Merge "Enable neutron to work in a multi node setup"
diff --git a/HACKING.rst b/HACKING.rst
index d763c75..b76cb6c 100644
--- a/HACKING.rst
+++ b/HACKING.rst
@@ -219,7 +219,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
- # an error. It is also useful for following allowing as the install occurs.
+ # an error. It is also useful for following as the install occurs.
set -o xtrace
* Settings and configuration are stored in ``exerciserc``, which must be
diff --git a/clean.sh b/clean.sh
index 452df02..bace3f5 100755
--- a/clean.sh
+++ b/clean.sh
@@ -46,6 +46,7 @@
source $TOP_DIR/lib/keystone
source $TOP_DIR/lib/glance
source $TOP_DIR/lib/nova
+source $TOP_DIR/lib/placement
source $TOP_DIR/lib/cinder
source $TOP_DIR/lib/swift
source $TOP_DIR/lib/heat
diff --git a/data/devstack-plugins-registry.header b/data/devstack-plugins-registry.header
index 6119ab5..576dbbd 100644
--- a/data/devstack-plugins-registry.header
+++ b/data/devstack-plugins-registry.header
@@ -1,18 +1,16 @@
-..
+.. Note to patch submitters:
- Note to patch submitters:
+ # ============================= #
+ # THIS FILE IS AUTOGENERATED ! #
+ # ============================= #
- # ============================= #
- # THIS FILE IS AUTOGENERATED ! #
- # ============================= #
+ ** Plugins are found automatically and added to this list **
- ** Plugins are found automatically and added to this list **
+ This file is created by a periodic proposal job. You should not
+ edit this file.
- This file is created by a periodic proposal job. You should not
- edit this file.
-
- You should edit the files data/devstack-plugins-registry.footer
- data/devstack-plugins-registry.header to modify this text.
+ You should edit the files data/devstack-plugins-registry.footer
+ data/devstack-plugins-registry.header to modify this text.
==========================
DevStack Plugin Registry
diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst
index bb85270..d6df1ef 100644
--- a/doc/source/plugin-registry.rst
+++ b/doc/source/plugin-registry.rst
@@ -1,18 +1,16 @@
-..
+.. Note to patch submitters:
- Note to patch submitters:
+ # ============================= #
+ # THIS FILE IS AUTOGENERATED ! #
+ # ============================= #
- # ============================= #
- # THIS FILE IS AUTOGENERATED ! #
- # ============================= #
+ ** Plugins are found automatically and added to this list **
- ** Plugins are found automatically and added to this list **
+ This file is created by a periodic proposal job. You should not
+ edit this file.
- This file is created by a periodic proposal job. You should not
- edit this file.
-
- You should edit the files data/devstack-plugins-registry.footer
- data/devstack-plugins-registry.header to modify this text.
+ You should edit the files data/devstack-plugins-registry.footer
+ data/devstack-plugins-registry.header to modify this text.
==========================
DevStack Plugin Registry
diff --git a/doc/source/plugins.rst b/doc/source/plugins.rst
index 70469d6..31987bc 100644
--- a/doc/source/plugins.rst
+++ b/doc/source/plugins.rst
@@ -99,7 +99,7 @@
should exist at this point.
- **extra** - Called near the end after layer 1 and 2 services have
been started.
- - **test-config** Called at the end of devstack used to configure tempest
+ - **test-config** - Called at the end of devstack used to configure tempest
or any other test environments
- **unstack** - Called by ``unstack.sh`` before other services are shut
diff --git a/exercises/aggregates.sh b/exercises/aggregates.sh
index 808ef76..8cbca54 100755
--- a/exercises/aggregates.sh
+++ b/exercises/aggregates.sh
@@ -20,7 +20,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/boot_from_volume.sh b/exercises/boot_from_volume.sh
index 84ac08f..7478bdf 100755
--- a/exercises/boot_from_volume.sh
+++ b/exercises/boot_from_volume.sh
@@ -16,7 +16,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/client-args.sh b/exercises/client-args.sh
index 2c8fe81..b380968 100755
--- a/exercises/client-args.sh
+++ b/exercises/client-args.sh
@@ -13,7 +13,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/client-env.sh b/exercises/client-env.sh
index 6ab4d08..fff04df 100755
--- a/exercises/client-env.sh
+++ b/exercises/client-env.sh
@@ -13,7 +13,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/floating_ips.sh b/exercises/floating_ips.sh
index 485208b..5abc713 100755
--- a/exercises/floating_ips.sh
+++ b/exercises/floating_ips.sh
@@ -13,7 +13,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/neutron-adv-test.sh b/exercises/neutron-adv-test.sh
index 8115006..dc6bbbb 100755
--- a/exercises/neutron-adv-test.sh
+++ b/exercises/neutron-adv-test.sh
@@ -20,7 +20,7 @@
set -o errtrace
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
# Environment
diff --git a/exercises/sec_groups.sh b/exercises/sec_groups.sh
index 5f8b0a4..2f78e39 100755
--- a/exercises/sec_groups.sh
+++ b/exercises/sec_groups.sh
@@ -13,7 +13,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/swift.sh b/exercises/swift.sh
index 4a41e0f..8aa376b 100755
--- a/exercises/swift.sh
+++ b/exercises/swift.sh
@@ -13,7 +13,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/exercises/volumes.sh b/exercises/volumes.sh
index 0de1226..e7c3560 100755
--- a/exercises/volumes.sh
+++ b/exercises/volumes.sh
@@ -13,7 +13,7 @@
set -o errexit
# Print the commands being run so that we can see the command that triggers
-# an error. It is also useful for following allowing as the install occurs.
+# an error. It is also useful for following as the install occurs.
set -o xtrace
diff --git a/extras.d/60-ceph.sh b/extras.d/60-ceph.sh
deleted file mode 100644
index cc90128..0000000
--- a/extras.d/60-ceph.sh
+++ /dev/null
@@ -1,75 +0,0 @@
-# ceph.sh - DevStack extras script to install Ceph
-
-if is_service_enabled ceph; then
- if [[ "$1" == "source" ]]; then
- # Initial source
- source $TOP_DIR/lib/ceph
- elif [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
- echo_summary "Installing Ceph"
- check_os_support_ceph
- if [ "$REMOTE_CEPH" = "False" ]; then
- install_ceph
- echo_summary "Configuring Ceph"
- configure_ceph
- # NOTE (leseb): Do everything here because we need to have Ceph started before the main
- # OpenStack components. Ceph OSD must start here otherwise we can't upload any images.
- echo_summary "Initializing Ceph"
- init_ceph
- start_ceph
- else
- install_ceph_remote
- fi
- elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
- if is_service_enabled glance; then
- echo_summary "Configuring Glance for Ceph"
- configure_ceph_glance
- fi
- if is_service_enabled nova; then
- echo_summary "Configuring Nova for Ceph"
- configure_ceph_nova
- fi
- if is_service_enabled cinder; then
- echo_summary "Configuring Cinder for Ceph"
- configure_ceph_cinder
- fi
- if is_service_enabled n-cpu; then
- # NOTE (leseb): the part below is a requirement to attach Ceph block devices
- echo_summary "Configuring libvirt secret"
- import_libvirt_secret_ceph
- fi
-
- if [ "$REMOTE_CEPH" = "False" ]; then
- if is_service_enabled glance; then
- echo_summary "Configuring Glance for Ceph"
- configure_ceph_embedded_glance
- fi
- if is_service_enabled nova; then
- echo_summary "Configuring Nova for Ceph"
- configure_ceph_embedded_nova
- fi
- if is_service_enabled cinder; then
- echo_summary "Configuring Cinder for Ceph"
- configure_ceph_embedded_cinder
- fi
- fi
- fi
-
- if [[ "$1" == "unstack" ]]; then
- if [ "$REMOTE_CEPH" = "True" ]; then
- cleanup_ceph_remote
- else
- cleanup_ceph_embedded
- stop_ceph
- fi
- cleanup_ceph_general
- fi
-
- if [[ "$1" == "clean" ]]; then
- if [ "$REMOTE_CEPH" = "True" ]; then
- cleanup_ceph_remote
- else
- cleanup_ceph_embedded
- fi
- cleanup_ceph_general
- fi
-fi
diff --git a/files/apache-placement-api.template b/files/apache-placement-api.template
new file mode 100644
index 0000000..b89ef96
--- /dev/null
+++ b/files/apache-placement-api.template
@@ -0,0 +1,25 @@
+Listen %PUBLICPORT%
+
+<VirtualHost *:%PUBLICPORT%>
+ WSGIDaemonProcess placement-api processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
+ WSGIProcessGroup placement-api
+ WSGIScriptAlias / %PUBLICWSGI%
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+ <IfVersion >= 2.4>
+ ErrorLogFormat "%M"
+ </IfVersion>
+ ErrorLog /var/log/%APACHE_NAME%/placement-api.log
+ %SSLENGINE%
+ %SSLCERTFILE%
+ %SSLKEYFILE%
+</VirtualHost>
+
+Alias /placement %PUBLICWSGI%
+<Location /placement>
+ SetHandler wsgi-script
+ Options +ExecCGI
+ WSGIProcessGroup placement-api
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+</Location>
diff --git a/functions-common b/functions-common
index 3fdd71b..1a4a8f8 100644
--- a/functions-common
+++ b/functions-common
@@ -1686,7 +1686,7 @@
local logfile=$2
if [[ "$USE_SCREEN" = "True" ]]; then
- screen_process "$name" "sudo tail -f $logfile"
+ screen_process "$name" "sudo tail -f $logfile | sed 's/\\\\\\\\x1b/\o033/g'"
fi
}
@@ -1880,7 +1880,7 @@
# white listed elements in tree. We want these to move out
# over time as well, but they are in tree, so we need to
# manage that.
- local exceptions="60-ceph.sh 80-tempest.sh"
+ local exceptions="80-tempest.sh"
local extra
extra=$(basename $extra_plugin_file_name)
if [[ ! ( $exceptions =~ "$extra" ) ]]; then
diff --git a/lib/ceph b/lib/ceph
deleted file mode 100644
index 1e55c48..0000000
--- a/lib/ceph
+++ /dev/null
@@ -1,381 +0,0 @@
-#!/bin/bash
-#
-# lib/ceph
-# Functions to control the configuration and operation of the **Ceph** storage service
-
-# Dependencies:
-#
-# - ``functions`` file
-# - ``CEPH_DATA_DIR`` or ``DATA_DIR`` must be defined
-
-# ``stack.sh`` calls the entry points in this order (via ``extras.d/60-ceph.sh``):
-#
-# - install_ceph
-# - configure_ceph
-# - init_ceph
-# - start_ceph
-# - stop_ceph
-# - cleanup_ceph
-
-# Save trace setting
-_XTRACE_LIB_CEPH=$(set +o | grep xtrace)
-set +o xtrace
-
-
-# Defaults
-# --------
-
-# Set ``CEPH_DATA_DIR`` to the location of Ceph drives and objects.
-# Default is the common DevStack data directory.
-CEPH_DATA_DIR=${CEPH_DATA_DIR:-/var/lib/ceph}
-CEPH_DISK_IMAGE=${CEPH_DATA_DIR}/drives/images/ceph.img
-
-# Set ``CEPH_CONF_DIR`` to the location of the configuration files.
-# Default is ``/etc/ceph``.
-CEPH_CONF_DIR=${CEPH_CONF_DIR:-/etc/ceph}
-
-# DevStack will create a loop-back disk formatted as XFS to store the
-# Ceph data. Set ``CEPH_LOOPBACK_DISK_SIZE`` to the disk size in
-# kilobytes.
-# Default is 1 gigabyte.
-CEPH_LOOPBACK_DISK_SIZE_DEFAULT=4G
-CEPH_LOOPBACK_DISK_SIZE=${CEPH_LOOPBACK_DISK_SIZE:-$CEPH_LOOPBACK_DISK_SIZE_DEFAULT}
-
-# Common
-CEPH_FSID=$(uuidgen)
-CEPH_CONF_FILE=${CEPH_CONF_DIR}/ceph.conf
-
-# Glance
-GLANCE_CEPH_USER=${GLANCE_CEPH_USER:-glance}
-GLANCE_CEPH_POOL=${GLANCE_CEPH_POOL:-images}
-GLANCE_CEPH_POOL_PG=${GLANCE_CEPH_POOL_PG:-8}
-GLANCE_CEPH_POOL_PGP=${GLANCE_CEPH_POOL_PGP:-8}
-
-# Nova
-NOVA_CEPH_POOL=${NOVA_CEPH_POOL:-vms}
-NOVA_CEPH_POOL_PG=${NOVA_CEPH_POOL_PG:-8}
-NOVA_CEPH_POOL_PGP=${NOVA_CEPH_POOL_PGP:-8}
-
-# Cinder
-CINDER_CEPH_POOL=${CINDER_CEPH_POOL:-volumes}
-CINDER_CEPH_POOL_PG=${CINDER_CEPH_POOL_PG:-8}
-CINDER_CEPH_POOL_PGP=${CINDER_CEPH_POOL_PGP:-8}
-CINDER_CEPH_USER=${CINDER_CEPH_USER:-cinder}
-CINDER_CEPH_UUID=${CINDER_CEPH_UUID:-$(uuidgen)}
-
-# Set ``CEPH_REPLICAS`` to configure how many replicas are to be
-# configured for your Ceph cluster. By default we are configuring
-# only one replica since this is way less CPU and memory intensive. If
-# you are planning to test Ceph replication feel free to increase this value
-CEPH_REPLICAS=${CEPH_REPLICAS:-1}
-CEPH_REPLICAS_SEQ=$(seq ${CEPH_REPLICAS})
-
-# Connect to an existing Ceph cluster
-REMOTE_CEPH=$(trueorfalse False REMOTE_CEPH)
-REMOTE_CEPH_ADMIN_KEY_PATH=${REMOTE_CEPH_ADMIN_KEY_PATH:-$CEPH_CONF_DIR/ceph.client.admin.keyring}
-
-# Cinder encrypted volume tests are not supported with a Ceph backend due to
-# bug 1463525.
-ATTACH_ENCRYPTED_VOLUME_AVAILABLE=False
-
-
-# Functions
-# ------------
-
-function get_ceph_version {
- local ceph_version_str
- ceph_version_str=$(sudo ceph daemon mon.$(hostname) version | cut -d '"' -f 4 | cut -f 1,2 -d '.')
- echo $ceph_version_str
-}
-
-# import_libvirt_secret_ceph() - Imports Cinder user key into libvirt
-# so it can connect to the Ceph cluster while attaching a Cinder block device
-function import_libvirt_secret_ceph {
- cat > secret.xml <<EOF
-<secret ephemeral='no' private='no'>
- <uuid>${CINDER_CEPH_UUID}</uuid>
- <usage type='ceph'>
- <name>client.${CINDER_CEPH_USER} secret</name>
- </usage>
-</secret>
-EOF
- sudo virsh secret-define --file secret.xml
- sudo virsh secret-set-value --secret ${CINDER_CEPH_UUID} --base64 $(sudo ceph -c ${CEPH_CONF_FILE} auth get-key client.${CINDER_CEPH_USER})
- sudo rm -f secret.xml
-}
-
-# undefine_virsh_secret() - Undefine Cinder key secret from libvirt
-function undefine_virsh_secret {
- if is_service_enabled cinder || is_service_enabled nova; then
- local virsh_uuid
- virsh_uuid=$(sudo virsh secret-list | awk '/^ ?[0-9a-z]/ { print $1 }')
- sudo virsh secret-undefine ${virsh_uuid} >/dev/null 2>&1
- fi
-}
-
-
-# check_os_support_ceph() - Check if the operating system provides a decent version of Ceph
-function check_os_support_ceph {
- if [[ ! ${DISTRO} =~ (trusty|f23|f24) ]]; then
- echo "WARNING: your distro $DISTRO does not provide (at least) the Firefly release. Please use Ubuntu Trusty or Fedora 20 (and higher)"
- if [[ "$FORCE_CEPH_INSTALL" != "yes" ]]; then
- die $LINENO "If you wish to install Ceph on this distribution anyway run with FORCE_CEPH_INSTALL=yes"
- fi
- NO_UPDATE_REPOS=False
- fi
-}
-
-# cleanup_ceph() - Remove residual data files, anything left over from previous
-# runs that a clean run would need to clean up
-function cleanup_ceph_remote {
- # do a proper cleanup from here to avoid leftover on the remote Ceph cluster
- if is_service_enabled glance; then
- sudo ceph osd pool delete $GLANCE_CEPH_POOL $GLANCE_CEPH_POOL --yes-i-really-really-mean-it > /dev/null 2>&1
- sudo ceph auth del client.$GLANCE_CEPH_USER > /dev/null 2>&1
- fi
- if is_service_enabled cinder; then
- sudo ceph osd pool delete $CINDER_CEPH_POOL $CINDER_CEPH_POOL --yes-i-really-really-mean-it > /dev/null 2>&1
- sudo ceph auth del client.$CINDER_CEPH_USER > /dev/null 2>&1
- fi
- if is_service_enabled c-bak; then
- sudo ceph osd pool delete $CINDER_BAK_CEPH_POOL $CINDER_BAK_CEPH_POOL --yes-i-really-really-mean-it > /dev/null 2>&1
- sudo ceph auth del client.$CINDER_BAK_CEPH_USER > /dev/null 2>&1
- fi
- if is_service_enabled nova; then
- iniset $NOVA_CONF libvirt rbd_secret_uuid ""
- sudo ceph osd pool delete $NOVA_CEPH_POOL $NOVA_CEPH_POOL --yes-i-really-really-mean-it > /dev/null 2>&1
- fi
-}
-
-function cleanup_ceph_embedded {
- sudo killall -w -9 ceph-mon
- sudo killall -w -9 ceph-osd
- sudo rm -rf ${CEPH_DATA_DIR}/*/*
- if egrep -q ${CEPH_DATA_DIR} /proc/mounts; then
- sudo umount ${CEPH_DATA_DIR}
- fi
- if [[ -e ${CEPH_DISK_IMAGE} ]]; then
- sudo rm -f ${CEPH_DISK_IMAGE}
- fi
-
- # purge ceph config file and keys
- sudo rm -rf ${CEPH_CONF_DIR}/*
-}
-
-function cleanup_ceph_general {
- undefine_virsh_secret
-}
-
-
-# configure_ceph() - Set config files, create data dirs, etc
-function configure_ceph {
- local count=0
-
- # create a backing file disk
- create_disk ${CEPH_DISK_IMAGE} ${CEPH_DATA_DIR} ${CEPH_LOOPBACK_DISK_SIZE}
-
- # populate ceph directory
- sudo mkdir -p ${CEPH_DATA_DIR}/{bootstrap-mds,bootstrap-osd,mds,mon,osd,tmp}
-
- # create ceph monitor initial key and directory
- sudo ceph-authtool /var/lib/ceph/tmp/keyring.mon.$(hostname) \
- --create-keyring --name=mon. --add-key=$(ceph-authtool --gen-print-key) \
- --cap mon 'allow *'
- sudo mkdir /var/lib/ceph/mon/ceph-$(hostname)
-
- # create a default ceph configuration file
- sudo tee ${CEPH_CONF_FILE} > /dev/null <<EOF
-[global]
-fsid = ${CEPH_FSID}
-mon_initial_members = $(hostname)
-mon_host = ${SERVICE_HOST}
-auth_cluster_required = cephx
-auth_service_required = cephx
-auth_client_required = cephx
-filestore_xattr_use_omap = true
-osd crush chooseleaf type = 0
-osd journal size = 100
-EOF
-
- # bootstrap the ceph monitor
- sudo ceph-mon -c ${CEPH_CONF_FILE} --mkfs -i $(hostname) \
- --keyring /var/lib/ceph/tmp/keyring.mon.$(hostname)
-
- if is_ubuntu; then
- sudo touch /var/lib/ceph/mon/ceph-$(hostname)/upstart
- sudo initctl emit ceph-mon id=$(hostname)
- else
- sudo touch /var/lib/ceph/mon/ceph-$(hostname)/sysvinit
- sudo service ceph start mon.$(hostname)
- fi
-
- # wait for the admin key to come up otherwise we will not be able to do the actions below
- until [ -f ${CEPH_CONF_DIR}/ceph.client.admin.keyring ]; do
- echo_summary "Waiting for the Ceph admin key to be ready..."
-
- count=$(($count + 1))
- if [ $count -eq 3 ]; then
- die $LINENO "Maximum of 3 retries reached"
- fi
- sleep 5
- done
-
- # pools data and metadata were removed in the Giant release so depending on the version we apply different commands
- local ceph_version
- ceph_version=$(get_ceph_version)
- # change pool replica size according to the CEPH_REPLICAS set by the user
- if [[ ${ceph_version%%.*} -eq 0 ]] && [[ ${ceph_version##*.} -lt 87 ]]; then
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set rbd size ${CEPH_REPLICAS}
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set data size ${CEPH_REPLICAS}
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set metadata size ${CEPH_REPLICAS}
- else
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set rbd size ${CEPH_REPLICAS}
- fi
-
- # create a simple rule to take OSDs instead of host with CRUSH
- # then apply this rules to the default pool
- if [[ $CEPH_REPLICAS -ne 1 ]]; then
- sudo ceph -c ${CEPH_CONF_FILE} osd crush rule create-simple devstack default osd
- RULE_ID=$(sudo ceph -c ${CEPH_CONF_FILE} osd crush rule dump devstack | awk '/rule_id/ {print $3}' | cut -d ',' -f1)
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set rbd crush_ruleset ${RULE_ID}
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set data crush_ruleset ${RULE_ID}
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set metadata crush_ruleset ${RULE_ID}
- fi
-
- # create the OSD(s)
- for rep in ${CEPH_REPLICAS_SEQ}; do
- OSD_ID=$(sudo ceph -c ${CEPH_CONF_FILE} osd create)
- sudo mkdir -p ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}
- sudo ceph-osd -c ${CEPH_CONF_FILE} -i ${OSD_ID} --mkfs
- sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create osd.${OSD_ID} \
- mon 'allow profile osd ' osd 'allow *' | \
- sudo tee ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/keyring
-
- # ceph's init script is parsing ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/ and looking for a file
- # 'upstart' or 'sysinitv', thanks to these 'touches' we are able to control OSDs daemons
- # from the init script.
- if is_ubuntu; then
- sudo touch ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/upstart
- else
- sudo touch ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/sysvinit
- fi
- done
-}
-
-function configure_ceph_embedded_glance {
- # configure Glance service options, ceph pool, ceph user and ceph key
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set ${GLANCE_CEPH_POOL} size ${CEPH_REPLICAS}
- if [[ $CEPH_REPLICAS -ne 1 ]]; then
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set ${GLANCE_CEPH_POOL} crush_ruleset ${RULE_ID}
- fi
-}
-
-# configure_ceph_glance() - Glance config needs to come after Glance is set up
-function configure_ceph_glance {
- sudo ceph -c ${CEPH_CONF_FILE} osd pool create ${GLANCE_CEPH_POOL} ${GLANCE_CEPH_POOL_PG} ${GLANCE_CEPH_POOL_PGP}
- sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create client.${GLANCE_CEPH_USER} \
- mon "allow r" \
- osd "allow class-read object_prefix rbd_children, allow rwx pool=${GLANCE_CEPH_POOL}" | \
- sudo tee ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring
- sudo chown ${STACK_USER}:$(id -g -n $whoami) ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring
-
- iniset $GLANCE_API_CONF DEFAULT show_image_direct_url True
- iniset $GLANCE_API_CONF glance_store default_store rbd
- iniset $GLANCE_API_CONF glance_store stores "file, http, rbd"
- iniset $GLANCE_API_CONF glance_store rbd_store_ceph_conf $CEPH_CONF_FILE
- iniset $GLANCE_API_CONF glance_store rbd_store_user $GLANCE_CEPH_USER
- iniset $GLANCE_API_CONF glance_store rbd_store_pool $GLANCE_CEPH_POOL
-}
-
-function configure_ceph_embedded_nova {
- # configure Nova service options, ceph pool, ceph user and ceph key
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set ${NOVA_CEPH_POOL} size ${CEPH_REPLICAS}
- if [[ $CEPH_REPLICAS -ne 1 ]]; then
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set ${NOVA_CEPH_POOL} crush_ruleset ${RULE_ID}
- fi
-}
-
-# configure_ceph_nova() - Nova config needs to come after Nova is set up
-function configure_ceph_nova {
- sudo ceph -c ${CEPH_CONF_FILE} osd pool create ${NOVA_CEPH_POOL} ${NOVA_CEPH_POOL_PG} ${NOVA_CEPH_POOL_PGP}
- iniset $NOVA_CONF libvirt rbd_user ${CINDER_CEPH_USER}
- iniset $NOVA_CONF libvirt rbd_secret_uuid ${CINDER_CEPH_UUID}
- iniset $NOVA_CONF libvirt inject_key false
- iniset $NOVA_CONF libvirt disk_cachemodes "network=writeback"
- iniset $NOVA_CONF libvirt images_type rbd
- iniset $NOVA_CONF libvirt images_rbd_pool ${NOVA_CEPH_POOL}
- iniset $NOVA_CONF libvirt images_rbd_ceph_conf ${CEPH_CONF_FILE}
-
- if ! is_service_enabled cinder; then
- sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create client.${CINDER_CEPH_USER} \
- mon "allow r" \
- osd "allow class-read object_prefix rbd_children, allow rwx pool=${CINDER_CEPH_POOL}, allow rwx pool=${NOVA_CEPH_POOL},allow rwx pool=${GLANCE_CEPH_POOL}" | \
- sudo tee ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring > /dev/null
- sudo chown ${STACK_USER}:$(id -g -n $whoami) ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring
- fi
-}
-
-function configure_ceph_embedded_cinder {
- # Configure Cinder service options, ceph pool, ceph user and ceph key
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set ${CINDER_CEPH_POOL} size ${CEPH_REPLICAS}
- if [[ $CEPH_REPLICAS -ne 1 ]]; then
- sudo ceph -c ${CEPH_CONF_FILE} osd pool set ${CINDER_CEPH_POOL} crush_ruleset ${RULE_ID}
- fi
-}
-
-# configure_ceph_cinder() - Cinder config needs to come after Cinder is set up
-function configure_ceph_cinder {
- sudo ceph -c ${CEPH_CONF_FILE} osd pool create ${CINDER_CEPH_POOL} ${CINDER_CEPH_POOL_PG} ${CINDER_CEPH_POOL_PGP}
- sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create client.${CINDER_CEPH_USER} \
- mon "allow r" \
- osd "allow class-read object_prefix rbd_children, allow rwx pool=${CINDER_CEPH_POOL}, allow rwx pool=${NOVA_CEPH_POOL},allow rwx pool=${GLANCE_CEPH_POOL}" | \
- sudo tee ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring
- sudo chown ${STACK_USER}:$(id -g -n $whoami) ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring
-}
-
-# init_ceph() - Initialize databases, etc.
-function init_ceph {
- # clean up from previous (possibly aborted) runs
- # make sure to kill all ceph processes first
- sudo pkill -f ceph-mon || true
- sudo pkill -f ceph-osd || true
-}
-
-# install_ceph() - Collect source and prepare
-function install_ceph_remote {
- install_package ceph-common
-}
-
-function install_ceph {
- install_package ceph
-}
-
-# start_ceph() - Start running processes, including screen
-function start_ceph {
- if is_ubuntu; then
- sudo initctl emit ceph-mon id=$(hostname)
- for id in $(sudo ceph -c ${CEPH_CONF_FILE} osd ls); do
- sudo start ceph-osd id=${id}
- done
- else
- sudo service ceph start
- fi
-}
-
-# stop_ceph() - Stop running processes (non-screen)
-function stop_ceph {
- if is_ubuntu; then
- sudo service ceph-mon-all stop > /dev/null 2>&1
- sudo service ceph-osd-all stop > /dev/null 2>&1
- else
- sudo service ceph stop > /dev/null 2>&1
- fi
-}
-
-
-# Restore xtrace
-$_XTRACE_LIB_CEPH
-
-## Local variables:
-## mode: shell-script
-## End:
diff --git a/lib/keystone b/lib/keystone
index 6198e43..797ff50 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -345,6 +345,8 @@
iniset $KEYSTONE_CONF fernet_tokens key_repository "$KEYSTONE_CONF_DIR/fernet-keys/"
+ iniset $KEYSTONE_CONF credential key_repository "$KEYSTONE_CONF_DIR/credential-keys/"
+
# Configure the project created by the 'keystone-manage bootstrap' as the cloud-admin project.
# The users from this project are globally admin as before, but it also
# allows policy changes in order to clarify the adminess scope.
@@ -514,6 +516,9 @@
rm -rf "$KEYSTONE_CONF_DIR/fernet-keys/"
$KEYSTONE_BIN_DIR/keystone-manage --config-file $KEYSTONE_CONF fernet_setup
fi
+ rm -rf "$KEYSTONE_CONF_DIR/credential-keys/"
+ $KEYSTONE_BIN_DIR/keystone-manage --config-file $KEYSTONE_CONF credential_setup
+
}
# install_keystoneauth() - Collect source and prepare
diff --git a/lib/lvm b/lib/lvm
index b9d7c39..d35a76f 100644
--- a/lib/lvm
+++ b/lib/lvm
@@ -58,7 +58,9 @@
if [[ -n "$backing_file" ]] && [[ -e "$backing_file" ]]; then
local vg_dev
vg_dev=$(sudo losetup -j $backing_file | awk -F':' '/'$BACKING_FILE_SUFFIX'/ { print $1}')
- sudo losetup -d $vg_dev
+ if [[ -n "$vg_dev" ]]; then
+ sudo losetup -d $vg_dev
+ fi
rm -f $backing_file
fi
}
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
index 25fb6b7..b1b5230 100644
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -74,7 +74,6 @@
NEUTRON_DIR=$DEST/neutron
NEUTRON_FWAAS_DIR=$DEST/neutron-fwaas
-NEUTRON_LBAAS_DIR=$DEST/neutron-lbaas
NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron}
# Support entry points installation of console scripts
@@ -88,9 +87,6 @@
NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf
export NEUTRON_TEST_CONFIG_FILE=${NEUTRON_TEST_CONFIG_FILE:-"$NEUTRON_CONF_DIR/debug.ini"}
-# Default provider for load balancer service
-DEFAULT_LB_PROVIDER=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
-
# Agent binaries. Note, binary paths for other agents are set in per-service
# scripts in lib/neutron_plugins/services/
AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent"
@@ -203,7 +199,7 @@
# agent, as described below.
#
# Example: ``PHYSICAL_NETWORK=default``
-PHYSICAL_NETWORK=${PHYSICAL_NETWORK:-}
+PHYSICAL_NETWORK=${PHYSICAL_NETWORK:-public}
# With the openvswitch agent, if using VLANs for tenant networks,
# or if using flat or VLAN provider networks, set in ``localrc`` to
@@ -213,7 +209,7 @@
# port for external connectivity.
#
# Example: ``OVS_PHYSICAL_BRIDGE=br-eth1``
-OVS_PHYSICAL_BRIDGE=${OVS_PHYSICAL_BRIDGE:-}
+OVS_PHYSICAL_BRIDGE=${OVS_PHYSICAL_BRIDGE:-br-ex}
# With the linuxbridge agent, if using VLANs for tenant networks,
# or if using flat or VLAN provider networks, set in ``localrc`` to
@@ -252,12 +248,6 @@
source $TOP_DIR/lib/neutron_plugins/$Q_PLUGIN
fi
-# Agent loadbalancer service plugin functions
-# -------------------------------------------
-
-# Hardcoding for 1 service plugin for now
-source $TOP_DIR/lib/neutron_plugins/services/loadbalancer
-
# Agent metering service plugin functions
# -------------------------------------------
@@ -316,10 +306,6 @@
iniset_rpc_backend neutron $NEUTRON_CONF
# goes before q-svc to init Q_SERVICE_PLUGIN_CLASSES
- if is_service_enabled q-lbaas; then
- deprecated "Configuring q-lbaas through devstack is deprecated"
- _configure_neutron_lbaas
- fi
if is_service_enabled q-metering; then
_configure_neutron_metering
fi
@@ -418,10 +404,6 @@
git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH
setup_develop $NEUTRON_DIR
- if is_service_enabled q-lbaas; then
- git_clone $NEUTRON_LBAAS_REPO $NEUTRON_LBAAS_DIR $NEUTRON_LBAAS_BRANCH
- setup_develop $NEUTRON_LBAAS_DIR
- fi
if [ "$VIRT_DRIVER" == 'xenserver' ]; then
local dom0_ip
@@ -452,10 +434,6 @@
if is_service_enabled q-agt q-dhcp q-l3; then
neutron_plugin_install_agent_packages
fi
-
- if is_service_enabled q-lbaas; then
- neutron_agent_lbaas_install_agent_packages
- fi
}
# Start running processes, including screen
@@ -516,7 +494,6 @@
fi
run_process q-meta "$AGENT_META_BINARY --config-file $NEUTRON_CONF --config-file $Q_META_CONF_FILE"
- run_process q-lbaas "$AGENT_LBAAS_BINARY --config-file $NEUTRON_CONF --config-file $LBAAS_AGENT_CONF_FILENAME"
run_process q-metering "$AGENT_METERING_BINARY --config-file $NEUTRON_CONF --config-file $METERING_AGENT_CONF_FILENAME"
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
@@ -556,9 +533,6 @@
stop_process q-meta
fi
- if is_service_enabled q-lbaas; then
- neutron_lbaas_stop
- fi
if is_service_enabled q-metering; then
neutron_metering_stop
fi
@@ -662,7 +636,7 @@
fi
# delete all namespaces created by neutron
- for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do
+ for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|fip|snat)-[0-9a-f-]*'); do
sudo ip netns delete ${ns}
done
}
@@ -818,18 +792,6 @@
iniset $NEUTRON_CONF oslo_messaging_notifications driver messaging
}
-function _configure_neutron_lbaas {
- # Uses oslo config generator to generate LBaaS sample configuration files
- (cd $NEUTRON_LBAAS_DIR && exec ./tools/generate_config_file_samples.sh)
-
- if [ -f $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf.sample ]; then
- cp $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf.sample $NEUTRON_CONF_DIR/neutron_lbaas.conf
- iniset $NEUTRON_CONF_DIR/neutron_lbaas.conf service_providers service_provider $DEFAULT_LB_PROVIDER
- fi
- neutron_agent_lbaas_configure_common
- neutron_agent_lbaas_configure_agent
-}
-
function _configure_neutron_metering {
neutron_agent_metering_configure_common
neutron_agent_metering_configure_agent
diff --git a/lib/neutron_plugins/services/l3 b/lib/neutron_plugins/services/l3
index 334cd7a..2e96284 100644
--- a/lib/neutron_plugins/services/l3
+++ b/lib/neutron_plugins/services/l3
@@ -17,6 +17,11 @@
PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}
PUBLIC_BRIDGE_MTU=${PUBLIC_BRIDGE_MTU:-1500}
+# If Q_ASSIGN_GATEWAY_TO_PUBLIC_BRIDGE=True, assign the gateway IP of the public
+# subnet to the public bridge interface even if Q_USE_PROVIDERNET_FOR_PUBLIC is
+# used.
+Q_ASSIGN_GATEWAY_TO_PUBLIC_BRIDGE=${Q_ASSIGN_GATEWAY_TO_PUBLIC_BRIDGE:-True}
+
# If Q_USE_PUBLIC_VETH=True, create and use a veth pair instead of
# PUBLIC_BRIDGE. This is intended to be used with
# Q_USE_PROVIDERNET_FOR_PUBLIC=True.
@@ -51,7 +56,7 @@
# Q_USE_PROVIDERNET_FOR_PUBLIC=True
# PUBLIC_PHYSICAL_NETWORK=public
# OVS_BRIDGE_MAPPINGS=public:br-ex
-Q_USE_PROVIDERNET_FOR_PUBLIC=${Q_USE_PROVIDERNET_FOR_PUBLIC:-False}
+Q_USE_PROVIDERNET_FOR_PUBLIC=${Q_USE_PROVIDERNET_FOR_PUBLIC:-True}
PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK:-public}
# Generate 40-bit IPv6 Global ID to comply with RFC 4193
@@ -63,14 +68,14 @@
IPV6_PUBLIC_SUBNET_NAME=${IPV6_PUBLIC_SUBNET_NAME:-ipv6-public-subnet}
IPV6_PRIVATE_SUBNET_NAME=${IPV6_PRIVATE_SUBNET_NAME:-ipv6-private-subnet}
FIXED_RANGE_V6=${FIXED_RANGE_V6:-fd$IPV6_GLOBAL_ID::/64}
-IPV6_PRIVATE_NETWORK_GATEWAY=${IPV6_PRIVATE_NETWORK_GATEWAY:-fd$IPV6_GLOBAL_ID::1}
+IPV6_PRIVATE_NETWORK_GATEWAY=${IPV6_PRIVATE_NETWORK_GATEWAY:-}
IPV6_PUBLIC_RANGE=${IPV6_PUBLIC_RANGE:-2001:db8::/64}
IPV6_PUBLIC_NETWORK_GATEWAY=${IPV6_PUBLIC_NETWORK_GATEWAY:-2001:db8::2}
IPV6_ROUTER_GW_IP=${IPV6_ROUTER_GW_IP:-2001:db8::1}
# Gateway and subnet defaults, in case they are not customized in localrc
-NETWORK_GATEWAY=${NETWORK_GATEWAY:-10.0.0.1}
-PUBLIC_NETWORK_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-172.24.4.1}
+NETWORK_GATEWAY=${NETWORK_GATEWAY:-}
+PUBLIC_NETWORK_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-}
PRIVATE_SUBNET_NAME=${PRIVATE_SUBNET_NAME:-"private-subnet"}
PUBLIC_SUBNET_NAME=${PUBLIC_SUBNET_NAME:-"public-subnet"}
@@ -83,6 +88,9 @@
SUBNETPOOL_SIZE_V4=${SUBNETPOOL_SIZE_V4:-24}
SUBNETPOOL_SIZE_V6=${SUBNETPOOL_SIZE_V6:-64}
+default_route_dev=$(ip route | grep ^default | awk '{print $5}')
+die_if_not_set $LINENO default_route_dev "Failure retrieving default route device"
+
function _determine_config_l3 {
local opts="--config-file $NEUTRON_CONF --config-file $Q_L3_CONF_FILE"
echo "$opts"
@@ -113,9 +121,7 @@
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6"
fi
else
- local default_dev=""
- default_dev=$(ip route | grep ^default | awk '{print $5}')
- sudo iptables -t nat -A POSTROUTING -o $default_dev -s $FLOATING_RANGE -j MASQUERADE
+ sudo iptables -t nat -A POSTROUTING -o $default_route_dev -s $FLOATING_RANGE -j MASQUERADE
fi
}
@@ -242,7 +248,9 @@
local project_id=$1
local subnet_params="--tenant-id $project_id "
subnet_params+="--ip_version 4 "
- subnet_params+="--gateway $NETWORK_GATEWAY "
+ if [[ -n "$NETWORK_GATEWAY" ]]; then
+ subnet_params+="--gateway $NETWORK_GATEWAY "
+ fi
subnet_params+="--name $PRIVATE_SUBNET_NAME "
subnet_params+="$NET_ID $FIXED_RANGE"
local subnet_id
@@ -259,7 +267,9 @@
local ipv6_modes="--ipv6-ra-mode $IPV6_RA_MODE --ipv6-address-mode $IPV6_ADDRESS_MODE"
local subnet_params="--tenant-id $project_id "
subnet_params+="--ip_version 6 "
- subnet_params+="--gateway $IPV6_PRIVATE_NETWORK_GATEWAY "
+ if [[ -n "$IPV6_PRIVATE_NETWORK_GATEWAY" ]]; then
+ subnet_params+="--gateway $IPV6_PRIVATE_NETWORK_GATEWAY "
+ fi
subnet_params+="--name $IPV6_PRIVATE_SUBNET_NAME "
subnet_params+="$NET_ID $FIXED_RANGE_V6 $ipv6_modes"
local ipv6_subnet_id
@@ -270,9 +280,11 @@
# Create public IPv4 subnet
function _neutron_create_public_subnet_v4 {
- local subnet_params+="--ip_version 4 "
+ local subnet_params="--ip_version 4 "
subnet_params+="${Q_FLOATING_ALLOCATION_POOL:+--allocation-pool $Q_FLOATING_ALLOCATION_POOL} "
- subnet_params+="--gateway $PUBLIC_NETWORK_GATEWAY "
+ if [[ -n "$PUBLIC_NETWORK_GATEWAY" ]]; then
+ subnet_params+="--gateway $PUBLIC_NETWORK_GATEWAY "
+ fi
subnet_params+="--name $PUBLIC_SUBNET_NAME "
subnet_params+="$EXT_NET_ID $FLOATING_RANGE "
subnet_params+="-- --enable_dhcp=False"
@@ -328,7 +340,7 @@
local cidr_len=${FLOATING_RANGE#*/}
local testcmd="ip -o link | grep -q $ext_gw_interface"
test_with_retry "$testcmd" "$ext_gw_interface creation failed"
- if [[ $(ip addr show dev $ext_gw_interface | grep -c $ext_gw_ip) == 0 && ( $Q_USE_PROVIDERNET_FOR_PUBLIC == "False" || $Q_USE_PUBLIC_VETH == "True" ) ]]; then
+ if [[ $(ip addr show dev $ext_gw_interface | grep -c $ext_gw_ip) == 0 && ( $Q_USE_PROVIDERNET_FOR_PUBLIC == "False" || $Q_USE_PUBLIC_VETH == "True" || $Q_ASSIGN_GATEWAY_TO_PUBLIC_BRIDGE == "True" ) ]]; then
sudo ip addr add $ext_gw_ip/$cidr_len dev $ext_gw_interface
sudo ip link set $ext_gw_interface up
fi
@@ -359,6 +371,11 @@
# This logic is specific to using the l3-agent for layer 3
if is_service_enabled q-l3 || is_service_enabled neutron-l3; then
+ # Ensure IPv6 RAs are accepted on the interface with the default route.
+ # This is needed for neutron-based devstack clouds to work in
+ # IPv6-only clouds in the gate. Please do not remove this without
+ # talking to folks in Infra.
+ sudo sysctl -w net.ipv6.conf.$default_route_dev.accept_ra=2
# Ensure IPv6 forwarding is enabled on the host
sudo sysctl -w net.ipv6.conf.all.forwarding=1
# Configure and enable public bridge
diff --git a/lib/neutron_plugins/services/loadbalancer b/lib/neutron_plugins/services/loadbalancer
deleted file mode 100644
index 30e9480..0000000
--- a/lib/neutron_plugins/services/loadbalancer
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/bash
-
-# Neutron loadbalancer plugin
-# ---------------------------
-
-# Save trace setting
-_XTRACE_NEUTRON_LB=$(set +o | grep xtrace)
-set +o xtrace
-
-
-AGENT_LBAAS_BINARY="$NEUTRON_BIN_DIR/neutron-lbaas-agent"
-LBAAS_PLUGIN=neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin
-
-function neutron_agent_lbaas_install_agent_packages {
- if is_ubuntu || is_fedora || is_suse; then
- install_package haproxy
- fi
-}
-
-function neutron_agent_lbaas_configure_common {
- _neutron_service_plugin_class_add $LBAAS_PLUGIN
- _neutron_deploy_rootwrap_filters $NEUTRON_LBAAS_DIR
-}
-
-function neutron_agent_lbaas_configure_agent {
- LBAAS_AGENT_CONF_PATH=/etc/neutron/services/loadbalancer/haproxy
- mkdir -p $LBAAS_AGENT_CONF_PATH
-
- LBAAS_AGENT_CONF_FILENAME="$LBAAS_AGENT_CONF_PATH/lbaas_agent.ini"
-
- cp $NEUTRON_LBAAS_DIR/etc/lbaas_agent.ini.sample $LBAAS_AGENT_CONF_FILENAME
-
- # ovs_use_veth needs to be set before the plugin configuration
- # occurs to allow plugins to override the setting.
- iniset $LBAAS_AGENT_CONF_FILENAME DEFAULT ovs_use_veth $Q_OVS_USE_VETH
-
- neutron_plugin_setup_interface_driver $LBAAS_AGENT_CONF_FILENAME
-
- if is_fedora; then
- iniset $LBAAS_AGENT_CONF_FILENAME DEFAULT user_group "nobody"
- iniset $LBAAS_AGENT_CONF_FILENAME haproxy user_group "nobody"
- fi
-}
-
-function neutron_lbaas_stop {
- pids=$(ps aux | awk '/haproxy/ { print $2 }')
- [ ! -z "$pids" ] && sudo kill $pids || true
-}
-
-# Restore xtrace
-$_XTRACE_NEUTRON_LB
diff --git a/lib/nova b/lib/nova
index e187220..670f605 100644
--- a/lib/nova
+++ b/lib/nova
@@ -83,7 +83,10 @@
# Option to enable/disable config drive
# NOTE: Set ``FORCE_CONFIG_DRIVE="False"`` to turn OFF config drive
-FORCE_CONFIG_DRIVE=${FORCE_CONFIG_DRIVE:-"True"}
+FORCE_CONFIG_DRIVE=${FORCE_CONFIG_DRIVE:-"False"}
+
+# Option to initialize CellsV2 environment
+NOVA_CONFIGURE_CELLSV2=$(trueorfalse False NOVA_CONFIGURE_CELLSV2)
# Nova supports pluggable schedulers. The default ``FilterScheduler``
# should work in most cases.
@@ -682,10 +685,15 @@
# All nova components talk to a central database.
# Only do this step once on the API node for an entire cluster.
if is_service_enabled $DATABASE_BACKENDS && is_service_enabled n-api; then
- # (Re)create nova database
+ # (Re)create nova databases
recreate_database nova
+ if [ "$NOVA_CONFIGURE_CELLSV2" != "False" ]; then
+ recreate_database nova_api_cell0
+ fi
- # Migrate nova database
+ # Migrate nova database. If "nova-manage cell_v2 simple_cell_setup" has
+ # been run this migrates the "nova" and "nova_api_cell0" database.
+ # Otherwise it just migrates the "nova" database.
$NOVA_BIN_DIR/nova-manage --config-file $NOVA_CONF db sync
if is_service_enabled n-cell; then
@@ -938,6 +946,15 @@
fi
}
+# create_cell(): Group the available hosts into a cell
+function create_cell {
+ if ! is_service_enabled n-cell; then
+ nova-manage cell_v2 simple_cell_setup --transport-url $(get_transport_url)
+ else
+ echo 'Skipping cellsv2 setup for this cellsv1 configuration'
+ fi
+}
+
# Restore xtrace
$_XTRACE_LIB_NOVA
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 4e5a748..cc013c3 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -124,6 +124,12 @@
# Service needs to be started on redhat/fedora -- do a restart for
# sanity after fiddling the config.
restart_service $LIBVIRT_DAEMON
+
+ # Restart virtlogd companion service to ensure it is running properly
+ # https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1577455
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1290357
+ # (not all platforms have it; libvirt 1.3+ only, thus the ignore)
+ restart_service virtlogd || true
}
diff --git a/lib/nova_plugins/hypervisor-fake b/lib/nova_plugins/hypervisor-fake
index 6ac2199..f9b95c1 100644
--- a/lib/nova_plugins/hypervisor-fake
+++ b/lib/nova_plugins/hypervisor-fake
@@ -45,7 +45,7 @@
iniset $NOVA_CONF DEFAULT quota_fixed_ips -1
iniset $NOVA_CONF DEFAULT quota_metadata_items -1
iniset $NOVA_CONF DEFAULT quota_injected_files -1
- iniset $NOVA_CONF DEFAULT quota_injected_file_path_bytes -1
+ iniset $NOVA_CONF DEFAULT quota_injected_file_path_length -1
iniset $NOVA_CONF DEFAULT quota_security_groups -1
iniset $NOVA_CONF DEFAULT quota_security_group_rules -1
iniset $NOVA_CONF DEFAULT quota_key_pairs -1
diff --git a/lib/nova_plugins/hypervisor-xenserver b/lib/nova_plugins/hypervisor-xenserver
index e75226a..e5d25da 100644
--- a/lib/nova_plugins/hypervisor-xenserver
+++ b/lib/nova_plugins/hypervisor-xenserver
@@ -87,6 +87,7 @@
cat $TOP_DIR/tools/xen/functions
echo "create_directory_for_images"
echo "create_directory_for_kernels"
+ echo "install_conntrack_tools"
} | $ssh_dom0
}
diff --git a/lib/placement b/lib/placement
new file mode 100644
index 0000000..165c670
--- /dev/null
+++ b/lib/placement
@@ -0,0 +1,193 @@
+#!/bin/bash
+#
+# lib/placement
+# Functions to control the configuration and operation of the **Placement** service
+#
+# Currently the placement service is embedded in nova. Eventually we
+# expect this to change so this file is started as a separate entity
+# despite making use of some *NOVA* variables and files.
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
+# - ``FILES``
+
+# ``stack.sh`` calls the entry points in this order:
+#
+# - install_placement
+# - cleanup_placement
+# - configure_placement
+# - init_placement
+# - start_placement
+# - stop_placement
+
+# Save trace setting
+_XTRACE_LIB_PLACEMENT=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+PLACEMENT_CONF_DIR=/etc/nova
+PLACEMENT_CONF=$PLACEMENT_CONF_DIR/nova.conf
+PLACEMENT_AUTH_STRATEGY=${PLACEMENT_AUTH_STRATEGY:-placement}
+
+
+# The placement service can optionally use a separate database
+# connection. Set PLACEMENT_DB_ENABLED to True to use it.
+# NOTE(cdent): This functionality depends on some code that is not
+# yet merged in nova but is coming soon.
+PLACEMENT_DB_ENABLED=$(trueorfalse False PLACEMENT_DB_ENABLED)
+
+if is_ssl_enabled_service "placement-api" || is_service_enabled tls-proxy; then
+ PLACEMENT_SERVICE_PROTOCOL="https"
+fi
+
+# Public facing bits
+PLACEMENT_SERVICE_PROTOCOL=${PLACEMENT_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+PLACEMENT_SERVICE_HOST=${PLACEMENT_SERVICE_HOST:-$SERVICE_HOST}
+PLACEMENT_SERVICE_PORT=${PLACEMENT_SERVICE_PORT:-8778}
+
+# Functions
+# ---------
+
+# Test if any placement services are enabled
+# is_placement_enabled
+function is_placement_enabled {
+ [[ ,${ENABLED_SERVICES} =~ ,"placement-" ]] && return 0
+ return 1
+}
+
+# cleanup_placement() - Remove residual data files, anything left over from previous
+# runs that a clean run would need to clean up
+function cleanup_placement {
+ sudo rm -f $(apache_site_config_for placement-api)
+}
+
+# _config_placement_apache_wsgi() - Set WSGI config files
+function _config_placement_apache_wsgi {
+ local placement_api_apache_conf
+ local placement_api_port=$PLACEMENT_SERVICE_PORT
+ local venv_path=""
+ local nova_bin_dir=""
+ nova_bin_dir=$(get_python_exec_prefix)
+ placement_api_apache_conf=$(apache_site_config_for placement-api)
+
+ # reuse nova's cert if a cert is being used
+ if is_ssl_enabled_service "placement-api"; then
+ placement_ssl="SSLEngine On"
+ placement_certfile="SSLCertificateFile $NOVA_SSL_CERT"
+ placement_keyfile="SSLCertificateKeyFile $NOVA_SSL_KEY"
+ fi
+ # reuse nova's venv if there is one as placement code lives
+ # there
+ if [[ ${USE_VENV} = True ]]; then
+ venv_path="python-path=${PROJECT_VENV["nova"]}/lib/$(python_version)/site-packages"
+ nova_bin_dir=${PROJECT_VENV["nova"]}/bin
+ fi
+
+ sudo cp $FILES/apache-placement-api.template $placement_api_apache_conf
+ sudo sed -e "
+ s|%PUBLICPORT%|$placement_api_port|g;
+ s|%APACHE_NAME%|$APACHE_NAME|g;
+ s|%PUBLICWSGI%|$nova_bin_dir/nova-placement-api|g;
+ s|%SSLENGINE%|$placement_ssl|g;
+ s|%SSLCERTFILE%|$placement_certfile|g;
+ s|%SSLKEYFILE%|$placement_keyfile|g;
+ s|%USER%|$STACK_USER|g;
+ s|%VIRTUALENV%|$venv_path|g
+ s|%APIWORKERS%|$API_WORKERS|g
+ " -i $placement_api_apache_conf
+}
+
+# configure_placement() - Set config files, create data dirs, etc
+function configure_placement {
+ if [ "$PLACEMENT_DB_ENABLED" != False ]; then
+ iniset $PLACEMENT_CONF placement_database connection `database_connection_url placement`
+ fi
+
+ iniset $NOVA_CONF placement auth_type "password"
+ iniset $NOVA_CONF placement auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"
+ iniset $NOVA_CONF placement username placement
+ iniset $NOVA_CONF placement password "$SERVICE_PASSWORD"
+ iniset $NOVA_CONF placement user_domain_name "Default"
+ iniset $NOVA_CONF placement project_name "$SERVICE_TENANT_NAME"
+ iniset $NOVA_CONF placement project_domain_name "Default"
+ iniset $NOVA_CONF placement os_region_name "$REGION_NAME"
+ # TODO(cdent): auth_strategy, which is common to see in these
+ # blocks is not currently used here. For the time being the
+ # placement api uses the auth_strategy configuration setting
+ # established by the nova api. This avoids, for the time, being,
+ # creating redundant configuration items that are just used for
+ # testing.
+
+ _config_placement_apache_wsgi
+}
+
+# create_placement_accounts() - Set up required placement accounts
+# and service and endpoints.
+function create_placement_accounts {
+ create_service_user "placement" "admin"
+ local placement_api_url="$PLACEMENT_SERVICE_PROTOCOL://$PLACEMENT_SERVICE_HOST/placement"
+ get_or_create_service "placement" "placement" "Placement Service"
+ get_or_create_endpoint \
+ "placement" \
+ "$REGION_NAME" \
+ "$placement_api_url" \
+ "$placement_api_url" \
+ "$placement_api_url"
+}
+
+# init_placement() - Create service user and endpoints
+# If PLACEMENT_DB_ENABLED is true, create the separate placement db
+# using, for now, the api_db migrations.
+function init_placement {
+ if [ "$PLACEMENT_DB_ENABLED" != False ]; then
+ recreate_database placement
+ $NOVA_BIN_DIR/nova-manage --config-file $NOVA_CONF api_db sync
+ fi
+ create_placement_accounts
+}
+
+# install_placement() - Collect source and prepare
+function install_placement {
+ install_apache_wsgi
+ if is_ssl_enabled_service "placement-api"; then
+ enable_mod_ssl
+ fi
+}
+
+# start_placement_api() - Start the API processes ahead of other things
+function start_placement_api {
+ # Get right service port for testing
+ local service_port=$PLACEMENT_SERVICE_PORT
+ local placement_api_port=$PLACEMENT_SERVICE_PORT
+
+ enable_apache_site placement-api
+ restart_apache_server
+ tail_log placement-api /var/log/$APACHE_NAME/placement-api.log
+
+ echo "Waiting for placement-api to start..."
+ if ! wait_for_service $SERVICE_TIMEOUT $PLACEMENT_SERVICE_PROTOCOL://$PLACEMENT_SERVICE_HOST/placement; then
+ die $LINENO "placement-api did not start"
+ fi
+}
+
+function start_placement {
+ start_placement_api
+}
+
+# stop_placement() - Disable the api service and stop it.
+function stop_placement {
+ disable_apache_site placement-api
+ restart_apache_server
+}
+
+# Restore xtrace
+$_XTRACE_LIB_PLACEMENT
+
+# Tell emacs to use shell-script-mode
+## Local variables:
+## mode: shell-script
+## End:
diff --git a/lib/rpc_backend b/lib/rpc_backend
index 0ee46dc..97b1aa4 100644
--- a/lib/rpc_backend
+++ b/lib/rpc_backend
@@ -24,6 +24,8 @@
_XTRACE_RPC_BACKEND=$(set +o | grep xtrace)
set +o xtrace
+RABBIT_USERID=${RABBIT_USERID:-stackrabbit}
+
# Functions
# ---------
diff --git a/stack.sh b/stack.sh
index ce34cd5..f47842b 100755
--- a/stack.sh
+++ b/stack.sh
@@ -27,6 +27,13 @@
# Make sure custom grep options don't get in the way
unset GREP_OPTIONS
+# Sanitize language settings to avoid commands bailing out
+# with "unsupported locale setting" errors.
+unset LANG
+unset LANGUAGE
+LC_ALL=C
+export LC_ALL
+
# Make sure umask is sane
umask 022
@@ -562,6 +569,7 @@
source $TOP_DIR/lib/keystone
source $TOP_DIR/lib/glance
source $TOP_DIR/lib/nova
+source $TOP_DIR/lib/placement
source $TOP_DIR/lib/cinder
source $TOP_DIR/lib/swift
source $TOP_DIR/lib/heat
@@ -656,7 +664,6 @@
# Rabbit connection info
# In multi node DevStack, second node needs ``RABBIT_USERID``, but rabbit
# isn't enabled.
-RABBIT_USERID=${RABBIT_USERID:-stackrabbit}
if is_service_enabled rabbit; then
RABBIT_HOST=${RABBIT_HOST:-$SERVICE_HOST}
read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
@@ -852,6 +859,13 @@
configure_nova
fi
+if is_service_enabled placement; then
+ # placement api
+ stack_install_service placement
+ cleanup_placement
+ configure_placement
+fi
+
if is_service_enabled horizon; then
# django openstack_auth
install_django_openstack_auth
@@ -1153,6 +1167,11 @@
init_nova_cells
fi
+if is_service_enabled placement; then
+ echo_summary "Configuring placement"
+ init_placement
+fi
+
# Extras Configuration
# ====================
@@ -1255,6 +1274,10 @@
start_nova
create_flavors
fi
+if is_service_enabled placement; then
+ echo_summary "Starting Placement"
+ start_placement
+fi
if is_service_enabled cinder; then
echo_summary "Starting Cinder"
start_cinder
@@ -1353,11 +1376,24 @@
check_libs_from_git
+# Configure nova cellsv2
+# ----------------------
+
+# Do this late because it requires compute hosts to have started
+if is_service_enabled n-api && [ "$NOVA_CONFIGURE_CELLSV2" == "True" ]; then
+ create_cell
+fi
+
# Bash completion
# ===============
# Prepare bash completion for OSC
-openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
+#
+# BUG: https://bugs.launchpad.net/python-openstackclient/+bug/1619274
+# the os-cloud param should not be required but if we don't provide it
+# then this command hangs indefinitely if something is wrong with
+# default environment credentials.
+openstack --os-cloud=devstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
# If cinder is configured, set global_filter for PV devices
if is_service_enabled cinder; then
diff --git a/stackrc b/stackrc
index 63ae9d3..c14085a 100644
--- a/stackrc
+++ b/stackrc
@@ -7,13 +7,6 @@
[[ -z "$_DEVSTACK_STACKRC" ]] || return 0
declare -r _DEVSTACK_STACKRC=1
-# Sanitize language settings to avoid commands bailing out
-# with "unsupported locale setting" errors.
-unset LANG
-unset LANGUAGE
-LC_ALL=C
-export LC_ALL
-
# Find the other rc files
RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)
@@ -23,6 +16,15 @@
# Destination path for installation
DEST=/opt/stack
+# Destination for working data
+DATA_DIR=${DEST}/data
+
+# Destination for status files
+SERVICE_DIR=${DEST}/status
+
+# Path for subunit output file
+SUBUNIT_OUTPUT=${DEST}/devstack.subunit
+
# Determine stack user
if [[ $EUID -eq 0 ]]; then
STACK_USER=stack
@@ -128,15 +130,6 @@
source $RC_DIR/.localrc.auto
fi
-# Destination for working data
-DATA_DIR=${DATA_DIR:-$DEST/data}
-
-# Destination for status files
-SERVICE_DIR=${SERVICE_DIR:-$DEST/status}
-
-# Path for subunit output file
-SUBUNIT_OUTPUT=${SUBUNIT_OUTPUT:-$DEST/devstack.subunit}
-
# Default for log coloring is based on interactive-or-not.
# Baseline assumption is that non-interactive invocations are for CI,
# where logs are to be presented as browsable text files; hence color
@@ -266,10 +259,6 @@
NEUTRON_FWAAS_REPO=${NEUTRON_FWAAS_REPO:-${GIT_BASE}/openstack/neutron-fwaas.git}
NEUTRON_FWAAS_BRANCH=${NEUTRON_FWAAS_BRANCH:-master}
-# neutron lbaas service
-NEUTRON_LBAAS_REPO=${NEUTRON_LBAAS_REPO:-${GIT_BASE}/openstack/neutron-lbaas.git}
-NEUTRON_LBAAS_BRANCH=${NEUTRON_LBAAS_BRANCH:-master}
-
# compute service
NOVA_REPO=${NOVA_REPO:-${GIT_BASE}/openstack/nova.git}
NOVA_BRANCH=${NOVA_BRANCH:-master}
diff --git a/tools/info.sh b/tools/info.sh
index c056fa7..282667f 100755
--- a/tools/info.sh
+++ b/tools/info.sh
@@ -8,7 +8,7 @@
# Output types are git,localrc,os,pip,pkg:
#
# git|<project>|<branch>[<shaq>]
-# localtc|<var>=<value>
+# localrc|<var>=<value>
# os|<var>=<value>
# pip|<package>|<version>
# pkg|<package>|<version>
diff --git a/tools/install_pip.sh b/tools/install_pip.sh
index 1267699..a5ccb19 100755
--- a/tools/install_pip.sh
+++ b/tools/install_pip.sh
@@ -24,7 +24,20 @@
FILES=$TOP_DIR/files
-PIP_GET_PIP_URL=https://bootstrap.pypa.io/get-pip.py
+# The URL from where the get-pip.py file gets downloaded. If a local
+# get-pip.py mirror is available, PIP_GET_PIP_URL can be set to that
+# mirror in local.conf to avoid download timeouts.
+# Example:
+# PIP_GET_PIP_URL="http://local-server/get-pip.py"
+#
+# Note that if get-pip.py already exists in $FILES this script will
+# not re-download or check for a new version. For example, this is
+# done by openstack-infra diskimage-builder elements as part of image
+# preparation [1]. This prevents any network access, which can be
+# unreliable in CI situations.
+# [1] http://git.openstack.org/cgit/openstack-infra/project-config/tree/nodepool/elements/cache-devstack/source-repository-pip
+
+PIP_GET_PIP_URL=${PIP_GET_PIP_URL:-"https://bootstrap.pypa.io/get-pip.py"}
LOCAL_PIP="$FILES/$(basename $PIP_GET_PIP_URL)"
GetDistro
diff --git a/tools/xen/functions b/tools/xen/functions
index cf14568..e1864eb 100644
--- a/tools/xen/functions
+++ b/tools/xen/functions
@@ -305,3 +305,25 @@
xe vm-list name-label="$vm_name_label" params=dom-id minimal=true
}
+
+function install_conntrack_tools {
+ local xs_host
+ local xs_ver_major
+ local centos_ver
+ local conntrack_conf
+ xs_host=$(xe host-list --minimal)
+ xs_ver_major=$(xe host-param-get uuid=$xs_host param-name=software-version param-key=product_version_text_short | cut -d'.' -f 1)
+ if [ $xs_ver_major -gt 6 ]; then
+ # Only support conntrack-tools in Dom0 with XS7.0 and above
+ if [ ! -f /usr/sbin/conntrackd ]; then
+ sed -i s/#baseurl=/baseurl=/g /etc/yum.repos.d/CentOS-Base.repo
+ centos_ver=$(yum version nogroups |grep Installed | cut -d' ' -f 2 | cut -d'.' -f1-2 | tr '-' '.')
+ yum install -y --enablerepo=base --releasever=$centos_ver conntrack-tools
+ # Backup conntrackd.conf after install conntrack-tools, use the one with statistic mode
+ mv /etc/conntrackd/conntrackd.conf /etc/conntrackd/conntrackd.conf.back
+ conntrack_conf=$(find /usr/share/doc -name conntrackd.conf |grep stats)
+ cp $conntrack_conf /etc/conntrackd/conntrackd.conf
+ fi
+ service conntrackd restart
+ fi
+}
diff --git a/unstack.sh b/unstack.sh
index ece69ac..d93b835 100755
--- a/unstack.sh
+++ b/unstack.sh
@@ -63,6 +63,7 @@
source $TOP_DIR/lib/keystone
source $TOP_DIR/lib/glance
source $TOP_DIR/lib/nova
+source $TOP_DIR/lib/placement
source $TOP_DIR/lib/cinder
source $TOP_DIR/lib/swift
source $TOP_DIR/lib/heat
@@ -111,6 +112,10 @@
stop_nova
fi
+if is_service_enabled placement; then
+ stop_placement
+fi
+
if is_service_enabled glance; then
stop_glance
fi