47 Commits

Author SHA1 Message Date
Dean Troyer
42a59c2bfa Complete moving Keystone setup out of keystone_data.sh
* Move remaining role creation to create_keystone_accounts()
* Move glance creation to create_glance_accounts()
* Move nova/ec2/s3 creation to create_nova_accounts()
* Move ceilometer creation to create_ceilometer_accounts()
* Move tempest creation to create_tempest_accounts()
* Convert moved code to use OpenStackClient for setup
* files/keystone_data.sh is removed

Note that the SERVICE_TENANT and ADMIN_ROLE lookups in the other service
implementations are not necessary with OSC, all operations can be done
using names rather than requiring IDs.

Change-Id: I4283ca0036ae39fd44ed2eed834b69d78e4f8257
2014-03-10 15:17:30 -05:00
Ian Wienand
aee18c749b Enforce function declaration format in bash8
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check.  Add a note to HACKING.rst

Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
2014-02-28 07:59:03 +11:00
Dean Troyer
e4fa721322 Begin is_service_enabled() cleanup
This converts the special cases in the is_service_enabled() function to call
individual functions declared by the projects.  This allows projects that
are not in the DevStack repo and called via the extras.d plugin to handle
an equivalent service alias.

* Ceilometer
* Cinder
* Glance
* Neutron
* Nova
* Swift

TODO: remove the tests from is_service_enabled() after a transition period

Patch Set 2: Rebased

Change-Id: Ic78be433f93a9dd5f46be548bdbd4c984e0da6e7
2014-02-07 10:06:21 -06:00
Jenkins
56d875cc36 Merge "glance: stop using deprecated notifier_strategy" 2014-02-05 11:46:45 +00:00
Attila Fazekas
85a85f87f8 Use service role with glance service
glance just used to admin role for token validation,
the service role is sufficient for this.

glance also needs an user with enough permission to use swift,
so creating a dedictated service user for swift usage when s-proxy is
enabled.

Change-Id: I6df3905e5db35ea3421468ca1ee6d8de3271f8d1
2014-02-02 10:30:15 +01:00
Julien Danjou
19a3814b9a glance: stop using deprecated notifier_strategy
Change-Id: Ic796f0ad57db45bf053312ad10815461528030b3
2014-01-31 11:00:40 +01:00
Dean Troyer
4237f590b7 Generate Tempest service list rather than hard-code it
The list of services that Tempest used to set its 'service_available'
config values was hard-coded. To be plugin-friendly have each
service (project) add its name to the TEMPEST_SERVICES variable
and use that for setting the 'service_avilable' values.

Change-Id: I208efd7fd0798b18ac2e6353ee70b773e84a2683
2014-01-29 17:25:45 -06:00
Flavio Percoco
c3e5b77b45 Add missing file argument to iniset_multiline
Change Id9aab356b36b2150312324a0349d120bbbbd4e63 introduced a call to
iniset_multiline to enable swift stores explicitly. However, the call
has a missing file argument which resulted in this call setting the
values to the wrong file, section and param. This patch fixes that.

Change-Id: Ib17048e05c467bc8ca2c13fe4297d6bac6c8a880
2014-01-23 18:32:54 +01:00
Jenkins
3e98388d07 Merge "Robustify service shutdown" 2014-01-13 14:09:44 +00:00
Dean Troyer
9fc8792b0a Robustify service shutdown
* Save PID when using screen in screen_it()
* Add screen_stop()
* Call out service stop_*() in unstack.sh functions so screen_stop()
  can do its thing

Closes-bug: 1183449
Change-Id: Iac84231cfda960c4197de5b6e8ba6eb19225169a
2014-01-11 11:46:19 -06:00
Vincent Hou
21fe4e76d5 Add a flexible API version choice for Cinder, Glance and Heat
The version of the authentication url is set to v1.0 for some
projects by default. We can make it configurable via the parameter
"$IDENTITY_API_VERSION".

Closes-Bug: #1253539
Change-Id: I6640e345d1317b1308403c95b13f8a998320241b
2014-01-06 01:22:57 -05:00
Jianing Yang
16312738d1 Correct glance db_sync command
Closes-Bug: #1263431

Change-Id: I30a53adfdd8e00a9995595af2e090190bac241a0
2013-12-22 10:49:28 +08:00
Flavio Percoco
355fc86683 Explicily enable the stores used by devstack
Devstack currently relies on the default value of the `known_stores`
configuration option. This patch enables explicitly the default stores
used by devstack.

The real fix for the issue below will land in Glance. However, since the
default stores will be FS and HTTP we need devstack to enable Swift's as
well, which is required in the gates, hence this patch.

Partially-fixes: #1255556
Change-Id: Id9aab356b36b2150312324a0349d120bbbbd4e63
2013-12-20 18:57:25 +01:00
Jenkins
bddaf0afb6 Merge "Allow deploying keystone with SSL certificates" 2013-12-04 05:36:40 +00:00
Jenkins
5221163125 Merge "edit-glance-manage-command-for-recreate-db" 2013-11-26 11:53:02 +00:00
Jamie Lennox
bd24a8d0f8 Allow deploying keystone with SSL certificates
Allow providing certificates through environment variables to be used
for keystone, and provide the basis for doing this for other services.
It cannot be used in conjunction with tls-proxy as the service provides
it's own encrypted endpoint.

Impletmenting: blueprint devstack-https
Change-Id: I8cf4c9c8c8a6911ae56ebcd14600a9d24cca99a0
2013-11-25 22:27:51 +00:00
Adam Spiers
6a5aa7c6a2 Fix some Markdown formatting issues
Address miscellaneous issues with Markdown formatting in comments which
are consumed by shocco when generating the online documentation.

Change-Id: I953075cdbddbf1f119c6c7e35f039e2e54b79078
2013-10-24 17:38:19 +01:00
Sean Dague
101b424842 fix whitespace in the rest of lib/*
this brings this in line with bash8 checker

Change-Id: Ib34a2292dd5bc259069457461041ec9cd4fd2957
2013-10-22 13:02:23 -04:00
JUN JIE NAN
0aa8534ada Using no proxy option to skip wget and curl proxy settings in config
When end users specify proxy settings in config file for wget /etc/wgetrc:
http_proxy = http://...
or for curl ${HOME}/.curlrc:
proxy = http://...

Using `http_proxy="" wget' can not skip the proxy setting in the
config files, also it can skip proxy settings in env viriables.

In order to skip proxy setting in both env and config file, we pass
--no-proxy option for wget, and --noproxy '*' for curl.

Fixes bug #1224836

Change-Id: I2b25aeca9edf2ce4525fb1db325e5e24c18b4d55
2013-09-30 16:03:00 +08:00
AmalaBasha
072d137766 edit-glance-manage-command-for-recreate-db
As per https://bugs.launchpad.net/glance/+bug/1213197, and subsequent
review at https://review.openstack.org/#/c/47161/ Glance-manage commands
are proposed to be subcommands of 'db'. This would require change to the
script to recreate_db which calls the db_sync command.

Implements blueprint edit-glance-manage-command-for-recreate-db
Change-Id: I9470709ec34896dba7a37fdff4791206bb5ef5ed
2013-09-20 16:29:02 +05:30
Dirk Mueller
46d1ba6ef0 Install schema-image.json
Otherwise a warning is logged during startup

Change-Id: I958ab8bb7bce474d3e6854b43bb4709986fb61d4
Fixes: LP Bug#1222797
2013-09-09 14:33:35 +02:00
Mate Lakat
bc2ef929ed xenapi: devstack support for raw tgz image upload
Devstack will recognise the .xen-raw.tgz extensions, and upload them to
glance as raw tgz images with xen pv_mode. This change also adds "tgz" to
the recognised container formats of glance. The changes for raw tgz
support are:

    https://review.openstack.org/#/c/40908/
    https://review.openstack.org/#/c/40909/
    https://review.openstack.org/#/c/41651/

related to blueprint xenapi-supported-image-import-export

Change-Id: I077564587d4303291bb4f10d62bb16380b574106
2013-08-27 11:12:28 +01:00
Ben Nemec
039979424b Allow disabling of debug logging
I find that enabling the debug log level often causes me to miss
important error messages due to the sheer volume of information
logged.  This change allows configuration of the debug option
in a number of the projects so it can be disabled globally
without having to make one-off changes after each re-stack.

Note that this does not apply to Keystone or Swift right now.
They use a different method to configure their logging level and
I'm not as familiar with them so I didn't want to mess with their
settings.

Change-Id: I185d496543d245a644854c8a37f3359377cb978c
2013-08-12 15:01:39 -05:00
Dean Troyer
cc6b443545 Formatting cleanups, doc updates and whatnot
Change-Id: Ica8298353be22f947c8e8a03d8dc29ded9cb26dd
2013-04-09 14:05:32 -05:00
Sean Dague
e4f0cd7eed refactor the install/configure split
configure remains just to generate configs, install now
gets the setup_develop in addition to the git clone. This lets
use remove configure_glanceclient as a function

Change-Id: I68e3e3973d15dc0b4f534662a4f57a9f38f69784
2013-04-01 15:58:22 -04:00
Sean Dague
584d90ec56 add emacs shell-script tagging
for files that don't start with a #! or end in .sh, the added tags
are nice for emacs users to automatically switch to the right mode.

Change-Id: If4b93e106191bc744ccad8420cef20e751cdf902
2013-03-29 14:36:49 -04:00
Dean Troyer
c77b932e16 Move glace's swift config to lib/glance
Change-Id: Icbb355c15bfffe17725ea5cc64cfa5e76c1e74e6
2013-03-29 10:51:01 -05:00
Dean Troyer
995eb927f7 Add clean.sh
clean.sh gets rid of all residue of running DevStack except installed
packages and pip modules.

And it eradicates rabbitmq-server and ts erlang dependencies as well as
the other RPC backends and databases.

Change-Id: I2b9a251a0a151c012bae85a5a2f9c2f72e7700be
2013-03-15 10:30:37 -05:00
Jenkins
820467f20f Merge "Simplify database_connection_url" 2013-03-14 21:12:18 +00:00
Jenkins
f90b2740f7 Merge "Refactor error logging" 2013-03-04 14:12:10 +00:00
Attila Fazekas
7e79d9139f Simplify database_connection_url
* does not expects dynamic scoping.
* does not uses eval.

Change-Id: I5ba4e5b7ffaabbb3c2bddadf9e53a2875de8b7c0
2013-03-03 13:13:36 +01:00
Eoghan Glynn
8c11f5612b Allow qpid to be selected as AMQP provider on precise
Fixes bug 1137667

Previously the auth/sasl config for qpidd was broken, and the
openstack services using RPC were not properly configured.

Now we ensure that:

- the admin qpid_username/password are configured for all services
  (as the qpidd ACL config denies all access to non-admin users)

- the PLAIN sasl mechanism is configured for qpidd (otherwise the
  qpid_password is not propogated)

- the qpidd process has read permission on the sasl DB (otherwise
  thw admin user/apss cannot be verified even if set)

Change-Id: Id6bd675841884451b78f257afe786f494a03c0f7
2013-03-01 12:35:35 +00:00
Nachi Ueno
07115eb5c0 Refactor error logging
It is hard to grep errors in current log. so in this patch,
I'm updating die function which also writes log for
screen_log_dir/error.log.
In future, we may categolize negative fault by using
this error.log.

Change-Id: I70a8cfe67ed408284f5c88c762c6bb8acb8ecdb2
2013-02-28 11:54:24 -08:00
Dean Troyer
f03bafeb84 Refactor init functions to simplify Grenade upgrades
* Glance: create_glance_cache_dir()
* Cinder: create_cinder_cache_dir() and create_cinder_volume_group()
* Nova: create_nova_cache_dir() and create_nova_keys_dir()
* Random tidy-up changes

Change-Id: I20d995d4c2e5facfb912ee03a6cda6c56f20bbe9
2013-02-15 14:56:19 -06:00
Jakub Ruzicka
4196d5565e Introduce get_python_exec_prefix function.
get_python_exec_prefix returns the path to the direcotry where python
executables are installed, that is /usr/bin on Fedora and /usr/local/bin
everywhere else.

It is used to properly locate OpenStack executables.

Fixes: bug #1068386

Change-Id: I228498ebe2762568d00757d065e37377ee2c8fb3
2013-01-30 16:33:43 +01:00
Attila Fazekas
91b8d13eda Fix "sudo: sorry, you must have a tty to run sudo"
On many systems the requiretty sudoers option is turned on by default.
With "requiretty" option the sudo ensures the user have real tty access.

Just several "su" variant has an option for skipping the new session creation step.

Only one session can posses a tty, so after a "su -c" the sudo will not
work.

We will use sudo instead of su, when we create the stack account.

This change adds new variable the STACK_USER for
 service username.

Change-Id: I1b3fbd903686884e74a5a22d82c0c0890e1be03c
2013-01-11 09:15:30 +01:00
Dean Troyer
6d04fd7ba5 Holiday docs and comment formatting cleanup
Change-Id: Ia4ca88c67d3b94e306a79a669805a2fa1b0dc069
2012-12-28 18:03:10 -06:00
Vishvananda Ishaya
23431f3526 Clear out the keystone pki data for each run
This prevents old invalid tokens from working after a rerun of stack.sh
and potentially providing users and tenants that don't exist.

Fixes bug 1089700

Change-Id: Icfc22978e41e459d51b50bc7ad2e6d98d766e402
2012-12-17 08:44:01 -08:00
Akihiro MOTOKI
5e3deb678e Always create signing_dir regardless of token format
Fixes bug 1088801

devstack does not create signing_dir when keystone token format is UUID.
If the default value of signing_dir is read-only, OpenStack services
such as Quantum server failed to start due to permission denied.

On the keystone client cannot know which token_format is used in keystone
in advance, so signing_dir should be created regardless of the token format.

Change-Id: I1b0d25c1ac4d22d9fb2c5443d15b96fdaa5a4c81
2012-12-11 18:16:05 +09:00
Mark McClain
ec903059d5 Revert "Set the rabbit_durable_queues to match local consumers"
This reverts commit 71cf53a9f60176419732f3ecbbce11c75190c059.

The attempt to set the queue durability for Glance notifications always
sets the queues to durable. We are reverting this until a refined
approach is available.

Change-Id: I469e5149d21e3fcdd409da8114d5ccef1ff1243c
2012-12-04 14:16:09 -05:00
Jay Pipes
71cf53a9f6 Set the rabbit_durable_queues to match local consumers
Due to a problematic bug in Glance (https://bugs.launchpad.net/glance/+bug/1074132),
I was unable to get stack.sh to complete successfully. The workaround on the
Glance bug was to set the rabbit_durable_queues value to match the setting
of the local Rabbit consumers and exchanges.

This patch merely looks for any consumer or exchange that
is durable and ensures that the default durable_rabbit_queues
config option of False is set to True in that case.

Change-Id: Ia5a165a5a06d11d1fe6492ca32139972d49d3a1e
2012-11-09 10:42:40 -05:00
Jenkins
308beccc24 Merge "Add PostgreSQL support to devstack" 2012-11-04 12:34:31 +00:00
Terry Wilson
428af5a257 Add PostgreSQL support to devstack
This patch adds an interface for supporting multiple database backend
types and implemnts support for PostgreSQL. It also adds a function,
use_exclusive_service, which serves as a base for enabling a service
that conflicts with other services. The use_database function uses it,
and it might also be useful for selecting messaging backends.

MySQL is still selected by default. Tested on Fedora 17 and Ubuntu
12.04 with MySQL and PostgreSQL. Implements blueprint postgresql-support

Change-Id: I4b1373e25676fd9a9809fe70cb4a6450a2479174
2012-11-03 18:19:21 -04:00
Dean Troyer
bc071bcef0 Configure PKI cache dirs
* Configure Cinder, Glance, Keystone, Nova to put cached credentials
  from keystone.auth_token into /var/cache/<service>

It is not obvious to me that having each of these service share a
credentials cache is a good idea.  It does appear to work but this
patch takes the conservative approach of putting each service's cache
in a distinct directory.

More importantly it gets them out of $HOME!

Change-Id: If88088fc287a2f2f4f3e34f6d9be9de3da7ee00d
2012-10-31 13:23:39 -05:00
Eoghan Glynn
ad80eadb08 Config for ceilometer gathering from glance
Some changes are required so that ceilometer can gather usage data
from glance (notification & polling) out-of-the-box in devstack:

 - configure glance to emit notifications if rabbitmq or qpid
   is enabled

 - configure the ceilometer collector to consume notifications
   on the default glance topic (glance_notifications.*)

 - pass credentials to ceilometer central agent so that it
   authtenticate polling calls to glance

Change-Id: I0eac223eddb615266e28447b18fcaaadcd40dddf
2012-09-27 17:55:37 +01:00
Dean Troyer
699a29f72d Implement screen process stop() function
Implements screen process stop in ceilometer, cinder, glance, heat, n-vol

Change-Id: Ic5e02926f026d0e6f4b39846bfe77634dd414c60
2012-09-21 14:02:38 -05:00
Dean Troyer
73f6f25b87 Move glance to lib/glance
The next in a line of changes to break down stack.sh and make
it a bit more manageable.

Part of blueprint devstack-modular

Change-Id: Ie0104f0de281497f2c10f653aebb8e7cbedc4204
2012-09-18 15:46:09 -05:00