34 Commits

Author SHA1 Message Date
Ha Van Tu
6e2dcabce2 Fix typo
This patch fixes typo "privledges" by changing it to "privileges".

Change-Id: Id72016eb782b614ee6dcacf8ceb6a0b75b27c6b7
2016-12-20 14:47:50 +07:00
Gregory Haynes
3c5c13c69c Stop depending on tripleo-image-elements
There were only two elements we were using from this repo -
os-svc-install which we werent actually calling anywhere, we only
depended on it needelessly and sysctl. The sysctl element has been moved
in to dib as dib-sysctl so we can now stop depending on
tripleo-image-elements entirely.

Depends-On: If312d199388036d6f4103e94dca99249cb3bcbaf
Depends-On: Ia730850a48e2478fd5461710a9d2619408725cd8
Change-Id: Ie78c4f3ebe506214f0ce7c456fcbbee09d35ba2a
2016-12-15 13:17:18 -06:00
Gregory Haynes
316a13ac48 Add support for diskimage-builder tracing
Dib supports a -x argument to output additional tracing information.
Lets support this in our diskimage-create script.

Change-Id: Ifb9f29250475d53ae8c64deef4be01ef8bd584d4
2016-12-14 09:06:56 -08:00
Bernard Cafarelli
b375cab0dd
Only set default DIB_RELEASE for ubuntu
The variable is used in elements for other distributions (like Fedora),
which then try to download files like:
https://cloud.fedoraproject.org/fedora-xenial.x86_64.qcow2

Change-Id: I1781d10ffb25f9847fb1c4a47c1c042b86e1eafe
2016-11-29 10:28:34 +01:00
Michael Johnson
2db260c95a Adds distribution ID option to diskimage-create.sh
This patch adds a distribution ID option to the diskimage-create.sh
script used to create amphora images.  This will allow octavia
to control the timing of the transition to a new default release.
For Ocata it will default to "xenial".

Change-Id: I435cf9f4723fc9e68f8cb8987c8316b09e6876b6
Closes-Bug: 1642756
2016-11-17 22:13:48 +00:00
Jenkins
10cd3ba781 Merge "Enable EPEL repository for CentOS amphorae" 2016-11-16 21:40:19 +00:00
Bernard Cafarelli
cb4be77c4b
Enable EPEL repository for CentOS amphorae
This is needed to install the package 'jq'

Not needed for other Red Hat variants:
* Fedora has jq in its main repo
*  RHEL has it in OpenStack repos (required to build a RHEL amphora)

Change-Id: I5c1c911c28215410b7f4c984bee8a69f0bee43eb
Closes-Bug: #1640827
2016-11-15 14:40:18 +01:00
zhangdetong
88ceb68d2c diskimage-create check for qemu-kvm-ev/qemu-img-ev for CentOS
Checking packages using "yum list installed qemu-kvm/qemu-img" fails for
Centos,while qemu-kvm-ev and qemu-img-ev are installed using
"RDO CentOS-7 - QEMU EV".

This repository is added by devstack.

I changed the shell script to check [qemu-kvm qemu-img] and [kpartx git]
separately and when [qemu-kvm qemu-img] are not found, check for
qemu-kvm-ev or qemu-img-ev instead of exiting.

Change-Id: I5bd929e5aba76319cc86e0fc97825929e32629c2
Close-Bug: #1637435
2016-11-15 18:57:22 +08:00
gecong1973
fc51b73e98 Fix a typo in README.rst
TrivialFix

Change-Id: Ibddd206f7ea905bcc777942cc9fda052ac5837e7
2016-09-27 17:07:02 +08:00
Michael Johnson
f85e617a84 Terminated HTTPS certs and keys in encrypted ramfs
This patch adds an element that causes the terminated HTTPS
certificates and keys to be stored in an encrypted ramfs path
so they are encrypted at rest.

Change-Id: Id0f80f311d37d5691087e855fb1291011451c851
Closes-Bug: #1627370
2016-09-25 01:42:49 +00:00
Gregory Haynes
579e24b727 Make pyroute2 a requirement of octavia
We currently install this via its own element, but this could be made
more simple / obvious by using the python requirements tooling.

Change-Id: I2a2eed2b8ee481189c1694659ac8100062a25cf2
2016-08-22 17:56:00 +00:00
Bernard Cafarelli
52e32ed8d8 DIB: relax check on pip executable
On a devstack, pip can be installed system-wide but not coming from
system packages. So instead of checking python-pip package installation,
we only check that "which pip" succeeds

Change-Id: If8a1b7b4b7336cab0bef755b90924e03f1497b82
2016-08-18 17:23:00 +02:00
Bernard Cafarelli
e683b78c39 DIB output filename and requirements fixes
Change default output directory to working directory (systemwide script
    would by default try to create images in /usr/bin)
Canonicalize output filename parameter, else relative paths would
    generate images in temporary directory)
Clean devstack plugin to use the -o option again
Fix yum package detection ("yum list" reports success if the package
    exists in enabled repositories)
Add python-pip to the needed packages (for later pip calls)

Change-Id: Iff22a83f4a73e7aa36ee892773c01f13738f7a43
2016-08-11 12:10:43 +02:00
Jenkins
cb9763edfd Merge "Allow to run DIB when installed system-wide" 2016-08-09 06:13:21 +00:00
Jenkins
7f03bbeafe Merge "DIB image tests speedups" 2016-07-22 03:22:08 +00:00
Bernard Cafarelli
3a44e594ef DIB image tests speedups
Change default image size to 2GB (align with devstack value)
Store the virt-inspector output to reuse in virt-inspector calls
Relax the size check to allow for system size change after updates and
differences in base distribution

Change-Id: I9aaaabcbe8a1332e57fd8f9f0649dc8cfc5b9977
2016-07-21 17:33:25 +02:00
Bernard Cafarelli
ed776fd51d Allow to run DIB when installed system-wide
This will allow to package the script and install it system-wide

In that case, the following configuration is expected:
* diskimage-builder installed in default system-wide location
* TripleO elements installed in _prefix_/tripleo-image-elements
* Octavia elements installed in _prefix_/octavia-image-elements
With possible paths for _prefix_: /usr/share or /usr/local/share

These will be used as a fallback, after local checkout directories

Change-Id: I021530b731f7a98043ea205b7014e71b39dbc8e3
2016-07-13 15:25:48 +02:00
Bernard Cafarelli
6e97a37744 Support RHEL base image in DIB
This adds a rhel type and gives some pointers on needed environment
variables for base image, registration, needed subscriptions.

no-resolvconf is also updated to work on rhel-type systems

Depends-On: Icb0e20b01479fea345e01309fc4bf3f7f639900c
Change-Id: Ic452feaf32fe7699ebd072f21dd630a2ac93bb5f
2016-07-12 10:24:37 +02:00
ptoohill1
7edd2aee67 Add VHD support in DIB
Some deployers may require use of VHD format, allow this option.

Change-Id: I0e2599898598fd6636f116357598a12f19b8f99f
2016-03-11 10:31:55 -06:00
Stephen Balukoff
81c73bd1b5 Make SSH bind to management net only
Our present amphora image create scripts set up the ssh daemon on the
amphora to bind to the wildcard interface (which is the default).
However, this causes problems for anyone who tries to set up a listener
on TCP port 22, since haproxy will not be able to bind to the same IP.

This patch introduces a dhclient post-bind script to the amphora image
to gracefully rebind the SSH-daemon to only the load balancer management
net IP when it comes up on the network, solving the above use case. This
patch has the secondary benefit of making the amphora's SSH daemon only
respond to requests on the management network, which incrementally
increases the security of the amphora.

Change-Id: Iab93cec1f4dc4a2e37ad3cb8a92c132383dcda6a
Closes-Bug: #1551505
2016-03-04 13:58:33 -08:00
Adam Harwell
07b8c19638 Reduce devstack build time by properly using pip caches
Change-Id: Icb66f9465dd7a39e79a76e4a5454e6c168f6d8bd
2016-02-21 16:37:49 -06:00
Jenkins
18151112c1 Merge "Fixes Octavia Amphora RHEL based images" 2016-02-08 21:52:08 +00:00
venkatamahesh
206f5738fe Fix misspellings
Change-Id: I675452fcc43e778f74bdf4bf5615c100d72ce8bf
2016-02-04 14:33:44 +00:00
ptoohill1
63111acc90 Fixes Octavia Amphora RHEL based images
A few elements were needed to define specific repositories.

    amphora-agent: Updated and now buids with sysvinit instead
of upstart Octavia requries the use_upstart parameter to be set
to False to work with RHEL systems.
    amphora-agent-ubuntu: original element that supported upstart
    keepalived-octavia: Supports RHEL repositories

Change-Id: I961663d105ad09e7f05c77cb92efaa469f386fdc
Closes-Bug: #1531092
2016-02-03 15:51:48 -06:00
Stephen Balukoff
ea6fb75cda Optimizations for tempest tests
This patch does the following:

* Reduces interval between checks when waiting on
  amphora status in a devstack environment. At the same time we
  increase the number of retries so we are effectively waiting
  the same total time before a timeout error occurs.
* Disables DNS resolution on the amphora image. Amphorae don't
  need to do any DNS resolution anyway since any outbound
  connections are done specifying IP addresses. This means
  that the amphora never waits for DNS timeouts to occur
  when booting and performing other tasks when operating in an
  environment where DNS resolution doesn't work (ie. devstack)

In preliminary tests, the above optimizations seem to shave
about 50-55 seconds off per test. (This is mostly due to the
elimination of DNS timeouts.)

Change-Id: Icc7d8e0ac18a4a18ed9eb0950081ddd198cf4684
2016-02-01 13:36:17 -08:00
minwang
80865ff123 Add backport keepalived
Added keepalived-octavia-ubuntu elements and deleteted vrrp-octavia elements.

Closes-bug: #1481050
Change-Id: I1c55d3f32663087643cf81f1a6e9e3fb7caad8ee
2015-12-04 17:39:35 +00:00
Zhao Lei
585bff3b6a Remove quotes from subshell call in bash script
Always no quotes for $() statement.

We don't need quotes to hold blanks in result:
 # i=$(echo 1 2 3)
 # echo $i
 1 2 3
 #

These quotes can make something wrong in some case:
 # i=$(echo '!')
 #
 # i="$(echo '!')"
 -bash: !: event not found
 #

No real problem for current code, only to use a better code style.

Change-Id: I84c23863e73684f0c22a90e447af69dec4789523
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
2015-09-23 19:00:01 +08:00
Michael Johnson
fcc5dcf6e0 Adds policy based routing for the amphora
1. Creates a new element for pyroute2
2. Adds this element to the amphora image
3. Updates the amphora REST interface to pass additional network information
4. Creates the policy based routes and rules on the amp during plug vip
5. Updates the REST API spec

Change-Id: Ibd622ec302cf78c12ae2bd5d76d012ab619939a6
2015-08-05 17:27:56 +00:00
Sherif Abdelwahab
3ba7505761 Keepalived supporting amphorae image
Added support of keepalived in the amphora image as follows:
1. diskimage-create.sh: append the vrrp-octavia by default.
2. image-test.sh: checks if the image has keepalived installed.
3. 77-vrrp: checkout the right keepalived source code version, compile, and
install binaries.
4. svc-map: clone the keepalived rep.
5. fixed some typos in comments and readme

Change-Id: I483a66590fc343c07ca37bc11c2ad5482594d4cc
2015-07-16 13:00:02 -07:00
Michael Johnson
e6cb590fdd Updates for repo rename stackforge->openstack
Updated files to use openstack instead of stackforge
Updated devstack samples to not point to old references

Change-Id: I501d76173475bb1619006819d971493854fdd15c
2015-06-13 00:20:11 +00:00
German Eichberger
40440b8a0b Implements the haproxy amphora agent api server
- Added configuration
- Added uploading of haproxy config
- Added start, stop, reload (async)
- Added get_details
- Fixed returns of API -- they are now all spec conform
- Added info, get haproxy file
- Added function to get listener status
- Added class to parse haproxy stats socket
- Added methods to handle certs
- Added client cert validation to the sever
- Added script to generate example certs
- Added init script for agent
- Added network and vip plugging
- Added devstack stuff
- Added diskimage scripts; upstart ini file

Change-Id: Ib1db8da9e019e68e9a0f4a16a622b8b1286afd3e
Implements: blueprint amphora-api
2015-06-02 18:13:39 +00:00
Al Miller
4ac7376c2f Add devstack plugin for octavia
Co-Authored-By: Phillip Toohill <phillip.toohill@rackspace.com>

Change-Id: I9f8c87cd39ef59db71fe3a93b09f905f71dd2feb
2015-05-06 15:31:45 -07:00
Michael Johnson
9b47e9a4c5 Updating the disk image builder code
Adds haproxy 1.5.x from ubuntu trusty backports
Adds a git pull for the amphora agent code
Removes check for argparse (internal for python 2.7)
Adds sysctl net.ipv4.ip_nonlocal_bind=1

Change-Id: I7aecf727fb5d9be08982c5a32ae3c6e280ebda14
2015-04-10 21:03:17 +00:00
Michael Johnson
9df9ff9137 Add Amphora base image creation scripts for Octavia
Implements: blueprint base-image

Change-Id: I3e72db6d2f19fe45138758eb0821e27aa1c2542a
2014-12-11 01:31:19 +00:00