Commit Graph

209 Commits (214f0e8d5ba24996193739a8ad1ce7268884a4b2)

Author SHA1 Message Date
Zuul 214f0e8d5b Merge "Test fixes and tweaks" 2020-04-03 16:14:41 +00:00
Pete Vander Giessen f6c44fb77a Test fixes and tweaks
Fixed issue where tests/ was ignorning DISTRO env

Added SNAP_FILE env variable, which allows tests to be run on an
abitrary .snap file. For example, one fetch with `snap download`.

Change-Id: Ie6cce841e00d6d56d0525d0a81c4faad3c54e8e8
2020-04-02 18:11:56 +00:00
Pete Vander Giessen c123af21d3 Strict confinement related fixes
(Not complete strict confinement, but these don't break anything
devmode related, and get us closer to having strict confinement

Added more needed interfaces to snapcraft.yaml.

Created a wrapper around dnsmasq so that we can run as the snap_daemon
user. Added snap_daemon user to snapcraft.yaml.

Added a utility script for connecting interfaces that don't auto
connect (tools/ Not useful for production, but saves a lot
of time when testing.

libvirt no longer uses unix sock group "sudo" (can't run setguid in
strict confinement).

Got rid of "find_missing_plugins" in init script. By the time we
release strict confinement to production, all those plugins will auto

Change-Id: I8324ac7bd0332c41cac17703eb15d7301e7babf3
2020-04-02 17:31:54 +00:00
Pete Vander Giessen 2a0f9c609a Fix pyScss incompatibility w/ latest setuptools
pyScss, which is a build dependency for horizon, currently relies on
the depcrecated Feature class of setuptools. The latest update to
setuptools removed the class entirely, breaking pyScss.

For now, we point to a fork of pyScss 1.3.4, which removes the
reference to the Feature class. In the near future, the upstream
OpenStack project will probably release a better fix; this gets us
unblocked for now.

We point to our custom pyScss by downloading and patching the stein
upper-constraints in our patch app. This is nicer than keeping a local
version of the file in our repo, as we'll automatically get updates,
and our patch will become a no-op when it is no longer needed.

Change-Id: I664ce6402f69d24fa9730c99315cbf65859b0aa3
Closes-bug: 1867360
2020-03-18 20:56:15 +00:00
Pete Vander Giessen 7ab27c6d09 Move back to using upstream upper-constraints
neutron has been added to the upper constraints file, which means we
can't install it from a tarball (pip gets upset when you try to
install from source while also attempting to specify a version in your
constraints). This commit replaces the reference to the tarball in the
openstack-projects part w/ a reference to neutron from pip.

We still install other OpenStack packages in the part from tarballs,
as the versions of those packages are not locked down in the

Change-Id: Id73fbc927c0b56ae6242f2abcaed7b6208f69a9e
2020-03-06 08:19:42 +00:00
Pete Vander Giessen 5611bc9759 Strict confinement (devmode)
Make MicroStack strictly confined, albeit in devmode for now.

Addresses unpredictable breakages with apt package upgrades in eoan
and focal, and sets the stage for a better isolated, less fragile snap
going forward.

We now use layouts to handle libvirt and qemu setting paths at compile
time. This is cleaner than the organize hack.

Moved away from calls to systemctl in init, as a strictly confined
snap cannot call systemctl on a non snappy system.

Disabled call to sysctl to set ipv4_fowarding, as we don't have access
to sysctl in a strictly confined snap. This may break some users, and
we need to figure out a way to address the breakage.

Got rid of routine, moving rabbitmq setup into a
bash script instead (it's just cleaner).

Moved keypair creation into launch script, as it's difficult to do
sensible things with keypair creation in the init script, which is
running using sudo, and therefore doesn't have access to

Added (but commented out) code that will check to verify that plugs
are connected before running microstack.init or ovs-vsctl. This code
may go away entirely, as we plan on auto connecting all of our
interfaces, and don't technically need to guard against not having
them connected.

Added temporary local upper-constraints file, to fix an issue where
upstream upper-constraints was breaking pip install by setting a
neutron version. This needs a better long term fix, but works for now.

Closes-bug: 1860660
Change-Id: Iaf1f1482609f05285ed9061317b32e90bffd2da0
2020-03-05 09:31:15 +00:00
Pete Vander Giessen d262cbed49 Revert "Initial DPDK support"
This reverts commit ce5e82e319.

MicroStack cannot currently install due to a missing ovs-related
library. This is possibly due to recent changes in spacraft, or
possibly due to the workarounds for those changes. Regardless, it
appears that backing out the DPDK changes gets us back to a state
where we can install.

Partial-Bug: 1862911
Change-Id: I060c1a0095470639f9158cb9e9ebe8281a65a678
2020-02-12 20:10:59 +00:00
Nikolay Vinogradov 9019ad3529 Added Filebeat, NRPE and Telegraf to Microstack
- Snapped binary packages of Filebeat, NRPE and Telegraf (disabled by default)
- Added W/A of Telegraf segfault after ELF patching by snapcraft
- Implemented IPMI input tuning for Telegraf
- Allowed to run NRPE as root:root (from custom PPA)
- Implemented Filebeat, NRPE and Telegraf control scripts and config on top of snap-overlay
- Added support for checking Microstack systemd services by NRPE
- Added few generic and Microstack-specific NRPE checks
- Added possibility to override default config paths for the daemons
- Added support for in-band IPMI input to Telegraf
- Stick LMA wrappers and services naming to Microstack conventions
- Increase build timeout in .zuul conf by 30min

Change-Id: I68dbdb11248cf0c1e22e9333af3cf0f88954f557
2020-02-11 14:33:26 +00:00
Zuul be4e35ab29 Merge "Initial DPDK support" 2020-02-11 01:43:32 +00:00
Pete Vander Giessen 0b1e97fffb Got rid of passthrough properties
We are now building with a version of snapcraft and snapd that doesn't
need the passthrough property for "after" commands in a daemon. We can
get rid of the properties, which will allow us to upload to the snap
store automatically, as a bonus.

Change-Id: I6defdac64f7b61a2894f3d6417597f7d03bc61d4
2020-01-30 17:20:59 +00:00
Pete Vander Giessen 725e299308 Fixes for snapcraft 3.9.x
Added build-environment to qemu (works around issue where patchelf was
not finding libs).

Added hack to force wrapping of all non bash apps, to work around
snapd issue with multiple instances of PATH in the snap environment.

Also snuck in fix for horizon build. Horizon is specified in upstream
constraints now, which means that our build fails if we try to build
it from source in the same part that looks at the constriants file.

Misc fixes to make the tests nicer.

Change-Id: I50c88878c4f9dbb07006cab899a717e334be07d0
2020-01-29 14:49:03 +00:00
Zuul 21d99e8dc2 Merge "Added microstack.remove command" 2019-12-18 11:00:11 +00:00
Zuul 500b328495 Merge "Fixed launch output." 2019-12-17 17:17:36 +00:00
Pete Vander Giessen a89f5574c3 Added microstack.remove command
Running microstack.remove will remove the br-ex virtual bridge device,
then uninstall MicroStack.

We do this because we can't use ovs-ctl to remove the bridge as part
of a remove hook, as the Open vSwitch daemons are not running at that
point. The microstack.remove command gives operators a way to cleanly
uninstall the snap, without needing to reboot to get rid of br-ex.

Added test exercising the code to

Rerranged entry points a bit (moved some things into to make
code sharing easier, and to prevent a proliferation of entry point
scripts in our root dir.

Change-Id: I9ff25864cd96ada3a9b3da8992c2b33955eff0b4
Closes-Bug: #1852147
2019-12-17 17:11:32 +00:00
Gabor Meszaros ce5e82e319 Initial DPDK support
Adding initial support for OVS DPDK.

Signed-off-by: Gabor Meszaros <>
Change-Id: I1f87188bd8b4b928108674a35e9a9c309e9f6d17
2019-12-09 16:45:11 +01:00
Pete Vander Giessen d169bef119 Fixed launch output.
Fixed backticks so that they actually wrap the whole command.

Added code to gamely make a guess about the username of the launched
instance and the location of the ssh key. Falls back on placeholders
if it can't.

Closes-bug 1850586

Change-Id: I980ee8617dfc4bf7c60846052d66ff18cf8aa8e9
2019-11-29 22:23:43 +00:00
Pete Vander Giessen 668208198c Added "make a dev box" script.
Added a script to tools that makes it a bit easier to spin up a
checkout of the MicroStack source in a vm, in preparation for making a
change and testing a build.

Change-Id: I6b88c99f4c3bfa22e82bc740193c1993776eb757
2019-11-29 20:20:42 +00:00
Pete Vander Giessen 1a25e50a17 Made horizon, rabbit and mysql ports configurable
Addresses requests to make it easier to avoid conflicts between the
Horizon dashboard and http services that might already be running on
the machine.

Configurable via snap config. Exposing via arguments to .init and
testing post init configuration is left for a separate PR.

Eventually, these may move to non standard ports by default. This PR
sets the stage for that, but further discussion is needed before we
decide whether to implement.

(This commit also contains a sneaky fix for the username display at the
end of the launch script.)

Closes-Bug: 1814829
Change-Id: If728d6ec8024bca4d3e809637fbdcc03ed4e6934
2019-11-27 15:27:54 +00:00
Pete Vander Giessen d34a98ad15 Remove iptables part
This change prevents builds in the gate from timing out while pulling
the iptables part, which was happening with increasing frequency.

The part was originally added in an attempt to isolate ourselves
better from the host system, despite being classically confined. This
approach was unreliable -- it doesn't work particularly well for
commands requiring sudo. We can back off this change (especially since
we've removed the special pathing that pointed us at the snapcraft
built iptables anyway -- I think that the part is superfluous).

In addition to the automated tests, I have verified that the following

1. xenial and eoan installs
2. clustering
3. refresh from beta and edge

Change-Id: I7d314eccc0433e54a800ed47add684c2e0fa6565
Closes-bug: 1854081
2019-11-26 20:27:09 +00:00
Pete Vander Giessen 2915caf98e Fixed dashboard_allowed_hosts config setting.
Now happens in a template, just like all the other values, which fixes
an issue where it doesn't get overridden during an upgrade.

Change-Id: Ied84ddc0282c77de6797f90efc8923ae66a9d59e
2019-11-21 08:47:04 +01:00
Pete Vander Giessen 590a7bc3d5 Refresh now sets missing config values
Broke default config settings into a separate script, which the
install hook always called, and post-refresh calls if it can't find
the new config hierarchy.

This fixes issues w/ upgrading from beta to edge.

Change-Id: I6b11109c2a2f6aca142a18c9fa274b332891d5c8
2019-11-21 08:46:41 +01:00
Pete Vander Giessen f7d2064561 set-br-ex now idempotent
When refreshing a snap, set-br-ex could fail because the iptables
rules that it sets were already setup. We now exit zero if this is
true, which prevents us from breaking on upgrades.

Change-Id: Ibfee98cabfa3e35bf53dbd191de2cf46f3709a51
2019-11-21 08:46:15 +01:00
Zuul e58aeddd67 Merge "Added refresh tests" 2019-11-21 07:27:45 +00:00
Pete Vander Giessen 960685b91e Added refresh tests
Refactored test framework so that we have more flexibility in terms of
installing various versions of microstack before and after running
some tests. Moved in class "globals" into per instance variables,
to avoid broken cases with incomplete cleanup.

Added, plus matching env in tox.

Refresh tests will fail currently, because we have some pending issues
that break refreshes. Fixing those is a subject for a different

Refactored and to use new framework.
Should (and do) pass.

Framework now cleans up multipass hosts regardless of whether or not
the tests passed. Leaning on the .tar.gz for local troubleshooting
helps us make it better for in gate troubleshooting.

Change-Id: I6a45b39132f5959c2944fe1ebbe10f71408ee777
2019-11-20 21:35:51 +00:00
Zuul 5d1095d3dc Merge "Updated "Building MicroStack" section of" 2019-11-14 21:42:58 +00:00
Pete Vander Giessen e0fd42e55c Updated "Building MicroStack" section of
Now reflects current build process, and has correct url to source code.

Also changed references to "microstack" and "Microstack" to

Change-Id: I60f6a28c3e47ed785692e59c0de79e298e437900
Closes-Bug: 1846979
2019-11-14 17:36:25 +00:00
Pete Vander Giessen c3ba4ee501 Delay creating external bridge until we are initializing
Previously, the snap set up a bridge using the default
network upon install. If there was a good reason not to use this
network (e.g., it already exists and is being used for another
purpose), MicroStack, and the host machine, could wind up in a broken

This PR delays setting up the bridge until after we have given an
operator a chance to override the default settings.

This has been manually tested. To test, do the following:

1) Checkout the code, and run tox -e build
2) Run tools/
3) snapctl set and
4) Run microstack_init
5) Exit the snap shell and run microstack.launch

Change-Id: I9e268495f313b29d9781d80a2468fc0a1a450aa0
2019-11-12 23:19:51 +00:00
Zuul 2f5847d6ad Merge "Allow off-host access to horizon dashboard by default." 2019-11-06 07:42:39 +00:00
Pete Vander Giessen 0824a570ec Clean up tox.ini a bit
Remove some of the redundancy in tox.ini.

Fixed some lint issues that weren't caught before due to gaps in the
linting coverage.

I think that there's more work to be done here, but this does make
things better than they were before.

Change-Id: I82487dbb9366f3de16b25615bd081b6315671655
2019-11-05 15:36:24 +00:00
Pete Vander Giessen 9e6b8c1e21 Allow off-host access to horizon dashboard by default.
Added a question which allows off host access to horizon
dashboard. Activated it by default, as that's probably what people are
going to actually want.

Change-Id: I0d5bccb3b2eb2b409072d8ae5f8b923942386119
2019-11-05 13:34:32 +00:00
Zuul a89cb36883 Merge "Fix Eoan." 2019-11-05 13:26:53 +00:00
Pete Vander Giessen cb940157ab Fix Eoan.
Moved to pure Python where clib conflicts arose in using command line

Fixed erroneous assumptions about the presence and reliability of a
$HOME variable while running init.

Added tests specific to eoan, disco and xenial. They are not yet part
of the gate.

Change-Id: I2fc74fcc2ae9876442bb87a3446aef48d0428f2f
2019-11-05 03:22:42 +00:00
Peter Matulis ec52230cc7 Update README since doc publication
Change-Id: I9d2d4f8d47d1c2b560e4d82abbd30a9cbf2d4fd4
2019-11-04 15:23:51 +00:00
Pete Vander Giessen 5404a261aa Clustering prototype
This enables basic clustering functionality. We add:

tools/cluster/cluster/ A server that handles validation of
cluster passwords.

tools/cluster/cluster/ A client for this server.

Important Note: This prototype does not support TLS, and the
functionality in the client and server is basic. Before we roll
clustering out to production, we need to have those two chat over TLS,
and be much more careful about verifying credentials.

Also included ...

Various fixes and changes to the init script and config templates to
support cluster configuration, and allow for the fact that we may have
endpoint references for two network ips.

Updates to snapcraft.yaml, adding the new tooling.

A more formalized config infrastructure. It's still a TODO to move the
specification out of the implicit definition in the install hook, and
into a nice, explicit, well documented yaml file.

Added nesting to the Question classes in the init script, as well as
strings pointing at config keys, rather than having the config be
implicitly indicated by the Question subclass' name. (This allows us
to put together a config spec that doesn't require the person reading
the spec to understand what Questions are, and how they are

Renamed and unified the "unit" and "lint" tox environments, to allow
for the multiple Python tools that we want to lint and test.

Added hooks in the init script to make it possible to do automated
testing, and added an automated test for a cluster. Run with "tox -e

Added cirros image to snap, to work around sporadic issues downloading
it from

Removed ping logic from snap, to workaround failures in gate. Need to
add it back in once we fix them.

Change-Id: I44ccd16168a7ed41486464df8c9e22a14d71ccfd
2019-11-04 13:03:41 +00:00
Pete Vander Giessen 0399955cf1 Ported and updated launch script
Moved security rules and keypair creation into init first.

Launch script now takes image name as positional argument, and name of
instance as a named argument. This makes it work more like launch in
other Canonical tools.

Written in Python, for ease of maintenance.

--retry and --wait args allow it to behave like tests expect it to,
while humans will get a much more intuitive (and much less noisy)

Also increased time we wait for a ping on the host, to allow for
slower, pure qemu, emulation times, and bring it in line with what
Tempest does in similar situations.

Change-Id: I11dcc098012468e9c88dcc7af78cde6920f31ecd
2019-10-23 01:09:42 +00:00
James Page e007da2fb9 Align ovs version with Stein UCA
Bump ovs to 2.11.1 to ensure alignment with Stein Cloud Archive.

This also means that the patches for OVS can be dropped as the
change was included in the 2.11.1 release.

Change-Id: I9896f1dbd80a2344565a752d6c697f0a3219c210
2019-10-18 15:40:41 +00:00
Zuul 78ba031251 Merge "Fix up ssh key and improve wording" 2019-10-17 19:31:54 +00:00
Pete Vander Giessen dfd1d5ec68 Added testing for control nodes
Ported to, and folded in

Made a testing framework for shared components.


Got rid of default .stestr.conf, as we're going to have multiple tests
running, and one conf is confusing.

Manually ordering functional tests for now, as stestr noms too much
output, and runs things in parallel, which doesn't work for our
functional tests.

Skipping compute node test for now, as it won't work until we can
connect to a control node with databases and such.

Moved to tools/ It's really
more of a tool for manual testing than an automated test.

Added test-requirements and updated gitignore.

Moved auto-detection of kvm extensions to init, rather than test, as
it makes more sense there.

Change-Id: Iba7f7fe07cbb066790f802cf2a7c87c68994062c
2019-10-16 15:44:38 +00:00
Peter Matulis 0587b9c4b1 Fix up ssh key and improve wording
We will probably defer to the documentation once it's
ready and keep a more streamlined storefront here.

Change-Id: Ifb5dc23440eca6f4a706457aba7990299e5faf7b
Closes-Bug: 1841791
2019-10-15 18:25:06 -04:00
Pete Vander Giessen 7525ebcded Enable loading and saving of question answers.
This lays the groundwork for interactive init, as well as being able
to specify control and compute nodes.

Added preliminary config lists for control and compute nodes. Added
appropriate default snapctl config settings in install script.

Also changed "binary" questions to "boolean" questions, as that's
better wording, and it means that my docstrings are not a confusing
mix of "boolean" and "binary" when I forget which term I used.

Snuck in a fix for the "basic" testing environment -- it was missing
the Python requirements, and was therefore failing!

Change-Id: I7f95ab68f924fa4d4280703c372b807cc7c77758
2019-10-10 15:14:00 +00:00
Pete Vander Giessen b4f90c6eca Make logging better
Move logging output for most services to systemd.

Add a hook in snap.openstack to tell OpenStack services to wait
until we set database.ready in the snap config before starting. This
prevents spamming systemd with error messages before we run
microstack.init (See matching PR against snap.openstack, coming soon.)

Incidentally fix issue w/ the way that was running
CalledProcessError and parsing output.

Order patches part after uca-sources, to work around an issue we
discovered with apt update while those two parts are running in
parallel. (python-apt segfaults, and no fun is had by anyone.)

Remaining gaps in our logging: systemd still displays some errors
during init, which might be fixable with further ordering of snapctl
start invocations. We're also relying on MySQL and RabbitMQ log output
to know when those services are started, so we haven't moved their
output to systemd just yet.

Dropped in a fix to work w/ updated version of snap.openstack.

Change-Id: I130ed730c14ab35b8b677b9c9f573fa6fe1e8f13
2019-10-08 13:13:23 +00:00
Pete Vander Giessen 73d39dc8ce Make Horizon Dashboard settings operator overrideable.
We want to allow operators to override Horizon's default
settings. This involves moving local_settings.d out of the read only
snap filesystem, and into $SNAP_COMMON. This is a little bit tricky.

First, we patch and as we're building the
snap, to include a LOCAL_PATH in $SNAP_COMMON.

Then, we add a template with the rest of our default overrides,
and write it out to $SNAP_COMMON/horizon/local_settings.d

Finally we tweak our tests so that we can give our overrides a
spin. As a bonus, this makes a lot easier to run
in our multipass testing scenario!

`tox -e basic` now also runs selenium tests, as well.

Change-Id: Ic0ce18cfa1b97a93191da749095d8aa2270d5aeb
2019-09-24 18:27:39 +00:00
Pete Vander Giessen c5f679a673 Quieter init script
Piped output of subprocess commands to log.

Set default log level to INFO.

Change-Id: I583af3f6812195a9061a76b611714aced7c8861f
2019-09-18 12:15:00 +00:00
Zuul fb4498b331 Merge "Fix horizon dashboard" 2019-09-18 12:10:00 +00:00
Pete Vander Giessen 0b4c7a22a3 Fix horizon dashboard
Port the python2.7 local settings overrides to the python3.6 directory

Move all overrides into as part
of troubleshooting some remaining problems. Everything is more
organized and functional now :-)

Added selenium tests.

Change-Id: I54923e1dc9c7ffa47c2ef6fb90ea9d224b0d2eee
2019-09-16 13:25:39 +00:00
Pete Vander Giessen b0501437bb Updated README.
Added a better summary of what MicroStack is, and what you might do
with it.

Change-Id: Ic2e1775209fc61ce48b4fe23f67596e5e4d1aaaf
2019-09-16 06:54:14 +00:00
Pete Vander Giessen 30f09c0c9a Upgrade to Python3/Stein
Move openstack-projects part from python2 to python3.

Add cloud archive.

Update qemu and libvirt versions to those from cloud archive (they
work with python3, while the distro packages versions don't).

Switch from rocky to stein.

Fetch libvirt and qemu sources via "apt source". Gets rid of sub
version hard coding in snapcraft.

Update hard coded references in tests to rocky from stein.

Change-Id: Idb38717998a13feaaf0782e880e540f28bc452a8
2019-08-30 17:15:05 +00:00
Pete Vander Giessen 93f412fc93 Better init script
Written in Python. Easier to maintain. Easier to make interactive.

Change-Id: Ib579b43c1564b55165de5c2f3d20387122448b19
2019-08-23 16:30:31 +00:00
Pete Vander Giessen b5835060ca Added "basic" option to tox test environments
Just runs `tests/ -m` without building the snap
first. Useful for when you want to re-run the basic_test to verify
that a sporadic issue has been fixed, without rebuilding the snap each

Counterargument: you could always just run `tests/ -m` on
its own. I find it easier to keep one test command in my fingers,
however, rather than having to switch between "tox plus args" and
"something else plus args"

Change-Id: I5ec28864ed41a4e11726df8aee1d31b8ef097f03
2019-08-21 14:13:04 +00:00
Pete Vander Giessen 92a6ea8dc7 Broke configuration out into a manual step.
Renamed the old and outdated "configure-openstack" script to ""

Updated and folded most of the configure hook into it.

Removed database installation step from install hook.

We can now install microstack without a database dump, which helps
immensely in updating. And we have a logical place to put additional
configuraiton, including some of the manual steps in, which
could be scripted if we gave users a chance to skip the system changes
that they wanted to skip.

Also updated README and DEMO file to match new flow. Updated test

Future cleanup and features documented in Trello, but not included in
this PR, which is big enough already :-)

Change-Id: I8d926a8b463124494ddb7a4696adbe86f89db7d5
2019-08-01 21:12:05 +00:00