Devstack's lib/cinder set the my_ip on cinder side but it
hard-code it with HOST_IP[1]. It is no issue for IPv4 env
but when you build or run the IPv6 job then this ip is left
to set with IPv6. my_ip should be set to HOST_IP or HOST_IPV6
based on SERVICE_IP_VERSION value.
As part of Train community goal 'Support IPv6-Only Deployments',
we will expand the 'devstack-tempest-ipv6' job to do IPv6-only
deployments verification so we need fix the the my_ip setting.
Closes-Bug: #1838250
Depends-On: https://review.opendev.org/#/c/677524/
[1]6aeaceb0c4/lib/cinder (L231)
Change-Id: I71c74e46467a5d3c1bf9c7d683f364cba7cf9d80
This is no longer being used due to Keystone PKI tokens no longer
being implemented.
In order to not break backward compatibility we create a new function
that is to be used instead and deprecate the old one. Modify the old
function to ignore the 3rd argument and display a deprecation warning.
Adjust callers to no longer create and set that directory, calling the
new function instead.
Change-Id: Id0dec1ba72467cce5cacfcfdb2bc0af2bd3a3610
Support for changing the cinder periodic_interval config option
was added way back in havana as a workaround for bug #1180976
by change I20e52e66fcc94b224476cdd14c88bd6981b4e617. As the fix
for that bug does not require modifying this config value, and
such modification may have unintentional adverse effects, end
the support.
Change-Id: I1ef1fe564123216b19582262726cdb1078b7650e
Partial-bug: #1824837
This patch switches the CINDER_ISCSI_HELPER from tgtadm
to lioadm in openSUSE distros, as it increase the performance
and reduce the flakiness on some tests.
Change-Id: Ic3ee9c6baabe20f8f4d14246f6e29808796a5db9
Signed-off-by: aojeagarcia <aojeagarcia@suse.com>
The tempest-multinode-full job is running the c-bak
service on the subnode where swift isn't running, and
because of the "is_enabled_service swift" check, cinder
on the subnode wasn't getting configured to talk to
swift so the c-bak service was down. Since chances are
good that we're running swift, just configure cinder
to always use it.
Change-Id: I86b090967dadeeefc017ff0311beeea9441b6ba6
Closes-Bug: #1783128
cinder does not yet support operations without project_id in the url.
The unversioned endpoint is not a usable endpoint for a user that
requests the block-storage service. Although it would be lovely to have
the block-storage service have the unversioned endpoint in the catalog,
we need to get project-id out of the urls first.
Change-Id: I4246708b6ea31496ba4d565ab422abc76f730ee7
Needed-By: https://review.openstack.org/564494
Cinder supports both noauth and keystone auth mode. So now we can
configure this value via local.conf:
[[post-config|$CINDER_CONF]]
[DEFAULT]
auth_strategy = noauth
Change-Id: I1e434362117ab30dae71a8f3a80bc139e78f51bc
- There are some locations where we need the raw IPv6 address instead of the
url-quoted version enclosed in brackets.
- Make nova-api-metadata service listen on IPv6 when we need that.
- Use SERVICE_HOST instead of HOST_IP for TLS_IP.
Change-Id: Id074be38ee95754e88b7219de7d9beb06f796fad
Partial-Bug: 1656329
Cinder change I5231f8fe3399deb9c57e6efb121d0d008dc9c7f4
replaces iscsi_helper with more general one.
Change-Id: I49fe0365b170e5a5b0449d80003bcf970e4c191d
The block-storage endpoint was added to the catalog, but in the suburl
case it was not added with the /volume suburl. This leads to find it and
attempting to use it but not being able to because it's mis-formed.
Needed-By: https://review.openstack.org/545117
Change-Id: I84721c8ae637417e4b01be9e546ff77c250fc149
Without installing the targetcli package
tools and configs can be missing.
The code was correct baside a typo,
it is `ISCSI` not `ICSI`
Change-Id: I32e5d84d87560458f0eaaf820dcd00c86e6dec8b
Cinder has now implemented "policy in code" and policy.json is
only needed for overriding default policies. The default policy.json
file has been removed in Cinder so we need to stop trying to copy
it during Cinder setup.
Change-Id: I364e401227fe43e2bacf8a799e10286ee445f835
This will enable us to run one etcd for devstack and another
for kubernetes in the same box if necessary
Change-Id: Ib71ded24727b80afd4d98eb68bade0f8c0f72311
block-storage is the official service type for cinder, according to the
service-types-authority. Add it as a service in devstack, with cinder's
unversioned endpoint, to enable proper discovery.
Change-Id: I75cf7212678f7f270c3c32f0bce227dbbf6b466d
This reverts commit ef5ebed6c9ca3d9d47fd2a732a1542555a0f65ba.
The problem here is a backwards-incompatible change to
configure_auth_token_middleware. Plugins are still passing a
"signing_dir" which is interpreted now as the "section" argument
... this leads to an interesting red-herring issue; because "v" is a
gnu sed command for checking the version, a signing_dir of "/var/..."
(as done in most plugins) gives the weird error:
sed: -e expression #1, char 32: expected newer version of sed
I think we'll either need a new function, or dummy arguments to get
this back in.
Change-Id: I2098d4eb2747282622cf486fa7dbf216f932f58b
PKI tokens have been actively deprecated from keystone and there are
deprecations being emitted from keystonemiddleware. Because of this we
no longer need an auth cache directory in the services where the PKI
certifcates used to be stored.
Remove the creation and use of all these AUTH_CACHE directories.
Change-Id: I5680376e70e74882e9fdb87ee1b95d5f40570ad7
Castellan switched the `api_class` config option to `backend` in commit
8980bf7da55dd084ad84c84534fe937f0d43b9c0. The old setting will still be
recognized for now, but we should switch to using the new, correct config
option.
Change-Id: I5e46c738531d5d56777e91a00f4cee9531356f2e
This was previously set to thin as the default, but at the time
there were failures seen with what appeared to be race conditions
when creating snapshots.
These failures are not seen locally, and we have a lot of installs
using the default auto by this point with no reports from the field
of seeing this failure. This is to be able to more extensively test
this in the gate, and hopefully get this switched over to be able
to thinly provision by default when possible.
Change-Id: I3e99adadd1c37ba8b24b6cb71a8969ffc93f75a1
Related-bug: #1642111
Various services are returning broken links when running behind
tls-proxy. These issues can be fixed by setting the X-Forwarded-Proto
header in the apache config and letting oslo_middleware parse it.
Change-Id: Ibe5dbdc4644ec812f0435f59319666fc336c195a
Partial-Bug: 1713731
Code in grenade and elsewhere rely on the process/service name
when one runs "ps auxw" and they grep for example "grep -e glance-api"
to check if the service is running. with uwsgi, let us make sure
we use process name prefix so it is easier to spot the services
and be compatible with code elsewhere that relies on this.
Change-Id: I4d1cd223ed9904fcb19b26fc9362b676e0b4f9b3
Per the Pike goal, switching the Cinder API control plane to
use WSGI in Apache.
Co-Authored-By: Ivan Kolodyazhny <e0ne@e0ne.info>
Depends-On: Ie8a0eeab1bf31887d6f37cf155b2d161ddfb172d
Depends-On: I14b68f36e7fcc5341bbdbcf165274d9d50f7dd04
Change-Id: I8cef6c98f9242cc38d66de0ac499490e2a237887
We are trying to keep better track of what pieces of devstack consume
the most time. Add the db sync commands to the time tracking as they run
the database migrations which can take more time than expected.
Change-Id: Ib92f2b8304ccf703712d45fd7207444de3599e2d
The old implementation for is_$service_enabled simply checked if any of
the subservices were enabled and if so the service was considered to be
enabled. This makes disabling services complicated as it means you have
to list every single subservice which can and do change over time.
Instead also check if the generic service name is in the disabled
services list and if so don't treat the service as enabled.
Change-Id: I7fe4dfca2cd9c15069d50a04161a29c5638291cb
volume_clear is currently set in the DEFAULT section,
but this is a backend specific setting, and therefore
needs to be set in the backend config section.
Change-Id: Ifa3a659bb4768b8915a0f23e7f14b0f3348d93d2
Previously we didn't block out the c-api startup code because the
devstack functions to start services check that for us. However, since
the cinder devstack code checks the service is up and runs the tls proxy
if tls is enabled we need to block it all off to avoid doing those
things if c-api is disabled.
Change-Id: I1c4f22f785af96caaf4baa21ff28714b9afd3458
