Commit Graph

489 Commits (master)

Author SHA1 Message Date
Lance Albertson 75e073a7b0 CentOS 8 support
- Update various packages for EL8
- Use platform family for installing dnsmasq
- ChefSpec updates

Change-Id: Ia566d70348f1245733b5074b3ad6e0bb30c3e405
Signed-off-by: Lance Albertson <>
2021-10-22 16:33:19 -07:00
Lance Albertson f687f40c16 Chef 17 support
- Remove bind from Berksfile
- Update copyright years
- Require Chef >= 16.0

Change-Id: I36f04f496425cd3d7a8a3f0f135e0d1bdcaf2ae5
Signed-off-by: Lance Albertson <>
2021-10-14 12:40:56 -07:00
Lance Albertson 222df62ab3 Use correct packages on Ubuntu for linuxbridge
Change-Id: I20a3ab5c51e1d984a4d87e2333d26d504f0f711d
Signed-off-by: Lance Albertson <>
2021-07-17 00:41:33 +00:00
Jan Knedlik 3b4d9288dd Update path to linuxbridge-agent config on Debian
Since at least version 9 (Stretch) Debian uses the same location for
this configuration file as RHEL and Fedora.

Co-authored-by: Marek Szuba <>
Signed-off-by: Marek Szuba <>
Change-Id: Ida3536eb6facf8c12d8d92c80ed2e7bb20a1781a
2021-07-15 20:25:11 +00:00
Ghanshyam Mann d05c095378 Moving IRC network reference to OFTC
Also pull bind cookbook from git to fix version pinning issues.

Change-Id: If0d756ea2dc60a3938f30feff5907781fa09ee8f
Signed-off-by: Lance Albertson <>
2021-07-15 10:51:39 -07:00
Lance Albertson eb0ea506a1 Update to Chef Workstation 21.2.303
Change-Id: Idf283a54da0dd237fb0f6eadafa95c47d8be9e77
Signed-off-by: Lance Albertson <>
2021-03-08 16:17:16 -08:00
Lance Albertson 8f5801890f Cookstyle 6.19.5 fixes
Change-Id: Id30919fdf1e52405001abe964f434123c867f717
Signed-off-by: Lance Albertson <>
2020-10-05 17:19:17 -07:00
Lance Albertson 5fbaaa6a49 Chef 16 updates
Change-Id: I91b7c6054865daa4ae9ff0012c29f74d6a6d269d
Signed-off-by: Lance Albertson <>
2020-08-27 17:32:33 -07:00
Lance Albertson dac0c7c8d4 Updates for Train
- LBaaS has been removed as it's been deprecated upstream [1]

- Update release to train

- Cookstyle

- Unused .rubocop.yml


Change-Id: I4c7f58ea60c02704877531fe3e7849c47aacf7ae
2020-05-29 17:18:15 -07:00
Lance Albertson cb26946e73 Stein fixes
- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/neutron/neutron.conf] and
  template[/etc/neutron/metadata_agent.ini] to resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Update lbaas recipe to use v2 agent driver.
- Add recommended configuration settings to neutron.conf based in Stein
  installation docs.
- Remove any resources that define the default action.
- Switch package installations to send packages as arrays instead of individual
  package resources. This generally speeds up chef runs.
- Manage /etc/neutron/neutron_lbaas.conf so we can set service_provider
- Add some missing ChefSpec tests.
- Configure neutron_lbaas.conf on Ubuntu in a manner that allows it to properly
  pull in the configuration via the --config-dir option. This is due to the fact
  we need to set an additional [service_providers] service_provider line and we
  can't do that with hashes.
- Remove FWaaS as it's unmaintained upstream.

Change-Id: Id29884766440d37fa18fd62f3f93eecc22224d51
2020-03-23 14:23:34 -07:00
Lance Albertson 95e7167f78 Include missing cookbooks in Berksfile
This is for individual cookbook integration testing.

Change-Id: Ib986e8df102ae3dcfff8f378c9b2f01f57eef102
2020-01-30 13:05:20 -08:00
Lance Albertson 1c40ad731e Improve ChefSpec test speed by enabling caching
This updates all references of let(:chef_run) to cached(:chef_run) to
speed up tests. By doing this, we have to create a new cached(:chef_run)
block whenever we need to adjust node attributes for testing.

Additional fixes:
- Pull in openstack-network::ml2_core_plugin in server spec so that we get the
  default attributes set
- Remove unused shared_examples

Speed was improved from 4 minutes 18.7 seconds to 1 minute 2.73 seconds

Change-Id: Ib10a6828e6886a57527a5e5a506cc57364ec0c2a
2020-01-07 09:55:25 -08:00
Lance Albertson 70fda6ae3a Updates for rocky
- Replace with
- Update some documentation
- Move to README.rst for better rendering
- Drop obsolete script

Change-Id: Ia621986157956cb8f03fabd00741959bd2879aff
2019-12-06 11:27:39 -08:00
Jens Harbott ed27001087 Revert deploying fwaas v2 by default
Customer testing has show fwaas v2 to be rather buggy, revert to running
with fwaas v1 now. The fwaas project seems to be lacking maintainers
currently, see whether that situation improves until the next cycle.
Otherwise we may need to drop the service completely, as fwaas v1 has
been removed for Train.

Change-Id: I5d1af49a56a86a66a1d2509b4ca306b6e0cdf77c
2019-11-27 09:42:29 +00:00
Zuul da7196356f Merge "Use python3 packages on Ubuntu" 2019-11-25 15:19:32 +00:00
inspurericzhang 5a3848fba2 Replace with
Change-Id: Icd19cf498263a5419752e6a4568e3279171fa549
2019-11-19 18:17:50 +08:00
Jens Harbott 46b89f7714 Use python3 packages on Ubuntu
Python2.7 is going EOL soon, let us deploy python3 for Rocky from the
start, so we avoid having to switch later.

Change-Id: I3be10959888870cec8774c2729465a0785eb837f
2019-10-02 08:02:51 +00:00
Jens Harbott dbc69c742e More updates for rocky
- Change fwaas attributes to default to v2 instead of deprecated v1
- Drop the deprecated external_network_bridge attribute
- Fix some wordings in comments

Change-Id: Ib4e8c93356ce67d5a77b1260c1b6b9c2082ecbec
2019-09-02 12:19:00 +00:00
Jens Harbott 65e4f8512f Fix fwaas installation under Ubuntu
In earlier releases python-neutron-fwaas was pulled in as a dependency
of neutron-common automatically, now we need to install that package

Note that this requires the fwaas recipe to be executed also on the
controllers, while previously it only needed to be run on the network

Change-Id: I84659e62ae110d79eb486eef7f86869584aba4ee
2019-08-12 08:57:56 +00:00
Lance Albertson d7177f09e6 Fixes to support fog-openstack-1.x
fog-openstack-1.x already appends "auth/tokens" so we no longer need to
do that.  In addition, comment out endpoint type until this PR [1] gets
merged and released.


Change-Id: Icc92d6c8eb868efbde904e6aeb9d36891ea8457a
Signed-off-by: Lance Albertson <>
2019-07-03 16:06:06 -07:00
Zuul e4abfa8d61 Merge "Drop admin endpoints" 2019-04-29 09:30:07 +00:00
OpenDev Sysadmins 13043b1839 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at with any
questions you may have.
2019-04-19 19:44:27 +00:00
Jens Harbott 7d5f72844f Drop admin endpoints
The admin endpoints offer no special functionality, users may talk to
the public endpoints instead. The only historic use case has been the
keystone v2 admin endpoint, but with keystone v3 API, even that is no
longer needed.

Also stop creating cache dirs that were only needed while keystone
supported PKI tokens.


Change-Id: I309bf20e68e452489a24cf36472fc5c9f68cbe36
2019-04-16 09:38:29 +00:00
Roger Luethi 5bb0cf6aaa Allow overriding replies for specific domain names via dnsmasq.conf
backport: queens

Change-Id: I44d1d01b943167049e2f09fb251e1a54b6c43d47
2019-04-05 16:12:59 +02:00
ZhijunWei 66490ada34 Change openstack-dev to openstack-discuss
Change-Id: I9596e05c8c9ff069087b17ed858960a4e608d23d
2018-12-04 23:21:08 -05:00
Roger Luethi f03e5c65fa
remove unmaintained vpnaas from all recipes and attributes
The vpnaas agent has been removed for the OpenStack Queens release.

Virtual Private Network-as-a-Service (VPNaaS) scenario
(for Rocky, no vpnaas docs found for Queens)

missing release note (or doc) on vpn-agent change in queens

vpnaas agent is removed since Queens and configuration changed

Change-Id: Idf74445445683058cd992e95df87724579e70433
2018-10-25 11:46:35 +00:00
Samuel Cassiba c874aec833 Rename openstack-chef-repo references to openstack-chef
Change-Id: I9ab98a6892994e6795fd9beefdeac42f0267a3d6
2018-08-06 21:50:02 -07:00
Samuel Cassiba 22d034d20a starting rocky development patch
Change-Id: I4d16b90987e8fb6569ff8775694868e2ad91eeef
2018-08-03 06:41:32 -07:00
Samuel Cassiba 3d096b57fd Use internal identity endpoint for services
Depends-On: Id74966d9f1279f725bc41c08e434230a7845bbc1
Change-Id: If77f23c98ac3c932d6bfc46281cc14105e9ccd9f
2018-07-16 12:44:45 -07:00
Samuel Cassiba a59b4e4de9 Correct platform family name
Change-Id: I0f7b0468247d1879dcf62caa1f5bb606061169e5
2018-07-14 00:07:56 -07:00
Zuul dcff8c5fbb Merge "Stop iptables from being enabled by force" 2018-06-29 09:38:33 +00:00
Samuel Cassiba 766e9fba5c Stop iptables from being enabled by force
This change enables convergence in containers by removing iptables in a
workaround as a result of upstream[1] efforts[2].


Change-Id: I8793cb8d1ee376d45e7521b8ff9434c704e05497
2018-06-25 06:17:04 -07:00
Samuel Cassiba c6195859d9 Simplify identity endpoint
Per the Keystone Install Guide[1] the admin endpoint is superseded in
favor of a single public endpoint. As a result, the admin endpoint is no
longer deployed by default.


Change-Id: I833cc80421be375aed202c208cf93a0165761226
Implements: blueprint simplify-identity-endpoint
2018-06-14 19:16:25 -07:00
Samuel Cassiba 3abbcabe46 Add delivery config
Change-Id: I6792466648d581a8d6cec5b0f54ae9ed51f2b503
Implements: blueprint deprecate-rakefiles
2018-04-11 22:32:37 -07:00
Samuel Cassiba 9371f35e29 Update DB migration command for Queens
Per the Neutron install docs[0], the migration commands are slightly


Change-Id: Ic4724b9cfb718680effc062cabb624768008f98d
2018-04-05 14:09:44 +00:00
Samuel Cassiba 526ea82f5e starting queens development patch and use
* use instead of github for berks dependency

Change-Id: Ib864e84dddfc59b5876932b4c2d809406e2d5007
2018-03-06 12:09:03 -08:00
James E. Blair c6f038443c Zuul: Remove project name
Zuul no longer requires the project-name for in-repo configuration.
Omitting it makes forking or renaming projects easier.

Change-Id: I74aa29135fa304d59cd960cc1de187a044ecc9bf
2018-01-28 13:44:53 -08:00
Samuel Cassiba 77e2e705c3 network refactor for Pike and Chef 13
- implemented foodcritic and cookstyle corrections
- deprecated method access for node['foo']['bar'] bracket syntax
- deduplicated resource calls for identity registration
- moved dpkg overrides to common cookbook for DRY

Implements blueprint modern-chef

Depends-On: I143e0ed0a2bdd76269fc0c402052696426d96d81
Change-Id: Ib268737d2f5c3196061d89202d806c3af1c54e72
2018-01-09 15:14:37 +00:00
Roger Luethi c678df66d6 Remove domain role from neutron service user
This patch removes the openstack_user resource with :grant_domain
action. A user is always created within a specific domain; such a
membership cannot be tacked on later. This resource gave the user the
role intended for their project for the domain (i.e., for the Default
domain instead of for the service project).

We add the domain_name attribute that creates the neutron user in the
desired domain. Note that this change needs a sufficiently recent
openstackclient cookbook -- otherwise the domain_name attribute is
ignored (which does not matter as long as the neutron user is to be
created in the Default domain).

Change-Id: I4b67565c9408c758acefc681dd756a1dca836ec3
2017-11-13 15:09:22 +00:00
Roger Luethi 7402658214 Remove superfluous role_name arguments
This patch removes the role_name when using openstack_user's :create
action (it gets ignored by the target method).

Note that the spec test would still pass if only the line in
identity_registration.rb (but not the test) were changed, because the
code that actually does grant the role to the resource is executed right
after user creation and before any tests check the resource for the
existence of the role_name attribute. In other words: if the argument
were required in a call but only supplied in another call, the spec
tests would not catch it. Something to watch out for.

Change-Id: I9061b748281910bef3927757bdf22edfd36b7448
2017-11-13 15:57:14 +01:00
Jens Harbott 3646495362 Add native zuul v3 jobs defined in openstack-chef-repo
Change-Id: Ide338a8a89add4e9c747d61edf58f67e95a264d2
2017-11-02 10:41:17 +00:00
Zuul b3439eaea1 Merge "Replace platform_family method and use attribute instead" 2017-10-29 01:50:26 +00:00
Seb-Solon 3b6c8c04e0 Replace platform_family method and use attribute instead
platform_family method is not working on latest Chef versions

Change-Id: I364ba316dd91cf11cc813f0c642708fd46cd6caf
Depends-On: Ibfc34ec195950e844c6e5b939708bb0ef7411029
Partial-Bug: #1724987
2017-10-28 15:46:52 -04:00
Seb-Solon ebc878441e Fix control_exchange attribute
Regression introduced by
Fix follows [block-storage] cookbook logic

Change-Id: Ibfc34ec195950e844c6e5b939708bb0ef7411029
2017-10-26 13:15:18 -04:00
Samuel Cassiba 9de60304f4 Initial network Pike updates
- Switched default linter to cookstyle
- Renamed rake tasks to better conform with Chef conventions

Change-Id: I5dd1971392fdf282d0f214dfce9dcbecc18542a8
2017-08-25 09:57:18 -04:00
Jan Klare 3868368eca
starting pike development patch
Change-Id: I54d6b08011eae2d7a47a6b56214c5170fd7e71b3
2017-08-17 14:19:33 +02:00
Jenkins 3cdb3b94d4 Merge "Fixes for Ocata, style and lint fixes for chefdk" 2017-08-11 15:42:56 +00:00
Samuel Cassiba 25349d6187 Fixes for Ocata, style and lint fixes for chefdk
- Corrections made to db_migration for Ocata
- Style and lint fixes for newer chefdk
- Rewrote metadata.rb for readability
- Added some defaults from the linuxbridge documentation for Ocata
  in an attempt to get virtual networking functional out of the box

Change-Id: I16d6f892f325a80eb3eabd10110177246b63663f
2017-08-10 16:09:18 -04:00
Christoph Albers 7d6850fda5 Neutron OVS Interfacedriver name deprecation
- now its just openvswitch

Change-Id: Ibb67f0ed977b14f542650108c68b7db0ba24a768
2017-07-31 15:38:08 +02:00
Jan Klare b52090f002 add new Chef OpenStack Team Logo to README
Change-Id: Ie9c7400297e2cc48b508e2e8066a893299ba7844
2017-05-29 10:53:08 +02:00