From 54dc19ecad2ed06694a4b6269c2833d9533a26f5 Mon Sep 17 00:00:00 2001 From: Mahito OGURA Date: Tue, 14 Jul 2015 17:16:42 +0900 Subject: [PATCH 0001/2409] Add export_proxy_variables() tests to test_functions.sh In test_functions.sh, There aren't export_proxy_variables() tests. This patch add test of export_proxy_variables to test_funstions.sh. Change-Id: I76f2bab84f4019961e612b0bff0ab66646b6e160 --- tests/test_functions.sh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tests/test_functions.sh b/tests/test_functions.sh index f555de8dff..be8dc5e287 100755 --- a/tests/test_functions.sh +++ b/tests/test_functions.sh @@ -245,4 +245,33 @@ else passed "OK" fi +function test_export_proxy_variables { + echo "Testing export_proxy_variables()" + + local expected results + + http_proxy=http_proxy_test + https_proxy=https_proxy_test + no_proxy=no_proxy_test + + export_proxy_variables + expected=$(echo -e "http_proxy=$http_proxy\nhttps_proxy=$https_proxy\nno_proxy=$no_proxy") + results=$(env | egrep '(http(s)?|no)_proxy=') + if [[ $expected = $results ]]; then + passed "OK: Proxy variables are exported when proxy variables are set" + else + failed "Expected: $expected, Failed: $results" + fi + + unset http_proxy https_proxy no_proxy + export_proxy_variables + results=$(env | egrep '(http(s)?|no)_proxy=') + if [[ "" = $results ]]; then + passed "OK: Proxy variables aren't exported when proxy variables aren't set" + else + failed "Expected: '', Failed: $results" + fi +} +test_export_proxy_variables + report_results From ff70dad892a89cc4cb09aebfcf72e2de5ab7d556 Mon Sep 17 00:00:00 2001 From: Jens Rosenboom Date: Wed, 1 Jul 2015 15:22:53 +0200 Subject: [PATCH 0002/2409] Make image_list.sh independent of host IP address We do not need the HOST_IP to be detected in order to be able to list our images. So just set that to some dummy value before sourcing functions. This will allow tools like disk-image-builder to work regardless of whether get_default_host_ip succeeds or not. Change-Id: I9c22d2066e34309e70e56076e3d17c5db6ecee06 --- tools/image_list.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/image_list.sh b/tools/image_list.sh index a27635effd..27b3d4612d 100755 --- a/tools/image_list.sh +++ b/tools/image_list.sh @@ -3,6 +3,12 @@ # Keep track of the DevStack directory TOP_DIR=$(cd $(dirname "$0")/.. && pwd) +# The following "source" implicitly calls get_default_host_ip() in +# stackrc and will die if the selected default IP happens to lie +# in the default ranges for FIXED_RANGE or FLOATING_RANGE. Since we +# do not really need HOST_IP to be properly set in the remainder of +# this script, just set it to some dummy value and make stackrc happy. +HOST_IP=SKIP source $TOP_DIR/functions # Possible virt drivers, if we have more, add them here. Always keep From 961643e404919e0fa3b90f7620a4daccc962e6a3 Mon Sep 17 00:00:00 2001 From: YAMAMOTO Takashi Date: Fri, 31 Jul 2015 13:45:27 +0900 Subject: [PATCH 0003/2409] configuration.rst: Document post-extra meta section phase Change-Id: I81d121424057fd79c1a0a65d420df3ee1badb6f3 --- doc/source/configuration.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index 6052576e98..96f91ec774 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -56,6 +56,7 @@ The defined phases are: before they are started - **extra** - runs after services are started and before any files in ``extra.d`` are executed +- **post-extra** - runs after files in ``extra.d`` are executed The file is processed strictly in sequence; meta-sections may be specified more than once but if any settings are duplicated the last to From 05076fb7ea45b7f1f7d9f232afb56dbb1d6e2f08 Mon Sep 17 00:00:00 2001 From: Jamie Lennox Date: Sat, 15 Aug 2015 19:01:59 +1000 Subject: [PATCH 0004/2409] Configure horizon with identity v3 Currently horizon configures keystone using v3 only if v2 is not available. Really we should just always be using v3. Change-Id: Icac4d90b617209da75abf33f8e25ffc021c45fdb --- lib/horizon | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/lib/horizon b/lib/horizon index b0f306b675..108a7f0a8f 100644 --- a/lib/horizon +++ b/lib/horizon @@ -98,13 +98,8 @@ function init_horizon { _horizon_config_set $local_settings "" OPENSTACK_HOST \"${KEYSTONE_SERVICE_HOST}\" - if [ "$ENABLE_IDENTITY_V2" == "False" ]; then - # Only Identity v3 API is available; then use it with v3 auth tokens - _horizon_config_set $local_settings "" OPENSTACK_API_VERSIONS {\"identity\":3} - _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v3\"" - else - _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v2.0\"" - fi + _horizon_config_set $local_settings "" OPENSTACK_API_VERSIONS {\"identity\":3} + _horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v3\"" if [ -f $SSL_BUNDLE_FILE ]; then _horizon_config_set $local_settings "" OPENSTACK_SSL_CACERT \"${SSL_BUNDLE_FILE}\" From 382f982e51d6117cf8d478b94f975455dabe4ce9 Mon Sep 17 00:00:00 2001 From: Julien Danjou Date: Mon, 21 Sep 2015 14:19:52 +0000 Subject: [PATCH 0005/2409] keystone: fix prefixed URL Commit 2ad1a42ca667ff21e6f7d2ae906be23a20430036 broke entirely the Apache configuration for Keystone when used without a port on the /identity URL. This patch fixes that. Change-Id: I47805138c66456c9c5fa9af1f4ac33b03d0ce5b9 --- files/apache-keystone.template | 34 ++++++++++++---------------------- 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/files/apache-keystone.template b/files/apache-keystone.template index 4d3d2d6623..f9fa265db5 100644 --- a/files/apache-keystone.template +++ b/files/apache-keystone.template @@ -2,6 +2,16 @@ Listen %PUBLICPORT% Listen %ADMINPORT% LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %D(us)" keystone_combined + + = 2.4> + Require all granted + + + Order allow,deny + Allow from all + + + WSGIDaemonProcess keystone-public processes=5 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% WSGIProcessGroup keystone-public @@ -16,16 +26,6 @@ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %D(us)" %SSLENGINE% %SSLCERTFILE% %SSLKEYFILE% - - - = 2.4> - Require all granted - - - Order allow,deny - Allow from all - - @@ -42,19 +42,9 @@ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %D(us)" %SSLENGINE% %SSLCERTFILE% %SSLKEYFILE% - - - = 2.4> - Require all granted - - - Order allow,deny - Allow from all - - -Alias /identity %PUBLICWSGI% +Alias /identity %KEYSTONE_BIN%/keystone-wsgi-public SetHandler wsgi-script Options +ExecCGI @@ -64,7 +54,7 @@ Alias /identity %PUBLICWSGI% WSGIPassAuthorization On -Alias /identity_admin %ADMINWSGI% +Alias /identity_admin %KEYSTONE_BIN%/keystone-wsgi-admin SetHandler wsgi-script Options +ExecCGI From 59c6377ae51c024c28a6fba72de567bc97edda10 Mon Sep 17 00:00:00 2001 From: Roxana Gherle Date: Wed, 9 Sep 2015 18:22:31 -0700 Subject: [PATCH 0006/2409] Assign admin role for admin user on default domain This patch adds an admin role assignment for the admin user on the default domain as part of the Keystone configuration stage. Closes-Bug: #1494081 Change-Id: I91c88917bd51be4572e4970c94e65d866798df26 --- functions-common | 32 ++++++++++++++++++++++++++++++++ lib/keystone | 1 + 2 files changed, 33 insertions(+) diff --git a/functions-common b/functions-common index 446de5374f..c38a77243e 100644 --- a/functions-common +++ b/functions-common @@ -803,6 +803,38 @@ function get_or_add_user_project_role { echo $user_role_id } +# Gets or adds user role to domain +# Usage: get_or_add_user_domain_role +function get_or_add_user_domain_role { + local user_role_id + # Gets user role id + user_role_id=$(openstack role list \ + --user $2 \ + --os-url=$KEYSTONE_SERVICE_URI_V3 \ + --os-identity-api-version=3 \ + --column "ID" \ + --domain $3 \ + --column "Name" \ + | grep " $1 " | get_field 1) + if [[ -z "$user_role_id" ]]; then + # Adds role to user and get it + openstack role add $1 \ + --user $2 \ + --domain $3 \ + --os-url=$KEYSTONE_SERVICE_URI_V3 \ + --os-identity-api-version=3 + user_role_id=$(openstack role list \ + --user $2 \ + --os-url=$KEYSTONE_SERVICE_URI_V3 \ + --os-identity-api-version=3 \ + --column "ID" \ + --domain $3 \ + --column "Name" \ + | grep " $1 " | get_field 1) + fi + echo $user_role_id +} + # Gets or adds group role to project # Usage: get_or_add_group_project_role function get_or_add_group_project_role { diff --git a/lib/keystone b/lib/keystone index e2448c9068..b15abe1cb5 100644 --- a/lib/keystone +++ b/lib/keystone @@ -364,6 +364,7 @@ function create_keystone_accounts { local admin_user=$(get_or_create_user "admin" "$ADMIN_PASSWORD" default) local admin_role=$(get_or_create_role "admin") get_or_add_user_project_role $admin_role $admin_user $admin_tenant + get_or_add_user_domain_role $admin_role $admin_user default # Create service project/role get_or_create_project "$SERVICE_TENANT_NAME" default From 8872545a0f98c5681147a08541e119813f0bdc01 Mon Sep 17 00:00:00 2001 From: Kashyap Chamarthy Date: Mon, 14 Sep 2015 13:17:56 +0200 Subject: [PATCH 0007/2409] worlddump: Use SIGUSR2 instead of SIGUSR1 The function guru_meditation_report() currently uses the User-defined signal SIGUSR1 to kill a Nova Compute process so that a Guru Meditation Report is generated. Testing locally, in a DevStack instance, manually attempting to kill a Nova compute process [kill -s USR1 `pgrep nova-compute`] does not result in process being terminated, and no error report generated. It turns out[1] that SIGUSR1 is used by Apache 'mod_wsgi'. Using the signal SIGUSR2 resolves this issue (i.e. 'nova-compute' process is terminated, and the Guru Meditation Report is generated). So, use USR2, instead of USR1. Corresponding oslo.reports related commit[2]. [1] https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIRestrictSignal [2] 45b1c02d113051d147e54ef921ce8e94135542d8 -- guru_meditation_report: Use SIGUSR2 instead of SIGUSR1 [3] Original DevStack commit that brought in this change -- 2ebe993b25462919e8aeeb896c9f91b6be7aa573 Change-Id: I8a7eaf71b83edca3c80074d6bf2d471e3db6142b --- tools/worlddump.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/worlddump.py b/tools/worlddump.py index 1b337a9a83..33d5b8f620 100755 --- a/tools/worlddump.py +++ b/tools/worlddump.py @@ -131,7 +131,7 @@ def guru_meditation_report(): print "Skipping as nova-compute does not appear to be running" return - _dump_cmd("kill -s USR1 `pgrep nova-compute`") + _dump_cmd("kill -s USR2 `pgrep nova-compute`") print "guru meditation report in nova-compute log" From bb4654b869722feb400d65869350465d8ff5439c Mon Sep 17 00:00:00 2001 From: Ihar Hrachyshka Date: Tue, 6 Oct 2015 18:09:07 +0200 Subject: [PATCH 0008/2409] Don't configure neutron metadata agent for neutron API access Metadata agent now talks to neutron-server thru AMQP, so there is no use for API access configuration. Change-Id: I8f81eea91fe3448d5098e77312f64f2eaba68a68 Depends-On: I254c575c66214f50fb93a94c46c4c9caebfc2937 Closes-Bug: #1502947 --- lib/neutron-legacy | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index e67bd4ae32..8b964a72c8 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -1050,11 +1050,6 @@ function _configure_neutron_metadata_agent { if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then iniset $Q_META_CONF_FILE AGENT root_helper_daemon "$Q_RR_DAEMON_COMMAND" fi - - # Configures keystone for metadata_agent - # The third argument "True" sets auth_url needed to communicate with keystone - _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True - } function _configure_neutron_ceilometer_notifications { @@ -1212,17 +1207,10 @@ function _neutron_setup_rootwrap { fi } -# Configures keystone integration for neutron service and agents +# Configures keystone integration for neutron service function _neutron_setup_keystone { local conf_file=$1 local section=$2 - local use_auth_url=$3 - - # Configures keystone for metadata_agent - # metadata_agent needs auth_url to communicate with keystone - if [[ "$use_auth_url" == "True" ]]; then - iniset $conf_file $section auth_url $KEYSTONE_SERVICE_URI/v2.0 - fi create_neutron_cache_dir configure_auth_token_middleware $conf_file $Q_ADMIN_USERNAME $NEUTRON_AUTH_CACHE_DIR $section From 797668ba77d781bf65cbf0832c69c8337603b9a4 Mon Sep 17 00:00:00 2001 From: jianghua wang Date: Thu, 8 Oct 2015 06:40:21 +0100 Subject: [PATCH 0009/2409] XenServer: the cron job shouldn't print debug text into stderr one cron job attempts to print debug text into stderr; so the file of /root/dead.letter gets created and its size grows continuously. It could eventually threaten dom0 disk space. Maybe there are two solutions: one is to redirect the output to a specific log file; and rotate log files in the script. And the other one is simply to redirect the output /dev/null. By considering the function of this cron job and the printed contents are straight and simple, this patch set goes with the later solution. Change-Id: I4875e5e3837e6f0249e314c6c5f408c79145c6c1 Closes-Bug: 1503966 --- lib/nova_plugins/hypervisor-xenserver | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/nova_plugins/hypervisor-xenserver b/lib/nova_plugins/hypervisor-xenserver index efce383222..e097990bd3 100644 --- a/lib/nova_plugins/hypervisor-xenserver +++ b/lib/nova_plugins/hypervisor-xenserver @@ -79,7 +79,7 @@ function configure_nova_hypervisor { # Create a cron job that will rotate guest logs $ssh_dom0 crontab - << CRONTAB -* * * * * /root/rotate_xen_guest_logs.sh +* * * * * /root/rotate_xen_guest_logs.sh >/dev/null 2>&1 CRONTAB # Create directories for kernels and images From 085855479f5a56e9ce21fdb83e2691c8aad56aa0 Mon Sep 17 00:00:00 2001 From: Marian Horban Date: Mon, 12 Oct 2015 11:36:51 -0400 Subject: [PATCH 0010/2409] Added processing /ec2 URL With config option NOVA_USE_MOD_WSGI=True nova-ec2-api handles requests on /ec2 URL. Change-Id: I0c2e99bf8b5e5cf53cd176685b206038a4b0f78b --- files/apache-nova-ec2-api.template | 9 +++++++++ lib/nova | 13 +++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/files/apache-nova-ec2-api.template b/files/apache-nova-ec2-api.template index 235d958d1a..6443567740 100644 --- a/files/apache-nova-ec2-api.template +++ b/files/apache-nova-ec2-api.template @@ -14,3 +14,12 @@ Listen %PUBLICPORT% %SSLCERTFILE% %SSLKEYFILE% + +Alias /ec2 %PUBLICWSGI% + + SetHandler wsgi-script + Options +ExecCGI + WSGIProcessGroup nova-ec2-api + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + diff --git a/lib/nova b/lib/nova index 9830276232..eb1ae1cfaa 100644 --- a/lib/nova +++ b/lib/nova @@ -440,13 +440,18 @@ function create_nova_accounts { # EC2 if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then - + local nova_ec2_api_url + if [[ "$NOVA_USE_MOD_WSGI" == "False" ]]; then + nova_ec2_api_url="$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:$EC2_SERVICE_PORT/" + else + nova_ec2_api_url="$EC2_SERVICE_PROTOCOL://$SERVICE_HOST/ec2" + fi get_or_create_service "ec2" "ec2" "EC2 Compatibility Layer" get_or_create_endpoint "ec2" \ "$REGION_NAME" \ - "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/" \ - "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/" \ - "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/" + "$nova_ec2_api_url" \ + "$nova_ec2_api_url" \ + "$nova_ec2_api_url" fi fi From 8043bfaf5ec6059e7245ff397672b1da0e563013 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Wed, 14 Oct 2015 14:53:18 +1100 Subject: [PATCH 0011/2409] Turn off tracing for service functions These functions commonly externally called (as part of stackrc inclusion, even) and do a fair bit of iteration over long service-lists, which really fills up the logs of devstack and grenade with unnecessary details. The functions are well tested by unit-tests, so we are very unlikely to need to debug internal issues with them in a hurry. Thus turn logging down for them. Change-Id: I63b9a05a0678c7e0c7012f6d768c29fd67f090d2 --- functions-common | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/functions-common b/functions-common index be3f81c412..c8f551de3c 100644 --- a/functions-common +++ b/functions-common @@ -1147,7 +1147,7 @@ function update_package_repo { if is_ubuntu; then local xtrace - xtrace=$(set +o | grep xtrace) + xtrace=$(set +o | grep xtrace) set +o xtrace if [[ "$REPOS_UPDATED" != "True" || "$RETRY_UPDATE" = "True" ]]; then # if there are transient errors pulling the updates, that's fine. @@ -1758,11 +1758,17 @@ function run_phase { # remove extra commas from the input string (i.e. ``ENABLED_SERVICES``) # _cleanup_service_list service-list function _cleanup_service_list { + local xtrace + xtrace=$(set +o | grep xtrace) + set +o xtrace + echo "$1" | sed -e ' s/,,/,/g; s/^,//; s/,$// ' + + $xtrace } # disable_all_services() removes all current services @@ -1780,6 +1786,10 @@ function disable_all_services { # Uses global ``ENABLED_SERVICES`` # disable_negated_services function disable_negated_services { + local xtrace + xtrace=$(set +o | grep xtrace) + set +o xtrace + local to_remove="" local remaining="" local service @@ -1797,6 +1807,8 @@ function disable_negated_services { # go through the service list. if this service appears in the "to # be removed" list, drop it ENABLED_SERVICES=$(remove_disabled_services "$remaining" "$to_remove") + + $xtrace } # disable_service() prepares the services passed as argument to be @@ -1808,6 +1820,10 @@ function disable_negated_services { # Uses global ``DISABLED_SERVICES`` # disable_service service [service ...] function disable_service { + local xtrace + xtrace=$(set +o | grep xtrace) + set +o xtrace + local disabled_svcs="${DISABLED_SERVICES}" local enabled_svcs=",${ENABLED_SERVICES}," local service @@ -1819,6 +1835,8 @@ function disable_service { done DISABLED_SERVICES=$(_cleanup_service_list "$disabled_svcs") ENABLED_SERVICES=$(_cleanup_service_list "$enabled_svcs") + + $xtrace } # enable_service() adds the services passed as argument to the @@ -1832,6 +1850,10 @@ function disable_service { # Uses global ``ENABLED_SERVICES`` # enable_service service [service ...] function enable_service { + local xtrace + xtrace=$(set +o | grep xtrace) + set +o xtrace + local tmpsvcs="${ENABLED_SERVICES}" local service for service in $@; do @@ -1845,6 +1867,8 @@ function enable_service { done ENABLED_SERVICES=$(_cleanup_service_list "$tmpsvcs") disable_negated_services + + $xtrace } # is_service_enabled() checks if the service(s) specified as arguments are @@ -1873,6 +1897,7 @@ function is_service_enabled { local xtrace xtrace=$(set +o | grep xtrace) set +o xtrace + local enabled=1 local services=$@ local service @@ -1898,6 +1923,7 @@ function is_service_enabled { [[ ${service} == "swift" && ${ENABLED_SERVICES} =~ "s-" ]] && enabled=0 [[ ${service} == s-* && ${ENABLED_SERVICES} =~ "swift" ]] && enabled=0 done + $xtrace return $enabled } @@ -1905,6 +1931,10 @@ function is_service_enabled { # remove specified list from the input string # remove_disabled_services service-list remove-list function remove_disabled_services { + local xtrace + xtrace=$(set +o | grep xtrace) + set +o xtrace + local service_list=$1 local remove_list=$2 local service @@ -1923,6 +1953,9 @@ function remove_disabled_services { enabled="${enabled},$service" fi done + + $xtrace + _cleanup_service_list "$enabled" } From c49917250f2dc5243d652e59d8c70c1437975dea Mon Sep 17 00:00:00 2001 From: Marian Horban Date: Thu, 22 Oct 2015 04:21:34 -0400 Subject: [PATCH 0012/2409] Removed starting of nova-ec2-api service Since nova-ec2-api service was removed from nova it is not needed in devstack. Change-Id: I91d4be02a1a9c2ca4d18256d9a37a5c2559f53b7 Closes-Bug: #1530798 --- files/apache-nova-ec2-api.template | 25 ----------------- lib/nova | 44 ------------------------------ 2 files changed, 69 deletions(-) delete mode 100644 files/apache-nova-ec2-api.template diff --git a/files/apache-nova-ec2-api.template b/files/apache-nova-ec2-api.template deleted file mode 100644 index 7b1d68b106..0000000000 --- a/files/apache-nova-ec2-api.template +++ /dev/null @@ -1,25 +0,0 @@ -Listen %PUBLICPORT% - - - WSGIDaemonProcess nova-ec2-api processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% - WSGIProcessGroup nova-ec2-api - WSGIScriptAlias / %PUBLICWSGI% - WSGIApplicationGroup %{GLOBAL} - WSGIPassAuthorization On - = 2.4> - ErrorLogFormat "%M" - - ErrorLog /var/log/%APACHE_NAME%/nova-ec2-api.log - %SSLENGINE% - %SSLCERTFILE% - %SSLKEYFILE% - - -Alias /ec2 %PUBLICWSGI% - - SetHandler wsgi-script - Options +ExecCGI - WSGIProcessGroup nova-ec2-api - WSGIApplicationGroup %{GLOBAL} - WSGIPassAuthorization On - diff --git a/lib/nova b/lib/nova index 6337f875ef..c75623f7d6 100644 --- a/lib/nova +++ b/lib/nova @@ -242,7 +242,6 @@ function cleanup_nova { function _cleanup_nova_apache_wsgi { sudo rm -f $NOVA_WSGI_DIR/* sudo rm -f $(apache_site_config_for nova-api) - sudo rm -f $(apache_site_config_for nova-ec2-api) sudo rm -f $(apache_site_config_for nova-metadata) } @@ -252,15 +251,12 @@ function _config_nova_apache_wsgi { local nova_apache_conf nova_apache_conf=$(apache_site_config_for nova-api) - local nova_ec2_apache_conf - nova_ec2_apache_conf=$(apache_site_config_for nova-ec2-api) local nova_metadata_apache_conf nova_metadata_apache_conf=$(apache_site_config_for nova-metadata) local nova_ssl="" local nova_certfile="" local nova_keyfile="" local nova_api_port=$NOVA_SERVICE_PORT - local nova_ec2_api_port=$EC2_SERVICE_PORT local nova_metadata_port=$METADATA_SERVICE_PORT local venv_path="" @@ -275,7 +271,6 @@ function _config_nova_apache_wsgi { # copy proxy vhost and wsgi helper files sudo cp $NOVA_DIR/nova/wsgi/nova-api.py $NOVA_WSGI_DIR/nova-api - sudo cp $NOVA_DIR/nova/wsgi/nova-ec2-api.py $NOVA_WSGI_DIR/nova-ec2-api sudo cp $NOVA_DIR/nova/wsgi/nova-metadata.py $NOVA_WSGI_DIR/nova-metadata sudo cp $FILES/apache-nova-api.template $nova_apache_conf @@ -291,19 +286,6 @@ function _config_nova_apache_wsgi { s|%APIWORKERS%|$API_WORKERS|g " -i $nova_apache_conf - sudo cp $FILES/apache-nova-ec2-api.template $nova_ec2_apache_conf - sudo sed -e " - s|%PUBLICPORT%|$nova_ec2_api_port|g; - s|%APACHE_NAME%|$APACHE_NAME|g; - s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-ec2-api|g; - s|%SSLENGINE%|$nova_ssl|g; - s|%SSLCERTFILE%|$nova_certfile|g; - s|%SSLKEYFILE%|$nova_keyfile|g; - s|%USER%|$STACK_USER|g; - s|%VIRTUALENV%|$venv_path|g - s|%APIWORKERS%|$API_WORKERS|g - " -i $nova_ec2_apache_conf - sudo cp $FILES/apache-nova-metadata.template $nova_metadata_apache_conf sudo sed -e " s|%PUBLICPORT%|$nova_metadata_port|g; @@ -461,22 +443,6 @@ function create_nova_accounts { # swift through the s3 api. get_or_add_user_project_role ResellerAdmin nova $SERVICE_TENANT_NAME fi - - # EC2 - if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then - local nova_ec2_api_url - if [[ "$NOVA_USE_MOD_WSGI" == "False" ]]; then - nova_ec2_api_url="$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:$EC2_SERVICE_PORT/" - else - nova_ec2_api_url="$EC2_SERVICE_PROTOCOL://$SERVICE_HOST/ec2" - fi - get_or_create_service "ec2" "ec2" "EC2 Compatibility Layer" - get_or_create_endpoint "ec2" \ - "$REGION_NAME" \ - "$nova_ec2_api_url" \ - "$nova_ec2_api_url" \ - "$nova_ec2_api_url" - fi fi # S3 @@ -522,7 +488,6 @@ function create_nova_conf { iniset $NOVA_CONF api_database connection `database_connection_url nova_api` iniset $NOVA_CONF DEFAULT instance_name_template "${INSTANCE_NAME_PREFIX}%08x" iniset $NOVA_CONF DEFAULT osapi_compute_listen "$NOVA_SERVICE_LISTEN_ADDRESS" - iniset $NOVA_CONF DEFAULT ec2_listen "$NOVA_SERVICE_LISTEN_ADDRESS" iniset $NOVA_CONF DEFAULT metadata_listen "$NOVA_SERVICE_LISTEN_ADDRESS" iniset $NOVA_CONF DEFAULT s3_listen "$NOVA_SERVICE_LISTEN_ADDRESS" @@ -629,12 +594,10 @@ function create_nova_conf { fi iniset $NOVA_CONF DEFAULT ec2_dmz_host "$EC2_DMZ_HOST" - iniset $NOVA_CONF DEFAULT keystone_ec2_url $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens iniset_rpc_backend nova $NOVA_CONF iniset $NOVA_CONF glance api_servers "${GLANCE_SERVICE_PROTOCOL}://${GLANCE_HOSTPORT}" iniset $NOVA_CONF DEFAULT osapi_compute_workers "$API_WORKERS" - iniset $NOVA_CONF DEFAULT ec2_workers "$API_WORKERS" iniset $NOVA_CONF DEFAULT metadata_workers "$API_WORKERS" # don't let the conductor get out of control now that we're using a pure python db driver iniset $NOVA_CONF conductor workers "$API_WORKERS" @@ -660,10 +623,6 @@ function create_nova_conf { iniset $NOVA_CONF DEFAULT enabled_ssl_apis "$NOVA_ENABLED_APIS" fi - if is_service_enabled tls-proxy; then - iniset $NOVA_CONF DEFAULT ec2_listen_port $EC2_SERVICE_PORT_INT - fi - if is_service_enabled n-sproxy; then iniset $NOVA_CONF serial_console serialproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS" iniset $NOVA_CONF serial_console enabled True @@ -817,11 +776,9 @@ function start_nova_api { enabled_site_file=$(apache_site_config_for nova-api) if [ -f ${enabled_site_file} ] && [ "$NOVA_USE_MOD_WSGI" == "True" ]; then enable_apache_site nova-api - enable_apache_site nova-ec2-api enable_apache_site nova-metadata restart_apache_server tail_log nova-api /var/log/$APACHE_NAME/nova-api.log - tail_log nova-ec2-api /var/log/$APACHE_NAME/nova-ec2-api.log tail_log nova-metadata /var/log/$APACHE_NAME/nova-metadata.log else run_process n-api "$NOVA_BIN_DIR/nova-api" @@ -937,7 +894,6 @@ function stop_nova_compute { function stop_nova_rest { if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then disable_apache_site nova-api - disable_apache_site nova-ec2-api disable_apache_site nova-metadata restart_apache_server else From c148b13c60525be637d23a1330cf56376f11432f Mon Sep 17 00:00:00 2001 From: Matthew Treinish Date: Thu, 22 Oct 2015 10:05:00 -0400 Subject: [PATCH 0013/2409] Ensure we disable tenant isolation without admin This commit fixes an issue with the tempest configuration when TEMPEST_HAS_ADMIN is disabled. Without admin credentials tempest is unable to create credentials at all so enabling tenant isolation is not going to work. Previously devstack wasn't setting it one way or the other when TEMPEST_HAS_ADMIN was set, which results in the default of being enabled. So jobs that try to run tempest without admin were failing. Change-Id: Iff496cb5cbf29f17c130cfad746b48d8547ca965 --- lib/tempest | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/tempest b/lib/tempest index 10dd652750..bd76be570d 100644 --- a/lib/tempest +++ b/lib/tempest @@ -564,9 +564,13 @@ function configure_tempest { fi iniset $TEMPEST_CONFIG auth allow_tenant_isolation False iniset $TEMPEST_CONFIG auth test_accounts_file "etc/accounts.yaml" + elif [[ $TEMPEST_HAS_ADMIN == "False" ]]; then + iniset $TEMPEST_CONFIG auth allow_tenant_isolation ${TEMPEST_ALLOW_TENANT_ISOLATION:-False} + else iniset $TEMPEST_CONFIG auth allow_tenant_isolation ${TEMPEST_ALLOW_TENANT_ISOLATION:-True} fi + # Restore IFS IFS=$ifs } From 22f747b8df023dd74808df097f5fa5a92168f620 Mon Sep 17 00:00:00 2001 From: Falk Reimann Date: Fri, 28 Aug 2015 12:40:19 +0200 Subject: [PATCH 0014/2409] Use swift port variable in keystone and cinder This patch alows specifiying a deviation of the swift default port 8080 with variable SWIFT_DEFAULT_BIND_PORT. The created endpoints in keystone for object-store and the backup_swift_url in cinder.conf will use variable SWIFT_DEFAULT_BIND_PORT instead of the fixed port 8080. Change-Id: I47bbcf77368c430718fb8f29b7de1ff305e64422 Closes-Bug: #1489767 --- lib/cinder | 2 +- lib/keystone | 6 +++--- lib/swift | 17 +++++++++-------- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/lib/cinder b/lib/cinder index e5ed2db1a3..2ed02e8b33 100644 --- a/lib/cinder +++ b/lib/cinder @@ -256,7 +256,7 @@ function configure_cinder { fi if is_service_enabled swift; then - iniset $CINDER_CONF DEFAULT backup_swift_url "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/AUTH_" + iniset $CINDER_CONF DEFAULT backup_swift_url "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_" fi if is_service_enabled ceilometer; then diff --git a/lib/keystone b/lib/keystone index e2448c9068..31d5448499 100644 --- a/lib/keystone +++ b/lib/keystone @@ -266,9 +266,9 @@ function configure_keystone { # Add swift endpoints to service catalog if swift is enabled if is_service_enabled s-proxy; then - echo "catalog.RegionOne.object_store.publicURL = http://%SERVICE_HOST%:8080/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG - echo "catalog.RegionOne.object_store.adminURL = http://%SERVICE_HOST%:8080/" >> $KEYSTONE_CATALOG - echo "catalog.RegionOne.object_store.internalURL = http://%SERVICE_HOST%:8080/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG + echo "catalog.RegionOne.object_store.publicURL = http://%SERVICE_HOST%:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG + echo "catalog.RegionOne.object_store.adminURL = http://%SERVICE_HOST%:$SWIFT_DEFAULT_BIND_PORT/" >> $KEYSTONE_CATALOG + echo "catalog.RegionOne.object_store.internalURL = http://%SERVICE_HOST%:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG echo "catalog.RegionOne.object_store.name = Swift Service" >> $KEYSTONE_CATALOG fi diff --git a/lib/swift b/lib/swift index fc736a60bc..4c2b292bd7 100644 --- a/lib/swift +++ b/lib/swift @@ -44,6 +44,7 @@ SWIFT_APACHE_WSGI_DIR=${SWIFT_APACHE_WSGI_DIR:-/var/www/swift} SWIFT3_DIR=$DEST/swift3 SWIFT_SERVICE_PROTOCOL=${SWIFT_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} +SWIFT_DEFAULT_BIND_PORT=${SWIFT_DEFAULT_BIND_PORT:-8080} SWIFT_DEFAULT_BIND_PORT_INT=${SWIFT_DEFAULT_BIND_PORT_INT:-8081} SWIFT_SERVICE_LOCAL_HOST=${SWIFT_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST} SWIFT_SERVICE_LISTEN_ADDRESS=${SWIFT_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} @@ -62,7 +63,7 @@ SWIFT_CONF_DIR=${SWIFT_CONF_DIR:-/etc/swift} if is_service_enabled s-proxy && is_service_enabled swift3; then # If we are using ``swift3``, we can default the S3 port to swift instead # of nova-objectstore - S3_SERVICE_PORT=${S3_SERVICE_PORT:-8080} + S3_SERVICE_PORT=${S3_SERVICE_PORT:-$SWIFT_DEFAULT_BIND_PORT} fi if is_service_enabled g-api; then @@ -187,7 +188,7 @@ function _cleanup_swift_apache_wsgi { # _config_swift_apache_wsgi() - Set WSGI config files of Swift function _config_swift_apache_wsgi { sudo mkdir -p ${SWIFT_APACHE_WSGI_DIR} - local proxy_port=${SWIFT_DEFAULT_BIND_PORT:-8080} + local proxy_port=${SWIFT_DEFAULT_BIND_PORT} # copy proxy vhost and wsgi file sudo cp ${SWIFT_DIR}/examples/apache2/proxy-server.template $(apache_site_config_for proxy-server) @@ -348,7 +349,7 @@ function configure_swift { local csyncfile=${SWIFT_CONF_DIR}/container-sync-realms.conf cp ${SWIFT_DIR}/etc/container-sync-realms.conf-sample ${csyncfile} iniset ${csyncfile} realm1 key realm1key - iniset ${csyncfile} realm1 cluster_name1 "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/" + iniset ${csyncfile} realm1 cluster_name1 "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/" iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user ${STACK_USER} @@ -369,7 +370,7 @@ function configure_swift { if is_service_enabled tls-proxy; then iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT_INT} else - iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT:-8080} + iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT} fi if is_ssl_enabled_service s-proxy; then @@ -621,9 +622,9 @@ function create_swift_accounts { get_or_create_service "swift" "object-store" "Swift Service" get_or_create_endpoint "object-store" \ "$REGION_NAME" \ - "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \ - "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080" \ - "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" + "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" \ + "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT" \ + "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" fi local swift_tenant_test1=$(get_or_create_project swifttenanttest1 default) @@ -764,7 +765,7 @@ function start_swift { swift-init --run-dir=${SWIFT_DATA_DIR}/run ${type} stop || true done if is_service_enabled tls-proxy; then - local proxy_port=${SWIFT_DEFAULT_BIND_PORT:-8080} + local proxy_port=${SWIFT_DEFAULT_BIND_PORT} start_tls_proxy '*' $proxy_port $SERVICE_HOST $SWIFT_DEFAULT_BIND_PORT_INT & fi run_process s-proxy "$SWIFT_DIR/bin/swift-proxy-server ${SWIFT_CONF_DIR}/proxy-server.conf -v" From 7792bc39d4f9f7ec7fd1b81ddbb30c30988f03e6 Mon Sep 17 00:00:00 2001 From: Tony Breeds Date: Fri, 23 Oct 2015 13:57:14 +1100 Subject: [PATCH 0015/2409] Add new oslo.privsep library to oslo repos A new project olos.privsep has been created but failes sdvm testing as even though the library is added ro PROJECTS and LIBS_FROM_GIT it isn't installed by devstack. Add oslo.privsep to the install_oslo function Change-Id: Ia4d56747d56dcfe50889ebbdf9d553df13e1b950 --- lib/oslo | 2 ++ stackrc | 4 ++++ tests/test_libs_from_pypi.sh | 2 +- 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/oslo b/lib/oslo index f64f327ccd..56615faaa3 100644 --- a/lib/oslo +++ b/lib/oslo @@ -36,6 +36,7 @@ GITDIR["oslo.log"]=$DEST/oslo.log GITDIR["oslo.messaging"]=$DEST/oslo.messaging GITDIR["oslo.middleware"]=$DEST/oslo.middleware GITDIR["oslo.policy"]=$DEST/oslo.policy +GITDIR["oslo.privsep"]=$DEST/oslo.privsep GITDIR["oslo.reports"]=$DEST/oslo.reports GITDIR["oslo.rootwrap"]=$DEST/oslo.rootwrap GITDIR["oslo.serialization"]=$DEST/oslo.serialization @@ -79,6 +80,7 @@ function install_oslo { _do_install_oslo_lib "oslo.messaging" _do_install_oslo_lib "oslo.middleware" _do_install_oslo_lib "oslo.policy" + _do_install_oslo_lib "oslo.privsep" _do_install_oslo_lib "oslo.reports" _do_install_oslo_lib "oslo.rootwrap" _do_install_oslo_lib "oslo.serialization" diff --git a/stackrc b/stackrc index 4026ff8feb..819aa0125c 100644 --- a/stackrc +++ b/stackrc @@ -371,6 +371,10 @@ GITBRANCH["oslo.middleware"]=${OSLOMID_BRANCH:-master} GITREPO["oslo.policy"]=${OSLOPOLICY_REPO:-${GIT_BASE}/openstack/oslo.policy.git} GITBRANCH["oslo.policy"]=${OSLOPOLICY_BRANCH:-master} +# oslo.privsep +GITREPO["oslo.privsep"]=${OSLOPRIVSEP_REPO:-${GIT_BASE}/openstack/oslo.privsep.git} +GITBRANCH["oslo.privsep"]=${OSLOPRIVSEP_BRANCH:-master} + # oslo.reports GITREPO["oslo.reports"]=${OSLOREPORTS_REPO:-${GIT_BASE}/openstack/oslo.reports.git} GITBRANCH["oslo.reports"]=${OSLOREPORTS_BRANCH:-master} diff --git a/tests/test_libs_from_pypi.sh b/tests/test_libs_from_pypi.sh index 8e8c0227a9..f31560a1fe 100755 --- a/tests/test_libs_from_pypi.sh +++ b/tests/test_libs_from_pypi.sh @@ -41,7 +41,7 @@ ALL_LIBS+=" oslo.utils python-swiftclient" ALL_LIBS+=" python-neutronclient tooz ceilometermiddleware oslo.policy" ALL_LIBS+=" debtcollector os-brick automaton futurist oslo.service" ALL_LIBS+=" oslo.cache oslo.reports" -ALL_LIBS+=" keystoneauth ironic-lib" +ALL_LIBS+=" keystoneauth ironic-lib oslo.privsep" # Generate the above list with # echo ${!GITREPO[@]} From b814b536c54f4ed840cf3eb436c4841d2ed575c4 Mon Sep 17 00:00:00 2001 From: Cedric Brandily Date: Thu, 22 Oct 2015 22:25:45 +0200 Subject: [PATCH 0016/2409] Prepare neutron "use_namespaces" option removal The neutron use_namespaces option is deprecated since Kilo, it's time remove it from neutron and devstack. Related-bug: #1508188 Change-Id: I4feb2a15c7e1e4bfdbed2531b18b8e7d798ab3cc --- lib/ironic | 9 ++------- lib/neutron-legacy | 15 ++++----------- lib/tempest | 19 +++---------------- 3 files changed, 9 insertions(+), 34 deletions(-) diff --git a/lib/ironic b/lib/ironic index 74e2f931ff..de07b49667 100644 --- a/lib/ironic +++ b/lib/ironic @@ -516,13 +516,8 @@ function create_ovs_taps { # intentional sleep to make sure the tag has been set to port sleep 10 - if [[ "$Q_USE_NAMESPACE" = "True" ]]; then - local tapdev - tapdev=$(sudo ip netns exec qdhcp-${ironic_net_id} ip link list | grep " tap" | cut -d':' -f2 | cut -d'@' -f1 | cut -b2-) - else - local tapdev - tapdev=$(sudo ip link list | grep " tap" | cut -d':' -f2 | cut -d'@' -f1 | cut -b2-) - fi + local tapdev + tapdev=$(sudo ip netns exec qdhcp-${ironic_net_id} ip link list | grep " tap" | cut -d':' -f2 | cut -d'@' -f1 | cut -b2-) local tag_id tag_id=$(sudo ovs-vsctl show |grep ${tapdev} -A1 -m1 | grep tag | cut -d':' -f2 | cut -b2-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 4e51425ffc..3c3c96b7bd 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -144,8 +144,6 @@ Q_LISTEN_ADDRESS=${Q_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-neutron} # Default auth strategy Q_AUTH_STRATEGY=${Q_AUTH_STRATEGY:-keystone} -# Use namespace or not -Q_USE_NAMESPACE=${Q_USE_NAMESPACE:-True} # RHEL's support for namespaces requires using veths with ovs Q_OVS_USE_VETH=${Q_OVS_USE_VETH:-False} Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True} @@ -208,7 +206,7 @@ Q_PUBLIC_VETH_INT=${Q_PUBLIC_VETH_INT:-veth-pub-int} # The plugin supports L3. Q_L3_ENABLED=${Q_L3_ENABLED:-False} # L3 routers exist per tenant -Q_L3_ROUTER_PER_TENANT=${Q_L3_ROUTER_PER_TENANT:-False} +Q_L3_ROUTER_PER_TENANT=${Q_L3_ROUTER_PER_TENANT:-True} # List of config file names in addition to the main plugin config file # See _configure_neutron_common() for details about setting it up @@ -968,7 +966,6 @@ function _configure_neutron_debug_command { iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT verbose False iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT debug False - iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE iniset $NEUTRON_TEST_CONFIG_FILE AGENT root_helper "$Q_RR_COMMAND" if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then iniset $NEUTRON_TEST_CONFIG_FILE AGENT root_helper_daemon "$Q_RR_DAEMON_COMMAND" @@ -985,7 +982,6 @@ function _configure_neutron_dhcp_agent { iniset $Q_DHCP_CONF_FILE DEFAULT verbose True iniset $Q_DHCP_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL - iniset $Q_DHCP_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE iniset $Q_DHCP_CONF_FILE AGENT root_helper "$Q_RR_COMMAND" if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then iniset $Q_DHCP_CONF_FILE AGENT root_helper_daemon "$Q_RR_DAEMON_COMMAND" @@ -1009,8 +1005,6 @@ function _configure_neutron_dhcp_agent { function _configure_neutron_l3_agent { Q_L3_ENABLED=True - # for l3-agent, only use per tenant router if we have namespaces - Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE if is_service_enabled q-vpn; then neutron_vpn_configure_agent @@ -1020,7 +1014,6 @@ function _configure_neutron_l3_agent { iniset $Q_L3_CONF_FILE DEFAULT verbose True iniset $Q_L3_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL - iniset $Q_L3_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE iniset $Q_L3_CONF_FILE AGENT root_helper "$Q_RR_COMMAND" if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then iniset $Q_L3_CONF_FILE AGENT root_helper_daemon "$Q_RR_DAEMON_COMMAND" @@ -1309,7 +1302,7 @@ function _neutron_configure_router_v4 { if is_service_enabled q-l3; then # Configure and enable public bridge local ext_gw_interface="none" - if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then + if is_neutron_ovs_base_plugin; then ext_gw_interface=$(_neutron_get_ext_gw_interface) elif [[ "$Q_AGENT" = "linuxbridge" ]]; then # Search for the brq device the neutron router and network for $FIXED_RANGE @@ -1359,7 +1352,7 @@ function _neutron_configure_router_v6 { IPV6_ROUTER_GW_IP=`neutron port-list -c fixed_ips | grep $ipv6_pub_subnet_id | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $8; }'` die_if_not_set $LINENO IPV6_ROUTER_GW_IP "Failure retrieving IPV6_ROUTER_GW_IP" - if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then + if is_neutron_ovs_base_plugin; then local ext_gw_interface ext_gw_interface=$(_neutron_get_ext_gw_interface) local ipv6_cidr_len=${IPV6_PUBLIC_RANGE#*/} @@ -1374,7 +1367,7 @@ function _neutron_configure_router_v6 { # Explicitly set router id in l3 agent configuration function _neutron_set_router_id { - if [[ "$Q_USE_NAMESPACE" == "False" ]]; then + if [[ "$Q_L3_ROUTER_PER_TENANT" == "False" ]]; then iniset $Q_L3_CONF_FILE DEFAULT router_id $ROUTER_ID fi } diff --git a/lib/tempest b/lib/tempest index 10dd652750..1d10da4c86 100644 --- a/lib/tempest +++ b/lib/tempest @@ -15,7 +15,6 @@ # - ``SERVICE_HOST`` # - ``BASE_SQL_CONN`` ``lib/database`` declares # - ``PUBLIC_NETWORK_NAME`` -# - ``Q_USE_NAMESPACE`` # - ``Q_ROUTER_NAME`` # - ``Q_L3_ENABLED`` # - ``VIRT_DRIVER`` @@ -132,7 +131,6 @@ function configure_tempest { local flavor_lines local public_network_id local public_router_id - local tenant_networks_reachable local boto_instance_type="m1.tiny" local ssh_connect_method="fixed" @@ -246,13 +244,8 @@ function configure_tempest { fi fi - if [ "$Q_USE_NAMESPACE" != "False" ]; then - tenant_networks_reachable=false - if ! is_service_enabled n-net; then - ssh_connect_method="floating" - fi - else - tenant_networks_reachable=true + if ! is_service_enabled n-net; then + ssh_connect_method="floating" fi ssh_connect_method=${TEMPEST_SSH_CONNECT_METHOD:-$ssh_connect_method} @@ -260,12 +253,6 @@ function configure_tempest { if [ "$Q_L3_ENABLED" = "True" ]; then public_network_id=$(neutron net-list | grep $PUBLIC_NETWORK_NAME | \ awk '{print $2}') - if [ "$Q_USE_NAMESPACE" == "False" ]; then - # If namespaces are disabled, DevStack will create a single - # public router that tempest should be configured to use. - public_router_id=$(neutron router-list | awk "/ $Q_ROUTER_NAME / \ - { print \$2 }") - fi fi EC2_URL=$(get_endpoint_url ec2 public || true) @@ -394,7 +381,7 @@ function configure_tempest { # Network iniset $TEMPEST_CONFIG network api_version 2.0 - iniset $TEMPEST_CONFIG network tenant_networks_reachable "$tenant_networks_reachable" + iniset $TEMPEST_CONFIG network tenant_networks_reachable false iniset $TEMPEST_CONFIG network public_network_id "$public_network_id" iniset $TEMPEST_CONFIG network public_router_id "$public_router_id" iniset $TEMPEST_CONFIG network default_network "$FIXED_RANGE" From 4abb31d9d86bee139a0bc3e9f7dfc5041e8b875f Mon Sep 17 00:00:00 2001 From: Marian Horban Date: Mon, 26 Oct 2015 12:35:45 -0400 Subject: [PATCH 0017/2409] Format of nova-api log files was corrected When nova-api and nova-ec2-api services are started by Apache (it can be done with devstack config option NOVA_USE_MOD_WSGI=True) log files contained duplication of timestamp value. Change-Id: I5439ea8f89ca3073600456f67220e9d3f5257d97 Closes-Bug: #1510517 --- files/apache-nova-api.template | 2 +- files/apache-nova-ec2-api.template | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/files/apache-nova-api.template b/files/apache-nova-api.template index 49081528ff..bcf406edf3 100644 --- a/files/apache-nova-api.template +++ b/files/apache-nova-api.template @@ -7,7 +7,7 @@ Listen %PUBLICPORT% WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On = 2.4> - ErrorLogFormat "%{cu}t %M" + ErrorLogFormat "%M" ErrorLog /var/log/%APACHE_NAME%/nova-api.log %SSLENGINE% diff --git a/files/apache-nova-ec2-api.template b/files/apache-nova-ec2-api.template index 235d958d1a..a9be15b73a 100644 --- a/files/apache-nova-ec2-api.template +++ b/files/apache-nova-ec2-api.template @@ -7,7 +7,7 @@ Listen %PUBLICPORT% WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On = 2.4> - ErrorLogFormat "%{cu}t %M" + ErrorLogFormat "%M" ErrorLog /var/log/%APACHE_NAME%/nova-ec2-api.log %SSLENGINE% From 313ddaee6102fc03a3885bec3bf5e0d1e0214878 Mon Sep 17 00:00:00 2001 From: Lenny Verkhovsky Date: Tue, 20 Oct 2015 11:26:34 +0300 Subject: [PATCH 0018/2409] Remove sudo from mkdir in $STACK_USER folder This fails in the environment where sudo does not have permissions to write in /home/$USER folder, e.g. [1] Also clean-up the comment/variable usage a bit; the location isn't actually variable at all (and that's fine, but we don't need a global here) [1] http://144.76.193.39/ci-artifacts/228979/10/Nova-ML2-Sriov/console.html.gz Change-Id: I6807eae9d1c27219aa7c19de29f24fa851aa787c --- functions-common | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/functions-common b/functions-common index 42555a95f5..6607d0be70 100644 --- a/functions-common +++ b/functions-common @@ -73,21 +73,23 @@ function save_stackenv { # - A `devstack-admin` entry for the `admin` user for the `admin` project. # write_clouds_yaml function write_clouds_yaml { - # The location is a variable to allow for easier refactoring later to make it - # overridable. There is currently no usecase where doing so makes sense, so - # it's not currently configurable. - for clouds_path in /etc/openstack ~/.config/openstack ; do - CLOUDS_YAML=$clouds_path/clouds.yaml + local clouds_yaml + + sudo mkdir -p /etc/openstack + sudo chown -R $STACK_USER /etc/openstack + # XXX: to be removed, see https://review.openstack.org/237149/ + # careful not to sudo this, incase ~ is NFS mounted + mkdir -p ~/.config/openstack - sudo mkdir -p $(dirname $CLOUDS_YAML) - sudo chown -R $STACK_USER $(dirname $CLOUDS_YAML) + for clouds_path in /etc/openstack ~/.config/openstack ; do + clouds_yaml=$clouds_path/clouds.yaml CA_CERT_ARG='' if [ -f "$SSL_BUNDLE_FILE" ]; then CA_CERT_ARG="--os-cacert $SSL_BUNDLE_FILE" fi $TOP_DIR/tools/update_clouds_yaml.py \ - --file $CLOUDS_YAML \ + --file $clouds_yaml \ --os-cloud devstack \ --os-region-name $REGION_NAME \ --os-identity-api-version 3 \ @@ -97,7 +99,7 @@ function write_clouds_yaml { --os-password $ADMIN_PASSWORD \ --os-project-name demo $TOP_DIR/tools/update_clouds_yaml.py \ - --file $CLOUDS_YAML \ + --file $clouds_yaml \ --os-cloud devstack-admin \ --os-region-name $REGION_NAME \ --os-identity-api-version 3 \ From ee9bb76647e1424e0dc84d32df6ab8607dc4ec96 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Mon, 19 Oct 2015 15:16:18 -0400 Subject: [PATCH 0019/2409] Write clouds.yaml to only /etc After having migrated the copies of clouds.yaml to just consume from /etc, remove the duplicate copy. Change-Id: I036704734785958c95d2234917d7b40bd797a375 --- functions-common | 63 +++++++++++++++++++++++------------------------- 1 file changed, 30 insertions(+), 33 deletions(-) diff --git a/functions-common b/functions-common index 6607d0be70..922938f95d 100644 --- a/functions-common +++ b/functions-common @@ -73,42 +73,39 @@ function save_stackenv { # - A `devstack-admin` entry for the `admin` user for the `admin` project. # write_clouds_yaml function write_clouds_yaml { - local clouds_yaml + # The location is a variable to allow for easier refactoring later to make it + # overridable. There is currently no usecase where doing so makes sense, so + # it's not currently configurable. - sudo mkdir -p /etc/openstack - sudo chown -R $STACK_USER /etc/openstack - # XXX: to be removed, see https://review.openstack.org/237149/ - # careful not to sudo this, incase ~ is NFS mounted - mkdir -p ~/.config/openstack + CLOUDS_YAML=/etc/openstack/clouds.yaml - for clouds_path in /etc/openstack ~/.config/openstack ; do - clouds_yaml=$clouds_path/clouds.yaml + sudo mkdir -p $(dirname $CLOUDS_YAML) + sudo chown -R $STACK_USER /etc/openstack - CA_CERT_ARG='' - if [ -f "$SSL_BUNDLE_FILE" ]; then - CA_CERT_ARG="--os-cacert $SSL_BUNDLE_FILE" - fi - $TOP_DIR/tools/update_clouds_yaml.py \ - --file $clouds_yaml \ - --os-cloud devstack \ - --os-region-name $REGION_NAME \ - --os-identity-api-version 3 \ - $CA_CERT_ARG \ - --os-auth-url $KEYSTONE_AUTH_URI \ - --os-username demo \ - --os-password $ADMIN_PASSWORD \ - --os-project-name demo - $TOP_DIR/tools/update_clouds_yaml.py \ - --file $clouds_yaml \ - --os-cloud devstack-admin \ - --os-region-name $REGION_NAME \ - --os-identity-api-version 3 \ - $CA_CERT_ARG \ - --os-auth-url $KEYSTONE_AUTH_URI \ - --os-username admin \ - --os-password $ADMIN_PASSWORD \ - --os-project-name admin - done + CA_CERT_ARG='' + if [ -f "$SSL_BUNDLE_FILE" ]; then + CA_CERT_ARG="--os-cacert $SSL_BUNDLE_FILE" + fi + $TOP_DIR/tools/update_clouds_yaml.py \ + --file $CLOUDS_YAML \ + --os-cloud devstack \ + --os-region-name $REGION_NAME \ + --os-identity-api-version 3 \ + $CA_CERT_ARG \ + --os-auth-url $KEYSTONE_AUTH_URI \ + --os-username demo \ + --os-password $ADMIN_PASSWORD \ + --os-project-name demo + $TOP_DIR/tools/update_clouds_yaml.py \ + --file $CLOUDS_YAML \ + --os-cloud devstack-admin \ + --os-region-name $REGION_NAME \ + --os-identity-api-version 3 \ + $CA_CERT_ARG \ + --os-auth-url $KEYSTONE_AUTH_URI \ + --os-username admin \ + --os-password $ADMIN_PASSWORD \ + --os-project-name admin } # trueorfalse From a692810ef05304856e5fd12ec786f3445ecca576 Mon Sep 17 00:00:00 2001 From: Oleksii Chuprykov Date: Thu, 11 Jun 2015 08:56:58 -0400 Subject: [PATCH 0020/2409] Add toggle to run Heat API services via Apache2 Add templates for running Heat API services via apache mod_wsgi. Also add appropriate functions to lib/heat for configuring Heat. Change-Id: I1bdd678c44ddfa616a9db7db85ff6f490ff08947 --- doc/source/configuration.rst | 6 ++ files/apache-heat-api-cfn.template | 27 ++++++ files/apache-heat-api-cloudwatch.template | 27 ++++++ files/apache-heat-api.template | 27 ++++++ lib/heat | 109 ++++++++++++++++++++-- 5 files changed, 188 insertions(+), 8 deletions(-) create mode 100644 files/apache-heat-api-cfn.template create mode 100644 files/apache-heat-api-cloudwatch.template create mode 100644 files/apache-heat-api.template diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index aae4f33562..d70d3dae17 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -297,6 +297,12 @@ Example (Swift): SWIFT_USE_MOD_WSGI="True" +Example (Heat): + +:: + + HEAT_USE_MOD_WSGI="True" + Example (Cinder): diff --git a/files/apache-heat-api-cfn.template b/files/apache-heat-api-cfn.template new file mode 100644 index 0000000000..ab33c66f7e --- /dev/null +++ b/files/apache-heat-api-cfn.template @@ -0,0 +1,27 @@ +Listen %PUBLICPORT% + + + WSGIDaemonProcess heat-api-cfn processes=2 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% + WSGIProcessGroup heat-api-cfn + WSGIScriptAlias / %HEAT_BIN_DIR%/heat-wsgi-api-cfn + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + AllowEncodedSlashes On + = 2.4> + ErrorLogFormat "%{cu}t %M" + + ErrorLog /var/log/%APACHE_NAME%/heat-api-cfn.log + %SSLENGINE% + %SSLCERTFILE% + %SSLKEYFILE% + + + = 2.4> + Require all granted + + + Order allow,deny + Allow from all + + + diff --git a/files/apache-heat-api-cloudwatch.template b/files/apache-heat-api-cloudwatch.template new file mode 100644 index 0000000000..06c91bbdb1 --- /dev/null +++ b/files/apache-heat-api-cloudwatch.template @@ -0,0 +1,27 @@ +Listen %PUBLICPORT% + + + WSGIDaemonProcess heat-api-cloudwatch processes=2 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% + WSGIProcessGroup heat-api-cloudwatch + WSGIScriptAlias / %HEAT_BIN_DIR%/heat-wsgi-api-cloudwatch + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + AllowEncodedSlashes On + = 2.4> + ErrorLogFormat "%{cu}t %M" + + ErrorLog /var/log/%APACHE_NAME%/heat-api-cloudwatch.log + %SSLENGINE% + %SSLCERTFILE% + %SSLKEYFILE% + + + = 2.4> + Require all granted + + + Order allow,deny + Allow from all + + + diff --git a/files/apache-heat-api.template b/files/apache-heat-api.template new file mode 100644 index 0000000000..4924b3978b --- /dev/null +++ b/files/apache-heat-api.template @@ -0,0 +1,27 @@ +Listen %PUBLICPORT% + + + WSGIDaemonProcess heat-api processes=3 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% + WSGIProcessGroup heat-api + WSGIScriptAlias / %HEAT_BIN_DIR%/heat-wsgi-api + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + AllowEncodedSlashes On + = 2.4> + ErrorLogFormat "%{cu}t %M" + + ErrorLog /var/log/%APACHE_NAME%/heat-api.log + %SSLENGINE% + %SSLCERTFILE% + %SSLKEYFILE% + + + = 2.4> + Require all granted + + + Order allow,deny + Allow from all + + + diff --git a/lib/heat b/lib/heat index 615198cc7d..85fdaa1eb2 100644 --- a/lib/heat +++ b/lib/heat @@ -16,6 +16,7 @@ # - install_heat # - configure_heatclient # - configure_heat +# - _config_heat_apache_wsgi # - init_heat # - start_heat # - stop_heat @@ -32,6 +33,9 @@ set +o xtrace # set up default directories GITDIR["python-heatclient"]=$DEST/python-heatclient +# Toggle for deploying Heat-API under HTTPD + mod_wsgi +HEAT_USE_MOD_WSGI=${HEAT_USE_MOD_WSGI:-False} + HEAT_DIR=$DEST/heat HEAT_CFNTOOLS_DIR=$DEST/heat-cfntools HEAT_TEMPLATES_REPO_DIR=$DEST/heat-templates @@ -117,13 +121,17 @@ function configure_heat { # logging iniset $HEAT_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL iniset $HEAT_CONF DEFAULT use_syslog $SYSLOG - if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then + if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ] && [ "$HEAT_USE_MOD_WSGI" == "False" ] ; then # Add color to logging output setup_colorized_logging $HEAT_CONF DEFAULT tenant user fi iniset $HEAT_CONF DEFAULT deferred_auth_method $HEAT_DEFERRED_AUTH + if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then + _config_heat_apache_wsgi + fi + # NOTE(jamielennox): heat re-uses specific values from the # keystone_authtoken middleware group and so currently fails when using the # auth plugin setup. This should be fixed in heat. Heat is also the only @@ -211,6 +219,9 @@ function install_heatclient { function install_heat { git_clone $HEAT_REPO $HEAT_DIR $HEAT_BRANCH setup_develop $HEAT_DIR + if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then + install_apache_wsgi + fi } # install_heat_other() - Collect source and prepare @@ -226,20 +237,102 @@ function install_heat_other { # start_heat() - Start running processes, including screen function start_heat { run_process h-eng "$HEAT_BIN_DIR/heat-engine --config-file=$HEAT_CONF" - run_process h-api "$HEAT_BIN_DIR/heat-api --config-file=$HEAT_CONF" - run_process h-api-cfn "$HEAT_BIN_DIR/heat-api-cfn --config-file=$HEAT_CONF" - run_process h-api-cw "$HEAT_BIN_DIR/heat-api-cloudwatch --config-file=$HEAT_CONF" + + # If the site is not enabled then we are in a grenade scenario + local enabled_site_file=$(apache_site_config_for heat-api) + if [ -f ${enabled_site_file} ] && [ "$HEAT_USE_MOD_WSGI" == "True" ]; then + enable_apache_site heat-api + enable_apache_site heat-api-cfn + enable_apache_site heat-api-cloudwatch + restart_apache_server + tail_log heat-api /var/log/$APACHE_NAME/heat-api.log + tail_log heat-api-cfn /var/log/$APACHE_NAME/heat-api-cfn.log + tail_log heat-api-cloudwatch /var/log/$APACHE_NAME/heat-api-cloudwatch.log + else + run_process h-api "$HEAT_BIN_DIR/heat-api --config-file=$HEAT_CONF" + run_process h-api-cfn "$HEAT_BIN_DIR/heat-api-cfn --config-file=$HEAT_CONF" + run_process h-api-cw "$HEAT_BIN_DIR/heat-api-cloudwatch --config-file=$HEAT_CONF" + fi } # stop_heat() - Stop running processes function stop_heat { # Kill the screen windows - local serv - for serv in h-eng h-api h-api-cfn h-api-cw; do - stop_process $serv - done + stop_process h-eng + + if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then + disable_apache_site heat-api + disable_apache_site heat-api-cfn + disable_apache_site heat-api-cloudwatch + restart_apache_server + else + local serv + for serv in h-api h-api-cfn h-api-cw; do + stop_process $serv + done + fi + } +# _cleanup_heat_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file +function _cleanup_heat_apache_wsgi { + sudo rm -f $(apache_site_config_for heat-api) + sudo rm -f $(apache_site_config_for heat-api-cfn) + sudo rm -f $(apache_site_config_for heat-api-cloudwatch) +} + +# _config_heat_apache_wsgi() - Set WSGI config files of Heat +function _config_heat_apache_wsgi { + + local heat_apache_conf=$(apache_site_config_for heat-api) + local heat_cfn_apache_conf=$(apache_site_config_for heat-api-cfn) + local heat_cloudwatch_apache_conf=$(apache_site_config_for heat-api-cloudwatch) + local heat_ssl="" + local heat_certfile="" + local heat_keyfile="" + local heat_api_port=$HEAT_API_PORT + local heat_cfn_api_port=$HEAT_API_CFN_PORT + local heat_cw_api_port=$HEAT_API_CW_PORT + local venv_path="" + + sudo cp $FILES/apache-heat-api.template $heat_apache_conf + sudo sed -e " + s|%PUBLICPORT%|$heat_api_port|g; + s|%APACHE_NAME%|$APACHE_NAME|g; + s|%HEAT_BIN_DIR%|$HEAT_BIN_DIR|g; + s|%SSLENGINE%|$heat_ssl|g; + s|%SSLCERTFILE%|$heat_certfile|g; + s|%SSLKEYFILE%|$heat_keyfile|g; + s|%USER%|$STACK_USER|g; + s|%VIRTUALENV%|$venv_path|g + " -i $heat_apache_conf + + sudo cp $FILES/apache-heat-api-cfn.template $heat_cfn_apache_conf + sudo sed -e " + s|%PUBLICPORT%|$heat_cfn_api_port|g; + s|%APACHE_NAME%|$APACHE_NAME|g; + s|%HEAT_BIN_DIR%|$HEAT_BIN_DIR|g; + s|%SSLENGINE%|$heat_ssl|g; + s|%SSLCERTFILE%|$heat_certfile|g; + s|%SSLKEYFILE%|$heat_keyfile|g; + s|%USER%|$STACK_USER|g; + s|%VIRTUALENV%|$venv_path|g + " -i $heat_cfn_apache_conf + + sudo cp $FILES/apache-heat-api-cloudwatch.template $heat_cloudwatch_apache_conf + sudo sed -e " + s|%PUBLICPORT%|$heat_cw_api_port|g; + s|%APACHE_NAME%|$APACHE_NAME|g; + s|%HEAT_BIN_DIR%|$HEAT_BIN_DIR|g; + s|%SSLENGINE%|$heat_ssl|g; + s|%SSLCERTFILE%|$heat_certfile|g; + s|%SSLKEYFILE%|$heat_keyfile|g; + s|%USER%|$STACK_USER|g; + s|%VIRTUALENV%|$venv_path|g + " -i $heat_cloudwatch_apache_conf +} + + # create_heat_accounts() - Set up common required heat accounts function create_heat_accounts { if [[ "$HEAT_STANDALONE" != "True" ]]; then From cf94edcbbdde75de3ce627d7e092936bc014d5f6 Mon Sep 17 00:00:00 2001 From: Matt Riedemann Date: Wed, 28 Oct 2015 09:50:01 -0700 Subject: [PATCH 0021/2409] Disable shelve/snapshot/cinder when running Tempest with libvirt+lxc The libvirt+lxc backend in nova does not support shelve, image snapshot or any volume-related actions (so pretty much anything to do with cinder), so we need to configure tempest to not run tests that hit those operations/service when using libvirt/lxc. This is part of an overall effort to get a CI job running for nova with the libvirt+lxc configuration per: Ic07c39e219121ba6b8b20de2b83a193bb735133d Change-Id: I4decfcc5a5dfbabdecb3eb9fc93f1d1d6c2af805 --- lib/tempest | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/tempest b/lib/tempest index 10dd652750..565e965836 100644 --- a/lib/tempest +++ b/lib/tempest @@ -531,6 +531,8 @@ function configure_tempest { if [ "$VIRT_DRIVER" = "libvirt" ] && [ "$LIBVIRT_TYPE" = "lxc" ]; then iniset $TEMPEST_CONFIG compute-feature-enabled rescue False iniset $TEMPEST_CONFIG compute-feature-enabled resize False + iniset $TEMPEST_CONFIG compute-feature-enabled shelve False + iniset $TEMPEST_CONFIG compute-feature-enabled snapshot False iniset $TEMPEST_CONFIG compute-feature-enabled suspend False fi @@ -548,6 +550,12 @@ function configure_tempest { fi done + if [ "$VIRT_DRIVER" = "libvirt" ] && [ "$LIBVIRT_TYPE" = "lxc" ]; then + # libvirt-lxc does not support boot from volume or attaching volumes + # so basically anything with cinder is out of the question. + iniset $TEMPEST_CONFIG service_available cinder "False" + fi + if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then # Use the ``BOTO_CONFIG`` environment variable to point to this file iniset -sudo $BOTO_CONF Boto ca_certificates_file $SSL_BUNDLE_FILE From 5cdee8dd3311e501302993cd8c81b39cb6b45090 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 19 Oct 2015 14:17:18 +1100 Subject: [PATCH 0022/2409] Update to bashate 0.3.2 Bashate 0.3.2 has a few new checks -- firstly make sure some of the plugins have #!/bin/bash, and fix up a couple of "local" changes that were missed by I9c8912a8fd596535589b207d7fc553b9d951d3fe Change-Id: I9e4b1c0dc9e0f709d8e76f9c9bf1c9478b2605ed --- functions-common | 20 ++++++++++++++------ lib/heat | 12 ++++++++---- lib/neutron_plugins/services/firewall | 2 ++ lib/neutron_plugins/services/loadbalancer | 2 ++ lib/neutron_plugins/services/metering | 2 ++ lib/neutron_plugins/services/vpn | 2 ++ lib/neutron_thirdparty/vmware_nsx | 2 ++ tox.ini | 7 ++++--- 8 files changed, 36 insertions(+), 13 deletions(-) diff --git a/functions-common b/functions-common index 42555a95f5..ceefd443b1 100644 --- a/functions-common +++ b/functions-common @@ -1746,7 +1746,8 @@ function run_phase { # extras.d in an unsupported way which will let us track # unsupported usage in the gate. local exceptions="50-ironic.sh 60-ceph.sh 80-tempest.sh" - local extra=$(basename $extra_plugin_file_name) + local extra + extra=$(basename $extra_plugin_file_name) if [[ ! ( $exceptions =~ "$extra" ) ]]; then deprecated "extras.d support is being removed in Mitaka-1" deprecated "jobs for project $extra will break after that point" @@ -2184,14 +2185,21 @@ function time_start { # global counter for that name. Errors if that clock had not # previously been started. function time_stop { - local name=$1 - local start_time=${START_TIME[$name]} + local name + local end_time + local elpased_time + local total + local start_time + + name=$1 + start_time=${START_TIME[$name]} + if [[ -z "$start_time" ]]; then die $LINENO "Trying to stop the clock on $name, but it was never started" fi - local end_time=$(date +%s) - local elapsed_time=$(($end_time - $start_time)) - local total=${TOTAL_TIME[$name]:-0} + end_time=$(date +%s) + elapsed_time=$(($end_time - $start_time)) + total=${TOTAL_TIME[$name]:-0} # reset the clock so we can start it in the future START_TIME[$name]="" TOTAL_TIME[$name]=$(($total + $elapsed_time)) diff --git a/lib/heat b/lib/heat index 85fdaa1eb2..f3f0548947 100644 --- a/lib/heat +++ b/lib/heat @@ -239,7 +239,8 @@ function start_heat { run_process h-eng "$HEAT_BIN_DIR/heat-engine --config-file=$HEAT_CONF" # If the site is not enabled then we are in a grenade scenario - local enabled_site_file=$(apache_site_config_for heat-api) + local enabled_site_file + enabled_site_file=$(apache_site_config_for heat-api) if [ -f ${enabled_site_file} ] && [ "$HEAT_USE_MOD_WSGI" == "True" ]; then enable_apache_site heat-api enable_apache_site heat-api-cfn @@ -284,9 +285,12 @@ function _cleanup_heat_apache_wsgi { # _config_heat_apache_wsgi() - Set WSGI config files of Heat function _config_heat_apache_wsgi { - local heat_apache_conf=$(apache_site_config_for heat-api) - local heat_cfn_apache_conf=$(apache_site_config_for heat-api-cfn) - local heat_cloudwatch_apache_conf=$(apache_site_config_for heat-api-cloudwatch) + local heat_apache_conf + heat_apache_conf=$(apache_site_config_for heat-api) + local heat_cfn_apache_conf + heat_cfn_apache_conf=$(apache_site_config_for heat-api-cfn) + local heat_cloudwatch_apache_conf + heat_cloudwatch_apache_conf=$(apache_site_config_for heat-api-cloudwatch) local heat_ssl="" local heat_certfile="" local heat_keyfile="" diff --git a/lib/neutron_plugins/services/firewall b/lib/neutron_plugins/services/firewall index 61a148e596..3496da82f8 100644 --- a/lib/neutron_plugins/services/firewall +++ b/lib/neutron_plugins/services/firewall @@ -1,3 +1,5 @@ +#!/bin/bash + # Neutron firewall plugin # --------------------------- diff --git a/lib/neutron_plugins/services/loadbalancer b/lib/neutron_plugins/services/loadbalancer index 34190f9a56..7865f6fd6e 100644 --- a/lib/neutron_plugins/services/loadbalancer +++ b/lib/neutron_plugins/services/loadbalancer @@ -1,3 +1,5 @@ +#!/bin/bash + # Neutron loadbalancer plugin # --------------------------- diff --git a/lib/neutron_plugins/services/metering b/lib/neutron_plugins/services/metering index 37ba019b98..c75ab19d4e 100644 --- a/lib/neutron_plugins/services/metering +++ b/lib/neutron_plugins/services/metering @@ -1,3 +1,5 @@ +#!/bin/bash + # Neutron metering plugin # --------------------------- diff --git a/lib/neutron_plugins/services/vpn b/lib/neutron_plugins/services/vpn index 4d6a2bf9a0..c0e7457413 100644 --- a/lib/neutron_plugins/services/vpn +++ b/lib/neutron_plugins/services/vpn @@ -1,3 +1,5 @@ +#!/bin/bash + # Neutron VPN plugin # --------------------------- diff --git a/lib/neutron_thirdparty/vmware_nsx b/lib/neutron_thirdparty/vmware_nsx index 03853a9bf4..e182fca1ae 100644 --- a/lib/neutron_thirdparty/vmware_nsx +++ b/lib/neutron_thirdparty/vmware_nsx @@ -1,2 +1,4 @@ +#!/bin/bash + # REVISIT(roeyc): this file left empty so that 'enable_service vmware_nsx' # continues to work. diff --git a/tox.ini b/tox.ini index 0df9877ba8..9279455bb8 100644 --- a/tox.ini +++ b/tox.ini @@ -9,7 +9,7 @@ install_command = pip install {opts} {packages} [testenv:bashate] deps = - {env:BASHATE_INSTALL_PATH:bashate==0.3.1} + {env:BASHATE_INSTALL_PATH:bashate==0.3.2} whitelist_externals = bash commands = bash -c "find {toxinidir} \ -not \( -type d -name .?\* -prune \) \ # prune all 'dot' dirs @@ -20,12 +20,13 @@ commands = bash -c "find {toxinidir} \ -not -name \*.md \ \( \ -name \*.sh -or \ - -name \*rc -or \ + -name \*.orig -or \ + -name \*rc -or \ # openrc files, etc -name functions\* -or \ -wholename \*/inc/\* -or \ # /inc files and -wholename \*/lib/\* \ # /lib files are shell, but \) \ # have no extension - -print0 | xargs -0 bashate -v -iE006" + -print0 | xargs -0 bashate -v -iE006 -eE005,E042" [testenv:docs] deps = From 347dbac04e8988a01e3330e34b57f1e5b3c6aa2a Mon Sep 17 00:00:00 2001 From: Nicolas Simonds Date: Wed, 21 Jan 2015 13:40:42 -0800 Subject: [PATCH 0023/2409] Add the ability to install/enable Heat plugins Adds the $ENABLE_HEAT_PLUGINS variable, which should be a list of the names of the plugins the user wishes to install. Change-Id: I2ba90002a8fad1cdce6543c89dc37c5912fe133e --- lib/heat | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/lib/heat b/lib/heat index f3f0548947..e42bdf0b9e 100644 --- a/lib/heat +++ b/lib/heat @@ -69,6 +69,8 @@ else HEAT_STACK_DOMAIN=$(trueorfalse True HEAT_STACK_DOMAIN) HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts} fi +HEAT_PLUGIN_DIR=${HEAT_PLUGIN_DIR:-$DATA_DIR/heat/plugins} +ENABLE_HEAT_PLUGINS=${ENABLE_HEAT_PLUGINS:-} # Functions # --------- @@ -188,6 +190,35 @@ function configure_heat { # copy the default templates cp $HEAT_DIR/etc/heat/templates/* $HEAT_TEMPLATES_DIR/ + # Enable heat plugins. + # NOTE(nic): The symlink nonsense is necessary because when + # plugins are installed in "developer mode", the final component + # of their target directory is always "resources", which confuses + # Heat's plugin loader into believing that all plugins are named + # "resources", and therefore are all the same plugin; so it + # will only load one of them. Linking them all to a common + # location with unique names avoids that type of collision, + # while still allowing the plugins to be edited in-tree. + local err_count=0 + + if [ -n "$ENABLE_HEAT_PLUGINS" ]; then + mkdir -p $HEAT_PLUGIN_DIR + # Clean up cruft from any previous runs + rm -f $HEAT_PLUGIN_DIR/* + iniset $HEAT_CONF DEFAULT plugin_dirs $HEAT_PLUGIN_DIR + fi + + for heat_plugin in $ENABLE_HEAT_PLUGINS; do + if [ -d $HEAT_DIR/contrib/$heat_plugin ]; then + setup_package $HEAT_DIR/contrib/$heat_plugin -e + ln -s $HEAT_DIR/contrib/$heat_plugin/$heat_plugin/resources $HEAT_PLUGIN_DIR/$heat_plugin + else + : # clear retval on the test so that we can roll up errors + err $LINENO "Requested Heat plugin(${heat_plugin}) not found." + err_count=$(($err_count + 1)) + fi + done + [ $err_count -eq 0 ] || die $LINENO "$err_count of the requested Heat plugins could not be installed." } # init_heat() - Initialize database From abb40f61939355f471c1a37c671774923e12b660 Mon Sep 17 00:00:00 2001 From: Thiago Paiva Date: Thu, 29 Oct 2015 11:38:24 -0300 Subject: [PATCH 0024/2409] Correct Cinder protocol for connections on Ironic The protocol for connections with Cinder is wrong for the Ironic script. This patch changes the script to use $GLANCE_SERVICE_PROTOCOL, which is https when USE_SSL=true or tls-proxy is on ENABLED_SERVICES. Change-Id: I4d4c6f9dc6f6ee53166db109848dca64334b8748 --- lib/ironic | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/ironic b/lib/ironic index de07b49667..d786870165 100644 --- a/lib/ironic +++ b/lib/ironic @@ -795,7 +795,7 @@ function upload_baremetal_ironic_deploy { # load them into glance IRONIC_DEPLOY_KERNEL_ID=$(openstack \ --os-token $token \ - --os-url http://$GLANCE_HOSTPORT \ + --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT \ image create \ $(basename $IRONIC_DEPLOY_KERNEL_PATH) \ --public --disk-format=aki \ @@ -803,7 +803,7 @@ function upload_baremetal_ironic_deploy { < $IRONIC_DEPLOY_KERNEL_PATH | grep ' id ' | get_field 2) IRONIC_DEPLOY_RAMDISK_ID=$(openstack \ --os-token $token \ - --os-url http://$GLANCE_HOSTPORT \ + --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT \ image create \ $(basename $IRONIC_DEPLOY_RAMDISK_PATH) \ --public --disk-format=ari \ From 7159b4ba5956c0fd3141fe13ac40057364683c9c Mon Sep 17 00:00:00 2001 From: Marian Horban Date: Thu, 22 Oct 2015 15:47:49 -0400 Subject: [PATCH 0025/2409] Config graceful_shutdown_timeout option for services To avoid hanging services during gracefull shutdown option graceful_shutdown_timeout should be configured. Closes-Bug: #1446583 Change-Id: I2b7f0df831d65c55ae8cae241478f49c9641d99f --- lib/cinder | 2 +- lib/glance | 2 ++ lib/nova | 1 + stackrc | 3 +++ 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/cinder b/lib/cinder index ed9a1038d6..a916c6540f 100644 --- a/lib/cinder +++ b/lib/cinder @@ -357,7 +357,7 @@ function configure_cinder { iniset $CINDER_CONF DEFAULT os_privileged_user_name nova iniset $CINDER_CONF DEFAULT os_privileged_user_password "$SERVICE_PASSWORD" iniset $CINDER_CONF DEFAULT os_privileged_user_tenant "$SERVICE_TENANT_NAME" - + iniset $CINDER_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT" } # create_cinder_accounts() - Set up common required cinder accounts diff --git a/lib/glance b/lib/glance index 2eb93a46e6..5a1b2834d0 100644 --- a/lib/glance +++ b/lib/glance @@ -115,6 +115,7 @@ function configure_glance { configure_auth_token_middleware $GLANCE_REGISTRY_CONF glance $GLANCE_AUTH_CACHE_DIR/registry iniset $GLANCE_REGISTRY_CONF DEFAULT notification_driver messaging iniset_rpc_backend glance $GLANCE_REGISTRY_CONF + iniset $GLANCE_REGISTRY_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT" cp $GLANCE_DIR/etc/glance-api.conf $GLANCE_API_CONF iniset $GLANCE_API_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL @@ -149,6 +150,7 @@ function configure_glance { iniset $GLANCE_API_CONF glance_store swift_store_config_file $GLANCE_SWIFT_STORE_CONF iniset $GLANCE_API_CONF glance_store default_swift_reference ref1 iniset $GLANCE_API_CONF glance_store stores "file, http, swift" + iniset $GLANCE_API_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT" iniset $GLANCE_SWIFT_STORE_CONF ref1 user $SERVICE_TENANT_NAME:glance-swift iniset $GLANCE_SWIFT_STORE_CONF ref1 key $SERVICE_PASSWORD diff --git a/lib/nova b/lib/nova index 6c414030ae..cce598d853 100644 --- a/lib/nova +++ b/lib/nova @@ -649,6 +649,7 @@ function create_nova_conf { iniset $NOVA_CONF serial_console serialproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS" iniset $NOVA_CONF serial_console enabled True fi + iniset $NOVA_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT" } function init_nova_cells { diff --git a/stackrc b/stackrc index 819aa0125c..1a95e2b7ed 100644 --- a/stackrc +++ b/stackrc @@ -669,6 +669,9 @@ fi # Service startup timeout SERVICE_TIMEOUT=${SERVICE_TIMEOUT:-60} +# Service graceful shutdown timeout +SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT=${SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT:-5} + # Support alternative yum -- in future Fedora 'dnf' will become the # only supported installer, but for now 'yum' and 'dnf' are both # available in parallel with compatible CLIs. Allow manual switching From cdcdeb64602ea271bedf20f58a9f1ca1c0075c84 Mon Sep 17 00:00:00 2001 From: Matt Riedemann Date: Thu, 29 Oct 2015 09:48:17 -0700 Subject: [PATCH 0026/2409] Remove CINDER_VOLUME_CLEAR value validation 132fbcd38ebae52bdd20da54905131b75581520f in cinder changed the volume_clear StrOpt to use the choices kwarg which enforces the value specified and raises a ValueError if an invalid value is set for the option in cinder.conf. This lets us remove the validation that devstack was doing. Change-Id: Ia7eead6297ed0f3a972de2021170fe9c7225e856 --- lib/cinder | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/cinder b/lib/cinder index ed9a1038d6..1307c11f7a 100644 --- a/lib/cinder +++ b/lib/cinder @@ -317,9 +317,7 @@ function configure_cinder { iniset_rpc_backend cinder $CINDER_CONF - if [[ "$CINDER_VOLUME_CLEAR" == "none" ]] || [[ "$CINDER_VOLUME_CLEAR" == "zero" ]] || [[ "$CINDER_VOLUME_CLEAR" == "shred" ]]; then - iniset $CINDER_CONF DEFAULT volume_clear $CINDER_VOLUME_CLEAR - fi + iniset $CINDER_CONF DEFAULT volume_clear $CINDER_VOLUME_CLEAR # Format logging if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ] && [ "$CINDER_USE_MOD_WSGI" == "False" ]; then From 5ea1e16d83d6312fb17976ded0ab1a6a3773ca4d Mon Sep 17 00:00:00 2001 From: Stephen Finucane Date: Thu, 29 Oct 2015 20:12:26 +0000 Subject: [PATCH 0027/2409] lib/nova: Remove 'DEFAULT/verbose' The 'verbose' option has been deprecated by oslo_log. Using it results in a warning for the 'nova-manage' command and likely many other OpenStack commands. Change-Id: Icc11b25f56ebc62443c6afa90b9572d5c63b3882 Partial-bug: #1511505 --- lib/nova | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/nova b/lib/nova index 6c414030ae..47c43bd193 100644 --- a/lib/nova +++ b/lib/nova @@ -480,7 +480,6 @@ function create_nova_conf { # (Re)create ``nova.conf`` rm -f $NOVA_CONF - iniset $NOVA_CONF DEFAULT verbose "True" iniset $NOVA_CONF DEFAULT debug "$ENABLE_DEBUG_LOG_LEVEL" if [ "$NOVA_ALLOW_MOVE_TO_SAME_HOST" == "True" ]; then iniset $NOVA_CONF DEFAULT allow_resize_to_same_host "True" From 0ec80802735163fdbdb4ceaa339aa73f93bbd87a Mon Sep 17 00:00:00 2001 From: Daniel Gonzalez Date: Fri, 30 Oct 2015 14:25:41 +0100 Subject: [PATCH 0028/2409] Remove multi-region workaround When keystone API v3 was introduced, filtering regions when listing endpoints was not supported (see [1]). This caused multi-region devstack deployments to fail (see [2]). A workaround was introduced to devstack to enable for multi-region deployments until region filtering would work in keystone API v3. Now that the bug related to region filtering in keystone is resolved, the workaround should be removed. [1]: https://bugs.launchpad.net/keystone/+bug/1482772 [2]: https://bugs.launchpad.net/devstack/+bug/1483784 Closes-Bug: #1511745 Related-Bug: #1483784 Related-Bug: #1482772 Change-Id: I52d13c3f5e7b77a7f8fb1be4dcea437988ebddfe --- functions-common | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/functions-common b/functions-common index d36d323820..d282203d45 100644 --- a/functions-common +++ b/functions-common @@ -913,16 +913,11 @@ function get_or_create_service { # Usage: _get_or_create_endpoint_with_interface function _get_or_create_endpoint_with_interface { local endpoint_id - # TODO(dgonzalez): The check of the region name, as done in the grep - # statement below, exists only because keystone does currently - # not allow filtering the region name when listing endpoints. If keystone - # gets support for this, the check for the region name can be removed. - # Related bug in keystone: https://bugs.launchpad.net/keystone/+bug/1482772 endpoint_id=$(openstack endpoint list \ --service $1 \ --interface $2 \ --region $4 \ - -c ID -c Region -f value | grep $4 | cut -f 1 -d " ") + -c ID -f value) if [[ -z "$endpoint_id" ]]; then # Creates new endpoint endpoint_id=$(openstack endpoint create \ From 55a1bca28215a7623c9bd067a663e176d4b3e672 Mon Sep 17 00:00:00 2001 From: Andrey Kurilin Date: Fri, 30 Oct 2015 16:24:19 +0200 Subject: [PATCH 0029/2409] Remove wrong paramter COMPUTE_API_VERSION Since: - novaclient doesn't require specify the *compute api* version (default is 2.latest now) - novaclient doesn't use COMPUTE_API_VERSION, since it's wrong name( OS_COMPUTE_API_VERSION is a correct name) we can remove COMPUTE_API_VERSION and NOVA_VERSION vars Change-Id: I47856863e9403870b8d60c778b97d3de1a212ae1 --- exercises/client-args.sh | 1 - exercises/client-env.sh | 4 ---- openrc | 6 ------ 3 files changed, 11 deletions(-) diff --git a/exercises/client-args.sh b/exercises/client-args.sh index c33ef44e9a..7cfef1c807 100755 --- a/exercises/client-args.sh +++ b/exercises/client-args.sh @@ -41,7 +41,6 @@ unset NOVA_PROJECT_ID unset NOVA_REGION_NAME unset NOVA_URL unset NOVA_USERNAME -unset NOVA_VERSION # Save the known variables for later export x_TENANT_NAME=$OS_TENANT_NAME diff --git a/exercises/client-env.sh b/exercises/client-env.sh index 4a0609a944..1d2f4f5689 100755 --- a/exercises/client-env.sh +++ b/exercises/client-env.sh @@ -41,7 +41,6 @@ unset NOVA_PROJECT_ID unset NOVA_REGION_NAME unset NOVA_URL unset NOVA_USERNAME -unset NOVA_VERSION for i in OS_TENANT_NAME OS_USERNAME OS_PASSWORD OS_AUTH_URL; do is_set $i @@ -101,9 +100,6 @@ if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then STATUS_EC2="Failed" RETURN=1 fi - - # Clean up side effects - unset NOVA_VERSION fi fi diff --git a/openrc b/openrc index 71ba5a6ea5..9bc0fd77f4 100644 --- a/openrc +++ b/openrc @@ -95,12 +95,6 @@ if [[ ! -v OS_CACERT ]] ; then fi fi -# Currently novaclient needs you to specify the *compute api* version. This -# needs to match the config of your catalog returned by Keystone. -export NOVA_VERSION=${NOVA_VERSION:-1.1} -# In the future this will change names: -export COMPUTE_API_VERSION=${COMPUTE_API_VERSION:-$NOVA_VERSION} - # Currently cinderclient needs you to specify the *volume api* version. This # needs to match the config of your catalog returned by Keystone. export CINDER_VERSION=${CINDER_VERSION:-2} From f54f60a63ea146e54d430e343f666638bf7947d2 Mon Sep 17 00:00:00 2001 From: Einst Crazy Date: Fri, 30 Oct 2015 23:00:57 +0800 Subject: [PATCH 0030/2409] Delete some comment or messages of keystone_data.sh(removed) As files/keystone_data.sh has been removed in the commit https://review.openstack.org/#/c/79366/, we should remove some related documations and comments. Change-Id: I7802d0052fa28d8debb7f361d36a4f108869554c --- HACKING.rst | 3 +-- doc/source/configuration.rst | 2 +- lib/tempest | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/HACKING.rst b/HACKING.rst index 6bd24b0174..d66687e351 100644 --- a/HACKING.rst +++ b/HACKING.rst @@ -250,8 +250,7 @@ These scripts are executed serially by ``exercise.sh`` in testing situations. database access from the exercise itself. * If specific configuration needs to be present for the exercise to complete, - it should be staged in ``stack.sh``, or called from ``stack.sh`` (see - ``files/keystone_data.sh`` for an example of this). + it should be staged in ``stack.sh``, or called from ``stack.sh``. * The ``OS_*`` environment variables should be the only ones used for all authentication to OpenStack clients as documented in the CLIAuth_ wiki page. diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index d70d3dae17..9ba657a50d 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -393,7 +393,7 @@ with ``KEYSTONE_CATALOG_BACKEND``: KEYSTONE_CATALOG_BACKEND=template DevStack's default configuration in ``sql`` mode is set in -``files/keystone_data.sh`` +``lib/keystone`` Guest Images diff --git a/lib/tempest b/lib/tempest index 32630dbf59..03e2aacf97 100644 --- a/lib/tempest +++ b/lib/tempest @@ -23,7 +23,7 @@ # # Optional Dependencies: # -# - ``ALT_*`` (similar vars exists in keystone_data.sh) +# - ``ALT_*`` # - ``LIVE_MIGRATION_AVAILABLE`` # - ``USE_BLOCK_MIGRATION_FOR_LIVE_MIGRATION`` # - ``DEFAULT_INSTANCE_TYPE`` From 08abba008e735d333f9180180c6a28e7cd5a1171 Mon Sep 17 00:00:00 2001 From: Marian Horban Date: Thu, 11 Jun 2015 13:01:41 -0400 Subject: [PATCH 0031/2409] Add ability to run Nova metadata under Apache2 This patch allows to run Nova metadata service using Apache on port 80 under /metadata URL. Change-Id: I18f3399738c31166eac884a9b0d5c4045d3f445c --- files/apache-nova-metadata.template | 25 +++++++++++++++++++++++++ lib/nova | 23 +++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 files/apache-nova-metadata.template diff --git a/files/apache-nova-metadata.template b/files/apache-nova-metadata.template new file mode 100644 index 0000000000..6231c1ced8 --- /dev/null +++ b/files/apache-nova-metadata.template @@ -0,0 +1,25 @@ +Listen %PUBLICPORT% + + + WSGIDaemonProcess nova-metadata processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV% + WSGIProcessGroup nova-metadata + WSGIScriptAlias / %PUBLICWSGI% + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + = 2.4> + ErrorLogFormat "%M" + + ErrorLog /var/log/%APACHE_NAME%/nova-metadata.log + %SSLENGINE% + %SSLCERTFILE% + %SSLKEYFILE% + + +Alias /metadata %PUBLICWSGI% + + SetHandler wsgi-script + Options +ExecCGI + WSGIProcessGroup nova-metadata + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + diff --git a/lib/nova b/lib/nova index 6c414030ae..e82c28be4d 100644 --- a/lib/nova +++ b/lib/nova @@ -7,6 +7,7 @@ # # - ``functions`` file # - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined +# - ``FILES`` # - ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined # - ``LIBVIRT_TYPE`` must be defined # - ``INSTANCE_NAME_PREFIX``, ``VOLUME_NAME_PREFIX`` must be defined @@ -87,6 +88,7 @@ NOVA_SERVICE_LOCAL_HOST=${NOVA_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST} NOVA_SERVICE_LISTEN_ADDRESS=${NOVA_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} EC2_SERVICE_PORT=${EC2_SERVICE_PORT:-8773} EC2_SERVICE_PORT_INT=${EC2_SERVICE_PORT_INT:-18773} +METADATA_SERVICE_PORT=${METADATA_SERVICE_PORT:-8775} # Option to enable/disable config drive # NOTE: Set ``FORCE_CONFIG_DRIVE="False"`` to turn OFF config drive @@ -241,6 +243,7 @@ function _cleanup_nova_apache_wsgi { sudo rm -f $NOVA_WSGI_DIR/* sudo rm -f $(apache_site_config_for nova-api) sudo rm -f $(apache_site_config_for nova-ec2-api) + sudo rm -f $(apache_site_config_for nova-metadata) } # _config_nova_apache_wsgi() - Set WSGI config files of Keystone @@ -251,11 +254,14 @@ function _config_nova_apache_wsgi { nova_apache_conf=$(apache_site_config_for nova-api) local nova_ec2_apache_conf nova_ec2_apache_conf=$(apache_site_config_for nova-ec2-api) + local nova_metadata_apache_conf + nova_metadata_apache_conf=$(apache_site_config_for nova-metadata) local nova_ssl="" local nova_certfile="" local nova_keyfile="" local nova_api_port=$NOVA_SERVICE_PORT local nova_ec2_api_port=$EC2_SERVICE_PORT + local nova_metadata_port=$METADATA_SERVICE_PORT local venv_path="" if is_ssl_enabled_service nova-api; then @@ -270,6 +276,7 @@ function _config_nova_apache_wsgi { # copy proxy vhost and wsgi helper files sudo cp $NOVA_DIR/nova/wsgi/nova-api.py $NOVA_WSGI_DIR/nova-api sudo cp $NOVA_DIR/nova/wsgi/nova-ec2-api.py $NOVA_WSGI_DIR/nova-ec2-api + sudo cp $NOVA_DIR/nova/wsgi/nova-metadata.py $NOVA_WSGI_DIR/nova-metadata sudo cp $FILES/apache-nova-api.template $nova_apache_conf sudo sed -e " @@ -296,6 +303,19 @@ function _config_nova_apache_wsgi { s|%VIRTUALENV%|$venv_path|g s|%APIWORKERS%|$API_WORKERS|g " -i $nova_ec2_apache_conf + + sudo cp $FILES/apache-nova-metadata.template $nova_metadata_apache_conf + sudo sed -e " + s|%PUBLICPORT%|$nova_metadata_port|g; + s|%APACHE_NAME%|$APACHE_NAME|g; + s|%PUBLICWSGI%|$NOVA_WSGI_DIR/nova-metadata|g; + s|%SSLENGINE%|$nova_ssl|g; + s|%SSLCERTFILE%|$nova_certfile|g; + s|%SSLKEYFILE%|$nova_keyfile|g; + s|%USER%|$STACK_USER|g; + s|%VIRTUALENV%|$venv_path|g + s|%APIWORKERS%|$API_WORKERS|g + " -i $nova_metadata_apache_conf } # configure_nova() - Set config files, create data dirs, etc @@ -798,9 +818,11 @@ function start_nova_api { if [ -f ${enabled_site_file} ] && [ "$NOVA_USE_MOD_WSGI" == "True" ]; then enable_apache_site nova-api enable_apache_site nova-ec2-api + enable_apache_site nova-metadata restart_apache_server tail_log nova-api /var/log/$APACHE_NAME/nova-api.log tail_log nova-ec2-api /var/log/$APACHE_NAME/nova-ec2-api.log + tail_log nova-metadata /var/log/$APACHE_NAME/nova-metadata.log else run_process n-api "$NOVA_BIN_DIR/nova-api" fi @@ -916,6 +938,7 @@ function stop_nova_rest { if [ "$NOVA_USE_MOD_WSGI" == "True" ]; then disable_apache_site nova-api disable_apache_site nova-ec2-api + disable_apache_site nova-metadata restart_apache_server else stop_process n-api From 463a0e6d980690d00b17b9ebcfaf83c2f12d7615 Mon Sep 17 00:00:00 2001 From: keiji niwa Date: Sat, 11 Jul 2015 22:09:49 +0900 Subject: [PATCH 0032/2409] Replace hard-coded --ipv6-address-mode Looks like this was just a typo in the original d1498d74db816b3edbb8376ca5acb7cc5792ea5c ; replace with environment variable Change-Id: I877c1a570a68e926c91fc8a393217e6b18245f82 --- lib/neutron-legacy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 3c3c96b7bd..c244e5470a 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -547,7 +547,7 @@ function create_neutron_initial_network { fi if [[ "$IP_VERSION" =~ .*6 ]]; then - SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode slaac --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2) + SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode $IPV6_ADDRESS_MODE --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2) die_if_not_set $LINENO SUBNET_V6_ID "Failure creating SUBNET_V6_ID for $PROVIDER_SUBNET_NAME_V6 $TENANT_ID" fi From 508931ff367df646d1fa6068008fe550c5572d02 Mon Sep 17 00:00:00 2001 From: Hirofumi Ichihara Date: Mon, 2 Nov 2015 17:39:48 +0900 Subject: [PATCH 0033/2409] Remove Ubuntu 14.10 as supported distribution Ubuntu 14.10(utopic) reached end of life[1]. [1]: https://lists.ubuntu.com/archives/ubuntu-announce/2015-July/000197.html Change-Id: Iab13ca797bda56462d9d117aa500d3ba0d9bebcb --- lib/nova_plugins/functions-libvirt | 2 +- stack.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt index 5525cfd951..78c59786d8 100644 --- a/lib/nova_plugins/functions-libvirt +++ b/lib/nova_plugins/functions-libvirt @@ -23,7 +23,7 @@ DEBUG_LIBVIRT=$(trueorfalse True DEBUG_LIBVIRT) # Installs required distro-specific libvirt packages. function install_libvirt { if is_ubuntu; then - if is_arch "aarch64" && [[ ${DISTRO} =~ (trusty|utopic) ]]; then + if is_arch "aarch64" && [[ ${DISTRO} == "trusty" ]]; then install_package qemu-system else install_package qemu-kvm diff --git a/stack.sh b/stack.sh index 80247317cf..bdbb025a0b 100755 --- a/stack.sh +++ b/stack.sh @@ -178,7 +178,7 @@ source $TOP_DIR/stackrc # Warn users who aren't on an explicitly supported distro, but allow them to # override check and attempt installation with ``FORCE=yes ./stack`` -if [[ ! ${DISTRO} =~ (precise|trusty|utopic|vivid|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then +if [[ ! ${DISTRO} =~ (precise|trusty|vivid|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then echo "WARNING: this script has not been tested on $DISTRO" if [[ "$FORCE" != "yes" ]]; then die $LINENO "If you wish to run this script anyway run with FORCE=yes" From c30657d7de1a253ffd541d07a0b449d395cb8eab Mon Sep 17 00:00:00 2001 From: Markus Zoeller Date: Mon, 2 Nov 2015 11:27:46 +0100 Subject: [PATCH 0034/2409] Cleanup ReST format issues * ReST doesn't allow monospace in italic sections. bash$ grep -R \`\` doc/build/html/ --include "*.html" * The code-block section "::" needed an empty line before the code, otherwise it gets shown in the HTML output. bash$ egrep -R "
::" doc/build/html/ --include "*.html" * Monospaced font incorrectly marked with a single back tick bash$ egrep -nR '\w`(\s|[\.,;:])' doc/source/ --include "*.rst" Change-Id: I66c3f685f33851c3f3f0f859996037fc24930246 --- doc/source/configuration.rst | 33 ++++++++++--------- doc/source/guides/devstack-with-lbaas-v2.rst | 2 +- .../guides/devstack-with-nested-kvm.rst | 12 +++---- doc/source/guides/neutron.rst | 18 +++++----- 4 files changed, 33 insertions(+), 32 deletions(-) diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index d70d3dae17..e9921f049c 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -202,8 +202,8 @@ process to a file in ``LOGDIR``. LOGDIR=$DEST/logs -*Note the use of ``DEST`` to locate the main install directory; this -is why we suggest setting it in ``local.conf``.* +Note the use of ``DEST`` to locate the main install directory; this +is why we suggest setting it in ``local.conf``. Enabling Syslog ~~~~~~~~~~~~~~~ @@ -239,15 +239,15 @@ Database Backend Multiple database backends are available. The available databases are defined in the lib/databases directory. -`mysql` is the default database, choose a different one by putting the -following in the `localrc` section: +``mysql`` is the default database, choose a different one by putting the +following in the ``localrc`` section: :: disable_service mysql enable_service postgresql -`mysql` is the default database. +``mysql`` is the default database. RPC Backend ----------- @@ -260,6 +260,7 @@ RabbitMQ is handled via the usual service functions and Example disabling RabbitMQ in ``local.conf``: :: + disable_service rabbit @@ -511,7 +512,7 @@ VM. When running with only one replica the account, container and object services will run directly in screen. The others services like replicator, updaters or auditor runs in background. -If you would like to enable Swift you can add this to your `localrc` +If you would like to enable Swift you can add this to your ``localrc`` section: :: @@ -519,7 +520,7 @@ section: enable_service s-proxy s-object s-container s-account If you want a minimal Swift install with only Swift and Keystone you -can have this instead in your `localrc` section: +can have this instead in your ``localrc`` section: :: @@ -528,24 +529,24 @@ can have this instead in your `localrc` section: If you only want to do some testing of a real normal swift cluster with multiple replicas you can do so by customizing the variable -`SWIFT_REPLICAS` in your `localrc` section (usually to 3). +``SWIFT_REPLICAS`` in your ``localrc`` section (usually to 3). Swift S3 ++++++++ -If you are enabling `swift3` in `ENABLED_SERVICES` DevStack will +If you are enabling ``swift3`` in ``ENABLED_SERVICES`` DevStack will install the swift3 middleware emulation. Swift will be configured to act as a S3 endpoint for Keystone so effectively replacing the -`nova-objectstore`. +``nova-objectstore``. Only Swift proxy server is launched in the screen session all other -services are started in background and managed by `swift-init` tool. +services are started in background and managed by ``swift-init`` tool. Heat ~~~~ -Heat is disabled by default (see `stackrc` file). To enable it -explicitly you'll need the following settings in your `localrc` +Heat is disabled by default (see ``stackrc`` file). To enable it +explicitly you'll need the following settings in your ``localrc`` section :: @@ -554,7 +555,7 @@ section Heat can also run in standalone mode, and be configured to orchestrate on an external OpenStack cloud. To launch only Heat in standalone mode -you'll need the following settings in your `localrc` section +you'll need the following settings in your ``localrc`` section :: @@ -590,14 +591,14 @@ Xenserver ~~~~~~~~~ If you would like to use Xenserver as the hypervisor, please refer to -the instructions in `./tools/xen/README.md`. +the instructions in ``./tools/xen/README.md``. Cells ~~~~~ `Cells `__ is an alternative scaling option. To setup a cells environment add the -following to your `localrc` section: +following to your ``localrc`` section: :: diff --git a/doc/source/guides/devstack-with-lbaas-v2.rst b/doc/source/guides/devstack-with-lbaas-v2.rst index f67978310d..4e5f874787 100644 --- a/doc/source/guides/devstack-with-lbaas-v2.rst +++ b/doc/source/guides/devstack-with-lbaas-v2.rst @@ -17,7 +17,7 @@ Install devstack cd devstack -Edit your `local.conf` to look like +Edit your ``local.conf`` to look like :: diff --git a/doc/source/guides/devstack-with-nested-kvm.rst b/doc/source/guides/devstack-with-nested-kvm.rst index c652bacced..85a5656198 100644 --- a/doc/source/guides/devstack-with-nested-kvm.rst +++ b/doc/source/guides/devstack-with-nested-kvm.rst @@ -50,7 +50,7 @@ the host: parm: nested:bool Start your VM, now it should have KVM capabilities -- you can verify -that by ensuring `/dev/kvm` character device is present. +that by ensuring ``/dev/kvm`` character device is present. Configure Nested KVM for AMD-based Machines @@ -97,7 +97,7 @@ To make the above value persistent across reboots, add an entry in Expose Virtualization Extensions to DevStack VM ----------------------------------------------- -Edit the VM's libvirt XML configuration via `virsh` utility: +Edit the VM's libvirt XML configuration via ``virsh`` utility: :: @@ -115,10 +115,10 @@ Ensure DevStack VM is Using KVM ------------------------------- Before invoking ``stack.sh`` in the VM, ensure that KVM is enabled. This -can be verified by checking for the presence of the file `/dev/kvm` in +can be verified by checking for the presence of the file ``/dev/kvm`` in your VM. If it is present, DevStack will default to using the config -attribute `virt_type = kvm` in `/etc/nova.conf`; otherwise, it'll fall -back to `virt_type=qemu`, i.e. plain QEMU emulation. +attribute ``virt_type = kvm`` in ``/etc/nova.conf``; otherwise, it'll fall +back to ``virt_type=qemu``, i.e. plain QEMU emulation. Optionally, to explicitly set the type of virtualization, to KVM, by the libvirt driver in nova, the below config attribute can be used in @@ -131,7 +131,7 @@ DevStack's ``local.conf``: Once DevStack is configured successfully, verify if the Nova instances are using KVM by noticing the QEMU CLI invoked by Nova is using the -parameter `accel=kvm`, e.g.: +parameter ``accel=kvm``, e.g.: :: diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst index 5891f68033..5e231315f7 100644 --- a/doc/source/guides/neutron.rst +++ b/doc/source/guides/neutron.rst @@ -170,8 +170,8 @@ nova, neutron) **Compute Nodes** In this example, the nodes that will host guest instances will run -the `neutron-openvswitch-agent` for network connectivity, as well as -the compute service `nova-compute`. +the ``neutron-openvswitch-agent`` for network connectivity, as well as +the compute service ``nova-compute``. DevStack Configuration ---------------------- @@ -256,16 +256,16 @@ compute node 1. Q_L3_ENABLED=False Compute node 2's configuration will be exactly the same, except -`HOST_IP` will be `10.0.0.4` +``HOST_IP`` will be ``10.0.0.4`` When DevStack is configured to use provider networking (via -`Q_USE_PROVIDER_NETWORKING` is True and `Q_L3_ENABLED` is False) - +``Q_USE_PROVIDER_NETWORKING`` is True and ``Q_L3_ENABLED`` is False) - DevStack will automatically add the network interface defined in -`PUBLIC_INTERFACE` to the `OVS_PHYSICAL_BRIDGE` +``PUBLIC_INTERFACE`` to the ``OVS_PHYSICAL_BRIDGE`` For example, with the above configuration, a bridge is -created, named `br-ex` which is managed by Open vSwitch, and the -second interface on the compute node, `eth1` is attached to the +created, named ``br-ex`` which is managed by Open vSwitch, and the +second interface on the compute node, ``eth1`` is attached to the bridge, to forward traffic sent by guest VMs. Miscellaneous Tips @@ -307,7 +307,7 @@ Configuring Extension Drivers for the ML2 Plugin ------------------------------------------------ Extension drivers for the ML2 plugin are set with the variable -`Q_ML2_PLUGIN_EXT_DRIVERS`, and includes the 'port_security' extension +``Q_ML2_PLUGIN_EXT_DRIVERS``, and includes the 'port_security' extension by default. If you want to remove all the extension drivers (even -'port_security'), set `Q_ML2_PLUGIN_EXT_DRIVERS` to blank. +'port_security'), set ``Q_ML2_PLUGIN_EXT_DRIVERS`` to blank. From 85f42f698c7bd74d53309da486fbf44ed860c348 Mon Sep 17 00:00:00 2001 From: Thomas Morin Date: Tue, 1 Sep 2015 10:33:10 +0200 Subject: [PATCH 0035/2409] Provide an error message on bogus config file spec If local.conf specifies a config file addition in the following way... [[post-config|$MY_CONF_FILE]] [xyz] foo=bar ...and $MY_CONF_FILE points to a file whose directory is not writable by the user running the script, then stack.sh aborts with the following obscure message: 2015-09-01 08:20:08.113 | touch: setting times of '/': Permission denied This patch modifies inc/meta-config to provide a useful error message, such as: 2015-09-01 08:20:08.114 | could not create config file / ($MY_CONF_FILE) This patch also modifies inc/meta-config so that it provides an error message if $MY_CONF_FILE is empty (instead of silently ignoring this local.conf statement): 2015-09-01 09:38:53.406 | bogus config file specification: $MY_CONF_FILE is undefined Change-Id: I9b78407420318548561012a8672762bc7fdd6db6 Closes-Bug: 1490881 --- inc/meta-config | 17 ++++++++++++--- tests/test_meta_config.sh | 45 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 3 deletions(-) diff --git a/inc/meta-config b/inc/meta-config index e5f902d1dd..b9ab6b207f 100644 --- a/inc/meta-config +++ b/inc/meta-config @@ -89,9 +89,10 @@ function merge_config_file { # note, configfile might be a variable (note the iniset, etc # created in the mega-awk below is "eval"ed too, so we just leave # it alone. - local real_configfile=$(eval echo $configfile) + local real_configfile + real_configfile=$(eval echo $configfile) if [ ! -f $real_configfile ]; then - touch $real_configfile + touch $real_configfile || die $LINENO "could not create config file $real_configfile ($configfile)" fi get_meta_section $file $matchgroup $configfile | \ @@ -177,8 +178,18 @@ function merge_config_group { local configfile group for group in $matchgroups; do for configfile in $(get_meta_section_files $localfile $group); do - if [[ -d $(dirname $(eval "echo $configfile")) ]]; then + local realconfigfile + local dir + + realconfigfile=$(eval "echo $configfile") + if [[ -z $realconfigfile ]]; then + die $LINENO "bogus config file specification: $configfile is undefined" + fi + dir=$(dirname $realconfigfile) + if [[ -d $dir ]]; then merge_config_file $localfile $group $configfile + else + die $LINENO "bogus config file specification $configfile ($configfile=$realconfigfile, $dir is not a directory)" fi done done diff --git a/tests/test_meta_config.sh b/tests/test_meta_config.sh index a04c081854..f3e94af8f8 100755 --- a/tests/test_meta_config.sh +++ b/tests/test_meta_config.sh @@ -23,6 +23,12 @@ function check_result { fi } +# mock function-common:die so that it does not +# interupt our test script +function die { + exit -1 +} + TEST_1C_ADD="[eee] type=new multi = foo2" @@ -110,6 +116,15 @@ attr = strip_trailing_space [DEFAULT] servers=10.11.12.13:80 +[[test8|/permission-denied.conf]] +foo=bar + +[[test9|\$UNDEF]] +foo=bar + +[[test10|does-not-exist-dir/test.conf]] +foo=bar + [[test-multi-sections|test-multi-sections.conf]] [sec-1] cfg_item1 = abcd @@ -340,6 +355,36 @@ EXPECT_VAL=" servers = 10.11.12.13:80" check_result "$VAL" "$EXPECT_VAL" +echo "merge_config_file test8 non-touchable conf file: " +set +e +# function is expected to fail and exit, running it +# in a subprocess to let this script proceed +(merge_config_file test.conf test8 /permission-denied.conf) +VAL=$? +EXPECT_VAL=255 +check_result "$VAL" "$EXPECT_VAL" +set -e + +echo -n "merge_config_group test9 undefined conf file: " +set +e +# function is expected to fail and exit, running it +# in a subprocess to let this script proceed +(merge_config_group test.conf test9) +VAL=$? +EXPECT_VAL=255 +check_result "$VAL" "$EXPECT_VAL" +set -e + +echo -n "merge_config_group test10 not directory: " +set +e +# function is expected to fail and exit, running it +# in a subprocess to let this script proceed +(merge_config_group test.conf test10) +VAL=$? +EXPECT_VAL=255 +check_result "$VAL" "$EXPECT_VAL" +set -e + rm -f test.conf test1c.conf test2a.conf \ test-space.conf test-equals.conf test-strip.conf \ test-colon.conf test-env.conf test-multiline.conf \ From dca49de22f57f3b2f502380b2cbfedb0dcdba209 Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Tue, 20 Oct 2015 12:13:19 +0100 Subject: [PATCH 0036/2409] Use stevedore aliases for interface_driver configuration interface_driver configuration was updated to use stevedore aliases. This patch is to change devstack scripts to now use the aliases instead of the previous class imports. Closes-Bug: #1504536 Change-Id: Ic56bfcc1f9da05a999e6fd328e4dd6617e9470ff --- lib/neutron_plugins/bigswitch_floodlight | 4 ++-- lib/neutron_plugins/brocade | 2 +- lib/neutron_plugins/cisco | 2 +- lib/neutron_plugins/linuxbridge_agent | 2 +- lib/neutron_plugins/openvswitch_agent | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/neutron_plugins/bigswitch_floodlight b/lib/neutron_plugins/bigswitch_floodlight index 4166131534..f52105e658 100644 --- a/lib/neutron_plugins/bigswitch_floodlight +++ b/lib/neutron_plugins/bigswitch_floodlight @@ -58,9 +58,9 @@ function neutron_plugin_configure_service { function neutron_plugin_setup_interface_driver { local conf_file=$1 if [ "$BS_FL_VIF_DRIVER" = "ivs" ]; then - iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.IVSInterfaceDriver + iniset $conf_file DEFAULT interface_driver ivs else - iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver + iniset $conf_file DEFAULT interface_driver openvswitch fi } diff --git a/lib/neutron_plugins/brocade b/lib/neutron_plugins/brocade index 557b94dec0..953360e070 100644 --- a/lib/neutron_plugins/brocade +++ b/lib/neutron_plugins/brocade @@ -68,7 +68,7 @@ function neutron_plugin_configure_plugin_agent { function neutron_plugin_setup_interface_driver { local conf_file=$1 - iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver + iniset $conf_file DEFAULT interface_driver linuxbridge } function has_neutron_plugin_security_group { diff --git a/lib/neutron_plugins/cisco b/lib/neutron_plugins/cisco index 90dcd574c0..7d0cf1af39 100644 --- a/lib/neutron_plugins/cisco +++ b/lib/neutron_plugins/cisco @@ -150,7 +150,7 @@ function neutron_plugin_create_initial_network_profile { function neutron_plugin_setup_interface_driver { local conf_file=$1 - iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver + iniset $conf_file DEFAULT interface_driver openvswitch } # Restore xtrace diff --git a/lib/neutron_plugins/linuxbridge_agent b/lib/neutron_plugins/linuxbridge_agent index bd4438db04..f28bcfeadd 100644 --- a/lib/neutron_plugins/linuxbridge_agent +++ b/lib/neutron_plugins/linuxbridge_agent @@ -85,7 +85,7 @@ function neutron_plugin_configure_plugin_agent { function neutron_plugin_setup_interface_driver { local conf_file=$1 - iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver + iniset $conf_file DEFAULT interface_driver linuxbridge } function neutron_plugin_check_adv_test_requirements { diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent index 48e47b3dab..5a843ffba7 100644 --- a/lib/neutron_plugins/openvswitch_agent +++ b/lib/neutron_plugins/openvswitch_agent @@ -110,7 +110,7 @@ function neutron_plugin_configure_plugin_agent { function neutron_plugin_setup_interface_driver { local conf_file=$1 - iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver + iniset $conf_file DEFAULT interface_driver openvswitch } function neutron_plugin_check_adv_test_requirements { From a91d455e23f68613db0e67fea339a13fd9eae7d4 Mon Sep 17 00:00:00 2001 From: Steve Martinelli Date: Tue, 20 Oct 2015 23:15:38 -0400 Subject: [PATCH 0037/2409] change `swift post` to openstackclient cli command with the release of osc 1.8.0, modifying object store account properties is now available. use this mechanism and avoid setting environment variable that are only helpful for swift CLI. Change-Id: Ie51e3e2bb86162763f23d0a6bed36208811f89fc --- lib/swift | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/swift b/lib/swift index 3a8e80dd44..ee0238d975 100644 --- a/lib/swift +++ b/lib/swift @@ -813,11 +813,13 @@ function stop_swift { } function swift_configure_tempurls { + # note we are using swift credentials! OS_USERNAME=swift \ - OS_PROJECT_NAME=$SERVICE_TENANT_NAME \ - OS_PASSWORD=$SERVICE_PASSWORD \ - OS_AUTH_URL=$SERVICE_ENDPOINT \ - swift post --auth-version 3 -m "Temp-URL-Key: $SWIFT_TEMPURL_KEY" + OS_PASSWORD=$SERVICE_PASSWORD \ + OS_PROJECT_NAME=$SERVICE_TENANT_NAME \ + OS_AUTH_URL=$SERVICE_ENDPOINT \ + openstack object store account \ + set --property "Temp-URL-Key=$SWIFT_TEMPURL_KEY" } # Restore xtrace From 0c96c37b5d9775a5c0ad257f210112f76f7987e7 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Sun, 1 Nov 2015 21:45:29 -0500 Subject: [PATCH 0038/2409] Enable devstack for Ubuntu 15.10 Wily Change-Id: I2056fd26d42f29ececc4c38fdd791589ec7037a0 --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index bdbb025a0b..72253f81d7 100755 --- a/stack.sh +++ b/stack.sh @@ -178,7 +178,7 @@ source $TOP_DIR/stackrc # Warn users who aren't on an explicitly supported distro, but allow them to # override check and attempt installation with ``FORCE=yes ./stack`` -if [[ ! ${DISTRO} =~ (precise|trusty|vivid|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then +if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then echo "WARNING: this script has not been tested on $DISTRO" if [[ "$FORCE" != "yes" ]]; then die $LINENO "If you wish to run this script anyway run with FORCE=yes" From 33a96ffc2609d8477542002e56515a5026c2c48d Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Mon, 2 Nov 2015 17:23:39 -0500 Subject: [PATCH 0039/2409] Zookeeper for DLM scenarios In Tokyo, there was a cross project session on distributed key locking: https://etherpad.openstack.org/p/mitaka-cross-project-dlm In support of the discussion there, we'll need support for a zookeeper service in Devstack and ability to use libraries like Tooz for DLM functionality. In this review, we pick up some configuration files from monasca-api and copy the lib/template to implement the zookeeper lifecycle. Those services that need zookeeper need to add "zookeeper" in ENABLED_SERVICES. Change-Id: Icef26e5cdaa930a581e27d330e47706776a7f98f --- files/debs/zookeeper | 1 + files/rpms/zookeeper | 1 + files/zookeeper/environment | 36 +++++++++++++ files/zookeeper/log4j.properties | 69 +++++++++++++++++++++++++ files/zookeeper/myid | 1 + files/zookeeper/zoo.cfg | 74 +++++++++++++++++++++++++++ lib/zookeeper | 86 ++++++++++++++++++++++++++++++++ stack.sh | 15 ++++++ stackrc | 2 +- unstack.sh | 5 ++ 10 files changed, 289 insertions(+), 1 deletion(-) create mode 100644 files/debs/zookeeper create mode 100644 files/rpms/zookeeper create mode 100644 files/zookeeper/environment create mode 100644 files/zookeeper/log4j.properties create mode 100644 files/zookeeper/myid create mode 100644 files/zookeeper/zoo.cfg create mode 100644 lib/zookeeper diff --git a/files/debs/zookeeper b/files/debs/zookeeper new file mode 100644 index 0000000000..66227f7e31 --- /dev/null +++ b/files/debs/zookeeper @@ -0,0 +1 @@ +zookeeperd \ No newline at end of file diff --git a/files/rpms/zookeeper b/files/rpms/zookeeper new file mode 100644 index 0000000000..c0d1c3066d --- /dev/null +++ b/files/rpms/zookeeper @@ -0,0 +1 @@ +zookeeper \ No newline at end of file diff --git a/files/zookeeper/environment b/files/zookeeper/environment new file mode 100644 index 0000000000..afa2d2f89f --- /dev/null +++ b/files/zookeeper/environment @@ -0,0 +1,36 @@ +# +# (C) Copyright 2015 Hewlett Packard Enterprise Development Company LP +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +#    http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# Modified from http://packages.ubuntu.com/saucy/zookeeperd +NAME=zookeeper +ZOOCFGDIR=/etc/zookeeper/conf + +# seems, that log4j requires the log4j.properties file to be in the classpath +CLASSPATH="$ZOOCFGDIR:/usr/share/java/jline.jar:/usr/share/java/log4j-1.2.jar:/usr/share/java/xercesImpl.jar:/usr/share/java/xmlParserAPIs.jar:/usr/share/java/netty.jar:/usr/share/java/slf4j-api.jar:/usr/share/java/slf4j-log4j12.jar:/usr/share/java/zookeeper.jar" + +ZOOCFG="$ZOOCFGDIR/zoo.cfg" +ZOO_LOG_DIR=/var/log/zookeeper +USER=$NAME +GROUP=$NAME +PIDDIR=/var/run/$NAME +PIDFILE=$PIDDIR/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME +JAVA=/usr/bin/java +ZOOMAIN="org.apache.zookeeper.server.quorum.QuorumPeerMain" +ZOO_LOG4J_PROP="INFO,ROLLINGFILE" +JMXLOCALONLY=false +JAVA_OPTS="" diff --git a/files/zookeeper/log4j.properties b/files/zookeeper/log4j.properties new file mode 100644 index 0000000000..6c45a4aad9 --- /dev/null +++ b/files/zookeeper/log4j.properties @@ -0,0 +1,69 @@ +# +# (C) Copyright 2015 Hewlett Packard Enterprise Development Company LP +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +#    http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# From http://packages.ubuntu.com/saucy/zookeeperd + +# ZooKeeper Logging Configuration +# + +# Format is " (, )+ + +log4j.rootLogger=${zookeeper.root.logger} + +# Example: console appender only +# log4j.rootLogger=INFO, CONSOLE + +# Example with rolling log file +#log4j.rootLogger=DEBUG, CONSOLE, ROLLINGFILE + +# Example with rolling log file and tracing +#log4j.rootLogger=TRACE, CONSOLE, ROLLINGFILE, TRACEFILE + +# +# Log INFO level and above messages to the console +# +log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender +log4j.appender.CONSOLE.Threshold=INFO +log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout +log4j.appender.CONSOLE.layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L] - %m%n + +# +# Add ROLLINGFILE to rootLogger to get log file output +# Log DEBUG level and above messages to a log file +log4j.appender.ROLLINGFILE=org.apache.log4j.RollingFileAppender +log4j.appender.ROLLINGFILE.Threshold=WARN +log4j.appender.ROLLINGFILE.File=${zookeeper.log.dir}/zookeeper.log + +# Max log file size of 10MB +log4j.appender.ROLLINGFILE.MaxFileSize=10MB +# uncomment the next line to limit number of backup files +#log4j.appender.ROLLINGFILE.MaxBackupIndex=10 + +log4j.appender.ROLLINGFILE.layout=org.apache.log4j.PatternLayout +log4j.appender.ROLLINGFILE.layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L] - %m%n + + +# +# Add TRACEFILE to rootLogger to get log file output +# Log DEBUG level and above messages to a log file +log4j.appender.TRACEFILE=org.apache.log4j.FileAppender +log4j.appender.TRACEFILE.Threshold=TRACE +log4j.appender.TRACEFILE.File=${zookeeper.log.dir}/zookeeper_trace.log + +log4j.appender.TRACEFILE.layout=org.apache.log4j.PatternLayout +### Notice we are including log4j's NDC here (%x) +log4j.appender.TRACEFILE.layout.ConversionPattern=%d{ISO8601} - %-5p [%t:%C{1}@%L][%x] - %m%n diff --git a/files/zookeeper/myid b/files/zookeeper/myid new file mode 100644 index 0000000000..c227083464 --- /dev/null +++ b/files/zookeeper/myid @@ -0,0 +1 @@ +0 \ No newline at end of file diff --git a/files/zookeeper/zoo.cfg b/files/zookeeper/zoo.cfg new file mode 100644 index 0000000000..b8f55827e3 --- /dev/null +++ b/files/zookeeper/zoo.cfg @@ -0,0 +1,74 @@ +# +# (C) Copyright 2015 Hewlett Packard Enterprise Development Company LP +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +#    http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# http://hadoop.apache.org/zookeeper/docs/current/zookeeperAdmin.html + +# The number of milliseconds of each tick +tickTime=2000 +# The number of ticks that the initial +# synchronization phase can take +initLimit=10 +# The number of ticks that can pass between +# sending a request and getting an acknowledgement +syncLimit=5 +# the directory where the snapshot is stored. +dataDir=/var/lib/zookeeper +# Place the dataLogDir to a separate physical disc for better performance +# dataLogDir=/disk2/zookeeper + +# the port at which the clients will connect +clientPort=2181 + +# Maximum number of clients that can connect from one client +maxClientCnxns=60 + +# specify all zookeeper servers +# The fist port is used by followers to connect to the leader +# The second one is used for leader election + +server.0=127.0.0.1:2888:3888 + +# To avoid seeks ZooKeeper allocates space in the transaction log file in +# blocks of preAllocSize kilobytes. The default block size is 64M. One reason +# for changing the size of the blocks is to reduce the block size if snapshots +# are taken more often. (Also, see snapCount). +#preAllocSize=65536 + +# Clients can submit requests faster than ZooKeeper can process them, +# especially if there are a lot of clients. To prevent ZooKeeper from running +# out of memory due to queued requests, ZooKeeper will throttle clients so that +# there is no more than globalOutstandingLimit outstanding requests in the +# system. The default limit is 1,000.ZooKeeper logs transactions to a +# transaction log. After snapCount transactions are written to a log file a +# snapshot is started and a new transaction log file is started. The default +# snapCount is 10,000. +#snapCount=1000 + +# If this option is defined, requests will be will logged to a trace file named +# traceFile.year.month.day. +#traceFile= + +# Leader accepts client connections. Default value is "yes". The leader machine +# coordinates updates. For higher update throughput at thes slight expense of +# read throughput the leader can be configured to not accept clients and focus +# on coordination. +#leaderServes=yes + +# Autopurge every hour to avoid using lots of disk in bursts +# Order of the next 2 properties matters. +# autopurge.snapRetainCount must be before autopurge.purgeInterval. +autopurge.snapRetainCount=3 +autopurge.purgeInterval=1 \ No newline at end of file diff --git a/lib/zookeeper b/lib/zookeeper new file mode 100644 index 0000000000..e62ba8ada8 --- /dev/null +++ b/lib/zookeeper @@ -0,0 +1,86 @@ +#!/bin/bash +# +# lib/zookeeper +# Functions to control the installation and configuration of **zookeeper** + +# Dependencies: +# +# - ``functions`` file + +# ``stack.sh`` calls the entry points in this order: +# +# - is_zookeeper_enabled +# - install_zookeeper +# - configure_zookeeper +# - init_zookeeper +# - start_zookeeper +# - stop_zookeeper +# - cleanup_zookeeper + +# Save trace setting +XTRACE=$(set +o | grep xtrace) +set +o xtrace + + +# Defaults +# -------- + +# + +# Set up default directories +ZOOKEEPER_DATA_DIR=$DEST/data/zookeeper +ZOOKEEPER_CONF_DIR=/etc/zookeeper + + +# Entry Points +# ------------ + +# Test if any zookeeper service us enabled +# is_zookeeper_enabled +function is_zookeeper_enabled { + [[ ,${ENABLED_SERVICES}, =~ ,"zookeeper", ]] && return 0 + return 1 +} + +# cleanup_zookeeper() - Remove residual data files, anything left over from previous +# runs that a clean run would need to clean up +function cleanup_zookeeper { + sudo rm -rf $ZOOKEEPER_DATA_DIR +} + +# configure_zookeeper() - Set config files, create data dirs, etc +function configure_zookeeper { + sudo cp $FILES/zookeeper/* $ZOOKEEPER_CONF_DIR + sudo sed -i -e 's|.*dataDir.*|dataDir='$ZOOKEEPER_DATA_DIR'|' $ZOOKEEPER_CONF_DIR/zoo.cfg +} + +# init_zookeeper() - Initialize databases, etc. +function init_zookeeper { + # clean up from previous (possibly aborted) runs + # create required data files + sudo rm -rf $ZOOKEEPER_DATA_DIR + sudo mkdir -p $ZOOKEEPER_DATA_DIR +} + +# install_zookeeper() - Collect source and prepare +function install_zookeeper { + install_package zookeeperd +} + +# start_zookeeper() - Start running processes, including screen +function start_zookeeper { + start_service zookeeper +} + +# stop_zookeeper() - Stop running processes (non-screen) +function stop_zookeeper { + stop_service zookeeper +} + +# Restore xtrace +$XTRACE + +# Tell emacs to use shell-script-mode +## Local variables: +## mode: shell-script +## End: diff --git a/stack.sh b/stack.sh index bdbb025a0b..118785150a 100755 --- a/stack.sh +++ b/stack.sh @@ -539,6 +539,7 @@ source $TOP_DIR/lib/heat source $TOP_DIR/lib/neutron-legacy source $TOP_DIR/lib/ldap source $TOP_DIR/lib/dstat +source $TOP_DIR/lib/zookeeper # Extras Source # -------------- @@ -729,6 +730,11 @@ run_phase stack pre-install install_rpc_backend +if is_service_enabled zookeeper; then + cleanup_zookeeper + configure_zookeeper + init_zookeeper +fi if is_service_enabled $DATABASE_BACKENDS; then install_database fi @@ -968,6 +974,15 @@ save_stackenv $LINENO start_dstat +# Zookeeper +# ----- + +# zookeeper for use with tooz for Distributed Lock Management capabilities etc., +if is_service_enabled zookeeper; then + start_zookeeper +fi + + # Keystone # -------- diff --git a/stackrc b/stackrc index 819aa0125c..19538c0679 100644 --- a/stackrc +++ b/stackrc @@ -69,7 +69,7 @@ if ! isset ENABLED_SERVICES ; then # Dashboard ENABLED_SERVICES+=,horizon # Additional services - ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat + ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat,zookeeper fi # SQLAlchemy supports multiple database drivers for each database server diff --git a/unstack.sh b/unstack.sh index 30447a7005..0cace3254a 100755 --- a/unstack.sh +++ b/unstack.sh @@ -69,6 +69,7 @@ source $TOP_DIR/lib/heat source $TOP_DIR/lib/neutron-legacy source $TOP_DIR/lib/ldap source $TOP_DIR/lib/dstat +source $TOP_DIR/lib/zookeeper # Extras Source # -------------- @@ -172,6 +173,10 @@ if is_service_enabled dstat; then stop_dstat fi +if is_service_enabled zookeeper; then + stop_zookeeper +fi + # Clean up the remainder of the screen processes SCREEN=$(which screen) if [[ -n "$SCREEN" ]]; then From 9013bb0c24623ce8d064b561d4fd331e370762e1 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Wed, 4 Nov 2015 12:31:39 -0500 Subject: [PATCH 0040/2409] remove wheel cache code Thanks to lifeless, pip now implicitly has a wheel cache so that it builds a wheel before every install, and uses that cache. All our clever attempts at manually doing wheelhouse things is actually bypassing the existing cache and making things take longer. We should remove all of this code and just let pip do this thing, which is does very well, and get out of the way. Change-Id: Ia140dc34638d893b92f66d1ba20efd9522c5923b --- Makefile | 6 +-- doc/source/index.rst | 1 - files/venv-requirements.txt | 11 ----- stack.sh | 6 --- stackrc | 5 --- tools/build_wheels.sh | 86 ------------------------------------- 6 files changed, 1 insertion(+), 114 deletions(-) delete mode 100644 files/venv-requirements.txt delete mode 100755 tools/build_wheels.sh diff --git a/Makefile b/Makefile index a6bb230708..a94d60a0ef 100644 --- a/Makefile +++ b/Makefile @@ -13,7 +13,6 @@ # Duplicated from stackrc for now DEST=/opt/stack -WHEELHOUSE=$(DEST)/.wheelhouse all: echo "This just saved you from a terrible mistake!" @@ -25,9 +24,6 @@ stack: unstack: ./unstack.sh -wheels: - WHEELHOUSE=$(WHEELHOUSE) tools/build_wheels.sh - docs: tox -edocs @@ -57,7 +53,7 @@ clean: # Clean out the cache too realclean: clean - rm -rf files/cirros*.tar.gz files/Fedora*.qcow2 $(WHEELHOUSE) + rm -rf files/cirros*.tar.gz files/Fedora*.qcow2 # Repo stuffs diff --git a/doc/source/index.rst b/doc/source/index.rst index 99e96b1d1a..b65730ffe8 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -206,7 +206,6 @@ Tools * `tools/build\_docs.sh `__ * `tools/build\_venv.sh `__ -* `tools/build\_wheels.sh `__ * `tools/create-stack-user.sh `__ * `tools/create\_userrc.sh `__ * `tools/fixup\_stuff.sh `__ diff --git a/files/venv-requirements.txt b/files/venv-requirements.txt deleted file mode 100644 index b9a55b423d..0000000000 --- a/files/venv-requirements.txt +++ /dev/null @@ -1,11 +0,0 @@ -# Once we can prebuild wheels before a devstack run, uncomment the skipped libraries -cryptography -# lxml # still install from from packages -# netifaces # still install from packages -#numpy # slowest wheel by far, stop building until we are actually using the output -posix-ipc -# psycopg # still install from packages -pycrypto -pyOpenSSL -PyYAML -xattr diff --git a/stack.sh b/stack.sh index bdbb025a0b..aedc5d4006 100755 --- a/stack.sh +++ b/stack.sh @@ -716,12 +716,6 @@ source $TOP_DIR/tools/fixup_stuff.sh # Install required infra support libraries install_infra -# Pre-build some problematic wheels -if [[ -n ${WHEELHOUSE:-} && ! -d ${WHEELHOUSE:-} ]]; then - source $TOP_DIR/tools/build_wheels.sh -fi - - # Extras Pre-install # ------------------ # Phase: pre-install diff --git a/stackrc b/stackrc index 819aa0125c..d9f477e8ce 100644 --- a/stackrc +++ b/stackrc @@ -143,11 +143,6 @@ USE_VENV=$(trueorfalse False USE_VENV) # requirmenets files here, in a comma-separated list ADDITIONAL_VENV_PACKAGES=${ADITIONAL_VENV_PACKAGES:-""} -# Configure wheel cache location -export WHEELHOUSE=${WHEELHOUSE:-$DEST/.wheelhouse} -export PIP_WHEEL_DIR=${PIP_WHEEL_DIR:-$WHEELHOUSE} -export PIP_FIND_LINKS=${PIP_FIND_LINKS:-file://$WHEELHOUSE} - # This can be used to turn database query logging on and off # (currently only implemented for MySQL backend) DATABASE_QUERY_LOGGING=$(trueorfalse False DATABASE_QUERY_LOGGING) diff --git a/tools/build_wheels.sh b/tools/build_wheels.sh deleted file mode 100755 index 14c2999c8f..0000000000 --- a/tools/build_wheels.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/usr/bin/env bash -# -# **tools/build_wheels.sh** - Build a cache of Python wheels -# -# build_wheels.sh [package [...]] -# -# System package prerequisites listed in ``files/*/devlibs`` will be installed -# -# Builds wheels for all virtual env requirements listed in -# ``venv-requirements.txt`` plus any supplied on the command line. -# -# Assumes: -# - ``tools/install_pip.sh`` has been run and a suitable ``pip/setuptools`` is available. - -# If ``TOP_DIR`` is set we're being sourced rather than running stand-alone -# or in a sub-shell -if [[ -z "$TOP_DIR" ]]; then - - set -o errexit - set -o nounset - - # Keep track of the DevStack directory - TOP_DIR=$(cd $(dirname "$0")/.. && pwd) - FILES=$TOP_DIR/files - - # Import common functions - source $TOP_DIR/functions - - GetDistro - - source $TOP_DIR/stackrc - - trap err_trap ERR - -fi - -# Get additional packages to build -MORE_PACKAGES="$@" - -# Exit on any errors so that errors don't compound -function err_trap { - local r=$? - set +o xtrace - - rm -rf $TMP_VENV_PATH - - exit $r -} - -# Get system prereqs -install_package $(get_packages devlibs) - -# Get a modern ``virtualenv`` -pip_install virtualenv - -# Prepare the workspace -TMP_VENV_PATH=$(mktemp -d tmp-venv-XXXX) -virtualenv $TMP_VENV_PATH - -# Install modern pip and wheel -PIP_VIRTUAL_ENV=$TMP_VENV_PATH pip_install -U pip wheel - -# BUG: cffi has a lot of issues. It has no stable ABI, if installed -# code is built with a different ABI than the one that's detected at -# load time, it tries to compile on the fly for the new ABI in the -# install location (which will probably be /usr and not -# writable). Also cffi is often included via setup_requires by -# packages, which have different install rules (allowing betas) than -# pip has. -# -# Because of this we must pip install cffi into the venv to build -# wheels. -PIP_VIRTUAL_ENV=$TMP_VENV_PATH pip_install_gr cffi - -# ``VENV_PACKAGES`` is a list of packages we want to pre-install -VENV_PACKAGE_FILE=$FILES/venv-requirements.txt -if [[ -r $VENV_PACKAGE_FILE ]]; then - VENV_PACKAGES=$(grep -v '^#' $VENV_PACKAGE_FILE) -fi - -for pkg in ${VENV_PACKAGES,/ } ${MORE_PACKAGES}; do - $TMP_VENV_PATH/bin/pip wheel $pkg -done - -# Clean up wheel workspace -rm -rf $TMP_VENV_PATH From 9127c1a56bc1504ae77df25b0da7a6d0a5f0bfe8 Mon Sep 17 00:00:00 2001 From: Attila Fazekas Date: Thu, 5 Nov 2015 10:09:02 +0100 Subject: [PATCH 0041/2409] Do not remove python-pip package on Fedora-23 python on fedora 23 compiled with rewheel support, in this case the python-pip is a required package, and cannot be removed. [1] http://pkgs.fedoraproject.org/cgit/python.git/tree/python.spec?id=3b6fac0339bab69ca5fbf2881568f0565ab0e252#n174 Change-Id: I499b7bec97c4360b32d156079f2b7f3923e3888a --- tools/install_pip.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/install_pip.sh b/tools/install_pip.sh index 13c1786fb9..ab5efb2e77 100755 --- a/tools/install_pip.sh +++ b/tools/install_pip.sh @@ -110,7 +110,11 @@ get_versions # Do pip # Eradicate any and all system packages -uninstall_package python-pip + +# python in f23 depends on the python-pip package +if ! { is_fedora && [[ $DISTRO == "f23" ]]; }; then + uninstall_package python-pip +fi install_get_pip From e3c2673ae447d8b3cc4649f5efde5b84e26f6cd9 Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Fri, 6 Nov 2015 13:23:47 +0900 Subject: [PATCH 0042/2409] Fix two typos on faq.rst guarunteed => guaranteed Centos => CentOS Change-Id: Id356443fcdc4128ff20d7a89158265aa16c105b2 --- doc/source/faq.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/source/faq.rst b/doc/source/faq.rst index 3562bfacee..7aca8d0b4a 100644 --- a/doc/source/faq.rst +++ b/doc/source/faq.rst @@ -54,7 +54,7 @@ combinations listed in ``README.md``. DevStack is only supported on releases other than those documented in ``README.md`` on a best-effort basis. -Are there any differences between Ubuntu and Centos/Fedora support? +Are there any differences between Ubuntu and CentOS/Fedora support? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Both should work well and are tested by DevStack CI. @@ -146,7 +146,7 @@ your ``local.conf`` Upstream DevStack is only tested with master and stable -branches. Setting custom BRANCH definitions is not guarunteed to +branches. Setting custom BRANCH definitions is not guaranteed to produce working results. What can I do about RabbitMQ not wanting to start on my fresh new VM? From ec7f490a687ab01f520835341c09cef9f697f05d Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Fri, 6 Nov 2015 13:35:24 +0900 Subject: [PATCH 0043/2409] Remove 'enable_service tempest' from sample/local.conf tempest is already defined in stackrc as default. Without this definition in local.conf, tempest is installed successfully. If it still needs "enable_service tempest" definition on local.conf, devstack itself has some problem. In my environment, tempest installation works without this definition on local.conf. Change-Id: I25cda0142538d21bb9656b471e65ca5b018e8378 --- samples/local.conf | 6 ------ 1 file changed, 6 deletions(-) diff --git a/samples/local.conf b/samples/local.conf index cb293b6c15..b92097dd8d 100644 --- a/samples/local.conf +++ b/samples/local.conf @@ -93,9 +93,3 @@ SWIFT_REPLICAS=1 # moved by setting ``SWIFT_DATA_DIR``. The directory will be created # if it does not exist. SWIFT_DATA_DIR=$DEST/data - -# Tempest -# ------- - -# Install the tempest test suite -enable_service tempest From e9ef0fefa52a2d30079eba1dead1a4df61a6ad7d Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Fri, 6 Nov 2015 14:25:46 +0900 Subject: [PATCH 0044/2409] Remove lib/neutron_plugins/ibm SDN-VE on neutron is already removed. This patch removes SDN-VE from devstack. Ref. Removing the SDN-VE monolithic plugin https://review.openstack.org/#/c/217703/ Remove IBM SDN-VE left-overs https://review.openstack.org/#/c/237716/ Change-Id: Ie1b531153d1632798235b1100cdf9b068edcce26 --- lib/neutron_plugins/ibm | 133 ---------------------------------------- 1 file changed, 133 deletions(-) delete mode 100644 lib/neutron_plugins/ibm diff --git a/lib/neutron_plugins/ibm b/lib/neutron_plugins/ibm deleted file mode 100644 index dd5cfa6694..0000000000 --- a/lib/neutron_plugins/ibm +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/bash -# -# Neutron IBM SDN-VE plugin -# --------------------------- - -# Save trace setting -IBM_XTRACE=$(set +o | grep xtrace) -set +o xtrace - -source $TOP_DIR/lib/neutron_plugins/ovs_base - -function neutron_plugin_install_agent_packages { - _neutron_ovs_base_install_agent_packages -} - -function _neutron_interface_setup { - # Setup one interface on the integration bridge if needed - # The plugin agent to be used if more than one interface is used - local bridge=$1 - local interface=$2 - sudo ovs-vsctl --no-wait -- --may-exist add-port $bridge $interface -} - -function neutron_setup_integration_bridge { - # Setup integration bridge if needed - if [[ "$SDNVE_INTEGRATION_BRIDGE" != "" ]]; then - neutron_ovs_base_cleanup - _neutron_ovs_base_setup_bridge $SDNVE_INTEGRATION_BRIDGE - if [[ "$SDNVE_INTERFACE_MAPPINGS" != "" ]]; then - interfaces=(${SDNVE_INTERFACE_MAPPINGS//[,:]/ }) - _neutron_interface_setup $SDNVE_INTEGRATION_BRIDGE ${interfaces[1]} - fi - fi - - # Set controller to SDNVE controller (1st of list) if exists - if [[ "$SDNVE_CONTROLLER_IPS" != "" ]]; then - # Get the first controller - controllers=(${SDNVE_CONTROLLER_IPS//[\[,\]]/ }) - SDNVE_IP=${controllers[0]} - sudo ovs-vsctl set-controller $SDNVE_INTEGRATION_BRIDGE tcp:$SDNVE_IP - fi -} - -function neutron_plugin_create_nova_conf { - # if n-cpu is enabled, then setup integration bridge - if is_service_enabled n-cpu; then - neutron_setup_integration_bridge - fi -} - -function is_neutron_ovs_base_plugin { - if [[ "$SDNVE_INTEGRATION_BRIDGE" != "" ]]; then - # Yes, we use OVS. - return 0 - else - # No, we do not use OVS. - return 1 - fi -} - -function neutron_plugin_configure_common { - Q_PLUGIN_CONF_PATH=etc/neutron/plugins/ibm - Q_PLUGIN_CONF_FILENAME=sdnve_neutron_plugin.ini - Q_PLUGIN_CLASS="neutron.plugins.ibm.sdnve_neutron_plugin.SdnvePluginV2" -} - -function neutron_plugin_configure_service { - # Define extra "SDNVE" configuration options when q-svc is configured - - iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver - - if [[ "$SDNVE_CONTROLLER_IPS" != "" ]]; then - iniset /$Q_PLUGIN_CONF_FILE sdnve controller_ips $SDNVE_CONTROLLER_IPS - fi - - if [[ "$SDNVE_INTEGRATION_BRIDGE" != "" ]]; then - iniset /$Q_PLUGIN_CONF_FILE sdnve integration_bridge $SDNVE_INTEGRATION_BRIDGE - fi - - if [[ "$SDNVE_RESET_BRIDGE" != "" ]]; then - iniset /$Q_PLUGIN_CONF_FILE sdnve reset_bridge $SDNVE_RESET_BRIDGE - fi - - if [[ "$SDNVE_OUT_OF_BAND" != "" ]]; then - iniset /$Q_PLUGIN_CONF_FILE sdnve out_of_band $SDNVE_OUT_OF_BAND - fi - - if [[ "$SDNVE_INTERFACE_MAPPINGS" != "" ]]; then - iniset /$Q_PLUGIN_CONF_FILE sdnve interface_mappings $SDNVE_INTERFACE_MAPPINGS - fi - - if [[ "$SDNVE_FAKE_CONTROLLER" != "" ]]; then - iniset /$Q_PLUGIN_CONF_FILE sdnve use_fake_controller $SDNVE_FAKE_CONTROLLER - fi - - - iniset $NEUTRON_CONF DEFAULT notification_driver neutron.openstack.common.notifier.no_op_notifier - -} - -function neutron_plugin_configure_plugin_agent { - AGENT_BINARY="$NEUTRON_BIN_DIR/neutron-ibm-agent" -} - -function neutron_plugin_configure_debug_command { - : -} - -function neutron_plugin_setup_interface_driver { - return 0 -} - -function has_neutron_plugin_security_group { - # Does not support Security Groups - return 1 -} - -function neutron_ovs_base_cleanup { - if [[ "$SDNVE_RESET_BRIDGE" != False ]]; then - # remove all OVS ports that look like Neutron created ports - for port in $(sudo ovs-vsctl list port | grep -o -e tap[0-9a-f\-]* -e q[rg]-[0-9a-f\-]*); do - sudo ovs-vsctl del-port ${port} - done - - # remove integration bridge created by Neutron - for bridge in $(sudo ovs-vsctl list-br | grep -o -e ${SDNVE_INTEGRATION_BRIDGE}); do - sudo ovs-vsctl del-br ${bridge} - done - fi -} - -# Restore xtrace -$IBM_XTRACE From 5f8133caac097235ed4fe73d878df0ee907eb51c Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Fri, 6 Nov 2015 11:48:19 -0500 Subject: [PATCH 0045/2409] remove gratuitous python packages With pip + upper-constraints we're nearly always over installing all python packages because we no longer support a range, we support *exactly* one version. This removes a bunch of the gratuitous package installs which we're going to install over, lxml, numpy, libvirt. All of these we had coming from packages in the past for speed concerns, but upper constraints removes that. It also ensures that all the headers to build all those are in general, so they are guarunteed available at all times. Change-Id: Ia76de730d65c84d81c4fb2c980ae1b4d595f9f5b --- files/debs/general | 4 +++- files/debs/keystone | 1 - files/debs/n-novnc | 1 - files/debs/nova | 7 ++----- 4 files changed, 5 insertions(+), 8 deletions(-) delete mode 100644 files/debs/n-novnc diff --git a/files/debs/general b/files/debs/general index 146052643c..80e81f5841 100644 --- a/files/debs/general +++ b/files/debs/general @@ -20,8 +20,10 @@ python2.7 python-gdbm # needed for testr bc libyaml-dev -libffi-dev +libffi-dev # for pyOpenSSL libssl-dev # for pyOpenSSL +libxml2-dev # lxml +libxslt1-dev # lxml gettext # used for compiling message catalogs openjdk-7-jre-headless # NOPRIME pkg-config diff --git a/files/debs/keystone b/files/debs/keystone index 70a56499e9..f5816b59de 100644 --- a/files/debs/keystone +++ b/files/debs/keystone @@ -1,4 +1,3 @@ -python-lxml sqlite3 python-mysqldb python-mysql.connector diff --git a/files/debs/n-novnc b/files/debs/n-novnc deleted file mode 100644 index c8722b9f66..0000000000 --- a/files/debs/n-novnc +++ /dev/null @@ -1 +0,0 @@ -python-numpy diff --git a/files/debs/nova b/files/debs/nova index 346b8b337a..d1678a7a6f 100644 --- a/files/debs/nova +++ b/files/debs/nova @@ -8,7 +8,8 @@ libmysqlclient-dev mysql-server # NOPRIME python-mysqldb python-mysql.connector -python-lxml # needed for glance which is needed for nova --- this shouldn't be here +libxml2-dev # needed for building lxml +libxslt1-dev gawk iptables ebtables @@ -25,7 +26,3 @@ curl genisoimage # required for config_drive rabbitmq-server # NOPRIME socat # used by ajaxterm -python-libvirt # NOPRIME -python-libxml2 -python-numpy # used by websockify for spice console -python-m2crypto From 6cd616a9edf6561ebc802f3083eb24f2713d4e96 Mon Sep 17 00:00:00 2001 From: Matt Riedemann Date: Fri, 6 Nov 2015 10:26:14 -0800 Subject: [PATCH 0046/2409] Disable resize tests in Tempest if using cells with custom flavors By default, devstack creates it's own test flavors for Tempest runs. These are not in the cells API database since they are non-default for nova so any resize tests in Tempest with cells and these custom flavors fail. Configure Tempest to not run resize tests if using cells and custom flavors. This allows us to also clean up a bunch of the resize skips found in nova/devstack/tempest-dsvm-cells-rc. Change-Id: I20f46024e45e32c60275703a193a56ae8cfe7eca Closes-Bug: #1513925 --- lib/tempest | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lib/tempest b/lib/tempest index 32630dbf59..691ad86a2d 100644 --- a/lib/tempest +++ b/lib/tempest @@ -377,6 +377,15 @@ function configure_tempest { iniset $TEMPEST_CONFIG compute-feature-enabled shelve False # Cells doesn't support hot-plugging virtual interfaces. iniset $TEMPEST_CONFIG compute-feature-enabled interface_attach False + + if [[ -z "$DEFAULT_INSTANCE_TYPE" ]]; then + # Cells supports resize but does not currently work with devstack + # because of the custom flavors created for Tempest runs which are + # not in the cells database. + # TODO(mriedem): work on adding a nova-manage command to sync + # flavors into the cells database. + iniset $TEMPEST_CONFIG compute-feature-enabled resize False + fi fi # Network From 63cac536efa3474af40ea24603fca5e1d0a74e13 Mon Sep 17 00:00:00 2001 From: Jim Rollenhagen Date: Fri, 6 Nov 2015 12:37:32 -0800 Subject: [PATCH 0047/2409] Ironic: Explicitly allow DHCP ports This adds an iptables rule to allow ports 67 and 68. We see occassionally dropped DHCP packets, which may be causing PXE failures in ironic jobs. I'm not 100% confident this fixes the issue, however I don't think it can break anything and it rules out one theory. Change-Id: I4630afb6f010a4c2cb146a79264c480c64c6e4b7 Related-Bug: #1393099 --- lib/ironic | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/ironic b/lib/ironic index d786870165..016e639d03 100644 --- a/lib/ironic +++ b/lib/ironic @@ -672,6 +672,8 @@ function configure_iptables { # enable tftp natting for allowing connections to HOST_IP's tftp server sudo modprobe nf_conntrack_tftp sudo modprobe nf_nat_tftp + # explicitly allow DHCP - packets are occassionally being dropped here + sudo iptables -I INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT || true # nodes boot from TFTP and callback to the API server listening on $HOST_IP sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true From b8509f09d670460aa3e9e2b09cf60dbf8cdbb03b Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 11:55:56 +1100 Subject: [PATCH 0048/2409] Really get the "general" packages We are specifying the argument to get_packages incorrectly, so we are not actually adding the packages in "general" to the list of packages. In most cases, this is hidden as other more specific plugins/services request their packages. However, as I2dafd32f211fcbc9fff53030d736d97a5f1bb2df shows, not always. I think this was uncovered by 5f8133caac097235ed4fe73d878df0ee907eb51c Change-Id: Ie1b8d09369281059d21da61b2725a457f708ae9e --- tools/install_prereqs.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/install_prereqs.sh b/tools/install_prereqs.sh index a07e58d3e6..38452cd90f 100755 --- a/tools/install_prereqs.sh +++ b/tools/install_prereqs.sh @@ -61,7 +61,7 @@ export_proxy_variables # ================ # Install package requirements -PACKAGES=$(get_packages general $ENABLED_SERVICES) +PACKAGES=$(get_packages general,$ENABLED_SERVICES) PACKAGES="$PACKAGES $(get_plugin_packages)" if is_ubuntu && echo $PACKAGES | grep -q dkms ; then From a7e0b39a64f53f77f970c90d17f621be74f95215 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 12:02:51 +1100 Subject: [PATCH 0049/2409] Move devlib packages into "general" The removal of the wheel caching code (Ia140dc34638d893b92f66d1ba20efd9522c5923b) removed the install of the "devlib" packages, which was being done with a call in tools/build_wheels.sh The idea of "devlibs" and "general" seems to be pretty much the same thing -- global build requirements. I have removed the unused devlibs files, and moved any missing packages into the "general" package install file. Change-Id: I8f34a164d6785a122394b42387d4221a7b447ae1 --- files/debs/devlibs | 7 ------- files/debs/general | 2 ++ files/rpms-suse/devlibs | 6 ------ files/rpms-suse/general | 5 +++++ files/rpms/devlibs | 8 -------- files/rpms/general | 7 +++++-- 6 files changed, 12 insertions(+), 23 deletions(-) delete mode 100644 files/debs/devlibs delete mode 100644 files/rpms-suse/devlibs delete mode 100644 files/rpms/devlibs diff --git a/files/debs/devlibs b/files/debs/devlibs deleted file mode 100644 index 0446ceb6b6..0000000000 --- a/files/debs/devlibs +++ /dev/null @@ -1,7 +0,0 @@ -libffi-dev # pyOpenSSL -libmysqlclient-dev # MySQL-python -libpq-dev # psycopg2 -libssl-dev # pyOpenSSL -libxml2-dev # lxml -libxslt1-dev # lxml -python-dev # pyOpenSSL diff --git a/files/debs/general b/files/debs/general index 80e81f5841..7bc90a6864 100644 --- a/files/debs/general +++ b/files/debs/general @@ -27,3 +27,5 @@ libxslt1-dev # lxml gettext # used for compiling message catalogs openjdk-7-jre-headless # NOPRIME pkg-config +libmysqlclient-dev # MySQL-python +libpq-dev # psycopg2 diff --git a/files/rpms-suse/devlibs b/files/rpms-suse/devlibs deleted file mode 100644 index 54d13a33e9..0000000000 --- a/files/rpms-suse/devlibs +++ /dev/null @@ -1,6 +0,0 @@ -libffi-devel # pyOpenSSL -libopenssl-devel # pyOpenSSL -libxslt-devel # lxml -postgresql-devel # psycopg2 -libmysqlclient-devel # MySQL-python -python-devel # pyOpenSSL diff --git a/files/rpms-suse/general b/files/rpms-suse/general index 42756d8fcc..3a7c4b56fd 100644 --- a/files/rpms-suse/general +++ b/files/rpms-suse/general @@ -21,3 +21,8 @@ tcpdump unzip wget net-tools +libffi-devel # pyOpenSSL +libxslt-devel # lxml +postgresql-devel # psycopg2 +libmysqlclient-devel # MySQL-python +python-devel # pyOpenSSL diff --git a/files/rpms/devlibs b/files/rpms/devlibs deleted file mode 100644 index 385ed3b84c..0000000000 --- a/files/rpms/devlibs +++ /dev/null @@ -1,8 +0,0 @@ -libffi-devel # pyOpenSSL -libxml2-devel # lxml -libxslt-devel # lxml -mariadb-devel # MySQL-python -openssl-devel # pyOpenSSL -postgresql-devel # psycopg2 -python-devel # pyOpenSSL -redhat-rpm-config # MySQL-python rhbz-1195207 f21 diff --git a/files/rpms/general b/files/rpms/general index c3f3de893a..2a45227e0f 100644 --- a/files/rpms/general +++ b/files/rpms/general @@ -10,8 +10,8 @@ openssh-server openssl openssl-devel # to rebuild pyOpenSSL if needed libffi-devel -libxml2-devel -libxslt-devel +libxml2-devel # lxml +libxslt-devel # lxml pkgconfig psmisc python-devel @@ -29,3 +29,6 @@ java-1.7.0-openjdk-headless # NOPRIME rhel7 java-1.8.0-openjdk-headless # NOPRIME f21,f22 pyOpenSSL # version in pip uses too much memory iptables-services # NOPRIME f21,f22 +mariadb-devel # MySQL-python +postgresql-devel # psycopg2 +redhat-rpm-config # MySQL-python rhbz-1195207 f21 From a5e4c0f279b6101436820dbb6b3da3d06131c12d Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 12:21:10 +1100 Subject: [PATCH 0050/2409] Clear out some duplicate package dependencies I think these duplicate dependencies came in because we were not correctly always installing "general" packages (see Ie1b8d09369281059d21da61b2725a457f708ae9e) Most of these are just extras for the lxml dependencies; I added zlib devel to general for glance (seems pretty generic), and then that can go too, as all other packages are specified. Change-Id: I44b14ca15c64fad9daf1ac8d851704b02ea2eae0 --- files/debs/ceilometer-collector | 3 --- files/debs/general | 1 + files/debs/glance | 6 ------ files/debs/nova | 2 -- files/debs/tempest | 2 -- files/debs/trove | 1 - files/rpms/general | 1 + files/rpms/glance | 6 ------ files/rpms/keystone | 1 - files/rpms/tempest | 1 - files/rpms/trove | 1 - 11 files changed, 2 insertions(+), 23 deletions(-) delete mode 100644 files/debs/glance delete mode 100644 files/debs/tempest delete mode 100644 files/debs/trove delete mode 100644 files/rpms/glance delete mode 100644 files/rpms/tempest delete mode 100644 files/rpms/trove diff --git a/files/debs/ceilometer-collector b/files/debs/ceilometer-collector index f1b692ac71..94c82e0843 100644 --- a/files/debs/ceilometer-collector +++ b/files/debs/ceilometer-collector @@ -1,6 +1,3 @@ python-pymongo #NOPRIME mongodb-server #NOPRIME libnspr4-dev -pkg-config -libxml2-dev -libxslt-dev \ No newline at end of file diff --git a/files/debs/general b/files/debs/general index 7bc90a6864..58d1e8b3f5 100644 --- a/files/debs/general +++ b/files/debs/general @@ -29,3 +29,4 @@ openjdk-7-jre-headless # NOPRIME pkg-config libmysqlclient-dev # MySQL-python libpq-dev # psycopg2 +zlib1g-dev diff --git a/files/debs/glance b/files/debs/glance deleted file mode 100644 index 37877a85c2..0000000000 --- a/files/debs/glance +++ /dev/null @@ -1,6 +0,0 @@ -libmysqlclient-dev -libpq-dev -libssl-dev -libxml2-dev -libxslt1-dev -zlib1g-dev diff --git a/files/debs/nova b/files/debs/nova index d1678a7a6f..fa394e734b 100644 --- a/files/debs/nova +++ b/files/debs/nova @@ -8,8 +8,6 @@ libmysqlclient-dev mysql-server # NOPRIME python-mysqldb python-mysql.connector -libxml2-dev # needed for building lxml -libxslt1-dev gawk iptables ebtables diff --git a/files/debs/tempest b/files/debs/tempest deleted file mode 100644 index bb095297e0..0000000000 --- a/files/debs/tempest +++ /dev/null @@ -1,2 +0,0 @@ -libxml2-dev -libxslt1-dev diff --git a/files/debs/trove b/files/debs/trove deleted file mode 100644 index 96f8f29277..0000000000 --- a/files/debs/trove +++ /dev/null @@ -1 +0,0 @@ -libxslt1-dev diff --git a/files/rpms/general b/files/rpms/general index 2a45227e0f..eb479d2050 100644 --- a/files/rpms/general +++ b/files/rpms/general @@ -32,3 +32,4 @@ iptables-services # NOPRIME f21,f22 mariadb-devel # MySQL-python postgresql-devel # psycopg2 redhat-rpm-config # MySQL-python rhbz-1195207 f21 +zlib-devel diff --git a/files/rpms/glance b/files/rpms/glance deleted file mode 100644 index 479194f918..0000000000 --- a/files/rpms/glance +++ /dev/null @@ -1,6 +0,0 @@ -libxml2-devel -libxslt-devel -mysql-devel -openssl-devel -postgresql-devel -zlib-devel diff --git a/files/rpms/keystone b/files/rpms/keystone index 8074119fdb..7384150a4a 100644 --- a/files/rpms/keystone +++ b/files/rpms/keystone @@ -1,4 +1,3 @@ MySQL-python -libxslt-devel sqlite mod_ssl diff --git a/files/rpms/tempest b/files/rpms/tempest deleted file mode 100644 index e7bbd43cd6..0000000000 --- a/files/rpms/tempest +++ /dev/null @@ -1 +0,0 @@ -libxslt-devel diff --git a/files/rpms/trove b/files/rpms/trove deleted file mode 100644 index e7bbd43cd6..0000000000 --- a/files/rpms/trove +++ /dev/null @@ -1 +0,0 @@ -libxslt-devel From c00df207eed1d4dec808824d8e9dcd238e7d4e08 Mon Sep 17 00:00:00 2001 From: Sirushti Murugesan Date: Wed, 7 Oct 2015 15:06:51 +0530 Subject: [PATCH 0051/2409] Add a more accurate expression for obtaining (IPV6_)ROUTER_GW_IP neutron port-list returns a dictionary that's of random order in python 3. This expression sometimes returns a NULL value thus failing devstack. Add an expression that always returns a consistent ROUTER_GW_IP. Change-Id: Id23d9afda275051ca68bcba2dfd1b6e30f02c628 --- lib/neutron-legacy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index c244e5470a..a74da2ccb7 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -1318,7 +1318,7 @@ function _neutron_configure_router_v4 { sudo ip addr add $ext_gw_ip/$cidr_len dev $ext_gw_interface sudo ip link set $ext_gw_interface up fi - ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$PUB_SUBNET_ID '$4 == subnet_id { print $8; }'` + ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F'ip_address' '{ print $2 }' | cut -f3 -d\" | tr '\n' ' '` die_if_not_set $LINENO ROUTER_GW_IP "Failure retrieving ROUTER_GW_IP" sudo ip route replace $FIXED_RANGE via $ROUTER_GW_IP fi @@ -1349,7 +1349,7 @@ function _neutron_configure_router_v6 { sudo sysctl -w net.ipv6.conf.all.forwarding=1 # Configure and enable public bridge # Override global IPV6_ROUTER_GW_IP with the true value from neutron - IPV6_ROUTER_GW_IP=`neutron port-list -c fixed_ips | grep $ipv6_pub_subnet_id | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $8; }'` + IPV6_ROUTER_GW_IP=`neutron port-list -c fixed_ips | grep $ipv6_pub_subnet_id | awk -F'ip_address' '{ print $2 }' | cut -f3 -d\" | tr '\n' ' '` die_if_not_set $LINENO IPV6_ROUTER_GW_IP "Failure retrieving IPV6_ROUTER_GW_IP" if is_neutron_ovs_base_plugin; then From 7d515b5db8e98a54ff9c8c5211383f9f2c33b2db Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 15:04:32 +1100 Subject: [PATCH 0052/2409] Add check for get_packages argument Add a quick check so we don't reintroduce bad arguments as in Ie1b8d09369281059d21da61b2725a457f708ae9e Change-Id: Ibebc71791f2743eef64d6f7c2596d54a73ea92aa --- functions-common | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/functions-common b/functions-common index 497bed26e6..e252139e78 100644 --- a/functions-common +++ b/functions-common @@ -1075,6 +1075,10 @@ function get_packages { local file_to_parse="" local service="" + if [ $# -ne 1 ]; then + die $LINENO "get_packages takes a single, comma-separated argument" + fi + if [[ -z "$package_dir" ]]; then echo "No package directory supplied" return 1 From c416d8b94f473908a82f4e842c768927b62fc20a Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 15:20:22 +1100 Subject: [PATCH 0053/2409] Sort rpm/deb files alphabetically This is rather trivial, but it makes comparing the files much easier Change-Id: I01e42defbf778626afd8dd457f93f0b02dd1a19d --- files/debs/ceilometer-collector | 4 +-- files/debs/cinder | 6 ++--- files/debs/general | 40 ++++++++++++++-------------- files/debs/ironic | 2 +- files/debs/keystone | 8 +++--- files/debs/ldap | 2 +- files/debs/n-cpu | 10 +++---- files/debs/neutron | 14 +++++----- files/debs/nova | 34 +++++++++++------------ files/debs/zookeeper | 2 +- files/rpms-suse/ceilometer-collector | 2 +- files/rpms-suse/ceph | 2 +- files/rpms-suse/cinder | 8 +++--- files/rpms-suse/general | 12 ++++----- files/rpms-suse/horizon | 2 +- files/rpms-suse/n-api | 2 +- files/rpms-suse/n-cpu | 6 ++--- files/rpms-suse/neutron | 2 +- files/rpms-suse/nova | 6 ++--- files/rpms-suse/openvswitch | 2 +- files/rpms/ceilometer-collector | 4 +-- files/rpms/ceph | 2 +- files/rpms/cinder | 6 ++--- files/rpms/dstat | 2 +- files/rpms/general | 28 +++++++++---------- files/rpms/horizon | 2 +- files/rpms/keystone | 2 +- files/rpms/ldap | 2 +- files/rpms/n-cpu | 8 +++--- files/rpms/neutron | 4 +-- files/rpms/nova | 8 +++--- files/rpms/swift | 2 +- files/rpms/zookeeper | 2 +- 33 files changed, 119 insertions(+), 119 deletions(-) diff --git a/files/debs/ceilometer-collector b/files/debs/ceilometer-collector index 94c82e0843..d1e9eef3bb 100644 --- a/files/debs/ceilometer-collector +++ b/files/debs/ceilometer-collector @@ -1,3 +1,3 @@ -python-pymongo #NOPRIME -mongodb-server #NOPRIME libnspr4-dev +mongodb-server #NOPRIME +python-pymongo #NOPRIME diff --git a/files/debs/cinder b/files/debs/cinder index 51908eb27b..48b8d0f7d3 100644 --- a/files/debs/cinder +++ b/files/debs/cinder @@ -1,6 +1,6 @@ -tgt # NOPRIME -lvm2 -qemu-utils libpq-dev +lvm2 open-iscsi open-iscsi-utils # Deprecated since quantal dist:precise +qemu-utils +tgt # NOPRIME diff --git a/files/debs/general b/files/debs/general index 58d1e8b3f5..9b2715685e 100644 --- a/files/debs/general +++ b/files/debs/general @@ -1,32 +1,32 @@ +bc bridge-utils -screen -unzip -wget -psmisc -gcc +curl g++ +gcc +gettext # used for compiling message catalogs git graphviz # needed for docs -lsof # useful when debugging -openssh-server -openssl iputils-ping -wget -curl -tcpdump -tar -python-dev -python2.7 -python-gdbm # needed for testr -bc -libyaml-dev libffi-dev # for pyOpenSSL +libmysqlclient-dev # MySQL-python +libpq-dev # psycopg2 libssl-dev # for pyOpenSSL libxml2-dev # lxml libxslt1-dev # lxml -gettext # used for compiling message catalogs +libyaml-dev +lsof # useful when debugging openjdk-7-jre-headless # NOPRIME +openssh-server +openssl pkg-config -libmysqlclient-dev # MySQL-python -libpq-dev # psycopg2 +psmisc +python2.7 +python-dev +python-gdbm # needed for testr +screen +tar +tcpdump +unzip +wget +wget zlib1g-dev diff --git a/files/debs/ironic b/files/debs/ironic index 0a906dbffc..4d5a6aa6b7 100644 --- a/files/debs/ironic +++ b/files/debs/ironic @@ -6,8 +6,8 @@ libguestfs0 libvirt-bin open-iscsi openssh-client -openvswitch-switch openvswitch-datapath-dkms +openvswitch-switch python-libguestfs python-libvirt qemu diff --git a/files/debs/keystone b/files/debs/keystone index f5816b59de..0795167047 100644 --- a/files/debs/keystone +++ b/files/debs/keystone @@ -1,6 +1,6 @@ -sqlite3 -python-mysqldb -python-mysql.connector +libkrb5-dev libldap2-dev libsasl2-dev -libkrb5-dev +python-mysql.connector +python-mysqldb +sqlite3 diff --git a/files/debs/ldap b/files/debs/ldap index 26f7aeffe3..aa3a934d95 100644 --- a/files/debs/ldap +++ b/files/debs/ldap @@ -1,3 +1,3 @@ ldap-utils -slapd python-ldap +slapd diff --git a/files/debs/n-cpu b/files/debs/n-cpu index ffc947a36d..0da57ee047 100644 --- a/files/debs/n-cpu +++ b/files/debs/n-cpu @@ -1,8 +1,8 @@ -qemu-utils +cryptsetup +genisoimage lvm2 # NOPRIME open-iscsi -genisoimage -sysfsutils -sg3-utils python-guestfs # NOPRIME -cryptsetup +qemu-utils +sg3-utils +sysfsutils diff --git a/files/debs/neutron b/files/debs/neutron index b5a457e482..85145d3654 100644 --- a/files/debs/neutron +++ b/files/debs/neutron @@ -1,18 +1,18 @@ acl +dnsmasq-base +dnsmasq-utils # for dhcp_release only available in dist:precise ebtables iptables -iputils-ping iputils-arping +iputils-ping libmysqlclient-dev mysql-server #NOPRIME -sudo postgresql-server-dev-all -python-mysqldb python-mysql.connector -dnsmasq-base -dnsmasq-utils # for dhcp_release only available in dist:precise +python-mysqldb rabbitmq-server # NOPRIME -sqlite3 -vlan radvd # NOPRIME +sqlite3 +sudo uuid-runtime +vlan diff --git a/files/debs/nova b/files/debs/nova index fa394e734b..fe57fc4b2a 100644 --- a/files/debs/nova +++ b/files/debs/nova @@ -1,26 +1,26 @@ +conntrack +curl dnsmasq-base dnsmasq-utils # for dhcp_release -conntrack -kpartx -parted -iputils-arping -libmysqlclient-dev -mysql-server # NOPRIME -python-mysqldb -python-mysql.connector +ebtables gawk +genisoimage # required for config_drive iptables -ebtables -sqlite3 -sudo -qemu-kvm # NOPRIME -qemu # dist:wheezy,jessie NOPRIME +iputils-arping +kpartx +libjs-jquery-tablesorter # Needed for coverage html reports +libmysqlclient-dev libvirt-bin # NOPRIME libvirt-dev # NOPRIME +mysql-server # NOPRIME +parted pm-utils -libjs-jquery-tablesorter # Needed for coverage html reports -vlan -curl -genisoimage # required for config_drive +python-mysql.connector +python-mysqldb +qemu # dist:wheezy,jessie NOPRIME +qemu-kvm # NOPRIME rabbitmq-server # NOPRIME socat # used by ajaxterm +sqlite3 +sudo +vlan diff --git a/files/debs/zookeeper b/files/debs/zookeeper index 66227f7e31..f41b559007 100644 --- a/files/debs/zookeeper +++ b/files/debs/zookeeper @@ -1 +1 @@ -zookeeperd \ No newline at end of file +zookeeperd diff --git a/files/rpms-suse/ceilometer-collector b/files/rpms-suse/ceilometer-collector index 5e4dfcc35e..fc75ffad63 100644 --- a/files/rpms-suse/ceilometer-collector +++ b/files/rpms-suse/ceilometer-collector @@ -1,3 +1,3 @@ -# Not available in openSUSE main repositories, but can be fetched from OBS # (devel:languages:python and server:database projects) mongodb +# Not available in openSUSE main repositories, but can be fetched from OBS diff --git a/files/rpms-suse/ceph b/files/rpms-suse/ceph index 8d465000e1..8c4955df90 100644 --- a/files/rpms-suse/ceph +++ b/files/rpms-suse/ceph @@ -1,3 +1,3 @@ ceph # NOPRIME -xfsprogs lsb +xfsprogs diff --git a/files/rpms-suse/cinder b/files/rpms-suse/cinder index 3fd03cc9be..56b1bb536a 100644 --- a/files/rpms-suse/cinder +++ b/files/rpms-suse/cinder @@ -1,6 +1,6 @@ lvm2 -tgt # NOPRIME -qemu-tools -python-devel -postgresql-devel open-iscsi +postgresql-devel +python-devel +qemu-tools +tgt # NOPRIME diff --git a/files/rpms-suse/general b/files/rpms-suse/general index 3a7c4b56fd..651243d274 100644 --- a/files/rpms-suse/general +++ b/files/rpms-suse/general @@ -8,21 +8,21 @@ gcc-c++ git-core graphviz # docs iputils +libffi-devel # pyOpenSSL +libmysqlclient-devel # MySQL-python libopenssl-devel # to rebuild pyOpenSSL if needed +libxslt-devel # lxml lsof # useful when debugging make +net-tools openssh openssl +postgresql-devel # psycopg2 psmisc python-cmd2 # dist:opensuse-12.3 +python-devel # pyOpenSSL screen tar tcpdump unzip wget -net-tools -libffi-devel # pyOpenSSL -libxslt-devel # lxml -postgresql-devel # psycopg2 -libmysqlclient-devel # MySQL-python -python-devel # pyOpenSSL diff --git a/files/rpms-suse/horizon b/files/rpms-suse/horizon index 77f7c34b31..753ea76e04 100644 --- a/files/rpms-suse/horizon +++ b/files/rpms-suse/horizon @@ -1,2 +1,2 @@ -apache2 # NOPRIME apache2-mod_wsgi # NOPRIME +apache2 # NOPRIME diff --git a/files/rpms-suse/n-api b/files/rpms-suse/n-api index 6f59e603b2..af5ac2fc54 100644 --- a/files/rpms-suse/n-api +++ b/files/rpms-suse/n-api @@ -1,2 +1,2 @@ -python-dateutil fping +python-dateutil diff --git a/files/rpms-suse/n-cpu b/files/rpms-suse/n-cpu index b3a468d2d8..29bd31b365 100644 --- a/files/rpms-suse/n-cpu +++ b/files/rpms-suse/n-cpu @@ -1,7 +1,7 @@ -# Stuff for diablo volumes +cryptsetup genisoimage lvm2 open-iscsi -sysfsutils sg3_utils -cryptsetup +# Stuff for diablo volumes +sysfsutils diff --git a/files/rpms-suse/neutron b/files/rpms-suse/neutron index 133979911e..4b0eefaaa5 100644 --- a/files/rpms-suse/neutron +++ b/files/rpms-suse/neutron @@ -7,7 +7,7 @@ iputils mariadb # NOPRIME postgresql-devel rabbitmq-server # NOPRIME +radvd # NOPRIME sqlite3 sudo vlan -radvd # NOPRIME diff --git a/files/rpms-suse/nova b/files/rpms-suse/nova index 039456fc1b..2f3ad21a63 100644 --- a/files/rpms-suse/nova +++ b/files/rpms-suse/nova @@ -1,7 +1,7 @@ +conntrack-tools curl dnsmasq dnsmasq-utils # dist:opensuse-12.3,opensuse-13.1 -conntrack-tools ebtables gawk genisoimage # required for config_drive @@ -9,14 +9,14 @@ iptables iputils kpartx kvm # NOPRIME -# qemu as fallback if kvm cannot be used -qemu # NOPRIME libvirt # NOPRIME libvirt-python # NOPRIME mariadb # NOPRIME parted polkit python-devel +# qemu as fallback if kvm cannot be used +qemu # NOPRIME rabbitmq-server # NOPRIME socat sqlite3 diff --git a/files/rpms-suse/openvswitch b/files/rpms-suse/openvswitch index edfb4d21aa..53f8bb22cf 100644 --- a/files/rpms-suse/openvswitch +++ b/files/rpms-suse/openvswitch @@ -1,3 +1,3 @@ + openvswitch openvswitch-switch - diff --git a/files/rpms/ceilometer-collector b/files/rpms/ceilometer-collector index b139ed2b6b..a8b81187ed 100644 --- a/files/rpms/ceilometer-collector +++ b/files/rpms/ceilometer-collector @@ -1,3 +1,3 @@ -selinux-policy-targeted -mongodb-server #NOPRIME mongodb # NOPRIME +mongodb-server #NOPRIME +selinux-policy-targeted diff --git a/files/rpms/ceph b/files/rpms/ceph index 5483735741..64befc5f00 100644 --- a/files/rpms/ceph +++ b/files/rpms/ceph @@ -1,3 +1,3 @@ ceph # NOPRIME -xfsprogs redhat-lsb-core +xfsprogs diff --git a/files/rpms/cinder b/files/rpms/cinder index a88503b8bc..f28f04d8ba 100644 --- a/files/rpms/cinder +++ b/files/rpms/cinder @@ -1,5 +1,5 @@ +iscsi-initiator-utils lvm2 -scsi-target-utils # NOPRIME -qemu-img postgresql-devel -iscsi-initiator-utils +qemu-img +scsi-target-utils # NOPRIME diff --git a/files/rpms/dstat b/files/rpms/dstat index 8a8f8fe737..2b643b8b1b 100644 --- a/files/rpms/dstat +++ b/files/rpms/dstat @@ -1 +1 @@ -dstat \ No newline at end of file +dstat diff --git a/files/rpms/general b/files/rpms/general index eb479d2050..cfd9479600 100644 --- a/files/rpms/general +++ b/files/rpms/general @@ -1,35 +1,35 @@ +bc bridge-utils curl dbus euca2ools # only for testing client gcc gcc-c++ +gettext # used for compiling message catalogs git-core graphviz # needed only for docs -openssh-server -openssl -openssl-devel # to rebuild pyOpenSSL if needed +iptables-services # NOPRIME f21,f22 +java-1.7.0-openjdk-headless # NOPRIME rhel7 +java-1.8.0-openjdk-headless # NOPRIME f21,f22 libffi-devel libxml2-devel # lxml libxslt-devel # lxml +libyaml-devel +mariadb-devel # MySQL-python +net-tools +openssh-server +openssl +openssl-devel # to rebuild pyOpenSSL if needed pkgconfig +postgresql-devel # psycopg2 psmisc +pyOpenSSL # version in pip uses too much memory python-devel +redhat-rpm-config # MySQL-python rhbz-1195207 f21 screen tar tcpdump unzip wget which -bc -libyaml-devel -gettext # used for compiling message catalogs -net-tools -java-1.7.0-openjdk-headless # NOPRIME rhel7 -java-1.8.0-openjdk-headless # NOPRIME f21,f22 -pyOpenSSL # version in pip uses too much memory -iptables-services # NOPRIME f21,f22 -mariadb-devel # MySQL-python -postgresql-devel # psycopg2 -redhat-rpm-config # MySQL-python rhbz-1195207 f21 zlib-devel diff --git a/files/rpms/horizon b/files/rpms/horizon index b2cf0ded6f..aeb2cb5c96 100644 --- a/files/rpms/horizon +++ b/files/rpms/horizon @@ -1,5 +1,5 @@ Django httpd # NOPRIME mod_wsgi # NOPRIME -pyxattr pcre-devel # pyScss +pyxattr diff --git a/files/rpms/keystone b/files/rpms/keystone index 7384150a4a..c01c261e19 100644 --- a/files/rpms/keystone +++ b/files/rpms/keystone @@ -1,3 +1,3 @@ +mod_ssl MySQL-python sqlite -mod_ssl diff --git a/files/rpms/ldap b/files/rpms/ldap index d89c4cf8c1..d5b8fa4374 100644 --- a/files/rpms/ldap +++ b/files/rpms/ldap @@ -1,2 +1,2 @@ -openldap-servers openldap-clients +openldap-servers diff --git a/files/rpms/n-cpu b/files/rpms/n-cpu index 81278b30bb..7773b0402d 100644 --- a/files/rpms/n-cpu +++ b/files/rpms/n-cpu @@ -1,7 +1,7 @@ -# Stuff for diablo volumes +cryptsetup +genisoimage iscsi-initiator-utils lvm2 -genisoimage -sysfsutils sg3_utils -cryptsetup +# Stuff for diablo volumes +sysfsutils diff --git a/files/rpms/neutron b/files/rpms/neutron index 29851bea9b..b3f79ed146 100644 --- a/files/rpms/neutron +++ b/files/rpms/neutron @@ -1,4 +1,3 @@ -MySQL-python acl dnsmasq # for q-dhcp dnsmasq-utils # for dhcp_release @@ -7,10 +6,11 @@ iptables iputils mysql-connector-python mysql-devel +MySQL-python mysql-server # NOPRIME openvswitch # NOPRIME postgresql-devel rabbitmq-server # NOPRIME +radvd # NOPRIME sqlite sudo -radvd # NOPRIME diff --git a/files/rpms/nova b/files/rpms/nova index 6eeb6230a9..e70f138a3c 100644 --- a/files/rpms/nova +++ b/files/rpms/nova @@ -1,8 +1,7 @@ -MySQL-python +conntrack-tools curl dnsmasq # for nova-network dnsmasq-utils # for dhcp_release -conntrack-tools ebtables gawk genisoimage # required for config_drive @@ -10,18 +9,19 @@ iptables iputils kpartx kvm # NOPRIME -qemu-kvm # NOPRIME libvirt-bin # NOPRIME libvirt-devel # NOPRIME libvirt-python # NOPRIME libxml2-python -numpy # needed by websockify for spice console m2crypto mysql-connector-python mysql-devel +MySQL-python mysql-server # NOPRIME +numpy # needed by websockify for spice console parted polkit +qemu-kvm # NOPRIME rabbitmq-server # NOPRIME sqlite sudo diff --git a/files/rpms/swift b/files/rpms/swift index 1bf57cc3a2..f56a81b0d1 100644 --- a/files/rpms/swift +++ b/files/rpms/swift @@ -1,7 +1,7 @@ curl memcached pyxattr +rsync-daemon # dist:f22,f23 sqlite xfsprogs xinetd -rsync-daemon # dist:f22,f23 diff --git a/files/rpms/zookeeper b/files/rpms/zookeeper index c0d1c3066d..1bfac538a2 100644 --- a/files/rpms/zookeeper +++ b/files/rpms/zookeeper @@ -1 +1 @@ -zookeeper \ No newline at end of file +zookeeper From 3dac869f80e90795efc2127b713cc5282f4eabb5 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 17:26:24 +1100 Subject: [PATCH 0054/2409] Cleanup some of the deb/rpm installs python-devel and the mysql/postgresql client dev-libs should all be installed globally via the "general" installs; no need to installs them separately Change-Id: I91a9ace2e62a891634dbb4635ab2ad8c8dc59f91 --- files/debs/cinder | 1 - files/rpms-suse/cinder | 2 -- files/rpms-suse/glance | 1 - files/rpms-suse/keystone | 1 - files/rpms-suse/neutron | 1 - files/rpms-suse/nova | 1 - files/rpms-suse/swift | 1 - files/rpms/cinder | 1 - files/rpms/neutron | 1 - 9 files changed, 10 deletions(-) delete mode 100644 files/rpms-suse/glance diff --git a/files/debs/cinder b/files/debs/cinder index 48b8d0f7d3..3595e011da 100644 --- a/files/debs/cinder +++ b/files/debs/cinder @@ -1,4 +1,3 @@ -libpq-dev lvm2 open-iscsi open-iscsi-utils # Deprecated since quantal dist:precise diff --git a/files/rpms-suse/cinder b/files/rpms-suse/cinder index 56b1bb536a..189a232fa7 100644 --- a/files/rpms-suse/cinder +++ b/files/rpms-suse/cinder @@ -1,6 +1,4 @@ lvm2 open-iscsi -postgresql-devel -python-devel qemu-tools tgt # NOPRIME diff --git a/files/rpms-suse/glance b/files/rpms-suse/glance deleted file mode 100644 index bf512de575..0000000000 --- a/files/rpms-suse/glance +++ /dev/null @@ -1 +0,0 @@ -python-devel diff --git a/files/rpms-suse/keystone b/files/rpms-suse/keystone index c838b413c3..46832c786d 100644 --- a/files/rpms-suse/keystone +++ b/files/rpms-suse/keystone @@ -1,4 +1,3 @@ cyrus-sasl-devel openldap2-devel -python-devel sqlite3 diff --git a/files/rpms-suse/neutron b/files/rpms-suse/neutron index 4b0eefaaa5..e9abc6eca6 100644 --- a/files/rpms-suse/neutron +++ b/files/rpms-suse/neutron @@ -5,7 +5,6 @@ ebtables iptables iputils mariadb # NOPRIME -postgresql-devel rabbitmq-server # NOPRIME radvd # NOPRIME sqlite3 diff --git a/files/rpms-suse/nova b/files/rpms-suse/nova index 2f3ad21a63..ae115d2138 100644 --- a/files/rpms-suse/nova +++ b/files/rpms-suse/nova @@ -14,7 +14,6 @@ libvirt-python # NOPRIME mariadb # NOPRIME parted polkit -python-devel # qemu as fallback if kvm cannot be used qemu # NOPRIME rabbitmq-server # NOPRIME diff --git a/files/rpms-suse/swift b/files/rpms-suse/swift index 6a824f944f..52e0a990e7 100644 --- a/files/rpms-suse/swift +++ b/files/rpms-suse/swift @@ -1,6 +1,5 @@ curl memcached -python-devel sqlite3 xfsprogs xinetd diff --git a/files/rpms/cinder b/files/rpms/cinder index f28f04d8ba..0274642fd6 100644 --- a/files/rpms/cinder +++ b/files/rpms/cinder @@ -1,5 +1,4 @@ iscsi-initiator-utils lvm2 -postgresql-devel qemu-img scsi-target-utils # NOPRIME diff --git a/files/rpms/neutron b/files/rpms/neutron index b3f79ed146..9683475d29 100644 --- a/files/rpms/neutron +++ b/files/rpms/neutron @@ -9,7 +9,6 @@ mysql-devel MySQL-python mysql-server # NOPRIME openvswitch # NOPRIME -postgresql-devel rabbitmq-server # NOPRIME radvd # NOPRIME sqlite From 7ddf6741d24485aa40de122f4bfdf4cd55e7cfad Mon Sep 17 00:00:00 2001 From: "Sean M. Collins" Date: Mon, 9 Nov 2015 08:08:53 -0500 Subject: [PATCH 0055/2409] Neutron-legacy: Remove LINUXNET_VIF_DRIVER option A value is never assigned, and it ends up in the nova.conf file as: linuxnet_interface_driver = So, let's delete it. Change-Id: Ibc270ce6ee622eee871df1f8c11f21e8be8280ee --- lib/neutron-legacy | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 4e51425ffc..096869929b 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -488,7 +488,6 @@ function create_nova_conf_neutron { # optionally set options in nova_conf neutron_plugin_create_nova_conf - iniset $NOVA_CONF DEFAULT linuxnet_interface_driver "$LINUXNET_VIF_DRIVER" if is_service_enabled q-meta; then iniset $NOVA_CONF neutron service_metadata_proxy "True" fi From 5c5e08669cb7539886cb3477fc7c4c7deb701f50 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Mon, 9 Nov 2015 14:08:15 -0500 Subject: [PATCH 0056/2409] loop all ebtables tables ebtables has 3 built in tables, if we don't call them out we only get 'filter' (per man page). Change-Id: I52360cbb3b910cb492b61e2314848cc29dcd8266 --- tools/worlddump.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/worlddump.py b/tools/worlddump.py index 1b337a9a83..97e4d949c7 100755 --- a/tools/worlddump.py +++ b/tools/worlddump.py @@ -86,8 +86,10 @@ def disk_space(): def ebtables_dump(): + tables = ['filter', 'nat', 'broute'] _header("EB Tables Dump") - _dump_cmd("sudo ebtables -L") + for table in tables: + _dump_cmd("sudo ebtables -t %s -L" % table) def iptables_dump(): From 8a3b7d424d8edf53d0560db48247e6bca11176ee Mon Sep 17 00:00:00 2001 From: John Davidge Date: Tue, 7 Jul 2015 11:10:54 +0100 Subject: [PATCH 0057/2409] Fix stack failure when default subnetpool is set Currently stack.sh will fail if a value is set for default_ipv4_subnet_pool and/or default_ipv6_subnet_pool in neutron.conf. This is because setting either of these values overrides the default behaviour of using the implicit (none) subnetpool for subnet creation, and the subnetpools specified in neutron.conf have not been created at the time of the devstack calls to subnet-create. This patch fixes the failure by specifying subnetpool = None in calls to subnet-create, so that neutron will behave as devstack expects. This parameter will no longer be required once these configuration options are removed in the OpenStack N release, but will be required for compatibility with Kilo, Liberty, and Mitaka. Change-Id: I29b2d62a022b43f6623b127af2ca303f9de847b0 Closes-Bug: #1472200 --- exercises/neutron-adv-test.sh | 2 +- lib/neutron-legacy | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/exercises/neutron-adv-test.sh b/exercises/neutron-adv-test.sh index a8fbd86473..9bcb7669b7 100755 --- a/exercises/neutron-adv-test.sh +++ b/exercises/neutron-adv-test.sh @@ -235,7 +235,7 @@ function create_network { local NET_ID NET_ID=$(neutron net-create --tenant-id $TENANT_ID $NET_NAME $EXTRA| grep ' id ' | awk '{print $4}' ) die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $TENANT_ID $NET_NAME $EXTRA" - neutron subnet-create --ip-version 4 --tenant-id $TENANT_ID --gateway $GATEWAY $NET_ID $CIDR + neutron subnet-create --ip-version 4 --tenant-id $TENANT_ID --gateway $GATEWAY --subnetpool None $NET_ID $CIDR neutron_debug_admin probe-create --device-owner compute $NET_ID source $TOP_DIR/openrc demo demo } diff --git a/lib/neutron-legacy b/lib/neutron-legacy index c244e5470a..0e7ce26674 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -542,12 +542,12 @@ function create_neutron_initial_network { die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PHYSICAL_NETWORK $TENANT_ID" if [[ "$IP_VERSION" =~ 4.* ]]; then - SUBNET_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --name $PROVIDER_SUBNET_NAME --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2) + SUBNET_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --name $PROVIDER_SUBNET_NAME --gateway $NETWORK_GATEWAY --subnetpool None $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2) die_if_not_set $LINENO SUBNET_ID "Failure creating SUBNET_ID for $PROVIDER_SUBNET_NAME $TENANT_ID" fi if [[ "$IP_VERSION" =~ .*6 ]]; then - SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode $IPV6_ADDRESS_MODE --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2) + SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode $IPV6_ADDRESS_MODE --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 --subnetpool_id None $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2) die_if_not_set $LINENO SUBNET_V6_ID "Failure creating SUBNET_V6_ID for $PROVIDER_SUBNET_NAME_V6 $TENANT_ID" fi @@ -1236,6 +1236,7 @@ function _neutron_create_private_subnet_v4 { subnet_params+="--ip_version 4 " subnet_params+="--gateway $NETWORK_GATEWAY " subnet_params+="--name $PRIVATE_SUBNET_NAME " + subnet_params+="--subnetpool None " subnet_params+="$NET_ID $FIXED_RANGE" local subnet_id subnet_id=$(neutron subnet-create $subnet_params | grep ' id ' | get_field 2) @@ -1252,6 +1253,7 @@ function _neutron_create_private_subnet_v6 { subnet_params+="--ip_version 6 " subnet_params+="--gateway $IPV6_PRIVATE_NETWORK_GATEWAY " subnet_params+="--name $IPV6_PRIVATE_SUBNET_NAME " + subnet_params+="--subnetpool None " subnet_params+="$NET_ID $FIXED_RANGE_V6 $ipv6_modes" local ipv6_subnet_id ipv6_subnet_id=$(neutron subnet-create $subnet_params | grep ' id ' | get_field 2) @@ -1265,6 +1267,7 @@ function _neutron_create_public_subnet_v4 { subnet_params+="${Q_FLOATING_ALLOCATION_POOL:+--allocation-pool $Q_FLOATING_ALLOCATION_POOL} " subnet_params+="--gateway $PUBLIC_NETWORK_GATEWAY " subnet_params+="--name $PUBLIC_SUBNET_NAME " + subnet_params+="--subnetpool None " subnet_params+="$EXT_NET_ID $FLOATING_RANGE " subnet_params+="-- --enable_dhcp=False" local id_and_ext_gw_ip @@ -1278,6 +1281,7 @@ function _neutron_create_public_subnet_v6 { local subnet_params="--ip_version 6 " subnet_params+="--gateway $IPV6_PUBLIC_NETWORK_GATEWAY " subnet_params+="--name $IPV6_PUBLIC_SUBNET_NAME " + subnet_params+="--subnetpool None " subnet_params+="$EXT_NET_ID $IPV6_PUBLIC_RANGE " subnet_params+="-- --enable_dhcp=False" local ipv6_id_and_ext_gw_ip From 04e73e17e8c536abb1ea86e7b0d037aef543da37 Mon Sep 17 00:00:00 2001 From: Jordan Pittier Date: Tue, 10 Nov 2015 18:58:11 +0100 Subject: [PATCH 0058/2409] On Ubuntu: don't start Zookeeper twice On Ubuntu, if the Zookeeper service is already running, attempting to start it again fails with non-zero exit code. This patch detects whether ZK is already started before trying to start it. Change-Id: If1257152de01fe5fe0351fdbb538bce083edbec0 Closes-Bug: #1513741 --- lib/zookeeper | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/zookeeper b/lib/zookeeper index e62ba8ada8..6637d52bca 100644 --- a/lib/zookeeper +++ b/lib/zookeeper @@ -69,7 +69,12 @@ function install_zookeeper { # start_zookeeper() - Start running processes, including screen function start_zookeeper { - start_service zookeeper + # Starting twice Zookeeper on Ubuntu exits with error code 1. See LP#1513741 + # Match both systemd and sysvinit output + local running="(active \(running\)|start/running)" + if ! is_ubuntu || ! sudo /usr/sbin/service zookeeper status | egrep -q "$running"; then + start_service zookeeper + fi } # stop_zookeeper() - Stop running processes (non-screen) From 536b8c1d2cf9d2523dc60f74190ef566a8c3fc4b Mon Sep 17 00:00:00 2001 From: Tony Breeds Date: Mon, 9 Nov 2015 10:05:37 +1100 Subject: [PATCH 0059/2409] Allow screen without logging to disk In some niche setups it is desirable to run OpenStack services under screen, but undesirable to automatically keep a persistent log from each service. Add a new variable SCREEN_IS_LOGGING that controls if screen logs each window to disk automatically. Ideally screen itself would be configured to log but just not activate. This isn't possible with the screerc syntax. Temporary logging can still be used by a developer with: C-a : logfile foo C-a : log on Change-Id: I2a3abf15dea95ae99ddbdfe1309382df601b7d93 --- functions-common | 14 +++++++++----- stackrc | 10 ++++++++++ 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/functions-common b/functions-common index ca0543da7d..ba3c79126d 100644 --- a/functions-common +++ b/functions-common @@ -1366,7 +1366,7 @@ function run_process { # Helper to launch a process in a named screen # Uses globals ``CURRENT_LOG_TIME``, ```LOGDIR``, ``SCREEN_LOGDIR``, `SCREEN_NAME``, -# ``SERVICE_DIR``, ``USE_SCREEN`` +# ``SERVICE_DIR``, ``USE_SCREEN``, ``SCREEN_IS_LOGGING`` # screen_process name "command-line" [group] # Run a command in a shell in a screen window, if an optional group # is provided, use sg to set the group of the command. @@ -1386,8 +1386,12 @@ function screen_process { echo "SCREEN_LOGDIR: $SCREEN_LOGDIR" echo "log: $real_logfile" if [[ -n ${LOGDIR} ]]; then - screen -S $SCREEN_NAME -p $name -X logfile "$real_logfile" - screen -S $SCREEN_NAME -p $name -X log on + if [[ "$SCREEN_IS_LOGGING" == "True" ]]; then + screen -S $SCREEN_NAME -p $name -X logfile "$real_logfile" + screen -S $SCREEN_NAME -p $name -X log on + fi + # If logging isn't active then avoid a broken symlink + touch "$real_logfile" ln -sf "$real_logfile" ${LOGDIR}/${name}.log if [[ -n ${SCREEN_LOGDIR} ]]; then # Drop the backward-compat symlink @@ -1426,7 +1430,7 @@ function screen_process { } # Screen rc file builder -# Uses globals ``SCREEN_NAME``, ``SCREENRC`` +# Uses globals ``SCREEN_NAME``, ``SCREENRC``, ``SCREEN_IS_LOGGING`` # screen_rc service "command-line" function screen_rc { SCREEN_NAME=${SCREEN_NAME:-stack} @@ -1446,7 +1450,7 @@ function screen_rc { echo "screen -t $1 bash" >> $SCREENRC echo "stuff \"$2$NL\"" >> $SCREENRC - if [[ -n ${LOGDIR} ]]; then + if [[ -n ${LOGDIR} ]] && [[ "$SCREEN_IS_LOGGING" == "True" ]]; then echo "logfile ${LOGDIR}/${1}.log.${CURRENT_LOG_TIME}" >>$SCREENRC echo "log on" >>$SCREENRC fi diff --git a/stackrc b/stackrc index 3033b27580..76a5756dde 100644 --- a/stackrc +++ b/stackrc @@ -103,6 +103,16 @@ HORIZON_APACHE_ROOT="/dashboard" # be disabled for automated testing by setting this value to False. USE_SCREEN=True +# When using screen, should we keep a log file on disk? You might +# want this False if you have a long-running setup where verbose logs +# can fill-up the host. +# XXX: Ideally screen itself would be configured to log but just not +# activate. This isn't possible with the screerc syntax. Temporary +# logging can still be used by a developer with: +# C-a : logfile foo +# C-a : log on +SCREEN_IS_LOGGING=$(trueorfalse True SCREEN_IS_LOGGING) + # Passwords generated by interactive devstack runs if [[ -r $RC_DIR/.localrc.password ]]; then source $RC_DIR/.localrc.password From f6cee0fa2041a9188ad5e3e24e87ebd513729da8 Mon Sep 17 00:00:00 2001 From: Attila Fazekas Date: Fri, 6 Nov 2015 18:18:57 +0100 Subject: [PATCH 0060/2409] Install kernel-modules package on fedora Since f21 the kernel modules are split to multiple packages and by default just the core modules gets installed. nova requires iscsi_tcp module for attaching a volume from any iscsi source (default cinder lvm setup). On el7 it is not required. Change-Id: I31705720ade5defd1b6d4b95bc51c2a11a5f0364 Related-Bug: #1429504 --- files/rpms/nova | 1 + 1 file changed, 1 insertion(+) diff --git a/files/rpms/nova b/files/rpms/nova index e70f138a3c..00e759636e 100644 --- a/files/rpms/nova +++ b/files/rpms/nova @@ -7,6 +7,7 @@ gawk genisoimage # required for config_drive iptables iputils +kernel-modules # dist:f21,f22,f23 kpartx kvm # NOPRIME libvirt-bin # NOPRIME From 59e86a3aae3ca49ae3a400c1fcc49c53c9328fd2 Mon Sep 17 00:00:00 2001 From: "Sean M. Collins" Date: Mon, 9 Nov 2015 11:06:39 -0500 Subject: [PATCH 0061/2409] Replace default route for inet6 When taking the IPv6 addresses from an interface, also update any routing table entries. Change-Id: I0424de6c5c1b0fcb7a9bc3fc1475036668cab09d Closes-Bug: 1514494 --- lib/neutron-legacy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index c244e5470a..2c0c9cfb3b 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -799,7 +799,7 @@ function _move_neutron_addresses_route { local IP_ADD="" local IP_DEL="" local DEFAULT_ROUTE_GW - DEFAULT_ROUTE_GW=$(ip r | awk "/default.+$from_intf/ { print \$3; exit }") + DEFAULT_ROUTE_GW=$(ip -f $af r | awk "/default.+$from_intf/ { print \$3; exit }") local ADD_OVS_PORT="" if [[ $af == "inet" ]]; then @@ -811,7 +811,7 @@ function _move_neutron_addresses_route { fi if [ "$DEFAULT_ROUTE_GW" != "" ]; then - ADD_DEFAULT_ROUTE="sudo ip r replace default via $DEFAULT_ROUTE_GW dev $to_intf" + ADD_DEFAULT_ROUTE="sudo ip -f $af r replace default via $DEFAULT_ROUTE_GW dev $to_intf" fi if [[ "$add_ovs_port" == "True" ]]; then From 9af81997b543f7634c180b73a036c59456118b50 Mon Sep 17 00:00:00 2001 From: "Sean M. Collins" Date: Tue, 10 Nov 2015 13:30:20 -0500 Subject: [PATCH 0062/2409] Only take the first global, non temporary ipv6 address Taking a temporary IPv6 address created through the OS' support for Privacy Extensions (RFC 4941) is not very useful. It would occur because it happened to be the first in the list returned from ip(8). Instead, grab the first IPv6 address that is not a temporary address. Related-Bug: #1488691 Change-Id: I7f455572241e7d0c7406f173239a2270a4d8926a --- lib/neutron-legacy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 2c0c9cfb3b..eed477a550 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -807,7 +807,7 @@ function _move_neutron_addresses_route { fi if [[ $af == "inet6" ]]; then - IP_BRD=$(ip -f $af a s dev $from_intf | grep inet6 | awk '{ print $2, $3, $4; exit }') + IP_BRD=$(ip -f $af a s dev $from_intf | grep 'scope global' | sed '/temporary/d' | awk '{ print $2, $3, $4; exit }') fi if [ "$DEFAULT_ROUTE_GW" != "" ]; then From 1650166c2594905ca16c02b58430f4f5bd9ed24c Mon Sep 17 00:00:00 2001 From: "Sean M. Collins" Date: Mon, 12 Oct 2015 11:01:44 -0400 Subject: [PATCH 0063/2409] docs: Add more networking details to single interface section Add complete localrcs, and also add a section for additional compute nodes, to help demonstrate the OVS layout and how traffic flows over VXLAN tunnels from compute nodes, to the L3 node, and out onto the wire. Closes-Bug: #1506733 Change-Id: Ibb5fd454bdcb8c13400c1e11f640c2aafc0f73ca --- doc/source/guides/neutron.rst | 172 +++++++++++++++++++++++++++++++++- 1 file changed, 171 insertions(+), 1 deletion(-) diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst index 5891f68033..ee29087267 100644 --- a/doc/source/guides/neutron.rst +++ b/doc/source/guides/neutron.rst @@ -35,7 +35,7 @@ network and is on a shared subnet with other machines. network hardware_network { address = "172.18.161.0/24" router [ address = "172.18.161.1" ]; - devstack_laptop [ address = "172.18.161.6" ]; + devstack-1 [ address = "172.18.161.6" ]; } } @@ -43,9 +43,13 @@ network and is on a shared subnet with other machines. DevStack Configuration ---------------------- +The following is a complete `local.conf` for the host named +`devstack-1`. It will run all the API and services, as well as +serving as a hypervisor for guest instances. :: + [[local|localrc]] HOST_IP=172.18.161.6 SERVICE_HOST=172.18.161.6 MYSQL_HOST=172.18.161.6 @@ -57,6 +61,12 @@ DevStack Configuration SERVICE_PASSWORD=secrete SERVICE_TOKEN=secrete + # Do not use Nova-Network + disable_service n-net + # Enable Neutron + ENABLED_SERVICES+=,q-svc,q-dhcp,q-meta,q-agt,q-l3 + + ## Neutron options Q_USE_SECGROUP=True FLOATING_RANGE="172.18.161.0/24" @@ -71,6 +81,166 @@ DevStack Configuration OVS_BRIDGE_MAPPINGS=public:br-ex +Adding Additional Compute Nodes +------------------------------- + +Let's suppose that after installing DevStack on the first host, you +also want to do multinode testing and networking. + +Physical Network Setup +~~~~~~~~~~~~~~~~~~~~~~ + +.. nwdiag:: + + nwdiag { + inet [ shape = cloud ]; + router; + inet -- router; + + network hardware_network { + address = "172.18.161.0/24" + router [ address = "172.18.161.1" ]; + devstack-1 [ address = "172.18.161.6" ]; + devstack-2 [ address = "172.18.161.7" ]; + } + } + + +After DevStack installs and configures Neutron, traffic from guest VMs +flows out of `devstack-2` (the compute node) and is encapsulated in a +VXLAN tunnel back to `devstack-1` (the control node) where the L3 +agent is running. + +:: + + stack@devstack-2:~/devstack$ sudo ovs-vsctl show + 8992d965-0ba0-42fd-90e9-20ecc528bc29 + Bridge br-int + fail_mode: secure + Port br-int + Interface br-int + type: internal + Port patch-tun + Interface patch-tun + type: patch + options: {peer=patch-int} + Bridge br-tun + fail_mode: secure + Port "vxlan-c0a801f6" + Interface "vxlan-c0a801f6" + type: vxlan + options: {df_default="true", in_key=flow, local_ip="172.18.161.7", out_key=flow, remote_ip="172.18.161.6"} + Port patch-int + Interface patch-int + type: patch + options: {peer=patch-tun} + Port br-tun + Interface br-tun + type: internal + ovs_version: "2.0.2" + +Open vSwitch on the control node, where the L3 agent runs, is +configured to de-encapsulate traffic from compute nodes, then forward +it over the `br-ex` bridge, where `eth0` is attached. + +:: + + stack@devstack-1:~/devstack$ sudo ovs-vsctl show + 422adeea-48d1-4a1f-98b1-8e7239077964 + Bridge br-tun + fail_mode: secure + Port br-tun + Interface br-tun + type: internal + Port patch-int + Interface patch-int + type: patch + options: {peer=patch-tun} + Port "vxlan-c0a801d8" + Interface "vxlan-c0a801d8" + type: vxlan + options: {df_default="true", in_key=flow, local_ip="172.18.161.6", out_key=flow, remote_ip="172.18.161.7"} + Bridge br-ex + Port phy-br-ex + Interface phy-br-ex + type: patch + options: {peer=int-br-ex} + Port "eth0" + Interface "eth0" + Port br-ex + Interface br-ex + type: internal + Bridge br-int + fail_mode: secure + Port "tapce66332d-ea" + tag: 1 + Interface "tapce66332d-ea" + type: internal + Port "qg-65e5a4b9-15" + tag: 2 + Interface "qg-65e5a4b9-15" + type: internal + Port "qr-33e5e471-88" + tag: 1 + Interface "qr-33e5e471-88" + type: internal + Port "qr-acbe9951-70" + tag: 1 + Interface "qr-acbe9951-70" + type: internal + Port br-int + Interface br-int + type: internal + Port patch-tun + Interface patch-tun + type: patch + options: {peer=patch-int} + Port int-br-ex + Interface int-br-ex + type: patch + options: {peer=phy-br-ex} + ovs_version: "2.0.2" + +`br-int` is a bridge that the Open vSwitch mechanism driver creates, +which is used as the "integration bridge" where ports are created, and +plugged into the virtual switching fabric. `br-ex` is an OVS bridge +that is used to connect physical ports (like `eth0`), so that floating +IP traffic for tenants can be received from the physical network +infrastructure (and the internet), and routed to tenant network ports. +`br-tun` is a tunnel bridge that is used to connect OpenStack nodes +(like `devstack-2`) together. This bridge is used so that tenant +network traffic, using the VXLAN tunneling protocol, flows between +each compute node where tenant instances run. + + + +DevStack Compute Configuration +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The host `devstack-2` has a very minimal `local.conf`. + +:: + + [[local|localrc]] + HOST_IP=172.18.161.7 + SERVICE_HOST=172.18.161.6 + MYSQL_HOST=172.18.161.6 + RABBIT_HOST=172.18.161.6 + GLANCE_HOSTPORT=172.18.161.6:9292 + ADMIN_PASSWORD=secrete + MYSQL_PASSWORD=secrete + RABBIT_PASSWORD=secrete + SERVICE_PASSWORD=secrete + SERVICE_TOKEN=secrete + + ## Neutron options + PUBLIC_INTERFACE=eth0 + ENABLED_SERVICES=n-cpu,rabbit,q-agt + +Network traffic from `eth0` on the compute nodes is then NAT'd by the +controller node that runs Neutron's `neutron-l3-agent` and provides L3 +connectivity. + Neutron Networking with Open vSwitch and Provider Networks ========================================================== From 90dd262c19d7387ef6b438aea5e6eb13f3fd609d Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Tue, 10 Nov 2015 12:22:03 -0500 Subject: [PATCH 0064/2409] fail if devstack attempts to be run under virtualenv This has come up on the mailing list recently, we should just fail early and explicitly so that people don't get way down this path and not realize it's never going to work. Change-Id: I8a7f001adf3a5244b8655858ebd5fc7014a4af55 --- stack.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/stack.sh b/stack.sh index 68b932e4b1..825ed968f3 100755 --- a/stack.sh +++ b/stack.sh @@ -93,6 +93,20 @@ if [[ $EUID -eq 0 ]]; then exit 1 fi +# OpenStack is designed to run at a system level, with system level +# installation of python packages. It does not support running under a +# virtual env, and will fail in really odd ways if you do this. Make +# this explicit as it has come up on the mailing list. +if [[ -n "$VIRTUAL_ENV" ]]; then + echo "You appear to be running under a python virtualenv." + echo "DevStack does not support this, as we my break the" + echo "virtualenv you are currently in by modifying " + echo "external system-level components the virtualenv relies on." + echo "We reccommend you use a separate virtual-machine if " + echo "you are worried about DevStack taking over your system." + exit 1 +fi + # Provide a safety switch for devstack. If you do a lot of devstack, # on a lot of different environments, you sometimes run it on the # wrong box. This makes there be a way to prevent that. From 7e550682977b0c3a6a667af6691760d8a7506e9b Mon Sep 17 00:00:00 2001 From: Richard Theis Date: Tue, 13 Oct 2015 07:51:05 -0500 Subject: [PATCH 0065/2409] doc: Update LBaaS v2 setup for Liberty - Updated LBaaS v2 setup to use Octavia. - Removed the old cirros image URL, the default should be sufficient. - Fixed nova boot commands based on Liberty DevStack. - Added sleeps to LBaaS v2 commands since most commands can take a few seconds to complete. - Added wait to load balancer creation since it can take a few minutes to complete. - Wrapped long lines in the descriptions. Change-Id: Ib4a3f02ebc2606e3e16591ae3a23676cb0a6cd64 --- doc/source/guides/devstack-with-lbaas-v2.rst | 30 ++++++++++++++------ 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/doc/source/guides/devstack-with-lbaas-v2.rst b/doc/source/guides/devstack-with-lbaas-v2.rst index f67978310d..747a9384d0 100644 --- a/doc/source/guides/devstack-with-lbaas-v2.rst +++ b/doc/source/guides/devstack-with-lbaas-v2.rst @@ -1,13 +1,17 @@ -Configure Load-Balancer in Kilo +Configure Load-Balancer Version 2 ================================= -The Kilo release of OpenStack will support Version 2 of the neutron load balancer. Until now, using OpenStack `LBaaS V2 `_ has required a good understanding of neutron and LBaaS architecture and several manual steps. +Starting in the OpenStack Liberty release, the +`neutron LBaaS v2 API `_ +is now stable while the LBaaS v1 API has been deprecated. The LBaaS v2 reference +driver is based on Octavia. Phase 1: Create DevStack + 2 nova instances -------------------------------------------- -First, set up a vm of your choice with at least 8 GB RAM and 16 GB disk space, make sure it is updated. Install git and any other developer tools you find useful. +First, set up a vm of your choice with at least 8 GB RAM and 16 GB disk space, +make sure it is updated. Install git and any other developer tools you find useful. Install devstack @@ -24,6 +28,7 @@ Edit your `local.conf` to look like [[local|localrc]] # Load the external LBaaS plugin. enable_plugin neutron-lbaas https://git.openstack.org/openstack/neutron-lbaas + enable_plugin octavia https://git.openstack.org/openstack/octavia # ===== BEGIN localrc ===== DATABASE_PASSWORD=password @@ -42,13 +47,13 @@ Edit your `local.conf` to look like ENABLED_SERVICES+=,horizon # Nova ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch - IMAGE_URLS+=",https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img" # Glance ENABLED_SERVICES+=,g-api,g-reg # Neutron ENABLED_SERVICES+=,q-svc,q-agt,q-dhcp,q-l3,q-meta - # Enable LBaaS V2 + # Enable LBaaS v2 ENABLED_SERVICES+=,q-lbaasv2 + ENABLED_SERVICES+=,octavia,o-cw,o-hk,o-hm,o-api # Cinder ENABLED_SERVICES+=,c-api,c-vol,c-sch # Tempest @@ -69,11 +74,11 @@ Create two nova instances that we can use as test http servers: :: #create nova instances on private network - nova boot --image $(nova image-list | awk '/ cirros-0.3.0-x86_64-disk / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node1 - nova boot --image $(nova image-list | awk '/ cirros-0.3.0-x86_64-disk / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node2 + nova boot --image $(nova image-list | awk '/ cirros-.*-x86_64-uec / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node1 + nova boot --image $(nova image-list | awk '/ cirros-.*-x86_64-uec / {print $2}') --flavor 1 --nic net-id=$(neutron net-list | awk '/ private / {print $2}') node2 nova list # should show the nova instances just created - #add secgroup rule to allow ssh etc.. + #add secgroup rules to allow ssh etc.. neutron security-group-rule-create default --protocol icmp neutron security-group-rule-create default --protocol tcp --port-range-min 22 --port-range-max 22 neutron security-group-rule-create default --protocol tcp --port-range-min 80 --port-range-max 80 @@ -91,9 +96,16 @@ Phase 2: Create your load balancers :: neutron lbaas-loadbalancer-create --name lb1 private-subnet + neutron lbaas-loadbalancer-show lb1 # Wait for the provisioning_status to be ACTIVE. neutron lbaas-listener-create --loadbalancer lb1 --protocol HTTP --protocol-port 80 --name listener1 + sleep 10 # Sleep since LBaaS actions can take a few seconds depending on the environment. neutron lbaas-pool-create --lb-algorithm ROUND_ROBIN --listener listener1 --protocol HTTP --name pool1 + sleep 10 neutron lbaas-member-create --subnet private-subnet --address 10.0.0.3 --protocol-port 80 pool1 + sleep 10 neutron lbaas-member-create --subnet private-subnet --address 10.0.0.5 --protocol-port 80 pool1 -Please note here that the "10.0.0.3" and "10.0.0.5" in the above commands are the IPs of the nodes (in my test run-thru, they were actually 10.2 and 10.4), and the address of the created LB will be reported as "vip_address" from the lbaas-loadbalancer-create, and a quick test of that LB is "curl that-lb-ip", which should alternate between showing the IPs of the two nodes. +Please note here that the "10.0.0.3" and "10.0.0.5" in the above commands are the IPs of the nodes +(in my test run-thru, they were actually 10.2 and 10.4), and the address of the created LB will be +reported as "vip_address" from the lbaas-loadbalancer-create, and a quick test of that LB is +"curl that-lb-ip", which should alternate between showing the IPs of the two nodes. From 2e8695b0756969d89cd4152e7496df9bf540eaa3 Mon Sep 17 00:00:00 2001 From: Tony Breeds Date: Tue, 20 Oct 2015 11:21:57 +1100 Subject: [PATCH 0066/2409] Add development libraries needed by Pillow Change I8da7dd95ae24cf06dc7bdc300fcf39947a6df093 added Pillow build deps to nodepool thick slaves. This means that Pillow 3 will work in unit tests. Make the matching change to allow Pillow 3.0.0 to work under devstack. The longer term aim is to remove temporary upper cap. Change-Id: I2bec8cf1bfeaaa6ae329704229fdeb86d26e55c7 --- files/debs/general | 1 + files/rpms-suse/general | 2 ++ files/rpms/general | 1 + 3 files changed, 4 insertions(+) diff --git a/files/debs/general b/files/debs/general index 9b2715685e..1215147a16 100644 --- a/files/debs/general +++ b/files/debs/general @@ -8,6 +8,7 @@ git graphviz # needed for docs iputils-ping libffi-dev # for pyOpenSSL +libjpeg-dev # Pillow 3.0.0 libmysqlclient-dev # MySQL-python libpq-dev # psycopg2 libssl-dev # for pyOpenSSL diff --git a/files/rpms-suse/general b/files/rpms-suse/general index 651243d274..34a29554f7 100644 --- a/files/rpms-suse/general +++ b/files/rpms-suse/general @@ -9,6 +9,7 @@ git-core graphviz # docs iputils libffi-devel # pyOpenSSL +libjpeg8-devel # Pillow 3.0.0 libmysqlclient-devel # MySQL-python libopenssl-devel # to rebuild pyOpenSSL if needed libxslt-devel # lxml @@ -26,3 +27,4 @@ tar tcpdump unzip wget +zlib-devel diff --git a/files/rpms/general b/files/rpms/general index cfd9479600..40b06f489b 100644 --- a/files/rpms/general +++ b/files/rpms/general @@ -12,6 +12,7 @@ iptables-services # NOPRIME f21,f22 java-1.7.0-openjdk-headless # NOPRIME rhel7 java-1.8.0-openjdk-headless # NOPRIME f21,f22 libffi-devel +libjpeg-turbo-devel # Pillow 3.0.0 libxml2-devel # lxml libxslt-devel # lxml libyaml-devel From 5cad4d3fe94f2e3823a8d9a2588b3a580d69605c Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Tue, 10 Nov 2015 14:39:07 -0500 Subject: [PATCH 0067/2409] refactor zookeeper into a slightly more generic dlm module This attempts to make the zookeeper installation a bit more modular (assuming that other folks will want to add other dlms as plugins), and addresses the service start issues with zookeeper under ubuntu/upstart. Zookeeper is not going to be installed by default. Services need to ask for it with use_dlm. Change-Id: I33525e2b83a4497a57ec95f62880e0308c88b34f --- lib/dlm | 108 ++++++++++++++++++++++++++++++++++++++++++++++++++ lib/zookeeper | 91 ------------------------------------------ stack.sh | 20 +++------- stackrc | 2 +- unstack.sh | 2 +- 5 files changed, 115 insertions(+), 108 deletions(-) create mode 100644 lib/dlm delete mode 100644 lib/zookeeper diff --git a/lib/dlm b/lib/dlm new file mode 100644 index 0000000000..f68ee26b4b --- /dev/null +++ b/lib/dlm @@ -0,0 +1,108 @@ +#!/bin/bash +# +# lib/dlm +# +# Functions to control the installation and configuration of software +# that provides a dlm (and possibly other functions). The default is +# **zookeeper**, and is going to be the only backend supported in the +# devstack tree. + +# Dependencies: +# +# - ``functions`` file + +# ``stack.sh`` calls the entry points in this order: +# +# - is_dlm_enabled +# - install_dlm +# - configure_dlm +# - cleanup_dlm + +# Save trace setting +XTRACE=$(set +o | grep xtrace) +set +o xtrace + + +# Defaults +# -------- + +# + +# Set up default directories +ZOOKEEPER_DATA_DIR=$DEST/data/zookeeper +ZOOKEEPER_CONF_DIR=/etc/zookeeper + + +# Entry Points +# ------------ +# +# NOTE(sdague): it is expected that when someone wants to implement +# another one of these out of tree, they'll implement the following +# functions: +# +# - dlm_backend +# - install_dlm +# - configure_dlm +# - cleanup_dlm + +# This should be declared in the settings file of any plugin or +# service that needs to have a dlm in their enviroment. +function use_dlm { + enable_service $(dlm_backend) +} + +# A function to return the name of the backend in question, some users +# are going to need to know this. +function dlm_backend { + echo "zookeeper" +} + +# Test if a dlm is enabled (defaults to a zookeeper specific check) +function is_dlm_enabled { + [[ ,${ENABLED_SERVICES}, =~ ,"$(dlm_backend)", ]] && return 0 + return 1 +} + +# cleanup_dlm() - Remove residual data files, anything left over from previous +# runs that a clean run would need to clean up +function cleanup_dlm { + # NOTE(sdague): we don't check for is_enabled here because we + # should just delete this regardless. Some times users updated + # their service list before they run cleanup. + sudo rm -rf $ZOOKEEPER_DATA_DIR +} + +# configure_dlm() - Set config files, create data dirs, etc +function configure_dlm { + if is_dlm_enabled; then + sudo cp $FILES/zookeeper/* $ZOOKEEPER_CONF_DIR + sudo sed -i -e 's|.*dataDir.*|dataDir='$ZOOKEEPER_DATA_DIR'|' $ZOOKEEPER_CONF_DIR/zoo.cfg + # clean up from previous (possibly aborted) runs + # create required data files + sudo rm -rf $ZOOKEEPER_DATA_DIR + sudo mkdir -p $ZOOKEEPER_DATA_DIR + # restart after configuration, there is no reason to make this + # another step, because having data files that don't match the + # zookeeper running is just going to cause tears. + restart_service zookeeper + fi +} + +# install_dlm() - Collect source and prepare +function install_dlm { + if is_dlm_enabled; then + if is_ubuntu; then + install_package zookeeperd + else + die $LINENO "Don't know how to install zookeeper on this platform" + fi + fi +} + +# Restore xtrace +$XTRACE + +# Tell emacs to use shell-script-mode +## Local variables: +## mode: shell-script +## End: diff --git a/lib/zookeeper b/lib/zookeeper deleted file mode 100644 index 6637d52bca..0000000000 --- a/lib/zookeeper +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# -# lib/zookeeper -# Functions to control the installation and configuration of **zookeeper** - -# Dependencies: -# -# - ``functions`` file - -# ``stack.sh`` calls the entry points in this order: -# -# - is_zookeeper_enabled -# - install_zookeeper -# - configure_zookeeper -# - init_zookeeper -# - start_zookeeper -# - stop_zookeeper -# - cleanup_zookeeper - -# Save trace setting -XTRACE=$(set +o | grep xtrace) -set +o xtrace - - -# Defaults -# -------- - -# - -# Set up default directories -ZOOKEEPER_DATA_DIR=$DEST/data/zookeeper -ZOOKEEPER_CONF_DIR=/etc/zookeeper - - -# Entry Points -# ------------ - -# Test if any zookeeper service us enabled -# is_zookeeper_enabled -function is_zookeeper_enabled { - [[ ,${ENABLED_SERVICES}, =~ ,"zookeeper", ]] && return 0 - return 1 -} - -# cleanup_zookeeper() - Remove residual data files, anything left over from previous -# runs that a clean run would need to clean up -function cleanup_zookeeper { - sudo rm -rf $ZOOKEEPER_DATA_DIR -} - -# configure_zookeeper() - Set config files, create data dirs, etc -function configure_zookeeper { - sudo cp $FILES/zookeeper/* $ZOOKEEPER_CONF_DIR - sudo sed -i -e 's|.*dataDir.*|dataDir='$ZOOKEEPER_DATA_DIR'|' $ZOOKEEPER_CONF_DIR/zoo.cfg -} - -# init_zookeeper() - Initialize databases, etc. -function init_zookeeper { - # clean up from previous (possibly aborted) runs - # create required data files - sudo rm -rf $ZOOKEEPER_DATA_DIR - sudo mkdir -p $ZOOKEEPER_DATA_DIR -} - -# install_zookeeper() - Collect source and prepare -function install_zookeeper { - install_package zookeeperd -} - -# start_zookeeper() - Start running processes, including screen -function start_zookeeper { - # Starting twice Zookeeper on Ubuntu exits with error code 1. See LP#1513741 - # Match both systemd and sysvinit output - local running="(active \(running\)|start/running)" - if ! is_ubuntu || ! sudo /usr/sbin/service zookeeper status | egrep -q "$running"; then - start_service zookeeper - fi -} - -# stop_zookeeper() - Stop running processes (non-screen) -function stop_zookeeper { - stop_service zookeeper -} - -# Restore xtrace -$XTRACE - -# Tell emacs to use shell-script-mode -## Local variables: -## mode: shell-script -## End: diff --git a/stack.sh b/stack.sh index 68b932e4b1..3cc21586d7 100755 --- a/stack.sh +++ b/stack.sh @@ -539,7 +539,7 @@ source $TOP_DIR/lib/heat source $TOP_DIR/lib/neutron-legacy source $TOP_DIR/lib/ldap source $TOP_DIR/lib/dstat -source $TOP_DIR/lib/zookeeper +source $TOP_DIR/lib/dlm # Extras Source # -------------- @@ -724,11 +724,10 @@ run_phase stack pre-install install_rpc_backend -if is_service_enabled zookeeper; then - cleanup_zookeeper - configure_zookeeper - init_zookeeper -fi +# NOTE(sdague): dlm install is conditional on one being enabled by configuration +install_dlm +configure_dlm + if is_service_enabled $DATABASE_BACKENDS; then install_database fi @@ -968,15 +967,6 @@ save_stackenv $LINENO start_dstat -# Zookeeper -# ----- - -# zookeeper for use with tooz for Distributed Lock Management capabilities etc., -if is_service_enabled zookeeper; then - start_zookeeper -fi - - # Keystone # -------- diff --git a/stackrc b/stackrc index 76a5756dde..f4a162b50c 100644 --- a/stackrc +++ b/stackrc @@ -69,7 +69,7 @@ if ! isset ENABLED_SERVICES ; then # Dashboard ENABLED_SERVICES+=,horizon # Additional services - ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat,zookeeper + ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat fi # SQLAlchemy supports multiple database drivers for each database server diff --git a/unstack.sh b/unstack.sh index 0cace3254a..8eded837fd 100755 --- a/unstack.sh +++ b/unstack.sh @@ -69,7 +69,7 @@ source $TOP_DIR/lib/heat source $TOP_DIR/lib/neutron-legacy source $TOP_DIR/lib/ldap source $TOP_DIR/lib/dstat -source $TOP_DIR/lib/zookeeper +source $TOP_DIR/lib/dlm # Extras Source # -------------- From 9329290183c96be45363325a244861065413562d Mon Sep 17 00:00:00 2001 From: Tony Breeds Date: Mon, 9 Nov 2015 15:45:04 +1100 Subject: [PATCH 0068/2409] Update comments to reflect current USE_SCREEN usage In a couple of places the tracking of USE_SCREEN has drifted from the comments. Correct that. Change-Id: I63bdd5ca4de49bf653f5bc8f8e0e5efe67ef605c --- functions-common | 10 ++++------ stackrc | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/functions-common b/functions-common index 5c97aee9a3..3eeab09889 100644 --- a/functions-common +++ b/functions-common @@ -1352,6 +1352,7 @@ function is_running { # If the command includes shell metachatacters (;<>*) it must be run using a shell # If an optional group is provided sg will be used to run the # command as that group. +# Uses globals ``USE_SCREEN`` # run_process service "command-line" [group] function run_process { local service=$1 @@ -1370,7 +1371,7 @@ function run_process { # Helper to launch a process in a named screen # Uses globals ``CURRENT_LOG_TIME``, ```LOGDIR``, ``SCREEN_LOGDIR``, `SCREEN_NAME``, -# ``SERVICE_DIR``, ``USE_SCREEN``, ``SCREEN_IS_LOGGING`` +# ``SERVICE_DIR``, ``SCREEN_IS_LOGGING`` # screen_process name "command-line" [group] # Run a command in a shell in a screen window, if an optional group # is provided, use sg to set the group of the command. @@ -1381,7 +1382,6 @@ function screen_process { SCREEN_NAME=${SCREEN_NAME:-stack} SERVICE_DIR=${SERVICE_DIR:-${DEST}/status} - USE_SCREEN=$(trueorfalse True USE_SCREEN) screen -S $SCREEN_NAME -X screen -t $name @@ -1465,14 +1465,13 @@ function screen_rc { # If a PID is available use it, kill the whole process group via TERM # If screen is being used kill the screen window; this will catch processes # that did not leave a PID behind -# Uses globals ``SCREEN_NAME``, ``SERVICE_DIR``, ``USE_SCREEN`` +# Uses globals ``SCREEN_NAME``, ``SERVICE_DIR`` # screen_stop_service service function screen_stop_service { local service=$1 SCREEN_NAME=${SCREEN_NAME:-stack} SERVICE_DIR=${SERVICE_DIR:-${DEST}/status} - USE_SCREEN=$(trueorfalse True USE_SCREEN) if is_service_enabled $service; then # Clean up the screen window @@ -1490,7 +1489,6 @@ function stop_process { local service=$1 SERVICE_DIR=${SERVICE_DIR:-${DEST}/status} - USE_SCREEN=$(trueorfalse True USE_SCREEN) if is_service_enabled $service; then # Kill via pid if we have one available @@ -1552,11 +1550,11 @@ function service_check { } # Tail a log file in a screen if USE_SCREEN is true. +# Uses globals ``USE_SCREEN`` function tail_log { local name=$1 local logfile=$2 - USE_SCREEN=$(trueorfalse True USE_SCREEN) if [[ "$USE_SCREEN" = "True" ]]; then screen_process "$name" "sudo tail -f $logfile" fi diff --git a/stackrc b/stackrc index 76a5756dde..4f459397a0 100644 --- a/stackrc +++ b/stackrc @@ -101,7 +101,7 @@ HORIZON_APACHE_ROOT="/dashboard" # ctrl-c, up-arrow, enter to restart the service. Starting services # this way is slightly unreliable, and a bit slower, so this can # be disabled for automated testing by setting this value to False. -USE_SCREEN=True +USE_SCREEN=$(trueorfalse True USE_SCREEN) # When using screen, should we keep a log file on disk? You might # want this False if you have a long-running setup where verbose logs From 34a5aa5110c9651e2cf33d694d71b1e450495495 Mon Sep 17 00:00:00 2001 From: Tony Breeds Date: Tue, 10 Nov 2015 15:23:30 +1100 Subject: [PATCH 0069/2409] Remove unused compat variable SCREEN_DEV Currently we set USE_SCREEN to SCREEN_DEV if it's set. There is a comment to remove it once it's eracticated from CI. AFAICT this pre-condition has been met. Change-Id: I1423c8b9c18d1b3e34dbfe1c03be735c646a12b4 --- stackrc | 3 --- 1 file changed, 3 deletions(-) diff --git a/stackrc b/stackrc index 4f459397a0..075236890b 100644 --- a/stackrc +++ b/stackrc @@ -651,9 +651,6 @@ S3_SERVICE_PORT=${S3_SERVICE_PORT:-3333} PRIVATE_NETWORK_NAME=${PRIVATE_NETWORK_NAME:-"private"} PUBLIC_NETWORK_NAME=${PUBLIC_NETWORK_NAME:-"public"} -# Compatibility until it's eradicated from CI -USE_SCREEN=${SCREEN_DEV:-$USE_SCREEN} - # Set default screen name SCREEN_NAME=${SCREEN_NAME:-stack} From 201e3c133e28acb6dcdeb017389718db0775a748 Mon Sep 17 00:00:00 2001 From: Huan Xie Date: Thu, 27 Aug 2015 12:34:24 +0100 Subject: [PATCH 0070/2409] XenAPI:Fix problems to support xenserver+neutron The lack of a CI for XenAPI + Neutron has meant this support has been broken over time. This is set of one-off fixes that are needed to reintroduce support while we work towards getting a CI functional Related-Bug: #1495423 Change-Id: Id41fdc77c155756bda9e2e9ac0446a49f06f0603 --- lib/neutron-legacy | 2 +- lib/neutron_plugins/openvswitch_agent | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index c244e5470a..ac99678e66 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -639,7 +639,7 @@ function install_neutron { plugin_dir=$($ssh_dom0 "$xen_functions; set -eux; xapi_plugin_location") # install neutron plugins to dom0 - tar -czf - -C $NEUTRON_DIR/neutron/plugins/openvswitch/agent/xenapi/etc/xapi.d/plugins/ ./ | + tar -czf - -C $NEUTRON_DIR/neutron/plugins/ml2/drivers/openvswitch/agent/xenapi/etc/xapi.d/plugins/ ./ | $ssh_dom0 "tar -xzf - -C $plugin_dir && chmod a+x $plugin_dir/*" fi } diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent index 5a843ffba7..6a333939d0 100644 --- a/lib/neutron_plugins/openvswitch_agent +++ b/lib/neutron_plugins/openvswitch_agent @@ -71,6 +71,9 @@ function neutron_plugin_configure_plugin_agent { # Make a copy of our config for domU sudo cp /$Q_PLUGIN_CONF_FILE "/$Q_PLUGIN_CONF_FILE.domU" + # change domU's config file to STACK_USER + sudo chown $STACK_USER:$STACK_USER /$Q_PLUGIN_CONF_FILE.domU + # Deal with Dom0's L2 Agent: Q_RR_DOM0_COMMAND="$NEUTRON_BIN_DIR/neutron-rootwrap-xen-dom0 $Q_RR_CONF_FILE" @@ -82,7 +85,14 @@ function neutron_plugin_configure_plugin_agent { # Under XS/XCP, the ovs agent needs to target the dom0 # integration bridge. This is enabled by using a root wrapper # that executes commands on dom0 via a XenAPI plugin. + # XenAPI does not support daemon rootwrap now, so set root_helper_daemon empty iniset /$Q_PLUGIN_CONF_FILE agent root_helper "$Q_RR_DOM0_COMMAND" + iniset /$Q_PLUGIN_CONF_FILE agent root_helper_daemon "" + + # Disable minimize polling, so that it can always detect OVS and Port changes + # This is a problem of xenserver + neutron, bug has been reported + # https://bugs.launchpad.net/neutron/+bug/1495423 + iniset /$Q_PLUGIN_CONF_FILE agent minimize_polling False # Set "physical" mapping iniset /$Q_PLUGIN_CONF_FILE ovs bridge_mappings "physnet1:$FLAT_NETWORK_BRIDGE" @@ -95,10 +105,14 @@ function neutron_plugin_configure_plugin_agent { # Create a bridge "br-$GUEST_INTERFACE_DEFAULT" _neutron_ovs_base_add_bridge "br-$GUEST_INTERFACE_DEFAULT" # Add $GUEST_INTERFACE_DEFAULT to that bridge - sudo ovs-vsctl add-port "br-$GUEST_INTERFACE_DEFAULT" $GUEST_INTERFACE_DEFAULT + sudo ovs-vsctl -- --may-exist add-port "br-$GUEST_INTERFACE_DEFAULT" $GUEST_INTERFACE_DEFAULT + + # Create external bridge and add port + _neutron_ovs_base_add_bridge $PUBLIC_BRIDGE + sudo ovs-vsctl -- --may-exist add-port $PUBLIC_BRIDGE $PUBLIC_INTERFACE_DEFAULT # Set bridge mappings to "physnet1:br-$GUEST_INTERFACE_DEFAULT" - iniset "/$Q_PLUGIN_CONF_FILE.domU" ovs bridge_mappings "physnet1:br-$GUEST_INTERFACE_DEFAULT" + iniset "/$Q_PLUGIN_CONF_FILE.domU" ovs bridge_mappings "physnet1:br-$GUEST_INTERFACE_DEFAULT,physnet-ex:$PUBLIC_BRIDGE" # Set integration bridge to domU's iniset "/$Q_PLUGIN_CONF_FILE.domU" ovs integration_bridge $OVS_BRIDGE # Set root wrap From c175040103b6a903c286a253f0df0ddc468feae3 Mon Sep 17 00:00:00 2001 From: Jordan Pittier Date: Thu, 12 Nov 2015 11:03:20 +0100 Subject: [PATCH 0071/2409] Fix typo in error message printed if ran under virtualenv Commit title says it all. I don't know how you feel about these kind of commits, I feel like it's a waste of resources but I also feel bad when I see big/obvious typo. Change-Id: If048bb2dbad1a0b5a13e56b5fa1e6ea7c01eb05e --- stack.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 825ed968f3..36bf2afd48 100755 --- a/stack.sh +++ b/stack.sh @@ -99,10 +99,10 @@ fi # this explicit as it has come up on the mailing list. if [[ -n "$VIRTUAL_ENV" ]]; then echo "You appear to be running under a python virtualenv." - echo "DevStack does not support this, as we my break the" + echo "DevStack does not support this, as we may break the" echo "virtualenv you are currently in by modifying " echo "external system-level components the virtualenv relies on." - echo "We reccommend you use a separate virtual-machine if " + echo "We recommend you use a separate virtual-machine if " echo "you are worried about DevStack taking over your system." exit 1 fi From 33c9a67ead4b61a9eb423f71ca4f8e062c3b5ebd Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Thu, 12 Nov 2015 19:50:00 +0900 Subject: [PATCH 0072/2409] Fix typos on three comments and one message Fixes typos on three comments and one message in functions/functions-common Change-Id: I2c926ca29b284afd4534b92860fa46f248676a83 --- functions | 2 +- functions-common | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/functions b/functions index ca5955e974..34da1ba733 100644 --- a/functions +++ b/functions @@ -410,7 +410,7 @@ function get_instance_ip { ip=$(echo "$nova_result" | grep "$network_name" | get_field 2) if [[ $ip = "" ]];then echo "$nova_result" - die $LINENO "[Fail] Coudn't get ipaddress of VM" + die $LINENO "[Fail] Couldn't get ipaddress of VM" fi echo $ip } diff --git a/functions-common b/functions-common index 5c97aee9a3..98ecfb26ae 100644 --- a/functions-common +++ b/functions-common @@ -1036,7 +1036,7 @@ function _parse_package_files { # We are using BASH regexp matching feature. package=${BASH_REMATCH[1]} distros=${BASH_REMATCH[2]} - # In bash ${VAR,,} will lowecase VAR + # In bash ${VAR,,} will lowercase VAR # Look for a match in the distro list if [[ ! ${distros,,} =~ ${DISTRO,,} ]]; then # If no match then skip this package @@ -1509,7 +1509,7 @@ function stop_process { # this fixed in all services: # https://bugs.launchpad.net/oslo-incubator/+bug/1446583 sleep 1 - # /bin/true becakse pkill on a non existant process returns an error + # /bin/true because pkill on a non existent process returns an error pkill -g $(cat $SERVICE_DIR/$SCREEN_NAME/$service.pid) || /bin/true fi rm $SERVICE_DIR/$SCREEN_NAME/$service.pid @@ -1717,7 +1717,7 @@ function plugin_override_defaults { if [[ -f $dir/devstack/override-defaults ]]; then # be really verbose that an override is happening, as it # may not be obvious if things fail later. - echo "$plugin has overriden the following defaults" + echo "$plugin has overridden the following defaults" cat $dir/devstack/override-defaults source $dir/devstack/override-defaults fi From adcf40d5f8ec0509fe9230e04bf0bd3f269a3f53 Mon Sep 17 00:00:00 2001 From: Attila Fazekas Date: Thu, 5 Nov 2015 09:47:38 +0100 Subject: [PATCH 0073/2409] Ensure python is installed devstack can call python before parsing the package requirements, so the python installation needs to be done eralier. Closes-Bug: #1488625 Change-Id: I85cca899aeedd741cf7dc695435d61390e260f22 --- stack.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/stack.sh b/stack.sh index 825ed968f3..afb695836b 100755 --- a/stack.sh +++ b/stack.sh @@ -335,6 +335,10 @@ if [ -z "`grep ^127.0.0.1 /etc/hosts | grep $LOCAL_HOSTNAME`" ]; then sudo sed -i "s/\(^127.0.0.1.*\)/\1 $LOCAL_HOSTNAME/" /etc/hosts fi +# Ensure python is installed +# -------------------------- +is_package_installed python || install_package python + # Configure Logging # ----------------- From 790266f0d2b752627a8ac641c8f1c9ba1e8e85e8 Mon Sep 17 00:00:00 2001 From: "Sean M. Collins" Date: Wed, 11 Nov 2015 13:36:35 -0500 Subject: [PATCH 0074/2409] Delete $IPV6_PUBLIC_NETWORK_GATEWAY IP during cleanup So that it does not end up being the IP address that is picked to move back to $PUBLIC_INTERFACE when we call _move_neutron_address_route Change-Id: I3d29d4f11feff308f6ad5d950ef004b48ec11b67 Closes-Bug: 1514984 --- lib/neutron-legacy | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index eed477a550..35029a2031 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -835,6 +835,10 @@ function cleanup_neutron { _move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False "inet" if [[ $(ip -f inet6 a s dev "$OVS_PHYSICAL_BRIDGE" | grep -c 'global') != 0 ]]; then + # ip(8) wants the prefix length when deleting + local v6_gateway + v6_gateway=$(ip -6 a s dev $OVS_PHYSICAL_BRIDGE | grep $IPV6_PUBLIC_NETWORK_GATEWAY | awk '{ print $2 }') + sudo ip -6 addr del $v6_gateway dev $OVS_PHYSICAL_BRIDGE _move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False "inet6" fi From fe7b56cdefa4d5cb99b868e5659128601edf3600 Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Fri, 13 Nov 2015 17:06:16 +0900 Subject: [PATCH 0075/2409] Fix typos for stack.sh and lib of comments and message Fix 10 comments and 1 message stack.sh Certicate => Certificate (comment) lib/stack Sentinal => Sentinel (comment) lib/neutron-legacy overriden => overridden (comment) necesssary => necessary (comment) notifiy => notify (message) notifations => notifications (comment) lib/rpc_backend orginal => original (comment) cofiguration => configuration (comment) lib/stack confgured => configured (comment) lib/swift additinal => additional (comment) calclution => calculation (comment) maximun => maximum (comment) Change-Id: I3637388b67decb007cd49af9addecc654009559b --- lib/neutron-legacy | 6 +++--- lib/rpc_backend | 4 ++-- lib/stack | 2 +- lib/swift | 6 +++--- stack.sh | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index c244e5470a..a38b1c1d7e 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -256,7 +256,7 @@ ENABLE_TENANT_TUNNELS=${ENABLE_TENANT_TUNNELS:-True} # If using GRE tunnels for tenant networks, specify the range of # tunnel IDs from which tenant networks are allocated. Can be -# overriden in ``localrc`` in necesssary. +# overridden in ``localrc`` in necessary. TENANT_TUNNEL_RANGES=${TENANT_TUNNEL_RANGES:-1:1000} # To use VLANs for tenant networks, set to True in localrc. VLANs @@ -537,7 +537,7 @@ function create_neutron_initial_network { if is_provider_network; then die_if_not_set $LINENO PHYSICAL_NETWORK "You must specify the PHYSICAL_NETWORK" - die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specifiy the PROVIDER_NETWORK_TYPE" + die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specify the PROVIDER_NETWORK_TYPE" NET_ID=$(neutron net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" ${SEGMENTATION_ID:+--provider:segmentation_id $SEGMENTATION_ID} --shared | grep ' id ' | get_field 2) die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PHYSICAL_NETWORK $TENANT_ID" @@ -1123,7 +1123,7 @@ function _configure_neutron_service { iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY _neutron_setup_keystone $NEUTRON_CONF keystone_authtoken - # Configuration for neutron notifations to nova. + # Configuration for neutron notifications to nova. iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES diff --git a/lib/rpc_backend b/lib/rpc_backend index 03eacd8674..298dcb6e5f 100644 --- a/lib/rpc_backend +++ b/lib/rpc_backend @@ -58,7 +58,7 @@ function restart_rpc_backend { # NOTE(bnemec): Retry initial rabbitmq configuration to deal with # the fact that sometimes it fails to start properly. # Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1144100 - # NOTE(tonyb): Extend the orginal retry logic to only restart rabbitmq + # NOTE(tonyb): Extend the original retry logic to only restart rabbitmq # every second time around the loop. # See: https://bugs.launchpad.net/devstack/+bug/1449056 for details on # why this is needed. This can bee seen on vivid and Debian unstable @@ -106,7 +106,7 @@ function get_transport_url { fi } -# iniset cofiguration +# iniset configuration function iniset_rpc_backend { local package=$1 local file=$2 diff --git a/lib/stack b/lib/stack index 47e8ce2a22..7d98604b82 100644 --- a/lib/stack +++ b/lib/stack @@ -14,7 +14,7 @@ # Functions # --------- -# Generic service install handles venv creation if confgured for service +# Generic service install handles venv creation if configured for service # stack_install_service service function stack_install_service { local service=$1 diff --git a/lib/swift b/lib/swift index 3a8e80dd44..634d6ccb35 100644 --- a/lib/swift +++ b/lib/swift @@ -123,13 +123,13 @@ SWIFT_REPLICAS_SEQ=$(seq ${SWIFT_REPLICAS}) # trace through the logs when looking for its use. SWIFT_LOG_TOKEN_LENGTH=${SWIFT_LOG_TOKEN_LENGTH:-12} -# Set ``SWIFT_MAX_HEADER_SIZE`` to configure the maximun length of headers in +# Set ``SWIFT_MAX_HEADER_SIZE`` to configure the maximum length of headers in # Swift API SWIFT_MAX_HEADER_SIZE=${SWIFT_MAX_HEADER_SIZE:-16384} # Set ``OBJECT_PORT_BASE``, ``CONTAINER_PORT_BASE``, ``ACCOUNT_PORT_BASE`` -# Port bases used in port number calclution for the service "nodes" -# The specified port number will be used, the additinal ports calculated by +# Port bases used in port number calculation for the service "nodes" +# The specified port number will be used, the additional ports calculated by # base_port + node_num * 10 OBJECT_PORT_BASE=${OBJECT_PORT_BASE:-6613} CONTAINER_PORT_BASE=${CONTAINER_PORT_BASE:-6611} diff --git a/stack.sh b/stack.sh index 25c49c5709..d3d3fb2f60 100755 --- a/stack.sh +++ b/stack.sh @@ -926,8 +926,8 @@ fi restart_rpc_backend -# Export Certicate Authority Bundle -# --------------------------------- +# Export Certificate Authority Bundle +# ----------------------------------- # If certificates were used and written to the SSL bundle file then these # should be exported so clients can validate their connections. From 65a028bf1c3685e16fafbc7c44adaeeeb6e9cf58 Mon Sep 17 00:00:00 2001 From: "Chung Chih, Hung" Date: Fri, 13 Nov 2015 11:10:48 +0000 Subject: [PATCH 0076/2409] [ceph] Deploy ceph failed at controller node for multiple node Controller node wouldn't install libvirt package. The package will only been installed at nodes which had enable nova-compute. We only need to configure libvirt secret if it had enable nova-compute. Change-Id: I9cd6baf1820ce9f71c276d7e8b670307833578a5 Closes-Bug: 1515960 --- extras.d/60-ceph.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extras.d/60-ceph.sh b/extras.d/60-ceph.sh index 38b901b767..cc90128176 100644 --- a/extras.d/60-ceph.sh +++ b/extras.d/60-ceph.sh @@ -32,7 +32,7 @@ if is_service_enabled ceph; then echo_summary "Configuring Cinder for Ceph" configure_ceph_cinder fi - if is_service_enabled cinder || is_service_enabled nova; then + if is_service_enabled n-cpu; then # NOTE (leseb): the part below is a requirement to attach Ceph block devices echo_summary "Configuring libvirt secret" import_libvirt_secret_ceph From bbe59edb6f4a5828362c59a200f6ede00f97a4c3 Mon Sep 17 00:00:00 2001 From: Steve Martinelli Date: Wed, 21 Oct 2015 00:47:43 -0400 Subject: [PATCH 0077/2409] Use openstackclient in swift exercises With the release of osc 1.8.0, swift support has been expanded and we can now remove references to the swift CLI from this exercise file. Also made minor improvements to comments. Change-Id: I04069eb6251f8cbf8266183441b2cfdb64defd7d --- exercises/swift.sh | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/exercises/swift.sh b/exercises/swift.sh index afcede81cd..4a41e0f1ed 100755 --- a/exercises/swift.sh +++ b/exercises/swift.sh @@ -2,7 +2,7 @@ # **swift.sh** -# Test swift via the ``swift`` command line from ``python-swiftclient`` +# Test swift via the ``python-openstackclient`` command line echo "*********************************************************************" echo "Begin DevStack Exercise: $0" @@ -39,26 +39,29 @@ is_service_enabled s-proxy || exit 55 # Container name CONTAINER=ex-swift +OBJECT=/etc/issue # Testing Swift # ============= # Check if we have to swift via keystone -swift stat || die $LINENO "Failure getting status" +openstack object store account show || die $LINENO "Failure getting account status" # We start by creating a test container openstack container create $CONTAINER || die $LINENO "Failure creating container $CONTAINER" -# add some files into it. -openstack object create $CONTAINER /etc/issue || die $LINENO "Failure uploading file to container $CONTAINER" +# add a file into it. +openstack object create $CONTAINER $OBJECT || die $LINENO "Failure uploading file to container $CONTAINER" -# list them +# list the objects openstack object list $CONTAINER || die $LINENO "Failure listing contents of container $CONTAINER" -# And we may want to delete them now that we have tested that -# everything works. -swift delete $CONTAINER || die $LINENO "Failure deleting container $CONTAINER" +# delete the object first +openstack object delete $CONTAINER $OBJECT || die $LINENO "Failure deleting object $OBJECT in container $CONTAINER" + +# delete the container +openstack container delete $CONTAINER || die $LINENO "Failure deleting container $CONTAINER" set +o xtrace echo "*********************************************************************" From 01cf55a69259a52a9e5e8614347f238826c6a7ca Mon Sep 17 00:00:00 2001 From: yangyapeng Date: Thu, 29 Oct 2015 13:21:29 -0400 Subject: [PATCH 0078/2409] Fix RST in configuration.rst Fix minor RST issue from before file was converted. Change-Id: Ie16ceace9c17e98010e068641ce60ba9a365ede0 --- doc/source/configuration.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst index e9921f049c..22841f6c13 100644 --- a/doc/source/configuration.rst +++ b/doc/source/configuration.rst @@ -211,7 +211,7 @@ Enabling Syslog Logging all services to a single syslog can be convenient. Enable syslogging by setting ``SYSLOG`` to ``True``. If the destination log host is not localhost ``SYSLOG_HOST`` and ``SYSLOG_PORT`` can be used -to direct the message stream to the log host. | +to direct the message stream to the log host. :: From ca7e4f285cfb68bae13e8df770dc2b5856559ecd Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Fri, 13 Nov 2015 11:15:15 +1100 Subject: [PATCH 0079/2409] Fix error detection & exit in report_results We wish to fail if we have >0 zero errors, not >1 errors (i.e. exactly one error did not trigger a failure!) This change also brings consistency to the pass & failure paths by ensuring report_results exits in both cases, since report_results is supposed to be the last thing run in a test file. Change-Id: Id4721dffe13721e6c3cd71bca40c3395627e98bf --- tests/unittest.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/unittest.sh b/tests/unittest.sh index df7a8b4534..2570319fbf 100644 --- a/tests/unittest.sh +++ b/tests/unittest.sh @@ -92,16 +92,17 @@ function assert_empty { fi } -# print a summary of passing and failing tests, exiting -# with an error if we have failed tests +# Print a summary of passing and failing tests and exit +# (with an error if we have failed tests) # usage: report_results function report_results { echo "$PASS Tests PASSED" - if [[ $ERROR -gt 1 ]]; then + if [[ $ERROR -gt 0 ]]; then echo echo "The following $ERROR tests FAILED" echo -e "$FAILED_FUNCS" echo "---" exit 1 fi + exit 0 } From ecf06dbadb7c4cafb7a2fab13e58c1b05dd8a3f2 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Mon, 9 Nov 2015 17:42:23 +1100 Subject: [PATCH 0080/2409] Add test for package file ordering Add a simple test to ensure package install files remain sorted alphabetically (follow-on from the sorting of the files done in I01e42defbf778626afd8dd457f93f0b02dd1a19d) Change-Id: I75568871e92afcd81dac2c3ce18b84aa34cdd289 --- tests/test_package_ordering.sh | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100755 tests/test_package_ordering.sh diff --git a/tests/test_package_ordering.sh b/tests/test_package_ordering.sh new file mode 100755 index 0000000000..a568abf928 --- /dev/null +++ b/tests/test_package_ordering.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# basic test to ensure that package-install files remain sorted +# alphabetically. + +TOP=$(cd $(dirname "$0")/.. && pwd) + +source $TOP/tests/unittest.sh + +PKG_FILES=$(find $TOP/files/debs $TOP/files/rpms $TOP/files/rpms-suse -type f) + +TMPDIR=$(mktemp -d) + +SORTED=${TMPDIR}/sorted +UNSORTED=${TMPDIR}/unsorted + +for p in $PKG_FILES; do + grep -v '^#' $p > ${UNSORTED} + sort ${UNSORTED} > ${SORTED} + + if [ -n "$(diff -c ${UNSORTED} ${SORTED})" ]; then + failed "$p is unsorted" + # output this, it's helpful to see what exactly is unsorted + diff -c ${UNSORTED} ${SORTED} + else + passed "$p is sorted" + fi +done + +rm -rf ${TMPDIR} + +report_results From 199d857442108326959d391c337e3b02b98a1b1e Mon Sep 17 00:00:00 2001 From: Johan Pas Date: Tue, 17 Nov 2015 00:56:25 +0100 Subject: [PATCH 0081/2409] Remove brackets from IPv6 address in mysql cfgfile stack.sh creates a user-specific configuration file ~/.my.cnf for mysql. If devstack is installed with SERVICE_IP_VERSION=6 option in local.conf, the IPv6 host address was stored in the ~/.my.cnf file with square brackets. However mysql does not use bracketing for IPv6 addresses, resulting in 'Unknown MySQL server host' error when 'mysql' command is run. With this patch IPv6 host address is written to ~/.my.cnf without brackets. Closes-Bug: #1516776 Change-Id: I27a7be8c75cf6b09b4a75dc4c9d09cd36bc5ac81 --- lib/databases/mysql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/databases/mysql b/lib/databases/mysql index c2ab32e5b2..cc74b33327 100644 --- a/lib/databases/mysql +++ b/lib/databases/mysql @@ -143,7 +143,7 @@ MYSQL_PRESEED [client] user=$DATABASE_USER password=$DATABASE_PASSWORD -host=$DATABASE_HOST +host=$MYSQL_HOST EOF chmod 0600 $HOME/.my.cnf fi From 95a9ff0587adece32817b4f432588b1ab76a5972 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Thu, 12 Nov 2015 14:49:20 +1100 Subject: [PATCH 0082/2409] Add option to skip EPEL & other repo installs Add an option to skip the EPEL & other repo installs for rhel7 based platforms. This option can serve two purposes; firstly as described in I834f20e9ceae151788cec3649385da1274d7ba46 during platform bringup, a publically available EPEL might not be available. This will allow you to pre-configure a hand-built repo, etc. so you can continue testing. The other thing is that in a CI system you might be frequently building images and pre-installing EPEL/RDO etc. In that case this is just extra work. Change-Id: I9809449f4a43fa9b547c6e3ca92722c7f6e66d6a --- stack.sh | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index 9b811b7b67..e31cd604c5 100755 --- a/stack.sh +++ b/stack.sh @@ -263,9 +263,7 @@ fi # Some distros need to add repos beyond the defaults provided by the vendor # to pick up required packages. -if is_fedora && [[ $DISTRO == "rhel7" ]]; then - # RHEL requires EPEL for many Open Stack dependencies - +function _install_epel_and_rdo { # NOTE: We always remove and install latest -- some environments # use snapshot images, and if EPEL version updates they break # unless we update them to latest version. @@ -295,18 +293,27 @@ EOF sudo yum-config-manager --enable epel-bootstrap yum_install epel-release || \ die $LINENO "Error installing EPEL repo, cannot continue" - # EPEL rpm has installed it's version sudo rm -f /etc/yum.repos.d/epel-bootstrap.repo # ... and also optional to be enabled sudo yum-config-manager --enable rhel-7-server-optional-rpms + # install the lastest RDO sudo yum install -y https://rdoproject.org/repos/rdo-release.rpm if is_oraclelinux; then sudo yum-config-manager --enable ol7_optional_latest ol7_addons ol7_MySQL56 fi +} + +# If you have all the repos installed above already setup (e.g. a CI +# situation where they are on your image) you may choose to skip this +# to speed things up +SKIP_EPEL_INSTALL=$(trueorfalse False SKIP_EPEL_INSTALL) +if is_fedora && [[ $DISTRO == "rhel7" ]] && \ + [[ ${SKIP_EPEL_INSTALL} != True ]]; then + _install_epel_and_rdo fi From cdba7b0e533b07d9ea896ced5085c5ce98ee2aaa Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 26 May 2015 15:33:45 -0400 Subject: [PATCH 0083/2409] Specify HTTPS URLs to fix tls-proxy mode A number of new settings are required for glance, cinder and keystone to be installable when the tls-proxy service is enabled. For cinder a new public_endpoint option was added and this needs to be set to the secure port. Keystone needs the admin_endpoint and public_endpoints defined otherwise during discovery the default, non-secure versions, will be returned. The keystone authtoken identity_uri was set at its default value in the glance registry and API configuration files. Change-Id: Ibb944ad7eb000edc6bccfcded765d1976d4d46d0 Closes-Bug: #1460807 --- lib/cinder | 2 ++ lib/glance | 3 +++ lib/keystone | 3 +++ 3 files changed, 8 insertions(+) diff --git a/lib/cinder b/lib/cinder index 1307c11f7a..cc203ad414 100644 --- a/lib/cinder +++ b/lib/cinder @@ -309,6 +309,8 @@ function configure_cinder { if is_service_enabled tls-proxy; then # Set the service port for a proxy to take the original iniset $CINDER_CONF DEFAULT osapi_volume_listen_port $CINDER_SERVICE_PORT_INT + + iniset $CINDER_CONF DEFAULT public_endpoint $CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT fi if [ "$SYSLOG" != "False" ]; then diff --git a/lib/glance b/lib/glance index 2eb93a46e6..5712943bca 100644 --- a/lib/glance +++ b/lib/glance @@ -167,6 +167,9 @@ function configure_glance { iniset $GLANCE_API_CONF DEFAULT bind_port $GLANCE_SERVICE_PORT_INT iniset $GLANCE_API_CONF DEFAULT public_endpoint $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT iniset $GLANCE_REGISTRY_CONF DEFAULT bind_port $GLANCE_REGISTRY_PORT_INT + + iniset $GLANCE_API_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI + iniset $GLANCE_REGISTRY_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI fi # Register SSL certificates if provided diff --git a/lib/keystone b/lib/keystone index 5a2afbfe02..c484795c7e 100644 --- a/lib/keystone +++ b/lib/keystone @@ -233,6 +233,9 @@ function configure_keystone { # Set the service ports for a proxy to take the originals iniset $KEYSTONE_CONF eventlet_server public_port $KEYSTONE_SERVICE_PORT_INT iniset $KEYSTONE_CONF eventlet_server admin_port $KEYSTONE_AUTH_PORT_INT + + iniset $KEYSTONE_CONF DEFAULT public_endpoint $KEYSTONE_SERVICE_URI + iniset $KEYSTONE_CONF DEFAULT admin_endpoint $KEYSTONE_AUTH_URI fi iniset $KEYSTONE_CONF DEFAULT admin_token "$SERVICE_TOKEN" From bd4048a3c50e3cd215785e187e9e40b78bd064ae Mon Sep 17 00:00:00 2001 From: Steve Baker Date: Wed, 18 Nov 2015 10:55:22 +1300 Subject: [PATCH 0084/2409] Never uninstall python-pip on fedora Python in f23 and f22 depends on the python-pip package so removing it results in a nonfunctional system. pip on fedora installs to /usr so pip can safely override the system pip for all versions of Fedora. Change-Id: I336c7ffdf00784ca8deba7d6612a08b96a0ad098 Closes-Bug: #1467569 --- tools/install_pip.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/install_pip.sh b/tools/install_pip.sh index ab5efb2e77..1728816890 100755 --- a/tools/install_pip.sh +++ b/tools/install_pip.sh @@ -111,8 +111,10 @@ get_versions # Eradicate any and all system packages -# python in f23 depends on the python-pip package -if ! { is_fedora && [[ $DISTRO == "f23" ]]; }; then +# Python in f23 and f22 depends on the python-pip package so removing it +# results in a nonfunctional system. pip on fedora installs to /usr so pip +# can safely override the system pip for all versions of fedora +if ! is_fedora ; then uninstall_package python-pip fi From bb9caeae00bb9e4654838f782d2e07331f4ecae4 Mon Sep 17 00:00:00 2001 From: Brian Haley Date: Mon, 16 Nov 2015 17:18:42 -0500 Subject: [PATCH 0085/2409] Consolidate two /sbin/ip commands into a single one When determining the primary IP/IPv6 addresses on a system, we can use the /sbin/ip command to filter them for us. The resulting address is parsed the same way for both address families, so we can use just a single command. Change-Id: I0471ff5a258a16a23061941ac38063dbf3d7c233 --- lib/neutron-legacy | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 85f7fc0a7c..978943dae2 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -801,13 +801,7 @@ function _move_neutron_addresses_route { DEFAULT_ROUTE_GW=$(ip -f $af r | awk "/default.+$from_intf/ { print \$3; exit }") local ADD_OVS_PORT="" - if [[ $af == "inet" ]]; then - IP_BRD=$(ip -f $af a s dev $from_intf | grep inet | awk '{ print $2, $3, $4; exit }') - fi - - if [[ $af == "inet6" ]]; then - IP_BRD=$(ip -f $af a s dev $from_intf | grep 'scope global' | sed '/temporary/d' | awk '{ print $2, $3, $4; exit }') - fi + IP_BRD=$(ip -f $af a s dev $from_intf scope global primary | grep inet | awk '{ print $2, $3, $4; exit }') if [ "$DEFAULT_ROUTE_GW" != "" ]; then ADD_DEFAULT_ROUTE="sudo ip -f $af r replace default via $DEFAULT_ROUTE_GW dev $to_intf" From 2960bfa7f63c26d94c8aed2c3e1a6ff039b530f0 Mon Sep 17 00:00:00 2001 From: Tushar Gohad Date: Tue, 17 Nov 2015 14:06:28 -0700 Subject: [PATCH 0086/2409] Add liberasurecode-dev as a swift dependency Swift requirement PyECLib won't bundle liberasurecode going forward given the package is available in common distros now. This patch adds liberasurecode-dev(el) package to the devstack debs/rpms list for Swift as a PyECLib build/install dependency. Change-Id: Idbc2ca3f677f1b8153ebf3a5912f4354525a55c7 --- files/debs/swift | 1 + files/rpms-suse/swift | 1 + files/rpms/swift | 1 + 3 files changed, 3 insertions(+) diff --git a/files/debs/swift b/files/debs/swift index 726786ee18..4b8ac3d793 100644 --- a/files/debs/swift +++ b/files/debs/swift @@ -1,4 +1,5 @@ curl +liberasurecode-dev make memcached sqlite3 diff --git a/files/rpms-suse/swift b/files/rpms-suse/swift index 52e0a990e7..3663b98545 100644 --- a/files/rpms-suse/swift +++ b/files/rpms-suse/swift @@ -1,4 +1,5 @@ curl +liberasurecode-devel memcached sqlite3 xfsprogs diff --git a/files/rpms/swift b/files/rpms/swift index f56a81b0d1..46dc59d74d 100644 --- a/files/rpms/swift +++ b/files/rpms/swift @@ -1,4 +1,5 @@ curl +liberasurecode-devel memcached pyxattr rsync-daemon # dist:f22,f23 From 93e2499ee1abfd2f9ed1ebda7a7d4d0deab04f80 Mon Sep 17 00:00:00 2001 From: Deepak C Shetty Date: Wed, 18 Nov 2015 12:29:33 +0530 Subject: [PATCH 0087/2409] doc: document override_defaults phase override_defaults phase was added to devstack in [1] but documentation was pending. This patch adds the same. For history around override_defaults, one can refer to the mail thread [2] Also fixes a small typo [1]: https://review.openstack.org/#/c/167933/ [2]: http://lists.openstack.org/pipermail/openstack-dev/2015-March/059621.html Change-Id: I1b58ca0ce0e4b85a1dbd710b4c426606fd4dcf45 --- doc/source/plugins.rst | 13 +++++++++++-- extras.d/README.md | 9 ++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/doc/source/plugins.rst b/doc/source/plugins.rst index 8bd3797cd2..b8da7e1237 100644 --- a/doc/source/plugins.rst +++ b/doc/source/plugins.rst @@ -19,7 +19,16 @@ DevStack supports a standard mechanism for including plugins from external repositories. The plugin interface assumes the following: An external git repository that includes a ``devstack/`` top level -directory. Inside this directory there can be 2 files. +directory. Inside this directory there can be 3 files. + +- ``override_defaults`` - a file containing global variables that + will be sourced before the lib/* files. This allows the plugin + to override the defaults that are otherwise set in the lib/* + files. + + For example, override_defaults may export CINDER_ENABLED_BACKENDS + to include the plugin-specific storage backend and thus be able + to override the default lvm only storage backend for Cinder. - ``settings`` - a file containing global variables that will be sourced very early in the process. This is helpful if other plugins @@ -38,7 +47,7 @@ directory. Inside this directory there can be 2 files. - ``plugin.sh`` - the actual plugin. It is executed by devstack at well defined points during a ``stack.sh`` run. The plugin.sh - internal structure is discussed bellow. + internal structure is discussed below. Plugins are registered by adding the following to the localrc section diff --git a/extras.d/README.md b/extras.d/README.md index 7c2e4fe970..4cec14b4e7 100644 --- a/extras.d/README.md +++ b/extras.d/README.md @@ -14,10 +14,13 @@ The scripts are sourced at the beginning of each script that calls them. The entire `stack.sh` variable space is available. The scripts are sourced with one or more arguments, the first of which defines the hook phase: - source | stack | unstack | clean + override_defaults | source | stack | unstack | clean - source: always called first in any of the scripts, used to set the - initial defaults in a lib/* script or similar + override_defaults: always called first in any of the scripts, used to + override defaults (if need be) that are otherwise set in lib/* scripts + + source: called by stack.sh. Used to set the initial defaults in a lib/* + script or similar stack: called by stack.sh. There are four possible values for the second arg to distinguish the phase stack.sh is in: From 7860f2ba3189b0361693c8ee9c65d8d03fb115d6 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Tue, 17 Nov 2015 11:59:07 -0500 Subject: [PATCH 0088/2409] install ebtables locking workaround ebtables is racing with itself when nova and libvirt attempt to create rules at the same time in the nat table. ebtables now has an explicit --concurrent flag, that all tools must opt into to prevent ebtables from inherently being unsafe to run. libvirt gained this support in 1.2.11, which is too new for our ubuntu primary testing environment. Nova still hasn't added this support, though even if it did, we'd run into the issue with libvirt. We can do the most ghetto thing possible and create a wrapper for ebtables that does explicit locking on it's own. It's pretty terrible, but it should work. And it is the kind of work around that people unable to upgrade libvirt will probably need to do. This is an opt in value which we should set in the gate to True. Related-Bug: #1501558 Change-Id: Ic6fa847eba34c21593b9df86a1c2c179534d0ba5 --- files/ebtables.workaround | 23 +++++++++++++++++++++ lib/nova_plugins/functions-libvirt | 5 +++++ stackrc | 10 +++++++++ tools/install_ebtables_workaround.sh | 31 ++++++++++++++++++++++++++++ 4 files changed, 69 insertions(+) create mode 100644 files/ebtables.workaround create mode 100755 tools/install_ebtables_workaround.sh diff --git a/files/ebtables.workaround b/files/ebtables.workaround new file mode 100644 index 0000000000..c8af51fad5 --- /dev/null +++ b/files/ebtables.workaround @@ -0,0 +1,23 @@ +#!/bin/bash +# +# Copyright 2015 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# +# This is a terrible, terrible, truly terrible work around for +# environments that have libvirt < 1.2.11. ebtables requires that you +# specifically tell it you would like to not race and get punched in +# the face when 2 run at the same time with a --concurrent flag. + +flock -w 300 /var/lock/ebtables.nova /sbin/ebtables.real $@ diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt index 78c59786d8..045fc8b919 100644 --- a/lib/nova_plugins/functions-libvirt +++ b/lib/nova_plugins/functions-libvirt @@ -31,6 +31,11 @@ function install_libvirt { fi install_package libvirt-bin libvirt-dev pip_install_gr libvirt-python + if [[ "$EBTABLES_RACE_FIX" == "True" ]]; then + # Work around for bug #1501558. We can remove this once we + # get to a version of Ubuntu that has new enough libvirt. + TOP_DIR=$TOP_DIR $TOP_DIR/tools/install_ebtables_workaround.sh + fi #pip_install_gr elif is_fedora || is_suse; then install_package kvm diff --git a/stackrc b/stackrc index 76a5756dde..53ed25d83e 100644 --- a/stackrc +++ b/stackrc @@ -769,6 +769,16 @@ GIT_DEPTH=${GIT_DEPTH:-0} # Use native SSL for servers in ``SSL_ENABLED_SERVICES`` USE_SSL=$(trueorfalse False USE_SSL) +# ebtables is inherently racey. If you run it by two or more processes +# simultaneously it will collide, badly, in the kernel and produce +# failures or corruption of ebtables. The only way around it is for +# all tools running ebtables to only ever do so with the --concurrent +# flag. This requires libvirt >= 1.2.11. +# +# If you don't have this then the following work around will replace +# ebtables with a wrapper script so that it is safe to run without +# that flag. +EBTABLES_RACE_FIX=$(trueorfalse False EBTABLES_RACE_FIX) # Following entries need to be last items in file diff --git a/tools/install_ebtables_workaround.sh b/tools/install_ebtables_workaround.sh new file mode 100755 index 0000000000..45ced87f13 --- /dev/null +++ b/tools/install_ebtables_workaround.sh @@ -0,0 +1,31 @@ +#!/bin/bash -eu +# +# Copyright 2015 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# +# This replaces the ebtables on your system with a wrapper script that +# does implicit locking. This is needed if libvirt < 1.2.11 on your platform. + +EBTABLES=/sbin/ebtables +EBTABLESREAL=/sbin/ebtables.real +FILES=$TOP_DIR/files + +if [[ -f "$EBTABLES" ]]; then + if file $EBTABLES | grep ELF; then + sudo mv $EBTABLES $EBTABLESREAL + sudo install -m 0755 $FILES/ebtables.workaround $EBTABLES + echo "Replaced ebtables with locking workaround" + fi +fi From 2ba36cda7940d630514a7864132837191d8c561f Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Thu, 12 Nov 2015 13:52:36 +1100 Subject: [PATCH 0089/2409] Add vercmp function The existing vercmp_numbers function only handles, as the name says, numbers. I noticed that "sort" has had a version sort for a long time [1] and, rather than re-implement it badly, use this as a version of vercmp that works a bit more naturally. This is intended to be used in an "if" statement as in prog_ver=$(prog_ver --version | grep ...) if vercmp $prog_ver "<" 2.0; then ... fi A test-case is added to test the basic features and some edge-cases. [1] http://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=4c9fae4e97d95a9f89d1399a8aeb03051f0fec96 Change-Id: Ie55283acdc40a095b80b2631a55310072883ad0d --- functions | 46 +++++++++++++++++++++++++++++++++++++++++++ tests/test_vercmp.sh | 47 ++++++++++++++++++++++++++++++++++++++++++++ tests/unittest.sh | 45 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 138 insertions(+) create mode 100755 tests/test_vercmp.sh diff --git a/functions b/functions index 34da1ba733..e5e3400ff8 100644 --- a/functions +++ b/functions @@ -527,12 +527,58 @@ function vercmp_numbers { typeset v1=$1 v2=$2 sep typeset -a ver1 ver2 + deprecated "vercmp_numbers is deprecated for more generic vercmp" + IFS=. read -ra ver1 <<< "$v1" IFS=. read -ra ver2 <<< "$v2" _vercmp_r "${#ver1[@]}" "${ver1[@]}" "${ver2[@]}" } +# vercmp ver1 op ver2 +# Compare VER1 to VER2 +# - op is one of < <= == >= > +# - returns true if satisified +# e.g. +# if vercmp 1.0 "<" 2.0; then +# ... +# fi +function vercmp { + local v1=$1 + local op=$2 + local v2=$3 + local result + + # sort the two numbers with sort's "-V" argument. Based on if v2 + # swapped places with v1, we can determine ordering. + result=$(echo -e "$v1\n$v2" | sort -V | head -1) + + case $op in + "==") + [ "$v1" = "$v2" ] + return + ;; + ">") + [ "$v1" != "$v2" ] && [ "$result" = "$v2" ] + return + ;; + "<") + [ "$v1" != "$v2" ] && [ "$result" = "$v1" ] + return + ;; + ">=") + [ "$result" = "$v2" ] + return + ;; + "<=") + [ "$result" = "$v1" ] + return + ;; + *) + die $LINENO "unrecognised op: $op" + ;; + esac +} # This function sets log formatting options for colorizing log # output to stdout. It is meant to be called by lib modules. diff --git a/tests/test_vercmp.sh b/tests/test_vercmp.sh new file mode 100755 index 0000000000..c88bf86d7e --- /dev/null +++ b/tests/test_vercmp.sh @@ -0,0 +1,47 @@ +#!/usr/bin/env bash + +# Tests for DevStack vercmp functionality + +TOP=$(cd $(dirname "$0")/.. && pwd) + +# Import common functions +source $TOP/functions +source $TOP/tests/unittest.sh + +assert_true "numeric gt" vercmp 2.0 ">" 1.0 +assert_true "numeric gte" vercmp 2.0 ">=" 1.0 +assert_true "numeric gt" vercmp 1.0.1 ">" 1.0 +assert_true "numeric gte" vercmp 1.0.1 ">=" 1.0 +assert_true "alpha gt" vercmp 1.0.1b ">" 1.0.1a +assert_true "alpha gte" vercmp 1.0.1b ">=" 1.0.1a +assert_true "alpha gt" vercmp b ">" a +assert_true "alpha gte" vercmp b ">=" a +assert_true "alpha gt" vercmp 2.0-rc3 ">" 2.0-rc1 +assert_true "alpha gte" vercmp 2.0-rc3 ">=" 2.0-rc1 + +assert_false "numeric gt fail" vercmp 1.0 ">" 1.0 +assert_true "numeric gte" vercmp 1.0 ">=" 1.0 +assert_false "numeric gt fail" vercmp 0.9 ">" 1.0 +assert_false "numeric gte fail" vercmp 0.9 ">=" 1.0 +assert_false "numeric gt fail" vercmp 0.9.9 ">" 1.0 +assert_false "numeric gte fail" vercmp 0.9.9 ">=" 1.0 +assert_false "numeric gt fail" vercmp 0.9a.9 ">" 1.0.1 +assert_false "numeric gte fail" vercmp 0.9a.9 ">=" 1.0.1 + +assert_false "numeric lt" vercmp 1.0 "<" 1.0 +assert_true "numeric lte" vercmp 1.0 "<=" 1.0 +assert_true "numeric lt" vercmp 1.0 "<" 1.0.1 +assert_true "numeric lte" vercmp 1.0 "<=" 1.0.1 +assert_true "alpha lt" vercmp 1.0.1a "<" 1.0.1b +assert_true "alpha lte" vercmp 1.0.1a "<=" 1.0.1b +assert_true "alpha lt" vercmp a "<" b +assert_true "alpha lte" vercmp a "<=" b +assert_true "alpha lt" vercmp 2.0-rc1 "<" 2.0-rc3 +assert_true "alpha lte" vercmp 2.0-rc1 "<=" 2.0-rc3 + +assert_true "eq" vercmp 1.0 "==" 1.0 +assert_true "eq" vercmp 1.0.1 "==" 1.0.1 +assert_false "eq fail" vercmp 1.0.1 "==" 1.0.2 +assert_false "eq fail" vercmp 2.0-rc1 "==" 2.0-rc2 + +report_results diff --git a/tests/unittest.sh b/tests/unittest.sh index 2570319fbf..6c697d7925 100644 --- a/tests/unittest.sh +++ b/tests/unittest.sh @@ -92,6 +92,51 @@ function assert_empty { fi } +# assert the arguments evaluate to true +# assert_true "message" arg1 arg2 +function assert_true { + local lineno + lineno=`caller 0 | awk '{print $1}'` + local function + function=`caller 0 | awk '{print $2}'` + local msg=$1 + shift + + $@ + if [ $? -eq 0 ]; then + PASS=$((PASS+1)) + echo "PASS: $function:L$lineno - $msg" + else + FAILED_FUNCS+="$function:L$lineno\n" + echo "ERROR: test failed in $function:L$lineno!" + echo " $msg" + ERROR=$((ERROR+1)) + fi +} + +# assert the arguments evaluate to false +# assert_false "message" arg1 arg2 +function assert_false { + local lineno + lineno=`caller 0 | awk '{print $1}'` + local function + function=`caller 0 | awk '{print $2}'` + local msg=$1 + shift + + $@ + if [ $? -eq 0 ]; then + FAILED_FUNCS+="$function:L$lineno\n" + echo "ERROR: test failed in $function:L$lineno!" + echo " $msg" + ERROR=$((ERROR+1)) + else + PASS=$((PASS+1)) + echo "PASS: $function:L$lineno - $msg" + fi +} + + # Print a summary of passing and failing tests and exit # (with an error if we have failed tests) # usage: report_results From e0129f3c248d8f246b470e21982cfefb919482b6 Mon Sep 17 00:00:00 2001 From: Attila Fazekas Date: Thu, 19 Nov 2015 10:47:58 +0100 Subject: [PATCH 0090/2409] Fedora 23 supported This change allows to use f23 without the FORCE=yes option. Make sure you have latest kernel, or you have kernel-modules installed for the running kernel. f21 support will be removed when the gate jobs are upgraded to use newer fedora version. Change-Id: I6e3e64088187a7f6da745e3cfb07524fd31782ab --- files/rpms/general | 4 ++-- lib/ceph | 2 +- stack.sh | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/files/rpms/general b/files/rpms/general index 40b06f489b..280468283b 100644 --- a/files/rpms/general +++ b/files/rpms/general @@ -8,9 +8,9 @@ gcc-c++ gettext # used for compiling message catalogs git-core graphviz # needed only for docs -iptables-services # NOPRIME f21,f22 +iptables-services # NOPRIME f21,f22,f23 java-1.7.0-openjdk-headless # NOPRIME rhel7 -java-1.8.0-openjdk-headless # NOPRIME f21,f22 +java-1.8.0-openjdk-headless # NOPRIME f21,f22,f23 libffi-devel libjpeg-turbo-devel # Pillow 3.0.0 libxml2-devel # lxml diff --git a/lib/ceph b/lib/ceph index 29d2aca54f..f573136a4e 100644 --- a/lib/ceph +++ b/lib/ceph @@ -116,7 +116,7 @@ function undefine_virsh_secret { # check_os_support_ceph() - Check if the operating system provides a decent version of Ceph function check_os_support_ceph { - if [[ ! ${DISTRO} =~ (trusty|f21|f22) ]]; then + if [[ ! ${DISTRO} =~ (trusty|f21|f22|f23) ]]; then echo "WARNING: your distro $DISTRO does not provide (at least) the Firefly release. Please use Ubuntu Trusty or Fedora 20 (and higher)" if [[ "$FORCE_CEPH_INSTALL" != "yes" ]]; then die $LINENO "If you wish to install Ceph on this distribution anyway run with FORCE_CEPH_INSTALL=yes" diff --git a/stack.sh b/stack.sh index a3d943a4df..537f81e253 100755 --- a/stack.sh +++ b/stack.sh @@ -192,7 +192,7 @@ source $TOP_DIR/stackrc # Warn users who aren't on an explicitly supported distro, but allow them to # override check and attempt installation with ``FORCE=yes ./stack`` -if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|rhel7) ]]; then +if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|f23|rhel7) ]]; then echo "WARNING: this script has not been tested on $DISTRO" if [[ "$FORCE" != "yes" ]]; then die $LINENO "If you wish to run this script anyway run with FORCE=yes" From 7f0be4fc5f5bd8f45087e53c94fae3b9146f486e Mon Sep 17 00:00:00 2001 From: "Swapnil Kulkarni (coolsvap)" Date: Fri, 20 Nov 2015 10:52:59 +0530 Subject: [PATCH 0091/2409] Updated Typos in devstack (1/5) Updated HACKING.rst for typos (2/5) Updated typos in lib/dlm (3/5) Updated typos in lib/ironic (4/5) Updated typos in unittest.sh (5/5) Updated typos in test_meta_config.sh Change-Id: I7aafa3af69df9dc6a5923a8557f380d48b73433a --- HACKING.rst | 2 +- lib/dlm | 2 +- lib/ironic | 4 ++-- tests/test_meta_config.sh | 2 +- tests/unittest.sh | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/HACKING.rst b/HACKING.rst index d66687e351..d763c75b8b 100644 --- a/HACKING.rst +++ b/HACKING.rst @@ -328,7 +328,7 @@ There are some broad criteria that will be followed when reviewing your change * **Is it passing tests** -- your change will not be reviewed - throughly unless the official CI has run successfully against it. + thoroughly unless the official CI has run successfully against it. * **Does this belong in DevStack** -- DevStack reviewers have a default position of "no" but are ready to be convinced by your diff --git a/lib/dlm b/lib/dlm index f68ee26b4b..95e9b0ac3d 100644 --- a/lib/dlm +++ b/lib/dlm @@ -46,7 +46,7 @@ ZOOKEEPER_CONF_DIR=/etc/zookeeper # - cleanup_dlm # This should be declared in the settings file of any plugin or -# service that needs to have a dlm in their enviroment. +# service that needs to have a dlm in their environment. function use_dlm { enable_service $(dlm_backend) } diff --git a/lib/ironic b/lib/ironic index 016e639d03..6a32983b24 100644 --- a/lib/ironic +++ b/lib/ironic @@ -92,7 +92,7 @@ IRONIC_VM_LOG_DIR=${IRONIC_VM_LOG_DIR:-$IRONIC_DATA_DIR/logs/} # Use DIB to create deploy ramdisk and kernel. IRONIC_BUILD_DEPLOY_RAMDISK=$(trueorfalse True IRONIC_BUILD_DEPLOY_RAMDISK) # If not use DIB, these files are used as deploy ramdisk/kernel. -# (The value must be a absolute path) +# (The value must be an absolute path) IRONIC_DEPLOY_RAMDISK=${IRONIC_DEPLOY_RAMDISK:-} IRONIC_DEPLOY_KERNEL=${IRONIC_DEPLOY_KERNEL:-} IRONIC_DEPLOY_ELEMENT=${IRONIC_DEPLOY_ELEMENT:-deploy-ironic} @@ -672,7 +672,7 @@ function configure_iptables { # enable tftp natting for allowing connections to HOST_IP's tftp server sudo modprobe nf_conntrack_tftp sudo modprobe nf_nat_tftp - # explicitly allow DHCP - packets are occassionally being dropped here + # explicitly allow DHCP - packets are occasionally being dropped here sudo iptables -I INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT || true # nodes boot from TFTP and callback to the API server listening on $HOST_IP sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true diff --git a/tests/test_meta_config.sh b/tests/test_meta_config.sh index f3e94af8f8..327fb56185 100755 --- a/tests/test_meta_config.sh +++ b/tests/test_meta_config.sh @@ -24,7 +24,7 @@ function check_result { } # mock function-common:die so that it does not -# interupt our test script +# interrupt our test script function die { exit -1 } diff --git a/tests/unittest.sh b/tests/unittest.sh index 2570319fbf..26b5b8e592 100644 --- a/tests/unittest.sh +++ b/tests/unittest.sh @@ -46,7 +46,7 @@ function failed { ERROR=$((ERROR+1)) } -# assert string comparision of val1 equal val2, printing out msg +# assert string comparison of val1 equal val2, printing out msg # usage: assert_equal val1 val2 msg function assert_equal { local lineno From 255a58fec613b1304c8396cd969c72043073be30 Mon Sep 17 00:00:00 2001 From: Komei Shimamura Date: Fri, 20 Nov 2015 18:36:05 +0900 Subject: [PATCH 0092/2409] Add existing devstack plugins to the devstack plugin list Change-Id: I336a4c652a78e778e39652f1f16ff69be10ab065 --- doc/source/plugin-registry.rst | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst index 49b3a7fc02..429f31af2d 100644 --- a/doc/source/plugin-registry.rst +++ b/doc/source/plugin-registry.rst @@ -76,16 +76,30 @@ Alternate Configs Additional Services =================== -+----------------+--------------------------------------------------+------------+ -| Plugin Name | URL | Comments | -| | | | -+----------------+--------------------------------------------------+------------+ -|ec2-api |git://git.openstack.org/openstack/ec2-api |[as1]_ | -+----------------+--------------------------------------------------+------------+ -|ironic-inspector|git://git.openstack.org/openstack/ironic-inspector| | -+----------------+--------------------------------------------------+------------+ -| | | | -+----------------+--------------------------------------------------+------------+ ++-----------------+------------------------------------------------------------+------------+ +| Plugin Name | URL | Comments | +| | | | ++-----------------+------------------------------------------------------------+------------+ +|amqp1 |git://git.openstack.org/openstack/devstack-plugin-amqp1 | | ++-----------------+------------------------------------------------------------+------------+ +|bdd |git://git.openstack.org/openstack/devstack-plugin-bdd | | ++-----------------+------------------------------------------------------------+------------+ +|ec2-api |git://git.openstack.org/openstack/ec2-api |[as1]_ | ++-----------------+------------------------------------------------------------+------------+ +|glusterfs |git://git.openstack.org/openstack/devstack-plugin-glusterfs | | ++-----------------+------------------------------------------------------------+------------+ +|hdfs |git://git.openstack.org/openstack/devstack-plugin-hdfs | | ++-----------------+------------------------------------------------------------+------------+ +|ironic-inspector |git://git.openstack.org/openstack/ironic-inspector | | ++-----------------+------------------------------------------------------------+------------+ +|pika |git://git.openstack.org/openstack/devstack-plugin-pika | | ++-----------------+------------------------------------------------------------+------------+ +|sheepdog |git://git.openstack.org/openstack/devstack-plugin-sheepdog | | ++-----------------+------------------------------------------------------------+------------+ +|zmq |git://git.openstack.org/openstack/devstack-plugin-zmq | | ++-----------------+------------------------------------------------------------+------------+ +| | | | ++-----------------+------------------------------------------------------------+------------+ .. [as1] first functional devstack plugin, hence why used in most of the examples. From c18b4a4e5c4ffa25fba1da0ec99c3ff061d1472e Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Wed, 18 Nov 2015 10:02:31 -0500 Subject: [PATCH 0093/2409] remove precise from the supported list We haven't been testing master on precise for a long time, and changes are coming that won't work on precise. If people want to keep running on precise they should realize they are on their own with it. And that we won't block any changes that use it. Change-Id: I3697f1c2409ad08f49793dabb37011606188e6f6 --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 537f81e253..8625b5aaeb 100755 --- a/stack.sh +++ b/stack.sh @@ -192,7 +192,7 @@ source $TOP_DIR/stackrc # Warn users who aren't on an explicitly supported distro, but allow them to # override check and attempt installation with ``FORCE=yes ./stack`` -if [[ ! ${DISTRO} =~ (precise|trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|f23|rhel7) ]]; then +if [[ ! ${DISTRO} =~ (trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f21|f22|f23|rhel7) ]]; then echo "WARNING: this script has not been tested on $DISTRO" if [[ "$FORCE" != "yes" ]]; then die $LINENO "If you wish to run this script anyway run with FORCE=yes" From f0dd6894af777d53c6d158d0720ea1b189f065a7 Mon Sep 17 00:00:00 2001 From: vsaienko Date: Wed, 18 Nov 2015 10:12:34 +0200 Subject: [PATCH 0094/2409] Use autogenerated flavor id Fix to trove has been merged, and autogenerated flavor ID is available since Kilo. Related-Bug: #1333852 Change-Id: Ie4b3dd11a23fa5f91cf9ff22dd05f1afd0532cb4 --- lib/ironic | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lib/ironic b/lib/ironic index 016e639d03..294115cafe 100644 --- a/lib/ironic +++ b/lib/ironic @@ -652,13 +652,9 @@ function enroll_nodes { total_cpus=$((total_cpus+$ironic_node_cpu)) done < $ironic_hwinfo_file - # create the nova flavor - # NOTE(adam_g): Attempting to use an autogenerated UUID for flavor id here uncovered - # bug (LP: #1333852) in Trove. This can be changed to use an auto flavor id when the - # bug is fixed in Juno. local adjusted_disk adjusted_disk=$(($ironic_node_disk - $ironic_ephemeral_disk)) - nova flavor-create --ephemeral $ironic_ephemeral_disk baremetal 551 $ironic_node_ram $adjusted_disk $ironic_node_cpu + nova flavor-create --ephemeral $ironic_ephemeral_disk baremetal auto $ironic_node_ram $adjusted_disk $ironic_node_cpu nova flavor-key baremetal set "cpu_arch"="x86_64" From a366b97c0a76304bf0ddf7eb78e0efb4493df221 Mon Sep 17 00:00:00 2001 From: obutenko Date: Tue, 20 Oct 2015 19:07:04 +0300 Subject: [PATCH 0095/2409] Add flag for test_incremental_backup Forced creation of incremental backup is not implemented in old release (Juno and Kilo). The test is skipped by default for Juno and Kilo gates. Need to add flag to unskip this test in new release. New test: Idde2c14aba78382b1063ce20269f4832f9fdd583 Change-Id: I565b5941d6067644fc9ca6cb0891d97f4946e031 Partial-Bug: #1506394 --- lib/tempest | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/tempest b/lib/tempest index 76fd6cac74..202f6d93e7 100644 --- a/lib/tempest +++ b/lib/tempest @@ -463,6 +463,8 @@ function configure_tempest { iniset $TEMPEST_CONFIG volume-feature-enabled bootable True # TODO(jordanP): Remove the extend_with_snapshot flag when Juno is end of life. iniset $TEMPEST_CONFIG volume-feature-enabled extend_with_snapshot True + # TODO(obutenko): Remove the incremental_backup_force flag when Kilo and Juno is end of life. + iniset $TEMPEST_CONFIG volume-feature-enabled incremental_backup_force True local volume_api_extensions=${VOLUME_API_EXTENSIONS:-"all"} if [[ ! -z "$DISABLE_VOLUME_API_EXTENSIONS" ]]; then From bdc0fa8ab13ec5c75f1c793ca33f5a773fac1abc Mon Sep 17 00:00:00 2001 From: John Kasperski Date: Mon, 23 Nov 2015 11:56:33 -0600 Subject: [PATCH 0096/2409] Neutron: Clean up documentation typo Remove duplicate SERVICE_HOST and MYSQL_HOST settings in the examples. Change-Id: I0e102b671f03ccb183d30ec6a762d00ebcf1e4b5 --- doc/source/guides/neutron.rst | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst index 996c7d1f59..9dcb654a27 100644 --- a/doc/source/guides/neutron.rst +++ b/doc/source/guides/neutron.rst @@ -354,8 +354,6 @@ controller node. HOST_IP=10.0.0.2 SERVICE_HOST=10.0.0.2 MYSQL_HOST=10.0.0.2 - SERVICE_HOST=10.0.0.2 - MYSQL_HOST=10.0.0.2 RABBIT_HOST=10.0.0.2 GLANCE_HOSTPORT=10.0.0.2:9292 PUBLIC_INTERFACE=eth1 @@ -397,7 +395,7 @@ would be a public IP address range that you or your organization has allocated to you, so that you could access your instances from the public internet. -The following is the DevStack configuration on +The following is the DevStack configuration on compute node 1. :: @@ -405,8 +403,6 @@ compute node 1. HOST_IP=10.0.0.3 SERVICE_HOST=10.0.0.2 MYSQL_HOST=10.0.0.2 - SERVICE_HOST=10.0.0.2 - MYSQL_HOST=10.0.0.2 RABBIT_HOST=10.0.0.2 GLANCE_HOSTPORT=10.0.0.2:9292 ADMIN_PASSWORD=secrete From 2ed28132e03066edb52fab6e640a96ee2d3424ac Mon Sep 17 00:00:00 2001 From: Einst Crazy Date: Thu, 5 Nov 2015 16:38:00 +0800 Subject: [PATCH 0097/2409] Add create stack user to quickstart document Add instructions on creating a user to the documentation, and call out that the standard cloud-users are probably ok too Change-Id: I1119a43f1d5ae7c0c208bf0cc16e2f7bee29a69d --- doc/source/index.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/doc/source/index.rst b/doc/source/index.rst index b65730ffe8..ec345c9f64 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -44,6 +44,18 @@ Quick Start We recommend at least a :ref:`minimal-configuration` be set up. +#. Add Stack User + + Devstack should be run as a non-root user with sudo enabled + (standard logins to cloud images such as "ubuntu" or "cloud-user" + are usually fine). + + You can quickly create a separate `stack` user to run DevStack with + + :: + + devstack/tools/create-stack-user.sh; su stack + #. Start the install :: From d663e29d40b04017c515c19891bb846ea984acde Mon Sep 17 00:00:00 2001 From: Kahou Lei Date: Sat, 24 Oct 2015 12:18:57 -0700 Subject: [PATCH 0098/2409] Ensure the Linux Bridge agent can be used with provider networking The root cause is that when provider network is used, devstack is trying to build ovs related interface. We need to make a condition such that if linux bridge is used, don't build any ovs related interface. Change-Id: I7f26ce7893a0ecce55b3467cd5621abf25745b8e Closes-bug: #1509705 --- lib/neutron-legacy | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 4e51425ffc..ecc45edbf7 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -553,9 +553,11 @@ function create_neutron_initial_network { die_if_not_set $LINENO SUBNET_V6_ID "Failure creating SUBNET_V6_ID for $PROVIDER_SUBNET_NAME_V6 $TENANT_ID" fi - sudo ip link set $OVS_PHYSICAL_BRIDGE up - sudo ip link set br-int up - sudo ip link set $PUBLIC_INTERFACE up + if [[ $Q_AGENT == "openvswitch" ]]; then + sudo ip link set $OVS_PHYSICAL_BRIDGE up + sudo ip link set br-int up + sudo ip link set $PUBLIC_INTERFACE up + fi else NET_ID=$(neutron net-create --tenant-id $TENANT_ID "$PRIVATE_NETWORK_NAME" | grep ' id ' | get_field 2) die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PRIVATE_NETWORK_NAME $TENANT_ID" @@ -701,7 +703,7 @@ function start_neutron_service_and_check { function start_neutron_l2_agent { run_process q-agt "$AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE" - if is_provider_network; then + if is_provider_network && [[ $Q_AGENT == "openvswitch" ]]; then sudo ovs-vsctl --no-wait -- --may-exist add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE sudo ip link set $OVS_PHYSICAL_BRIDGE up sudo ip link set br-int up From ad69e69e3f278bd28319224035997e11477617c4 Mon Sep 17 00:00:00 2001 From: Arun S A G Date: Fri, 20 Nov 2015 20:01:24 -0800 Subject: [PATCH 0099/2409] Set unprovision and active timeout to match build_timeout The build_timeout for the ironic baremetal build is at 340s. Modify the unprovision_timeout and active_timeout to match BUILD_TIMEOUT to avoid frequent failures during IPA gate jobs. Change-Id: Idfdc54210e33c71719c7fd0c905d0b802809e173 Related-Bug: #1393099 --- lib/tempest | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/tempest b/lib/tempest index 76fd6cac74..0c54f9737a 100644 --- a/lib/tempest +++ b/lib/tempest @@ -508,7 +508,8 @@ function configure_tempest { # Baremetal if [ "$VIRT_DRIVER" = "ironic" ] ; then iniset $TEMPEST_CONFIG baremetal driver_enabled True - iniset $TEMPEST_CONFIG baremetal unprovision_timeout 300 + iniset $TEMPEST_CONFIG baremetal unprovision_timeout $BUILD_TIMEOUT + iniset $TEMPEST_CONFIG baremetal active_timeout $BUILD_TIMEOUT iniset $TEMPEST_CONFIG baremetal deploy_img_dir $FILES iniset $TEMPEST_CONFIG baremetal node_uuid $IRONIC_NODE_UUID iniset $TEMPEST_CONFIG compute-feature-enabled change_password False From 0b4c83a07e09eead9dad88f5b8349574e53b1c45 Mon Sep 17 00:00:00 2001 From: Rafael Folco Date: Thu, 26 Nov 2015 10:08:36 -0600 Subject: [PATCH 0100/2409] Single call for 'nova flavor-list' Code simplification only, no functional changes. Change-Id: I0b836bc77c0553528e3bc9e0cea98d59856ccdf5 --- lib/tempest | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lib/tempest b/lib/tempest index 76fd6cac74..c3276d8a51 100644 --- a/lib/tempest +++ b/lib/tempest @@ -196,8 +196,8 @@ function configure_tempest { if is_service_enabled nova; then # If ``DEFAULT_INSTANCE_TYPE`` is not declared, use the new behavior # Tempest creates its own instance types + available_flavors=$(nova flavor-list) if [[ -z "$DEFAULT_INSTANCE_TYPE" ]]; then - available_flavors=$(nova flavor-list) if [[ ! ( $available_flavors =~ 'm1.nano' ) ]]; then nova flavor-create m1.nano 42 64 0 1 fi @@ -210,15 +210,14 @@ function configure_tempest { else # Check Nova for existing flavors, if ``DEFAULT_INSTANCE_TYPE`` is set use it. boto_instance_type=$DEFAULT_INSTANCE_TYPE - flavor_lines=`nova flavor-list` IFS=$'\r\n' flavors="" - for line in $flavor_lines; do + for line in $available_flavors; do f=$(echo $line | awk "/ $DEFAULT_INSTANCE_TYPE / { print \$2 }") flavors="$flavors $f" done - for line in $flavor_lines; do + for line in $available_flavors; do flavors="$flavors `echo $line | grep -v "^\(|\s*ID\|+--\)" | cut -d' ' -f2`" done From be3e553556a1a89f5046db79d3bc88fcad1d982a Mon Sep 17 00:00:00 2001 From: vsaienko Date: Mon, 23 Nov 2015 16:07:21 +0200 Subject: [PATCH 0101/2409] Add discussion of LIBS_FROM_GIT Add a pointer to installing clients via LIBS_FROM_GIT to local.conf sample. Mention in the git tree setup that the projects within are usually installed via released pip versions. Change-Id: I245094e51ea4a8ce983f6a1e48b6ab7ca5d309d0 --- samples/local.conf | 10 +++++++++- stackrc | 2 ++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/samples/local.conf b/samples/local.conf index b92097dd8d..34c9e8b48e 100644 --- a/samples/local.conf +++ b/samples/local.conf @@ -63,7 +63,8 @@ LOGDAYS=2 # Using milestone-proposed branches # --------------------------------- -# Uncomment these to grab the milestone-proposed branches from the repos: +# Uncomment these to grab the milestone-proposed branches from the +# repos: #CINDER_BRANCH=milestone-proposed #GLANCE_BRANCH=milestone-proposed #HORIZON_BRANCH=milestone-proposed @@ -74,6 +75,13 @@ LOGDAYS=2 #NEUTRON_BRANCH=milestone-proposed #SWIFT_BRANCH=milestone-proposed +# Using git versions of clients +# ----------------------------- +# By default clients are installed from pip. See LIBS_FROM_GIT in +# stackrc for details on getting clients from specific branches or +# revisions. e.g. +# LIBS_FROM_GIT="python-ironicclient" +# IRONICCLIENT_BRANCH=refs/changes/44/2.../1 # Swift # ----- diff --git a/stackrc b/stackrc index 23a4a7c4c4..cfdcd4d6b2 100644 --- a/stackrc +++ b/stackrc @@ -268,6 +268,7 @@ GITBRANCH["tempest-lib"]=${TEMPEST_LIB_BRANCH:-master} ############## # # OpenStack Client Library Components +# Note default install is from pip, see LIBS_FROM_GIT # ############## @@ -317,6 +318,7 @@ GITDIR["python-openstackclient"]=$DEST/python-openstackclient ################### # # Oslo Libraries +# Note default install is from pip, see LIBS_FROM_GIT # ################### From 523f48803609b35350b624244fa73b1030c1d5fa Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Tue, 13 Oct 2015 11:03:03 +1100 Subject: [PATCH 0102/2409] Namespace XTRACE commands I noticed this when debugging some grenade issues failures. An include of grenade/functions stores the current value of XTRACE (on) and disables xtrace for the rest of the import. We then include devstack's "functions" library, which now overwrites the stored value of XTRACE the current state; i.e. disabled. When it finishes it restores the prior state (disabled), and then grenade restores the same value of XTRACE (disabled). The result is that xtrace is incorrectly disabled until the next time it just happens to be turned on. The solution is to name-space the store of the current-value of xtrace so when we finish sourcing a file, we always restore the tracing value to what it was when we entered. Some files had already discovered this. In general there is inconsistency around the setting of the variable, and a lot of obvious copy-paste. This brings consistency across all files by using _XTRACE_* prefixes for the sotre/restore of tracing values. Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695 --- functions | 4 ++-- functions-common | 4 ++-- inc/meta-config | 4 ++-- lib/apache | 4 ++-- lib/ceph | 4 ++-- lib/cinder | 4 ++-- lib/cinder_backends/ceph | 4 ++-- lib/cinder_backends/glusterfs | 4 ++-- lib/cinder_backends/lvm | 4 ++-- lib/cinder_backends/netapp_iscsi | 4 ++-- lib/cinder_backends/netapp_nfs | 4 ++-- lib/cinder_backends/nfs | 4 ++-- lib/cinder_backends/solidfire | 4 ++-- lib/cinder_backends/vmdk | 4 ++-- lib/cinder_backends/xiv | 4 ++-- lib/cinder_plugins/XenAPINFS | 4 ++-- lib/cinder_plugins/glusterfs | 4 ++-- lib/cinder_plugins/nfs | 4 ++-- lib/cinder_plugins/sheepdog | 4 ++-- lib/cinder_plugins/vsphere | 4 ++-- lib/database | 4 ++-- lib/databases/mysql | 4 ++-- lib/databases/postgresql | 4 ++-- lib/dlm | 4 ++-- lib/dstat | 4 ++-- lib/glance | 4 ++-- lib/heat | 4 ++-- lib/horizon | 4 ++-- lib/infra | 4 ++-- lib/ironic | 8 ++++---- lib/keystone | 4 ++-- lib/ldap | 4 ++-- lib/lvm | 4 ++-- lib/neutron-legacy | 4 ++-- lib/neutron_plugins/bigswitch_floodlight | 4 ++-- lib/neutron_plugins/brocade | 4 ++-- lib/neutron_plugins/cisco | 4 ++-- lib/neutron_plugins/embrane | 5 +++-- lib/neutron_plugins/linuxbridge_agent | 4 ++-- lib/neutron_plugins/ml2 | 4 ++-- lib/neutron_plugins/nuage | 4 ++-- lib/neutron_plugins/openvswitch | 5 +++-- lib/neutron_plugins/openvswitch_agent | 4 ++-- lib/neutron_plugins/ovs_base | 4 ++-- lib/neutron_plugins/services/firewall | 4 ++-- lib/neutron_plugins/services/loadbalancer | 4 ++-- lib/neutron_plugins/services/metering | 5 +++-- lib/neutron_plugins/services/vpn | 4 ++-- lib/neutron_thirdparty/bigswitch_floodlight | 4 ++-- lib/nova | 4 ++-- lib/nova_plugins/functions-libvirt | 4 ++-- lib/nova_plugins/hypervisor-fake | 4 ++-- lib/nova_plugins/hypervisor-ironic | 4 ++-- lib/nova_plugins/hypervisor-libvirt | 4 ++-- lib/nova_plugins/hypervisor-openvz | 4 ++-- lib/nova_plugins/hypervisor-vsphere | 4 ++-- lib/nova_plugins/hypervisor-xenserver | 4 ++-- lib/oslo | 4 ++-- lib/rpc_backend | 4 ++-- lib/swift | 4 ++-- lib/tempest | 4 ++-- lib/template | 4 ++-- stack.sh | 7 +++++-- 63 files changed, 134 insertions(+), 128 deletions(-) diff --git a/functions b/functions index 34da1ba733..762fc472c2 100644 --- a/functions +++ b/functions @@ -22,7 +22,7 @@ source ${FUNC_DIR}/inc/python source ${FUNC_DIR}/inc/rootwrap # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_FUNCTIONS=$(set +o | grep xtrace) set +o xtrace # Check if a function already exists @@ -603,7 +603,7 @@ function create_disk { } # Restore xtrace -$XTRACE +$_XTRACE_FUNCTIONS # Local variables: # mode: shell-script diff --git a/functions-common b/functions-common index 6a065ba83c..d68ae77971 100644 --- a/functions-common +++ b/functions-common @@ -32,7 +32,7 @@ # # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_FUNCTIONS_COMMON=$(set +o | grep xtrace) set +o xtrace # ensure we don't re-source this in the same environment @@ -2254,7 +2254,7 @@ function time_totals { } # Restore xtrace -$XTRACE +$_XTRACE_FUNCTIONS_COMMON # Local variables: # mode: shell-script diff --git a/inc/meta-config b/inc/meta-config index b9ab6b207f..b6fe437802 100644 --- a/inc/meta-config +++ b/inc/meta-config @@ -20,7 +20,7 @@ # file-name is the destination of the config file # Save trace setting -INC_META_XTRACE=$(set +o | grep xtrace) +_XTRACE_INC_META=$(set +o | grep xtrace) set +o xtrace @@ -197,7 +197,7 @@ function merge_config_group { # Restore xtrace -$INC_META_XTRACE +$_XTRACE_INC_META # Local variables: # mode: shell-script diff --git a/lib/apache b/lib/apache index 17526c74d0..c9e02a2b58 100644 --- a/lib/apache +++ b/lib/apache @@ -19,7 +19,7 @@ # - restart_apache_server # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LIB_APACHE=$(set +o | grep xtrace) set +o xtrace # Allow overriding the default Apache user and group, default to @@ -191,7 +191,7 @@ function restart_apache_server { } # Restore xtrace -$XTRACE +$_XTRACE_LIB_APACHE # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/ceph b/lib/ceph index f573136a4e..4ac498ab97 100644 --- a/lib/ceph +++ b/lib/ceph @@ -18,7 +18,7 @@ # - cleanup_ceph # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LIB_CEPH=$(set +o | grep xtrace) set +o xtrace @@ -375,7 +375,7 @@ function stop_ceph { # Restore xtrace -$XTRACE +$_XTRACE_LIB_CEPH ## Local variables: ## mode: shell-script diff --git a/lib/cinder b/lib/cinder index 1307c11f7a..70b198c2e9 100644 --- a/lib/cinder +++ b/lib/cinder @@ -20,7 +20,7 @@ # - cleanup_cinder # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER=$(set +o | grep xtrace) set +o xtrace @@ -567,7 +567,7 @@ function create_cinder_volume_group { # Restore xtrace -$XTRACE +$_XTRACE_CINDER # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/cinder_backends/ceph b/lib/cinder_backends/ceph index 7e9d2d334e..c21350ba01 100644 --- a/lib/cinder_backends/ceph +++ b/lib/cinder_backends/ceph @@ -22,7 +22,7 @@ # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_CEPH=$(set +o | grep xtrace) set +o xtrace @@ -76,7 +76,7 @@ function configure_cinder_backend_ceph { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_CEPH # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/glusterfs b/lib/cinder_backends/glusterfs index 00c62e04cd..4e34f8ef6c 100644 --- a/lib/cinder_backends/glusterfs +++ b/lib/cinder_backends/glusterfs @@ -19,7 +19,7 @@ # configure_cinder_backend_glusterfs - Configure Cinder for GlusterFS backends # Save trace setting -GLUSTERFS_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_GLUSTERFS=$(set +o | grep xtrace) set +o xtrace @@ -41,7 +41,7 @@ function configure_cinder_backend_glusterfs { # Restore xtrace -$GLUSTERFS_XTRACE +$_XTRACE_CINDER_GLUSTERFS # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/lvm b/lib/cinder_backends/lvm index 411b82c190..d927f9cd6b 100644 --- a/lib/cinder_backends/lvm +++ b/lib/cinder_backends/lvm @@ -22,7 +22,7 @@ # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_LVM=$(set +o | grep xtrace) set +o xtrace @@ -68,7 +68,7 @@ function init_cinder_backend_lvm { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_LVM # mode: shell-script # End: diff --git a/lib/cinder_backends/netapp_iscsi b/lib/cinder_backends/netapp_iscsi index be9442eb83..5cce30a6d3 100644 --- a/lib/cinder_backends/netapp_iscsi +++ b/lib/cinder_backends/netapp_iscsi @@ -20,7 +20,7 @@ # configure_cinder_backend_netapp_iscsi - configure iSCSI # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_NETAPP=$(set +o | grep xtrace) set +o xtrace @@ -59,7 +59,7 @@ function configure_cinder_backend_netapp_iscsi { # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_NETAPP # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/netapp_nfs b/lib/cinder_backends/netapp_nfs index dc919ad86b..7ba36d2a3b 100644 --- a/lib/cinder_backends/netapp_nfs +++ b/lib/cinder_backends/netapp_nfs @@ -20,7 +20,7 @@ # configure_cinder_backend_netapp_nfs - configure NFS # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_NETAPP=$(set +o | grep xtrace) set +o xtrace @@ -70,7 +70,7 @@ function cleanup_cinder_backend_netapp_nfs { # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_NETAPP # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/nfs b/lib/cinder_backends/nfs index fc51b2b440..89a37a1f02 100644 --- a/lib/cinder_backends/nfs +++ b/lib/cinder_backends/nfs @@ -19,7 +19,7 @@ # configure_cinder_backend_nfs - Configure Cinder for NFS backends # Save trace setting -NFS_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_NFS=$(set +o | grep xtrace) set +o xtrace @@ -38,7 +38,7 @@ function configure_cinder_backend_nfs { # Restore xtrace -$NFS_XTRACE +$_XTRACE_CINDER_NFS # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/solidfire b/lib/cinder_backends/solidfire index 7cc70fc86d..16bc527863 100644 --- a/lib/cinder_backends/solidfire +++ b/lib/cinder_backends/solidfire @@ -17,7 +17,7 @@ # configure_cinder_driver - make configuration changes, including those to other services # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_SOLIDFIRE=$(set +o | grep xtrace) set +o xtrace @@ -42,7 +42,7 @@ function configure_cinder_backend_solidfire { # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_SOLIDFIRE # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/vmdk b/lib/cinder_backends/vmdk index d5b945354b..3a6a5cf2ff 100644 --- a/lib/cinder_backends/vmdk +++ b/lib/cinder_backends/vmdk @@ -15,7 +15,7 @@ # configure_cinder_backend_vmdk - Configure Cinder for VMware vmdk backends # Save trace setting -VMDK_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_VMDK=$(set +o | grep xtrace) set +o xtrace @@ -40,7 +40,7 @@ function configure_cinder_backend_vmdk { # Restore xtrace -$VMDK_XTRACE +$_XTRACE_CINDER_VMDK # Local variables: # mode: shell-script diff --git a/lib/cinder_backends/xiv b/lib/cinder_backends/xiv index 6eadaae93b..e8b5da05d5 100644 --- a/lib/cinder_backends/xiv +++ b/lib/cinder_backends/xiv @@ -42,7 +42,7 @@ # configure_cinder_backend_xiv - Configure Cinder for xiv backends # Save trace setting -XIV_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_XIV=$(set +o | grep xtrace) set +o xtrace # Defaults @@ -79,7 +79,7 @@ function configure_cinder_backend_xiv { } # Restore xtrace -$XIV_XTRACE +$_XTRACE_CINDER_XIV # Local variables: # mode: shell-script diff --git a/lib/cinder_plugins/XenAPINFS b/lib/cinder_plugins/XenAPINFS index f7306955cb..92135e7c4f 100644 --- a/lib/cinder_plugins/XenAPINFS +++ b/lib/cinder_plugins/XenAPINFS @@ -15,7 +15,7 @@ # configure_cinder_driver - make configuration changes, including those to other services # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_XENAPINFS=$(set +o | grep xtrace) set +o xtrace @@ -39,7 +39,7 @@ function configure_cinder_driver { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_XENAPINFS # Local variables: # mode: shell-script diff --git a/lib/cinder_plugins/glusterfs b/lib/cinder_plugins/glusterfs index 35ceb27ce1..329dd6c649 100644 --- a/lib/cinder_plugins/glusterfs +++ b/lib/cinder_plugins/glusterfs @@ -15,7 +15,7 @@ # configure_cinder_driver - make configuration changes, including those to other services # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_GLUSTERFS=$(set +o | grep xtrace) set +o xtrace @@ -45,7 +45,7 @@ function configure_cinder_driver { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_GLUSTERFS # Local variables: # mode: shell-script diff --git a/lib/cinder_plugins/nfs b/lib/cinder_plugins/nfs index 83b39932cf..6e4ffe068e 100644 --- a/lib/cinder_plugins/nfs +++ b/lib/cinder_plugins/nfs @@ -15,7 +15,7 @@ # configure_cinder_driver - make configuration changes, including those to other services # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_NFS=$(set +o | grep xtrace) set +o xtrace @@ -36,7 +36,7 @@ function configure_cinder_driver { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_NFS # Local variables: # mode: shell-script diff --git a/lib/cinder_plugins/sheepdog b/lib/cinder_plugins/sheepdog index ca343f708b..558de46c6d 100644 --- a/lib/cinder_plugins/sheepdog +++ b/lib/cinder_plugins/sheepdog @@ -15,7 +15,7 @@ # configure_cinder_driver - make configuration changes, including those to other services # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_SHEEPDOG=$(set +o | grep xtrace) set +o xtrace @@ -34,7 +34,7 @@ function configure_cinder_driver { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_SHEEPDOG # Local variables: # mode: shell-script diff --git a/lib/cinder_plugins/vsphere b/lib/cinder_plugins/vsphere index f14ddf0998..1b28ffe602 100644 --- a/lib/cinder_plugins/vsphere +++ b/lib/cinder_plugins/vsphere @@ -15,7 +15,7 @@ # configure_cinder_driver - make configuration changes, including those to other services # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_CINDER_VSPHERE=$(set +o | grep xtrace) set +o xtrace @@ -37,7 +37,7 @@ function configure_cinder_driver { } # Restore xtrace -$MY_XTRACE +$_XTRACE_CINDER_VSPHERE # Local variables: # mode: shell-script diff --git a/lib/database b/lib/database index 13740b90e6..0d720527df 100644 --- a/lib/database +++ b/lib/database @@ -20,7 +20,7 @@ # and call register_database $DATABASE_TYPE # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LIB_DB=$(set +o | grep xtrace) set +o xtrace DATABASE_BACKENDS="" @@ -137,7 +137,7 @@ function database_connection_url { # Restore xtrace -$XTRACE +$_XTRACE_LIB_DB # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/databases/mysql b/lib/databases/mysql index cc74b33327..1bbbd62cc3 100644 --- a/lib/databases/mysql +++ b/lib/databases/mysql @@ -8,7 +8,7 @@ # - DATABASE_{HOST,USER,PASSWORD} must be defined # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_DB_MYSQL=$(set +o | grep xtrace) set +o xtrace MYSQL_DRIVER=${MYSQL_DRIVER:-PyMySQL} @@ -178,7 +178,7 @@ function database_connection_url_mysql { # Restore xtrace -$MY_XTRACE +$_XTRACE_DB_MYSQL # Local variables: # mode: shell-script diff --git a/lib/databases/postgresql b/lib/databases/postgresql index 78c7bedc90..913e8ffacd 100644 --- a/lib/databases/postgresql +++ b/lib/databases/postgresql @@ -8,7 +8,7 @@ # - DATABASE_{HOST,USER,PASSWORD} must be defined # Save trace setting -PG_XTRACE=$(set +o | grep xtrace) +_XTRACE_PG=$(set +o | grep xtrace) set +o xtrace @@ -119,7 +119,7 @@ function database_connection_url_postgresql { # Restore xtrace -$PG_XTRACE +$_XTRACE_PG # Local variables: # mode: shell-script diff --git a/lib/dlm b/lib/dlm index 95e9b0ac3d..74eb67ee8f 100644 --- a/lib/dlm +++ b/lib/dlm @@ -19,7 +19,7 @@ # - cleanup_dlm # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_DLM=$(set +o | grep xtrace) set +o xtrace @@ -100,7 +100,7 @@ function install_dlm { } # Restore xtrace -$XTRACE +$_XTRACE_DLM # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/dstat b/lib/dstat index fe4790b12d..b705948094 100644 --- a/lib/dstat +++ b/lib/dstat @@ -13,7 +13,7 @@ # - stop_dstat # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_DSTAT=$(set +o | grep xtrace) set +o xtrace # start_dstat() - Start running processes, including screen @@ -34,4 +34,4 @@ function stop_dstat { } # Restore xtrace -$XTRACE +$_XTRACE_DSTAT diff --git a/lib/glance b/lib/glance index 2eb93a46e6..eb5832e910 100644 --- a/lib/glance +++ b/lib/glance @@ -21,7 +21,7 @@ # - cleanup_glance # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_GLANCE=$(set +o | grep xtrace) set +o xtrace @@ -403,7 +403,7 @@ function stop_glance { } # Restore xtrace -$XTRACE +$_XTRACE_GLANCE # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/heat b/lib/heat index e42bdf0b9e..54666a5212 100644 --- a/lib/heat +++ b/lib/heat @@ -23,7 +23,7 @@ # - cleanup_heat # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_HEAT=$(set +o | grep xtrace) set +o xtrace @@ -464,7 +464,7 @@ function build_heat_pip_mirror { } # Restore xtrace -$XTRACE +$_XTRACE_HEAT # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/horizon b/lib/horizon index ff63b06ab2..67181fcf29 100644 --- a/lib/horizon +++ b/lib/horizon @@ -19,7 +19,7 @@ # - cleanup_horizon # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_HORIZON=$(set +o | grep xtrace) set +o xtrace @@ -193,7 +193,7 @@ function _prepare_message_catalog_compilation { # Restore xtrace -$XTRACE +$_XTRACE_HORIZON # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/infra b/lib/infra index ab32efecd9..cf003cce01 100644 --- a/lib/infra +++ b/lib/infra @@ -15,7 +15,7 @@ # - install_infra # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_INFRA=$(set +o | grep xtrace) set +o xtrace @@ -50,7 +50,7 @@ function install_infra { } # Restore xtrace -$XTRACE +$_XTRACE_INFRA # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/ironic b/lib/ironic index 6a32983b24..23d8dda3ff 100644 --- a/lib/ironic +++ b/lib/ironic @@ -21,8 +21,8 @@ # - cleanup_ironic # Save trace and pipefail settings -XTRACE=$(set +o | grep xtrace) -PIPEFAIL=$(set +o | grep pipefail) +_XTRACE_IRONIC=$(set +o | grep xtrace) +_PIPEFAIL_IRONIC=$(set +o | grep pipefail) set +o xtrace set +o pipefail @@ -855,8 +855,8 @@ function cleanup_baremetal_basic_ops { } # Restore xtrace + pipefail -$XTRACE -$PIPEFAIL +$_XTRACE_IRONIC +$_PIPEFAIL_IRONIC # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/keystone b/lib/keystone index 5a2afbfe02..b19202b0f7 100644 --- a/lib/keystone +++ b/lib/keystone @@ -28,7 +28,7 @@ # - _cleanup_keystone_apache_wsgi # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_KEYSTONE=$(set +o | grep xtrace) set +o xtrace # Defaults @@ -592,7 +592,7 @@ function stop_keystone { # Restore xtrace -$XTRACE +$_XTRACE_KEYSTONE # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/ldap b/lib/ldap index 0414fea639..65056aea2f 100644 --- a/lib/ldap +++ b/lib/ldap @@ -8,7 +8,7 @@ # - install_ldap() # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LDAP=$(set +o | grep xtrace) set +o xtrace @@ -166,7 +166,7 @@ function clear_ldap_state { } # Restore xtrace -$XTRACE +$_XTRACE_LDAP # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/lvm b/lib/lvm index 468a99aecc..ae6023a836 100644 --- a/lib/lvm +++ b/lib/lvm @@ -16,7 +16,7 @@ # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_LVM=$(set +o | grep xtrace) set +o xtrace @@ -182,7 +182,7 @@ function set_lvm_filter { } # Restore xtrace -$MY_XTRACE +$_XTRACE_LVM # mode: shell-script # End: diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 978943dae2..d00630af70 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -357,7 +357,7 @@ else fi # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON=$(set +o | grep xtrace) set +o xtrace @@ -1492,7 +1492,7 @@ function is_provider_network { # Restore xtrace -$XTRACE +$_XTRACE_NEUTRON # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/neutron_plugins/bigswitch_floodlight b/lib/neutron_plugins/bigswitch_floodlight index f52105e658..586ded79b4 100644 --- a/lib/neutron_plugins/bigswitch_floodlight +++ b/lib/neutron_plugins/bigswitch_floodlight @@ -4,7 +4,7 @@ # ------------------------------------ # Save trace setting -BS_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_BIGSWITCH=$(set +o | grep xtrace) set +o xtrace source $TOP_DIR/lib/neutron_plugins/ovs_base @@ -75,4 +75,4 @@ function neutron_plugin_check_adv_test_requirements { } # Restore xtrace -$BS_XTRACE +$_XTRACE_NEUTRON_BIGSWITCH diff --git a/lib/neutron_plugins/brocade b/lib/neutron_plugins/brocade index 953360e070..6ba0a66c3f 100644 --- a/lib/neutron_plugins/brocade +++ b/lib/neutron_plugins/brocade @@ -4,7 +4,7 @@ # ---------------------- # Save trace setting -BRCD_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_BROCADE=$(set +o | grep xtrace) set +o xtrace function is_neutron_ovs_base_plugin { @@ -81,4 +81,4 @@ function neutron_plugin_check_adv_test_requirements { } # Restore xtrace -$BRCD_XTRACE +$_XTRACE_NEUTRON_BROCADE diff --git a/lib/neutron_plugins/cisco b/lib/neutron_plugins/cisco index 7d0cf1af39..fc2cb8ad17 100644 --- a/lib/neutron_plugins/cisco +++ b/lib/neutron_plugins/cisco @@ -4,7 +4,7 @@ # --------------------------- # Save trace setting -CISCO_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_CISCO=$(set +o | grep xtrace) set +o xtrace # Scecify the VSM parameters @@ -154,4 +154,4 @@ function neutron_plugin_setup_interface_driver { } # Restore xtrace -$CISCO_XTRACE +$_XTRACE_NEUTRON_CISCO diff --git a/lib/neutron_plugins/embrane b/lib/neutron_plugins/embrane index 2028496ca1..385dab8354 100644 --- a/lib/neutron_plugins/embrane +++ b/lib/neutron_plugins/embrane @@ -4,7 +4,7 @@ # --------------------------- # Save trace setting -EMBR_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_EMBR=$(set +o | grep xtrace) set +o xtrace source $TOP_DIR/lib/neutron_plugins/openvswitch @@ -39,4 +39,5 @@ function neutron_plugin_configure_service { } # Restore xtrace -$EMBR_XTRACE +$_XTRACE_NEUTRON_EMBR + diff --git a/lib/neutron_plugins/linuxbridge_agent b/lib/neutron_plugins/linuxbridge_agent index f28bcfeadd..096722b096 100644 --- a/lib/neutron_plugins/linuxbridge_agent +++ b/lib/neutron_plugins/linuxbridge_agent @@ -4,7 +4,7 @@ # ----------------------------- # Save trace setting -PLUGIN_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_LB=$(set +o | grep xtrace) set +o xtrace function neutron_lb_cleanup { @@ -93,4 +93,4 @@ function neutron_plugin_check_adv_test_requirements { } # Restore xtrace -$PLUGIN_XTRACE +$_XTRACE_NEUTRON_LB diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2 index ace5335a78..30e1b036f3 100644 --- a/lib/neutron_plugins/ml2 +++ b/lib/neutron_plugins/ml2 @@ -4,7 +4,7 @@ # ------------------------------ # Save trace setting -ML2_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_ML2=$(set +o | grep xtrace) set +o xtrace # Enable this to simply and quickly enable tunneling with ML2. @@ -137,4 +137,4 @@ function has_neutron_plugin_security_group { } # Restore xtrace -$ML2_XTRACE +$_XTRACE_NEUTRON_ML2 diff --git a/lib/neutron_plugins/nuage b/lib/neutron_plugins/nuage index 9e5307ba53..61e634e453 100644 --- a/lib/neutron_plugins/nuage +++ b/lib/neutron_plugins/nuage @@ -4,7 +4,7 @@ # ---------------------- # Save trace setting -NU_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_NU=$(set +o | grep xtrace) set +o xtrace function neutron_plugin_create_nova_conf { @@ -66,4 +66,4 @@ function has_neutron_plugin_security_group { } # Restore xtrace -$NU_XTRACE +$_XTRACE_NEUTRON_NU diff --git a/lib/neutron_plugins/openvswitch b/lib/neutron_plugins/openvswitch index 891ab4982b..130eaacab3 100644 --- a/lib/neutron_plugins/openvswitch +++ b/lib/neutron_plugins/openvswitch @@ -7,7 +7,7 @@ # which has been removed in Juno. # Save trace setting -OVS_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_OVS=$(set +o | grep xtrace) set +o xtrace source $TOP_DIR/lib/neutron_plugins/openvswitch_agent @@ -56,4 +56,5 @@ function has_neutron_plugin_security_group { } # Restore xtrace -$OVS_XTRACE +$_XTRACE_NEUTRON_OVS + diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent index 6a333939d0..b1acacd4f3 100644 --- a/lib/neutron_plugins/openvswitch_agent +++ b/lib/neutron_plugins/openvswitch_agent @@ -4,7 +4,7 @@ # ----------------------------- # Save trace setting -OVSA_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_OVSL2=$(set +o | grep xtrace) set +o xtrace source $TOP_DIR/lib/neutron_plugins/ovs_base @@ -132,4 +132,4 @@ function neutron_plugin_check_adv_test_requirements { } # Restore xtrace -$OVSA_XTRACE +$_XTRACE_NEUTRON_OVSL2 diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base index d3fd198b08..91aff336fe 100644 --- a/lib/neutron_plugins/ovs_base +++ b/lib/neutron_plugins/ovs_base @@ -4,7 +4,7 @@ # ------------------------------------- # Save trace setting -OVSB_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_OVS_BASE=$(set +o | grep xtrace) set +o xtrace OVS_BRIDGE=${OVS_BRIDGE:-br-int} @@ -114,4 +114,4 @@ function _neutron_ovs_base_configure_nova_vif_driver { } # Restore xtrace -$OVSB_XTRACE +$_XTRACE_NEUTRON_OVS_BASE diff --git a/lib/neutron_plugins/services/firewall b/lib/neutron_plugins/services/firewall index 3496da82f8..1d81a21825 100644 --- a/lib/neutron_plugins/services/firewall +++ b/lib/neutron_plugins/services/firewall @@ -4,7 +4,7 @@ # --------------------------- # Save trace setting -FW_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_FIREWALL=$(set +o | grep xtrace) set +o xtrace FWAAS_PLUGIN=neutron_fwaas.services.firewall.fwaas_plugin.FirewallPlugin @@ -26,4 +26,4 @@ function neutron_fwaas_stop { } # Restore xtrace -$FW_XTRACE +$_XTRACE_NEUTRON_FIREWALL diff --git a/lib/neutron_plugins/services/loadbalancer b/lib/neutron_plugins/services/loadbalancer index 7865f6fd6e..b07d06c32b 100644 --- a/lib/neutron_plugins/services/loadbalancer +++ b/lib/neutron_plugins/services/loadbalancer @@ -4,7 +4,7 @@ # --------------------------- # Save trace setting -LB_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_LB=$(set +o | grep xtrace) set +o xtrace @@ -48,4 +48,4 @@ function neutron_lbaas_stop { } # Restore xtrace -$LB_XTRACE +$_XTRACE_NEUTRON_LB diff --git a/lib/neutron_plugins/services/metering b/lib/neutron_plugins/services/metering index c75ab19d4e..5fd2fdce44 100644 --- a/lib/neutron_plugins/services/metering +++ b/lib/neutron_plugins/services/metering @@ -4,7 +4,7 @@ # --------------------------- # Save trace setting -METER_XTRACE=$(set +o | grep xtrace) +_XTRACE_NETURON_METER=$(set +o | grep xtrace) set +o xtrace @@ -29,4 +29,5 @@ function neutron_metering_stop { } # Restore xtrace -$METER_XTRACE +$_XTRACE_NETURON_METER + diff --git a/lib/neutron_plugins/services/vpn b/lib/neutron_plugins/services/vpn index c0e7457413..8a379f588c 100644 --- a/lib/neutron_plugins/services/vpn +++ b/lib/neutron_plugins/services/vpn @@ -4,7 +4,7 @@ # --------------------------- # Save trace setting -VPN_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_VPN=$(set +o | grep xtrace) set +o xtrace @@ -53,4 +53,4 @@ function neutron_vpn_stop { } # Restore xtrace -$VPN_XTRACE +$_XTRACE_NEUTRON_VPN diff --git a/lib/neutron_thirdparty/bigswitch_floodlight b/lib/neutron_thirdparty/bigswitch_floodlight index e3f4689fd7..45a4f2e263 100644 --- a/lib/neutron_thirdparty/bigswitch_floodlight +++ b/lib/neutron_thirdparty/bigswitch_floodlight @@ -4,7 +4,7 @@ # ------------------------------------------ # Save trace setting -BS3_XTRACE=$(set +o | grep xtrace) +_XTRACE_NEUTRON_BIGSWITCH=$(set +o | grep xtrace) set +o xtrace BS_FL_CONTROLLERS_PORT=${BS_FL_CONTROLLERS_PORT:-localhost:80} @@ -51,4 +51,4 @@ function check_bigswitch_floodlight { } # Restore xtrace -$BS3_XTRACE +$_XTRACE_NEUTRON_BIGSWITCH diff --git a/lib/nova b/lib/nova index ba05f53b87..e5712939fe 100644 --- a/lib/nova +++ b/lib/nova @@ -25,7 +25,7 @@ # - cleanup_nova # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LIB_NOVA=$(set +o | grep xtrace) set +o xtrace @@ -958,7 +958,7 @@ function stop_nova { # Restore xtrace -$XTRACE +$_XTRACE_LIB_NOVA # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt index 045fc8b919..dae55c6eba 100644 --- a/lib/nova_plugins/functions-libvirt +++ b/lib/nova_plugins/functions-libvirt @@ -8,7 +8,7 @@ # ``STACK_USER`` has to be defined # Save trace setting -LV_XTRACE=$(set +o | grep xtrace) +_XTRACE_NOVA_FN_LIBVIRT=$(set +o | grep xtrace) set +o xtrace # Defaults @@ -134,7 +134,7 @@ EOF # Restore xtrace -$LV_XTRACE +$_XTRACE_NOVA_FN_LIBVIRT # Local variables: # mode: shell-script diff --git a/lib/nova_plugins/hypervisor-fake b/lib/nova_plugins/hypervisor-fake index 3180d91f0a..2434dce884 100644 --- a/lib/nova_plugins/hypervisor-fake +++ b/lib/nova_plugins/hypervisor-fake @@ -17,7 +17,7 @@ # cleanup_nova_hypervisor - remove transient data and cache # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_VIRTFAKE=$(set +o | grep xtrace) set +o xtrace @@ -72,7 +72,7 @@ function stop_nova_hypervisor { # Restore xtrace -$MY_XTRACE +$_XTRACE_VIRTFAKE # Local variables: # mode: shell-script diff --git a/lib/nova_plugins/hypervisor-ironic b/lib/nova_plugins/hypervisor-ironic index b9e286d5b6..c6ed85d63e 100644 --- a/lib/nova_plugins/hypervisor-ironic +++ b/lib/nova_plugins/hypervisor-ironic @@ -17,7 +17,7 @@ # cleanup_nova_hypervisor - remove transient data and cache # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_HYP_IRONIC=$(set +o | grep xtrace) set +o xtrace source $TOP_DIR/lib/nova_plugins/functions-libvirt @@ -81,7 +81,7 @@ function stop_nova_hypervisor { # Restore xtrace -$MY_XTRACE +$_XTRACE_HYP_IRONIC # Local variables: # mode: shell-script diff --git a/lib/nova_plugins/hypervisor-libvirt b/lib/nova_plugins/hypervisor-libvirt index c54a7166a0..8bbaa2133d 100644 --- a/lib/nova_plugins/hypervisor-libvirt +++ b/lib/nova_plugins/hypervisor-libvirt @@ -17,7 +17,7 @@ # cleanup_nova_hypervisor - remove transient data and cache # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_NOVA_LIBVIRT=$(set +o | grep xtrace) set +o xtrace source $TOP_DIR/lib/nova_plugins/functions-libvirt @@ -105,7 +105,7 @@ function stop_nova_hypervisor { # Restore xtrace -$MY_XTRACE +$_XTRACE_NOVA_LIBVIRT # Local variables: # mode: shell-script diff --git a/lib/nova_plugins/hypervisor-openvz b/lib/nova_plugins/hypervisor-openvz index cce36b8d3f..58ab5c11ac 100644 --- a/lib/nova_plugins/hypervisor-openvz +++ b/lib/nova_plugins/hypervisor-openvz @@ -17,7 +17,7 @@ # cleanup_nova_hypervisor - remove transient data and cache # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_OPENVZ=$(set +o | grep xtrace) set +o xtrace @@ -62,7 +62,7 @@ function stop_nova_hypervisor { # Restore xtrace -$MY_XTRACE +$_XTRACE_OPENVZ # Local variables: # mode: shell-script diff --git a/lib/nova_plugins/hypervisor-vsphere b/lib/nova_plugins/hypervisor-vsphere index 698f836bad..7c08bc945b 100644 --- a/lib/nova_plugins/hypervisor-vsphere +++ b/lib/nova_plugins/hypervisor-vsphere @@ -17,7 +17,7 @@ # cleanup_nova_hypervisor - remove transient data and cache # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_NOVA_VSPHERE=$(set +o | grep xtrace) set +o xtrace @@ -64,7 +64,7 @@ function stop_nova_hypervisor { # Restore xtrace -$MY_XTRACE +$_XTRACE_NOVA_VSPHERE # Local variables: # mode: shell-script diff --git a/lib/nova_plugins/hypervisor-xenserver b/lib/nova_plugins/hypervisor-xenserver index e097990bd3..3eb9149bb4 100644 --- a/lib/nova_plugins/hypervisor-xenserver +++ b/lib/nova_plugins/hypervisor-xenserver @@ -17,7 +17,7 @@ # cleanup_nova_hypervisor - remove transient data and cache # Save trace setting -MY_XTRACE=$(set +o | grep xtrace) +_XTRACE_XENSERVER=$(set +o | grep xtrace) set +o xtrace @@ -111,7 +111,7 @@ function stop_nova_hypervisor { # Restore xtrace -$MY_XTRACE +$_XTRACE_XENSERVER # Local variables: # mode: shell-script diff --git a/lib/oslo b/lib/oslo index 56615faaa3..3d6fbb38c6 100644 --- a/lib/oslo +++ b/lib/oslo @@ -16,7 +16,7 @@ # - install_oslo # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LIB_OSLO=$(set +o | grep xtrace) set +o xtrace @@ -95,7 +95,7 @@ function install_oslo { } # Restore xtrace -$XTRACE +$_XTRACE_LIB_OSLO # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/rpc_backend b/lib/rpc_backend index 298dcb6e5f..3864adec32 100644 --- a/lib/rpc_backend +++ b/lib/rpc_backend @@ -21,7 +21,7 @@ # of this file which is a standard interface. # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_RPC_BACKEND=$(set +o | grep xtrace) set +o xtrace # Functions @@ -141,7 +141,7 @@ function rabbit_setuser { } # Restore xtrace -$XTRACE +$_XTRACE_RPC_BACKEND # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/swift b/lib/swift index d7ccc24111..b596142ad2 100644 --- a/lib/swift +++ b/lib/swift @@ -24,7 +24,7 @@ # - _cleanup_swift_apache_wsgi # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_LIB_SWIFT=$(set +o | grep xtrace) set +o xtrace @@ -823,7 +823,7 @@ function swift_configure_tempurls { } # Restore xtrace -$XTRACE +$_XTRACE_LIB_SWIFT # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/tempest b/lib/tempest index 76fd6cac74..85e0e7fa35 100644 --- a/lib/tempest +++ b/lib/tempest @@ -38,7 +38,7 @@ # - init_tempest # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_TEMPEST=$(set +o | grep xtrace) set +o xtrace @@ -649,7 +649,7 @@ function init_tempest { } # Restore xtrace -$XTRACE +$_XTRACE_TEMPEST # Tell emacs to use shell-script-mode ## Local variables: diff --git a/lib/template b/lib/template index 2703788af4..08d10bbf71 100644 --- a/lib/template +++ b/lib/template @@ -21,7 +21,7 @@ # - cleanup_XXXX # Save trace setting -XTRACE=$(set +o | grep xtrace) +_XTRACE_TEMPLATE=$(set +o | grep xtrace) set +o xtrace @@ -92,7 +92,7 @@ function stop_XXXX { } # Restore xtrace -$XTRACE +$_XTRACE_TEMPLATE # Tell emacs to use shell-script-mode ## Local variables: diff --git a/stack.sh b/stack.sh index 8625b5aaeb..19d05c904a 100755 --- a/stack.sh +++ b/stack.sh @@ -573,7 +573,8 @@ run_phase source # Generic helper to configure passwords function read_password { - XTRACE=$(set +o | grep xtrace) + local xtrace + xtrace=$(set +o | grep xtrace) set +o xtrace var=$1; msg=$2 pw=${!var} @@ -616,7 +617,9 @@ function read_password { eval "$var=$pw" echo "$var=$pw" >> $localrc fi - $XTRACE + + # restore previous xtrace value + $xtrace } From f95315b6ea56b3f2cb18caeac734dd15e6704b93 Mon Sep 17 00:00:00 2001 From: Shinobu KINJO Date: Sat, 7 Nov 2015 10:21:08 +0900 Subject: [PATCH 0103/2409] Ensure link is set to up, when moving IP addresses across interfaces. - To add, initialize and set up a valiable named IP_UP - To bring up interface after moving IP to OVS bridge Change-Id: I70f5974c115be6f7e7422a9a325f36cf3b71455a Closes-Bug: #1469596 --- lib/neutron-legacy | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index c244e5470a..ecff3e5774 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -798,6 +798,7 @@ function _move_neutron_addresses_route { local IP_ADD="" local IP_DEL="" + local IP_UP="" local DEFAULT_ROUTE_GW DEFAULT_ROUTE_GW=$(ip r | awk "/default.+$from_intf/ { print \$3; exit }") local ADD_OVS_PORT="" @@ -821,9 +822,10 @@ function _move_neutron_addresses_route { if [[ "$IP_BRD" != "" ]]; then IP_DEL="sudo ip addr del $IP_BRD dev $from_intf" IP_ADD="sudo ip addr add $IP_BRD dev $to_intf" + IP_UP="sudo ip link set $to_intf up" fi - $IP_DEL; $IP_ADD; $ADD_OVS_PORT; $ADD_DEFAULT_ROUTE + $IP_DEL; $IP_ADD; $IP_UP; $ADD_OVS_PORT; $ADD_DEFAULT_ROUTE fi } From 5509ed579773bf1a69bc5fb406a206a6da010c56 Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Mon, 30 Nov 2015 20:20:21 +0900 Subject: [PATCH 0104/2409] Fix comment typos in inc/ and tests/ directories valu3 => value3 enviromnet => environment direcotry => directory virualenv => virtualenv editiable => editable envirnment => environment Change-Id: I97fb2d44a37b16d02d4fbdb08bfa33414349f651 --- inc/ini-config | 2 +- inc/python | 8 ++++---- tests/run-process.sh | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/inc/ini-config b/inc/ini-config index 42a66c63b6..d2830d79cd 100644 --- a/inc/ini-config +++ b/inc/ini-config @@ -205,7 +205,7 @@ $option = $value } # Set a multiple line option in an INI file -# iniset_multiline [-sudo] config-file section option value1 value2 valu3 ... +# iniset_multiline [-sudo] config-file section option value1 value2 value3 ... function iniset_multiline { local xtrace xtrace=$(set +o | grep xtrace) diff --git a/inc/python b/inc/python index 91ceb44499..59668a2c6a 100644 --- a/inc/python +++ b/inc/python @@ -17,7 +17,7 @@ set +o xtrace # Global Config Variables -# PROJECT_VENV contains the name of the virtual enviromnet for each +# PROJECT_VENV contains the name of the virtual environment for each # project. A null value installs to the system Python directories. declare -A PROJECT_VENV @@ -35,7 +35,7 @@ function get_pip_command { fi } -# Get the path to the direcotry where python executables are installed. +# Get the path to the directory where python executables are installed. # get_python_exec_prefix function get_python_exec_prefix { local xtrace @@ -93,7 +93,7 @@ function pip_install { fi if [[ $TRACK_DEPENDS = True && ! "$@" =~ virtualenv ]]; then # TRACK_DEPENDS=True installation creates a circular dependency when - # we attempt to install virtualenv into a virualenv, so we must global + # we attempt to install virtualenv into a virtualenv, so we must global # that installation. source $DEST/.venv/bin/activate local cmd_pip=$DEST/.venv/bin/pip @@ -199,7 +199,7 @@ function setup_lib { setup_install $dir } -# setup a library by name in editiable mode. If we are trying to use +# setup a library by name in editable mode. If we are trying to use # the library from git, we'll do a git based install, otherwise we'll # punt and the library should be installed by a requirements pull from # another project. diff --git a/tests/run-process.sh b/tests/run-process.sh index bdf1395d07..301b9a032b 100755 --- a/tests/run-process.sh +++ b/tests/run-process.sh @@ -5,7 +5,7 @@ # # Set USE_SCREEN True|False to change use of screen. # -# This script emulates the basic exec envirnment in ``stack.sh`` to test +# This script emulates the basic exec environment in ``stack.sh`` to test # the process spawn and kill operations. if [[ -z $1 ]]; then From 779d8670287952b8865a1d506ba2d68406139430 Mon Sep 17 00:00:00 2001 From: Joe D'Andrea Date: Mon, 30 Nov 2015 15:35:13 +0000 Subject: [PATCH 0105/2409] Force heat deferred_auth_method to password in standalone mode Heat does not support Keystone Trusts when deployed in standalone mode. This change forces an error when HEAT_DEFERRED_AUTH is set to anything other than "password" if HEAT_STANDALONE is True and advises of the acceptable setting. Change-Id: Ib4ee9d9af396093137a2a0f99f1b18ae153ccdb3 Closes-Bug: #1463837 --- lib/heat | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/heat b/lib/heat index 54666a5212..fdcf5bcaad 100644 --- a/lib/heat +++ b/lib/heat @@ -65,6 +65,12 @@ if [[ "$HEAT_STANDALONE" = "True" ]]; then # for standalone, use defaults which require no service user HEAT_STACK_DOMAIN=$(trueorfalse False HEAT_STACK_DOMAIN) HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-password} + if [[ ${HEAT_DEFERRED_AUTH} != "password" ]]; then + # Heat does not support keystone trusts when deployed in + # standalone mode + die $LINENO \ + 'HEAT_DEFERRED_AUTH can only be set to "password" when HEAT_STANDALONE is True.' + fi else HEAT_STACK_DOMAIN=$(trueorfalse True HEAT_STACK_DOMAIN) HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts} From 30d5fae31548ed998e4c053ba957f95e068eaebc Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Tue, 10 Nov 2015 13:44:15 +0000 Subject: [PATCH 0106/2409] Neutron: Use generated configuration files if available Generate the neutron core sample config files by using the oslo generator. The files are generated with a .sample extension and replace the static example configuration files. Once the generation code is delivered, the static config files will be removed. Change-Id: Ic37a16b6cf8eb92030649f1fc8b198738a8cc104 Related-blueprint: autogen-neutron-conf-file Partial-bug: #1199963 Depends-On: I1c6dc4e7d479f1b7c755597caded24a0f018c712 Co-Authored-By: Louis Taylor --- lib/neutron-legacy | 19 +++++++++++++------ lib/neutron_plugins/services/metering | 2 +- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index d00630af70..a60714f43b 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -870,7 +870,10 @@ function _create_neutron_conf_dir { function _configure_neutron_common { _create_neutron_conf_dir - cp $NEUTRON_DIR/etc/neutron.conf $NEUTRON_CONF + # Uses oslo config generator to generate core sample configuration files + (cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh) + + cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE @@ -895,7 +898,9 @@ function _configure_neutron_common { Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME # NOTE(hichihara): Some neutron vendor plugins were already decomposed and # there is no config file in Neutron tree. They should prepare the file in each plugin. - if [ -f $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE ]; then + if [ -f "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" ]; then + cp "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" /$Q_PLUGIN_CONF_FILE + elif [ -f $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE ]; then cp $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE fi @@ -903,6 +908,8 @@ function _configure_neutron_common { iniset $NEUTRON_CONF DEFAULT state_path $DATA_DIR/neutron iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG iniset $NEUTRON_CONF DEFAULT bind_host $Q_LISTEN_ADDRESS + iniset $NEUTRON_CONF oslo_concurrency lock_path $DATA_DIR/neutron/lock + # If addition config files are set, make sure their path name is set as well if [[ ${#Q_PLUGIN_EXTRA_CONF_FILES[@]} > 0 && $Q_PLUGIN_EXTRA_CONF_PATH == '' ]]; then die $LINENO "Neutron additional plugin config not set.. exiting" @@ -959,7 +966,7 @@ function _configure_neutron_debug_command { return fi - cp $NEUTRON_DIR/etc/l3_agent.ini $NEUTRON_TEST_CONFIG_FILE + cp $NEUTRON_DIR/etc/l3_agent.ini.sample $NEUTRON_TEST_CONFIG_FILE iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT verbose False iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT debug False @@ -975,7 +982,7 @@ function _configure_neutron_debug_command { function _configure_neutron_dhcp_agent { - cp $NEUTRON_DIR/etc/dhcp_agent.ini $Q_DHCP_CONF_FILE + cp $NEUTRON_DIR/etc/dhcp_agent.ini.sample $Q_DHCP_CONF_FILE iniset $Q_DHCP_CONF_FILE DEFAULT verbose True iniset $Q_DHCP_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL @@ -1007,7 +1014,7 @@ function _configure_neutron_l3_agent { neutron_vpn_configure_agent fi - cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE + cp $NEUTRON_DIR/etc/l3_agent.ini.sample $Q_L3_CONF_FILE iniset $Q_L3_CONF_FILE DEFAULT verbose True iniset $Q_L3_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL @@ -1028,7 +1035,7 @@ function _configure_neutron_l3_agent { } function _configure_neutron_metadata_agent { - cp $NEUTRON_DIR/etc/metadata_agent.ini $Q_META_CONF_FILE + cp $NEUTRON_DIR/etc/metadata_agent.ini.sample $Q_META_CONF_FILE iniset $Q_META_CONF_FILE DEFAULT verbose True iniset $Q_META_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL diff --git a/lib/neutron_plugins/services/metering b/lib/neutron_plugins/services/metering index 5fd2fdce44..5b32468d21 100644 --- a/lib/neutron_plugins/services/metering +++ b/lib/neutron_plugins/services/metering @@ -21,7 +21,7 @@ function neutron_agent_metering_configure_agent { METERING_AGENT_CONF_FILENAME="$METERING_AGENT_CONF_PATH/metering_agent.ini" - cp $NEUTRON_DIR/etc/metering_agent.ini $METERING_AGENT_CONF_FILENAME + cp $NEUTRON_DIR/etc/metering_agent.ini.sample $METERING_AGENT_CONF_FILENAME } function neutron_metering_stop { From e0ac37c257bf08db8d220d13773859d9202305d2 Mon Sep 17 00:00:00 2001 From: Dmitry Guryanov Date: Mon, 30 Nov 2015 18:48:23 +0300 Subject: [PATCH 0107/2409] Fix path setup in add_sudo_secure_path There are two bugs in add_sudo_secure_path. Firstly we don't properly check if the file exists, so always append the new line. This will overwrite any existing changes. Secondly the logic for checking if the path exists is inverted, so we miss adding paths when we should. This particularly causes failures when installing with virtualenv's since the paths are inside the virtualenv, rather than the standard system locations. Change-Id: I646fe0c68958470d464fe4f3d81d5c17dd6f2ab6 Closes-bug: #1521241 --- inc/rootwrap | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/inc/rootwrap b/inc/rootwrap index 63ab59adc7..2a6e4b648f 100644 --- a/inc/rootwrap +++ b/inc/rootwrap @@ -22,14 +22,14 @@ function add_sudo_secure_path { local line # This is pretty simplistic for now - assume only the first line is used - if [[ -r SUDO_SECURE_PATH_FILE ]]; then + if [[ -r $SUDO_SECURE_PATH_FILE ]]; then line=$(head -1 $SUDO_SECURE_PATH_FILE) else line="Defaults:$STACK_USER secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin" fi # Only add ``dir`` if it is not already present - if [[ $line =~ $dir ]]; then + if [[ ! $line =~ $dir ]]; then echo "${line}:$dir" | sudo tee $SUDO_SECURE_PATH_FILE sudo chmod 400 $SUDO_SECURE_PATH_FILE sudo chown root:root $SUDO_SECURE_PATH_FILE From 1afc28bf6c33c792eb9d2fd1992534e82af29291 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Fri, 27 Nov 2015 14:15:56 +1100 Subject: [PATCH 0108/2409] Turn off tracing when outputting errors When outputting these error strings, turn off the tracing so the user can actually read it. Also reword the "not root" user message so it fits into a standard terminal window length. Change-Id: I466c60865bc1128f4edd219f831a9c6cffa67829 Parital-Bug: #1517199 --- stack.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/stack.sh b/stack.sh index 8625b5aaeb..083c488fc1 100755 --- a/stack.sh +++ b/stack.sh @@ -75,6 +75,7 @@ fi # Check if run in POSIX shell if [[ "${POSIXLY_CORRECT}" == "y" ]]; then + set +o xtrace echo "You are running POSIX compatibility mode, DevStack requires bash 4.2 or newer." exit 1 fi @@ -85,11 +86,11 @@ fi # action to create a suitable user account. if [[ $EUID -eq 0 ]]; then - echo "You are running this script as root." - echo "Cut it out." - echo "Really." - echo "If you need an account to run DevStack, do this (as root, heh) to create a non-root account:" - echo "$TOP_DIR/tools/create-stack-user.sh" + set +o xtrace + echo "DevStack should be run as a user with sudo permissions, " + echo "not root." + echo "A \"stack\" user configured correctly can be created with:" + echo " $TOP_DIR/tools/create-stack-user.sh" exit 1 fi @@ -98,6 +99,7 @@ fi # virtual env, and will fail in really odd ways if you do this. Make # this explicit as it has come up on the mailing list. if [[ -n "$VIRTUAL_ENV" ]]; then + set +o xtrace echo "You appear to be running under a python virtualenv." echo "DevStack does not support this, as we may break the" echo "virtualenv you are currently in by modifying " @@ -111,6 +113,7 @@ fi # on a lot of different environments, you sometimes run it on the # wrong box. This makes there be a way to prevent that. if [[ -e $HOME/.no-devstack ]]; then + set +o xtrace echo "You've marked this host as a no-devstack host, to save yourself from" echo "running devstack accidentally. If this is in error, please remove the" echo "~/.no-devstack file" From ddc3839bdc7ff73f6224273605db10fd88cd60df Mon Sep 17 00:00:00 2001 From: Doug Hellmann Date: Thu, 7 May 2015 21:06:24 +0000 Subject: [PATCH 0109/2409] Enable optional Python 3 support Add USE_PYTHON3 and PYTHON3_VERSION variables to allow services to use python 3 if they indicate support in their python package metadata. Tested in Heat here -> I837c2fba682ab430d50e9f43913f2fed20325a7a. Project config change to add a dedicated job to Heat is here -> I0837e62d6ccc66397a5e409f0961edd4be31f467 Change-Id: I079e18b58b214bf8362945c253d6d894ca8b1a6b --- inc/python | 47 +++++++++++++++++++++++++++++++++++++--- lib/stack | 1 + stackrc | 11 ++++++++++ tools/install_pip.sh | 8 +++++++ tools/install_prereqs.sh | 3 +++ 5 files changed, 67 insertions(+), 3 deletions(-) diff --git a/inc/python b/inc/python index 59668a2c6a..c157604699 100644 --- a/inc/python +++ b/inc/python @@ -28,10 +28,13 @@ declare -A PROJECT_VENV # Get the path to the pip command. # get_pip_command function get_pip_command { - which pip || which pip-python + local version="$1" + # NOTE(dhellmann): I don't know if we actually get a pip3.4-python + # under any circumstances. + which pip${version} || which pip${version}-python if [ $? -ne 0 ]; then - die $LINENO "Unable to find pip; cannot continue" + die $LINENO "Unable to find pip${version}; cannot continue" fi } @@ -66,6 +69,13 @@ function pip_install_gr { pip_install $clean_name } +# Determine the python versions supported by a package +function get_python_versions_for_package { + local name=$1 + cd $name && python setup.py --classifiers \ + | grep 'Language' | cut -f5 -d: | grep '\.' | tr '\n' ' ' +} + # Wrapper for ``pip install`` to set cache and proxy environment variables # Uses globals ``OFFLINE``, ``PIP_VIRTUAL_ENV``, # ``PIP_UPGRADE``, ``TRACK_DEPENDS``, ``*_proxy``, @@ -104,8 +114,22 @@ function pip_install { local sudo_pip="env" else local cmd_pip - cmd_pip=$(get_pip_command) + cmd_pip=$(get_pip_command $PYTHON2_VERSION) local sudo_pip="sudo -H" + if python3_enabled; then + # Look at the package classifiers to find the python + # versions supported, and if we find the version of + # python3 we've been told to use, use that instead of the + # default pip + local package_dir=${!#} + local python_versions + if [[ -d "$package_dir" ]]; then + python_versions=$(get_python_versions_for_package $package_dir) + if [[ $python_versions =~ $PYTHON3_VERSION ]]; then + cmd_pip=$(get_pip_command $PYTHON3_VERSION) + fi + fi + fi fi fi @@ -113,6 +137,8 @@ function pip_install { # Always apply constraints cmd_pip="$cmd_pip -c $REQUIREMENTS_DIR/upper-constraints.txt" + # FIXME(dhellmann): Need to force multiple versions of pip for + # packages like setuptools? local pip_version pip_version=$(python -c "import pip; \ print(pip.__version__.strip('.')[0])") @@ -276,6 +302,21 @@ function setup_package { fi } +# Report whether python 3 should be used +function python3_enabled { + if [[ $USE_PYTHON3 == "True" ]]; then + return 0 + else + return 1 + fi +} + +# Install python3 packages +function install_python3 { + if is_ubuntu; then + apt_get install python3.4 python3.4-dev + fi +} # Restore xtrace $INC_PY_TRACE diff --git a/lib/stack b/lib/stack index 7d98604b82..f09ddcee85 100644 --- a/lib/stack +++ b/lib/stack @@ -19,6 +19,7 @@ function stack_install_service { local service=$1 if type install_${service} >/dev/null 2>&1; then + # FIXME(dhellmann): Needs to be python3-aware at some point. if [[ ${USE_VENV} = True && -n ${PROJECT_VENV[$service]:-} ]]; then rm -rf ${PROJECT_VENV[$service]} source $TOP_DIR/tools/build_venv.sh ${PROJECT_VENV[$service]} ${ADDITIONAL_VENV_PACKAGES//,/ } diff --git a/stackrc b/stackrc index 5dd109c0a4..f949ccbad9 100644 --- a/stackrc +++ b/stackrc @@ -118,6 +118,17 @@ if [[ -r $RC_DIR/.localrc.password ]]; then source $RC_DIR/.localrc.password fi +# Control whether Python 3 should be used. +export USE_PYTHON3=${USE_PYTHON3:-False} + +# When Python 3 is supported by an application, adding the specific +# version of Python 3 to this variable will install the app using that +# version of the interpreter instead of 2.7. +export PYTHON3_VERSION=${PYTHON3_VERSION:-3.4} + +# Just to be more explicit on the Python 2 version to use. +export PYTHON2_VERSION=${PYTHON2_VERSION:-2.7} + # allow local overrides of env variables, including repo config if [[ -f $RC_DIR/localrc ]]; then # Old-style user-supplied config diff --git a/tools/install_pip.sh b/tools/install_pip.sh index ab5efb2e77..f239c7bb16 100755 --- a/tools/install_pip.sh +++ b/tools/install_pip.sh @@ -8,6 +8,7 @@ # Assumptions: # - update pip to $INSTALL_PIP_VERSION +# - if USE_PYTHON3=True, PYTHON3_VERSION refers to a version already installed set -o errexit set -o xtrace @@ -31,6 +32,8 @@ GetDistro echo "Distro: $DISTRO" function get_versions { + # FIXME(dhellmann): Deal with multiple python versions here? This + # is just used for reporting, so maybe not? PIP=$(which pip 2>/dev/null || which pip-python 2>/dev/null || true) if [[ -n $PIP ]]; then PIP_VERSION=$($PIP --version | awk '{ print $2}') @@ -75,6 +78,9 @@ function install_get_pip { touch $LOCAL_PIP.downloaded fi sudo -H -E python $LOCAL_PIP + if python3_enabled; then + sudo -H -E python${PYTHON3_VERSION} $LOCAL_PIP + fi } @@ -114,6 +120,7 @@ get_versions # python in f23 depends on the python-pip package if ! { is_fedora && [[ $DISTRO == "f23" ]]; }; then uninstall_package python-pip + uninstall_package python3-pip fi install_get_pip @@ -122,6 +129,7 @@ if [[ -n $PYPI_ALTERNATIVE_URL ]]; then configure_pypi_alternative_url fi +set -x pip_install -U setuptools get_versions diff --git a/tools/install_prereqs.sh b/tools/install_prereqs.sh index 38452cd90f..031f8a8eca 100755 --- a/tools/install_prereqs.sh +++ b/tools/install_prereqs.sh @@ -81,6 +81,9 @@ if [[ -n "$SYSLOG" && "$SYSLOG" != "False" ]]; then fi fi +if python3_enabled; then + install_python3 +fi # Mark end of run # --------------- From 88ee8ce4684e13865123636dd5d2baa5d6a44ef7 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Wed, 2 Dec 2015 07:47:31 -0500 Subject: [PATCH 0110/2409] create apt_get_update to try to work around broken mirrors Ubuntu's apt mirroring mechanism produces inconsistent mirrors pretty regularly. The devstack-gate apt-get update model seems to have been more effective getting past this than what we did in devstack. Adopt that method for our updates. Change-Id: I97c7896ef38b275aacb4f933fc849acee1bab858 --- functions-common | 39 +++++++++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/functions-common b/functions-common index d68ae77971..d4099ffcfa 100644 --- a/functions-common +++ b/functions-common @@ -978,6 +978,34 @@ function _get_package_dir { echo "$pkg_dir" } +# Wrapper for ``apt-get update`` to try multiple times on the update +# to address bad package mirrors (which happen all the time). +function apt_get_update { + # only do this once per run + if [[ "$REPOS_UPDATED" == "True" && "$RETRY_UPDATE" != "True" ]]; then + return + fi + + # bail if we are offline + [[ "$OFFLINE" = "True" ]] && return + + local sudo="sudo" + [[ "$(id -u)" = "0" ]] && sudo="env" + + # time all the apt operations + time_start "apt-get-update" + + local proxies="http_proxy=${http_proxy:-} https_proxy=${https_proxy:-} no_proxy=${no_proxy:-} " + local update_cmd="$sudo $proxies apt-get update" + if ! timeout 300 sh -c "while ! $update_cmd; do sleep 30; done"; then + die $LINENO "Failed to update apt repos, we're dead now" + fi + + REPOS_UPDATED=True + # stop the clock + time_stop "apt-get-update" +} + # Wrapper for ``apt-get`` to set cache and proxy environment variables # Uses globals ``OFFLINE``, ``*_proxy`` # apt_get operation package [package ...] @@ -1158,16 +1186,7 @@ function update_package_repo { fi if is_ubuntu; then - local xtrace - xtrace=$(set +o | grep xtrace) - set +o xtrace - if [[ "$REPOS_UPDATED" != "True" || "$RETRY_UPDATE" = "True" ]]; then - # if there are transient errors pulling the updates, that's fine. - # It may be secondary repositories that we don't really care about. - apt_get update || /bin/true - REPOS_UPDATED=True - fi - $xtrace + apt_get_update fi } From 41d01104b16bf5d0d6d4d7d2a1e5883d34bff810 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Thu, 3 Dec 2015 08:12:23 -0500 Subject: [PATCH 0111/2409] remove generic extras.d support This removes the generic extras.d support, which we said we'd do at Mitaka-1. In tree extras.d continues to function as before, though we need stories to get ceph and ironic into plugins, and a better solution for Tempest. Change-Id: I8b134446dc08a2c3852423ca71af2f469f85496e --- functions-common | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/functions-common b/functions-common index d68ae77971..91a148603b 100644 --- a/functions-common +++ b/functions-common @@ -1741,17 +1741,18 @@ function run_phase { if [[ -d $TOP_DIR/extras.d ]]; then local extra_plugin_file_name for extra_plugin_file_name in $TOP_DIR/extras.d/*.sh; do - [[ -r $extra_plugin_file_name ]] && source $extra_plugin_file_name $mode $phase - # NOTE(sdague): generate a big warning about using - # extras.d in an unsupported way which will let us track - # unsupported usage in the gate. + # NOTE(sdague): only process extras.d for the 3 explicitly + # white listed elements in tree. We want these to move out + # over time as well, but they are in tree, so we need to + # manage that. local exceptions="50-ironic.sh 60-ceph.sh 80-tempest.sh" local extra extra=$(basename $extra_plugin_file_name) if [[ ! ( $exceptions =~ "$extra" ) ]]; then - deprecated "extras.d support is being removed in Mitaka-1" - deprecated "jobs for project $extra will break after that point" - deprecated "please move project to a supported devstack plugin model" + warn "use of extras.d is no longer supported" + warn "processing of project $extra is skipped" + else + [[ -r $extra_plugin_file_name ]] && source $extra_plugin_file_name $mode $phase fi done fi From 2391d4321ffe3a0a482e01d133038dfd38c76bac Mon Sep 17 00:00:00 2001 From: Devananda van der Veen Date: Thu, 3 Dec 2015 09:16:18 -0800 Subject: [PATCH 0112/2409] Update lib/ironic to always skip cleaning Previously, devstack would disable ironic's cleaning phase if a driver with "agent" in the name was used. However, we have begun using the IPA ramdisk for all tests in the gate, which caused cleaning to be run for the "pxe_ssh" job which therefore fails due to timeouts. As a result, for now, we need to always disable cleaning. As a point of record, we should actually be testing cleaning in the gate. However, running 'shred' on the disks of a nested VM is too slow and causes the gate to timeout // take too long. Some options have been discussed for ways to test the callback mechanism but avoid actually running 'shred' on the disks. This needs to be revisited. Change-Id: Id15cf6cc49122b08e557e44871b31a8c0d20b55d Related-to-Bug: #1517277 --- lib/ironic | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/ironic b/lib/ironic index 27b0c8d4ff..2fb2004d71 100644 --- a/lib/ironic +++ b/lib/ironic @@ -365,6 +365,9 @@ function configure_ironic_conductor { iniset $IRONIC_CONF_FILE pxe pxe_append_params "$pxe_params" fi + # Set these options for scenarios in which the agent fetches the image + # directly from glance, and don't set them where the image is pushed + # over iSCSI. if is_deployed_by_agent; then if [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]] ; then iniset $IRONIC_CONF_FILE glance swift_temp_url_key $SWIFT_TEMPURL_KEY @@ -379,9 +382,13 @@ function configure_ironic_conductor { iniset $IRONIC_CONF_FILE glance swift_container glance iniset $IRONIC_CONF_FILE glance swift_temp_url_duration 3600 iniset $IRONIC_CONF_FILE agent heartbeat_timeout 30 - iniset $IRONIC_CONF_FILE agent agent_erase_devices_priority 0 fi + # FIXME: this really needs to be tested in the gate. + # For now, any test using the agent ramdisk should skip cleaning + # because it is too slow to run in the gate. + iniset $IRONIC_CONF_FILE agent agent_erase_devices_priority 0 + if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then local pxebin pxebin=`basename $IRONIC_PXE_BOOT_IMAGE` From 7b7101f1c5ccd4d0722245613df8c8f7a67e79b9 Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Tue, 1 Dec 2015 22:17:42 +0000 Subject: [PATCH 0113/2409] Neutron FWaaS: Use generated configuration files if available Generate the Neutron FWaaS sample config files by using the oslo generator. The files are generated with a .sample extension and replace the static example configuration files. Once the generation code is delivered, the static config files will be removed. Change-Id: Ic8208850a27408c8fbeed80ecdb43345aa7dfaa4 Related-blueprint: autogen-neutron-conf-file Partial-bug: #1199963 Depends-On: I8e9113dfb88e5290f6eedd012d1a52fc35c3c88c --- lib/neutron_plugins/services/firewall | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/neutron_plugins/services/firewall b/lib/neutron_plugins/services/firewall index 1d81a21825..2b7f32d233 100644 --- a/lib/neutron_plugins/services/firewall +++ b/lib/neutron_plugins/services/firewall @@ -14,8 +14,11 @@ function neutron_fwaas_configure_common { } function neutron_fwaas_configure_driver { + # Uses oslo config generator to generate FWaaS sample configuration files + (cd $NEUTRON_FWAAS_DIR && exec ./tools/generate_config_file_samples.sh) + FWAAS_DRIVER_CONF_FILENAME=/etc/neutron/fwaas_driver.ini - cp $NEUTRON_FWAAS_DIR/etc/fwaas_driver.ini $FWAAS_DRIVER_CONF_FILENAME + cp $NEUTRON_FWAAS_DIR/etc/fwaas_driver.ini.sample $FWAAS_DRIVER_CONF_FILENAME iniset_multiline $FWAAS_DRIVER_CONF_FILENAME fwaas enabled True iniset_multiline $FWAAS_DRIVER_CONF_FILENAME fwaas driver "neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver" From 2a688440132173d493dff7c7c3760681d41e11be Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Tue, 8 Dec 2015 13:26:29 +0000 Subject: [PATCH 0114/2409] Heat - revise keystone/trusts config to avoid deprecated options There are some inter-related changes required to avoid using legacy fallback/deprecated paths in heat, which result in warnings in the log, e.g because we fall-back to reusing keystone auth_token configuration instead of heat specific sections. To fix this: - Don't explicitly set deferred_auth_method=trusts, as this is now the default (since kilo) - Create a new "trustee" section containing configuration used for the password auth-plugin associated with deferred authentication via trusts (support for this was added during liberty to enable us to stop incorrectly using the keystone auth_token config) - Create a "clients_keystone" section to avoid falling back to the legacy behavior of stealing the uri from auth_token. This also means we can remove the FIXME and auth_token auth_uri mentioned by jamielennox. Change-Id: Ie34332a7aec3b9b271df0759dd6ab66b45302832 Related-Bug: #1300246 --- lib/heat | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/lib/heat b/lib/heat index fdcf5bcaad..3666776317 100644 --- a/lib/heat +++ b/lib/heat @@ -56,6 +56,10 @@ HEAT_ENV_DIR=$HEAT_CONF_DIR/environment.d HEAT_TEMPLATES_DIR=$HEAT_CONF_DIR/templates HEAT_API_HOST=${HEAT_API_HOST:-$HOST_IP} HEAT_API_PORT=${HEAT_API_PORT:-8004} +HEAT_SERVICE_USER=${HEAT_SERVICE_USER:-heat} +HEAT_TRUSTEE_USER=${HEAT_TRUSTEE_USER:-$HEAT_SERVICE_USER} +HEAT_TRUSTEE_PASSWORD=${HEAT_TRUSTEE_PASSWORD:-$SERVICE_PASSWORD} +HEAT_TRUSTEE_DOMAIN=${HEAT_TRUSTEE_DOMAIN:-default} # Support entry points installation of console scripts HEAT_BIN_DIR=$(get_python_exec_prefix) @@ -73,7 +77,7 @@ if [[ "$HEAT_STANDALONE" = "True" ]]; then fi else HEAT_STACK_DOMAIN=$(trueorfalse True HEAT_STACK_DOMAIN) - HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts} + HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-} fi HEAT_PLUGIN_DIR=${HEAT_PLUGIN_DIR:-$DATA_DIR/heat/plugins} ENABLE_HEAT_PLUGINS=${ENABLE_HEAT_PLUGINS:-} @@ -134,30 +138,39 @@ function configure_heat { setup_colorized_logging $HEAT_CONF DEFAULT tenant user fi - iniset $HEAT_CONF DEFAULT deferred_auth_method $HEAT_DEFERRED_AUTH + if [ ! -z "$HEAT_DEFERRED_AUTH" ]; then + iniset $HEAT_CONF DEFAULT deferred_auth_method $HEAT_DEFERRED_AUTH + fi if [ "$HEAT_USE_MOD_WSGI" == "True" ]; then _config_heat_apache_wsgi fi - # NOTE(jamielennox): heat re-uses specific values from the - # keystone_authtoken middleware group and so currently fails when using the - # auth plugin setup. This should be fixed in heat. Heat is also the only - # service that requires the auth_uri to include a /v2.0. Remove this custom - # setup when bug #1300246 is resolved. - iniset $HEAT_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0 if [[ "$HEAT_STANDALONE" = "True" ]]; then iniset $HEAT_CONF paste_deploy flavor standalone iniset $HEAT_CONF clients_heat url "http://$HEAT_API_HOST:$HEAT_API_PORT/v1/%(tenant_id)s" else iniset $HEAT_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI - iniset $HEAT_CONF keystone_authtoken admin_user heat + iniset $HEAT_CONF keystone_authtoken admin_user $HEAT_SERVICE_USER iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME iniset $HEAT_CONF keystone_authtoken cafile $SSL_BUNDLE_FILE iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR fi + # If HEAT_DEFERRED_AUTH is unset or explicitly set to trusts, configure + # the section for the client plugin associated with the trustee + if [ -z "$HEAT_DEFERRED_AUTH" -o "trusts" == "$HEAT_DEFERRED_AUTH" ]; then + iniset $HEAT_CONF trustee auth_plugin password + iniset $HEAT_CONF trustee auth_url $KEYSTONE_AUTH_URI + iniset $HEAT_CONF trustee username $HEAT_TRUSTEE_USER + iniset $HEAT_CONF trustee password $HEAT_TRUSTEE_PASSWORD + iniset $HEAT_CONF trustee user_domain_id $HEAT_TRUSTEE_DOMAIN + fi + + # clients_keystone + iniset $HEAT_CONF clients_keystone auth_uri $KEYSTONE_AUTH_URI + # ec2authtoken iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0 From 642b07b930cf5f49d1ed9aa220021d45ca631b1a Mon Sep 17 00:00:00 2001 From: ghanshyam Date: Thu, 19 Nov 2015 10:01:14 +0900 Subject: [PATCH 0115/2409] Add compute microversions configuration on tempest Many projects like Nova, Ironic etc have implemented the microversions for versioning their APIs. Tempest is going to tests those microversions - I57b78b4c0543b6fb0533b556886a19a03297555e. For testing microversion in Tempest on gate, we need to set a valid range of microversion in Tempest config and based on that Tempest will run appropriate tests. This commit adds the below range options for compute microversion testing- - [None, 'latest'] - for master branch as default - [None, None] - for tests running on v2.0 - option to set the range. Depends-On: I81e86faca6f8c0ffb7da22154a62236ac25cf0c0 Partially implements blueprint api-microversions-testing-support Change-Id: I171b862d1bba1af467f5b9a76288216c39e2adda --- lib/tempest | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/lib/tempest b/lib/tempest index 6adc449ad0..61351c0628 100644 --- a/lib/tempest +++ b/lib/tempest @@ -357,6 +357,30 @@ function configure_tempest { compute_api_extensions=$(remove_disabled_extensions $compute_api_extensions $DISABLE_COMPUTE_API_EXTENSIONS) fi + # Set the microversion range for compute tests. + # This is used to run the Nova microversions tests. + # Setting [None, latest] range of microversion which allow Tempest to run all microversions tests. + # NOTE- To avoid microversion tests failure on stable branch, we need to change "tempest_compute_max_microversion" + # for stable branch on each release which should be changed from "latest" to max supported version of that release. + local tempest_compute_min_microversion=${TEMPEST_COMPUTE_MIN_MICROVERSION:-None} + local tempest_compute_max_microversion=${TEMPEST_COMPUTE_MAX_MICROVERSION:-"latest"} + # Reset microversions to None where v2.0 is running which does not support microversion. + # Both "None" means no microversion testing. + if [[ "$TEMPEST_COMPUTE_TYPE" == "compute_legacy" ]]; then + tempest_compute_min_microversion=None + tempest_compute_max_microversion=None + fi + if [ "$tempest_compute_min_microversion" == "None" ]; then + inicomment $TEMPEST_CONFIG compute-feature-enabled min_microversion + else + iniset $TEMPEST_CONFIG compute-feature-enabled min_microversion $tempest_compute_min_microversion + fi + if [ "$tempest_compute_max_microversion" == "None" ]; then + inicomment $TEMPEST_CONFIG compute-feature-enabled max_microversion + else + iniset $TEMPEST_CONFIG compute-feature-enabled max_microversion $tempest_compute_max_microversion + fi + iniset $TEMPEST_CONFIG compute-feature-enabled resize True iniset $TEMPEST_CONFIG compute-feature-enabled live_migration ${LIVE_MIGRATION_AVAILABLE:-False} iniset $TEMPEST_CONFIG compute-feature-enabled change_password False From af0801de3c1b1c51cf1a995c2939e182d2ef4926 Mon Sep 17 00:00:00 2001 From: Philipp Marek Date: Wed, 9 Dec 2015 13:51:56 +0100 Subject: [PATCH 0116/2409] Make logfile symlinks with relative names. Using absolute names for the symlink breaks in quite a few ways; * when creating a tar file of the logs, * when serving via NFS, or any other case where the directory gets transferred to a different machine. So just create the symlink with relative names, then they'll work in any location. Change-Id: I432a69754985fc71feb0068b7adca01066d7bc1b --- functions-common | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/functions-common b/functions-common index d4099ffcfa..0c5e48cadf 100644 --- a/functions-common +++ b/functions-common @@ -1309,10 +1309,11 @@ function _run_process { exec 3>&- exec 6>&- - local real_logfile="${LOGDIR}/${service}.log.${CURRENT_LOG_TIME}" + local logfile="${service}.log.${CURRENT_LOG_TIME}" + local real_logfile="${LOGDIR}/${logfile}" if [[ -n ${LOGDIR} ]]; then exec 1>&"$real_logfile" 2>&1 - ln -sf "$real_logfile" ${LOGDIR}/${service}.log + bash -c "cd '$LOGDIR' && ln -sf '$logfile' ${service}.log" if [[ -n ${SCREEN_LOGDIR} ]]; then # Drop the backward-compat symlink ln -sf "$real_logfile" ${SCREEN_LOGDIR}/screen-${service}.log @@ -1399,7 +1400,8 @@ function screen_process { screen -S $SCREEN_NAME -X screen -t $name - local real_logfile="${LOGDIR}/${name}.log.${CURRENT_LOG_TIME}" + local logfile="${name}.log.${CURRENT_LOG_TIME}" + local real_logfile="${LOGDIR}/${logfile}" echo "LOGDIR: $LOGDIR" echo "SCREEN_LOGDIR: $SCREEN_LOGDIR" echo "log: $real_logfile" @@ -1410,7 +1412,7 @@ function screen_process { fi # If logging isn't active then avoid a broken symlink touch "$real_logfile" - ln -sf "$real_logfile" ${LOGDIR}/${name}.log + bash -c "cd '$LOGDIR' && ln -sf '$logfile' ${name}.log" if [[ -n ${SCREEN_LOGDIR} ]]; then # Drop the backward-compat symlink ln -sf "$real_logfile" ${SCREEN_LOGDIR}/screen-${1}.log From 56632fc75ddd4af3239c44e27673854dd65f4628 Mon Sep 17 00:00:00 2001 From: Jim Rollenhagen Date: Thu, 10 Dec 2015 05:57:19 -0800 Subject: [PATCH 0117/2409] Fix override-defaults in plugin docs Docs specify that this file should be override_defaults, when really devstack looks for override-defaults. Change-Id: I3900ec4d16ffb48c6969dac5081ea2817536c246 --- doc/source/plugins.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/source/plugins.rst b/doc/source/plugins.rst index b8da7e1237..83e5609efa 100644 --- a/doc/source/plugins.rst +++ b/doc/source/plugins.rst @@ -21,12 +21,12 @@ external repositories. The plugin interface assumes the following: An external git repository that includes a ``devstack/`` top level directory. Inside this directory there can be 3 files. -- ``override_defaults`` - a file containing global variables that +- ``override-defaults`` - a file containing global variables that will be sourced before the lib/* files. This allows the plugin to override the defaults that are otherwise set in the lib/* files. - For example, override_defaults may export CINDER_ENABLED_BACKENDS + For example, override-defaults may export CINDER_ENABLED_BACKENDS to include the plugin-specific storage backend and thus be able to override the default lvm only storage backend for Cinder. From 9fc3ba408a97d0dd39ce26dd8dbcdb3b110cde71 Mon Sep 17 00:00:00 2001 From: Jim Rollenhagen Date: Thu, 10 Dec 2015 13:33:28 +0000 Subject: [PATCH 0118/2409] Ironic: add flag for using plugin This adds a flag to skip ironic code if the ironic devstack plugin is in use. This flag will be set to true in ironic's devstack plugin to indicate that the plugin should be in control, rather than devstack. This is for the transition period only, and will be removed with the rest of the ironic code in the devstack tree, once the gate is configured to use the ironic plugin. Change-Id: Id01d97fd13fa9f866d645ec5077834ddb78b2b89 --- extras.d/50-ironic.sh | 7 +++++++ lib/ironic | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/extras.d/50-ironic.sh b/extras.d/50-ironic.sh index 3b8e3d5045..0ee6a94758 100644 --- a/extras.d/50-ironic.sh +++ b/extras.d/50-ironic.sh @@ -1,5 +1,12 @@ # ironic.sh - Devstack extras script to install ironic +# NOTE(jroll) this is used for the transition to a devstack plugin in +# the ironic tree. +IRONIC_USING_PLUGIN=$(trueorfalse False IRONIC_USING_PLUGIN) +if [[ "$IRONIC_USING_PLUGIN" == "True" ]] ; then + return 0 +fi + if is_service_enabled ir-api ir-cond; then if [[ "$1" == "source" ]]; then # Initial source diff --git a/lib/ironic b/lib/ironic index 2fb2004d71..dd4f8bf65f 100644 --- a/lib/ironic +++ b/lib/ironic @@ -26,6 +26,13 @@ _PIPEFAIL_IRONIC=$(set +o | grep pipefail) set +o xtrace set +o pipefail +# NOTE(jroll) this is used for the transition to a devstack plugin in +# the ironic tree. +IRONIC_USING_PLUGIN=$(trueorfalse False IRONIC_USING_PLUGIN) +if [[ "$IRONIC_USING_PLUGIN" == "True" ]] ; then + return 0 +fi + # Defaults # -------- From 10bff0e9968d7a9c59ea7f09f49775973f8b5008 Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Thu, 3 Dec 2015 15:18:10 +0000 Subject: [PATCH 0119/2409] Neutron LBaaS: Use generated configuration files if available Generate the Neutron LBaaS sample config files by using the oslo generator. The files are generated with a .sample extension and replace the static example configuration files. Once the generation code is delivered, the static config files will be removed. Change-Id: Iae1e581ec2bea9c0ced700229effcc716d53fe4e Related-blueprint: autogen-neutron-conf-file Partial-bug: #1199963 Depends-On: I25507f3bc6e995580aa91a912c2cf4110757df15 --- lib/neutron-legacy | 11 +++++++++-- lib/neutron_plugins/services/loadbalancer | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index caf89e3d8c..628f6463d1 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -112,6 +112,9 @@ NEUTRON_CONF_DIR=/etc/neutron NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf export NEUTRON_TEST_CONFIG_FILE=${NEUTRON_TEST_CONFIG_FILE:-"$NEUTRON_CONF_DIR/debug.ini"} +# Default provider for load balancer service +DEFAULT_LB_PROVIDER=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default + # Agent binaries. Note, binary paths for other agents are set in per-service # scripts in lib/neutron_plugins/services/ AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent" @@ -1058,8 +1061,12 @@ function _configure_neutron_ceilometer_notifications { } function _configure_neutron_lbaas { - if [ -f $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf ]; then - cp $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf $NEUTRON_CONF_DIR + # Uses oslo config generator to generate LBaaS sample configuration files + (cd $NEUTRON_LBAAS_DIR && exec ./tools/generate_config_file_samples.sh) + + if [ -f $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf.sample ]; then + cp $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf.sample $NEUTRON_CONF_DIR/neutron_lbaas.conf + iniset $NEUTRON_CONF_DIR/neutron_lbaas.conf service_providers service_provider $DEFAULT_LB_PROVIDER fi neutron_agent_lbaas_configure_common neutron_agent_lbaas_configure_agent diff --git a/lib/neutron_plugins/services/loadbalancer b/lib/neutron_plugins/services/loadbalancer index b07d06c32b..30e9480f2e 100644 --- a/lib/neutron_plugins/services/loadbalancer +++ b/lib/neutron_plugins/services/loadbalancer @@ -28,7 +28,7 @@ function neutron_agent_lbaas_configure_agent { LBAAS_AGENT_CONF_FILENAME="$LBAAS_AGENT_CONF_PATH/lbaas_agent.ini" - cp $NEUTRON_LBAAS_DIR/etc/lbaas_agent.ini $LBAAS_AGENT_CONF_FILENAME + cp $NEUTRON_LBAAS_DIR/etc/lbaas_agent.ini.sample $LBAAS_AGENT_CONF_FILENAME # ovs_use_veth needs to be set before the plugin configuration # occurs to allow plugins to override the setting. From e42306d9db86a6cbb7cf1c062d8a5bdcd8479654 Mon Sep 17 00:00:00 2001 From: gordon chung Date: Thu, 10 Dec 2015 14:54:01 -0500 Subject: [PATCH 0120/2409] only set admin_* options for eventlet keystone+apache don't need these values set. Change-Id: Iebdb31b5f0888613e0454f09a426933d6fcd71b3 see: http://lists.openstack.org/pipermail/openstack-dev/2015-December/081984.html --- lib/keystone | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/lib/keystone b/lib/keystone index b19202b0f7..6b4118de0b 100644 --- a/lib/keystone +++ b/lib/keystone @@ -218,8 +218,6 @@ function configure_keystone { iniset_rpc_backend keystone $KEYSTONE_CONF - iniset $KEYSTONE_CONF eventlet_server admin_bind_host "$KEYSTONE_ADMIN_BIND_HOST" - # Register SSL certificates if provided if is_ssl_enabled_service key; then ensure_certificates KEYSTONE @@ -296,13 +294,14 @@ function configure_keystone { iniset $KEYSTONE_CONF DEFAULT logging_debug_format_suffix "%(funcName)s %(pathname)s:%(lineno)d" iniset $KEYSTONE_CONF DEFAULT logging_exception_prefix "%(process)d TRACE %(name)s %(instance)s" _config_keystone_apache_wsgi + else + iniset $KEYSTONE_CONF eventlet_server admin_bind_host "$KEYSTONE_ADMIN_BIND_HOST" + iniset $KEYSTONE_CONF eventlet_server admin_workers "$API_WORKERS" + # Public workers will use the server default, typically number of CPU. fi iniset $KEYSTONE_CONF DEFAULT max_token_size 16384 - iniset $KEYSTONE_CONF eventlet_server admin_workers "$API_WORKERS" - # Public workers will use the server default, typically number of CPU. - iniset $KEYSTONE_CONF fernet_tokens key_repository "$KEYSTONE_CONF_DIR/fernet-keys/" } From 69431725eb526d9daf320d7a05cccf22d10eaafd Mon Sep 17 00:00:00 2001 From: Anusha Ramineni Date: Tue, 8 Dec 2015 12:04:27 +0530 Subject: [PATCH 0121/2409] Add congress to plugin registry Now congress supports devstack plugin model, hence including the same in plugin registry Change-Id: I1ac83c529a466e6a75a9b46ed9b56085140a63ed --- doc/source/plugin-registry.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst index 49b3a7fc02..c68d926822 100644 --- a/doc/source/plugin-registry.rst +++ b/doc/source/plugin-registry.rst @@ -26,6 +26,8 @@ The following are plugins that exist for official OpenStack projects. +------------------+---------------------------------------------+--------------------+ |ceilometer |git://git.openstack.org/openstack/ceilometer | metering | +------------------+---------------------------------------------+--------------------+ +|congress |git://git.openstack.org/openstack/congress | governance | ++------------------+---------------------------------------------+--------------------+ |gnocchi |git://git.openstack.org/openstack/gnocchi | metric | +------------------+---------------------------------------------+--------------------+ |magnum |git://git.openstack.org/openstack/magnum | | From 357dff588ef63935a2a36e89b1aa96419ef09ece Mon Sep 17 00:00:00 2001 From: Sean McGinnis Date: Fri, 11 Dec 2015 13:51:24 -0600 Subject: [PATCH 0122/2409] Remove Cinder API version cap Cinder API was pinned to v1 due to openstackclient missing some of the v2 commands, as reported in osc bug 1475060. That bug has since been marked invalid, but its intent was covered by the blueprint: https://blueprints.launchpad.net/python-openstackclient/+spec/volume-v2 This removes the pinning to the v1 API now that osc supports v2. Also removing the enablement of v1 as it was deprecated three releases ago and we would like to get more coverage on v2. Change-Id: Ia4d97734738d026c8721791669110778ff5eb6e5 --- lib/cinder | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/lib/cinder b/lib/cinder index 2119858253..569f3ab0a3 100644 --- a/lib/cinder +++ b/lib/cinder @@ -270,10 +270,6 @@ function configure_cinder { iniset $CINDER_CONF DEFAULT state_path $CINDER_STATE_PATH iniset $CINDER_CONF oslo_concurrency lock_path $CINDER_STATE_PATH iniset $CINDER_CONF DEFAULT periodic_interval $CINDER_PERIODIC_INTERVAL - # NOTE(thingee): Cinder V1 API is deprecated and defaults to off as of - # Juno. Keep it enabled so we can continue testing while it's still - # supported. - iniset $CINDER_CONF DEFAULT enable_v1_api true iniset $CINDER_CONF DEFAULT os_region_name "$REGION_NAME" @@ -550,9 +546,7 @@ function create_volume_types { local be be_name for be in ${CINDER_ENABLED_BACKENDS//,/ }; do be_name=${be##*:} - # FIXME(jamielennox): Remove --os-volume-api-version pinning when - # osc supports volume type create on v2 api. bug #1475060 - openstack volume type create --os-volume-api-version 1 --property volume_backend_name="${be_name}" ${be_name} + openstack volume type create --property volume_backend_name="${be_name}" ${be_name} done fi } From cf4f76299f84135a03fe29e5eddc97490eba806a Mon Sep 17 00:00:00 2001 From: Mahito OGURA Date: Wed, 12 Aug 2015 10:21:27 +0900 Subject: [PATCH 0123/2409] Update the vnc config options group 'DEFAULT' to 'vnc' n-api log output WARNINGs that vnc config options group 'DEFAULT' is deprecated. New vnc config options group is 'vnc'. This is change of Nova.[1] This patch changes the vnc config options group 'DEFAULT' to 'vnc'. [1] https://bugs.launchpad.net/nova/+bug/1447528 Change-Id: If54f750bac83298e90bdca27b5992fe2e5fbb712 Closes-Bug: 1483583 --- lib/nova | 12 ++++++------ lib/nova_plugins/hypervisor-libvirt | 10 +++++----- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/nova b/lib/nova index 6337f875ef..3e3f0f49ac 100644 --- a/lib/nova +++ b/lib/nova @@ -594,9 +594,9 @@ function create_nova_conf { # These settings don't hurt anything if n-xvnc and n-novnc are disabled if is_service_enabled n-cpu; then NOVNCPROXY_URL=${NOVNCPROXY_URL:-"http://$SERVICE_HOST:6080/vnc_auto.html"} - iniset $NOVA_CONF DEFAULT novncproxy_base_url "$NOVNCPROXY_URL" + iniset $NOVA_CONF vnc novncproxy_base_url "$NOVNCPROXY_URL" XVPVNCPROXY_URL=${XVPVNCPROXY_URL:-"http://$SERVICE_HOST:6081/console"} - iniset $NOVA_CONF DEFAULT xvpvncproxy_base_url "$XVPVNCPROXY_URL" + iniset $NOVA_CONF vnc xvpvncproxy_base_url "$XVPVNCPROXY_URL" SPICEHTML5PROXY_URL=${SPICEHTML5PROXY_URL:-"http://$SERVICE_HOST:6082/spice_auto.html"} iniset $NOVA_CONF spice html5proxy_base_url "$SPICEHTML5PROXY_URL" fi @@ -606,13 +606,13 @@ function create_nova_conf { # For multi-host, this should be the management ip of the compute host. VNCSERVER_LISTEN=${VNCSERVER_LISTEN=$NOVA_SERVICE_LOCAL_HOST} VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=$NOVA_SERVICE_LOCAL_HOST} - iniset $NOVA_CONF DEFAULT vnc_enabled true - iniset $NOVA_CONF DEFAULT vncserver_listen "$VNCSERVER_LISTEN" - iniset $NOVA_CONF DEFAULT vncserver_proxyclient_address "$VNCSERVER_PROXYCLIENT_ADDRESS" + iniset $NOVA_CONF vnc enabled true + iniset $NOVA_CONF vnc vncserver_listen "$VNCSERVER_LISTEN" + iniset $NOVA_CONF vnc vncserver_proxyclient_address "$VNCSERVER_PROXYCLIENT_ADDRESS" iniset $NOVA_CONF DEFAULT novncproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS" iniset $NOVA_CONF DEFAULT xvpvncproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS" else - iniset $NOVA_CONF DEFAULT vnc_enabled false + iniset $NOVA_CONF vnc enabled false fi if is_service_enabled n-spice; then diff --git a/lib/nova_plugins/hypervisor-libvirt b/lib/nova_plugins/hypervisor-libvirt index 8bbaa2133d..1b4f7ae80a 100644 --- a/lib/nova_plugins/hypervisor-libvirt +++ b/lib/nova_plugins/hypervisor-libvirt @@ -48,13 +48,13 @@ function configure_nova_hypervisor { iniset $NOVA_CONF DEFAULT firewall_driver "$LIBVIRT_FIREWALL_DRIVER" # Power architecture currently does not support graphical consoles. if is_arch "ppc64"; then - iniset $NOVA_CONF DEFAULT vnc_enabled "false" + iniset $NOVA_CONF vnc enabled "false" fi # arm64-specific configuration if is_arch "aarch64"; then # arm64 architecture currently does not support graphical consoles. - iniset $NOVA_CONF DEFAULT vnc_enabled "false" + iniset $NOVA_CONF vnc enabled "false" fi # File injection is being disabled by default in the near future - @@ -65,9 +65,9 @@ function configure_nova_hypervisor { iniset $NOVA_CONF libvirt connection_uri "parallels+unix:///system" iniset $NOVA_CONF libvirt images_type "ploop" iniset $NOVA_CONF DEFAULT force_raw_images "False" - iniset $NOVA_CONF DEFAULT vncserver_proxyclient_address $HOST_IP - iniset $NOVA_CONF DEFAULT vncserver_listen $HOST_IP - iniset $NOVA_CONF DEFAULT vnc_keymap + iniset $NOVA_CONF vnc vncserver_proxyclient_address $HOST_IP + iniset $NOVA_CONF vnc vncserver_listen $HOST_IP + iniset $NOVA_CONF vnc keymap fi } From 76cbbe37aae5d54542d62a5c6deec428a8cdc75e Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Mon, 7 Dec 2015 05:05:04 -0500 Subject: [PATCH 0124/2409] libvirt: don't repeatedly configure libvirtd logging /etc/libvirt is not world-readable (at least on Fedora and RHEL) so use sudo with the grep that checks whether we have already configured libvirtd logging. Also, change the regex so we don't count commented out logging config. Change-Id: I67484b28aafd0fa828385321fa96d9141cb4cb59 Signed-off-by: Mark McLoughlin --- lib/nova_plugins/functions-libvirt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt index dae55c6eba..4f9b239a1e 100644 --- a/lib/nova_plugins/functions-libvirt +++ b/lib/nova_plugins/functions-libvirt @@ -110,10 +110,10 @@ EOF local log_filters="1:libvirt 1:qemu 1:conf 1:security 3:object 3:event 3:json 3:file 1:util 1:qemu_monitor" fi local log_outputs="1:file:/var/log/libvirt/libvirtd.log" - if ! grep -q "log_filters=\"$log_filters\"" /etc/libvirt/libvirtd.conf; then + if ! sudo grep -q "^log_filters=\"$log_filters\"" /etc/libvirt/libvirtd.conf; then echo "log_filters=\"$log_filters\"" | sudo tee -a /etc/libvirt/libvirtd.conf fi - if ! grep -q "log_outputs=\"$log_outputs\"" /etc/libvirt/libvirtd.conf; then + if ! sudo grep -q "^log_outputs=\"$log_outputs\"" /etc/libvirt/libvirtd.conf; then echo "log_outputs=\"$log_outputs\"" | sudo tee -a /etc/libvirt/libvirtd.conf fi fi From 239a9788b3f73495efbdf586425a83d714be4412 Mon Sep 17 00:00:00 2001 From: YAMAMOTO Takashi Date: Mon, 7 Dec 2015 17:09:59 +0900 Subject: [PATCH 0125/2409] Remove a stale comment about SQLALCHEMY_DATABASE_DRIVER SQLALCHEMY_DATABASE_DRIVER is no longer used after If6d8d08e5b7b7c48ca012677b536d71058def6fd . Also, remove mysql connector packages from the install list. Closes-Bug: #1523377 Related-Bug: #1493304 Change-Id: I5ecbc3b0bac989faa5c46d3c2866558a505414d8 --- files/debs/keystone | 1 - files/debs/neutron | 1 - files/debs/nova | 1 - files/rpms/neutron | 1 - files/rpms/nova | 1 - stackrc | 12 ------------ 6 files changed, 17 deletions(-) diff --git a/files/debs/keystone b/files/debs/keystone index 0795167047..370e4aac51 100644 --- a/files/debs/keystone +++ b/files/debs/keystone @@ -1,6 +1,5 @@ libkrb5-dev libldap2-dev libsasl2-dev -python-mysql.connector python-mysqldb sqlite3 diff --git a/files/debs/neutron b/files/debs/neutron index 85145d3654..e53cc68ccf 100644 --- a/files/debs/neutron +++ b/files/debs/neutron @@ -8,7 +8,6 @@ iputils-ping libmysqlclient-dev mysql-server #NOPRIME postgresql-server-dev-all -python-mysql.connector python-mysqldb rabbitmq-server # NOPRIME radvd # NOPRIME diff --git a/files/debs/nova b/files/debs/nova index fe57fc4b2a..58dad411a8 100644 --- a/files/debs/nova +++ b/files/debs/nova @@ -15,7 +15,6 @@ libvirt-dev # NOPRIME mysql-server # NOPRIME parted pm-utils -python-mysql.connector python-mysqldb qemu # dist:wheezy,jessie NOPRIME qemu-kvm # NOPRIME diff --git a/files/rpms/neutron b/files/rpms/neutron index 9683475d29..2e49a0cf93 100644 --- a/files/rpms/neutron +++ b/files/rpms/neutron @@ -4,7 +4,6 @@ dnsmasq-utils # for dhcp_release ebtables iptables iputils -mysql-connector-python mysql-devel MySQL-python mysql-server # NOPRIME diff --git a/files/rpms/nova b/files/rpms/nova index 00e759636e..4db9a06d95 100644 --- a/files/rpms/nova +++ b/files/rpms/nova @@ -15,7 +15,6 @@ libvirt-devel # NOPRIME libvirt-python # NOPRIME libxml2-python m2crypto -mysql-connector-python mysql-devel MySQL-python mysql-server # NOPRIME diff --git a/stackrc b/stackrc index 5dd109c0a4..0c311ad65b 100644 --- a/stackrc +++ b/stackrc @@ -72,18 +72,6 @@ if ! isset ENABLED_SERVICES ; then ENABLED_SERVICES+=,rabbit,tempest,mysql,dstat fi -# SQLAlchemy supports multiple database drivers for each database server -# type. For example, deployer may use MySQLdb, MySQLConnector, or oursql -# to access MySQL database. -# -# When defined, the variable controls which database driver is used to -# connect to database server. Otherwise using default driver defined for -# each database type. -# -# You can find the list of currently supported drivers for each database -# type at: http://docs.sqlalchemy.org/en/rel_0_9/core/engines.html -# SQLALCHEMY_DATABASE_DRIVER="mysqldb" - # Global toggle for enabling services under mod_wsgi. If this is set to # ``True`` all services that use HTTPD + mod_wsgi as the preferred method of # deployment, will be deployed under Apache. If this is set to ``False`` all From 2b4d6d16211cc55794b7d96594394f5e8c40fa4b Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Fri, 4 Dec 2015 14:40:03 +0000 Subject: [PATCH 0126/2409] Neutron VPNaaS: Use generated configuration files if available Generate the Neutron VPNaaS sample config files by using the oslo generator. The files are generated with a .sample extension and replace the static example configuration files. Once the generation code is delivered, the static config files will be removed. Change-Id: Icef8f7e8f0e8e78bfffa7a5af3f9f2300376b115 Related-blueprint: autogen-neutron-conf-file Partial-bug: #1199963 Depends-On: I4a6094b8218dfd320d05bfb1e3bc121e8930c551 --- lib/neutron-legacy | 6 ++++-- lib/neutron_plugins/services/vpn | 4 +++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index caf89e3d8c..0089a0d4cf 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -1079,8 +1079,10 @@ function _configure_neutron_fwaas { } function _configure_neutron_vpn { - if [ -f $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf ]; then - cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf $NEUTRON_CONF_DIR + # Uses oslo config generator to generate VPNaaS sample configuration files + (cd $NEUTRON_VPNAAS_DIR && exec ./tools/generate_config_file_samples.sh) + if [ -f $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf.sample ]; then + cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf.sample $NEUTRON_CONF_DIR/neutron_vpnaas.conf fi neutron_vpn_install_agent_packages neutron_vpn_configure_common diff --git a/lib/neutron_plugins/services/vpn b/lib/neutron_plugins/services/vpn index 8a379f588c..e790913847 100644 --- a/lib/neutron_plugins/services/vpn +++ b/lib/neutron_plugins/services/vpn @@ -29,7 +29,9 @@ function neutron_vpn_configure_common { } function neutron_vpn_configure_agent { - cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini $Q_VPN_CONF_FILE + # Uses oslo config generator to generate LBaaS sample configuration files + (cd $NEUTRON_VPNAAS_DIR && exec ./tools/generate_config_file_samples.sh) + cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini.sample $Q_VPN_CONF_FILE if [[ "$IPSEC_PACKAGE" == "strongswan" ]]; then iniset_multiline $Q_VPN_CONF_FILE vpnagent vpn_device_driver neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver if is_fedora; then From 97b9e970b27f2303b8404aaa31a9f2e7d51ee787 Mon Sep 17 00:00:00 2001 From: Dave Chen Date: Tue, 15 Dec 2015 03:33:48 +0800 Subject: [PATCH 0127/2409] Remove the support for keystone extensions All keystone extensions have been moved into cores and are enabled by default, there is no need to configure the extension in devstack but configure it in devstack will block the install process. Change-Id: I7d21b122c641f601295ee7ece3583404b3874dbd Closes-Bug: #1526033 --- lib/keystone | 33 --------------------------------- 1 file changed, 33 deletions(-) diff --git a/lib/keystone b/lib/keystone index 6b4118de0b..336ad12cbb 100644 --- a/lib/keystone +++ b/lib/keystone @@ -52,10 +52,6 @@ KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone} KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini} -# Set up additional extensions, such as oauth1, federation -# Example of KEYSTONE_EXTENSIONS=oauth1,federation -KEYSTONE_EXTENSIONS=${KEYSTONE_EXTENSIONS:-} - # Toggle for deploying Keystone under HTTPD + mod_wsgi KEYSTONE_USE_MOD_WSGI=${KEYSTONE_USE_MOD_WSGI:-${ENABLE_HTTPD_MOD_WSGI_SERVICES}} @@ -192,8 +188,6 @@ function configure_keystone { inidelete $KEYSTONE_PASTE_INI composite:admin \\/v2.0 fi - configure_keystone_extensions - # Rewrite stock ``keystone.conf`` if is_service_enabled ldap; then @@ -305,25 +299,6 @@ function configure_keystone { iniset $KEYSTONE_CONF fernet_tokens key_repository "$KEYSTONE_CONF_DIR/fernet-keys/" } -function configure_keystone_extensions { - # Add keystone extension into keystone v3 application pipeline - local extension_value - local api_v3 - local extension - local api_v3_extension - for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do - if [[ -z "${extension_value}" ]]; then - continue - fi - api_v3=$(iniget $KEYSTONE_PASTE_INI pipeline:api_v3 pipeline) - extension=$(echo $api_v3 | sed -ne "/${extension_value}/ p;" ) - if [[ -z $extension ]]; then - api_v3_extension=$(echo $api_v3 | sed -ne "s/service_v3/${extension_value}_extension service_v3/p;" ) - iniset $KEYSTONE_PASTE_INI pipeline:api_v3 pipeline "$api_v3_extension" - fi - done -} - # create_keystone_accounts() - Sets up common required keystone accounts # Tenant User Roles @@ -468,14 +443,6 @@ function init_keystone { # Initialize keystone database $KEYSTONE_BIN_DIR/keystone-manage db_sync - local extension_value - for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do - if [[ -z "${extension_value}" ]]; then - continue - fi - $KEYSTONE_BIN_DIR/keystone-manage db_sync --extension "${extension_value}" - done - if [[ "$KEYSTONE_TOKEN_FORMAT" == "pki" || "$KEYSTONE_TOKEN_FORMAT" == "pkiz" ]]; then # Set up certificates rm -rf $KEYSTONE_CONF_DIR/ssl From 43f62c08499de004a964c3a2f90ce400a0f932ad Mon Sep 17 00:00:00 2001 From: Akihiro Motoki Date: Tue, 15 Dec 2015 16:44:41 +0900 Subject: [PATCH 0128/2409] Move horizon config and start to appropriate phase in stack.sh Previously horizon configuration and start are done too early and as a result horizon init and start need to be run twice after horizon plugins are enabled. - horizon config was done before "run_phase stack install" - horizon init and start were done before "run_phase stack post-config" This commit rearrange horizon setup to the appropriate phases defined in the devstack plugin interface. - Configuration of horizon settings is moved to configure_horizon. - horizon config is now called between run_phase stack install and post-config. - horizon init and start are now called between run_phase stack post-config and extra. Change-Id: I8bf2ceaf7734c4f7cec68bc05d7cdbae81ef311e --- lib/horizon | 8 +++++--- stack.sh | 14 ++++++++------ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/lib/horizon b/lib/horizon index 67181fcf29..dca31116e2 100644 --- a/lib/horizon +++ b/lib/horizon @@ -83,10 +83,7 @@ function configure_horizon { # Message catalog compilation is handled by Django admin script, # so compiling them after the installation avoids Django installation twice. (cd $HORIZON_DIR; ./run_tests.sh -N --compilemessages) -} -# init_horizon() - Initialize databases, etc. -function init_horizon { # ``local_settings.py`` is used to override horizon default settings. local local_settings=$HORIZON_DIR/openstack_dashboard/local/local_settings.py cp $HORIZON_SETTINGS $local_settings @@ -113,6 +110,7 @@ function init_horizon { horizon_conf=$(apache_site_config_for horizon) # Configure apache to run horizon + # Set up the django horizon application to serve via apache/wsgi sudo sh -c "sed -e \" s,%USER%,$APACHE_USER,g; s,%GROUP%,$APACHE_GROUP,g; @@ -133,7 +131,10 @@ function init_horizon { exit_distro_not_supported "horizon apache configuration" fi enable_apache_site horizon +} +# init_horizon() - Initialize databases, etc. +function init_horizon { # Remove old log files that could mess with how DevStack detects whether Horizon # has been successfully started (see start_horizon() and functions::screen_it()) # and run_process @@ -147,6 +148,7 @@ function init_horizon { django_admin=django-admin.py fi + # These need to be run after horizon plugins are configured. DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin collectstatic --noinput DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin compress --force diff --git a/stack.sh b/stack.sh index 19d05c904a..e65d22f114 100755 --- a/stack.sh +++ b/stack.sh @@ -840,7 +840,6 @@ if is_service_enabled horizon; then install_django_openstack_auth # dashboard stack_install_service horizon - configure_horizon fi if is_service_enabled heat; then @@ -1060,12 +1059,9 @@ write_clouds_yaml # Horizon # ------- -# Set up the django horizon application to serve via apache/wsgi - if is_service_enabled horizon; then - echo_summary "Configuring and starting Horizon" - init_horizon - start_horizon + echo_summary "Configuring Horizon" + configure_horizon fi @@ -1290,6 +1286,12 @@ if is_service_enabled heat; then fi fi +if is_service_enabled horizon; then + echo_summary "Starting Horizon" + init_horizon + start_horizon +fi + # Create account rc files # ======================= From 563a7e75b7d26275a7416eb4d6641fcfe867b45a Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Tue, 15 Dec 2015 17:16:19 -0500 Subject: [PATCH 0129/2409] set the validation path to fixed for n-net See if using fixed IPs for connectivity to hosts is more reliable than floating ips, which really were not intended for these purposes (at least in nova-net). Change-Id: I251710ee9186a68bb3ddc58ca803c33b81c8ac49 --- lib/tempest | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/tempest b/lib/tempest index 6adc449ad0..e651dc30ed 100644 --- a/lib/tempest +++ b/lib/tempest @@ -329,6 +329,9 @@ function configure_tempest { iniset $TEMPEST_CONFIG compute flavor_ref $flavor_ref iniset $TEMPEST_CONFIG compute flavor_ref_alt $flavor_ref_alt iniset $TEMPEST_CONFIG compute ssh_connect_method $ssh_connect_method + # set the equiv validation option here as well to ensure they are + # in sync. They shouldn't be separate options. + iniset $TEMPEST_CONFIG validation connect_method $ssh_connect_method if [[ ! $(is_service_enabled n-cell) && ! $(is_service_enabled neutron) ]]; then iniset $TEMPEST_CONFIG compute fixed_network_name $PRIVATE_NETWORK_NAME fi From 2ca8af45a78226f29c3251cbef6449a0a51a4c1f Mon Sep 17 00:00:00 2001 From: Atsushi SAKAI Date: Tue, 8 Dec 2015 15:36:13 +0900 Subject: [PATCH 0130/2409] Add 5 time measurement points run_process process starting time test_with_retry process starting time (for neutron legacy) restart_apache_server Apache HTTPD restart time wait_for_service HTTP server waiting time git_timed git command execution time example ======================== DevStack Components Timed ======================== run_process - 52 secs test_with_retry - 3 secs apt-get-update - 8 secs pip_install - 76 secs restart_apache_server - 9 secs wait_for_service - 11 secs git_timed - 127 secs apt-get - 15 secs Change-Id: I66140726617450cd9fe9b702092cacf053a20065 --- functions | 2 ++ functions-common | 6 ++++++ lib/apache | 2 ++ 3 files changed, 10 insertions(+) diff --git a/functions b/functions index 762fc472c2..9495710e92 100644 --- a/functions +++ b/functions @@ -357,7 +357,9 @@ CURL_GET="${CURL_GET:-curl -g}" function wait_for_service { local timeout=$1 local url=$2 + time_start "wait_for_service" timeout $timeout sh -c "while ! $CURL_GET -k --noproxy '*' -s $url >/dev/null; do sleep 1; done" + time_stop "wait_for_service" } diff --git a/functions-common b/functions-common index 1b01eefaf9..023203d1fc 100644 --- a/functions-common +++ b/functions-common @@ -597,6 +597,7 @@ function git_timed { timeout=${GIT_TIMEOUT} fi + time_start "git_timed" until timeout -s SIGINT ${timeout} git "$@"; do # 124 is timeout(1)'s special return code when it reached the # timeout; otherwise assume fatal failure @@ -611,6 +612,7 @@ function git_timed { fi sleep 5 done + time_stop "git_timed" } # git update using reference as a branch. @@ -1373,6 +1375,7 @@ function run_process { local command="$2" local group=$3 + time_start "run_process" if is_service_enabled $service; then if [[ "$USE_SCREEN" = "True" ]]; then screen_process "$service" "$command" "$group" @@ -1381,6 +1384,7 @@ function run_process { _run_process "$service" "$command" "$group" & fi fi + time_stop "run_process" } # Helper to launch a process in a named screen @@ -2196,9 +2200,11 @@ function test_with_retry { local until=${3:-10} local sleep=${4:-0.5} + time_start "test_with_retry" if ! timeout $until sh -c "while ! $testcmd; do sleep $sleep; done"; then die $LINENO "$failmsg" fi + time_stop "test_with_retry" } # Timing infrastructure - figure out where large blocks of time are diff --git a/lib/apache b/lib/apache index c9e02a2b58..2c84c7a481 100644 --- a/lib/apache +++ b/lib/apache @@ -185,9 +185,11 @@ function restart_apache_server { # Apache can be slow to stop, doing an explicit stop, sleep, start helps # to mitigate issues where apache will claim a port it's listening on is # still in use and fail to start. + time_start "restart_apache_server" stop_service $APACHE_NAME sleep 3 start_service $APACHE_NAME + time_stop "restart_apache_server" } # Restore xtrace From 00b5f4af92a640a2507046cf76ee57caa166310b Mon Sep 17 00:00:00 2001 From: Mike Turek Date: Tue, 15 Dec 2015 18:16:35 +0000 Subject: [PATCH 0131/2409] Replace deprecated baremetal timeouts with new deploy_timeout See review 258670 for more information. The preceeding patch consolidates Ironic timeouts into one blanket timeout. This patch sets the new timeout via the BUILD_TIMEOUT variable and removes the deprecated timeouts. Change-Id: I320461b2b40aa2b68afc38a901a5933e39aac1b6 Related-Bug: #1526863 --- lib/tempest | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/tempest b/lib/tempest index 61351c0628..b9d9e80fc2 100644 --- a/lib/tempest +++ b/lib/tempest @@ -533,8 +533,7 @@ function configure_tempest { # Baremetal if [ "$VIRT_DRIVER" = "ironic" ] ; then iniset $TEMPEST_CONFIG baremetal driver_enabled True - iniset $TEMPEST_CONFIG baremetal unprovision_timeout $BUILD_TIMEOUT - iniset $TEMPEST_CONFIG baremetal active_timeout $BUILD_TIMEOUT + iniset $TEMPEST_CONFIG baremetal deploy_timeout $BUILD_TIMEOUT iniset $TEMPEST_CONFIG baremetal deploy_img_dir $FILES iniset $TEMPEST_CONFIG baremetal node_uuid $IRONIC_NODE_UUID iniset $TEMPEST_CONFIG compute-feature-enabled change_password False From 168be83597dcfc38b6d552ecbf20b5093580e2cb Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Thu, 8 Oct 2015 07:57:44 -0700 Subject: [PATCH 0132/2409] Nuke EC2 API service in defaults Tempest does not test EC2 by default anymore: Ib5e24e19bcba9808a9f49fe7f328668df77fe4f9 So we don't need to run nova ec2 API service by default. Change-Id: Ieec0ca1361baf0978d96e69e1134f699c1af3bb9 --- stackrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackrc b/stackrc index f949ccbad9..edf23ce997 100644 --- a/stackrc +++ b/stackrc @@ -91,7 +91,7 @@ fi ENABLE_HTTPD_MOD_WSGI_SERVICES=True # Set the default Nova APIs to enable -NOVA_ENABLED_APIS=ec2,osapi_compute,metadata +NOVA_ENABLED_APIS=osapi_compute,metadata # Set the root URL for Horizon HORIZON_APACHE_ROOT="/dashboard" From 47115b0314bcb9006d674fb0c7da6ac6eb94de29 Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Fri, 18 Dec 2015 11:08:38 +0000 Subject: [PATCH 0133/2409] Neutron VPNaaS: Set default service provider Default value needs to be set for service_provider config item in neutron_vpnaas.conf. This is to support backward compatability for using the enable_service q-vpn. It should be noted that the recommended way to use VPN is the devstack plugin. Change-Id: I0d5960c81c47a138087d480527eff2a8eef59445 Closes-bug: #1527483 --- lib/neutron-legacy | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index e0c4676297..6af44e6ab8 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -115,6 +115,9 @@ export NEUTRON_TEST_CONFIG_FILE=${NEUTRON_TEST_CONFIG_FILE:-"$NEUTRON_CONF_DIR/d # Default provider for load balancer service DEFAULT_LB_PROVIDER=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default +# Default provider for VPN service +DEFAULT_VPN_PROVIDER=VPN:openswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default + # Agent binaries. Note, binary paths for other agents are set in per-service # scripts in lib/neutron_plugins/services/ AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent" @@ -1092,6 +1095,7 @@ function _configure_neutron_vpn { (cd $NEUTRON_VPNAAS_DIR && exec ./tools/generate_config_file_samples.sh) if [ -f $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf.sample ]; then cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf.sample $NEUTRON_CONF_DIR/neutron_vpnaas.conf + iniset $NEUTRON_CONF_DIR/neutron_vpnaas.conf service_providers service_provider $DEFAULT_VPN_PROVIDER fi neutron_vpn_install_agent_packages neutron_vpn_configure_common From 47367071cdc110c40ec5c92d12f4dbe50cc553d4 Mon Sep 17 00:00:00 2001 From: Jim Rollenhagen Date: Thu, 10 Dec 2015 14:24:00 +0000 Subject: [PATCH 0134/2409] Remove ironic code from tree This removes all of the ironic code from the devstack tree, in favor of the devstack plugin in Ironic's tree. Depends-On: I659e3de5c64df798441798ff48ba5c9c0506585a Depends-On: I2c52bc014f1b0dbc6b0ae22a4deb4132b4c28621 Change-Id: I5125fce295c79600781469c2f48bea80e7600081 --- clean.sh | 1 - doc/source/index.rst | 2 - doc/source/plugin-registry.rst | 2 + extras.d/50-ironic.sh | 50 -- files/apache-ironic.template | 12 - files/debs/ironic | 19 - files/rpms/ironic | 14 - functions-common | 12 +- lib/ironic | 874 ------------------- stackrc | 8 +- tools/ironic/scripts/cleanup-node | 25 - tools/ironic/scripts/configure-vm | 93 -- tools/ironic/scripts/create-node | 79 -- tools/ironic/scripts/setup-network | 28 - tools/ironic/templates/brbm.xml | 6 - tools/ironic/templates/tftpd-xinetd.template | 14 - tools/ironic/templates/vm.xml | 49 -- 17 files changed, 16 insertions(+), 1272 deletions(-) delete mode 100644 extras.d/50-ironic.sh delete mode 100644 files/apache-ironic.template delete mode 100644 files/debs/ironic delete mode 100644 files/rpms/ironic delete mode 100644 lib/ironic delete mode 100755 tools/ironic/scripts/cleanup-node delete mode 100755 tools/ironic/scripts/configure-vm delete mode 100755 tools/ironic/scripts/create-node delete mode 100755 tools/ironic/scripts/setup-network delete mode 100644 tools/ironic/templates/brbm.xml delete mode 100644 tools/ironic/templates/tftpd-xinetd.template delete mode 100644 tools/ironic/templates/vm.xml diff --git a/clean.sh b/clean.sh index ae28aa9ab7..fc6f80dad4 100755 --- a/clean.sh +++ b/clean.sh @@ -50,7 +50,6 @@ source $TOP_DIR/lib/cinder source $TOP_DIR/lib/swift source $TOP_DIR/lib/heat source $TOP_DIR/lib/neutron-legacy -source $TOP_DIR/lib/ironic # Extras Source diff --git a/doc/source/index.rst b/doc/source/index.rst index ec345c9f64..2622436820 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -174,7 +174,6 @@ Scripts * `lib/heat `__ * `lib/horizon `__ * `lib/infra `__ -* `lib/ironic `__ * `lib/keystone `__ * `lib/ldap `__ * `lib/neutron-legacy `__ @@ -189,7 +188,6 @@ Scripts * `clean.sh `__ * `run\_tests.sh `__ -* `extras.d/50-ironic.sh `__ * `extras.d/60-ceph.sh `__ * `extras.d/70-tuskar.sh `__ * `extras.d/80-tempest.sh `__ diff --git a/doc/source/plugin-registry.rst b/doc/source/plugin-registry.rst index c68d926822..7682defbed 100644 --- a/doc/source/plugin-registry.rst +++ b/doc/source/plugin-registry.rst @@ -30,6 +30,8 @@ The following are plugins that exist for official OpenStack projects. +------------------+---------------------------------------------+--------------------+ |gnocchi |git://git.openstack.org/openstack/gnocchi | metric | +------------------+---------------------------------------------+--------------------+ +|ironic |git://git.openstack.org/openstack/ironic | baremetal | ++------------------+---------------------------------------------+--------------------+ |magnum |git://git.openstack.org/openstack/magnum | | +------------------+---------------------------------------------+--------------------+ |manila |git://git.openstack.org/openstack/manila | file shares | diff --git a/extras.d/50-ironic.sh b/extras.d/50-ironic.sh deleted file mode 100644 index 0ee6a94758..0000000000 --- a/extras.d/50-ironic.sh +++ /dev/null @@ -1,50 +0,0 @@ -# ironic.sh - Devstack extras script to install ironic - -# NOTE(jroll) this is used for the transition to a devstack plugin in -# the ironic tree. -IRONIC_USING_PLUGIN=$(trueorfalse False IRONIC_USING_PLUGIN) -if [[ "$IRONIC_USING_PLUGIN" == "True" ]] ; then - return 0 -fi - -if is_service_enabled ir-api ir-cond; then - if [[ "$1" == "source" ]]; then - # Initial source - source $TOP_DIR/lib/ironic - elif [[ "$1" == "stack" && "$2" == "install" ]]; then - echo_summary "Installing Ironic" - install_ironic - install_ironicclient - cleanup_ironic - elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then - echo_summary "Configuring Ironic" - configure_ironic - - if is_service_enabled key; then - create_ironic_accounts - fi - - elif [[ "$1" == "stack" && "$2" == "extra" ]]; then - # Initialize ironic - init_ironic - - # Start the ironic API and ironic taskmgr components - echo_summary "Starting Ironic" - start_ironic - - if [[ "$IRONIC_BAREMETAL_BASIC_OPS" = "True" ]]; then - prepare_baremetal_basic_ops - fi - fi - - if [[ "$1" == "unstack" ]]; then - stop_ironic - if [[ "$IRONIC_BAREMETAL_BASIC_OPS" = "True" ]]; then - cleanup_baremetal_basic_ops - fi - fi - - if [[ "$1" == "clean" ]]; then - cleanup_ironic - fi -fi diff --git a/files/apache-ironic.template b/files/apache-ironic.template deleted file mode 100644 index 88641946f6..0000000000 --- a/files/apache-ironic.template +++ /dev/null @@ -1,12 +0,0 @@ -Listen %PUBLICPORT% - - - DocumentRoot "%HTTPROOT%" - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - Require all granted - - diff --git a/files/debs/ironic b/files/debs/ironic deleted file mode 100644 index 4d5a6aa6b7..0000000000 --- a/files/debs/ironic +++ /dev/null @@ -1,19 +0,0 @@ -docker.io -ipmitool -iptables -ipxe -libguestfs0 -libvirt-bin -open-iscsi -openssh-client -openvswitch-datapath-dkms -openvswitch-switch -python-libguestfs -python-libvirt -qemu -qemu-kvm -qemu-utils -sgabios -syslinux -tftpd-hpa -xinetd diff --git a/files/rpms/ironic b/files/rpms/ironic deleted file mode 100644 index 2bf8bb370e..0000000000 --- a/files/rpms/ironic +++ /dev/null @@ -1,14 +0,0 @@ -docker-io -ipmitool -iptables -ipxe-bootimgs -libguestfs -libvirt -libvirt-python -net-tools -openssh-clients -openvswitch -sgabios -syslinux -tftp-server -xinetd diff --git a/functions-common b/functions-common index 1b01eefaf9..c3eef469d3 100644 --- a/functions-common +++ b/functions-common @@ -954,6 +954,15 @@ function get_endpoint_url { -c URL -f value) } +# check if we are using ironic with hardware +# TODO(jroll) this is a kludge left behind when ripping ironic code +# out of tree, as it is used by nova and neutron. +# figure out a way to refactor nova/neutron code to eliminate this +function is_ironic_hardware { + is_service_enabled ironic && [[ -n "${IRONIC_DEPLOY_DRIVER##*_ssh}" ]] && return 0 + return 1 +} + # Package Functions # ================= @@ -1764,7 +1773,7 @@ function run_phase { # white listed elements in tree. We want these to move out # over time as well, but they are in tree, so we need to # manage that. - local exceptions="50-ironic.sh 60-ceph.sh 80-tempest.sh" + local exceptions="60-ceph.sh 80-tempest.sh" local extra extra=$(basename $extra_plugin_file_name) if [[ ! ( $exceptions =~ "$extra" ) ]]; then @@ -1952,7 +1961,6 @@ function is_service_enabled { [[ ${service} == n-cpu-* && ${ENABLED_SERVICES} =~ "n-cpu" ]] && enabled=0 [[ ${service} == "nova" && ${ENABLED_SERVICES} =~ "n-" ]] && enabled=0 [[ ${service} == "glance" && ${ENABLED_SERVICES} =~ "g-" ]] && enabled=0 - [[ ${service} == "ironic" && ${ENABLED_SERVICES} =~ "ir-" ]] && enabled=0 [[ ${service} == "neutron" && ${ENABLED_SERVICES} =~ "q-" ]] && enabled=0 [[ ${service} == "trove" && ${ENABLED_SERVICES} =~ "tr-" ]] && enabled=0 [[ ${service} == "swift" && ${ENABLED_SERVICES} =~ "s-" ]] && enabled=0 diff --git a/lib/ironic b/lib/ironic deleted file mode 100644 index dd4f8bf65f..0000000000 --- a/lib/ironic +++ /dev/null @@ -1,874 +0,0 @@ -#!/bin/bash -# -# lib/ironic -# Functions to control the configuration and operation of the **Ironic** service - -# Dependencies: -# -# - ``functions`` file -# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined -# - ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined -# - ``SERVICE_HOST`` -# - ``KEYSTONE_TOKEN_FORMAT`` must be defined - -# ``stack.sh`` calls the entry points in this order: -# -# - install_ironic -# - install_ironicclient -# - init_ironic -# - start_ironic -# - stop_ironic -# - cleanup_ironic - -# Save trace and pipefail settings -_XTRACE_IRONIC=$(set +o | grep xtrace) -_PIPEFAIL_IRONIC=$(set +o | grep pipefail) -set +o xtrace -set +o pipefail - -# NOTE(jroll) this is used for the transition to a devstack plugin in -# the ironic tree. -IRONIC_USING_PLUGIN=$(trueorfalse False IRONIC_USING_PLUGIN) -if [[ "$IRONIC_USING_PLUGIN" == "True" ]] ; then - return 0 -fi - -# Defaults -# -------- - -# Set up default directories -GITDIR["python-ironicclient"]=$DEST/python-ironicclient -GITDIR["ironic-lib"]=$DEST/ironic-lib - -IRONIC_DIR=$DEST/ironic -IRONIC_PYTHON_AGENT_DIR=$DEST/ironic-python-agent -IRONIC_DATA_DIR=$DATA_DIR/ironic -IRONIC_STATE_PATH=/var/lib/ironic -IRONIC_AUTH_CACHE_DIR=${IRONIC_AUTH_CACHE_DIR:-/var/cache/ironic} -IRONIC_CONF_DIR=${IRONIC_CONF_DIR:-/etc/ironic} -IRONIC_CONF_FILE=$IRONIC_CONF_DIR/ironic.conf -IRONIC_ROOTWRAP_CONF=$IRONIC_CONF_DIR/rootwrap.conf -IRONIC_POLICY_JSON=$IRONIC_CONF_DIR/policy.json - -# Deploy callback timeout can be changed from its default (1800), if required. -IRONIC_CALLBACK_TIMEOUT=${IRONIC_CALLBACK_TIMEOUT:-} - -# Deploy to hardware platform -IRONIC_HW_NODE_CPU=${IRONIC_HW_NODE_CPU:-1} -IRONIC_HW_NODE_RAM=${IRONIC_HW_NODE_RAM:-512} -IRONIC_HW_NODE_DISK=${IRONIC_HW_NODE_DISK:-10} -IRONIC_HW_EPHEMERAL_DISK=${IRONIC_HW_EPHEMERAL_DISK:-0} -# The file is composed of multiple lines, each line includes four field -# separated by white space: IPMI address, MAC address, IPMI username -# and IPMI password. -# -# 192.168.110.107 00:1e:67:57:50:4c root otc123 -IRONIC_IPMIINFO_FILE=${IRONIC_IPMIINFO_FILE:-$IRONIC_DATA_DIR/hardware_info} - -# Set up defaults for functional / integration testing -IRONIC_NODE_UUID=${IRONIC_NODE_UUID:-`uuidgen`} -IRONIC_SCRIPTS_DIR=${IRONIC_SCRIPTS_DIR:-$TOP_DIR/tools/ironic/scripts} -IRONIC_TEMPLATES_DIR=${IRONIC_TEMPLATES_DIR:-$TOP_DIR/tools/ironic/templates} -IRONIC_BAREMETAL_BASIC_OPS=$(trueorfalse False IRONIC_BAREMETAL_BASIC_OPS) -IRONIC_ENABLED_DRIVERS=${IRONIC_ENABLED_DRIVERS:-fake,pxe_ssh,pxe_ipmitool} -IRONIC_SSH_USERNAME=${IRONIC_SSH_USERNAME:-`whoami`} -IRONIC_SSH_TIMEOUT=${IRONIC_SSH_TIMEOUT:-15} -IRONIC_SSH_KEY_DIR=${IRONIC_SSH_KEY_DIR:-$IRONIC_DATA_DIR/ssh_keys} -IRONIC_SSH_KEY_FILENAME=${IRONIC_SSH_KEY_FILENAME:-ironic_key} -IRONIC_KEY_FILE=${IRONIC_KEY_FILE:-$IRONIC_SSH_KEY_DIR/$IRONIC_SSH_KEY_FILENAME} -IRONIC_SSH_VIRT_TYPE=${IRONIC_SSH_VIRT_TYPE:-virsh} -IRONIC_TFTPBOOT_DIR=${IRONIC_TFTPBOOT_DIR:-$IRONIC_DATA_DIR/tftpboot} -IRONIC_TFTPSERVER_IP=${IRONIC_TFTPSERVER_IP:-$HOST_IP} -IRONIC_VM_SSH_PORT=${IRONIC_VM_SSH_PORT:-22} -IRONIC_VM_SSH_ADDRESS=${IRONIC_VM_SSH_ADDRESS:-$HOST_IP} -IRONIC_VM_COUNT=${IRONIC_VM_COUNT:-1} -IRONIC_VM_SPECS_CPU=${IRONIC_VM_SPECS_CPU:-1} -IRONIC_VM_SPECS_RAM=${IRONIC_VM_SPECS_RAM:-512} -IRONIC_VM_SPECS_DISK=${IRONIC_VM_SPECS_DISK:-10} -IRONIC_VM_EPHEMERAL_DISK=${IRONIC_VM_EPHEMERAL_DISK:-0} -IRONIC_VM_EMULATOR=${IRONIC_VM_EMULATOR:-/usr/bin/qemu-system-x86_64} -IRONIC_VM_NETWORK_BRIDGE=${IRONIC_VM_NETWORK_BRIDGE:-brbm} -IRONIC_VM_NETWORK_RANGE=${IRONIC_VM_NETWORK_RANGE:-192.0.2.0/24} -IRONIC_VM_MACS_CSV_FILE=${IRONIC_VM_MACS_CSV_FILE:-$IRONIC_DATA_DIR/ironic_macs.csv} -IRONIC_AUTHORIZED_KEYS_FILE=${IRONIC_AUTHORIZED_KEYS_FILE:-$HOME/.ssh/authorized_keys} - -# By default, baremetal VMs will console output to file. -IRONIC_VM_LOG_CONSOLE=${IRONIC_VM_LOG_CONSOLE:-True} -IRONIC_VM_LOG_DIR=${IRONIC_VM_LOG_DIR:-$IRONIC_DATA_DIR/logs/} - -# Use DIB to create deploy ramdisk and kernel. -IRONIC_BUILD_DEPLOY_RAMDISK=$(trueorfalse True IRONIC_BUILD_DEPLOY_RAMDISK) -# If not use DIB, these files are used as deploy ramdisk/kernel. -# (The value must be an absolute path) -IRONIC_DEPLOY_RAMDISK=${IRONIC_DEPLOY_RAMDISK:-} -IRONIC_DEPLOY_KERNEL=${IRONIC_DEPLOY_KERNEL:-} -IRONIC_DEPLOY_ELEMENT=${IRONIC_DEPLOY_ELEMENT:-deploy-ironic} - -IRONIC_AGENT_KERNEL_URL=${IRONIC_AGENT_KERNEL_URL:-http://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe.vmlinuz} -IRONIC_AGENT_RAMDISK_URL=${IRONIC_AGENT_RAMDISK_URL:-http://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe_image-oem.cpio.gz} - -# Which deploy driver to use - valid choices right now -# are ``pxe_ssh``, ``pxe_ipmitool``, ``agent_ssh`` and ``agent_ipmitool``. -IRONIC_DEPLOY_DRIVER=${IRONIC_DEPLOY_DRIVER:-pxe_ssh} - -# TODO(agordeev): replace 'ubuntu' with host distro name getting -IRONIC_DEPLOY_FLAVOR=${IRONIC_DEPLOY_FLAVOR:-ubuntu $IRONIC_DEPLOY_ELEMENT} - -# Support entry points installation of console scripts -IRONIC_BIN_DIR=$(get_python_exec_prefix) - -# Ironic connection info. Note the port must be specified. -IRONIC_SERVICE_PROTOCOL=http -IRONIC_SERVICE_PORT=${IRONIC_SERVICE_PORT:-6385} -IRONIC_HOSTPORT=${IRONIC_HOSTPORT:-$SERVICE_HOST:$IRONIC_SERVICE_PORT} - -# Enable iPXE -IRONIC_IPXE_ENABLED=$(trueorfalse False IRONIC_IPXE_ENABLED) -IRONIC_HTTP_DIR=${IRONIC_HTTP_DIR:-$IRONIC_DATA_DIR/httpboot} -IRONIC_HTTP_SERVER=${IRONIC_HTTP_SERVER:-$HOST_IP} -IRONIC_HTTP_PORT=${IRONIC_HTTP_PORT:-8088} - -# NOTE(lucasagomes): This flag is used to differentiate the nodes that -# uses IPA as their deploy ramdisk from nodes that uses the agent_* drivers -# (which also uses IPA but depends on Swift Temp URLs to work). At present, -# all drivers that uses the iSCSI approach for their deployment supports -# using both, IPA or bash ramdisks for the deployment. In the future we -# want to remove the support for the bash ramdisk in favor of IPA, once -# we get there this flag can be removed, and all conditionals that uses -# it should just run by default. -IRONIC_DEPLOY_DRIVER_ISCSI_WITH_IPA=$(trueorfalse False IRONIC_DEPLOY_DRIVER_ISCSI_WITH_IPA) - -# get_pxe_boot_file() - Get the PXE/iPXE boot file path -function get_pxe_boot_file { - local relpath=syslinux/pxelinux.0 - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - relpath=ipxe/undionly.kpxe - fi - - local pxe_boot_file - if is_ubuntu; then - pxe_boot_file=/usr/lib/$relpath - elif is_fedora || is_suse; then - pxe_boot_file=/usr/share/$relpath - fi - - echo $pxe_boot_file -} - -# PXE boot image -IRONIC_PXE_BOOT_IMAGE=${IRONIC_PXE_BOOT_IMAGE:-$(get_pxe_boot_file)} - - -# Functions -# --------- - -# Test if any Ironic services are enabled -# is_ironic_enabled -function is_ironic_enabled { - [[ ,${ENABLED_SERVICES} =~ ,"ir-" ]] && return 0 - return 1 -} - -function is_ironic_hardware { - is_ironic_enabled && [[ -n "${IRONIC_DEPLOY_DRIVER##*_ssh}" ]] && return 0 - return 1 -} - -function is_deployed_by_agent { - [[ -z "${IRONIC_DEPLOY_DRIVER%%agent*}" ]] && return 0 - return 1 -} - -function is_deployed_with_ipa_ramdisk { - is_deployed_by_agent || [[ "$IRONIC_DEPLOY_DRIVER_ISCSI_WITH_IPA" == "True" ]] && return 0 - return 1 -} - -# install_ironic() - Collect source and prepare -function install_ironic { - # make sure all needed service were enabled - local req_services="key" - if [[ "$VIRT_DRIVER" == "ironic" ]]; then - req_services+=" nova glance neutron" - fi - for srv in $req_services; do - if ! is_service_enabled "$srv"; then - die $LINENO "$srv should be enabled for Ironic." - fi - done - - if use_library_from_git "ironic-lib"; then - git_clone_by_name "ironic-lib" - setup_dev_lib "ironic-lib" - fi - - git_clone $IRONIC_REPO $IRONIC_DIR $IRONIC_BRANCH - setup_develop $IRONIC_DIR - - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - install_apache_wsgi - fi -} - -# install_ironicclient() - Collect sources and prepare -function install_ironicclient { - if use_library_from_git "python-ironicclient"; then - git_clone_by_name "python-ironicclient" - setup_dev_lib "python-ironicclient" - sudo install -D -m 0644 -o $STACK_USER {${GITDIR["python-ironicclient"]}/tools/,/etc/bash_completion.d/}ironic.bash_completion - else - # nothing actually "requires" ironicclient, so force instally from pypi - pip_install_gr python-ironicclient - fi -} - -# _cleanup_ironic_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file -function _cleanup_ironic_apache_wsgi { - sudo rm -rf $IRONIC_HTTP_DIR - disable_apache_site ironic - sudo rm -f $(apache_site_config_for ironic) - restart_apache_server -} - -# _config_ironic_apache_wsgi() - Set WSGI config files of Ironic -function _config_ironic_apache_wsgi { - local ironic_apache_conf - ironic_apache_conf=$(apache_site_config_for ironic) - sudo cp $FILES/apache-ironic.template $ironic_apache_conf - sudo sed -e " - s|%PUBLICPORT%|$IRONIC_HTTP_PORT|g; - s|%HTTPROOT%|$IRONIC_HTTP_DIR|g; - " -i $ironic_apache_conf - enable_apache_site ironic -} - -# cleanup_ironic() - Remove residual data files, anything left over from previous -# runs that would need to clean up. -function cleanup_ironic { - sudo rm -rf $IRONIC_AUTH_CACHE_DIR $IRONIC_CONF_DIR -} - -# configure_ironic_dirs() - Create all directories required by Ironic and -# associated services. -function configure_ironic_dirs { - sudo install -d -o $STACK_USER $IRONIC_CONF_DIR $STACK_USER $IRONIC_DATA_DIR \ - $IRONIC_STATE_PATH $IRONIC_TFTPBOOT_DIR $IRONIC_TFTPBOOT_DIR/pxelinux.cfg - sudo chown -R $STACK_USER:$LIBVIRT_GROUP $IRONIC_TFTPBOOT_DIR - - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - sudo install -d -o $STACK_USER -g $LIBVIRT_GROUP $IRONIC_HTTP_DIR - fi - - if [ ! -f $IRONIC_PXE_BOOT_IMAGE ]; then - die $LINENO "PXE boot file $IRONIC_PXE_BOOT_IMAGE not found." - fi - - # Copy PXE binary - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - cp $IRONIC_PXE_BOOT_IMAGE $IRONIC_TFTPBOOT_DIR - else - # Syslinux >= 5.00 pxelinux.0 binary is not "stand-alone" anymore, - # it depends on some c32 modules to work correctly. - # More info: http://www.syslinux.org/wiki/index.php/Library_modules - cp -aR $(dirname $IRONIC_PXE_BOOT_IMAGE)/*.{c32,0} $IRONIC_TFTPBOOT_DIR - fi -} - -# configure_ironic() - Set config files, create data dirs, etc -function configure_ironic { - configure_ironic_dirs - - # Copy over ironic configuration file and configure common parameters. - cp $IRONIC_DIR/etc/ironic/ironic.conf.sample $IRONIC_CONF_FILE - iniset $IRONIC_CONF_FILE DEFAULT debug True - inicomment $IRONIC_CONF_FILE DEFAULT log_file - iniset $IRONIC_CONF_FILE database connection `database_connection_url ironic` - iniset $IRONIC_CONF_FILE DEFAULT state_path $IRONIC_STATE_PATH - iniset $IRONIC_CONF_FILE DEFAULT use_syslog $SYSLOG - # Configure Ironic conductor, if it was enabled. - if is_service_enabled ir-cond; then - configure_ironic_conductor - fi - - # Configure Ironic API, if it was enabled. - if is_service_enabled ir-api; then - configure_ironic_api - fi - - # Format logging - if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then - setup_colorized_logging $IRONIC_CONF_FILE DEFAULT tenant user - fi - - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]]; then - _config_ironic_apache_wsgi - fi -} - -# configure_ironic_api() - Is used by configure_ironic(). Performs -# API specific configuration. -function configure_ironic_api { - iniset $IRONIC_CONF_FILE DEFAULT auth_strategy keystone - iniset $IRONIC_CONF_FILE oslo_policy policy_file $IRONIC_POLICY_JSON - - # TODO(Yuki Nishiwaki): This is a temporary work-around until Ironic is fixed(bug#1422632). - # These codes need to be changed to use the function of configure_auth_token_middleware - # after Ironic conforms to the new auth plugin. - iniset $IRONIC_CONF_FILE keystone_authtoken identity_uri $KEYSTONE_AUTH_URI - iniset $IRONIC_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0 - iniset $IRONIC_CONF_FILE keystone_authtoken admin_user ironic - iniset $IRONIC_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD - iniset $IRONIC_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME - iniset $IRONIC_CONF_FILE keystone_authtoken cafile $SSL_BUNDLE_FILE - iniset $IRONIC_CONF_FILE keystone_authtoken signing_dir $IRONIC_AUTH_CACHE_DIR/api - - iniset_rpc_backend ironic $IRONIC_CONF_FILE - iniset $IRONIC_CONF_FILE api port $IRONIC_SERVICE_PORT - - cp -p $IRONIC_DIR/etc/ironic/policy.json $IRONIC_POLICY_JSON -} - -# configure_ironic_conductor() - Is used by configure_ironic(). -# Sets conductor specific settings. -function configure_ironic_conductor { - cp $IRONIC_DIR/etc/ironic/rootwrap.conf $IRONIC_ROOTWRAP_CONF - cp -r $IRONIC_DIR/etc/ironic/rootwrap.d $IRONIC_CONF_DIR - local ironic_rootwrap - ironic_rootwrap=$(get_rootwrap_location ironic) - local rootwrap_isudoer_cmd="$ironic_rootwrap $IRONIC_CONF_DIR/rootwrap.conf *" - - # Set up the rootwrap sudoers for ironic - local tempfile - tempfile=`mktemp` - echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_isudoer_cmd" >$tempfile - chmod 0440 $tempfile - sudo chown root:root $tempfile - sudo mv $tempfile /etc/sudoers.d/ironic-rootwrap - - iniset $IRONIC_CONF_FILE DEFAULT rootwrap_config $IRONIC_ROOTWRAP_CONF - iniset $IRONIC_CONF_FILE DEFAULT enabled_drivers $IRONIC_ENABLED_DRIVERS - iniset $IRONIC_CONF_FILE conductor api_url $IRONIC_SERVICE_PROTOCOL://$HOST_IP:$IRONIC_SERVICE_PORT - if [[ -n "$IRONIC_CALLBACK_TIMEOUT" ]]; then - iniset $IRONIC_CONF_FILE conductor deploy_callback_timeout $IRONIC_CALLBACK_TIMEOUT - fi - iniset $IRONIC_CONF_FILE pxe tftp_server $IRONIC_TFTPSERVER_IP - iniset $IRONIC_CONF_FILE pxe tftp_root $IRONIC_TFTPBOOT_DIR - iniset $IRONIC_CONF_FILE pxe tftp_master_path $IRONIC_TFTPBOOT_DIR/master_images - - local pxe_params="" - if [[ "$IRONIC_VM_LOG_CONSOLE" == "True" ]] ; then - pxe_params+="nofb nomodeset vga=normal console=ttyS0" - if is_deployed_with_ipa_ramdisk; then - pxe_params+=" systemd.journald.forward_to_console=yes" - fi - fi - # When booting with less than 1GB, we need to switch from default tmpfs - # to ramfs for ramdisks to decompress successfully. - if (is_ironic_hardware && [[ "$IRONIC_HW_NODE_RAM" -lt 1024 ]]) || - (! is_ironic_hardware && [[ "$IRONIC_VM_SPECS_RAM" -lt 1024 ]]); then - pxe_params+=" rootfstype=ramfs" - fi - if [[ -n "$pxe_params" ]]; then - iniset $IRONIC_CONF_FILE pxe pxe_append_params "$pxe_params" - fi - - # Set these options for scenarios in which the agent fetches the image - # directly from glance, and don't set them where the image is pushed - # over iSCSI. - if is_deployed_by_agent; then - if [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]] ; then - iniset $IRONIC_CONF_FILE glance swift_temp_url_key $SWIFT_TEMPURL_KEY - else - die $LINENO "SWIFT_ENABLE_TEMPURLS must be True to use agent_ssh driver in Ironic." - fi - iniset $IRONIC_CONF_FILE glance swift_endpoint_url http://${HOST_IP}:${SWIFT_DEFAULT_BIND_PORT:-8080} - iniset $IRONIC_CONF_FILE glance swift_api_version v1 - local tenant_id - tenant_id=$(get_or_create_project $SERVICE_TENANT_NAME default) - iniset $IRONIC_CONF_FILE glance swift_account AUTH_${tenant_id} - iniset $IRONIC_CONF_FILE glance swift_container glance - iniset $IRONIC_CONF_FILE glance swift_temp_url_duration 3600 - iniset $IRONIC_CONF_FILE agent heartbeat_timeout 30 - fi - - # FIXME: this really needs to be tested in the gate. - # For now, any test using the agent ramdisk should skip cleaning - # because it is too slow to run in the gate. - iniset $IRONIC_CONF_FILE agent agent_erase_devices_priority 0 - - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - local pxebin - pxebin=`basename $IRONIC_PXE_BOOT_IMAGE` - iniset $IRONIC_CONF_FILE pxe ipxe_enabled True - iniset $IRONIC_CONF_FILE pxe pxe_config_template '\$pybasedir/drivers/modules/ipxe_config.template' - iniset $IRONIC_CONF_FILE pxe pxe_bootfile_name $pxebin - iniset $IRONIC_CONF_FILE pxe http_root $IRONIC_HTTP_DIR - iniset $IRONIC_CONF_FILE pxe http_url "http://$IRONIC_HTTP_SERVER:$IRONIC_HTTP_PORT" - fi -} - -# create_ironic_cache_dir() - Part of the init_ironic() process -function create_ironic_cache_dir { - # Create cache dir - sudo mkdir -p $IRONIC_AUTH_CACHE_DIR/api - sudo chown $STACK_USER $IRONIC_AUTH_CACHE_DIR/api - rm -f $IRONIC_AUTH_CACHE_DIR/api/* - sudo mkdir -p $IRONIC_AUTH_CACHE_DIR/registry - sudo chown $STACK_USER $IRONIC_AUTH_CACHE_DIR/registry - rm -f $IRONIC_AUTH_CACHE_DIR/registry/* -} - -# create_ironic_accounts() - Set up common required ironic accounts - -# Tenant User Roles -# ------------------------------------------------------------------ -# service ironic admin # if enabled -function create_ironic_accounts { - - # Ironic - if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then - # Get ironic user if exists - - # NOTE(Shrews): This user MUST have admin level privileges! - create_service_user "ironic" "admin" - - if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then - - get_or_create_service "ironic" "baremetal" "Ironic baremetal provisioning service" - get_or_create_endpoint "baremetal" \ - "$REGION_NAME" \ - "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ - "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \ - "$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" - fi - fi -} - - -# init_ironic() - Initialize databases, etc. -function init_ironic { - # Save private network as cleaning network - local cleaning_network_uuid - cleaning_network_uuid=$(neutron net-list | grep private | get_field 1) - iniset $IRONIC_CONF_FILE neutron cleaning_network_uuid ${cleaning_network_uuid} - - # (Re)create ironic database - recreate_database ironic - - # Migrate ironic database - $IRONIC_BIN_DIR/ironic-dbsync --config-file=$IRONIC_CONF_FILE - - create_ironic_cache_dir -} - -# _ironic_bm_vm_names() - Generates list of names for baremetal VMs. -function _ironic_bm_vm_names { - local idx - local num_vms - num_vms=$(($IRONIC_VM_COUNT - 1)) - for idx in $(seq 0 $num_vms); do - echo "baremetal${IRONIC_VM_NETWORK_BRIDGE}_${idx}" - done -} - -# start_ironic() - Start running processes, including screen -function start_ironic { - # Start Ironic API server, if enabled. - if is_service_enabled ir-api; then - start_ironic_api - fi - - # Start Ironic conductor, if enabled. - if is_service_enabled ir-cond; then - start_ironic_conductor - fi - - # Start Apache if iPXE is enabled - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - restart_apache_server - fi -} - -# start_ironic_api() - Used by start_ironic(). -# Starts Ironic API server. -function start_ironic_api { - run_process ir-api "$IRONIC_BIN_DIR/ironic-api --config-file=$IRONIC_CONF_FILE" - echo "Waiting for ir-api ($IRONIC_HOSTPORT) to start..." - if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT; do sleep 1; done"; then - die $LINENO "ir-api did not start" - fi -} - -# start_ironic_conductor() - Used by start_ironic(). -# Starts Ironic conductor. -function start_ironic_conductor { - run_process ir-cond "$IRONIC_BIN_DIR/ironic-conductor --config-file=$IRONIC_CONF_FILE" - # TODO(romcheg): Find a way to check whether the conductor has started. -} - -# stop_ironic() - Stop running processes -function stop_ironic { - stop_process ir-api - stop_process ir-cond - - # Cleanup the WSGI files - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - _cleanup_ironic_apache_wsgi - fi -} - -function create_ovs_taps { - local ironic_net_id - ironic_net_id=$(neutron net-list | grep private | get_field 1) - - # Work around: No netns exists on host until a Neutron port is created. We - # need to create one in Neutron to know what netns to tap into prior to the - # first node booting. - local port_id - port_id=$(neutron port-create private | grep " id " | get_field 2) - - # intentional sleep to make sure the tag has been set to port - sleep 10 - - local tapdev - tapdev=$(sudo ip netns exec qdhcp-${ironic_net_id} ip link list | grep " tap" | cut -d':' -f2 | cut -d'@' -f1 | cut -b2-) - local tag_id - tag_id=$(sudo ovs-vsctl show |grep ${tapdev} -A1 -m1 | grep tag | cut -d':' -f2 | cut -b2-) - - # make sure veth pair is not existing, otherwise delete its links - sudo ip link show ovs-tap1 && sudo ip link delete ovs-tap1 - sudo ip link show brbm-tap1 && sudo ip link delete brbm-tap1 - # create veth pair for future interconnection between br-int and brbm - sudo ip link add brbm-tap1 type veth peer name ovs-tap1 - sudo ip link set dev brbm-tap1 up - sudo ip link set dev ovs-tap1 up - - sudo ovs-vsctl -- --if-exists del-port ovs-tap1 -- add-port br-int ovs-tap1 tag=$tag_id - sudo ovs-vsctl -- --if-exists del-port brbm-tap1 -- add-port $IRONIC_VM_NETWORK_BRIDGE brbm-tap1 - - # Remove the port needed only for workaround. - neutron port-delete $port_id - - # Finally, share the fixed tenant network across all tenants. This allows the host - # to serve TFTP to a single network namespace via the tap device created above. - neutron net-update $ironic_net_id --shared true -} - -function create_bridge_and_vms { - # Call libvirt setup scripts in a new shell to ensure any new group membership - sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/setup-network" - if [[ "$IRONIC_VM_LOG_CONSOLE" == "True" ]] ; then - local log_arg="$IRONIC_VM_LOG_DIR" - else - local log_arg="" - fi - local vm_name - for vm_name in $(_ironic_bm_vm_names); do - sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/create-node $vm_name \ - $IRONIC_VM_SPECS_CPU $IRONIC_VM_SPECS_RAM $IRONIC_VM_SPECS_DISK \ - amd64 $IRONIC_VM_NETWORK_BRIDGE $IRONIC_VM_EMULATOR \ - $log_arg" >> $IRONIC_VM_MACS_CSV_FILE - done - create_ovs_taps -} - -function wait_for_nova_resources { - # After nodes have been enrolled, we need to wait for both ironic and - # nova's periodic tasks to populate the resource tracker with available - # nodes and resources. Wait up to 2 minutes for a given resource before - # timing out. - local resource=$1 - local expected_count=$2 - local i - echo_summary "Waiting 2 minutes for Nova resource tracker to pick up $resource >= $expected_count" - for i in $(seq 1 120); do - if [ $(nova hypervisor-stats | grep " $resource " | get_field 2) -ge $expected_count ]; then - return 0 - fi - sleep 1 - done - die $LINENO "Timed out waiting for Nova hypervisor-stats $resource >= $expected_count" -} - -function enroll_nodes { - local chassis_id - chassis_id=$(ironic chassis-create -d "ironic test chassis" | grep " uuid " | get_field 2) - - if ! is_ironic_hardware; then - local ironic_node_cpu=$IRONIC_VM_SPECS_CPU - local ironic_node_ram=$IRONIC_VM_SPECS_RAM - local ironic_node_disk=$IRONIC_VM_SPECS_DISK - local ironic_ephemeral_disk=$IRONIC_VM_EPHEMERAL_DISK - local ironic_hwinfo_file=$IRONIC_VM_MACS_CSV_FILE - local node_options="\ - -i deploy_kernel=$IRONIC_DEPLOY_KERNEL_ID \ - -i deploy_ramdisk=$IRONIC_DEPLOY_RAMDISK_ID \ - -i ssh_virt_type=$IRONIC_SSH_VIRT_TYPE \ - -i ssh_address=$IRONIC_VM_SSH_ADDRESS \ - -i ssh_port=$IRONIC_VM_SSH_PORT \ - -i ssh_username=$IRONIC_SSH_USERNAME \ - -i ssh_key_filename=$IRONIC_KEY_FILE" - else - local ironic_node_cpu=$IRONIC_HW_NODE_CPU - local ironic_node_ram=$IRONIC_HW_NODE_RAM - local ironic_node_disk=$IRONIC_HW_NODE_DISK - local ironic_ephemeral_disk=$IRONIC_HW_EPHEMERAL_DISK - if [[ -z "${IRONIC_DEPLOY_DRIVER##*_ipmitool}" ]]; then - local ironic_hwinfo_file=$IRONIC_IPMIINFO_FILE - fi - fi - - local total_nodes=0 - local total_cpus=0 - while read hardware_info; do - if ! is_ironic_hardware; then - local mac_address=$hardware_info - elif [[ -z "${IRONIC_DEPLOY_DRIVER##*_ipmitool}" ]]; then - local ipmi_address - ipmi_address=$(echo $hardware_info |awk '{print $1}') - local mac_address - mac_address=$(echo $hardware_info |awk '{print $2}') - local ironic_ipmi_username - ironic_ipmi_username=$(echo $hardware_info |awk '{print $3}') - local ironic_ipmi_passwd - ironic_ipmi_passwd=$(echo $hardware_info |awk '{print $4}') - # Currently we require all hardware platform have same CPU/RAM/DISK info - # in future, this can be enhanced to support different type, and then - # we create the bare metal flavor with minimum value - local node_options="-i ipmi_address=$ipmi_address -i ipmi_password=$ironic_ipmi_passwd\ - -i ipmi_username=$ironic_ipmi_username" - node_options+=" -i deploy_kernel=$IRONIC_DEPLOY_KERNEL_ID" - node_options+=" -i deploy_ramdisk=$IRONIC_DEPLOY_RAMDISK_ID" - fi - - # First node created will be used for testing in ironic w/o glance - # scenario, so we need to know its UUID. - local standalone_node_uuid="" - if [ $total_nodes -eq 0 ]; then - standalone_node_uuid="--uuid $IRONIC_NODE_UUID" - fi - - local node_id - node_id=$(ironic node-create $standalone_node_uuid\ - --chassis_uuid $chassis_id \ - --driver $IRONIC_DEPLOY_DRIVER \ - --name node-$total_nodes \ - -p cpus=$ironic_node_cpu\ - -p memory_mb=$ironic_node_ram\ - -p local_gb=$ironic_node_disk\ - -p cpu_arch=x86_64 \ - $node_options \ - | grep " uuid " | get_field 2) - - ironic port-create --address $mac_address --node $node_id - - total_nodes=$((total_nodes+1)) - total_cpus=$((total_cpus+$ironic_node_cpu)) - done < $ironic_hwinfo_file - - local adjusted_disk - adjusted_disk=$(($ironic_node_disk - $ironic_ephemeral_disk)) - nova flavor-create --ephemeral $ironic_ephemeral_disk baremetal auto $ironic_node_ram $adjusted_disk $ironic_node_cpu - - nova flavor-key baremetal set "cpu_arch"="x86_64" - - if [ "$VIRT_DRIVER" == "ironic" ]; then - wait_for_nova_resources "count" $total_nodes - wait_for_nova_resources "vcpus" $total_cpus - fi -} - -function configure_iptables { - # enable tftp natting for allowing connections to HOST_IP's tftp server - sudo modprobe nf_conntrack_tftp - sudo modprobe nf_nat_tftp - # explicitly allow DHCP - packets are occasionally being dropped here - sudo iptables -I INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT || true - # nodes boot from TFTP and callback to the API server listening on $HOST_IP - sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true - sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true - if is_deployed_by_agent; then - # agent ramdisk gets instance image from swift - sudo iptables -I INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true - fi - - if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then - sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_HTTP_PORT -j ACCEPT || true - fi -} - -function configure_tftpd { - # stop tftpd and setup serving via xinetd - stop_service tftpd-hpa || true - [ -f /etc/init/tftpd-hpa.conf ] && echo "manual" | sudo tee /etc/init/tftpd-hpa.override - sudo cp $IRONIC_TEMPLATES_DIR/tftpd-xinetd.template /etc/xinetd.d/tftp - sudo sed -e "s|%TFTPBOOT_DIR%|$IRONIC_TFTPBOOT_DIR|g" -i /etc/xinetd.d/tftp - - # setup tftp file mapping to satisfy requests at the root (booting) and - # /tftpboot/ sub-dir (as per deploy-ironic elements) - echo "r ^([^/]) $IRONIC_TFTPBOOT_DIR/\1" >$IRONIC_TFTPBOOT_DIR/map-file - echo "r ^(/tftpboot/) $IRONIC_TFTPBOOT_DIR/\2" >>$IRONIC_TFTPBOOT_DIR/map-file - - chmod -R 0755 $IRONIC_TFTPBOOT_DIR - restart_service xinetd -} - -function configure_ironic_ssh_keypair { - if [[ ! -d $HOME/.ssh ]]; then - mkdir -p $HOME/.ssh - chmod 700 $HOME/.ssh - fi - if [[ ! -e $IRONIC_KEY_FILE ]]; then - if [[ ! -d $(dirname $IRONIC_KEY_FILE) ]]; then - mkdir -p $(dirname $IRONIC_KEY_FILE) - fi - echo -e 'n\n' | ssh-keygen -q -t rsa -P '' -f $IRONIC_KEY_FILE - fi - cat $IRONIC_KEY_FILE.pub | tee -a $IRONIC_AUTHORIZED_KEYS_FILE -} - -function ironic_ssh_check { - local key_file=$1 - local floating_ip=$2 - local port=$3 - local default_instance_user=$4 - local active_timeout=$5 - if ! timeout $active_timeout sh -c "while ! ssh -p $port -o StrictHostKeyChecking=no -i $key_file ${default_instance_user}@$floating_ip echo success; do sleep 1; done"; then - die $LINENO "server didn't become ssh-able!" - fi -} - -function configure_ironic_auxiliary { - configure_ironic_ssh_keypair - ironic_ssh_check $IRONIC_KEY_FILE $IRONIC_VM_SSH_ADDRESS $IRONIC_VM_SSH_PORT $IRONIC_SSH_USERNAME $IRONIC_SSH_TIMEOUT -} - -function build_ipa_coreos_ramdisk { - echo "Building ironic-python-agent deploy ramdisk" - local kernel_path=$1 - local ramdisk_path=$2 - git_clone $IRONIC_PYTHON_AGENT_REPO $IRONIC_PYTHON_AGENT_DIR $IRONIC_PYTHON_AGENT_BRANCH - cd $IRONIC_PYTHON_AGENT_DIR - imagebuild/coreos/build_coreos_image.sh - cp imagebuild/coreos/UPLOAD/coreos_production_pxe_image-oem.cpio.gz $ramdisk_path - cp imagebuild/coreos/UPLOAD/coreos_production_pxe.vmlinuz $kernel_path - sudo rm -rf UPLOAD - cd - -} - -# build deploy kernel+ramdisk, then upload them to glance -# this function sets ``IRONIC_DEPLOY_KERNEL_ID``, ``IRONIC_DEPLOY_RAMDISK_ID`` -function upload_baremetal_ironic_deploy { - declare -g IRONIC_DEPLOY_KERNEL_ID IRONIC_DEPLOY_RAMDISK_ID - echo_summary "Creating and uploading baremetal images for ironic" - - # install diskimage-builder - if [[ $(type -P ramdisk-image-create) == "" ]]; then - pip_install_gr "diskimage-builder" - fi - - if [ -z "$IRONIC_DEPLOY_KERNEL" -o -z "$IRONIC_DEPLOY_RAMDISK" ]; then - local IRONIC_DEPLOY_KERNEL_PATH=$TOP_DIR/files/ir-deploy-$IRONIC_DEPLOY_DRIVER.kernel - local IRONIC_DEPLOY_RAMDISK_PATH=$TOP_DIR/files/ir-deploy-$IRONIC_DEPLOY_DRIVER.initramfs - else - local IRONIC_DEPLOY_KERNEL_PATH=$IRONIC_DEPLOY_KERNEL - local IRONIC_DEPLOY_RAMDISK_PATH=$IRONIC_DEPLOY_RAMDISK - fi - - if [ ! -e "$IRONIC_DEPLOY_RAMDISK_PATH" -o ! -e "$IRONIC_DEPLOY_KERNEL_PATH" ]; then - # files don't exist, need to build them - if [ "$IRONIC_BUILD_DEPLOY_RAMDISK" = "True" ]; then - # we can build them only if we're not offline - if [ "$OFFLINE" != "True" ]; then - if is_deployed_with_ipa_ramdisk; then - build_ipa_coreos_ramdisk $IRONIC_DEPLOY_KERNEL_PATH $IRONIC_DEPLOY_RAMDISK_PATH - else - ramdisk-image-create $IRONIC_DEPLOY_FLAVOR \ - -o $TOP_DIR/files/ir-deploy-$IRONIC_DEPLOY_DRIVER - fi - else - die $LINENO "Deploy kernel+ramdisk files don't exist and cannot be build in OFFLINE mode" - fi - else - if is_deployed_with_ipa_ramdisk; then - # download the agent image tarball - wget "$IRONIC_AGENT_KERNEL_URL" -O $IRONIC_DEPLOY_KERNEL_PATH - wget "$IRONIC_AGENT_RAMDISK_URL" -O $IRONIC_DEPLOY_RAMDISK_PATH - else - die $LINENO "Deploy kernel+ramdisk files don't exist and their building was disabled explicitly by IRONIC_BUILD_DEPLOY_RAMDISK" - fi - fi - fi - - local token - token=$(openstack token issue -c id -f value) - die_if_not_set $LINENO token "Keystone fail to get token" - - # load them into glance - IRONIC_DEPLOY_KERNEL_ID=$(openstack \ - --os-token $token \ - --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT \ - image create \ - $(basename $IRONIC_DEPLOY_KERNEL_PATH) \ - --public --disk-format=aki \ - --container-format=aki \ - < $IRONIC_DEPLOY_KERNEL_PATH | grep ' id ' | get_field 2) - IRONIC_DEPLOY_RAMDISK_ID=$(openstack \ - --os-token $token \ - --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT \ - image create \ - $(basename $IRONIC_DEPLOY_RAMDISK_PATH) \ - --public --disk-format=ari \ - --container-format=ari \ - < $IRONIC_DEPLOY_RAMDISK_PATH | grep ' id ' | get_field 2) -} - -function prepare_baremetal_basic_ops { - if ! is_ironic_hardware; then - configure_ironic_auxiliary - fi - upload_baremetal_ironic_deploy - if ! is_ironic_hardware; then - create_bridge_and_vms - fi - enroll_nodes - configure_tftpd - configure_iptables -} - -function cleanup_baremetal_basic_ops { - rm -f $IRONIC_VM_MACS_CSV_FILE - if [ -f $IRONIC_KEY_FILE ]; then - local key - key=$(cat $IRONIC_KEY_FILE.pub) - # remove public key from authorized_keys - grep -v "$key" $IRONIC_AUTHORIZED_KEYS_FILE > temp && mv temp $IRONIC_AUTHORIZED_KEYS_FILE - chmod 0600 $IRONIC_AUTHORIZED_KEYS_FILE - fi - sudo rm -rf $IRONIC_DATA_DIR $IRONIC_STATE_PATH - - local vm_name - for vm_name in $(_ironic_bm_vm_names); do - sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/cleanup-node $vm_name $IRONIC_VM_NETWORK_BRIDGE" - done - - sudo rm -rf /etc/xinetd.d/tftp /etc/init/tftpd-hpa.override - restart_service xinetd - sudo iptables -D INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true - sudo iptables -D INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true - if is_deployed_by_agent; then - # agent ramdisk gets instance image from swift - sudo iptables -D INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true - fi - sudo rmmod nf_conntrack_tftp || true - sudo rmmod nf_nat_tftp || true -} - -# Restore xtrace + pipefail -$_XTRACE_IRONIC -$_PIPEFAIL_IRONIC - -# Tell emacs to use shell-script-mode -## Local variables: -## mode: shell-script -## End: diff --git a/stackrc b/stackrc index f949ccbad9..8e6ea42a00 100644 --- a/stackrc +++ b/stackrc @@ -225,10 +225,6 @@ HEAT_BRANCH=${HEAT_BRANCH:-master} HORIZON_REPO=${HORIZON_REPO:-${GIT_BASE}/openstack/horizon.git} HORIZON_BRANCH=${HORIZON_BRANCH:-master} -# baremetal provisioning service -IRONIC_REPO=${IRONIC_REPO:-${GIT_BASE}/openstack/ironic.git} -IRONIC_BRANCH=${IRONIC_BRANCH:-master} - # unified auth system (manages accounts/tokens) KEYSTONE_REPO=${KEYSTONE_REPO:-${GIT_BASE}/openstack/keystone.git} KEYSTONE_BRANCH=${KEYSTONE_BRANCH:-master} @@ -298,6 +294,8 @@ GITBRANCH["python-heatclient"]=${HEATCLIENT_BRANCH:-master} # ironic client GITREPO["python-ironicclient"]=${IRONICCLIENT_REPO:-${GIT_BASE}/openstack/python-ironicclient.git} GITBRANCH["python-ironicclient"]=${IRONICCLIENT_BRANCH:-master} +# ironic plugin is out of tree, but nova uses it. set GITDIR here. +GITDIR["python-ironicclient"]=$DEST/python-ironicclient # the base authentication plugins that clients use to authenticate GITREPO["keystoneauth"]=${KEYSTONEAUTH_REPO:-${GIT_BASE}/openstack/keystoneauth.git} @@ -484,6 +482,8 @@ GITBRANCH["os-brick"]=${OS_BRICK_BRANCH:-master} # ironic common lib GITREPO["ironic-lib"]=${IRONIC_LIB_REPO:-${GIT_BASE}/openstack/ironic-lib.git} GITBRANCH["ironic-lib"]=${IRONIC_LIB_BRANCH:-master} +# this doesn't exist in a lib file, so set it here +GITDIR["ironic-lib"]=$DEST/ironic-lib ################## diff --git a/tools/ironic/scripts/cleanup-node b/tools/ironic/scripts/cleanup-node deleted file mode 100755 index c4e4e706f4..0000000000 --- a/tools/ironic/scripts/cleanup-node +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -# **cleanup-nodes** - -# Cleans up baremetal poseur nodes and volumes created during ironic setup -# Assumes calling user has proper libvirt group membership and access. - -set -exu - -LIBVIRT_STORAGE_POOL=${LIBVIRT_STORAGE_POOL:-"default"} -LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"} - -NAME=$1 -NETWORK_BRIDGE=$2 - -export VIRSH_DEFAULT_CONNECT_URI=$LIBVIRT_CONNECT_URI - -VOL_NAME="$NAME.qcow2" -virsh list | grep -q $NAME && virsh destroy $NAME -virsh list --inactive | grep -q $NAME && virsh undefine $NAME - -if virsh pool-list | grep -q $LIBVIRT_STORAGE_POOL ; then - virsh vol-list $LIBVIRT_STORAGE_POOL | grep -q $VOL_NAME && - virsh vol-delete $VOL_NAME --pool $LIBVIRT_STORAGE_POOL -fi diff --git a/tools/ironic/scripts/configure-vm b/tools/ironic/scripts/configure-vm deleted file mode 100755 index 378fcb85ad..0000000000 --- a/tools/ironic/scripts/configure-vm +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env python - -import argparse -import os.path - -import libvirt - -templatedir = os.path.join(os.path.dirname(os.path.dirname(__file__)), - 'templates') - - -CONSOLE_LOG = """ - - - - - - - - - - - - - - - -""" - - -def main(): - parser = argparse.ArgumentParser( - description="Configure a kvm virtual machine for the seed image.") - parser.add_argument('--name', default='seed', - help='the name to give the machine in libvirt.') - parser.add_argument('--image', - help='Use a custom image file (must be qcow2).') - parser.add_argument('--engine', default='qemu', - help='The virtualization engine to use') - parser.add_argument('--arch', default='i686', - help='The architecture to use') - parser.add_argument('--memory', default='2097152', - help="Maximum memory for the VM in KB.") - parser.add_argument('--cpus', default='1', - help="CPU count for the VM.") - parser.add_argument('--bootdev', default='hd', - help="What boot device to use (hd/network).") - parser.add_argument('--network', default="brbm", - help='The libvirt network name to use') - parser.add_argument('--libvirt-nic-driver', default='e1000', - help='The libvirt network driver to use') - parser.add_argument('--console-log', - help='File to log console') - parser.add_argument('--emulator', default=None, - help='Path to emulator bin for vm template') - args = parser.parse_args() - with file(templatedir + '/vm.xml', 'rb') as f: - source_template = f.read() - params = { - 'name': args.name, - 'imagefile': args.image, - 'engine': args.engine, - 'arch': args.arch, - 'memory': args.memory, - 'cpus': args.cpus, - 'bootdev': args.bootdev, - 'network': args.network, - 'nicdriver': args.libvirt_nic_driver, - 'emulator': args.emulator, - } - - if args.emulator: - params['emulator'] = args.emulator - else: - if os.path.exists("/usr/bin/kvm"): # Debian - params['emulator'] = "/usr/bin/kvm" - elif os.path.exists("/usr/bin/qemu-kvm"): # Redhat - params['emulator'] = "/usr/bin/qemu-kvm" - - if args.console_log: - params['bios_serial'] = "" - params['console_log'] = CONSOLE_LOG % {'console_log': args.console_log} - else: - params['bios_serial'] = '' - params['console_log'] = '' - libvirt_template = source_template % params - conn = libvirt.open("qemu:///system") - - a = conn.defineXML(libvirt_template) - print ("Created machine %s with UUID %s" % (args.name, a.UUIDString())) - -if __name__ == '__main__': - main() diff --git a/tools/ironic/scripts/create-node b/tools/ironic/scripts/create-node deleted file mode 100755 index b018acddc9..0000000000 --- a/tools/ironic/scripts/create-node +++ /dev/null @@ -1,79 +0,0 @@ -#!/usr/bin/env bash - -# **create-nodes** - -# Creates baremetal poseur nodes for ironic testing purposes - -set -ex - -# Keep track of the DevStack directory -TOP_DIR=$(cd $(dirname "$0")/.. && pwd) - -NAME=$1 -CPU=$2 -MEM=$(( 1024 * $3 )) -# Extra G to allow fuzz for partition table : flavor size and registered size -# need to be different to actual size. -DISK=$(( $4 + 1)) - -case $5 in - i386) ARCH='i686' ;; - amd64) ARCH='x86_64' ;; - *) echo "Unsupported arch $4!" ; exit 1 ;; -esac - -BRIDGE=$6 -EMULATOR=$7 -LOGDIR=$8 - -LIBVIRT_NIC_DRIVER=${LIBVIRT_NIC_DRIVER:-"e1000"} -LIBVIRT_STORAGE_POOL=${LIBVIRT_STORAGE_POOL:-"default"} -LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"} - -export VIRSH_DEFAULT_CONNECT_URI=$LIBVIRT_CONNECT_URI - -if ! virsh pool-list --all | grep -q $LIBVIRT_STORAGE_POOL; then - virsh pool-define-as --name $LIBVIRT_STORAGE_POOL dir --target /var/lib/libvirt/images >&2 - virsh pool-autostart $LIBVIRT_STORAGE_POOL >&2 - virsh pool-start $LIBVIRT_STORAGE_POOL >&2 -fi - -pool_state=$(virsh pool-info $LIBVIRT_STORAGE_POOL | grep State | awk '{ print $2 }') -if [ "$pool_state" != "running" ] ; then - [ ! -d /var/lib/libvirt/images ] && sudo mkdir /var/lib/libvirt/images - virsh pool-start $LIBVIRT_STORAGE_POOL >&2 -fi - -if [ -n "$LOGDIR" ] ; then - mkdir -p "$LOGDIR" -fi - -PREALLOC= -if [ -f /etc/debian_version ]; then - PREALLOC="--prealloc-metadata" -fi - -if [ -n "$LOGDIR" ] ; then - VM_LOGGING="--console-log $LOGDIR/${NAME}_console.log" -else - VM_LOGGING="" -fi -VOL_NAME="${NAME}.qcow2" - -if ! virsh list --all | grep -q $NAME; then - virsh vol-list --pool $LIBVIRT_STORAGE_POOL | grep -q $VOL_NAME && - virsh vol-delete $VOL_NAME --pool $LIBVIRT_STORAGE_POOL >&2 - virsh vol-create-as $LIBVIRT_STORAGE_POOL ${VOL_NAME} ${DISK}G --format qcow2 $PREALLOC >&2 - volume_path=$(virsh vol-path --pool $LIBVIRT_STORAGE_POOL $VOL_NAME) - # Pre-touch the VM to set +C, as it can only be set on empty files. - sudo touch "$volume_path" - sudo chattr +C "$volume_path" || true - $TOP_DIR/scripts/configure-vm \ - --bootdev network --name $NAME --image "$volume_path" \ - --arch $ARCH --cpus $CPU --memory $MEM --libvirt-nic-driver $LIBVIRT_NIC_DRIVER \ - --emulator $EMULATOR --network $BRIDGE $VM_LOGGING >&2 - -fi - -# echo mac -virsh dumpxml $NAME | grep "mac address" | head -1 | cut -d\' -f2 diff --git a/tools/ironic/scripts/setup-network b/tools/ironic/scripts/setup-network deleted file mode 100755 index 83308ed416..0000000000 --- a/tools/ironic/scripts/setup-network +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/env bash - -# **setup-network** - -# Setups openvswitch libvirt network suitable for -# running baremetal poseur nodes for ironic testing purposes - -set -exu - -LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"} - -# Keep track of the DevStack directory -TOP_DIR=$(cd $(dirname "$0")/.. && pwd) -BRIDGE_SUFFIX=${1:-''} -BRIDGE_NAME=brbm$BRIDGE_SUFFIX - -export VIRSH_DEFAULT_CONNECT_URI="$LIBVIRT_CONNECT_URI" - -# Only add bridge if missing -(sudo ovs-vsctl list-br | grep ${BRIDGE_NAME}$) || sudo ovs-vsctl add-br ${BRIDGE_NAME} - -# Remove bridge before replacing it. -(virsh net-list | grep "${BRIDGE_NAME} ") && virsh net-destroy ${BRIDGE_NAME} -(virsh net-list --inactive | grep "${BRIDGE_NAME} ") && virsh net-undefine ${BRIDGE_NAME} - -virsh net-define <(sed s/brbm/$BRIDGE_NAME/ $TOP_DIR/templates/brbm.xml) -virsh net-autostart ${BRIDGE_NAME} -virsh net-start ${BRIDGE_NAME} diff --git a/tools/ironic/templates/brbm.xml b/tools/ironic/templates/brbm.xml deleted file mode 100644 index 0769d3f1d0..0000000000 --- a/tools/ironic/templates/brbm.xml +++ /dev/null @@ -1,6 +0,0 @@ - - brbm - - - - diff --git a/tools/ironic/templates/tftpd-xinetd.template b/tools/ironic/templates/tftpd-xinetd.template deleted file mode 100644 index 5f3d03f3bb..0000000000 --- a/tools/ironic/templates/tftpd-xinetd.template +++ /dev/null @@ -1,14 +0,0 @@ -service tftp -{ - protocol = udp - port = 69 - socket_type = dgram - wait = yes - user = root - server = /usr/sbin/in.tftpd - server_args = -v -v -v -v -v --map-file %TFTPBOOT_DIR%/map-file %TFTPBOOT_DIR% - disable = no - # This is a workaround for Fedora, where TFTP will listen only on - # IPv6 endpoint, if IPv4 flag is not used. - flags = IPv4 -} diff --git a/tools/ironic/templates/vm.xml b/tools/ironic/templates/vm.xml deleted file mode 100644 index ae7d685256..0000000000 --- a/tools/ironic/templates/vm.xml +++ /dev/null @@ -1,49 +0,0 @@ - - %(name)s - %(memory)s - %(cpus)s - - hvm - - - %(bios_serial)s - - - - - - - - destroy - restart - restart - - %(emulator)s - - - - -
- - -
- - - - - -
- - - -