Before the patch, we were only configuring root_helper_daemon to point
to oslo.rootwrap, but not root_helper. (The former is used for long
running commands only, while the latter is used for short lived
commands.) This made neutron agents to directly call to sudo when a
privileged process was to be executed. This failed because /etc/sudoers
was not configured to allow anything except the rootwrap call itself.
This patch simplifies rootwrap handling in the code; it also sets
root_helper to point to rootwrap; as well as configure daemon in
sudoers. While at it, we also set l2 agent to use rootwrap too.
Hopefully, it will be enough for agents to actually configure backend as
needed.
Change-Id: Ib05a6e0e024f534d7f616d41d70fb67ecf6daeaf
The oslo.messaging docs on the notification messaging driver
says that "messaging" (1.0) is a legacy format and you should
use messagingv2 unless otherwise required for that old format.
By default we should be testing with messagingv2.
Change-Id: I3031afe7551a0c8dde46e1ccfacff445fb68e122
Change ac5fdb4c4090efd682cc5c55aa30ec433da29fc7 introduced
a problem for gnocchi CI because the deployments steps
are now:
1. create cell0
2. start nova-api (with multiple workers)
3. install ceilometer via extras
4. ceilometer calls nova-api to list servers; at this point
nova-api getes the list of cells and caches them, which
will just be cell0
5. create cell1 via simple_cell_setup which also discovers
the n-cpu node so we can schedule instances
6. gnocchi tests create and list instances and at this point it hits
an n-api worker that only has cell0 cached so it does not
find some test servers it created and fails.
The cell0 and cell1 cells should be created in the nova_api db
before starting n-api so that when we first list instances, we
store both cells in the cache that's in n-api. This deployment
order is also how the nova docs describe rolling out cells v2
but the way we were doing this devstack wasn't following that,
or accounting for when devstack plugins are loaded via extras.
This change creates the main cell1 cell earlier in the setup
before n-api is started, and then changes to just run
discover_hosts at the end after n-cpu is running (which is what
simple_cell_setup and map_cell_and_hosts would do implicitly).
Change-Id: I38eab6707340253a10159a169ae61d34784c2d28
Related-Bug: #1669473
This simplifies neutron library code and makes it less prone to breakage
in the future. So far there are no specific known issues with existing
code per se, it works, still.
Change-Id: I28f1997d226baae902dae5ca8ee6cd4fd89efe31
Since https://review.openstack.org/#/c/438325 landed
it only works for Centos 7, but not for other
RHEL-based distributions: Virtuozzo and, probably, RHEV.
Both of above have own version for qemu-kvm package: qemu-kvm-vz and qemu-kvm-rhev,
accordingly. These packages provide "qemu-kvm", like qemu-kvm-ev,
and, when you call "yum install qemu-kvm", they replace the default OS package.
Change-Id: I46da627c0da8925064862fdc283db81591979285
This patch enabled the "allow_global_implied_dsr_disabled" feature
flag. This is a feature flag toggle for bug 1590578 which is fixed
in Newton and Ocata. This option can be removed after Mitaka is
end of life.
Change-Id: I70e3ce79ee6d9b00cc48bb178bd423d0196f6588
Related-Bug: #1590578
Because things like nova may need to create vhosts in the rpc backend,
we need to have started and created credentials before we configure
the service.
Change-Id: I01c9c5288e197fc50a8a4a032e3a32cd166eb180
openvz is not in the nova tree, and is referencing a crazy old image,
we're going to assume that if anyone is using this they can build a
devstack plugin.
drop doing anything by default because this actually requires that we
special case things like ironic in tree to *not* do anything by
default.
Change-Id: I9d33b98263c3d52a95b9983e90eb0b341fa1d363
Add python-openstackclient to the list of packages installed under
Python 3 by default, so that jobs running with Python 3 exercise the
client that way.
Change-Id: I9778a6810bb3e4850132cfc19e583d50fed23ef5
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
DHCP agent should not load core plugin config file; L3 agent has no
interest in metadata agent configuration file; etc. It's a mistake to
form a single global list of configuration files and pass it into all
processes. Every process should have its own list, that may or may not
have some files in common with other processes.
The only file that is common to all neutron processes is neutron.conf,
and we could in theory keep it into the common list. But I decided at
this point it's better to be explicit about what's loaded into services.
Also the order of arguments is important, and neutron.conf should always
be the first CLI argument, which is hard to achieve by keeping
neutron.conf file in the global list.
Plugins may be interested in loading additional files into neutron
processes. For example, dragonflow needs to load /etc/neutron/dragonflow.ini
into neutron-server. But we should not necessarily load all those files
into all processes, so such extendable lists should be per process.
Besides, neutron_server_config_add_new is already available to use to
append additional configuration files for neutron-server. That's why the
patch completely kills the NEUTRON_CONFIG_ARG variable.
Depends-On: I4bd54a41a45486a5601373f9a9cce74d7686d1aa
Change-Id: Ia3c3862399bba335db5edf9ea70f850fb2638d09
Calling enable_kernel_bridge_firewall inside a
container, devstack will crash because it tries to
load a kernel module by calling 'sudo modprobe' on
net.bridge.
Change-Id: Id4718c065d5a8c507d49f38e19c2796a64221aa4
Closes-Bug: #1662194
For the latest qemu-kvm, you have to use the qemu-kvm-ev package,
which is based off the qemu-kvm-rhev package, which is explained in
[1] but you probably can't read it. The gist is, that qemu-kvm-rhev
is a later build of kvm that is incompatible with the base version
provided. qemu-kvm-rhev is only provided with the RHV (ovirt) and
RHOS (openstack) products. CentOS rebuilds this package as
qemu-kvm-ev as part of it's virtualisation SIG.
I9a972e3fde2e4e552f6fc98350820c07873c3de3 has bumped up the minimum
qemu version to 2.1.0. It seems there is a an issue (bug #1668164)
where having the qemu-system package installed gets picked up if
installed, and reports the incorrect version to nova, causing failure.
This removes the installs from files/rpms/nova as it is all being done
in function-libvirt. We only install the qemu-kvm-ev package on
centos and remove the old work-around.
[1] https://access.redhat.com/solutions/629513
[2] https://wiki.centos.org/SpecialInterestGroup/Virtualization
Change-Id: Ide91b261f35fb19d8bd7155ca016fa3b76a45ea1
Use pip_install_gr so we get the version pinned by requirements. The
depends-on is an example of where we're trying to pin to workaround
issues.
Depends-On: I9c57c08a150571c5bb62235d502839394d53a4c1
Change-Id: I780cca681b12a3e9d228dbf2fd9fa6e8ab1a82e1
The old code assumed _neutron_service_plugin_class_add presence, as well
as used a configuration file path that is not standard (under
/etc/neutron/services/ instead of /etc/neutron/metering_agent.ini).
The patch untangles metering configuration in the new library from that
old and bad code, and reimplements it inline.
This should help the effort to switch gate from lib/neutron-legacy to
lib/neutron.
Change-Id: I0d235498af4b6a70bd5dae6ea178d5aa8ba41e80
The creation of the cellsv1 rpc vhost was buried in the restart function,
which makes it hard to extend. This breaks it out into a helper method
and moves the conditional logic into the nova module itself.
Change-Id: Ib0e377aabe45c27bb6ce59ca275ce73085e8b9d2
