This patch enables SSL by default on scenario003 for both Ubuntu &
CentOS7, like it's done for scenario001 and 002.
Note: we don't enable SSL for Sahara because of:
https://bugs.launchpad.net/sahara/+bug/1565082
Change-Id: I7e25b8acaeda2fc51a1a83b3a3aae0c89f332323
This patch enables SSL by default on scenario001 for both Ubuntu &
CentOS7, like it's done for scenario002.
Change-Id: If7a6ae3825052420ac76b5c8899ce68f003cb903
Until Mitaka is out in RDO, let's bump our CI to current-passed-ci repo,
that is the latest Mitaka packaging, validated by RDO CI.
This patch will be backported to stable/mitaka.
This patch will be modified once Mitaka is out to use official repos in
CentOS and backported.
Change-Id: I0baad8c0329aa8c7762993e7ee640b19eba25798
This commit dynamically discovers the path to the puppet exucatable so
we can leverage it when using sudo.
This is to work around that the puppet application lives in a location
outside sudo's "secure_path."
Change-Id: Ie54cdf90a8e21ea0de4df1eca31048db1ffb884b
This is a first iteration of testing IPv6 deployment.
This patch will deploy scenario002 on centos7 by using IPv6 network.
To make it work on Ubuntu, it will require more work, that will be done
in future iterations. During my testing, I found some bugs and did not
investigate because I wanted a first scenario working on v6.
Same for scenario001 and scenario003, they'll be tested later.
Change-Id: Ib28b379645b5a3d351438e0408a9de62b9f48302
This commit just exports PATH when testing against Puppet 4.
Tests pass without this in some environments but is dependent on sudo
configurations, to get tests passing in OpenStack Infra, this is
required.
Change-Id: I04b486fb398aaad1a3333477995ec00a76b9da0b
https://review.openstack.org/#/c/288244/ has been merged so RabbitMQ
should not steal Keystone UID / GID anymore.
Change-Id: Iebc6ec2a9a3a3a7adb3949d9a91992056422356f
Those small typos and non-idiom can lead to unexpected behavior, better
fix them now.
Change-Id: I218ba0f3bba832d0929fb52c21f7e66774da494e
Closes-Bug: #1561539
We need to export PUPPET_BASE_PATH otherwise beaker & unit CI jobs will
fail to copy modules in the right path:
mv /modules/openstack-integration /modules/openstack_integration
Change-Id: I1c99de3f99367fb7677977fee4c5cf08afda5977
This commit puts in place the ability to run
puppet-openstack-integation against Pupept 4 by making release files
and paths dynamic based off an environment variable, PUPPET_VERSION.
Configurability is required because of the way Puppet 4 is installed,
as an all-in-one package known as "PC1" or "puppet-agent" which
includes Ruby, Facter 3, and other dependencies.
Change-Id: Id3af52f4938378a5a620765321cecd547e079660
Sahara is broken in Ubuntu / Mitaka:
ConfigParser.NoSectionError: No section: 'alembic'
While Debian is fixing it and Ubuntu is synced, we need to disable
Sahara on Ubuntu so our CI keeps rolling.
Change-Id: Iea74763c25bc52fc7637d201f614f5cbea22f459
* Deploy Self-Signed Certificates for both IPv6 & IPv4 deployments.
* Disable IPv6 for RabbitMQ now, for SSL reasons, will be enabled again
later in a next iteration.
* Deploy Ironic API under WSGI instead of eventlet.
* Switch Glance API, Ironic API and Keystone to SSL.
* Configure Tempest with SSL endpoints when needed.
* Reduce the Ironic tests because of [1].
[1] https://bugs.launchpad.net/ironic/+bug/1554237
Note #1: puppet-swift, and puppet-cinder will require some work to support SSL, so it's not
implemented in this patch.
Note #2: we don't enable SSL for Neutron because of
https://bugs.launchpad.net/neutron/+bug/1514424
Change-Id: Ib2b5289b6f5e82f43cf60dee3152b2c2ddd5a014
RDO created centos7-mitaka repo so this patch moves away from trunk to
avoid installing Newton.
It also update the URL to be the latest produced by Delorean.
Change-Id: I752983138c37704bd6d0902658fdf21ce6ed2e40
EPEL is quite often down and causes CI failures.
This patch disables EPEL management on our integration & beaker jobs.
Change-Id: I7ecf1b43d8db94001fbb3a0e6841c3cb84836ccb
The current provision template creates an ovs bridge, but no port
is added to it, so the vs_port part of puppet-vswitch is not
exercised. Creating a dummy device and adding it to the bridge helps
testing that part.
Depends-On: I5878448a1616e127c3b39c5f1c446fea151ba202
Change-Id: Id5d41502c0c88799f55bcbc5db3c080c035d3a6e
Move Nova API under WSGI process with Apache.
So later, we'll be able to easily enable SSL for Nova API.
Depends-On: I3a7c6af2d81da28e41ee278f11937364536efd9e
Change-Id: I1bd2ad0510090dbcebd046fe188f51369d0e260a
