8268 Commits

Author SHA1 Message Date
Jenkins
7976f31fb9 Merge "Unset admin_project config options for Keystone" 2016-11-16 00:04:44 +00:00
Jenkins
29d13df1a2 Merge "Adopt openstack client for neutron commands" 2016-11-15 15:34:51 +00:00
Jianghua Wang
caa822fce4 XenAPI: correct the ml2 configuration for neutron
XenAPI requires two instances of L2Agent: the standard one manages OVS
bridges in DomU and the service name is called as q-agt in Devstack;
the other new L2Agent manages OVS bridges in Dom0 and the service name
is called as q-domuA. In order to support the new agent q-domuA, it
requires some XenAPI-specific configurations. But unfortunately those
XenAPI-specific configurations were configured in the standard agent
file, meaning other changes made to the standard agent file would not
have the correct effect. So it has caused issues, for example, floating
IP addresses are not reachable.
This fix is to move the XenAPI-specific configurations from the stardard
agent configuration file to the XenAPI-specific agent configuration file
so that it won't impact the standard agent's behavior.

Change-Id: I45944e84a1f81d016aa00da6d782801ee8457ea4
2016-11-15 19:55:48 +08:00
Daniel P. Berrange
c30b8def82 Move certificate setup earlier in deployment
Currently the x509 certificate setup is done after all the
openstack services have been deployed. This is OK because
none of the services require that the x509 certs exist
when they are being deployed. With the integration of TLS
into the nova novnc proxy (and later spice & serial proxy)
service, x509 certs will need to exist before Nova is
deployed.

The CA setup must thus be moved earlier in the devstack
deployment flow, prior to the setup of any services. One
part of the CA setup, however, fixes up the global cert
bundle locations and this can only be done after the
python requests module is install, thus must remain in
its current location.

Change-Id: Idcd264fb73bb88dc2f4280c53c013dfe4364afff
2016-11-15 11:24:04 +00:00
xiaolihope
8f985b6ff1 Remove heat code from devstack tree
This removes all of the heat code from the devstack tree, in favor of the
devstack plugin in Heat's tree.

Depends-On: I4bed1e5cef5afa7b049b07640086a86a3f881e13
Depends-On: Ic392bcc24bc374ee8511a94f1d8f6ac23131c7e3

Change-Id: I5b60422bf1f5fa78aa8f3383f7a222e0356d9e42
2016-11-15 15:00:43 +05:30
Jenkins
ac65a5cac0 Merge "yum_install: fix awk return code" 2016-11-15 01:35:44 +00:00
Jenkins
5ff21b3d63 Merge "Update local.sh sample file to use OSC" 2016-11-14 11:21:02 +00:00
Jianghua Wang
2b3ac6dc64 Specify the correct image parameters for XenServer
The deprecated AMI image file opts will be removed soon.
See https://review.openstack.org/#/c/338377.
So we can't use the fallback mechanism anymore. This patch is to
specify the correct image parameters for XenServer.

Change-Id: Ic287a3ed1725c42ea29022158bc9720c9a96533f
2016-11-14 17:46:20 +08:00
Jenkins
53649947e1 Merge "Removing config values no longer in tempest.conf" 2016-11-14 09:24:01 +00:00
Jenkins
ed2a82bd4b Merge "Updated from generate-devstack-plugins-list" 2016-11-14 00:54:58 +00:00
John L. Villalovos
bd42d4918e Remove call to undefined teardown_neutron_debug
Previously the usage of neutron debug ports was removed by
5e01c47e4d671166b9396c507a7105a5ac8256dc but there was still call to
teardown_neutron_debug. Recently a change to devstack-gate
1d6cc0771a3399300117f488e9d71e7ea46a4d82 caused that call to be
triggered and breaking the gate-devstack-dsvm-updown job.

This patch deletes the call and comments regarding setup_neutron_debug
and teardown_neutron_debug.

Change-Id: Ifdacb0cec1307db469bd66f551474539184cf2cd
2016-11-12 11:11:43 -08:00
Carlos Goncalves
bac2e4ddc2 Update local.sh sample file to use OSC
Besides updating to OSC CLI, this patch also fixes an argument name typo
present before in 'nova keypair-add' (--pub_key should be --pub-key).

Specifying $OS_PROJECT_NAME in case user is associated to multiple
projects containing security groups with same name (e.g. 'default').

Change-Id: I776f6edfc4c6c798a39d3260827a18c695f05c87
2016-11-11 15:11:54 +01:00
OpenStack Proposal Bot
7c0af1bfb8 Updated from generate-devstack-plugins-list
Change-Id: Ifce4376733d55452a1ce85df75a4203ac2f2aff9
2016-11-10 06:49:01 +00:00
Jenkins
319abcaf85 Merge "Switch fernet to be the default token provider" 2016-11-09 20:03:04 +00:00
Jenkins
e8f776cda0 Merge "Fix stevedore warning with neutron firewall_driver" 2016-11-08 04:09:31 +00:00
Jenkins
4972bbcfbe Merge "Use userrc_early for all nodes" 2016-11-07 23:41:30 +00:00
OpenStack Proposal Bot
8c7cec52d0 Updated from generate-devstack-plugins-list
Change-Id: Id23209fa26e39d569b7e4b4e95d42e72fd92c32e
2016-11-04 11:31:22 +00:00
Matt Riedemann
f166081d0e Always setup cells v2
Nova is going to land a database migration in Ocata
under change I72fb724dc13e1a5f4e97c58915b538ba761c582d
which enforces that at least the simple cells v2 setup
is performed, which creates the cell mappings, cell0 and
host mappings. Before we can land that change in Nova
we have to make cells v2 setup a default in the integrated
gate jobs.

Depends-On: Ie44e615384df464516aa30b9044b5e54b7d995bb

Change-Id: If1af9c478e8ea2420f2523a9bb8b70fafddc86b7
2016-11-03 15:52:52 -04:00
Armando Migliaccio
4f11ff30cf Adopt openstack client for neutron commands
The neutron client is going to be deprecated during the
Ocata timeframe, so it is time to start switching to the
openstack client to invoke networking commands.

use of neutron client in neutron-legacy has been left as is.

The command for setting the router gateway is left as follow up.

Change-Id: I0a63e03d7d4a08ad6c27f2729fc298322baab397
2016-11-03 10:37:58 -07:00
Pierre Riteau
62f29a98d7 Update stable branch example
The stable/juno branch was deleted 11 months ago:
http://lists.openstack.org/pipermail/openstack-announce/2015-December/000869.html

Update the example to Newton, which should keep it valid for a while.

Change-Id: I4cd8738862a529fd319be2ec5694d00defd94f84
2016-11-03 10:10:03 +00:00
Huan Xie
f881a0e4ee XenAPI: Enable linux bridge in Dom0 for neturon
When using neutron network under xenserver, we must enable linux bridge
in Dom0 as neutron will use linux bridge qbr in compute node for
security group. But by default XenServer use openvswitch and disabled
linux bridge. This patch is to remove this restriction.

Change-Id: I0e8124ff2323810fdc46c717a750ce7e8f4aa0c6
2016-11-02 20:50:41 -07:00
Brian Haley
30ab23cd9b Fix stevedore warning with neutron firewall_driver
The initial start of the neutron OVS agent always prints
a warning:

 WARNING stevedore.named [] Could not load
 neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

There's an alias for that in setup.cfg called
iptables_hybrid that would avoid it.

Change-Id: I3f5bf782f4f27dc123e462e494741a8a941641ec
2016-11-02 17:05:48 -04:00
Paulo Ewerton
75bf972239 Move default Keystone API version to v3
This patch sets Keystone v3 as default in services
configuration files and in the openrc and stackrc scripts.

Change-Id: I24546f02067ea23d088d383b85e3a78d7b43f166
Partially-Implements: bp keystonev3
2016-11-02 20:28:41 +01:00
Jenkins
928b3cd36e Merge "Setup the Cinder image-volume cache by default" 2016-11-02 17:09:47 +00:00
Jenkins
f8da15791b Merge "remove OS_AUTH_TYPE from the userrc files" 2016-11-02 17:09:40 +00:00
Jenkins
ef9d31f6ac Merge "Make unstack.sh more independently deterministic" 2016-11-02 17:08:58 +00:00
Huan Xie
54482cd80b Stop q-domua process when XenServer is used
When using XenServer, it will create two neutron-openvswitch-agent
q-agt and q-domua even it's single box environment, but it didn't
stop the q-domua, this patch is to stop q-domua in unstack.sh

Change-Id: I511ed534bfb7d5fe6136f6a0b33f1d749d30862c
Closes-Bug: #1631721
2016-11-02 01:35:44 -07:00
Jenkins
f1ede394a5 Merge "Updated from generate-devstack-plugins-list" 2016-11-02 03:36:03 +00:00
Castulo J. Martinez
2d9959c53b Removing config values no longer in tempest.conf
This commit removes some config values for tempest that no
longer exist in tempest/config.py therefore are no longer needed
in tempest.conf.

Change-Id: I5778973012e57e8d9df9bf864590f8ed7fe05561
2016-11-01 13:36:54 -07:00
Matt Riedemann
c9c9d31d3e tempest: set network-feature-enabled.port_security
Sets the port_security feature flag in tempest.conf
if the port_security extension is enabled, which it's not
by default in neutron but is set by default in devstack.

This adds global variable for setting the port_security
extension in ml2.conf and in tempest.conf so we only have
to set this in one place.

Depends-On: I1efd5c838aa0d73cc6e8864e3041eea25850198d

Change-Id: I6334b200e42edd785f74cfb41520627393039619
Related-Bug: #1624082
2016-11-01 10:52:08 -04:00
OpenStack Proposal Bot
ade65b813b Updated from generate-devstack-plugins-list
Change-Id: I1b357b2e668ff5ed56c5deb9d71709a7526e17ea
2016-11-01 06:46:36 +00:00
Steve Martinelli
dc486bc12f Switch fernet to be the default token provider
this is the first patch in a series to actually make fernet the default
token provider in keystone. the patches for grenade, release notes, and
actually switching the value in keystone all depend on this patch first.

reasons for switching over:

- fernet tokens are the recommended token provider
- the install guide for newton recommends deployers use fernet tokens [0]
- we previously attempted this switch but ran into timing issues [1],
  the timing issues have been resolved [2]

[0] http://docs.openstack.org/newton/install-guide-ubuntu/keystone-install.html
[1] 153db269705f37d4144ad3fcf26dc67269755d7d
[2] https://review.openstack.org/#/q/topic:make-fernet-default

Change-Id: I3b819ae8d2924f3bece03902e05d1a8c5e5923f1
2016-10-31 14:57:11 +00:00
Jenkins
1f84d45757 Merge "lib/neutron: Remove remaining references to Q_ variables" 2016-10-30 10:13:53 +00:00
Eric Brown
fb73d85afe Remove unused KEYSTONE_CATALOG_BACKEND
This patch simply removes a var noted to be removed back in Newton.

Change-Id: I7c66e1d8d65f562596543ed8ca402dba8c8ea271
2016-10-28 02:03:37 -07:00
Eric Brown
7b07ccf5e4 Remove deprecated/obsolete ldap options
The devstack ldap configuration for keystone is still using some
old options that are no longer valid. The write support is
being removed this release. And in previous releases, the ldap
assignment driver support was removed and was not removed here.

Change-Id: I538626b681eaee6a7ac10dfbc29605b73fbe13bf
2016-10-27 16:24:16 +00:00
YAMAMOTO Takashi
07edde1c14 lib/neutron: Create initial topology only on controller node
To avoid it being created multiple times for multinode setup.

Note: This reverts "Enable neutron to work in a multi node setup"
(commit 88f8558d874072536e7660a233f24207a7089651) partly and fixes
the issue differently.
The configuration in question uses the new lib/neutron. (not neutron-legacy)
In that case, calling create_neutron_initial_network from stack.sh directly
is a wrong way, as create_neutron_initial_network is sourced by
neutron-legacy.  The new neutron code should not rely on the legacy one.

Closes-Bug: #1613069
Change-Id: I868afeb065d80d8ccd57630b90658e330ab94251
2016-10-26 11:57:48 +02:00
YAMAMOTO Takashi
d5f730caf4 lib/neutron: Remove remaining references to Q_ variables
Q_ variables belong to neutron-legacy.

These are True by default in neutron.
Remove them in favor of post-config meta section.

Change-Id: If691a79b09003f85a07c9f33e0379a2b21e48141
2016-10-26 11:55:40 +02:00
Adam Young
4440da8563 Unset admin_project config options for Keystone
Until the policy changes land for Nova, Glance, etc, this
value is not used.  Additionally, by having it set, it actually
makes it hard/impossible for the required changes to land in
the other services.  Disable/comment out the changes in the
Keystone specific lib file for now, and we will re-enable once
the Services can make use of them.

Change-Id: Ia1de9083c21107dac2f0abb56bda166bdb37a69d
2016-10-26 11:40:08 +02:00
Jenkins
e0fdcd5ff2 Merge "fix ceph config file path variable" 2016-10-24 01:37:18 +00:00
Matt Riedemann
aa47a0a8be ceph: set rbd_secret_uuid in cinder.conf, not rbd_uuid
The ceph cinder backend script was setting the wrong
config option in cinder.conf for the secret uuid. This
was being masked by a bug in nova which is failing on
this bug when trying to fix the nova bug...right. It
makes sense.

See:

http://docs.ceph.com/docs/master/rbd/rbd-openstack/#configuring-cinder

Change-Id: I4655cae3212d589177d2570403b563a83aad529a
Closes-Bug: #1635488
2016-10-20 22:27:25 -04:00
OpenStack Proposal Bot
94ab1a4aa8 Updated from generate-devstack-plugins-list
Change-Id: I15cdb23e00664efe637de5cbc7b5a1e8efa21d13
2016-10-19 08:16:16 +00:00
Monty Taylor
201c01f19b
Don't clone dib-utils in install_heat
It's not used, and a recent change to trim down projects lists in
devstack-gate broke devstack in the gate that enabled heat.

Change-Id: I405423bdc9ba8dd9b30fce6fdceacccf662d5da3
2016-10-18 11:24:41 -05:00
Jenkins
093d815d9f Merge "Enable bridge firewalling if iptables are used" 2016-10-18 11:23:54 +00:00
Hongbin Lu
bc5cfc0584 Allow running nova compute with docker group
A use case is from Zun project that needs to start n-cpu with
"docker" group.

Change-Id: Ib8f193ea1edf1f148e9ba505205495170ebf6d67
2016-10-17 01:51:46 +00:00
Chuck Short
51db6d33c1 Replace wily support with yakkety
Ubuntu wily support is EOL so lets make room for yakkety.

Change-Id: Ib13d43f6d89bdf7c684cd34655a077a13e237be3
Signed-off-by: Chuck Short <chuck.short@canonical.com>
2016-10-15 09:40:35 -04:00
Jenkins
88172b8763 Merge "Reduce the scope of the subnet pool prefix in neutron" 2016-10-14 20:04:27 +00:00
Eric Harney
d8682dbdf9 worlddump: Add cinder-volume guru meditation report
cinder also supports GMR, it would be good
to have this when debugging gate failures.

Change-Id: I4db6dfd810d011faaca084e0dacaec4031b2a4ff
2016-10-14 14:38:10 -04:00
Jenkins
8caeb035f4 Merge "Make Nova/Ironic communication use Identity v3" 2016-10-13 19:55:06 +00:00
Jenkins
cdcfc74d23 Merge "Remove workaround for openstack complete" 2016-10-13 19:50:54 +00:00
Attila Fazekas
2bd8d90681 Objects versions new style config
allow_versions is going to be a deprecated option.
Setting up the object versining in the new way.

[1] http://docs.openstack.org/developer/swift/overview_object_versioning.html

Change-Id: Ia520fbb6eb535b08ce83c0cb4bea31e7bba55eb3
2016-10-13 10:08:09 +02:00