54 Commits

Author SHA1 Message Date
Martin André
1f280adebe Cleanup dependencies for nova-base
The python-nova package now pulls the required dependency on
python-oslo-policy:

036149e93f/openstack-nova.spec (L389)

TrivialFix

Change-Id: I472f600710cb743ef6ede01e722a79b1451cf295
2016-02-09 09:23:12 +09:00
SamYaple
2514bcf0c3 Correct issue with virtualenv rootwrap
Because we use rootwrap in a venv we need to update the exec_dirs.
Without doing this *some* commands will break for various reasons that
I won't get into in this review in detail. But this is required for
neutron-l3-agent in a container + drop-root.

Change-Id: I1a09f7188fdd501b7ce251d9f2fb0e5b10222142
Partially-Implements: blueprint drop-root
2016-02-06 06:48:59 +00:00
SamYaple
e7dfd63bfc Create nova-api database
This is a required patch.

Kilo introduced a nova-api database but didn't use it. [1]
Mitaka now uses it and has broken booting instances. [2]

[1] https://wiki.openstack.org/wiki/ReleaseNotes/Kilo#OpenStack_Compute_.28Nova.29
[2] df0fca62cf/releasenotes/notes/request-spec-api-db-b9cc6e0624d563c5.yaml

Change-Id: If0a7f4ba4937fab8d60f5236ca00db06faa768c7
Closes-Bug: #1540579
2016-02-02 21:56:54 +00:00
Jeffrey Zhang
649686584f Remove the machine-id which cause nova-compute raise exception
Change-Id: I3cfb239e6f99e7079b2781b06550fa627fcb8998
Closes-Bug: #1539064
2016-01-29 00:48:40 +08:00
Jenkins
18d536c868 Merge "Ironic ubuntu binary container" 2016-01-22 10:16:53 +00:00
Artur Zarzycki
ef971bff51 Fix permissions to /var/lib/nova/
Due to changes with the drop-root work, we lost the ability to write
to /var/lib/nova/*. This fixes those permissions and ensures cross
container talk works properly between nova_libvirt and nova_compute

Additionally, this fixes another issue introduced which saw that
nova-compute could not run sudo commands as it did not have a proper
sudoers entry

Testing from previous deploys means you need a fresh environment. You
have to remove all of the named volumes that kolla created in docker.
Check these with `docker volume ls`

Signed-off-by: Hui Kang <kangh@us.ibm.com>
Signed-off-by: Artur Zarzycki <azarzycki@mirantis.com>
Co-Authored-By: Sam Yaple <sam@yaple.net>
Co-Authored-By: Hui Kang <kangh@us.ibm.com>
Closes-Bug: #1533350
Change-Id: I7f864c448a2414e0b5d89f48337be411b891df35
2016-01-20 16:58:01 +00:00
Andrey Shestakov
ccc2ad57eb Ironic ubuntu binary container
Change-Id: I94ef03c11657d36261f3ddc63056422f84ec2c6a
Partially-Implements: blueprint binary-ubuntu
2016-01-20 12:14:16 +00:00
Jenkins
d52f5aea68 Merge "Nova ubuntu binary container" 2016-01-07 11:50:19 +00:00
Martin André
4badafc276 Cleanup dependencies for nova-base
Rely on packagers for managing dependencies.

openstack-nova-common now pulls the required packages:

https://github.com/openstack-packages/nova/blob/rpm-master/openstack-nova.spec

TrivialFix

Change-Id: I7f0da95f82221a83ae7bcbfe6f9fd4962db4cc18
2016-01-05 10:21:12 +09:00
Artur Zarzycki
91d3c57fd1 Nova ubuntu binary container
Change-Id: I1bb609dc4d77250c45ffa7e00ea603d24cbcfd6e
Partially-Implements: blueprint binary-ubuntu
2015-12-31 12:22:31 +01:00
Jenkins
ff2d0cd7aa Merge "change libvirt sock group to nova" 2015-12-30 09:02:21 +00:00
Kuo-tung Kao
b54420442e change libvirt sock group to nova
Add `nova` user to nova-libvirt container.
And change libvirt-socket group to nova.

Change-Id: I183c83f4be8b1d7c75d4ac204df7b7e059626aa2
Closes-Bug: #1525583
2015-12-29 15:04:04 +00:00
SamYaple
cda0459ad1 Fix pip install settings
There were some inconsistencies with pip install instructions
thoughout Kolla. We fix those here.

Additionally, we fix the virtualenv to properly use the site-packages
on the host if a library is not available in the venv.

Change-Id: Ib84d48e8826bb96060338b3fa0782620c98794a8
Related-Bug: #1524684
Closes-Bug: #1529434
2015-12-27 03:35:35 +00:00
SamYaple
4457636167 Add missing contraints
There were some missing constraint caps on our pip installs

TrivialFix

Change-Id: I3d0af9556d08a9a0a99248a9992637d08fd3ad01
2015-12-27 02:22:17 +00:00
Andrey Shestakov
c779511511 Add container for nova-compute-ironic
Implements blueprint ironic-compute-container

Change-Id: I110bf3aa94bdfd33038ed39d78bd40ea30b13e57
2015-12-25 17:09:00 +00:00
Martin André
de7293833e Add workaround to fix centos-binary-deploy gate
The RDO nova package is missing a dependency on oslo-policy and this is
breaking our centos-binary-deploy gate. Install the missing package in
nova-base until the issue is fixed upstream.

Change-Id: Iece7edd754c6f173635b0e0c437a998f3b9492d3
Closes-Bug: #1525502
2015-12-12 20:47:10 +09:00
Jenkins
6316279278 Merge "create path, /var/lib/nova, in nova-base" 2015-12-08 15:19:40 +00:00
Kuo-tung Kao
6e1363ba17 create path, /var/lib/nova, in nova-base
Without root privileges, nova process can't create and access the path,
`/var/lib/nova`.
Create the path and change the permission.

Change-Id: I6e5650298041b672bf386c50ccb68a6a80f9de43
Closes-Bug: #1523753
2015-12-08 16:06:05 +08:00
Michal Rostecki
2e67b2790b Run libvirtd as root
Currently we are not creating any non-root user for running
libvirt daemon. That should be done in the future, but currently
when we don't have such a user, libvirtd should be runned by
root.

Change-Id: Ieb0d8bd068b591f522548628b0bfffbe206b749e
Related-Bug: #1523630
2015-12-07 19:46:26 +01:00
Swapnil Kulkarni (coolsvap)
3ef57a9ed6 Drop root for nova
Updates to ensure commands run in the nova containers
are done as the 'nova' user rather than root.

Change-Id: I0dd0276c2848ad77d92d350dfa0f20161329ed55
Partially-Implements: blueprint drop-root
2015-12-03 20:01:41 +05:30
Michal Rostecki
febcb600f1 Source installation in virtualenv
Use virtualenv for installation of OpenStack projects and
dependencies to avoid conflicts with Python libraries installed
by non-OpenStack binary packages.

Change-Id: I21ecd673b2e93335b1d3dd4e279e940c9d694c3c
Implements: blueprint virtualenv
2015-11-27 10:22:17 +01:00
Swapnil Kulkarni (coolsvap)
59a1c8b9fb Remove hardcoded MAINTAINER in Dockerfiles
Added new option in kolla-build.conf

Change-Id: I45fe51966bcb59ea19d112281ba3d5a1ba091a56
Closes-Bug:#1514304
2015-11-23 11:03:47 +00:00
Jenkins
ae202c2fad Merge "Make nova-spice5htmlproxy build on RDO" 2015-11-03 18:29:05 +00:00
Steven Dake
30aa0af69a Make nova-spice5htmlproxy build on RDO
Change-Id: Id031ee7f38a4c023c424e8a8b5d9e1636c4c7563
Closes-Bug: #1512579
Partially-Implements: blueprint nova-proxies
2015-11-03 00:39:40 -05:00
Sam Yaple
0c9d5c4c26 Prevent virbr0 from being created by default
Small change to remove the default network since neutron handles all
of the bridge and veth creation. virbr0 becomes clutter.

CentOS doesn't seem to come with this default.xml network, so no
change there.

Note: This doesn't remove virbr0 from a running system, it only
prevents its creation.

Change-Id: I8e118ea285c674a47884bbe864df134133406bbc
Closes-Bug: #1512060
Potential-Backport: Liberty
2015-11-01 21:27:54 +00:00
Jenkins
ef862427fa Merge "Add nova-spicehtml5proxy console" 2015-10-21 10:01:15 +00:00
Steven Dake
194bb93ff2 Make Ceph install from Source on RPM
Ceph doesnt install from source on RPM because Ceph pulls in
python-requests.  This causes a cpio error during unpacking
because requests is installed in the base image.  A simple
workaround is to remove in the nova-compute container which
is the only container this conflict occurs within.

backport: liberty

Change-Id: I493900854a53c98f1a5cb6478675a18feceefea5
Closes-Bug: #1508236
2015-10-20 19:55:22 -04:00
Sam Yaple
a7d4431928 Add nova-spicehtml5proxy console
Change-Id: I0ca15e00ee52373b84f7021d86a29304526b7436
Partially-Implements: blueprint nova-proxies
2015-10-19 12:09:48 +00:00
Jenkins
0545701d0d Merge "Make Ceph work for RPM based distributions" 2015-10-14 10:58:08 +00:00
Steven Dake
1353538644 Make Ceph work for RPM based distributions
Ceph packages need to be installed in nova, glance, and cinder.
Once that is done, Ceph works like a champ!

Change-Id: I296da1d04d0c1bcb729f22e65e432d53d561b49c
backport: liberty
Closes-Bug: #1505549
2015-10-13 21:48:17 -04:00
Sam Yaple
5f200e0446 Fix issue with su and bad kernels
Long story short, some kernels before 3.15 had an issue with using su
in a container when the network namespace was --net=host. The gate
has a 3.10 and a 3.13 kernel and has a problem with this. This changes
everything to use sudo

backport: liberty
Partially-Implements: blueprint functional-testing-gate
Change-Id: I4d79ccaa1cddffcc8393f64e7e1be2538efe33e5
2015-10-13 15:13:55 +00:00
Sam Yaple
cb4e875ae1 Common start.sh
The majority of the start.sh code is identical. This removes that
duplicate code while still maintaining the ability to call code in a
specific container.

The start.sh is moved into /usr/local/bin/kolla_start in the container

The extend_start.sh script is called by the kolla_start script at the
location /usr/local/bin/kolla_extend_start . It always exists because
we create a noop kolla_extend_start in the base directory. We override
it with extend_start.sh in a specific image should we need to.

Of note, the neutron-agents container is exempt from this new
structure due to it being a fat container.

Additionally, we fix the inconsistent permissions throughout. 644 for
repo files and the scripts are set to 755 via a Docker RUN command to
ensure someones local perm change won't break upstream containers.

Change-Id: I7da8d19965463ad30ee522a71183e3f092e0d6ad
Closes-Bug: #1501295
2015-10-06 03:30:26 +00:00
Steven Dake
655d88e3a1 Make libvirt function on CentOS
Recent regressions in the code base removed permission setting of
/dev/kvm to root:kvm 660 permissions which are default for CentOS's
version of libvirt.

Also Libvirt must be able to read its cnofiguration file, which was
previously 600 root:root.  Now its 644 root:root so its always readable.
This is fine, since this file doesn't contain any secret information.

Change-Id: Id87cf5da8e37bc5bb613ce919d0293803d0fe5ed
Closes-Bug: #1500733
2015-09-29 01:37:35 -07:00
Jenkins
6a622ec82c Merge "Implement a install_type and install_metatype" 2015-09-28 10:49:53 +00:00
Jenkins
aadbbcbee0 Merge "remove set_configs" 2015-09-28 10:34:58 +00:00
Steven Dake
0e99b69de4 Implement a install_type and install_metatype
This prepares for the RHEL OSP implementation by making the build
tool convert all binary-* into an install_type of binary and * into
an install_metatype variable substitution inside the Dockerfiles.
Further binary-* is substituted as install_name to enable proper
building only.

Change-Id: Ib681b29176eb79a3cab12ec824313fdecb6e7a5f
Partially-Implements: blueprint rhel-based-image-support
2015-09-28 03:16:48 -07:00
Sam Yaple
160f1cc011 remove set_configs
Change-Id: I9bb0a1fac63cc326234b0f06b1e56b43e0753279
Partially-Implements: blueprint replace-config-external
2015-09-27 13:44:50 +00:00
Sam Yaple
39aba34b2a Remove all fail sections for Ubuntu
Ubuntu binary is not supported and may never be. Installing from
cloud-archive packaging is only for the current stable distros, Ubuntu
does not have a Delorean type repo. We place a fail message in the
base image to catch this and remove the messages throughout the
project.

An additional fail message is placed to catch all other things.

Change-Id: Id2953f503ebd42226f6a08e75979ae56511c40f7
Implements: blueprint install-from-ubuntu
2015-09-27 08:10:59 +00:00
Sam Yaple
99c7eb1997 Make OpenStack use Ceph
This implements all the openstack pieces needed to make ceph work.

DocImpact
Change-Id: I1d24476a966602cf955e5ef872b0efb01319894a
Partially-Implements: blueprint ceph-container
Implements: blueprint kolla-live-migration
2015-09-25 20:11:18 +00:00
Sam Yaple
a1b0518b9a Fix removal of config-external
I removed the files but not the COPY commands thus breaking all of
Kolla

Change-Id: I37d3e0cb94a1ecc12971f485f953310ba8fee53c
Partially-Implements: blueprint replace-config-external
2015-09-25 20:08:40 +00:00
Sam Yaple
e2e0fd288f Remove config-external.sh
Removes config-external for all services that have been replaced in
Ansible

Change-Id: I839a14418638b977fbc1d02ba6839811b0f909ea
Partially-Implements: blueprint replace-config-external
2015-09-25 13:00:55 +00:00
rthallisey
aebb16fff9 Replace config-external with a JSON file for Nova
Change-Id: I38c545484a7b1f3906d844eb3a7486e11c4b276a
Partially-Implements: blueprint replace-config-external
2015-09-23 19:33:27 +00:00
Vladislav Belogrudov
13d4df321a Source type nova-compute and neutron-agents - no ovs-vsctl
When booting a vm with centos-source nova-compute and
some of neutron-agents fails to find ovs-vsctl binary

Change-Id: If1e7b6513babd5623666f01c68815ea8d0a05428
Closes-Bug: #1495470
2015-09-14 17:58:59 +03:00
Steven Dake
8080ba0e40 Make novncproxy work on from source installs
The symlink was wrong.

Change-Id: I9bb7978c7b5460484528af2a740a95e1d6411901
Closes-Bug: #1495158
2015-09-13 01:11:39 -07:00
Vladislav Belogrudov
c619bdf911 Source type nova compute container misses qemu-img on VM boot
nova-compute requires qemu-img for various image operations

Change-Id: I295f789565ba326d4023905459413df6c60aeb39
Closes-Bug: #1494273
2015-09-10 14:56:16 +03:00
Steven Dake
6992049323 Add 'rhel' for RPM distros
Add 'rhel' to list for RPM based distros.  Also sort the distro
list for rpm packages for affected lines.

Change-Id: Ied4cb3e9763d6c6359f314d16185383ac3e006ed
Partially-Implements: blueprint rhel-based-image-support
2015-09-04 03:12:15 -07:00
Jenkins
91bc4b094c Merge "Allow arbitrary source archive name to be imported into Dockerfile" 2015-09-04 06:24:28 +00:00
Vladislav Belogrudov
c22cf33268 Allow arbitrary source archive name to be imported into Dockerfile
Currently we cannot import source archives with names different
than expected by hardcoded line in Dockerfiles. This worked well
for Openstack services' tarballs where we expected SERVICE-* root
folder after extraction or kanaka-noVNC for nova-novncproxy docker.
The latter fails if one tries to clone or get tarball under other
names. This fix allows any archive (tar,tgz,zip) or repo name to be
imported into dockerfile.

Change-Id: I869a6a19afaf0e93925572746c22b7589b6600c9
Closes-Bug: #1491415
2015-09-03 16:49:50 +03:00
Sam Yaple
9d3f3f28e2 Create openstack-base container
This creates and moves the dependencies for Ubuntu into a common
openstack-base container. This commit shows dramatically smaller
sizes for all non-openstack containers. The Openstack container remain
the same size.

Change-Id: I2f46420d4b9edcfddda374caddcce906fc708f6c
Partially-Implements: blueprint openstack-common-container
2015-09-03 10:37:45 +00:00
Vladislav Belogrudov
f24e80d7e6 Source based builds should get novnc from tarball (git/url)
Source based centos, fedora and oraclelinux install novnc via
rdo repository while ubuntu and debian get novnc from github.
oraclelinux source build cannot use rdo, also using novnc tarballs
can be expanded to all distros.

Change-Id: I236dd5c36380e0592fceae4f4e1c28fe97dec1e7
Closes-Bug: #1490893
2015-09-02 11:38:21 +03:00