Because, you know, we should have to do this.
Rackspace publishes two things called "compute" into their catalog for
customers who still have the old compute service.
Change-Id: I27d5a78fc743057a270acd4bf7c85fd998f9074d
* launch/launch-node.py: Now that we're using --detailed-exit-codes
with puppet, we should not abort when the ssh call exits nonzero.
Puppet explicitly returns nonzero codes which indicate success
conditions, and we already have a function in place to interpret
them.
Change-Id: If66d345902d05fa0898d202f5f71c087df9f4ce7
HP Cloud centos7 images are currently failing with 'Please login as
the user "centos" rather than the user "root"'.
This adds the 'centos' user as one of the logins to try, and adds a
little documentation to the subsequent fixup of the authorized_keys
file
Change-Id: I46b62c8c4aed7a1c9522d60db7f726ebcb30281c
We've got the logic elsewhere to properly deal with puppet bizarre exit
code strategy. Put it in launch_node too.
Change-Id: I4a414a27b58b2d4d890020f4b2aaed50f7c8f26b
Currently launch-node.py doesn't allow to specify network label
and floating IP pool name, using the defaults from nova-network.
This patch allows to specify network label to attach instance to,
and floating IP pool from which floating IPs could be assigned.
Change-Id: I46024bc1c217f99f19717aeb04d424a01440203a
The new code to create volumes incorrectly affects the non-volume
case due to an indentation bug. This corrects that.
Change-Id: I18eb1222447393e769fbbbf550407bf103b11e99
On HP, when we launch nodes, we need them to have a floating IP for us
to be able to connect to them.
Change-Id: I5c7ad3183d0b6329e2019a2c95968fcf3984618b
We are using cinder block devices more and more. Update launch node so
that it can attach a preexisting cinder volume against a new nova server
on first boot. This will allow puppet or other config management to
format and mount that block device into the VMs filesystem.
Change-Id: Ic121cdc06dcbea0e38e8d0ff8946e999af3d727e
It is deemed useful by some to pass IDs rather than names to
launch-node.py for flavors and images; mostly due to the fact that
names are not unique, and the "first-matched" behavior on names
means that it can end up doing the wrong thing in certain cases.
Change-Id: Ief89174fedac7921f85bbfe3a456059ecc0f19bf
We don't really use the salt infrastructure that we set up, which means
it's cruft. Go ahead and admit that we don't use it and remove it from
our systems.
Change-Id: Ic43695719cbad30aded16ac480deb3dfd9b2a110
* launch/README: Correct outdated references to salt and puppet
certs. Modernize the recommended image name.
* launch/launch-node.py: When run as root, keep the puppet group on
private keys so that they're readable by puppet group members. That
way it won't break subsequent runs as non-root following the current
instructions in the README file. Modernize the default image name.
Change-Id: Ic5034121d4d0df3c096c2e474a9d3d41ec361021
According to https://docs.python.org/3/howto/pyporting.html the
syntax changed in Python 3.x. The new syntax is usable with
Python >= 2.6 and should be preferred to be compatible with Python3.
Enabled hacking check H231.
Change-Id: I4c20a04bc7732efc2d4bbcbc3d285107b244e5fa
Added the abillity to use launch_node.py to connect to and create
infrastructure instances in openstack setups that are not setup to use
the ssl secured clients.
This matches the functionality of the nova cli to accept NOVACLIENT_INSECURE.
Change-Id: Ibfb5bb4665f36a155ec488c475e03f9cd901e9d6
Signed-off-by: Philip Schwartz <philip.schwartz@rackspace.com>
Add a script to handle cloud servers with no swap. This can be
used before install_puppet when developers run it by hand, and
is called directly by launch_node. If the host has
no swap, create a swap partition from the ephemeral disk and use
the remainder on /opt.
Change-Id: Iac8bfe4924d8607ddbddc45312a51fe52eb4cdbc
We'd like to be able to control sequencing of how and when puppet
runs across our machines. Currently, it's just a set of agents
that run kinda whenever they run. At times they hang and we don't
know about it. Also, cross-server sequencing is impossible to
achieve.
Change the operation away from agents running on the machine as
daemons, and instead ssh from the master to each machine.
Change-Id: I76e41e63c6d0825e8735c484ba4580d545515e43
In anticipation of swtiching to flake8 as part of the removal of
pyflakes jobs, clean up a few flake8 errors so that we don't have to
ignore as many things.
Change-Id: Idb8466bb3194904d84e17dd3f2a7c32aff13788c
Commit 5ae5e6cc added puppetry for /root/ci-launch on the Puppet
master server, but set permissions on it too restrictive for users
launching new servers to be able to read the files within it.
* launch/README: Note that the user following these directions
should also be in the admin group.
* modules/openstack_project/manifests/puppetmaster.pp: Set group
ownership of /root/ci-launch to admin so members of that group will
be able to read the files within it.
Change-Id: I6c657eb4311b27ce329f249df3e60c2b902677ae
This is a minor step towards PEP-8 as well, but mainly makes it easier
to document what third party modules are needed.
Change-Id: Id901ef437fcdeb11c8dd555e8db7c13daa86c4b2
Infrastructures derived from the OpenStack CI infrastructure currently
need to fork launch-node.py, better if it just takes an option ;).
Change-Id: Iad94451ed2b4da425f059595ae727dcf2847733a
* launch/launch-node.py: Make salt key management when launching nodes
optional as we may not always be running salt or choose to have a node
run a salt daemon. Default to disabling management.
Change-Id: If1bf137e91d250d5c94a957ff00d19401685c730
* launch/README: On servers where the puppet agent daemon needs to
enabled, don't run the initscript directly under sudo. Passing it
through su avoids permission issues with the puppet mysql module.
* launch/launch-node.py: Only test IPv6 connectivity when providers
support it.
Change-Id: Ic37305331ba57ba3de2fb349e1ab503cabcc697d
* launch/launch-node.py: Sometimes we get a broken server from a
provider, probably actually a broken compute node behind the scenes,
which fails to send IPv6 packets with a DSCP > 3. Test that we can
send DSCP 0x10 packets to at least one IPv6-connected host and get a
response, or else discard the server.
Change-Id: I379589d74f9e5892e3fda85bd267567038b6c2c9
* manifests/site.pp: Add a node pattern for slave servers which run
Ubuntu Precise Pangolin and default to Python 3.3 for the Puppet PIP
package provider.
* launch/README: Starting with precise3k slaves, individual Puppet
certificates will now be used per-server.
Change-Id: I2cde440720afd8014fc98dfd133d29a428751a9d
* launch/README: Add note on enabling puppet agent for non-slave
CentOS servers.
* launch/launch-node.py: Reboot immediately after puppeting so that
we don't leave the server booted on an old/vulnerable kernel.
Change-Id: I5d0d36c2a11b078321a8715985868422946b06cb
All jobs previously using a quantal node label are now using a
precise node label instead. Documentation has also been updated to
reflect the change in preferred release/image name.
Change-Id: I636416a9d9dc6714cd9751e2210882db2cbf786e
Reviewed-on: https://review.openstack.org/28861
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
* launch/README: Mention adding yourself to the salt group.
* modules/salt/manifests/master.pp: Loosen directory permissions
minimally as needed for salt group members to be able to run the
launch script without being root.
Change-Id: I4e462fe2efabe2200a635c79e4b7a1314bf174a3
Reviewed-on: https://review.openstack.org/27562
Reviewed-by: Jesse Keating <jesse.keating@rackspace.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Create Salt key pair if needed
Move Salt key pair creation above bootstrap_server
Pre-seed Salt Minion keys
Use fqdn instead of cert name.
Set the Minion ID to be the fqdn
Logic improvements in add_salt_keypair
Use proper splitext, some suggested fixes
Remove minion_id definition. Let fqdn define minion id
Change-Id: I74e5ffb1a414ee61f1214332be34b5ed0fd26e95
Reviewed-on: https://review.openstack.org/26046
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Nicolas Simonds <nic@metacloud.com>
Reviewed-by: Anita Kuno <anita.kuno@enovance.com>
Reviewed-by: Matthew Sherborne <msherborne+openstack@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
* launch/README: The preferred flavor for a Jenkins slave in
Rackspace nova has RAM 8192, so we can get the same 4 CPU count we
had with Rackspace legacy VMs.
Change-Id: I55563ff966061b5c02fb68b671156d782c2d042d
Reviewed-on: https://review.openstack.org/23658
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
Still not automatic, but much less typing.
Change-Id: I348b866db3f2778ba08a516a00d258358c4a9129
Reviewed-on: https://review.openstack.org/22468
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
* launch/README: Demonstrate use of the nova client's image-list
and flavor-list features, to assist in selecting/confirming image
and RAM choices for passing to launch-node.py. Also improve the
section headers and add a section about activating the Puppet agent
on non-Jenkins-slave servers.
* launch/launch-node.py: Upon successful completion, display
parameters useful for subsequent DNS assignments.
Change-Id: I0defc62434ab2f60b23afe2048e8093614ca49ca
Reviewed-on: https://review.openstack.org/20923
Reviewed-by: Khai Do <do.khai@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
* launch/README: More clarity on Jenkins slave example, and
additional levels of cut-n-pasteability on the DNS record creation
example. Also switch from requiring root to expecting to be run from
a normal account with sudo access and membership in the puppet
group.
* launch/launch-node.py: Default to assuming the certname is the
same as the node FQDN, if it isn't overridden via command-line
option.
Change-Id: I9c987055b18e084983f2459fe01598837e1ebcc6
Reviewed-on: https://review.openstack.org/20645
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
* launch/README: Fix a minor error in the path to a shell fragment
in one of the example commands.
Change-Id: Ie42e6d6b86b9518893c6661251deeab7bbce0d11
Reviewed-on: https://review.openstack.org/20429
Reviewed-by: Elizabeth Krumbach <lyz@princessleia.com>
Approved: James E. Blair <corvus@inaugust.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Tested-by: Jenkins
* Update credential paths in launch README.
* Add puppet environment command line option to launch-node.
* Invoke install_puppet.sh from launch-node.
Change-Id: I11a326d4be2274fcecb1a58a32c8962b36af24a8
Reviewed-on: https://review.openstack.org/19000
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
* launch/README: Note that commands are assumed to be run in a full root
environment, mention existence of 'nova list' for determining server
details, get happy with variables in the DNS examples and also adjust
examples for a recent change in RackSpace's DNS API which assumes a
lower-case version of the region name.
Change-Id: I6a80893379acf573e04fefd39d98965c7b873ad5
Reviewed-on: https://review.openstack.org/16112
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Paul Belanger <paul.belanger@polybeacon.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
Add a script to launch new OpenStack project servers.
Change-Id: I9f12ac0b7e38592128de1d6b999a5d540d621514
Reviewed-on: https://review.openstack.org/14246
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Tested-by: Jenkins
