- scenario001 and 004 will be running without ceph
until ceph repos get available for CentOS8
- scenario003 will run not run with linuxbridge until next CentOS
minor version as it has issues:-
- https://bugzilla.redhat.com/show_bug.cgi?id=1720637
- Add Puppetfile_centos7 to have different puppet modules
as compared to other distros. Currently only puppet-mysql
needs to be kept pinned for centos7 as newere mariadb version
is required to remove the pin, CentOS8 and ubuntu have required
mariadb version so pin is removed. So automatic updates of puppet
modules will not be applied for CentOS7 as those jobs are going to
be removed in coming months.
- check for rdo_dlrn url existence only for RedHat distros.
Change-Id: I98fc088cd87c1412544f9590ce7a925b413297e2
In Puppet 3 there was a need to use absolute
names to prevent issues. Since Puppet 4 everything
is absolute by default which makes this not needed.
We need to change this everywhere so that we can
revert the pin in [1] that now prevents us from
using the latest version of the puppet-lint check
puppet-lint-absolute_classname_check that properly
checks that we dont use absolute names.
[1] https://review.opendev.org/#/c/697742/
Change-Id: I78b74fbeb08be7234189e4d266412fb7fb7a73c0
Removes from upstream Neutron in Train release and will be
removed from puppet-neutron in this [1] commit.
[1] https://review.opendev.org/#/c/658801/
Change-Id: Ica68eacc724dad6207b9f085198f921db0279ef6
This configuration option is used to determine the max exponential
retry which can lead to beaker failures because the ovs agent starts at
the same time as neutron server. We need to force a retry sooner than
waiting 600 seconds for it to try again.
See https://review.openstack.org/#/c/623401/
Depends-On: https://review.openstack.org/#/c/648735/
Change-Id: I7f66c811aa507e76e1b4e087a4a7df5999f4ee50
https://review.openstack.org/#/c/634862/ switched to
fwaas v2, but l3 agent is not able to load fwaas_v2 extension
due to wrong Driver, this patch fixes it.
Change-Id: I4bc71fb66e2760088fba2fefa34794e2e865bb74
Firewall v1 driver was deprecated long ago and
is now removed in [1], let's switch to firewall v2
driver.
[1] https://review.openstack.org/#/c/616410/
Change-Id: I713029a420af82ad31fff09494296715f72ef124
Moves all the <module>::debug parameters
to be set in <module>::logging::debug instead.
This is so that we can remove the deprecated
logging options in the init classes of all the
modules.
Change-Id: I107be315a6e1a0429c32d02b9a1df8a8957bb7ab
Support for nova metadata api via wsgi was added in dependency.
This changes so that we test with running via wsgi.
With nova metadata api running via wsgi it is ssl terminated, also
neutron metadata agent does not support an ipv6 address for the
metadata_host, so we need to configure the neutron metadata agent
to connect via https to the nova metadata api.
Related-Bug: 1781405
Depends-On: Ic65736cb0e95c400a728cd699ecf06c6aecff832
Depends-On: I3d572dda2e90b7e24f2f8912d704462b9332d807
Change-Id: I03f4dcb7f40055d802b114ee305323c95975e4df
Review [1] added support for bgp-dragent. By default btp_router_id is
set to fact ipaddress. This fact can change between different puppet
runs as new network interfaces can be added, for exmple bg-ex, breaking
idempotency.
This patch sets bgp_router_id to 127.0.0.1 as it can be any ipv4
address.
[1] https://review.openstack.org/583222
Change-Id: I67e8085b4f4d507c4d3040a7ee4b5e1b928afdb4
Adds testing for the bgp-dragent that is
shipped by neutron-dynamic-routing in
scenario004.
Depends-On: https://review.openstack.org/#/c/586462/
Change-Id: I8998a1a0f0a8e944cd5f836b3cbe568aa99fcedb
After upstream code has been fixed to work with neutron-api and
neutron-rpc-server, and after this patch has been merged into the Debian
package, we can finally re-activate FWaaS in Debian.
This reverts commit 85a3fa6a0a07692d2e84fea661a2467582787d7f.
Change-Id: Idd94928567677cc46779a8261b436a96a35050e3
Looks like fwaas extensions are making a bunch of functional tests fail
in Debian, probably because of issues in neutron-rpc-server. We disable
it here, at least temporarily, and for Debian only, so that we have a
working tempest run for Debian. This may be reverted later on once a
better solution is found.
Change-Id: I723bb97310dfb2a737ddcdb79caa2a02ef4e211b
To avoid failure, in Debian and Ubuntu, we must set $validate to true.
While this issue happened all the time for me on my laptop, I also saw a
few Ubuntu run where the problem happened.
Depends-On: I8ab8a2c7bb1d93d6fb9d16eabd3a1112b1e1237b
Change-Id: I093b0de94e3f762edb9be71134078d86b0642a07
puppet-neutron switched to www_authenticate_uri in
[1], update puppet-openstack-integration for the same.
[1] https://review.openstack.org/#/c/558983/
Change-Id: I3e929c06a7bab9204c6b4fc85b54cce8ff26da51
Review https://review.openstack.org/#/c/540077/ setting
requires global_physnet_mtu to be set lower than the
underlying network's mtu. So in some cases, For example
vm on ophenstack cloud by default has 1450 as mtu, so
global_physnet_mtu for neutron deployed on these vm should
be set to <= 1450.
Change-Id: Ib305f0ecfd8402dfe16f84eda21928fd2e615280
Review [1] added some tests which requires "qos" and "trunk"
plugins to be enabled, so add it to the neutron plugins_list.
Also add "qos" to extension_drivers.
[1] https://review.openstack.org/#/c/479995/
Change-Id: I64fe3e1853b6e7f0b5755dad191da9a5b04e307e
This patch refactors all creation of RabbitMQ resources such
as users and ACLs to a define called openstack_integration::mq_user.
This will make sure RabbitMQ is automatically installed as well,
as there are times where dependencies to RabbitMQ are added to things
like Keystone which break Beaker tests in other repos (but we don't
know they're broken until the change merges).
In addition, instead of setting up dependencies on the tagged services,
we use the anchors provided which should hopefully test against them
as well.
Change-Id: Ib122ddd105529de5e12389cc9db2e4e09ec4ad54
Introduce configuration parameters to specify the oslo.messaging
rpc or notification backend as one of rabbit, amqp. The default
config is to use rabbit broker for both rpc and notification. Selection
of amqp for rpc will use brokerless qpid-dispatch router.
This patch:
* Adds notification_transport_url parameter across services where needed
* Adds rpc and notification parameters to config
* Adds qdr for rpc amqp1 configuration
* Modifies scenario001 for dual messaging backends
* supports ssl config
Depends-On: Id6ebc4ce8b0ffdb0be92a758dbf89c84c3274725
Change-Id: Ia2a79a2e1482f6f72426bc81c8e6d2a04cb211e3
2017-07-20 14:42:54.791002 | manifests/murano.pp - WARNING: arrow should be on the right operand's line on line 80
2017-07-20 14:42:54.791214 | manifests/neutron.pp - WARNING: arrow should be on the right operand's line on line 58
2017-07-20 14:42:54.791272 | manifests/vitrage.pp - WARNING: arrow should be on the right operand's line on line 41
2017-07-20 14:42:54.791321 | manifests/vitrage.pp - WARNING: arrow should be on the right operand's line on line 49
Change-Id: If27084c1093be0c83a7b776c12a81dcbfc1a7946
This submission will enable L2GW on scenario004
and one of its tempest test.
Change-Id: I87fb7ca3671cf93d6b47ac393e047e1810daf375
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
This submission will enable the BGPVPN API
on scenario004 and one of its tempest test.
Change-Id: I9d7853bedd822a9d182f1c5dcd7db85e7cd59c07
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
Now when set network port_security_enabled to false,
return {"NeutronError": {"message": "Unrecognized attribute(s)
'port_security_enabled'", "type": "HTTPBadRequest", "detail": ""}}
Change-Id: If59d1b25c557eebb8a9b9db24e7bd209373d6720
It was suggested by Nova team to not deploying Nova API in WSGI with
Apache in production.
It's causing some issues that we didn't catch until now (see in the bug
report). Until we figure out what was wrong, let's disable it so we can
move forward in the upgrade process.
Note: we also need to fix orchestration in provision to make sure
Keystone is ready before creating nova flavors, and other resources.
Depends-On: I1688eae1369f6da2c7084dc3864d19708d15c78d
Change-Id: I4a0d999d5290785a416bbb11953fee7a5028a00b
Related-Bug: 1661360
1) enable_v1 and enable_v2 parameters are deprecated and will be
removed in Ocata, so we can remove them.
2) Fix firewall_driver option value.
3) Fix the annotation of driver parameter.
Change-Id: Icb74bac3e56aa92288b4137e0f0f77da75c23f33
The rabbit_host, rabbit_hosts, rabbit_userid, rabbit_password,
rabbit_port and rabbit_virtual_host parameters are being deprecated.
This change updates the p-o-i tests to use the default_transport_url for
the rabbit connection instead.
Change-Id: Icb15ad3b5d75a35afcb685f4ae03c5755031fc3d
Depends-On: I43ac3079da9e52179457ca1a34f4faee60d5617b
Depends-On: Ie63457370ae37ef5af5878b1a97b8bafa80a8189
Depends-On: Ia0c5b5072431bbc186c8b96b7f034e68e9248af3
Depends-On: I43500ac7be4296ea534266fa14ca37fc700b0092
Depends-On: If4dfe8b82518fc4e590731a805ee3115b11f4f47
Depends-On: I00d4782693c1f67b82673624d4d36822c9762303
Depends-On: If83c0f0e61a08061334536399a42767a305966b7
1) neutron: add FIREWALL in service_provider
Add FIREWALL extension in service_provider so we can deploy Neutron
FWaaS extension with Neutron Server.
2) Add neutron l3 agent extension for fwaas.
3) Add agent_version for fwaas.
Depends-On: I780277b7bbf9e14099d0d574c63e31c97a6aa38d
Change-Id: I9f8d09b90f83ba6b328f4fb837eb7dfa51a96778
1) Bump RDO repository to the first consistent Ocata repository.
2) Adding lbaasv2 service plugin into Neutron, required to execute
LBaaS tests.
3) Disabling Designate on RDO, it miss a new Monasca dependency.
Change-Id: Ib1c6144bd248c482f9dfe6d4ef6eab5c1a0a986d
Upstream has just removed lbaasv1 from openstack-lbaas
(https://review.openstack.org/286381). A full fix will involve
removing all lbaasv1 support from puppet-neutron, but while it is
done we should only use lbaasv2 in puppet-openstack-integration
to avoid CI issues.
Change-Id: If63110644d441bb8b088c93aebc02356b158aebd
Update some parameters deprecations:
* neutron tunneling is now activated by default.
* zaqar has new parameters for keystone authtoken.
Change-Id: Ie18c1f5f600d014f61b6474ea7029cf86461e554
Starting from Newton, VMs can be deployed with a metadata server that
runs with SSL enabled.
This patch aims to activate the tests for that, so we'll have a better
coverage of Neutron in SSL & IPv6 environment.
Note: I could not enable SSl for neutron metadata agent, I found this
bug: https://bugs.launchpad.net/neutron/+bug/1514424 and I'm not sure it
actually works.
Change-Id: Ia5b19d22549fc0c891a46cf47a742b35eaec6276
To make sure Neutron can connect to RabbitMQ the first time, manage the
RabbitMQ resources before starting Neutron.
It will avoid some errors when agents try to start and reach RabbitMQ
not ready yet.
Change-Id: Ic675b92be22002f11e17ee328c4dddcf4d7ee831
Scenario001 has been updated to test lbaas v2.
Scenario002 and Scenario003 will do lbaas v1.
Change-Id: I824b3fd18bcf965875c663ce03d2a99a771f13ee
Depends-On: I69b7635984fe74038db2025b89f638def5029849
verbose option is deprecated and should be omitted
external bridge is deprecated and not needed for ml2-ovs
Change-Id: I83239d09fdc492c0f6123cc0eee294acb5726f52
firewall_driver should be explicitly set for both ML2 agents (ovs/lb) for
security groups to work
Change-Id: I7ab0672d6a819d11b2bd1df71724a8ff1e114fab
Depends-on: I9819867251e3c35f252ddbbad1178bff1c585314
This is a first iteration of testing IPv6 deployment.
This patch will deploy scenario002 on centos7 by using IPv6 network.
To make it work on Ubuntu, it will require more work, that will be done
in future iterations. During my testing, I found some bugs and did not
investigate because I wanted a first scenario working on v6.
Same for scenario001 and scenario003, they'll be tested later.
Change-Id: Ib28b379645b5a3d351438e0408a9de62b9f48302
* Deploy Self-Signed Certificates for both IPv6 & IPv4 deployments.
* Disable IPv6 for RabbitMQ now, for SSL reasons, will be enabled again
later in a next iteration.
* Deploy Ironic API under WSGI instead of eventlet.
* Switch Glance API, Ironic API and Keystone to SSL.
* Configure Tempest with SSL endpoints when needed.
* Reduce the Ironic tests because of [1].
[1] https://bugs.launchpad.net/ironic/+bug/1554237
Note #1: puppet-swift, and puppet-cinder will require some work to support SSL, so it's not
implemented in this patch.
Note #2: we don't enable SSL for Neutron because of
https://bugs.launchpad.net/neutron/+bug/1514424
Change-Id: Ib2b5289b6f5e82f43cf60dee3152b2c2ddd5a014
