Add support to all Scenarios to work with Fedora and RedHat > 7
Disable SSL as currently there are known issues in services to work with python3 + SSL on Fedora. Also fixed following:- - watcher to work without SSL - Handle source /etc/bashrc for users don't have .bashrc created - Install python3-rbd in Fedora and RedHat > 7 Change-Id: I5b67f40ec3c687f5282c65e10b4a1ee1fe5528f3
This commit is contained in:
parent
22a04c2a10
commit
0c938590d2
|
|
@ -15,14 +15,35 @@
|
|||
#
|
||||
|
||||
if ($::os_package_type == 'debian') {
|
||||
$wsgi_mod_package = 'libapache2-mod-wsgi-py3'
|
||||
$wsgi_mod_lib = 'mod_wsgi.so'
|
||||
}
|
||||
elsif ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
$wsgi_mod_package = 'python3-mod_wsgi'
|
||||
$wsgi_mod_lib = 'mod_wsgi_python3.so'
|
||||
}
|
||||
if ($::os_package_type == 'debian') or ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
include ::apache::params
|
||||
class { '::apache':
|
||||
mod_packages => merge($::apache::params::mod_packages, {
|
||||
'wsgi' => 'libapache2-mod-wsgi-py3',
|
||||
'wsgi' => $wsgi_mod_package,
|
||||
}),
|
||||
mod_libs => merge($::apache::params::mod_libs, {
|
||||
'wsgi' => $wsgi_mod_lib,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
if ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
# FIXME(ykarel) Disable SSL until services are ready to work with SSL + Python3
|
||||
$ssl = false
|
||||
} else {
|
||||
$ssl = true
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
$ipv6 = false
|
||||
|
|
@ -46,12 +67,14 @@ case $::osfamily {
|
|||
|
||||
include ::openstack_integration
|
||||
class { '::openstack_integration::config':
|
||||
ssl => true,
|
||||
ssl => $ssl,
|
||||
ipv6 => $ipv6,
|
||||
rpc_backend => $om_rpc,
|
||||
notify_backend => $om_notify,
|
||||
}
|
||||
include ::openstack_integration::cacert
|
||||
if $ssl {
|
||||
include ::openstack_integration::cacert
|
||||
}
|
||||
include ::openstack_integration::memcached
|
||||
include ::openstack_integration::rabbitmq
|
||||
if ($om_rpc == 'amqp') {
|
||||
|
|
|
|||
|
|
@ -15,14 +15,35 @@
|
|||
#
|
||||
|
||||
if ($::os_package_type == 'debian') {
|
||||
$wsgi_mod_package = 'libapache2-mod-wsgi-py3'
|
||||
$wsgi_mod_lib = 'mod_wsgi.so'
|
||||
}
|
||||
elsif ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
$wsgi_mod_package = 'python3-mod_wsgi'
|
||||
$wsgi_mod_lib = 'mod_wsgi_python3.so'
|
||||
}
|
||||
if ($::os_package_type == 'debian') or ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
include ::apache::params
|
||||
class { '::apache':
|
||||
mod_packages => merge($::apache::params::mod_packages, {
|
||||
'wsgi' => 'libapache2-mod-wsgi-py3',
|
||||
'wsgi' => $wsgi_mod_package,
|
||||
}),
|
||||
mod_libs => merge($::apache::params::mod_libs, {
|
||||
'wsgi' => $wsgi_mod_lib,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
if ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
# FIXME(ykarel) Disable SSL until services are ready to work with SSL + Python3
|
||||
$ssl = false
|
||||
} else {
|
||||
$ssl = true
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
$ipv6 = false
|
||||
|
|
@ -40,10 +61,12 @@ case $::osfamily {
|
|||
|
||||
include ::openstack_integration
|
||||
class { '::openstack_integration::config':
|
||||
ssl => true,
|
||||
ssl => $ssl,
|
||||
ipv6 => $ipv6,
|
||||
}
|
||||
include ::openstack_integration::cacert
|
||||
if $ssl {
|
||||
include ::openstack_integration::cacert
|
||||
}
|
||||
include ::openstack_integration::memcached
|
||||
include ::openstack_integration::rabbitmq
|
||||
include ::openstack_integration::mysql
|
||||
|
|
|
|||
|
|
@ -15,14 +15,35 @@
|
|||
#
|
||||
|
||||
if ($::os_package_type == 'debian') {
|
||||
$wsgi_mod_package = 'libapache2-mod-wsgi-py3'
|
||||
$wsgi_mod_lib = 'mod_wsgi.so'
|
||||
}
|
||||
elsif ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
$wsgi_mod_package = 'python3-mod_wsgi'
|
||||
$wsgi_mod_lib = 'mod_wsgi_python3.so'
|
||||
}
|
||||
if ($::os_package_type == 'debian') or ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
include ::apache::params
|
||||
class { '::apache':
|
||||
mod_packages => merge($::apache::params::mod_packages, {
|
||||
'wsgi' => 'libapache2-mod-wsgi-py3',
|
||||
'wsgi' => $wsgi_mod_package,
|
||||
}),
|
||||
mod_libs => merge($::apache::params::mod_libs, {
|
||||
'wsgi' => $wsgi_mod_lib,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
if ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
# FIXME(ykarel) Disable SSL until services are ready to work with SSL + Python3
|
||||
$ssl = false
|
||||
} else {
|
||||
$ssl = true
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'Debian': {
|
||||
$ipv6 = false
|
||||
|
|
@ -56,10 +77,12 @@ if ($::operatingsystem == 'Ubuntu') and (versioncmp($::operatingsystemmajrelease
|
|||
|
||||
include ::openstack_integration
|
||||
class { '::openstack_integration::config':
|
||||
ssl => true,
|
||||
ssl => $ssl,
|
||||
ipv6 => $ipv6,
|
||||
}
|
||||
include ::openstack_integration::cacert
|
||||
if $ssl {
|
||||
include ::openstack_integration::cacert
|
||||
}
|
||||
include ::openstack_integration::memcached
|
||||
include ::openstack_integration::rabbitmq
|
||||
include ::openstack_integration::mysql
|
||||
|
|
|
|||
|
|
@ -15,14 +15,35 @@
|
|||
#
|
||||
|
||||
if ($::os_package_type == 'debian') {
|
||||
$wsgi_mod_package = 'libapache2-mod-wsgi-py3'
|
||||
$wsgi_mod_lib = 'mod_wsgi.so'
|
||||
}
|
||||
elsif ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
$wsgi_mod_package = 'python3-mod_wsgi'
|
||||
$wsgi_mod_lib = 'mod_wsgi_python3.so'
|
||||
}
|
||||
if ($::os_package_type == 'debian') or ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
include ::apache::params
|
||||
class { '::apache':
|
||||
mod_packages => merge($::apache::params::mod_packages, {
|
||||
'wsgi' => 'libapache2-mod-wsgi-py3',
|
||||
'wsgi' => $wsgi_mod_package,
|
||||
}),
|
||||
mod_libs => merge($::apache::params::mod_libs, {
|
||||
'wsgi' => $wsgi_mod_lib,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
if ($::os['name'] == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
# FIXME(ykarel) Disable SSL until services are ready to work with SSL + Python3
|
||||
$ssl = false
|
||||
} else {
|
||||
$ssl = true
|
||||
}
|
||||
|
||||
if $::operatingsystem == 'Ubuntu' {
|
||||
$ipv6 = false
|
||||
# Watcher packages are not available in Ubuntu repository.
|
||||
|
|
@ -43,11 +64,13 @@ if $::operatingsystem == 'Ubuntu' {
|
|||
|
||||
include ::openstack_integration
|
||||
class { '::openstack_integration::config':
|
||||
ssl => true,
|
||||
ssl => $ssl,
|
||||
ipv6 => $ipv6,
|
||||
}
|
||||
|
||||
include ::openstack_integration::cacert
|
||||
if $ssl {
|
||||
include ::openstack_integration::cacert
|
||||
}
|
||||
include ::openstack_integration::memcached
|
||||
include ::openstack_integration::rabbitmq
|
||||
include ::openstack_integration::mysql
|
||||
|
|
|
|||
11
functions
11
functions
|
|
@ -224,10 +224,13 @@ function catch_selinux_alerts() {
|
|||
if $SUDO grep -iqE 'denied.*system_r:rabbitmq_t' /var/log/audit/audit.log; then
|
||||
echo "non-critical RabbitMQ AVC, ignoring it now."
|
||||
# FIXME(ykarel) catch_selinux_alerts not work with non ssl scenarios(no rabbitmq alert),
|
||||
# currently running scenario-py3 without ssl because glance py3 has issues when
|
||||
# running with eventlet + ssl: https://bugs.launchpad.net/glance/+bug/1769006
|
||||
elif [[ "$SCENARIO" = "scenario-py3" ]]; then
|
||||
echo "non ssl scenario-py3, ignoring it now."
|
||||
# currently running all scenarios without ssl in Fedora, and scenario-py3 in CentOS/Fedora,
|
||||
# because glance,nova,mistral py3 has issues when running with eventlet + ssl:
|
||||
# glance https://bugs.launchpad.net/glance/+bug/1769006
|
||||
# nova https://bugs.launchpad.net/nova/+bug/1808975
|
||||
# mistral https://bugs.launchpad.net/mistral/+bug/1808953
|
||||
elif [ -f /etc/fedora-release -o "$SCENARIO" = "scenario-py3" ]; then
|
||||
echo "non ssl scenario, ignoring it now."
|
||||
else
|
||||
echo "Please file a bug on https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20OpenStack&component=openstack-selinux showing sealert output."
|
||||
exit 1
|
||||
|
|
|
|||
|
|
@ -23,6 +23,17 @@ class openstack_integration::ceph (
|
|||
$ms_bind_ipv6 = undef
|
||||
}
|
||||
|
||||
# FIXME(ykarel) python2-rbd is installed as a indirect dependency for 'ceph' package,
|
||||
# but we need to install python3-rbd in Fedora until 'ceph' package is fixed.
|
||||
if ($::os_package_type == 'debian') or ($::operatingsystem == 'Fedora') or
|
||||
($::os['family'] == 'RedHat' and Integer.new($::os['release']['major']) > 7) {
|
||||
|
||||
ensure_resource('package', 'python3-rbd', {
|
||||
name => 'python3-rbd',
|
||||
ensure => 'present',
|
||||
})
|
||||
}
|
||||
|
||||
class { '::ceph::profile::params':
|
||||
fsid => '7200aea0-2ddd-4a32-aa2a-d49f66ab554c',
|
||||
manage_repo => false, # repo already managed in openstack_integration::repo
|
||||
|
|
|
|||
|
|
@ -24,9 +24,9 @@ class openstack_integration::watcher {
|
|||
# TODO: Support SSL
|
||||
class { '::watcher::keystone::auth':
|
||||
password => 'a_big_secret',
|
||||
public_url => "https://${::openstack_integration::config::ip_for_url}:9322",
|
||||
admin_url => "https://${::openstack_integration::config::ip_for_url}:9322",
|
||||
internal_url => "https://${::openstack_integration::config::ip_for_url}:9322",
|
||||
public_url => "${::openstack_integration::config::base_url}:9322",
|
||||
admin_url => "${::openstack_integration::config::base_url}:9322",
|
||||
internal_url => "${::openstack_integration::config::base_url}:9322",
|
||||
}
|
||||
class {'::watcher::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
|
|
|
|||
|
|
@ -85,6 +85,12 @@ if [ -f ~/.gemrc ]; then
|
|||
cat ~/.gemrc | $SUDO tee /root/.gemrc
|
||||
fi
|
||||
|
||||
# handle umask issue after "pam" new release, this is needed when run_tests.sh
|
||||
# is run remotely via ansible using a user which doesn't have .bashrc file
|
||||
if [ -f /etc/fedora-release -a -f /etc/bashrc ]; then
|
||||
source /etc/bashrc
|
||||
fi
|
||||
|
||||
print_header 'Clone Tempest, plugins & pre-cache CirrOS'
|
||||
# TODO(pabelanger): Move this into tools/install_tempest.sh and add logic so we
|
||||
# can clone tempest outside of the gate. Also, tempest should be sandboxed into
|
||||
|
|
|
|||
Loading…
Reference in New Issue