as1]_ |
++-------------+------------------------------------------+------------+
+| | | |
++-------------+------------------------------------------+------------+
+
+.. [as1] first functional devstack plugin, hence why used in most of
+ the examples.
diff --git a/doc/source/plugins.rst b/doc/source/plugins.rst
index c4ed228..b166936 100644
--- a/doc/source/plugins.rst
+++ b/doc/source/plugins.rst
@@ -2,103 +2,21 @@
Plugins
=======
-DevStack has a couple of plugin mechanisms to allow easily adding
-support for additional projects and features.
+The OpenStack ecosystem is wide and deep, and only growing more so
+every day. The value of DevStack is that it's simple enough to
+understand what it's doing clearly. And yet we'd like to support as
+much of the OpenStack Ecosystem as possible. We do that with plugins.
-Extras.d Hooks
-==============
+DevStack plugins are bits of bash code that live outside the DevStack
+tree. They are called through a strong contract, so these plugins can
+be sure that they will continue to work in the future as DevStack
+evolves.
-These hooks are an extension of the service calls in
-``stack.sh`` at specific points in its run, plus ``unstack.sh`` and
-``clean.sh``. A number of the higher-layer projects are implemented in
-DevStack using this mechanism.
+Plugin Interface
+================
-The script in ``extras.d`` is expected to be mostly a dispatcher to
-functions in a ``lib/*`` script. The scripts are named with a
-zero-padded two digits sequence number prefix to control the order that
-the scripts are called, and with a suffix of ``.sh``. DevStack reserves
-for itself the sequence numbers 00 through 09 and 90 through 99.
-
-Below is a template that shows handlers for the possible command-line
-arguments:
-
-::
-
- # template.sh - DevStack extras.d dispatch script template
-
- # check for service enabled
- if is_service_enabled template; then
-
- if [[ "$1" == "source" ]]; then
- # Initial source of lib script
- source $TOP_DIR/lib/template
- fi
-
- if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
- # Set up system services
- echo_summary "Configuring system services Template"
- install_package cowsay
-
- elif [[ "$1" == "stack" && "$2" == "install" ]]; then
- # Perform installation of service source
- echo_summary "Installing Template"
- install_template
-
- elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
- # Configure after the other layer 1 and 2 services have been configured
- echo_summary "Configuring Template"
- configure_template
-
- elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
- # Initialize and start the template service
- echo_summary "Initializing Template"
- ##init_template
- fi
-
- if [[ "$1" == "unstack" ]]; then
- # Shut down template services
- # no-op
- :
- fi
-
- if [[ "$1" == "clean" ]]; then
- # Remove state and transient data
- # Remember clean.sh first calls unstack.sh
- # no-op
- :
- fi
- fi
-
-The arguments are:
-
-- **source** - Called by each script that utilizes ``extras.d`` hooks;
- this replaces directly sourcing the ``lib/*`` script.
-- **stack** - Called by ``stack.sh`` three times for different phases
- of its run:
-
- - **pre-install** - Called after system (OS) setup is complete and
- before project source is installed.
- - **install** - Called after the layer 1 and 2 projects source and
- their dependencies have been installed.
- - **post-config** - Called after the layer 1 and 2 services have
- been configured. All configuration files for enabled services
- should exist at this point.
- - **extra** - Called near the end after layer 1 and 2 services have
- been started. This is the existing hook and has not otherwise
- changed.
-
-- **unstack** - Called by ``unstack.sh`` before other services are shut
- down.
-- **clean** - Called by ``clean.sh`` before other services are cleaned,
- but after ``unstack.sh`` has been called.
-
-
-Externally Hosted Plugins
-=========================
-
-Based on the extras.d hooks, DevStack supports a standard mechansim
-for including plugins from external repositories. The plugin interface
-assumes the following:
+DevStack supports a standard mechansim for including plugins from
+external repositories. The plugin interface assumes the following:
An external git repository that includes a ``devstack/`` top level
directory. Inside this directory there can be 2 files.
@@ -118,11 +36,10 @@
default value only if the variable is unset or empty; e.g. in bash
syntax ``FOO=${FOO:-default}``.
-- ``plugin.sh`` - the actual plugin. It will be executed by devstack
- during it's run. The run order will be done in the registration
- order for these plugins, and will occur immediately after all in
- tree extras.d dispatch at the phase in question. The plugin.sh
- looks like the extras.d dispatcher above.
+- ``plugin.sh`` - the actual plugin. It is executed by devstack at
+ well defined points during a ``stack.sh`` run. The plugin.sh
+ internal structure is discussed bellow.
+
Plugins are registered by adding the following to the localrc section
of ``local.conf``.
@@ -141,49 +58,121 @@
enable_plugin ec2api git://git.openstack.org/stackforge/ec2api
-Plugins for gate jobs
----------------------
+plugin.sh contract
+==================
-All OpenStack plugins that wish to be used as gate jobs need to exist
-in OpenStack's gerrit. Both ``openstack`` namespace and ``stackforge``
-namespace are fine. This allows testing of the plugin as well as
-provides network isolation against upstream git repository failures
-(which we see often enough to be an issue).
+``plugin.sh`` is a bash script that will be called at specific points
+during ``stack.sh``, ``unstack.sh``, and ``clean.sh``. It will be
+called in the following way::
-Ideally plugins will be implemented as ``devstack`` directory inside
-the project they are testing. For example, the stackforge/ec2-api
-project has it's pluggin support in it's tree.
+ source $PATH/TO/plugin.sh <mode> [phase]
-In the cases where there is no "project tree" per say (like
-integrating a backend storage configuration such as ceph or glusterfs)
-it's also allowed to build a dedicated
-``stackforge/devstack-plugin-FOO`` project to house the plugin.
+``mode`` can be thought of as the major mode being called, currently
+one of: ``stack``, ``unstack``, ``clean``. ``phase`` is used by modes
+which have multiple points during their run where it's necessary to
+be able to execute code. All existing ``mode`` and ``phase`` points
+are considered **strong contracts** and won't be removed without a
+reasonable deprecation period. Additional new ``mode`` or ``phase``
+points may be added at any time if we discover we need them to support
+additional kinds of plugins in devstack.
-Note jobs must not require cloning of repositories during tests.
-Tests must list their repository in the ``PROJECTS`` variable for
-`devstack-gate
-<https://git.openstack.org/cgit/openstack-infra/devstack-gate/tree/devstack-vm-gate-wrap.sh>`_
-for the repository to be available to the test. Further information
-is provided in the project creator's guide.
+The current full list of ``mode`` and ``phase`` are:
-Hypervisor
-==========
+- **stack** - Called by ``stack.sh`` four times for different phases
+ of its run:
-Hypervisor plugins are fairly new and condense most hypervisor
-configuration into one place.
+ - **pre-install** - Called after system (OS) setup is complete and
+ before project source is installed.
+ - **install** - Called after the layer 1 and 2 projects source and
+ their dependencies have been installed.
+ - **post-config** - Called after the layer 1 and 2 services have
+ been configured. All configuration files for enabled services
+ should exist at this point.
+ - **extra** - Called near the end after layer 1 and 2 services have
+ been started.
-The initial plugin implemented was for Docker support and is a useful
-template for the required support. Plugins are placed in
-``lib/nova_plugins`` and named ``hypervisor-<name>`` where ``<name>`` is
-the value of ``VIRT_DRIVER``. Plugins must define the following
-functions:
+- **unstack** - Called by ``unstack.sh`` before other services are shut
+ down.
+- **clean** - Called by ``clean.sh`` before other services are cleaned,
+ but after ``unstack.sh`` has been called.
-- ``install_nova_hypervisor`` - install any external requirements
-- ``configure_nova_hypervisor`` - make configuration changes, including
- those to other services
-- ``start_nova_hypervisor`` - start any external services
-- ``stop_nova_hypervisor`` - stop any external services
-- ``cleanup_nova_hypervisor`` - remove transient data and cache
+Example plugin
+====================
+
+An example plugin would look something as follows.
+
+``devstack/settings``::
+
+ # settings file for template
+ enable_service template
+
+
+``devstack/plugin.sh``::
+
+ # plugin.sh - DevStack plugin.sh dispatch script template
+
+ function install_template {
+ ...
+ }
+
+ function init_template {
+ ...
+ }
+
+ function configure_template {
+ ...
+ }
+
+ # check for service enabled
+ if is_service_enabled template; then
+
+ if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
+ # Set up system services
+ echo_summary "Configuring system services Template"
+ install_package cowsay
+
+ elif [[ "$1" == "stack" && "$2" == "install" ]]; then
+ # Perform installation of service source
+ echo_summary "Installing Template"
+ install_template
+
+ elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
+ # Configure after the other layer 1 and 2 services have been configured
+ echo_summary "Configuring Template"
+ configure_template
+
+ elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+ # Initialize and start the template service
+ echo_summary "Initializing Template"
+ init_template
+ fi
+
+ if [[ "$1" == "unstack" ]]; then
+ # Shut down template services
+ # no-op
+ :
+ fi
+
+ if [[ "$1" == "clean" ]]; then
+ # Remove state and transient data
+ # Remember clean.sh first calls unstack.sh
+ # no-op
+ :
+ fi
+ fi
+
+Plugin Execution Order
+======================
+
+Plugins are run after in tree services at each of the stages
+above. For example, if you need something to happen before Keystone
+starts, you should do that at the ``post-config`` phase.
+
+Multiple plugins can be specified in your ``local.conf``. When that
+happens the plugins will be executed **in order** at each phase. This
+allows plugins to conceptually depend on each other through
+documenting to the user the order they must be declared. A formal
+dependency mechanism is beyond the scope of the current work.
System Packages
===============
@@ -205,3 +194,47 @@
- ``./devstack/files/rpms-suse/$plugin_name`` - Packages to install when
running on SUSE Linux or openSUSE.
+
+
+Using Plugins in the OpenStack Gate
+===================================
+
+For everyday use, DevStack plugins can exist in any git tree that's
+accessible on the internet. However, when using DevStack plugins in
+the OpenStack gate, they must live in projects in OpenStack's
+gerrit. Both ``openstack`` namespace and ``stackforge`` namespace are
+fine. This allows testing of the plugin as well as provides network
+isolation against upstream git repository failures (which we see often
+enough to be an issue).
+
+Ideally a plugin will be included within the ``devstack`` directory of
+the project they are being tested. For example, the stackforge/ec2-api
+project has its pluggin support in its own tree.
+
+However, some times a DevStack plugin might be used solely to
+configure a backend service that will be used by the rest of
+OpenStack, so there is no "project tree" per say. Good examples
+include: integration of back end storage (e.g. ceph or glusterfs),
+integration of SDN controllers (e.g. ovn, OpenDayLight), or
+integration of alternate RPC systems (e.g. zmq, qpid). In these cases
+the best practice is to build a dedicated
+``stackforge/devstack-plugin-FOO`` project.
+
+To enable a plugin to be used in a gate job, the following lines will
+be needed in your project.yaml definition::
+
+ # Because we are testing a non standard project, add the
+ # our project repository. This makes zuul do the right
+ # reference magic for testing changes.
+ export PROJECTS="stackforge/ec2-api $PROJECTS"
+
+ # note the actual url here is somewhat irrelevant because it
+ # caches in nodepool, however make it a valid url for
+ # documentation purposes.
+ export DEVSTACK_LOCAL_CONFIG="enable_plugin ec2-api git://git.openstack.org/stackforge/ec2-api"
+
+See Also
+========
+
+For additional inspiration on devstack plugins you can check out the
+`Plugin Registry <plugin-registry.html>`_.
diff --git a/exercises/sahara.sh b/exercises/sahara.sh
index 2589e28..8cad945 100755
--- a/exercises/sahara.sh
+++ b/exercises/sahara.sh
@@ -35,7 +35,13 @@
is_service_enabled sahara || exit 55
-$CURL_GET http://$SERVICE_HOST:8386/ 2>/dev/null | grep -q 'Auth' || die $LINENO "Sahara API isn't functioning!"
+if is_ssl_enabled_service "sahara" || is_service_enabled tls-proxy; then
+ SAHARA_SERVICE_PROTOCOL="https"
+fi
+
+SAHARA_SERVICE_PROTOCOL=${SAHARA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+
+$CURL_GET $SAHARA_SERVICE_PROTOCOL://$SERVICE_HOST:8386/ 2>/dev/null | grep -q 'Auth' || die $LINENO "Sahara API isn't functioning!"
set +o xtrace
echo "*********************************************************************"
diff --git a/extras.d/70-trove.sh b/extras.d/70-trove.sh
deleted file mode 100644
index f284354..0000000
--- a/extras.d/70-trove.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-# trove.sh - Devstack extras script to install Trove
-
-if is_service_enabled trove; then
- if [[ "$1" == "source" ]]; then
- # Initial source
- source $TOP_DIR/lib/trove
- elif [[ "$1" == "stack" && "$2" == "install" ]]; then
- echo_summary "Installing Trove"
- install_trove
- install_troveclient
- cleanup_trove
- elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
- echo_summary "Configuring Trove"
- configure_trove
-
- if is_service_enabled key; then
- create_trove_accounts
- fi
-
- elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
- # Initialize trove
- init_trove
-
- # Start the trove API and trove taskmgr components
- echo_summary "Starting Trove"
- start_trove
- fi
-
- if [[ "$1" == "unstack" ]]; then
- stop_trove
- fi
-fi
diff --git a/files/apache-ceilometer.template b/files/apache-ceilometer.template
index 1c57b32..79f14c3 100644
--- a/files/apache-ceilometer.template
+++ b/files/apache-ceilometer.template
@@ -1,7 +1,7 @@
Listen %PORT%
<VirtualHost *:%PORT%>
- WSGIDaemonProcess ceilometer-api processes=2 threads=10 user=%USER% display-name=%{GROUP}
+ WSGIDaemonProcess ceilometer-api processes=2 threads=10 user=%USER% display-name=%{GROUP} %VIRTUALENV%
WSGIProcessGroup ceilometer-api
WSGIScriptAlias / %WSGIAPP%
WSGIApplicationGroup %{GLOBAL}
diff --git a/files/apache-nova-api.template b/files/apache-nova-api.template
index 70ccedd..301a3bd 100644
--- a/files/apache-nova-api.template
+++ b/files/apache-nova-api.template
@@ -1,7 +1,7 @@
Listen %PUBLICPORT%
<VirtualHost *:%PUBLICPORT%>
- WSGIDaemonProcess nova-api processes=5 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
+ WSGIDaemonProcess nova-api processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
WSGIProcessGroup nova-api
WSGIScriptAlias / %PUBLICWSGI%
WSGIApplicationGroup %{GLOBAL}
@@ -13,4 +13,4 @@
%SSLENGINE%
%SSLCERTFILE%
%SSLKEYFILE%
-</VirtualHost>
\ No newline at end of file
+</VirtualHost>
diff --git a/files/apache-nova-ec2-api.template b/files/apache-nova-ec2-api.template
index ae4cf94..235d958 100644
--- a/files/apache-nova-ec2-api.template
+++ b/files/apache-nova-ec2-api.template
@@ -1,7 +1,7 @@
Listen %PUBLICPORT%
<VirtualHost *:%PUBLICPORT%>
- WSGIDaemonProcess nova-ec2-api processes=5 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
+ WSGIDaemonProcess nova-ec2-api processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
WSGIProcessGroup nova-ec2-api
WSGIScriptAlias / %PUBLICWSGI%
WSGIApplicationGroup %{GLOBAL}
@@ -13,4 +13,4 @@
%SSLENGINE%
%SSLCERTFILE%
%SSLKEYFILE%
-</VirtualHost>
\ No newline at end of file
+</VirtualHost>
diff --git a/files/rpms-suse/ceilometer-collector b/files/rpms-suse/ceilometer-collector
index c76454f..5e4dfcc 100644
--- a/files/rpms-suse/ceilometer-collector
+++ b/files/rpms-suse/ceilometer-collector
@@ -1,4 +1,3 @@
# Not available in openSUSE main repositories, but can be fetched from OBS
# (devel:languages:python and server:database projects)
mongodb
-python-pymongo
diff --git a/files/rpms-suse/devlibs b/files/rpms-suse/devlibs
index c923825..bdb630a 100644
--- a/files/rpms-suse/devlibs
+++ b/files/rpms-suse/devlibs
@@ -3,4 +3,5 @@
libxml2-devel # lxml
libxslt-devel # lxml
postgresql-devel # psycopg2
+libmysqlclient-devel # MySQL-python
python-devel # pyOpenSSL
diff --git a/files/rpms-suse/glance b/files/rpms-suse/glance
index 9b962f9..0e58425 100644
--- a/files/rpms-suse/glance
+++ b/files/rpms-suse/glance
@@ -1,11 +1,2 @@
libxml2-devel
-python-PasteDeploy
-python-Routes
-python-SQLAlchemy
-python-argparse
python-devel
-python-eventlet
-python-greenlet
-python-iso8601
-python-pyOpenSSL
-python-xattr
diff --git a/files/rpms-suse/horizon b/files/rpms-suse/horizon
index c45eae6..77f7c34 100644
--- a/files/rpms-suse/horizon
+++ b/files/rpms-suse/horizon
@@ -1,16 +1,2 @@
apache2 # NOPRIME
apache2-mod_wsgi # NOPRIME
-python-CherryPy # why? (coming from apts)
-python-Paste
-python-PasteDeploy
-python-Routes
-python-SQLAlchemy
-python-WebOb
-python-anyjson
-python-beautifulsoup
-python-coverage
-python-dateutil
-python-eventlet
-python-mox
-python-sqlalchemy-migrate
-python-xattr
diff --git a/files/rpms-suse/keystone b/files/rpms-suse/keystone
index 4c37ade..c838b41 100644
--- a/files/rpms-suse/keystone
+++ b/files/rpms-suse/keystone
@@ -1,15 +1,4 @@
cyrus-sasl-devel
openldap2-devel
-python-Paste
-python-PasteDeploy
-python-PasteScript
-python-Routes
-python-SQLAlchemy
-python-WebOb
python-devel
-python-greenlet
-python-lxml
-python-mysql
-python-mysql-connector-python
-python-pysqlite
sqlite3
diff --git a/files/rpms-suse/neutron b/files/rpms-suse/neutron
index d278363..e75db89 100644
--- a/files/rpms-suse/neutron
+++ b/files/rpms-suse/neutron
@@ -6,17 +6,6 @@
iputils
mariadb # NOPRIME
postgresql-devel
-python-eventlet
-python-greenlet
-python-iso8601
-python-mysql
-python-mysql-connector-python
-python-Paste
-python-PasteDeploy
-python-pyudev
-python-Routes
-python-SQLAlchemy
-python-suds
rabbitmq-server # NOPRIME
sqlite3
sudo
@@ -24,5 +13,4 @@
radvd # NOPRIME
# FIXME: qpid is not part of openSUSE, those names are tentative
-python-qpid # NOPRIME
qpidd # NOPRIME
diff --git a/files/rpms-suse/nova b/files/rpms-suse/nova
index b1c4f6a..6f8aef1 100644
--- a/files/rpms-suse/nova
+++ b/files/rpms-suse/nova
@@ -16,29 +16,7 @@
mariadb # NOPRIME
parted
polkit
-python-M2Crypto
-python-m2crypto # dist:sle11sp2
-python-Paste
-python-PasteDeploy
-python-Routes
-python-SQLAlchemy
-python-Tempita
-python-cheetah
-python-eventlet
-python-feedparser
-python-greenlet
-python-iso8601
-python-libxml2
-python-lockfile
-python-lxml # needed for glance which is needed for nova --- this shouldn't be here
-python-mox
-python-mysql
-python-mysql-connector-python
-python-numpy # needed by websockify for spice console
-python-paramiko
-python-sqlalchemy-migrate
-python-suds
-python-xattr # needed for glance which is needed for nova --- this shouldn't be here
+python-devel
rabbitmq-server # NOPRIME
socat
sqlite3
diff --git a/files/rpms-suse/q-l3 b/files/rpms-suse/q-l3
new file mode 100644
index 0000000..a7a190c
--- /dev/null
+++ b/files/rpms-suse/q-l3
@@ -0,0 +1,2 @@
+conntrack-tools
+keepalived
diff --git a/files/rpms-suse/swift b/files/rpms-suse/swift
index 9c0d188..6a824f9 100644
--- a/files/rpms-suse/swift
+++ b/files/rpms-suse/swift
@@ -1,15 +1,6 @@
curl
memcached
-python-PasteDeploy
-python-WebOb
-python-configobj
-python-coverage
python-devel
-python-eventlet
-python-greenlet
-python-netifaces
-python-simplejson
-python-xattr
sqlite3
xfsprogs
xinetd
diff --git a/files/rpms/devlibs b/files/rpms/devlibs
index 834a4b6..385ed3b 100644
--- a/files/rpms/devlibs
+++ b/files/rpms/devlibs
@@ -1,8 +1,7 @@
libffi-devel # pyOpenSSL
libxml2-devel # lxml
libxslt-devel # lxml
-mariadb-devel # MySQL-python f20,f21,rhel7
-mysql-devel # MySQL-python rhel6
+mariadb-devel # MySQL-python
openssl-devel # pyOpenSSL
postgresql-devel # psycopg2
python-devel # pyOpenSSL
diff --git a/files/rpms/general b/files/rpms/general
index 7b2c00a..c3f3de8 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -25,6 +25,7 @@
libyaml-devel
gettext # used for compiling message catalogs
net-tools
-java-1.7.0-openjdk-headless # NOPRIME rhel7,f20
+java-1.7.0-openjdk-headless # NOPRIME rhel7
java-1.8.0-openjdk-headless # NOPRIME f21,f22
pyOpenSSL # version in pip uses too much memory
+iptables-services # NOPRIME f21,f22
diff --git a/files/venv-requirements.txt b/files/venv-requirements.txt
index 73d0579..b9a55b4 100644
--- a/files/venv-requirements.txt
+++ b/files/venv-requirements.txt
@@ -1,7 +1,6 @@
# Once we can prebuild wheels before a devstack run, uncomment the skipped libraries
cryptography
# lxml # still install from from packages
-MySQL-python
# netifaces # still install from packages
#numpy # slowest wheel by far, stop building until we are actually using the output
posix-ipc
diff --git a/functions-common b/functions-common
index 6d9a0fa..c85052d 100644
--- a/functions-common
+++ b/functions-common
@@ -43,6 +43,25 @@
TRACK_DEPENDS=${TRACK_DEPENDS:-False}
+# Save these variables to .stackenv
+STACK_ENV_VARS="BASE_SQL_CONN DATA_DIR DEST ENABLED_SERVICES HOST_IP \
+ KEYSTONE_AUTH_PROTOCOL KEYSTONE_AUTH_URI KEYSTONE_SERVICE_URI \
+ LOGFILE OS_CACERT SERVICE_HOST SERVICE_PROTOCOL STACK_USER TLS_IP"
+
+
+# Saves significant environment variables to .stackenv for later use
+# Refers to a lot of globals, only TOP_DIR and STACK_ENV_VARS are required to
+# function, the rest are simply saved and do not cause problems if they are undefined.
+# save_stackenv [tag]
+function save_stackenv {
+ local tag=${1:-""}
+ # Save some values we generated for later use
+ time_stamp=$(date "+$TIMESTAMP_FORMAT")
+ echo "# $time_stamp $tag" >$TOP_DIR/.stackenv
+ for i in $STACK_ENV_VARS; do
+ echo $i=${!i} >>$TOP_DIR/.stackenv
+ done
+}
# Normalize config values to True or False
# Accepts as False: 0 no No NO false False FALSE
@@ -68,6 +87,7 @@
[[ -v "$1" ]]
}
+
# Control Functions
# =================
@@ -1629,7 +1649,6 @@
function disable_negated_services {
local to_remove=""
local remaining=""
- local enabled=""
local service
# build up list of services that should be removed; i.e. they
@@ -1644,21 +1663,7 @@
# go through the service list. if this service appears in the "to
# be removed" list, drop it
- for service in ${remaining//,/ }; do
- local remove
- local add=1
- for remove in ${to_remove//,/ }; do
- if [[ ${remove} == ${service} ]]; then
- add=0
- break
- fi
- done
- if [[ $add == 1 ]]; then
- enabled="${enabled},$service"
- fi
- done
-
- ENABLED_SERVICES=$(_cleanup_service_list "$enabled")
+ ENABLED_SERVICES=$(remove_disabled_services "$remaining" "$to_remove")
}
# disable_service() removes the services passed as argument to the
@@ -1762,6 +1767,30 @@
return $enabled
}
+# remove specified list from the input string
+# remove_disabled_services service-list remove-list
+function remove_disabled_services {
+ local service_list=$1
+ local remove_list=$2
+ local service
+ local enabled=""
+
+ for service in ${service_list//,/ }; do
+ local remove
+ local add=1
+ for remove in ${remove_list//,/ }; do
+ if [[ ${remove} == ${service} ]]; then
+ add=0
+ break
+ fi
+ done
+ if [[ $add == 1 ]]; then
+ enabled="${enabled},$service"
+ fi
+ done
+ _cleanup_service_list "$enabled"
+}
+
# Toggle enable/disable_service for services that must run exclusive of each other
# $1 The name of a variable containing a space-separated list of services
# $2 The name of a variable in which to store the enabled service's name
@@ -1833,16 +1862,7 @@
local user=$1
local group=$2
- if [[ -z "$os_VENDOR" ]]; then
- GetOSVersion
- fi
-
- # SLE11 and openSUSE 12.2 don't have the usual usermod
- if ! is_suse || [[ "$os_VENDOR" = "openSUSE" && "$os_RELEASE" != "12.2" ]]; then
- sudo usermod -a -G "$group" "$user"
- else
- sudo usermod -A "$group" "$user"
- fi
+ sudo usermod -a -G "$group" "$user"
}
# Convert CIDR notation to a IPv4 netmask
@@ -1899,6 +1919,12 @@
echo $subnet
}
+# Return the current python as "python<major>.<minor>"
+function python_version {
+ local python_version=$(python -c 'import sys; print("%s.%s" % sys.version_info[0:2])')
+ echo "python${python_version}"
+}
+
# Service wrapper to restart services
# restart_service service-name
function restart_service {
diff --git a/inc/python b/inc/python
index 3d329b5..e3c5e61 100644
--- a/inc/python
+++ b/inc/python
@@ -219,15 +219,15 @@
if [[ "$REQUIREMENTS_MODE" == "soft" ]]; then
if is_in_projects_txt $project_dir; then
(cd $REQUIREMENTS_DIR; \
- python update.py $project_dir)
+ ./.venv/bin/python update.py $project_dir)
else
# soft update projects not found in requirements project.txt
(cd $REQUIREMENTS_DIR; \
- python update.py -s $project_dir)
+ ./.venv/bin/python update.py -s $project_dir)
fi
else
(cd $REQUIREMENTS_DIR; \
- python update.py $project_dir)
+ ./.venv/bin/python update.py $project_dir)
fi
fi
diff --git a/inc/rootwrap b/inc/rootwrap
index bac8e1e..f91e557 100644
--- a/inc/rootwrap
+++ b/inc/rootwrap
@@ -38,11 +38,17 @@
# Configure rootwrap
# Make a load of assumptions otherwise we'll have 6 arguments
-# configure_rootwrap project bin conf-src-dir
+# configure_rootwrap project
function configure_rootwrap {
- local project=$1 # xx
- local rootwrap_bin=$2 # /opt/stack/xx.venv/bin/xx-rootwrap
- local rootwrap_conf_src_dir=$3 # /opt/stack/xx/etc/xx
+ local project=$1
+ local project_uc=$(echo $1|tr a-z A-Z)
+ local bin_dir="${project_uc}_BIN_DIR"
+ bin_dir="${!bin_dir}"
+ local project_dir="${project_uc}_DIR"
+ project_dir="${!project_dir}"
+
+ local rootwrap_conf_src_dir="${project_dir}/etc/${project}"
+ local rootwrap_bin="${bin_dir}/${project}-rootwrap"
# Start fresh with rootwrap filters
sudo rm -rf /etc/${project}/rootwrap.d
@@ -53,12 +59,16 @@
sudo install -o root -g root -m 644 $rootwrap_conf_src_dir/rootwrap.conf /etc/${project}/rootwrap.conf
sudo sed -e "s:^filters_path=.*$:filters_path=/etc/${project}/rootwrap.d:" -i /etc/${project}/rootwrap.conf
- # Specify rootwrap.conf as first parameter to rootwrap
- rootwrap_sudo_cmd="$rootwrap_bin /etc/${project}/rootwrap.conf *"
-
# Set up the rootwrap sudoers
local tempfile=$(mktemp)
+ # Specify rootwrap.conf as first parameter to rootwrap
+ rootwrap_sudo_cmd="${rootwrap_bin} /etc/${project}/rootwrap.conf *"
echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudo_cmd" >$tempfile
+ if [ -f ${bin_dir}/${project}-rootwrap-daemon ]; then
+ # rootwrap daemon does not need any parameters
+ rootwrap_sudo_cmd="${rootwrap_bin}-daemon /etc/${project}/rootwrap.conf"
+ echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudo_cmd" >>$tempfile
+ fi
chmod 0440 $tempfile
sudo chown root:root $tempfile
sudo mv $tempfile /etc/sudoers.d/${project}-rootwrap
diff --git a/lib/ceilometer b/lib/ceilometer
index 9abdbfe..a577ee9 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -78,8 +78,13 @@
CEILOMETER_AUTH_CACHE_DIR=${CEILOMETER_AUTH_CACHE_DIR:-/var/cache/ceilometer}
CEILOMETER_WSGI_DIR=${CEILOMETER_WSGI_DIR:-/var/www/ceilometer}
-# Support potential entry-points console scripts
-CEILOMETER_BIN_DIR=$(get_python_exec_prefix)
+# Support potential entry-points console scripts in VENV or not
+if [[ ${USE_VENV} = True ]]; then
+ PROJECT_VENV["ceilometer"]=${CEILOMETER_DIR}.venv
+ CEILOMETER_BIN_DIR=${PROJECT_VENV["ceilometer"]}/bin
+else
+ CEILOMETER_BIN_DIR=$(get_python_exec_prefix)
+fi
# Set up database backend
CEILOMETER_BACKEND=${CEILOMETER_BACKEND:-mysql}
@@ -165,16 +170,22 @@
local ceilometer_apache_conf=$(apache_site_config_for ceilometer)
local apache_version=$(get_apache_version)
+ local venv_path=""
# Copy proxy vhost and wsgi file
sudo cp $CEILOMETER_DIR/ceilometer/api/app.wsgi $CEILOMETER_WSGI_DIR/app
+ if [[ ${USE_VENV} = True ]]; then
+ venv_path="python-path=${PROJECT_VENV["ceilometer"]}/lib/$(python_version)/site-packages"
+ fi
+
sudo cp $FILES/apache-ceilometer.template $ceilometer_apache_conf
sudo sed -e "
s|%PORT%|$CEILOMETER_SERVICE_PORT|g;
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%WSGIAPP%|$CEILOMETER_WSGI_DIR/app|g;
- s|%USER%|$STACK_USER|g
+ s|%USER%|$STACK_USER|g;
+ s|%VIRTUALENV%|$venv_path|g
" -i $ceilometer_apache_conf
}
@@ -232,12 +243,14 @@
iniset $CEILOMETER_CONF DEFAULT collector_workers $API_WORKERS
${TOP_DIR}/pkg/elasticsearch.sh start
cleanup_ceilometer
- else
+ elif [ "$CEILOMETER_BACKEND" = 'mongodb' ] ; then
iniset $CEILOMETER_CONF database alarm_connection mongodb://localhost:27017/ceilometer
iniset $CEILOMETER_CONF database event_connection mongodb://localhost:27017/ceilometer
iniset $CEILOMETER_CONF database metering_connection mongodb://localhost:27017/ceilometer
configure_mongodb
cleanup_ceilometer
+ else
+ die $LINENO "Unable to configure unknown CEILOMETER_BACKEND $CEILOMETER_BACKEND"
fi
if [[ "$VIRT_DRIVER" = 'vsphere' ]]; then
@@ -254,7 +267,7 @@
if is_service_enabled ceilometer-aipmi; then
# Configure rootwrap for the ipmi agent
- configure_rootwrap ceilometer $CEILOMETER_BIN_DIR/ceilometer-rootwrap $CEILOMETER_DIR/etc/ceilometer
+ configure_rootwrap ceilometer
fi
}
@@ -263,10 +276,8 @@
local packages=mongodb-server
if is_fedora; then
- # mongodb client + python bindings
- packages="${packages} mongodb pymongo"
- else
- packages="${packages} python-pymongo"
+ # mongodb client
+ packages="${packages} mongodb"
fi
install_package ${packages}
@@ -319,6 +330,21 @@
install_redis
fi
+ if [ "$CEILOMETER_BACKEND" = 'mongodb' ] ; then
+ pip_install_gr pymongo
+ fi
+
+ # Only install virt drivers if we're running nova compute
+ if is_service_enabled n-cpu ; then
+ if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
+ pip_install_gr libvirt-python
+ fi
+
+ if [[ "$VIRT_DRIVER" = 'vsphere' ]]; then
+ pip_instal_gr oslo.vmware
+ fi
+ fi
+
if [ "$CEILOMETER_BACKEND" = 'es' ] ; then
${TOP_DIR}/pkg/elasticsearch.sh download
${TOP_DIR}/pkg/elasticsearch.sh install
@@ -349,13 +375,13 @@
# start_ceilometer() - Start running processes, including screen
function start_ceilometer {
- run_process ceilometer-acentral "ceilometer-agent-central --config-file $CEILOMETER_CONF"
- run_process ceilometer-anotification "ceilometer-agent-notification --config-file $CEILOMETER_CONF"
- run_process ceilometer-collector "ceilometer-collector --config-file $CEILOMETER_CONF"
- run_process ceilometer-aipmi "ceilometer-agent-ipmi --config-file $CEILOMETER_CONF"
+ run_process ceilometer-acentral "$CEILOMETER_BIN_DIR/ceilometer-agent-central --config-file $CEILOMETER_CONF"
+ run_process ceilometer-anotification "$CEILOMETER_BIN_DIR/ceilometer-agent-notification --config-file $CEILOMETER_CONF"
+ run_process ceilometer-collector "$CEILOMETER_BIN_DIR/ceilometer-collector --config-file $CEILOMETER_CONF"
+ run_process ceilometer-aipmi "$CEILOMETER_BIN_DIR/ceilometer-agent-ipmi --config-file $CEILOMETER_CONF"
if [[ "$CEILOMETER_USE_MOD_WSGI" == "False" ]]; then
- run_process ceilometer-api "ceilometer-api -d -v --log-dir=$CEILOMETER_API_LOG_DIR --config-file $CEILOMETER_CONF"
+ run_process ceilometer-api "$CEILOMETER_BIN_DIR/ceilometer-api -d -v --log-dir=$CEILOMETER_API_LOG_DIR --config-file $CEILOMETER_CONF"
else
enable_apache_site ceilometer
restart_apache_server
@@ -367,10 +393,10 @@
# Start the compute agent last to allow time for the collector to
# fully wake up and connect to the message bus. See bug #1355809
if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
- run_process ceilometer-acompute "ceilometer-agent-compute --config-file $CEILOMETER_CONF" $LIBVIRT_GROUP
+ run_process ceilometer-acompute "$CEILOMETER_BIN_DIR/ceilometer-agent-compute --config-file $CEILOMETER_CONF" $LIBVIRT_GROUP
fi
if [[ "$VIRT_DRIVER" = 'vsphere' ]]; then
- run_process ceilometer-acompute "ceilometer-agent-compute --config-file $CEILOMETER_CONF"
+ run_process ceilometer-acompute "$CEILOMETER_BIN_DIR/ceilometer-agent-compute --config-file $CEILOMETER_CONF"
fi
# Only die on API if it was actually intended to be turned on
@@ -381,8 +407,8 @@
fi
fi
- run_process ceilometer-alarm-notifier "ceilometer-alarm-notifier --config-file $CEILOMETER_CONF"
- run_process ceilometer-alarm-evaluator "ceilometer-alarm-evaluator --config-file $CEILOMETER_CONF"
+ run_process ceilometer-alarm-notifier "$CEILOMETER_BIN_DIR/ceilometer-alarm-notifier --config-file $CEILOMETER_CONF"
+ run_process ceilometer-alarm-evaluator "$CEILOMETER_BIN_DIR/ceilometer-alarm-evaluator --config-file $CEILOMETER_CONF"
}
# stop_ceilometer() - Stop running processes
diff --git a/lib/ceph b/lib/ceph
index 4068e26..cbdc3b8 100644
--- a/lib/ceph
+++ b/lib/ceph
@@ -110,7 +110,7 @@
# check_os_support_ceph() - Check if the operating system provides a decent version of Ceph
function check_os_support_ceph {
- if [[ ! ${DISTRO} =~ (trusty|f20|f21) ]]; then
+ if [[ ! ${DISTRO} =~ (trusty|f21|f22) ]]; then
echo "WARNING: your distro $DISTRO does not provide (at least) the Firefly release. Please use Ubuntu Trusty or Fedora 20 (and higher)"
if [[ "$FORCE_CEPH_INSTALL" != "yes" ]]; then
die $LINENO "If you wish to install Ceph on this distribution anyway run with FORCE_CEPH_INSTALL=yes"
diff --git a/lib/cinder b/lib/cinder
index 93285bf..8117447 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -39,6 +39,7 @@
# set up default directories
GITDIR["python-cinderclient"]=$DEST/python-cinderclient
+GITDIR["os-brick"]=$DEST/os-brick
CINDER_DIR=$DEST/cinder
# Cinder virtual environment
@@ -194,7 +195,7 @@
rm -f $CINDER_CONF
- configure_rootwrap cinder $CINDER_BIN_DIR/cinder-rootwrap $CINDER_DIR/etc/cinder
+ configure_rootwrap cinder
cp $CINDER_DIR/etc/cinder/api-paste.ini $CINDER_API_PASTE_INI
@@ -303,6 +304,11 @@
iniset $CINDER_CONF DEFAULT ssl_key_file "$CINDER_SSL_KEY"
fi
+ # Set os_privileged_user credentials (used for os-assisted-snapshots)
+ iniset $CINDER_CONF DEFAULT os_privileged_user_name nova
+ iniset $CINDER_CONF DEFAULT os_privileged_user_password "$SERVICE_PASSWORD"
+ iniset $CINDER_CONF DEFAULT os_privileged_user_tenant "$SERVICE_TENANT_NAME"
+
}
# create_cinder_accounts() - Set up common required cinder accounts
@@ -380,6 +386,13 @@
# install_cinder() - Collect source and prepare
function install_cinder {
+ # Install os-brick from git so we make sure we're testing
+ # the latest code.
+ if use_library_from_git "os-brick"; then
+ git_clone_by_name "os-brick"
+ setup_dev_lib "os-brick"
+ fi
+
git_clone $CINDER_REPO $CINDER_DIR $CINDER_BRANCH
setup_develop $CINDER_DIR
if [ "$CINDER_ISCSI_HELPER" = "tgtadm" ]; then
@@ -423,12 +436,13 @@
_configure_tgt_for_config_d
if is_ubuntu; then
sudo service tgt restart
- elif is_fedora || is_suse; then
- restart_service tgtd
+ elif is_suse; then
+ # NOTE(dmllr): workaround restart bug
+ # https://bugzilla.suse.com/show_bug.cgi?id=934642
+ stop_service tgtd
+ start_service tgtd
else
- # note for other distros: unstack.sh also uses the tgt/tgtd service
- # name, and would need to be adjusted too
- exit_distro_not_supported "restarting tgt"
+ restart_service tgtd
fi
# NOTE(gfidente): ensure tgtd is running in debug mode
sudo tgtadm --mode system --op update --name debug --value on
diff --git a/lib/databases/mysql b/lib/databases/mysql
index 1b9a081..f097fb2 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -11,6 +11,13 @@
MY_XTRACE=$(set +o | grep xtrace)
set +o xtrace
+MYSQL_DRIVER=${MYSQL_DRIVER:-PyMySQL}
+# Force over to pymysql driver by default if we are using it.
+if is_service_enabled mysql; then
+ if [[ "$MYSQL_DRIVER" == "PyMySQL" ]]; then
+ SQLALCHEMY_DATABASE_DRIVER=${SQLALCHEMY_DATABASE_DRIVER:-"pymysql"}
+ fi
+fi
register_database mysql
@@ -155,8 +162,12 @@
function install_database_python_mysql {
# Install Python client module
- pip_install_gr MySQL-python
- ADDITIONAL_VENV_PACKAGES+=",MySQL-python"
+ pip_install_gr $MYSQL_DRIVER
+ if [[ "$MYSQL_DRIVER" == "MySQL-python" ]]; then
+ ADDITIONAL_VENV_PACKAGES+=",MySQL-python"
+ elif [[ "$MYSQL_DRIVER" == "PyMySQL" ]]; then
+ ADDITIONAL_VENV_PACKAGES+=",PyMySQL"
+ fi
}
function database_connection_url_mysql {
diff --git a/lib/glance b/lib/glance
index f543e54..016ade3 100644
--- a/lib/glance
+++ b/lib/glance
@@ -138,26 +138,12 @@
fi
# Store specific configs
- iniset $GLANCE_API_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
-
- # NOTE(flaper87): Until Glance is fully migrated, set these configs in both
- # sections.
iniset $GLANCE_API_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
iniset $GLANCE_API_CONF DEFAULT workers "$API_WORKERS"
# Store the images in swift if enabled.
if is_service_enabled s-proxy; then
- iniset $GLANCE_API_CONF DEFAULT default_store swift
- iniset $GLANCE_API_CONF DEFAULT swift_store_auth_address $KEYSTONE_SERVICE_URI/v2.0/
- iniset $GLANCE_API_CONF DEFAULT swift_store_user $SERVICE_TENANT_NAME:glance-swift
- iniset $GLANCE_API_CONF DEFAULT swift_store_key $SERVICE_PASSWORD
- iniset $GLANCE_API_CONF DEFAULT swift_store_create_container_on_put True
-
- iniset $GLANCE_API_CONF DEFAULT known_stores "glance.store.filesystem.Store, glance.store.http.Store, glance.store.swift.Store"
-
- # NOTE(flaper87): Until Glance is fully migrated, set these configs in both
- # sections.
iniset $GLANCE_API_CONF glance_store default_store swift
iniset $GLANCE_API_CONF glance_store swift_store_auth_address $KEYSTONE_SERVICE_URI/v2.0/
iniset $GLANCE_API_CONF glance_store swift_store_user $SERVICE_TENANT_NAME:glance-swift
@@ -168,6 +154,7 @@
if is_service_enabled tls-proxy; then
iniset $GLANCE_API_CONF DEFAULT bind_port $GLANCE_SERVICE_PORT_INT
+ iniset $GLANCE_API_CONF DEFAULT public_endpoint $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT
iniset $GLANCE_REGISTRY_CONF DEFAULT bind_port $GLANCE_REGISTRY_PORT_INT
fi
@@ -211,9 +198,6 @@
iniset $GLANCE_CACHE_CONF DEFAULT admin_password $SERVICE_PASSWORD
# Store specific confs
- # NOTE(flaper87): Until Glance is fully migrated, set these configs in both
- # sections.
- iniset $GLANCE_CACHE_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
iniset $GLANCE_CACHE_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
cp -p $GLANCE_DIR/etc/policy.json $GLANCE_POLICY_JSON
diff --git a/lib/horizon b/lib/horizon
index f953f5c..b0f306b 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -97,7 +97,14 @@
_horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_DEFAULT_ROLE \"Member\"
_horizon_config_set $local_settings "" OPENSTACK_HOST \"${KEYSTONE_SERVICE_HOST}\"
- _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v2.0\""
+
+ if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ # Only Identity v3 API is available; then use it with v3 auth tokens
+ _horizon_config_set $local_settings "" OPENSTACK_API_VERSIONS {\"identity\":3}
+ _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v3\""
+ else
+ _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v2.0\""
+ fi
if [ -f $SSL_BUNDLE_FILE ]; then
_horizon_config_set $local_settings "" OPENSTACK_SSL_CACERT \"${SSL_BUNDLE_FILE}\"
diff --git a/lib/infra b/lib/infra
index c825b4e..585e9b4 100644
--- a/lib/infra
+++ b/lib/infra
@@ -29,8 +29,13 @@
# install_infra() - Collect source and prepare
function install_infra {
+ local PIP_VIRTUAL_ENV="$REQUIREMENTS_DIR/.venv"
# bring down global requirements
git_clone $REQUIREMENTS_REPO $REQUIREMENTS_DIR $REQUIREMENTS_BRANCH
+ [ ! -d $PIP_VIRTUAL_ENV ] && virtualenv $PIP_VIRTUAL_ENV
+ # We don't care about testing git pbr in the requirements venv.
+ PIP_VIRTUAL_ENV=$PIP_VIRTUAL_ENV pip_install -U pbr
+ PIP_VIRTUAL_ENV=$PIP_VIRTUAL_ENV pip_install $REQUIREMENTS_DIR
# Install pbr
if use_library_from_git "pbr"; then
diff --git a/lib/ironic b/lib/ironic
index 4a37f0a..4984be1 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -58,6 +58,7 @@
IRONIC_IPMIINFO_FILE=${IRONIC_IPMIINFO_FILE:-$IRONIC_DATA_DIR/hardware_info}
# Set up defaults for functional / integration testing
+IRONIC_NODE_UUID=${IRONIC_NODE_UUID:-`uuidgen`}
IRONIC_SCRIPTS_DIR=${IRONIC_SCRIPTS_DIR:-$TOP_DIR/tools/ironic/scripts}
IRONIC_TEMPLATES_DIR=${IRONIC_TEMPLATES_DIR:-$TOP_DIR/tools/ironic/templates}
IRONIC_BAREMETAL_BASIC_OPS=$(trueorfalse False IRONIC_BAREMETAL_BASIC_OPS)
@@ -568,14 +569,6 @@
function enroll_nodes {
local chassis_id=$(ironic chassis-create -d "ironic test chassis" | grep " uuid " | get_field 2)
- if [[ "$IRONIC_DEPLOY_DRIVER" == "pxe_ssh" ]] ; then
- local _IRONIC_DEPLOY_KERNEL_KEY=pxe_deploy_kernel
- local _IRONIC_DEPLOY_RAMDISK_KEY=pxe_deploy_ramdisk
- elif is_deployed_by_agent; then
- local _IRONIC_DEPLOY_KERNEL_KEY=deploy_kernel
- local _IRONIC_DEPLOY_RAMDISK_KEY=deploy_ramdisk
- fi
-
if ! is_ironic_hardware; then
local ironic_node_cpu=$IRONIC_VM_SPECS_CPU
local ironic_node_ram=$IRONIC_VM_SPECS_RAM
@@ -583,8 +576,8 @@
local ironic_ephemeral_disk=$IRONIC_VM_EPHEMERAL_DISK
local ironic_hwinfo_file=$IRONIC_VM_MACS_CSV_FILE
local node_options="\
- -i $_IRONIC_DEPLOY_KERNEL_KEY=$IRONIC_DEPLOY_KERNEL_ID \
- -i $_IRONIC_DEPLOY_RAMDISK_KEY=$IRONIC_DEPLOY_RAMDISK_ID \
+ -i deploy_kernel=$IRONIC_DEPLOY_KERNEL_ID \
+ -i deploy_ramdisk=$IRONIC_DEPLOY_RAMDISK_ID \
-i ssh_virt_type=$IRONIC_SSH_VIRT_TYPE \
-i ssh_address=$IRONIC_VM_SSH_ADDRESS \
-i ssh_port=$IRONIC_VM_SSH_PORT \
@@ -615,11 +608,16 @@
# we create the bare metal flavor with minimum value
local node_options="-i ipmi_address=$ipmi_address -i ipmi_password=$ironic_ipmi_passwd\
-i ipmi_username=$ironic_ipmi_username"
- node_options+=" -i $_IRONIC_DEPLOY_KERNEL_KEY=$IRONIC_DEPLOY_KERNEL_ID"
- node_options+=" -i $_IRONIC_DEPLOY_RAMDISK_KEY=$IRONIC_DEPLOY_RAMDISK_ID"
+ node_options+=" -i deploy_kernel=$IRONIC_DEPLOY_KERNEL_ID"
+ node_options+=" -i deploy_ramdisk=$IRONIC_DEPLOY_RAMDISK_ID"
fi
- local node_id=$(ironic node-create --chassis_uuid $chassis_id \
+ # First node created will be used for testing in ironic w/o glance
+ # scenario, so we need to know its UUID.
+ local standalone_node_uuid=$([ $total_nodes -eq 0 ] && echo "--uuid $IRONIC_NODE_UUID")
+
+ local node_id=$(ironic node-create $standalone_node_uuid\
+ --chassis_uuid $chassis_id \
--driver $IRONIC_DEPLOY_DRIVER \
-p cpus=$ironic_node_cpu\
-p memory_mb=$ironic_node_ram\
diff --git a/lib/keystone b/lib/keystone
index 997bb14..7a949cf 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -50,7 +50,6 @@
KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone}
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
-KEYSTONE_AUTH_CACHE_DIR=${KEYSTONE_AUTH_CACHE_DIR:-/var/cache/keystone}
if is_suse; then
KEYSTONE_WSGI_DIR=${KEYSTONE_WSGI_DIR:-/srv/www/htdocs/keystone}
else
@@ -64,21 +63,21 @@
# Toggle for deploying Keystone under HTTPD + mod_wsgi
KEYSTONE_USE_MOD_WSGI=${KEYSTONE_USE_MOD_WSGI:-${ENABLE_HTTPD_MOD_WSGI_SERVICES}}
-# Select the backend for Keystone's service catalog
+# Select the Catalog backend driver
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates
-# Select the backend for Tokens
+# Select the token persistence backend driver
KEYSTONE_TOKEN_BACKEND=${KEYSTONE_TOKEN_BACKEND:-sql}
-# Select the backend for Identity
+# Select the Identity backend driver
KEYSTONE_IDENTITY_BACKEND=${KEYSTONE_IDENTITY_BACKEND:-sql}
-# Select the backend for Assignment
+# Select the Assignment backend driver
KEYSTONE_ASSIGNMENT_BACKEND=${KEYSTONE_ASSIGNMENT_BACKEND:-sql}
-# Select Keystone's token format
-# Choose from 'UUID', 'PKI', or 'PKIZ'
+# Select Keystone's token provider (and format)
+# Choose from 'uuid', 'pki', 'pkiz', or 'fernet'
KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-}
KEYSTONE_TOKEN_FORMAT=$(echo ${KEYSTONE_TOKEN_FORMAT} | tr '[:upper:]' '[:lower:]')
@@ -99,12 +98,6 @@
# Set the tenant for service accounts in Keystone
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
-# valid identity backends as per dir keystone/identity/backends
-KEYSTONE_VALID_IDENTITY_BACKENDS=kvs,ldap,pam,sql
-
-# valid assignment backends as per dir keystone/identity/backends
-KEYSTONE_VALID_ASSIGNMENT_BACKENDS=kvs,ldap,sql
-
# if we are running with SSL use https protocols
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
KEYSTONE_AUTH_PROTOCOL="https"
@@ -164,7 +157,7 @@
keystone_auth_port=$KEYSTONE_AUTH_PORT_INT
fi
if [[ ${USE_VENV} = True ]]; then
- venv_path="python-path=${PROJECT_VENV["keystone"]}/lib/python2.7/site-packages"
+ venv_path="python-path=${PROJECT_VENV["keystone"]}/lib/$(python_version)/site-packages"
fi
# copy proxy vhost and wsgi file
@@ -204,6 +197,12 @@
KEYSTONE_PASTE_INI="$KEYSTONE_CONF"
fi
+ if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ # Only Identity v3 API should be available; then disable v2 pipelines
+ inidelete $KEYSTONE_PASTE_INI composite:main \\/v2.0
+ inidelete $KEYSTONE_PASTE_INI composite:admin \\/v2.0
+ fi
+
configure_keystone_extensions
# Rewrite stock ``keystone.conf``
@@ -225,15 +224,8 @@
iniset $KEYSTONE_CONF DEFAULT member_role_name "_member_"
fi
- # check if identity backend is valid
- if [[ "$KEYSTONE_VALID_IDENTITY_BACKENDS" =~ "$KEYSTONE_IDENTITY_BACKEND" ]]; then
- iniset $KEYSTONE_CONF identity driver "keystone.identity.backends.$KEYSTONE_IDENTITY_BACKEND.Identity"
- fi
-
- # check if assignment backend is valid
- if [[ "$KEYSTONE_VALID_ASSIGNMENT_BACKENDS" =~ "$KEYSTONE_ASSIGNMENT_BACKEND" ]]; then
- iniset $KEYSTONE_CONF assignment driver "keystone.assignment.backends.$KEYSTONE_ASSIGNMENT_BACKEND.Assignment"
- fi
+ iniset $KEYSTONE_CONF identity driver "$KEYSTONE_IDENTITY_BACKEND"
+ iniset $KEYSTONE_CONF assignment driver "$KEYSTONE_ASSIGNMENT_BACKEND"
iniset_rpc_backend keystone $KEYSTONE_CONF
@@ -257,23 +249,16 @@
iniset $KEYSTONE_CONF DEFAULT admin_token "$SERVICE_TOKEN"
if [[ "$KEYSTONE_TOKEN_FORMAT" != "" ]]; then
- iniset $KEYSTONE_CONF token provider keystone.token.providers.$KEYSTONE_TOKEN_FORMAT.Provider
+ iniset $KEYSTONE_CONF token provider $KEYSTONE_TOKEN_FORMAT
fi
iniset $KEYSTONE_CONF database connection `database_connection_url keystone`
- iniset $KEYSTONE_CONF ec2 driver "keystone.contrib.ec2.backends.sql.Ec2"
- if [[ "$KEYSTONE_TOKEN_BACKEND" = "sql" ]]; then
- iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.sql.Token
- elif [[ "$KEYSTONE_TOKEN_BACKEND" = "memcache" ]]; then
- iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.memcache.Token
- else
- iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.kvs.Token
- fi
+ iniset $KEYSTONE_CONF token driver "$KEYSTONE_TOKEN_BACKEND"
+ iniset $KEYSTONE_CONF catalog driver "$KEYSTONE_CATALOG_BACKEND"
if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then
# Configure ``keystone.conf`` to use sql
- iniset $KEYSTONE_CONF catalog driver keystone.catalog.backends.sql.Catalog
inicomment $KEYSTONE_CONF catalog template_file
else
cp -p $FILES/default_catalog.templates $KEYSTONE_CATALOG
@@ -300,7 +285,6 @@
" -i $KEYSTONE_CATALOG
# Configure ``keystone.conf`` to use templates
- iniset $KEYSTONE_CONF catalog driver "keystone.catalog.backends.templated.Catalog"
iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG"
fi
@@ -496,10 +480,6 @@
# Set up certificates
rm -rf $KEYSTONE_CONF_DIR/ssl
$KEYSTONE_BIN_DIR/keystone-manage pki_setup
-
- # Create cache dir
- sudo install -d -o $STACK_USER $KEYSTONE_AUTH_CACHE_DIR
- rm -f $KEYSTONE_AUTH_CACHE_DIR/*
fi
}
diff --git a/lib/lvm b/lib/lvm
index 1fe2683..8afd543 100644
--- a/lib/lvm
+++ b/lib/lvm
@@ -78,7 +78,7 @@
}
-# _create_volume_group creates default volume group
+# _create_lvm_volume_group creates default volume group
#
# Usage: _create_lvm_volume_group() $vg $size
function _create_lvm_volume_group {
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
index 18b0942..3ac76a2 100644
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -168,6 +168,10 @@
## Provider Network Information
PROVIDER_SUBNET_NAME=${PROVIDER_SUBNET_NAME:-"provider_net"}
+# Define the public bridge that will transmit traffic from VMs to the
+# physical network - used by both the OVS and Linux Bridge drivers.
+PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}
+
# Use flat providernet for public network
#
# If Q_USE_PROVIDERNET_FOR_PUBLIC=True, use a flat provider network
@@ -459,6 +463,8 @@
fi
_configure_neutron_debug_command
+
+ iniset $NEUTRON_CONF DEFAULT api_workers "$API_WORKERS"
}
function create_nova_conf_neutron {
@@ -820,6 +826,10 @@
neutron_ovs_base_cleanup
fi
+ if [[ $Q_AGENT == "linuxbridge" ]]; then
+ neutron_lb_cleanup
+ fi
+
# delete all namespaces created by neutron
for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do
sudo ip netns delete ${ns}
@@ -1294,17 +1304,6 @@
IPV6_ROUTER_GW_IP=`neutron port-list -c fixed_ips | grep $ipv6_pub_subnet_id | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $8; }'`
die_if_not_set $LINENO IPV6_ROUTER_GW_IP "Failure retrieving IPV6_ROUTER_GW_IP"
- # The ovs_base_configure_l3_agent function flushes the public
- # bridge's ip addresses, so turn IPv6 support in the host off
- # and then on to recover the public bridge's link local address
- sudo sysctl -w net.ipv6.conf.${PUBLIC_BRIDGE}.disable_ipv6=1
- sudo sysctl -w net.ipv6.conf.${PUBLIC_BRIDGE}.disable_ipv6=0
- if ! ip -6 addr show dev $PUBLIC_BRIDGE | grep 'scope global'; then
- # Create an IPv6 ULA address for PUBLIC_BRIDGE if one is not present
- IPV6_BRIDGE_ULA=`uuidgen | sed s/-//g | cut -c 23- | sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/"`
- sudo ip -6 addr add fd$IPV6_BRIDGE_ULA::1 dev $PUBLIC_BRIDGE
- fi
-
if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then
local ext_gw_interface=$(_neutron_get_ext_gw_interface)
local ipv6_cidr_len=${IPV6_PUBLIC_RANGE#*/}
diff --git a/lib/neutron_plugins/linuxbridge_agent b/lib/neutron_plugins/linuxbridge_agent
index c9ea1ca..b348af9 100644
--- a/lib/neutron_plugins/linuxbridge_agent
+++ b/lib/neutron_plugins/linuxbridge_agent
@@ -7,6 +7,10 @@
PLUGIN_XTRACE=$(set +o | grep xtrace)
set +o xtrace
+function neutron_lb_cleanup {
+ sudo brctl delbr $PUBLIC_BRIDGE
+}
+
function is_neutron_ovs_base_plugin {
# linuxbridge doesn't use OVS
return 1
@@ -29,6 +33,7 @@
}
function neutron_plugin_configure_l3_agent {
+ sudo brctl addbr $PUBLIC_BRIDGE
iniset $Q_L3_CONF_FILE DEFAULT external_network_bridge
iniset $Q_L3_CONF_FILE DEFAULT l3_agent_manager neutron.agent.l3_agent.L3NATAgentWithStateReport
}
diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2
index 8853777..2733f1f 100644
--- a/lib/neutron_plugins/ml2
+++ b/lib/neutron_plugins/ml2
@@ -31,6 +31,9 @@
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS:-vni_ranges=1001:2000}
# Default VLAN TypeDriver options
Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-}
+# List of extension drivers to load, use '-' instead of ':-' to allow people to
+# explicitly override this to blank
+Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-port_security}
# L3 Plugin to load for ML2
ML2_L3_PLUGIN=${ML2_L3_PLUGIN:-neutron.services.l3_router.l3_router_plugin.L3RouterPlugin}
@@ -113,6 +116,8 @@
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 type_drivers=$Q_ML2_PLUGIN_TYPE_DRIVERS
+ populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 extension_drivers=$Q_ML2_PLUGIN_EXT_DRIVERS
+
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 $Q_SRV_EXTRA_OPTS
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2_type_gre $Q_ML2_PLUGIN_GRE_TYPE_OPTIONS
diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent
index 1d24f3b..2a05e2d 100644
--- a/lib/neutron_plugins/openvswitch_agent
+++ b/lib/neutron_plugins/openvswitch_agent
@@ -59,7 +59,7 @@
OVS_BRIDGE_MAPPINGS=$PHYSICAL_NETWORK:$OVS_PHYSICAL_BRIDGE
# Configure bridge manually with physical interface as port for multi-node
- sudo ovs-vsctl --no-wait -- --may-exist add-br $OVS_PHYSICAL_BRIDGE
+ _neutron_ovs_base_add_bridge $OVS_PHYSICAL_BRIDGE
fi
if [[ "$OVS_BRIDGE_MAPPINGS" != "" ]]; then
iniset /$Q_PLUGIN_CONF_FILE ovs bridge_mappings $OVS_BRIDGE_MAPPINGS
@@ -92,7 +92,7 @@
# Set up domU's L2 agent:
# Create a bridge "br-$GUEST_INTERFACE_DEFAULT"
- sudo ovs-vsctl --no-wait -- --may-exist add-br "br-$GUEST_INTERFACE_DEFAULT"
+ _neutron_ovs_base_add_bridge "br-$GUEST_INTERFACE_DEFAULT"
# Add $GUEST_INTERFACE_DEFAULT to that bridge
sudo ovs-vsctl add-port "br-$GUEST_INTERFACE_DEFAULT" $GUEST_INTERFACE_DEFAULT
diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base
index 51999c6..4e750f0 100644
--- a/lib/neutron_plugins/ovs_base
+++ b/lib/neutron_plugins/ovs_base
@@ -8,7 +8,6 @@
set +o xtrace
OVS_BRIDGE=${OVS_BRIDGE:-br-int}
-PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}
OVS_DATAPATH_TYPE=${OVS_DATAPATH_TYPE:-""}
function is_neutron_ovs_base_plugin {
@@ -16,13 +15,21 @@
return 0
}
+function _neutron_ovs_base_add_bridge {
+ local bridge=$1
+ local addbr_cmd="sudo ovs-vsctl --no-wait -- --may-exist add-br $bridge"
+
+ if [ "$OVS_DATAPATH_TYPE" != "" ] ; then
+ addbr_cmd="$addbr_cmd -- set Bridge $bridge datapath_type=${OVS_DATAPATH_TYPE}"
+ fi
+
+ $addbr_cmd
+}
+
function _neutron_ovs_base_setup_bridge {
local bridge=$1
neutron-ovs-cleanup
- sudo ovs-vsctl --no-wait -- --may-exist add-br $bridge
- if [[ $OVS_DATAPATH_TYPE != "" ]]; then
- sudo ovs-vsctl set Bridge $bridge datapath_type=${OVS_DATAPATH_TYPE}
- fi
+ _neutron_ovs_base_add_bridge $bridge
sudo ovs-vsctl --no-wait br-set-external-id $bridge bridge-id $bridge
}
@@ -93,7 +100,7 @@
sudo ip link set $Q_PUBLIC_VETH_EX up
sudo ip addr flush dev $Q_PUBLIC_VETH_EX
else
- sudo ovs-vsctl -- --may-exist add-br $PUBLIC_BRIDGE
+ _neutron_ovs_base_add_bridge $PUBLIC_BRIDGE
sudo ovs-vsctl br-set-external-id $PUBLIC_BRIDGE bridge-id $PUBLIC_BRIDGE
fi
}
diff --git a/lib/neutron_plugins/vmware_dvs b/lib/neutron_plugins/vmware_dvs
new file mode 100644
index 0000000..587d5a6
--- /dev/null
+++ b/lib/neutron_plugins/vmware_dvs
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# This file is needed so Q_PLUGIN=vmware_dvs will work.
+
+# FIXME(salv-orlando): This function should not be here, but unfortunately
+# devstack calls it before the external plugins are fetched
+function has_neutron_plugin_security_group {
+ # 0 means True here
+ return 0
+}
diff --git a/lib/neutron_plugins/vmware_nsx_v3 b/lib/neutron_plugins/vmware_nsx_v3
new file mode 100644
index 0000000..6d8a6e6
--- /dev/null
+++ b/lib/neutron_plugins/vmware_nsx_v3
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# This file is needed so Q_PLUGIN=vmware_nsx_v3 will work.
+
+# FIXME(salv-orlando): This function should not be here, but unfortunately
+# devstack calls it before the external plugins are fetched
+function has_neutron_plugin_security_group {
+ # 0 means True here
+ return 0
+}
diff --git a/lib/nova b/lib/nova
index 6ac9da3..88b336a 100644
--- a/lib/nova
+++ b/lib/nova
@@ -53,6 +53,7 @@
NOVA_CELLS_CONF=$NOVA_CONF_DIR/nova-cells.conf
NOVA_FAKE_CONF=$NOVA_CONF_DIR/nova-fake.conf
NOVA_CELLS_DB=${NOVA_CELLS_DB:-nova_cell}
+NOVA_API_DB=${NOVA_API_DB:-nova_api}
NOVA_API_PASTE_INI=${NOVA_API_PASTE_INI:-$NOVA_CONF_DIR/api-paste.ini}
# NOVA_API_VERSION valid options
@@ -231,6 +232,10 @@
#if is_service_enabled n-cpu && [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
# cleanup_nova_hypervisor
#fi
+
+ if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then
+ _cleanup_nova_apache_wsgi
+ fi
}
# _cleanup_nova_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
@@ -259,7 +264,7 @@
nova_keyfile="SSLCertificateKeyFile $NOVA_SSL_KEY"
fi
if [[ ${USE_VENV} = True ]]; then
- venv_path="python-path=${PROJECT_VENV["nova"]}/lib/python2.7/site-packages"
+ venv_path="python-path=${PROJECT_VENV["nova"]}/lib/$(python_version)/site-packages"
fi
# copy proxy vhost and wsgi helper files
@@ -276,6 +281,7 @@
s|%SSLKEYFILE%|$nova_keyfile|g;
s|%USER%|$STACK_USER|g;
s|%VIRTUALENV%|$venv_path|g
+ s|%APIWORKERS%|$API_WORKERS|g
" -i $nova_apache_conf
sudo cp $FILES/apache-nova-ec2-api.template $nova_ec2_apache_conf
@@ -288,6 +294,7 @@
s|%SSLKEYFILE%|$nova_keyfile|g;
s|%USER%|$STACK_USER|g;
s|%VIRTUALENV%|$venv_path|g
+ s|%APIWORKERS%|$API_WORKERS|g
" -i $nova_ec2_apache_conf
}
@@ -298,7 +305,7 @@
install_default_policy nova
- configure_rootwrap nova $NOVA_BIN_DIR/nova-rootwrap $NOVA_DIR/etc/nova
+ configure_rootwrap nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
# Get the sample configuration file in place
@@ -471,6 +478,7 @@
iniset $NOVA_CONF DEFAULT s3_port "$S3_SERVICE_PORT"
iniset $NOVA_CONF DEFAULT my_ip "$HOST_IP"
iniset $NOVA_CONF database connection `database_connection_url nova`
+ iniset $NOVA_CONF api_database connection `database_connection_url nova_api`
iniset $NOVA_CONF DEFAULT instance_name_template "${INSTANCE_NAME_PREFIX}%08x"
iniset $NOVA_CONF osapi_v3 enabled "True"
@@ -489,6 +497,7 @@
if is_service_enabled tls-proxy; then
# Set the service port for a proxy to take the original
iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT"
+ iniset $NOVA_CONF DEFAULT osapi_compute_link_prefix $NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT
fi
configure_auth_token_middleware $NOVA_CONF nova $NOVA_AUTH_CACHE_DIR
@@ -674,6 +683,9 @@
if is_service_enabled n-cell; then
recreate_database $NOVA_CELLS_DB
fi
+
+ recreate_database $NOVA_API_DB
+ $NOVA_BIN_DIR/nova-manage api_db sync
fi
create_nova_cache_dir
@@ -755,8 +767,8 @@
enable_apache_site nova-api
enable_apache_site nova-ec2-api
restart_apache_server
- tail_log nova /var/log/$APACHE_NAME/nova-api.log
- tail_log nova /var/log/$APACHE_NAME/nova-ec2-api.log
+ tail_log nova-api /var/log/$APACHE_NAME/nova-api.log
+ tail_log nova-ec2-api /var/log/$APACHE_NAME/nova-ec2-api.log
else
run_process n-api "$NOVA_BIN_DIR/nova-api"
fi
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 04da5e2..96d8a44 100755
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -39,17 +39,6 @@
pip_install_gr libvirt-python
install_package python-libguestfs
fi
-
- # Restart firewalld after install of libvirt to avoid a problem
- # with polkit, which libvirtd brings in. See
- # https://bugzilla.redhat.com/show_bug.cgi?id=1099031
-
- # Note there is a difference between F20 rackspace cloud images
- # and HP images used in the gate; rackspace has firewalld but hp
- # cloud doesn't.
- if is_fedora && is_package_installed firewalld; then
- sudo service firewalld restart || true
- fi
}
# Configures the installed libvirt system so that is accessible by
diff --git a/lib/oslo b/lib/oslo
index d9688a0..554bec8 100644
--- a/lib/oslo
+++ b/lib/oslo
@@ -22,8 +22,10 @@
# Defaults
# --------
+GITDIR["automaton"]=$DEST/automaton
GITDIR["cliff"]=$DEST/cliff
GITDIR["debtcollector"]=$DEST/debtcollector
+GITDIR["futurist"]=$DEST/futurist
GITDIR["oslo.concurrency"]=$DEST/oslo.concurrency
GITDIR["oslo.config"]=$DEST/oslo.config
GITDIR["oslo.context"]=$DEST/oslo.context
@@ -35,6 +37,7 @@
GITDIR["oslo.policy"]=$DEST/oslo.policy
GITDIR["oslo.rootwrap"]=$DEST/oslo.rootwrap
GITDIR["oslo.serialization"]=$DEST/oslo.serialization
+GITDIR["oslo.service"]=$DEST/oslo.service
GITDIR["oslo.utils"]=$DEST/oslo.utils
GITDIR["oslo.versionedobjects"]=$DEST/oslo.versionedobjects
GITDIR["oslo.vmware"]=$DEST/oslo.vmware
@@ -62,6 +65,7 @@
function install_oslo {
_do_install_oslo_lib "cliff"
_do_install_oslo_lib "debtcollector"
+ _do_install_oslo_lib "futurist"
_do_install_oslo_lib "oslo.concurrency"
_do_install_oslo_lib "oslo.config"
_do_install_oslo_lib "oslo.context"
@@ -73,6 +77,7 @@
_do_install_oslo_lib "oslo.policy"
_do_install_oslo_lib "oslo.rootwrap"
_do_install_oslo_lib "oslo.serialization"
+ _do_install_oslo_lib "oslo.service"
_do_install_oslo_lib "oslo.utils"
_do_install_oslo_lib "oslo.versionedobjects"
_do_install_oslo_lib "oslo.vmware"
diff --git a/lib/rpc_backend b/lib/rpc_backend
index 297ebac..33ab03d 100644
--- a/lib/rpc_backend
+++ b/lib/rpc_backend
@@ -194,13 +194,22 @@
# NOTE(bnemec): Retry initial rabbitmq configuration to deal with
# the fact that sometimes it fails to start properly.
# Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1144100
+ # NOTE(tonyb): Extend the orginal retry logic to only restart rabbitmq
+ # every second time around the loop.
+ # See: https://bugs.launchpad.net/devstack/+bug/1449056 for details on
+ # why this is needed. This can bee seen on vivid and Debian unstable
+ # (May 2015)
+ # TODO(tonyb): Remove this when Debian and Ubuntu have a fixed systemd
+ # service file.
local i
- for i in `seq 10`; do
+ for i in `seq 20`; do
local rc=0
- [[ $i -eq "10" ]] && die $LINENO "Failed to set rabbitmq password"
+ [[ $i -eq "20" ]] && die $LINENO "Failed to set rabbitmq password"
- restart_service rabbitmq-server
+ if [[ $(( i % 2 )) == "0" ]] ; then
+ restart_service rabbitmq-server
+ fi
rabbit_setuser "$RABBIT_USERID" "$RABBIT_PASSWORD" || rc=$?
if [ $rc -ne 0 ]; then
diff --git a/lib/sahara b/lib/sahara
index 6d4e864..51e431a 100644
--- a/lib/sahara
+++ b/lib/sahara
@@ -186,7 +186,7 @@
if is_service_enabled tls-proxy; then
# Set the service port for a proxy to take the original
- iniset $SAHARA_CONF DEFAULT port $SAHARA_SERVICE_PORT_INT
+ iniset $SAHARA_CONF_FILE DEFAULT port $SAHARA_SERVICE_PORT_INT
fi
recreate_database sahara
diff --git a/lib/tempest b/lib/tempest
index 6ce245a..9847e67 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -91,10 +91,7 @@
local extensions_list=$1
shift
local disabled_exts=$*
- for ext_to_remove in ${disabled_exts//,/ } ; do
- extensions_list=${extensions_list/$ext_to_remove","}
- done
- echo $extensions_list
+ remove_disabled_services "$extensions_list" "$disabled_exts"
}
# configure_tempest() - Set config files, create data dirs, etc
@@ -106,6 +103,10 @@
pip_install_gr testrepository
fi
+ # Used during configuration so make sure we have the correct
+ # version installed
+ pip_install_gr python-openstackclient
+
local image_lines
local images
local num_images
@@ -143,9 +144,7 @@
image_uuid_alt="$IMAGE_UUID"
fi
images+=($IMAGE_UUID)
- # TODO(stevemar): update this command to use openstackclient's `openstack image list`
- # when it supports listing by status.
- done < <(glance image-list --status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
+ done < <(openstack image list --property status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
case "${#images[*]}" in
0)
@@ -311,7 +310,15 @@
iniset $TEMPEST_CONFIG identity admin_tenant_id $ADMIN_TENANT_ID
iniset $TEMPEST_CONFIG identity admin_domain_name $ADMIN_DOMAIN_NAME
fi
- iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v2}
+ if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ # Only Identity v3 is available; then skip Identity API v2 tests
+ iniset $TEMPEST_CONFIG identity-feature-enabled v2_api False
+ # In addition, use v3 auth tokens for running all Tempest tests
+ iniset $TEMPEST_CONFIG identity auth_version v3
+ else
+ iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v2}
+ fi
+
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
iniset $TEMPEST_CONFIG identity ca_certificates_file $SSL_BUNDLE_FILE
fi
@@ -322,6 +329,10 @@
if [[ ! -z "$TEMPEST_HTTP_IMAGE" ]]; then
iniset $TEMPEST_CONFIG image http_image $TEMPEST_HTTP_IMAGE
fi
+ iniset $TEMPEST_CONFIG image-feature-enabled deactivate_image true
+
+ # Image Features
+ iniset $TEMPEST_CONFIG image-feature-enabled deactivate_image True
# Auth
TEMPEST_ALLOW_TENANT_ISOLATION=${TEMPEST_ALLOW_TENANT_ISOLATION:-$TEMPEST_HAS_ADMIN}
@@ -340,7 +351,9 @@
iniset $TEMPEST_CONFIG compute flavor_ref $flavor_ref
iniset $TEMPEST_CONFIG compute flavor_ref_alt $flavor_ref_alt
iniset $TEMPEST_CONFIG compute ssh_connect_method $ssh_connect_method
- iniset $TEMPEST_CONFIG compute fixed_network_name $PRIVATE_NETWORK_NAME
+ if [[ ! $(is_service_enabled n-cell) && ! $(is_service_enabled neutron) ]]; then
+ iniset $TEMPEST_CONFIG compute fixed_network_name $PRIVATE_NETWORK_NAME
+ fi
# Compute Features
# Run ``verify_tempest_config -ur`` to retrieve enabled extensions on API endpoints
@@ -426,6 +439,7 @@
# Ceilometer API optimization happened in Juno that allows to run more tests in tempest.
# Once Tempest retires support for icehouse this flag can be removed.
iniset $TEMPEST_CONFIG telemetry too_slow_to_test "False"
+ iniset $TEMPEST_CONFIG telemetry-feature-enabled events "True"
# Object Store
local object_storage_api_extensions=${OBJECT_STORAGE_API_EXTENSIONS:-"all"}
@@ -483,6 +497,8 @@
if [ "$VIRT_DRIVER" = "ironic" ] ; then
iniset $TEMPEST_CONFIG baremetal driver_enabled True
iniset $TEMPEST_CONFIG baremetal unprovision_timeout 300
+ iniset $TEMPEST_CONFIG baremetal deploy_img_dir $FILES
+ iniset $TEMPEST_CONFIG baremetal node_uuid $IRONIC_NODE_UUID
iniset $TEMPEST_CONFIG compute-feature-enabled change_password False
iniset $TEMPEST_CONFIG compute-feature-enabled console_output False
iniset $TEMPEST_CONFIG compute-feature-enabled interface_attach False
diff --git a/lib/trove b/lib/trove
deleted file mode 100644
index b0a9610..0000000
--- a/lib/trove
+++ /dev/null
@@ -1,252 +0,0 @@
-#!/bin/bash
-#
-# lib/trove
-# Functions to control the configuration and operation of the **Trove** service
-
-# Dependencies:
-# ``functions`` file
-# ``DEST``, ``STACK_USER`` must be defined
-# ``SERVICE_{HOST|PROTOCOL|TOKEN}`` must be defined
-
-# ``stack.sh`` calls the entry points in this order:
-#
-# install_trove
-# configure_trove
-# init_trove
-# start_trove
-# stop_trove
-# cleanup_trove
-
-# Save trace setting
-XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-
-# Defaults
-# --------
-if is_service_enabled neutron; then
- TROVE_HOST_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-172.24.4.1}
-else
- TROVE_HOST_GATEWAY=${NETWORK_GATEWAY:-10.0.0.1}
-fi
-
-# Set up default configuration
-GITDIR["python-troveclient"]=$DEST/python-troveclient
-
-TROVE_DIR=$DEST/trove
-TROVE_CONF_DIR=${TROVE_CONF_DIR:-/etc/trove}
-TROVE_CONF=${TROVE_CONF:-$TROVE_CONF_DIR/trove.conf}
-TROVE_TASKMANAGER_CONF=${TROVE_TASKMANAGER_CONF:-$TROVE_CONF_DIR/trove-taskmanager.conf}
-TROVE_CONDUCTOR_CONF=${TROVE_CONDUCTOR_CONF:-$TROVE_CONF_DIR/trove-conductor.conf}
-TROVE_GUESTAGENT_CONF=${TROVE_GUESTAGENT_CONF:-$TROVE_CONF_DIR/trove-guestagent.conf}
-TROVE_API_PASTE_INI=${TROVE_API_PASTE_INI:-$TROVE_CONF_DIR/api-paste.ini}
-
-TROVE_LOCAL_CONF_DIR=$TROVE_DIR/etc/trove
-TROVE_LOCAL_API_PASTE_INI=$TROVE_LOCAL_CONF_DIR/api-paste.ini
-TROVE_AUTH_CACHE_DIR=${TROVE_AUTH_CACHE_DIR:-/var/cache/trove}
-TROVE_DATASTORE_TYPE=${TROVE_DATASTORE_TYPE:-"mysql"}
-TROVE_DATASTORE_VERSION=${TROVE_DATASTORE_VERSION:-"5.6"}
-TROVE_DATASTORE_PACKAGE=${TROVE_DATASTORE_PACKAGE:-"mysql-server-5.6"}
-
-# Support entry points installation of console scripts
-if [[ -d $TROVE_DIR/bin ]]; then
- TROVE_BIN_DIR=$TROVE_DIR/bin
-else
- TROVE_BIN_DIR=$(get_python_exec_prefix)
-fi
-TROVE_MANAGE=$TROVE_BIN_DIR/trove-manage
-
-# Tell Tempest this project is present
-TEMPEST_SERVICES+=,trove
-
-
-# Functions
-# ---------
-
-# Test if any Trove services are enabled
-# is_trove_enabled
-function is_trove_enabled {
- [[ ,${ENABLED_SERVICES} =~ ,"tr-" ]] && return 0
- return 1
-}
-
-# setup_trove_logging() - Adds logging configuration to conf files
-function setup_trove_logging {
- local CONF=$1
- iniset $CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
- iniset $CONF DEFAULT use_syslog $SYSLOG
- if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
- # Add color to logging output
- setup_colorized_logging $CONF DEFAULT tenant user
- fi
-}
-
-# create_trove_accounts() - Set up common required Trove accounts
-
-# Tenant User Roles
-# ------------------------------------------------------------------
-# service trove admin # if enabled
-
-function create_trove_accounts {
- if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then
-
- create_service_user "trove"
-
- if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
-
- local trove_service=$(get_or_create_service "trove" \
- "database" "Trove Service")
- get_or_create_endpoint $trove_service \
- "$REGION_NAME" \
- "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
- "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
- "http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s"
- fi
- fi
-}
-
-# stack.sh entry points
-# ---------------------
-
-# cleanup_trove() - Remove residual data files, anything left over from previous
-# runs that a clean run would need to clean up
-function cleanup_trove {
- #Clean up dirs
- rm -fr $TROVE_AUTH_CACHE_DIR/*
- rm -fr $TROVE_CONF_DIR/*
-}
-
-# configure_trove() - Set config files, create data dirs, etc
-function configure_trove {
- setup_develop $TROVE_DIR
-
- # Create the trove conf dir and cache dirs if they don't exist
- sudo install -d -o $STACK_USER ${TROVE_CONF_DIR} ${TROVE_AUTH_CACHE_DIR}
-
- # Copy api-paste file over to the trove conf dir
- cp $TROVE_LOCAL_API_PASTE_INI $TROVE_API_PASTE_INI
-
- # (Re)create trove conf files
- rm -f $TROVE_CONF
- rm -f $TROVE_TASKMANAGER_CONF
- rm -f $TROVE_CONDUCTOR_CONF
-
- iniset $TROVE_CONF DEFAULT rabbit_userid $RABBIT_USERID
- iniset $TROVE_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
- iniset $TROVE_CONF database connection `database_connection_url trove`
- iniset $TROVE_CONF DEFAULT default_datastore $TROVE_DATASTORE_TYPE
- setup_trove_logging $TROVE_CONF
- iniset $TROVE_CONF DEFAULT trove_api_workers "$API_WORKERS"
-
- configure_auth_token_middleware $TROVE_CONF trove $TROVE_AUTH_CACHE_DIR
-
- # (Re)create trove taskmanager conf file if needed
- if is_service_enabled tr-tmgr; then
- TROVE_AUTH_ENDPOINT=$KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION
-
- iniset $TROVE_TASKMANAGER_CONF DEFAULT rabbit_userid $RABBIT_USERID
- iniset $TROVE_TASKMANAGER_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
- iniset $TROVE_TASKMANAGER_CONF database connection `database_connection_url trove`
- iniset $TROVE_TASKMANAGER_CONF DEFAULT taskmanager_manager trove.taskmanager.manager.Manager
- iniset $TROVE_TASKMANAGER_CONF DEFAULT nova_proxy_admin_user radmin
- iniset $TROVE_TASKMANAGER_CONF DEFAULT nova_proxy_admin_tenant_name trove
- iniset $TROVE_TASKMANAGER_CONF DEFAULT nova_proxy_admin_pass $RADMIN_USER_PASS
- iniset $TROVE_TASKMANAGER_CONF DEFAULT trove_auth_url $TROVE_AUTH_ENDPOINT
- setup_trove_logging $TROVE_TASKMANAGER_CONF
- fi
-
- # (Re)create trove conductor conf file if needed
- if is_service_enabled tr-cond; then
- iniset $TROVE_CONDUCTOR_CONF DEFAULT rabbit_userid $RABBIT_USERID
- iniset $TROVE_CONDUCTOR_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
- iniset $TROVE_CONDUCTOR_CONF database connection `database_connection_url trove`
- iniset $TROVE_CONDUCTOR_CONF DEFAULT nova_proxy_admin_user radmin
- iniset $TROVE_CONDUCTOR_CONF DEFAULT nova_proxy_admin_tenant_name trove
- iniset $TROVE_CONDUCTOR_CONF DEFAULT nova_proxy_admin_pass $RADMIN_USER_PASS
- iniset $TROVE_CONDUCTOR_CONF DEFAULT trove_auth_url $TROVE_AUTH_ENDPOINT
- iniset $TROVE_CONDUCTOR_CONF DEFAULT control_exchange trove
- setup_trove_logging $TROVE_CONDUCTOR_CONF
- fi
-
- # Set up Guest Agent conf
- iniset $TROVE_GUESTAGENT_CONF DEFAULT rabbit_userid $RABBIT_USERID
- iniset $TROVE_GUESTAGENT_CONF DEFAULT rabbit_host $TROVE_HOST_GATEWAY
- iniset $TROVE_GUESTAGENT_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
- iniset $TROVE_GUESTAGENT_CONF DEFAULT nova_proxy_admin_user radmin
- iniset $TROVE_GUESTAGENT_CONF DEFAULT nova_proxy_admin_tenant_name trove
- iniset $TROVE_GUESTAGENT_CONF DEFAULT nova_proxy_admin_pass $RADMIN_USER_PASS
- iniset $TROVE_GUESTAGENT_CONF DEFAULT trove_auth_url $TROVE_AUTH_ENDPOINT
- iniset $TROVE_GUESTAGENT_CONF DEFAULT control_exchange trove
- iniset $TROVE_GUESTAGENT_CONF DEFAULT ignore_users os_admin
- iniset $TROVE_GUESTAGENT_CONF DEFAULT log_dir /var/log/trove/
- iniset $TROVE_GUESTAGENT_CONF DEFAULT log_file trove-guestagent.log
- setup_trove_logging $TROVE_GUESTAGENT_CONF
-}
-
-# install_troveclient() - Collect source and prepare
-function install_troveclient {
- if use_library_from_git "python-troveclient"; then
- git_clone_by_name "python-troveclient"
- setup_dev_lib "python-troveclient"
- fi
-}
-
-# install_trove() - Collect source and prepare
-function install_trove {
- git_clone $TROVE_REPO $TROVE_DIR $TROVE_BRANCH
-}
-
-# init_trove() - Initializes Trove Database as a Service
-function init_trove {
- # (Re)Create trove db
- recreate_database trove
-
- # Initialize the trove database
- $TROVE_MANAGE db_sync
-
- # If no guest image is specified, skip remaining setup
- [ -z "$TROVE_GUEST_IMAGE_URL" ] && return 0
-
- # Find the glance id for the trove guest image
- # The image is uploaded by stack.sh -- see $IMAGE_URLS handling
- GUEST_IMAGE_NAME=$(basename "$TROVE_GUEST_IMAGE_URL")
- GUEST_IMAGE_NAME=${GUEST_IMAGE_NAME%.*}
- TROVE_GUEST_IMAGE_ID=$(openstack --os-token $TOKEN --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image list | grep "${GUEST_IMAGE_NAME}" | get_field 1)
- if [ -z "$TROVE_GUEST_IMAGE_ID" ]; then
- # If no glance id is found, skip remaining setup
- echo "Datastore ${TROVE_DATASTORE_TYPE} will not be created: guest image ${GUEST_IMAGE_NAME} not found."
- return 1
- fi
-
- # Now that we have the guest image id, initialize appropriate datastores / datastore versions
- $TROVE_MANAGE datastore_update "$TROVE_DATASTORE_TYPE" ""
- $TROVE_MANAGE datastore_version_update "$TROVE_DATASTORE_TYPE" "$TROVE_DATASTORE_VERSION" "$TROVE_DATASTORE_TYPE" \
- "$TROVE_GUEST_IMAGE_ID" "$TROVE_DATASTORE_PACKAGE" 1
- $TROVE_MANAGE datastore_version_update "$TROVE_DATASTORE_TYPE" "inactive_version" "inactive_manager" "$TROVE_GUEST_IMAGE_ID" "" 0
- $TROVE_MANAGE datastore_update "$TROVE_DATASTORE_TYPE" "$TROVE_DATASTORE_VERSION"
- $TROVE_MANAGE datastore_update "Inactive_Datastore" ""
-}
-
-# start_trove() - Start running processes, including screen
-function start_trove {
- run_process tr-api "$TROVE_BIN_DIR/trove-api --config-file=$TROVE_CONF --debug"
- run_process tr-tmgr "$TROVE_BIN_DIR/trove-taskmanager --config-file=$TROVE_TASKMANAGER_CONF --debug"
- run_process tr-cond "$TROVE_BIN_DIR/trove-conductor --config-file=$TROVE_CONDUCTOR_CONF --debug"
-}
-
-# stop_trove() - Stop running processes
-function stop_trove {
- # Kill the trove screen windows
- local serv
- for serv in tr-api tr-tmgr tr-cond; do
- stop_process $serv
- done
-}
-
-# Restore xtrace
-$XTRACE
-
-# Tell emacs to use shell-script-mode
-## Local variables:
-## mode: shell-script
-## End:
diff --git a/openrc b/openrc
index aec8a2a..64faa58 100644
--- a/openrc
+++ b/openrc
@@ -78,8 +78,14 @@
#
export OS_AUTH_URL=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:5000/v${OS_IDENTITY_API_VERSION}
-# Set the pointer to our CA certificate chain. Harmless if TLS is not used.
-export OS_CACERT=${OS_CACERT:-$INT_CA_DIR/ca-chain.pem}
+# Set OS_CACERT to a default CA certificate chain if it exists.
+if [[ ! -v OS_CACERT ]] ; then
+ DEFAULT_OS_CACERT=$INT_CA_DIR/ca-chain.pem
+ # If the file does not exist, this may confuse preflight sanity checks
+ if [ -e $DEFAULT_OS_CACERT ] ; then
+ export OS_CACERT=$DEFAULT_OS_CACERT
+ fi
+fi
# Currently novaclient needs you to specify the *compute api* version. This
# needs to match the config of your catalog returned by Keystone.
diff --git a/stack.sh b/stack.sh
index f0aafaf..0d9d836 100755
--- a/stack.sh
+++ b/stack.sh
@@ -173,7 +173,7 @@
# Warn users who aren't on an explicitly supported distro, but allow them to
# override check and attempt installation with ``FORCE=yes ./stack``
-if [[ ! ${DISTRO} =~ (precise|trusty|7.0|wheezy|sid|testing|jessie|f20|f21|rhel7) ]]; then
+if [[ ! ${DISTRO} =~ (precise|trusty|utopic|vivid|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then
echo "WARNING: this script has not been tested on $DISTRO"
if [[ "$FORCE" != "yes" ]]; then
die $LINENO "If you wish to run this script anyway run with FORCE=yes"
@@ -669,6 +669,9 @@
fi
fi
+# Save configuration values
+save_stackenv $LINENO
+
# Install Packages
# ================
@@ -950,6 +953,9 @@
# Initialize the directory for service status check
init_service_check
+# Save configuration values
+save_stackenv $LINENO
+
# Start Services
# ==============
@@ -1213,13 +1219,6 @@
elif is_service_enabled $DATABASE_BACKENDS && is_service_enabled n-net; then
NM_CONF=${NOVA_CONF}
if is_service_enabled n-cell; then
- # Both cells should have the same network uuid for server create
- if [[ ! "$NETWORK_CREATE_ARGS" =~ "--uuid" ]]; then
- NETWORK_CREATE_ARGS="$NETWORK_CREATE_ARGS --uuid $(uuidgen)"
- fi
- # Create a small network in the API cell
- $NOVA_BIN_DIR/nova-manage --config-file $NM_CONF network create "$PRIVATE_NETWORK_NAME" $FIXED_RANGE 1 $FIXED_NETWORK_SIZE $NETWORK_CREATE_ARGS
- # Everything else should go in the child cell
NM_CONF=${NOVA_CELLS_CONF}
fi
@@ -1294,12 +1293,30 @@
# Save some values we generated for later use
-CURRENT_RUN_TIME=$(date "+$TIMESTAMP_FORMAT")
-echo "# $CURRENT_RUN_TIME" >$TOP_DIR/.stackenv
-for i in BASE_SQL_CONN ENABLED_SERVICES HOST_IP LOGFILE \
- SERVICE_HOST SERVICE_PROTOCOL STACK_USER TLS_IP KEYSTONE_AUTH_PROTOCOL OS_CACERT; do
- echo $i=${!i} >>$TOP_DIR/.stackenv
-done
+save_stackenv
+
+# Write out a clouds.yaml file
+# putting the location into a variable to allow for easier refactoring later
+# to make it overridable. There is current no usecase where doing so makes
+# sense, so I'm not actually doing it now.
+CLOUDS_YAML=~/.config/openstack/clouds.yaml
+if [ ! -e $CLOUDS_YAML ]; then
+ mkdir -p $(dirname $CLOUDS_YAML)
+ cat >"$CLOUDS_YAML" <<EOF
+clouds:
+ devstack:
+ auth:
+ auth_url: $KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION
+ username: demo
+ project_name: demo
+ password: $ADMIN_PASSWORD
+ region_name: $REGION_NAME
+ identity_api_version: $IDENTITY_API_VERSION
+EOF
+ if [ -f "$SSL_BUNDLE_FILE" ]; then
+ echo " cacert: $SSL_BUNDLE_FILE" >>"$CLOUDS_YAML"
+ fi
+fi
# Wrapup configuration
diff --git a/stackrc b/stackrc
index 3c08b15..1ac1338 100644
--- a/stackrc
+++ b/stackrc
@@ -87,9 +87,6 @@
# Set the default Nova APIs to enable
NOVA_ENABLED_APIS=ec2,osapi_compute,metadata
-# Configure Identity API version: 2.0, 3
-IDENTITY_API_VERSION=2.0
-
# Whether to use 'dev mode' for screen windows. Dev mode works by
# stuffing text into the screen windows so that a developer can use
# ctrl-c, up-arrow, enter to restart the service. Starting services
@@ -106,6 +103,22 @@
source $RC_DIR/.localrc.auto
fi
+# Configure Identity API version: 2.0, 3
+IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-2.0}
+
+# Set the option ENABLE_IDENTITY_V2 to True. It defines whether the DevStack
+# deployment will be deploying the Identity v2 pipelines. If this option is set
+# to ``False``, DevStack will: i) disable Identity v2; ii) configure Tempest to
+# skip Identity v2 specific tests; and iii) configure Horizon to use Identity
+# v3. When this option is set to ``False``, the option IDENTITY_API_VERSION
+# will to be set to ``3`` in order to make DevStack register the Identity
+# endpoint as v3. This flag is experimental and will be used as basis to
+# identify the projects which still have issues to operate with Identity v3.
+ENABLE_IDENTITY_V2=$(trueorfalse True ENABLE_IDENTITY_V2)
+if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
+ IDENTITY_API_VERSION=3
+fi
+
# Enable use of Python virtual environments. Individual project use of
# venvs are controlled by the PROJECT_VENV array; every project with
# an entry in the array will be installed into the named venv.
@@ -231,11 +244,6 @@
SWIFT_REPO=${SWIFT_REPO:-${GIT_BASE}/openstack/swift.git}
SWIFT_BRANCH=${SWIFT_BRANCH:-master}
-# trove service
-TROVE_REPO=${TROVE_REPO:-${GIT_BASE}/openstack/trove.git}
-TROVE_BRANCH=${TROVE_BRANCH:-master}
-
-
##############
#
# Testing Components
@@ -301,10 +309,6 @@
GITREPO["python-swiftclient"]=${SWIFTCLIENT_REPO:-${GIT_BASE}/openstack/python-swiftclient.git}
GITBRANCH["python-swiftclient"]=${SWIFTCLIENT_BRANCH:-master}
-# trove client library test
-GITREPO["python-troveclient"]=${TROVECLIENT_REPO:-${GIT_BASE}/openstack/python-troveclient.git}
-GITBRANCH["python-troveclient"]=${TROVECLIENT_BRANCH:-master}
-
# consolidated openstack python client
GITREPO["python-openstackclient"]=${OPENSTACKCLIENT_REPO:-${GIT_BASE}/openstack/python-openstackclient.git}
GITBRANCH["python-openstackclient"]=${OPENSTACKCLIENT_BRANCH:-master}
@@ -322,10 +326,18 @@
GITREPO["cliff"]=${CLIFF_REPO:-${GIT_BASE}/openstack/cliff.git}
GITBRANCH["cliff"]=${CLIFF_BRANCH:-master}
+# async framework/helpers
+GITREPO["futurist"]=${FUTURIST_REPO:-${GIT_BASE}/openstack/futurist.git}
+GITBRANCH["futurist"]=${FUTURIST_BRANCH:-master}
+
# debtcollector deprecation framework/helpers
GITREPO["debtcollector"]=${DEBTCOLLECTOR_REPO:-${GIT_BASE}/openstack/debtcollector.git}
GITBRANCH["debtcollector"]=${DEBTCOLLECTOR_BRANCH:-master}
+# helpful state machines
+GITREPO["automaton"]=${AUTOMATON_REPO:-${GIT_BASE}/openstack/automaton.git}
+GITBRANCH["automaton"]=${AUTOMATON_BRANCH:-master}
+
# oslo.concurrency
GITREPO["oslo.concurrency"]=${OSLOCON_REPO:-${GIT_BASE}/openstack/oslo.concurrency.git}
GITBRANCH["oslo.concurrency"]=${OSLOCON_BRANCH:-master}
@@ -370,6 +382,10 @@
GITREPO["oslo.serialization"]=${OSLOSERIALIZATION_REPO:-${GIT_BASE}/openstack/oslo.serialization.git}
GITBRANCH["oslo.serialization"]=${OSLOSERIALIZATION_BRANCH:-master}
+# oslo.service
+GITREPO["oslo.service"]=${OSLOSERVICE_REPO:-${GIT_BASE}/openstack/oslo.service.git}
+GITBRANCH["oslo.service"]=${OSLOSERVICE_BRANCH:-master}
+
# oslo.utils
GITREPO["oslo.utils"]=${OSLOUTILS_REPO:-${GIT_BASE}/openstack/oslo.utils.git}
GITBRANCH["oslo.utils"]=${OSLOUTILS_BRANCH:-master}
@@ -437,6 +453,10 @@
GITREPO["ceilometermiddleware"]=${CEILOMETERMIDDLEWARE_REPO:-${GIT_BASE}/openstack/ceilometermiddleware.git}
GITBRANCH["ceilometermiddleware"]=${CEILOMETERMIDDLEWARE_BRANCH:-master}
+# os-brick library to manage local volume attaches
+GITREPO["os-brick"]=${OS_BRICK_REPO:-${GIT_BASE}/openstack/os-brick.git}
+GITBRANCH["os-brick"]=${OS_BRICK_BRANCH:-master}
+
##################
#
@@ -577,16 +597,15 @@
IMAGE_URLS=${IMAGE_URLS:-"http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec.tar.gz"};;
esac
-# Trove needs a custom image for its work
-if [[ "$ENABLED_SERVICES" =~ 'tr-api' ]]; then
- case "$VIRT_DRIVER" in
- libvirt|ironic|xenapi)
- TROVE_GUEST_IMAGE_URL=${TROVE_GUEST_IMAGE_URL:-"http://tarballs.openstack.org/trove/images/ubuntu/mysql.qcow2"}
- IMAGE_URLS+=",${TROVE_GUEST_IMAGE_URL}"
- ;;
- *)
- ;;
- esac
+# Staging Area for New Images, have them here for at least 24hrs for nodepool
+# to cache them otherwise the failure rates in the gate are too high
+PRECACHE_IMAGES=$(trueorfalse False PRECACHE_IMAGES)
+if [[ "$PRECACHE_IMAGES" == "True" ]]; then
+
+ IMAGE_URL="http://tarballs.openstack.org/trove/images/ubuntu/mysql.qcow2"
+ if ! [[ "$IMAGE_URLS" =~ "$IMAGE_URL" ]]; then
+ IMAGE_URLS+=",$IMAGE_URL"
+ fi
fi
# 10Gb default volume backing file size
diff --git a/tests/test_functions.sh b/tests/test_functions.sh
index 1d82792..f555de8 100755
--- a/tests/test_functions.sh
+++ b/tests/test_functions.sh
@@ -137,6 +137,31 @@
test_disable_negated_services 'a,av2,-a,a' 'av2'
test_disable_negated_services 'a,-a,av2' 'av2'
+echo "Testing remove_disabled_services()"
+
+function test_remove_disabled_services {
+ local service_list="$1"
+ local remove_list="$2"
+ local expected="$3"
+
+ results=$(remove_disabled_services "$service_list" "$remove_list")
+ if [ "$results" = "$expected" ]; then
+ passed "OK: '$service_list' - '$remove_list' -> '$results'"
+ else
+ failed "getting '$expected' from '$service_list' - '$remove_list' failed: '$results'"
+ fi
+}
+
+test_remove_disabled_services 'a,b,c' 'a,c' 'b'
+test_remove_disabled_services 'a,b,c' 'b' 'a,c'
+test_remove_disabled_services 'a,b,c,d' 'a,c d' 'b'
+test_remove_disabled_services 'a,b c,d' 'a d' 'b,c'
+test_remove_disabled_services 'a,b,c' 'a,b,c' ''
+test_remove_disabled_services 'a,b,c' 'd' 'a,b,c'
+test_remove_disabled_services 'a,b,c' '' 'a,b,c'
+test_remove_disabled_services '' 'a,b,c' ''
+test_remove_disabled_services '' '' ''
+
echo "Testing is_package_installed()"
if [[ -z "$os_PACKAGE" ]]; then
diff --git a/tests/test_ip.sh b/tests/test_ip.sh
index c53e80d..da939f4 100755
--- a/tests/test_ip.sh
+++ b/tests/test_ip.sh
@@ -12,106 +12,80 @@
echo "Testing IP addr functions"
-if [[ $(cidr2netmask 4) == 240.0.0.0 ]]; then
- passed "cidr2netmask(): /4...OK"
-else
- failed "cidr2netmask(): /4...failed"
-fi
-if [[ $(cidr2netmask 8) == 255.0.0.0 ]]; then
- passed "cidr2netmask(): /8...OK"
-else
- failed "cidr2netmask(): /8...failed"
-fi
-if [[ $(cidr2netmask 12) == 255.240.0.0 ]]; then
- passed "cidr2netmask(): /12...OK"
-else
- failed "cidr2netmask(): /12...failed"
-fi
-if [[ $(cidr2netmask 16) == 255.255.0.0 ]]; then
- passed "cidr2netmask(): /16...OK"
-else
- failed "cidr2netmask(): /16...failed"
-fi
-if [[ $(cidr2netmask 20) == 255.255.240.0 ]]; then
- passed "cidr2netmask(): /20...OK"
-else
- failed "cidr2netmask(): /20...failed"
-fi
-if [[ $(cidr2netmask 24) == 255.255.255.0 ]]; then
- passed "cidr2netmask(): /24...OK"
-else
- failed "cidr2netmask(): /24...failed"
-fi
-if [[ $(cidr2netmask 28) == 255.255.255.240 ]]; then
- passed "cidr2netmask(): /28...OK"
-else
- failed "cidr2netmask(): /28...failed"
-fi
-if [[ $(cidr2netmask 30) == 255.255.255.252 ]]; then
- passed "cidr2netmask(): /30...OK"
-else
- failed "cidr2netmask(): /30...failed"
-fi
-if [[ $(cidr2netmask 32) == 255.255.255.255 ]]; then
- passed "cidr2netmask(): /32...OK"
-else
- failed "cidr2netmask(): /32...failed"
-fi
+function test_cidr2netmask {
+ local mask=0
+ local ips="128 192 224 240 248 252 254 255"
+ local ip
+ local msg
-if [[ $(maskip 169.254.169.254 240.0.0.0) == 160.0.0.0 ]]; then
- passed "maskip(): /4...OK"
-else
- failed "maskip(): /4...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.0.0.0) == 169.0.0.0 ]]; then
- passed "maskip(): /8...OK"
-else
- failed "maskip(): /8...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.240.0.0) == 169.240.0.0 ]]; then
- passed "maskip(): /12...OK"
-else
- failed "maskip(): /12...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.255.0.0) == 169.254.0.0 ]]; then
- passed "maskip(): /16...OK"
-else
- failed "maskip(): /16...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.255.240.0) == 169.254.160.0 ]]; then
- passed "maskip(): /20...OK"
-else
- failed "maskip(): /20...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.255.255.0) == 169.254.169.0 ]]; then
- passed "maskip(): /24...OK"
-else
- failed "maskip(): /24...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.255.255.240) == 169.254.169.240 ]]; then
- passed "maskip(): /28...OK"
-else
- failed "maskip(): /28...failed"
-fi
-if [[ $(maskip 169.254.169.254 255.255.255.255) == 169.254.169.254 ]]; then
- passed "maskip(): /32...OK"
-else
- failed "maskip(): /32...failed"
-fi
+ msg="cidr2netmask(/0) == 0.0.0.0"
+ assert_equal "0.0.0.0" $(cidr2netmask $mask) "$msg"
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == $ip.0.0.0"
+ assert_equal "$ip.0.0.0" $(cidr2netmask $mask) "$msg"
+ done
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == 255.$ip.0.0"
+ assert_equal "255.$ip.0.0" $(cidr2netmask $mask) "$msg"
+ done
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == 255.255.$ip.0"
+ assert_equal "255.255.$ip.0" $(cidr2netmask $mask) "$msg"
+ done
+
+ for ip in $ips; do
+ mask=$(( mask + 1 ))
+ msg="cidr2netmask(/$mask) == 255.255.255.$ip"
+ assert_equal "255.255.255.$ip" $(cidr2netmask $mask) "$msg"
+ done
+}
+
+test_cidr2netmask
+
+msg="maskip(169.254.169.254 240.0.0.0) == 160.0.0.0"
+assert_equal $(maskip 169.254.169.254 240.0.0.0) 160.0.0.0 "$msg"
+
+msg="maskip(169.254.169.254 255.0.0.0) == 169.0.0.0"
+assert_equal $(maskip 169.254.169.254 255.0.0.0) 169.0.0.0 "$msg"
+
+msg="maskip(169.254.169.254 255.240.0.0) == 169.240.0.0"
+assert_equal $(maskip 169.254.169.254 255.240.0.0) 169.240.0.0 "$msg"
+
+msg="maskip(169.254.169.254 255.255.0.0) == 169.254.0.0"
+assert_equal $(maskip 169.254.169.254 255.255.0.0) 169.254.0.0 "$msg"
+
+msg="maskip(169.254.169.254 255.255.240.0) == 169.254.160.0"
+assert_equal $(maskip 169.254.169.254 255.255.240.0) 169.254.160.0 "$msg"
+
+msg="maskip(169.254.169.254 255.255.255.0) == 169.254.169.0"
+assert_equal $(maskip 169.254.169.254 255.255.255.0) 169.254.169.0 "$msg"
+
+msg="maskip(169.254.169.254 255.255.255.240) == 169.254.169.240"
+assert_equal $(maskip 169.254.169.254 255.255.255.240) 169.254.169.240 "$msg"
+
+msg="maskip(169.254.169.254 255.255.255.255) == 169.254.169.254"
+assert_equal $(maskip 169.254.169.254 255.255.255.255) 169.254.169.254 "$msg"
+
for mask in 8 12 16 20 24 26 28; do
- echo -n "address_in_net(): in /$mask..."
+ msg="address_in_net($10.10.10.1 10.10.10.0/$mask)"
if address_in_net 10.10.10.1 10.10.10.0/$mask; then
- passed "OK"
+ passed "$msg"
else
- failed "address_in_net() failed on /$mask"
+ failed "$msg"
fi
- echo -n "address_in_net(): not in /$mask..."
+ msg="! address_in_net($10.10.10.1 11.11.11.0/$mask)"
if ! address_in_net 10.10.10.1 11.11.11.0/$mask; then
- passed "OK"
+ passed "$msg"
else
- failed "address_in_net() failed on /$mask"
+ failed "$msg"
fi
done
diff --git a/tests/test_libs_from_pypi.sh b/tests/test_libs_from_pypi.sh
index 0bec584..fc65967 100755
--- a/tests/test_libs_from_pypi.sh
+++ b/tests/test_libs_from_pypi.sh
@@ -29,7 +29,7 @@
fi
done
-ALL_LIBS="python-novaclient oslo.config pbr oslo.context python-troveclient"
+ALL_LIBS="python-novaclient oslo.config pbr oslo.context"
ALL_LIBS+=" python-keystoneclient taskflow oslo.middleware pycadf"
ALL_LIBS+=" python-glanceclient python-ironicclient tempest-lib"
ALL_LIBS+=" oslo.messaging oslo.log cliff python-heatclient stevedore"
@@ -39,7 +39,7 @@
ALL_LIBS+=" python-openstackclient oslo.rootwrap oslo.i18n"
ALL_LIBS+=" python-ceilometerclient oslo.utils python-swiftclient"
ALL_LIBS+=" python-neutronclient tooz ceilometermiddleware oslo.policy"
-ALL_LIBS+=" debtcollector"
+ALL_LIBS+=" debtcollector os-brick automaton futurist oslo.service"
# Generate the above list with
# echo ${!GITREPO[@]}
diff --git a/tests/test_truefalse.sh b/tests/test_truefalse.sh
index ebd9650..2689589 100755
--- a/tests/test_truefalse.sh
+++ b/tests/test_truefalse.sh
@@ -19,7 +19,8 @@
for default in True False; do
for name in one captrue lowtrue uppertrue capyes lowyes upperyes; do
- assert_equal "True" $(trueorfalse $default $name) "\$(trueorfalse $default $name)"
+ local msg="trueorfalse($default $name)"
+ assert_equal "True" $(trueorfalse $default $name) "$msg"
done
done
@@ -33,7 +34,8 @@
for default in True False; do
for name in zero capfalse lowfalse upperfalse capno lowno upperno; do
- assert_equal "False" $(trueorfalse $default $name) "\$(trueorfalse $default $name)"
+ local msg="trueorfalse($default $name)"
+ assert_equal "False" $(trueorfalse $default $name) "$msg"
done
done
}
diff --git a/tests/unittest.sh b/tests/unittest.sh
index 69f19b7..93aa5fc 100644
--- a/tests/unittest.sh
+++ b/tests/unittest.sh
@@ -17,6 +17,8 @@
PASS=0
FAILED_FUNCS=""
+# pass a test, printing out MSG
+# usage: passed message
function passed {
local lineno=$(caller 0 | awk '{print $1}')
local function=$(caller 0 | awk '{print $2}')
@@ -25,9 +27,11 @@
msg="OK"
fi
PASS=$((PASS+1))
- echo $function:L$lineno $msg
+ echo "PASS: $function:L$lineno $msg"
}
+# fail a test, printing out MSG
+# usage: failed message
function failed {
local lineno=$(caller 0 | awk '{print $1}')
local function=$(caller 0 | awk '{print $2}')
@@ -38,10 +42,16 @@
ERROR=$((ERROR+1))
}
+# assert string comparision of val1 equal val2, printing out msg
+# usage: assert_equal val1 val2 msg
function assert_equal {
local lineno=`caller 0 | awk '{print $1}'`
local function=`caller 0 | awk '{print $2}'`
local msg=$3
+
+ if [ -z "$msg" ]; then
+ msg="OK"
+ fi
if [[ "$1" != "$2" ]]; then
FAILED_FUNCS+="$function:L$lineno\n"
echo "ERROR: $1 != $2 in $function:L$lineno!"
@@ -49,10 +59,13 @@
ERROR=$((ERROR+1))
else
PASS=$((PASS+1))
- echo "$function:L$lineno - ok"
+ echo "PASS: $function:L$lineno - $msg"
fi
}
+# print a summary of passing and failing tests, exiting
+# with an error if we have failed tests
+# usage: report_results
function report_results {
echo "$PASS Tests PASSED"
if [[ $ERROR -gt 1 ]]; then
diff --git a/tools/build_docs.sh b/tools/build_docs.sh
index fda86c0..fa84343 100755
--- a/tools/build_docs.sh
+++ b/tools/build_docs.sh
@@ -75,7 +75,7 @@
# Build list of scripts to process
FILES=""
-for f in $(find . -name .git -prune -o \( -type f -name \*.sh -not -path \*shocco/\* -print \)); do
+for f in $(find . \( -name .git -o -name .tox \) -prune -o \( -type f -name \*.sh -not -path \*shocco/\* -print \)); do
echo $f
FILES+="$f "
mkdir -p $FQ_HTML_BUILD/`dirname $f`;
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index 2efb4e0..4fff57f 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -109,19 +109,31 @@
fi
FORCE_FIREWALLD=$(trueorfalse False $FORCE_FIREWALLD)
- if [[ ${DISTRO} =~ (f20) && $FORCE_FIREWALLD == "False" ]]; then
+ if [[ $FORCE_FIREWALLD == "False" ]]; then
# On Fedora 20 firewalld interacts badly with libvirt and
- # slows things down significantly. However, for those cases
- # where that combination is desired, allow this fix to be skipped.
-
- # There was also an additional issue with firewalld hanging
- # after install of libvirt with polkit. See
- # https://bugzilla.redhat.com/show_bug.cgi?id=1099031
+ # slows things down significantly (this issue was fixed in
+ # later fedoras). There was also an additional issue with
+ # firewalld hanging after install of libvirt with polkit [1].
+ # firewalld also causes problems with neturon+ipv6 [2]
+ #
+ # Note we do the same as the RDO packages and stop & disable,
+ # rather than remove. This is because other packages might
+ # have the dependency [3][4].
+ #
+ # [1] https://bugzilla.redhat.com/show_bug.cgi?id=1099031
+ # [2] https://bugs.launchpad.net/neutron/+bug/1455303
+ # [3] https://github.com/redhat-openstack/openstack-puppet-modules/blob/master/firewall/manifests/linux/redhat.pp
+ # [4] http://docs.openstack.org/developer/devstack/guides/neutron.html
if is_package_installed firewalld; then
- uninstall_package firewalld
+ sudo systemctl disable firewalld
+ # The iptables service files are no longer included by default,
+ # at least on a baremetal Fedora 21 Server install.
+ install_package iptables-services
+ sudo systemctl enable iptables
+ sudo systemctl stop firewalld
+ sudo systemctl start iptables
fi
fi
-
fi
# The version of pip(1.5.4) supported by python-virtualenv(1.11.4) has
diff --git a/tools/worlddump.py b/tools/worlddump.py
index 7f2614d..7acfb5e 100755
--- a/tools/worlddump.py
+++ b/tools/worlddump.py
@@ -18,6 +18,7 @@
import argparse
import datetime
+import fnmatch
import os
import os.path
import sys
@@ -97,6 +98,20 @@
"user,ppid,pid,pcpu,pmem,vsz,rss,tty,stat,start,time,args")
+def compute_consoles():
+ _header("Compute consoles")
+ for root, dirnames, filenames in os.walk('/opt/stack'):
+ for filename in fnmatch.filter(filenames, 'console.log'):
+ fullpath = os.path.join(root, filename)
+ _dump_cmd("sudo cat %s" % fullpath)
+
+
+def guru_meditation_report():
+ _header("nova-compute Guru Meditation Report")
+ _dump_cmd("kill -s USR1 `pgrep nova-compute`")
+ print "guru meditation report in nova-compute log"
+
+
def main():
opts = get_options()
fname = filename(opts.dir)
@@ -108,6 +123,8 @@
process_list()
network_dump()
iptables_dump()
+ compute_consoles()
+ guru_meditation_report()
if __name__ == '__main__':
diff --git a/tools/xen/xenrc b/tools/xen/xenrc
index 43a6ce8..be6c5ca 100644
--- a/tools/xen/xenrc
+++ b/tools/xen/xenrc
@@ -14,12 +14,12 @@
# Size of image
VDI_MB=${VDI_MB:-5000}
-# Devstack now contains many components. 3GB ram is not enough to prevent
+# Devstack now contains many components. 4GB ram is not enough to prevent
# swapping and memory fragmentation - the latter of which can cause failures
# such as blkfront failing to plug a VBD and lead to random test fails.
#
-# Set to 4GB so an 8GB XenServer VM can have a 1GB Dom0 and leave 3GB for VMs
-OSDOMU_MEM_MB=4096
+# Set to 6GB so an 8GB XenServer VM can have a 1GB Dom0 and leave 1GB for VMs
+OSDOMU_MEM_MB=6144
OSDOMU_VDI_GB=8
# Network mapping. Specify bridge names or network names. Network names may
diff --git a/tox.ini b/tox.ini
index 279dcd4..788fea9 100644
--- a/tox.ini
+++ b/tox.ini
@@ -10,19 +10,20 @@
[testenv:bashate]
deps = bashate
whitelist_externals = bash
-commands = bash -c "find {toxinidir} \
- -not \( -type d -name .?\* -prune \) \ # prune all 'dot' dirs
- -not \( -type d -name doc -prune \) \ # skip documentation
- -type f \ # only files
- -not -name \*~ \ # skip editors, readme, etc
- -not -name \*.md \
- \( \
- -name \*.sh -or \
- -name \*rc -or \
- -name functions\* -or \
- -wholename \*/inc/\* -or \ # /inc files and
- -wholename \*/lib/\* \ # /lib files are shell, but
- \) \ # have no extension
+commands = bash -c "find {toxinidir} \
+ -not \( -type d -name .?\* -prune \) \ # prune all 'dot' dirs
+ -not \( -type d -name doc -prune \) \ # skip documentation
+ -not \( -type d -name shocco -prune \) \ # skip shocco
+ -type f \ # only files
+ -not -name \*~ \ # skip editors, readme, etc
+ -not -name \*.md \
+ \( \
+ -name \*.sh -or \
+ -name \*rc -or \
+ -name functions\* -or \
+ -wholename \*/inc/\* -or \ # /inc files and
+ -wholename \*/lib/\* \ # /lib files are shell, but
+ \) \ # have no extension
-print0 | xargs -0 bashate -v"
[testenv:docs]
@@ -32,6 +33,10 @@
sphinx>=1.1.2,<1.2
pbr>=0.6,!=0.7,<1.0
oslosphinx
+ nwdiag
+ blockdiag
+ sphinxcontrib-blockdiag
+ sphinxcontrib-nwdiag
whitelist_externals = bash
setenv =
TOP_DIR={toxinidir}
diff --git a/unstack.sh b/unstack.sh
index ed7e617..f0da971 100755
--- a/unstack.sh
+++ b/unstack.sh
@@ -173,10 +173,6 @@
cleanup_neutron
fi
-if is_service_enabled trove; then
- cleanup_trove
-fi
-
if is_service_enabled dstat; then
stop_dstat
fi