780a4c4ead
Major changes: * Plumbing necessary for strict confinement with the microstack-support interface https://github.com/snapcore/snapd/pull/8926 * Until the interface is merged, devmode will be used and kernel modules will be loaded via an auxiliary service. * upgraded OpenStack components to Focal (20.04) and OpenStack Ussuri; * reworked the old patches; * added the Placement service since it is now separate; * addressed various build issues due to changes in snapcraft and built dependencies: * e.g. libvirt requires the build directory to be separate from the source directory) and LP: #1882255; * LP: #1882535 and https://github.com/pypa/pip/issues/8414 * LP: #1882839 * LP: #1885294 * https://storyboard.openstack.org/#!/story/2007806 * LP: #1864589 * LP: #1777121 * LP: #1881590 * ML2/OVS replated with ML2/OVN; * dnsmasq is not used anymore; * neutron l3 and DHCP agents are not used anymore; * Linux network namespaces are only used for neutron-ovn-metadata-agent. * ML2 DNS support is done via native OVN mechanisms; * OVN-related database services (southbound and northbound dbs); * OVN-related control plane services (ovn-controller, ovn-northd); * core20 base support (bionic hosts are supported); * the removal procedure now relies on the "remove" hook since `snap remove` cannot be used from the confined environment anymore; * prerequisites to enabling AppArmor confinement for QEMU processes created by the confined libvirtd. * Added the Spice html5 console proxy service to enable clients to retrieve and use it via `microstack.openstack console url show --spice <servername>`. * Added missing Cinder templates and DB migrations for the Cinder DB. * Added experimental support for a loop device-based LVM backend for Cinder. Due to LP: #1892895 this is not recommended to be used in production except for tempest testing with an applied workaround; * includes iscsid and iscsi-tcp kernel module loading; * includes LIO and loading of relevant kernel modules; * An LVM PV is created on top of a loop device with a backing file present in $SNAP_COMMON/cinder-lvm.img; * A VG is created on top of the PV; * LVs are created by Cinder and exported via LIO over iscsi to iscsid which hot-plugs new SCSI devices. Those SCSI devices are then propagated by Nova to libvirt and QEMU during volume attachment; * Added post-deployment testing via rally and tempest (via the microstack-test snap). A set of tests included into Refstack 2018.02 is executed (except for object storage tests due to the lack of object storage support). Change-Id: Ic70770095860a57d5e0a55a8a9451f9db6be7448
80 lines
3.2 KiB
Python
Executable File
80 lines
3.2 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
|
|
import os
|
|
import sys
|
|
import logging
|
|
from subprocess import check_call, check_output, call, run
|
|
from pyroute2 import netns
|
|
|
|
logging.basicConfig(stream=sys.stdout, level=logging.DEBUG)
|
|
|
|
|
|
if __name__ == '__main__':
|
|
# Work around the lack of modified LD_LIBRARY_PATH and PATH variables with
|
|
# snap-specific content.
|
|
snap_dir = os.environ['SNAP']
|
|
snap_libs = (f'{snap_dir}/lib:{snap_dir}/usr/lib:'
|
|
f'{snap_dir}/lib/x86_64-linux-gnu:'
|
|
f'{snap_dir}/usr/lib/x86_64-linux-gnu')
|
|
os.environ['LD_LIBRARY_PATH'] = snap_libs
|
|
|
|
check_call(['snapctl', 'start', 'microstack.ovsdb-server'])
|
|
check_call(['snapctl', 'start', 'microstack.ovs-vswitchd'])
|
|
|
|
logging.info('Attempting to remove br-ex.')
|
|
check_call(['ovs-vsctl', '--if-exists', 'del-br', 'br-ex'])
|
|
|
|
check_call(['snapctl', 'stop', 'microstack.ovsdb-server'])
|
|
check_call(['snapctl', 'stop', 'microstack.ovs-vswitchd'])
|
|
|
|
for ns in netns.listnetns():
|
|
if ns.startswith('ovnmeta-'):
|
|
logging.info(f'Removing the {ns} network namespace.')
|
|
netns.remove(ns)
|
|
|
|
# Need to expose targets prior to starting iscsid in order to properly log out
|
|
# of iSCSI sessions.
|
|
check_call(['snapctl', 'start', 'microstack.target'])
|
|
check_call(['snapctl', 'start', 'microstack.iscsid'])
|
|
check_call(['sync'])
|
|
|
|
# Assuming the QEMU processes have already been killed by snapd,
|
|
# log out of all targets prior to removing the snap to clean up
|
|
# the kernel state.
|
|
# TODO: be more selective about logging out since there may be sessions
|
|
# unrelated to MicroStack in the kernel.
|
|
# TODO: also clean up block devices by writing to
|
|
# /sys/class/block/<dev>/device/delete since those do not get deleted on
|
|
# session logout.
|
|
logging.info('Attempting to remove iscsi sessions from the kernel.')
|
|
res = run(['iscsiadm', '-m', 'node', '-u'])
|
|
# ISCSI_ERR_NO_OBJS_FOUND
|
|
if res.returncode == 21:
|
|
logging.debug('No iscsi sessions were found.')
|
|
elif res.returncode == 0:
|
|
logging.debug('Successfully logged the existing iscsi sessions out.')
|
|
else:
|
|
# Albeit this is an error condition we cannot do much in the remove
|
|
# hook to fix this besides logging since snapd does not stop the
|
|
# snap removal on error in the remove hook.
|
|
logging.error('Unexpected error code received from iscsiadm: '
|
|
f'{res.returncode}')
|
|
check_call(['snapctl', 'stop', 'microstack.iscsid'])
|
|
check_call(['snapctl', 'stop', 'microstack.target'])
|
|
|
|
# File-backed LVM resource cleanup (if present).
|
|
loop_file = f'{os.environ["SNAP_COMMON"]}/cinder-lvm.img'
|
|
allocated_loop_dev = check_output(
|
|
f'losetup -j {loop_file} | cut -d ":" -f 1', shell=True
|
|
).decode('utf-8').strip()
|
|
|
|
if allocated_loop_dev:
|
|
cinder_lvm_vg = check_output([
|
|
'snapctl', 'get', 'config.cinder.lvm-backend-volume-group']
|
|
).strip()
|
|
if not call(['vgdisplay', cinder_lvm_vg]):
|
|
check_call(['vgremove', '-f', cinder_lvm_vg])
|
|
if not call(['pvdisplay', allocated_loop_dev]):
|
|
check_call(['pvremove', '-f', allocated_loop_dev])
|
|
check_call(['losetup', '-d', allocated_loop_dev])
|