There were only two elements we were using from this repo -
os-svc-install which we werent actually calling anywhere, we only
depended on it needelessly and sysctl. The sysctl element has been moved
in to dib as dib-sysctl so we can now stop depending on
tripleo-image-elements entirely.
Depends-On: If312d199388036d6f4103e94dca99249cb3bcbaf
Depends-On: Ia730850a48e2478fd5461710a9d2619408725cd8
Change-Id: Ie78c4f3ebe506214f0ce7c456fcbbee09d35ba2a
Dib supports a -x argument to output additional tracing information.
Lets support this in our diskimage-create script.
Change-Id: Ifb9f29250475d53ae8c64deef4be01ef8bd584d4
This patch adds a distribution ID option to the diskimage-create.sh
script used to create amphora images. This will allow octavia
to control the timing of the transition to a new default release.
For Ocata it will default to "xenial".
Change-Id: I435cf9f4723fc9e68f8cb8987c8316b09e6876b6
Closes-Bug: 1642756
This is needed to install the package 'jq'
Not needed for other Red Hat variants:
* Fedora has jq in its main repo
* RHEL has it in OpenStack repos (required to build a RHEL amphora)
Change-Id: I5c1c911c28215410b7f4c984bee8a69f0bee43eb
Closes-Bug: #1640827
Checking packages using "yum list installed qemu-kvm/qemu-img" fails for
Centos,while qemu-kvm-ev and qemu-img-ev are installed using
"RDO CentOS-7 - QEMU EV".
This repository is added by devstack.
I changed the shell script to check [qemu-kvm qemu-img] and [kpartx git]
separately and when [qemu-kvm qemu-img] are not found, check for
qemu-kvm-ev or qemu-img-ev instead of exiting.
Change-Id: I5bd929e5aba76319cc86e0fc97825929e32629c2
Close-Bug: #1637435
This patch adds an element that causes the terminated HTTPS
certificates and keys to be stored in an encrypted ramfs path
so they are encrypted at rest.
Change-Id: Id0f80f311d37d5691087e855fb1291011451c851
Closes-Bug: #1627370
We currently install this via its own element, but this could be made
more simple / obvious by using the python requirements tooling.
Change-Id: I2a2eed2b8ee481189c1694659ac8100062a25cf2
On a devstack, pip can be installed system-wide but not coming from
system packages. So instead of checking python-pip package installation,
we only check that "which pip" succeeds
Change-Id: If8a1b7b4b7336cab0bef755b90924e03f1497b82
Change default output directory to working directory (systemwide script
would by default try to create images in /usr/bin)
Canonicalize output filename parameter, else relative paths would
generate images in temporary directory)
Clean devstack plugin to use the -o option again
Fix yum package detection ("yum list" reports success if the package
exists in enabled repositories)
Add python-pip to the needed packages (for later pip calls)
Change-Id: Iff22a83f4a73e7aa36ee892773c01f13738f7a43
Change default image size to 2GB (align with devstack value)
Store the virt-inspector output to reuse in virt-inspector calls
Relax the size check to allow for system size change after updates and
differences in base distribution
Change-Id: I9aaaabcbe8a1332e57fd8f9f0649dc8cfc5b9977
This will allow to package the script and install it system-wide
In that case, the following configuration is expected:
* diskimage-builder installed in default system-wide location
* TripleO elements installed in _prefix_/tripleo-image-elements
* Octavia elements installed in _prefix_/octavia-image-elements
With possible paths for _prefix_: /usr/share or /usr/local/share
These will be used as a fallback, after local checkout directories
Change-Id: I021530b731f7a98043ea205b7014e71b39dbc8e3
This adds a rhel type and gives some pointers on needed environment
variables for base image, registration, needed subscriptions.
no-resolvconf is also updated to work on rhel-type systems
Depends-On: Icb0e20b01479fea345e01309fc4bf3f7f639900c
Change-Id: Ic452feaf32fe7699ebd072f21dd630a2ac93bb5f
Our present amphora image create scripts set up the ssh daemon on the
amphora to bind to the wildcard interface (which is the default).
However, this causes problems for anyone who tries to set up a listener
on TCP port 22, since haproxy will not be able to bind to the same IP.
This patch introduces a dhclient post-bind script to the amphora image
to gracefully rebind the SSH-daemon to only the load balancer management
net IP when it comes up on the network, solving the above use case. This
patch has the secondary benefit of making the amphora's SSH daemon only
respond to requests on the management network, which incrementally
increases the security of the amphora.
Change-Id: Iab93cec1f4dc4a2e37ad3cb8a92c132383dcda6a
Closes-Bug: #1551505
A few elements were needed to define specific repositories.
amphora-agent: Updated and now buids with sysvinit instead
of upstart Octavia requries the use_upstart parameter to be set
to False to work with RHEL systems.
amphora-agent-ubuntu: original element that supported upstart
keepalived-octavia: Supports RHEL repositories
Change-Id: I961663d105ad09e7f05c77cb92efaa469f386fdc
Closes-Bug: #1531092
This patch does the following:
* Reduces interval between checks when waiting on
amphora status in a devstack environment. At the same time we
increase the number of retries so we are effectively waiting
the same total time before a timeout error occurs.
* Disables DNS resolution on the amphora image. Amphorae don't
need to do any DNS resolution anyway since any outbound
connections are done specifying IP addresses. This means
that the amphora never waits for DNS timeouts to occur
when booting and performing other tasks when operating in an
environment where DNS resolution doesn't work (ie. devstack)
In preliminary tests, the above optimizations seem to shave
about 50-55 seconds off per test. (This is mostly due to the
elimination of DNS timeouts.)
Change-Id: Icc7d8e0ac18a4a18ed9eb0950081ddd198cf4684
Always no quotes for $() statement.
We don't need quotes to hold blanks in result:
# i=$(echo 1 2 3)
# echo $i
1 2 3
#
These quotes can make something wrong in some case:
# i=$(echo '!')
#
# i="$(echo '!')"
-bash: !: event not found
#
No real problem for current code, only to use a better code style.
Change-Id: I84c23863e73684f0c22a90e447af69dec4789523
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
1. Creates a new element for pyroute2
2. Adds this element to the amphora image
3. Updates the amphora REST interface to pass additional network information
4. Creates the policy based routes and rules on the amp during plug vip
5. Updates the REST API spec
Change-Id: Ibd622ec302cf78c12ae2bd5d76d012ab619939a6
Added support of keepalived in the amphora image as follows:
1. diskimage-create.sh: append the vrrp-octavia by default.
2. image-test.sh: checks if the image has keepalived installed.
3. 77-vrrp: checkout the right keepalived source code version, compile, and
install binaries.
4. svc-map: clone the keepalived rep.
5. fixed some typos in comments and readme
Change-Id: I483a66590fc343c07ca37bc11c2ad5482594d4cc
Updated files to use openstack instead of stackforge
Updated devstack samples to not point to old references
Change-Id: I501d76173475bb1619006819d971493854fdd15c
- Added configuration
- Added uploading of haproxy config
- Added start, stop, reload (async)
- Added get_details
- Fixed returns of API -- they are now all spec conform
- Added info, get haproxy file
- Added function to get listener status
- Added class to parse haproxy stats socket
- Added methods to handle certs
- Added client cert validation to the sever
- Added script to generate example certs
- Added init script for agent
- Added network and vip plugging
- Added devstack stuff
- Added diskimage scripts; upstart ini file
Change-Id: Ib1db8da9e019e68e9a0f4a16a622b8b1286afd3e
Implements: blueprint amphora-api
Adds haproxy 1.5.x from ubuntu trusty backports
Adds a git pull for the amphora agent code
Removes check for argparse (internal for python 2.7)
Adds sysctl net.ipv4.ip_nonlocal_bind=1
Change-Id: I7aecf727fb5d9be08982c5a32ae3c6e280ebda14