This logic has been tied to OVS since it was introduced in [1] and
revised in [2]. However, many other backends may use tap devices that
aren't related to OVS, such as Calico[3] and Linux Bridge after [4]
merges.
This patch just removes the dependency on OVS specifically so
/dev/net/tun is added to cgroups whenever any Neutron backend is used.
This is done in other deployment tools like Juju[5] so it's not
unprecedented.
1. Ifab268f739b004db13024633e8abeb17691b9e46
2. Ic1da132fa421f1c70c10a319ee3239831b0f956f
3.
http://docs.projectcalico.org/master/getting-started/openstack/installation/ubuntu#compute-node-install
4. I23c5faaeab69aede1fd038a36f4a0b8f928498ce
5.
2790f81ecd/templates/qemu.conf
Change-Id: I075595158d8f3b5a6811c4794aa7b91912940db5
Partial-Bug: #1675343
libvirt-python compiles against the currently installed libvirt. If
you upgrade that, it needs to rebuild, however it won't change
versions, so pip install just noops. Force an uninstall / reinstall of
it every time to handle potential upgrades of libvirt.
Change-Id: If34541b34aa6d55eedaf6c603fd1fe92eb887308
This adds a flag and basic config for enabling coredumps for libvirt.
Partial-Bug: 1643911
Co-Authored-By: Matthew Booth <mbooth@redhat.com>
Change-Id: If7cd54e804a5a389a0d82a325b58f5b41b8ef0db
Now that we don't support Ubuntu Trusty anymore, we can remove
the ebtables race workaround.
Closes-Bug: #1675714
Change-Id: I70483f871e35fcaa933d1b7bac7dbb396aa22cef
The package libvirt-bin is a transitional package in Debian and should
not be used anymore.
Ubuntu Xenial is an exception here.
Because of that this change also adds the possibility to use "not:" to
exclude distros in files/debs/* just as "dist:" limits distros.
Depends-On: Icc59ea79f54d4ff8751f2e353ee3530fff3d961e
Closes-Bug: #1673840
Change-Id: I3998a7178d14ec40eae5cb199d66da9546cd6ccf
Since https://review.openstack.org/#/c/438325 landed
it only works for Centos 7, but not for other
RHEL-based distributions: Virtuozzo and, probably, RHEV.
Both of above have own version for qemu-kvm package: qemu-kvm-vz and qemu-kvm-rhev,
accordingly. These packages provide "qemu-kvm", like qemu-kvm-ev,
and, when you call "yum install qemu-kvm", they replace the default OS package.
Change-Id: I46da627c0da8925064862fdc283db81591979285
For the latest qemu-kvm, you have to use the qemu-kvm-ev package,
which is based off the qemu-kvm-rhev package, which is explained in
[1] but you probably can't read it. The gist is, that qemu-kvm-rhev
is a later build of kvm that is incompatible with the base version
provided. qemu-kvm-rhev is only provided with the RHV (ovirt) and
RHOS (openstack) products. CentOS rebuilds this package as
qemu-kvm-ev as part of it's virtualisation SIG.
I9a972e3fde2e4e552f6fc98350820c07873c3de3 has bumped up the minimum
qemu version to 2.1.0. It seems there is a an issue (bug #1668164)
where having the qemu-system package installed gets picked up if
installed, and reports the incorrect version to nova, causing failure.
This removes the installs from files/rpms/nova as it is all being done
in function-libvirt. We only install the qemu-kvm-ev package on
centos and remove the old work-around.
[1] https://access.redhat.com/solutions/629513
[2] https://wiki.centos.org/SpecialInterestGroup/Virtualization
Change-Id: Ide91b261f35fb19d8bd7155ca016fa3b76a45ea1
In Debian jessie and later release,there is no packages
called "qemu-kvm" for AArch64. Also modify the libguestfs0
packages for AArch64
Closes-bug: #1612182
Change-Id: I5eb6bd137896eb9abfc4f8dbb41b41105e4820cd
Signed-off-by: Kevin Zhao <kevin.zhao@linaro.org>
Ensure the virtlogd service is started, to work-around various
platform issues where it isn't started correctly.
Closes-Bug: #1603009
Change-Id: I548b377df6b2f0c287429e4387ee33184a82a64d
Two things:
(a) Add the log filter to capture libvirt CPU manipulation driver
related error messages when things fallout (e.g. CPU model
comparision failures during live migration).
(b) While we're at it, remove the "1:qemu_monitor" log filter, because
the existing filter "1:qemu" should take care of logging the
interactions with QEMU monitor console. This is the case since
the introduction of VIR_LOG_INIT() macro in upstream libvirt,
which performs a substring match on a given file name. (Available
from libvirt version v1.2.10 onwards).
Change-Id: I75befd52d9f892eb5a6236eee9a397fab7602ecc
Add "KVM for IBM z Systems" to the list of Fedora-like distros.
As the distribution does not have a dedicated kvm package,
prevent the installation of the kvm package during the libvirt
setup.
Change-Id: Ibb5c60797d6867264f9dea7fea85cdf1d7c72ded
/etc/libvirt is not world-readable (at least on Fedora and RHEL) so
use sudo with the grep that checks whether we have already configured
libvirtd logging. Also, change the regex so we don't count commented
out logging config.
Change-Id: I67484b28aafd0fa828385321fa96d9141cb4cb59
Signed-off-by: Mark McLoughlin <markmc@redhat.com>
I noticed this when debugging some grenade issues failures.
An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.
We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.
When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).
The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.
The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.
Some files had already discovered this. In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste. This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.
Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
ebtables is racing with itself when nova and libvirt attempt to create
rules at the same time in the nat table. ebtables now has an explicit
--concurrent flag, that all tools must opt into to prevent ebtables
from inherently being unsafe to run.
libvirt gained this support in 1.2.11, which is too new for our ubuntu
primary testing environment. Nova still hasn't added this support,
though even if it did, we'd run into the issue with libvirt.
We can do the most ghetto thing possible and create a wrapper for
ebtables that does explicit locking on it's own. It's pretty terrible,
but it should work. And it is the kind of work around that people
unable to upgrade libvirt will probably need to do.
This is an opt in value which we should set in the gate to True.
Related-Bug: #1501558
Change-Id: Ic6fa847eba34c21593b9df86a1c2c179534d0ba5
These files have acquired execute permissions that
are not strictly necessary because they are being
sourced, and not intended to be run separately.
Restore to 644
Change-Id: I0b8654123416a07521502b61610ca45c94494a07
Change I79a8d8ac7ad2fbd7d2fce696821d130218e43e03 removed the install
of python-libguestfs, which was actually hiding a dependency issue on
Centos. The "kvm" package is ultimately missing some bios files from
"seabios-bin" -- however with python-libguestfs installed this was
coming in via a dependency chain that pulled in qemu-kvm, which has
the dependency.
qemu-kvm is not strictly required as all the functionality is within
qemu-system-x86. But while we get [1] sorted out this restores the
job functionality.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1235890
Change-Id: I3379bc497978befac48c5af0f1035b96d030b7eb
Currently those bindings are missing from SLES12, and since
they're not actually used unless file injection is enabled
(which is not by default), only conditionally depend on it.
Change-Id: I79a8d8ac7ad2fbd7d2fce696821d130218e43e03
We've bike-sheded over this before
(I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799) but I have just traced
down further issues to firewalld with neutron+ipv6 (see the bug).
In fact, as mentioned in the comments, RDO disables firewalld and the
neutron guide says to disable it [1]. The force flag is left if
anyone really wants this; but nobody is testing (or, as far as I can
tell, working on) this so bring devstack back into line and disable it
always. Note we do not remove the package; as has been found in the
puppet scripts this can lead to dependency issues.
[1] http://docs.openstack.org/developer/devstack/guides/neutron.html
Change-Id: Ief7cb33d926a9538f4eb39c74d906ee0c879de35
Partial-Bug: 1455303
This creates a new pip_install_gr that installs from global
requirements allowed versions. Now that stable branches are getting
capped all of devstack needs to be fixed to do things like this.
Change-Id: I8fd0ef2bfc544ca2576fab09d3018f760b8848fe
The qemu-system package, and not qemu-kvm, should be installed on either
trusty- or utopic-based ARMv8 (aarch64) Ubuntu releases. Additionally,
libguestfs is not available so that is not installed.
No changes are required for vivid.
Change-Id: Id9dc1fc465bd7acab17c991c292fb531016758ad
Signed-off-by: Andrew McDermott <andrew.mcdermott@linaro.org>
Enabling it by default because:
- This allows you to get the relevant logs right away when something
in the libvirt code path fails, without having to submit another
change and keep doing a 'recheck' to re-run the CI check/gate jobs
until you hit the bug.
- The libvirt log filters specified in the function
'configure_libvirt' are much more _selective_ and not a catch-all
debug option where you end up with the unhelpful situation of having
to find a "specific piece of hay in a haystack"[1].
FWIW, I always have it enabled in local test environments, and I don't
see the resulting libvirtd.log growing beyond a couple of MB for
three-four days of usage.
[1] http://lists.openstack.org/pipermail/openstack-dev/2014-January/024414.html
Change-Id: I5e0b35446075b419fe473e1db8d0bfedd7009741
We are trying to get a working 64bit qemu cpu model in the gate for nova
live migration testing. It appears that we need to make this change
prior to nova starting.
Make the change in configure_libvirt() to handle this along with the
other libvirt config updates. This allows us to restart the libvirt
service once. This function calls a python tool which parses and updates
the XML if necessary.
Change-Id: I00667713bfba67ab8cedbcb1660ff94d4f4bcc07
A lot of libvirt interactions with QEMU are via the QEMU monitor
console, which allows you to either query or modify the state of a
virtual machine. Spefici examples include: querying the status of live
block operations, live snapshot operations, live migration, etc.
Enabling the 'qemu_monitor' log filter allows us to capture precisely
what commands libvirt is sending to QEMU.
Note that the log level was intentionally set to '1' (i.e. debug) for
this specific filter, because (a) it's not extremely verbose, (b) when
something breaks, it's helpful to have the exact sequence of
interactions between libvirt and QEMU.
Change-Id: Iba95b6bd7c9f197c8d48c7d978f538e50d4e31fa
This is needed otherwise we fall back to the nbd code path which is
super hacky. This shouldn't have been deleted for the venv path.
Change-Id: If5cb6cb4944bd0ed3548d53c98443b76725d1c0c
Install a couple of optional feature prereqs in hypervisor plugins.
rootwrap is horribly called indirectly via PATH. The choice, other than fixing
such nonsense, is to force the path in sudo.
TODO:
* python guestfs isn't in pypi, need to specifically install it to not
use the distro package
Change-Id: Iad9a66d8a937fd0b0d1874005588c702e3d75e04
el6 is shipped with Python 2.6.x which is not expected
to be supported with the openstack kilo release.
For el6 support we need to do lot of thing differently,
which makes the code more complicated.
This change removes el6 and py26 support from devstack.
This change also removed a discontinued (1 year ago)
openSUSE 12.2 code path, which used a similar codepath as el6.
Several comment related to el6 also removed or modified.
Change-Id: Iea0b0c98a5e11fd85bb5e93c099f740fe05d2f3a
This makes a bunch of variable cleanups that will let -o nounset
function, for the time being we hide nounset behind another setting
variable so that it's not on by default.
Because this is bash, and things are only executed on demand, this
probably only works in the config it was run in. Expect cleaning up
all the paths to be something that takes quite a while.
This also includes a new set of unit tests around the trueorfalse
function, because my change in how it worked, didn't. Tests are good
m'kay.
Change-Id: I71a896623ea9e1f042a73dc0678ce85acf0dc87d
With gerrit 2.8, and the new change screen, this will trigger syntax
highlighting in gerrit. Thus making reviewing code a lot nicer.
Change-Id: Id238748417ffab53e02d59413dba66f61e724383
libvirtd is the new name of the init script in Debian testing.
libvirt-bin is still in use on Debian Wheezy.
Since I222b71962f49896063910ff2a25e4f57be4bf819, libvirtd is the
default for Debian, this break the compatibility with Debian Wheezy.
With this patch, we use libvirt-bin only if there is no
/etc/init.d/libvirtd init script.
Change-Id: I13694fef93d36c2e128e15e7dbfaec9230335585
this patch checks if os_VENDOR is ubuntu to launch
libvirt-bin service. Previously, is_ubuntu() was used, but
this function only detects if a deb packaging is used, so
there were no distinction between Ubuntu and Debian.
Change-Id: I222b71962f49896063910ff2a25e4f57be4bf819
Closes-Bug: 1361260
firewalld interacts badly with the libvirt on f20, causing slow-downs
so great that it can timeout the gate.
Developers who want to leave it enabled should set FORCE_FIREWALLD=True
Change-Id: I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799
The libvirt log filter settings match against the filename of
the libvirt source emitting the log message. Normally these
file names are relative to the source tree root, but in the
Ubuntu binary packages these have somehow ended up as absolute
filenames from the OS root. This means that a log filter of
'1:libvirt' which is only intended to match src/libvirt.c
will in fact match every single file. This caused enourmous
log files on Ubuntu hosts running the gate.
The fix is to use '1:libvirt.c' as a more specific filename
match, but we can't do this unconditionally because libvirt
>= 1.2.3 does not use filenames for log filter matching
anymore. So only change the match on Ubuntu hosts for now,
since that's where the original problem lies.
While doing this, also turn off the logging of object ref
and unref operations, since those pollute the logs with lots
of noise.
Change-Id: I71b67507a4e68a7bff0c358857aaaac08ef0c420
The official F20 cloud image does not contains the firewalld,
there is nothing to restart, and it fails the installation.
The previous workaround change, assumed all is_fedoras has
a restartable firewalld without ensuring is it installed at all.
RHEL6 even does not have a firewalld.
Closes-bug: #1329102
Change-Id: I3d119ce48af81b30bf02b01c2cd386612ac6ef90
An updated libvirt package to address [1] is in Fedora 20 now, so we
don't need this work-around. Modify the comments of the other part of
the work-around (restart of services) and link to the most relevant
bug
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1098376
Change-Id: I47fba7b4f273162c2af1e37902a512041449750b
Fedora libvirtd fails to start on Xen instances (i.e. rackspace
instances) due to [1]. This works around the issue until it can be
fixed upstream.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1098376
Change-Id: I3790b5025982730263a6a84fce596e80f09efd5a
Since at least 12.04, the kvm package is a transitional dummy
package intended to move users to the newer qemu-kvm package. This
removes the dependency on this dummy package, which will be going away
in 14.04, and instead depends on the proper qemu-kvm package.
Change-Id: I4a88ada3cf32106413a9fae6fe77c9c4c28a524e
Closes-bug: #1294557
Moves installation and setup of libvirt to a common functions-libvirt,
which can be used by other drivers in the future that may require
cross-distro libvirt installation and config but are not using
VIRT_DRIVER=libvirt (ie, Ironic).
Change-Id: I4a9255c8b4bacd5acfde9b8061c9e537aeea592c
