51 Commits

Author SHA1 Message Date
aojeagarcia
eb7d1ad198 Disable apparmor for openSUSE distros
Dnsmasq and haproxy are used frequently by neutron and nova, apparmor
profiles can block some operations and the deployed cloud can't
work properly so some tests are going to fail.

Some openSUSE distros has apparmor enabled by default so we need to
disable it.

Change-Id: I30fda684effb09810643e58bf0b31a73d7d9b378
Signed-off-by: aojeagarcia <aojeagarcia@suse.com>
2018-10-08 07:08:47 +00:00
Matt Riedemann
23df4da0d4 Use Queens UCA
This updates the UCA usage from Pike to Queens. As a result,
the various volume multiattach checks can also be removed
because the Queens UCA has libvirt 4.0.0.

Change-Id: Icb971831c8d4fe5f940d9e7993d53f1c3765e30f
2018-03-19 14:27:01 -04:00
IWAMOTO Toshihiro
4d835e33b6 Break up fixup_stuff
Neutron functional tests want to use ubuntu cloud archive but it's
not possible to source the fixup_stuff.sh from a neutron CI setup
script. Break it up so that only the UCA portion can be executed
from neutron.

Change-Id: Ie18833bfa30f1789e63cbe9c86f5ece3453f43fb
2018-02-16 05:04:16 +00:00
Matt Riedemann
ffe691ecd5 tempest: set compute-feature-enabled.volume_multiattach
This adds the ENABLE_VOLUME_MULTIATTACH flag and if True
configures Tempest to run volume multiattach tests.

Note that due to https://bugzilla.redhat.com/show_bug.cgi?id=1378242
we can't run multiattach tests with the Pike UCA packages since
those include qemu 2.10 and libvirt 3.6, and the valid versions for
multiattach support with libvirt is qemu<2.10 or libvirt>=3.10.

Depends-On: I80c20914c03d7371e798ca3567c37307a0d54aaa
Depends-On: I158c6f20e3e6a24bd2e5299abbeb3fc5208e5885

Part of nova blueprint multi-attach-volume

Change-Id: I46b7eabf6a28f230666f6933a087f73cb4408348
2018-01-18 18:00:04 +01:00
Matt Riedemann
917ad0998b Update to using pike cloud-archive
This reverts commit ee22ca8373abd3b5a4c44a9c5c4da39c511195c8

Depends-On: Iae2962bb86100f03fd3ad9aac3767da876291e74

Change-Id: I4d5fa052bdc5eef1795f6507589e2eaf4e093e23
Related-Bug: #1718295
2017-09-20 14:46:48 +00:00
Matt Riedemann
ee22ca8373 Revert "Update to using pike cloud-archive"
This reverts commit a7e9a5d447b3eeacfb52d7ddc94445058a8d6fd1.

The jobs that run live migration tests are failing at about
a rate of 50% since this merged. There are no recent changes
to nova in the last 24 hours that are related to live
migration, and this is failing on the master branch only,
so I suspect the failures are due to new qemu packages
getting pulled in from this change.

Change-Id: Ic8481539c6a0cc7af08a736a625b672979435908
Closes-Bug: #1718295
2017-09-20 00:29:36 +00:00
Jens Harbott
a7e9a5d447 Update to using pike cloud-archive
Now that Pike has been released, switch to using the pike version of
UCA instead of ocata, too.

One reason to do so it that it adds python3-ceph packages, allow to have
progress with the python3 compatibility of the Ceph integration.

Change-Id: I7d95e53892b697c72af75ad0ce7ce2dec6d31fde
2017-09-06 10:58:04 +00:00
Ian Wienand
2d57f93f68 Don't reinstall python-virtualenv on infra nodes
In the original change I said "for infra nodes, it shouldn't do
anything anyway ...".  Well that was pre-Fedora 26 :)

It seems that dnf > 2.0 now intentionally throws an error when trying
to explicitly install an ignored package.  Thus, as described in the
comment, take a simpler approach of skipping this on infra nodes.
pip-and-virtualenv in dib should have installed the latest pip,
virtualenv and setuptools, so we don't want to fiddle with that
anyway.

[1] https://review.openstack.org/#/c/338998/

Change-Id: Ib300b58377a0d0fe1bd7444c71acdb9a87dc033b
2017-08-10 16:42:45 +10:00
Takashi NATSUME
fa0077707e Update URLs
Some URLs are broken, so fix them.
The others are redirect to new URLs,
so replace them with new ones.

The config options of nova serial console proxy
have been gathered in nova/conf/serial_console.py.
So the description in doc/source/guides/nova.rst
is fixed.

Change-Id: Ifd81cc09969341fbf8f135a913fc6003b94e0acc
2017-07-22 09:12:59 +09:00
Amrith Kumar
bb436d3373 Make use of Ubuntu Cloud Archive switchable
The trove development environment is typically a linux VM within which
openstack is installed, and trove launches guest vm's within that
environment. To make it possible for these vm's to launch in one human
lifetime, one must set vt/x and enable nested hypervisors to use with
kvm; qemu emulation will take way too long.

The new libvirtd (v2.5.0) in Ubuntu Cloud Archive doesn't handle
nested hypervisors well and if you use it, you end up with a guest
hanging on the GRUB line.

To enable that use-case, we provide ENABLE_UBUNTU_CLOUD_ARCHIVE which
the trove developer can set (to False) before running devstack.

Change-Id: Ia0265c67bb7d2a438575a03c0ddbf2d9c53266ed
Closes-Bug: #1689370
2017-05-25 12:36:25 -04:00
Ian Wienand
71d20e6582 Always disable use of libvirt wheel with UCA
It's not only using our upstream caches that you might get an old
libvirt-python wheel that is incompatible with UCA.  Move the ignore
out of the mirror check to apply it globally.

This is an alternative to Iba301a8c80c9ed584f5fb5a816f3d2cf5f5f0e77

Change-Id: I588b1e8e49aa60f3ce976dc1b6c8013ba1d88079
2017-04-26 21:23:01 -04:00
Paul Belanger
1f92d44544
Use apt_get_update after we setup UCA
It is possible some CI system are using an http_proxy. Use the helper
function to cover this use case.

Change-Id: Iee685147ca0244fc7de328a765f937602223de20
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-04-13 13:08:59 -04:00
Clark Boylan
c9a9e415b9 Test using UCA for libvirt 2.5.0
We have had issues with libvirt 1.3.1 which is stock on Xenial. Try
using 2.5.0 from UCA instead.

Related-Bug: 1643911
Related-Bug: 1646779
Related-Bug: 1638982
Change-Id: Ia4434541c71f050fe1ffb54f4c4c1e302391d00b
2017-04-11 14:32:44 -07:00
Kenneth Giusti
df6c1ffbe1 Force reinstall of virtualenv to ensure installation is valid
On RHEL-based systems pip and yum share the same installation
directory for virtualenv.  If yum pulls in the python-virtualenv
package (e.g. due to a dependency) it will clobber what pip has
already installed. The file tools/fixup_stuff.sh tries to ensure that
the proper virtualenv package is installed via pip. If virtualenv has
already been installed via pip, then clobbered by yum, pip skips the
install since it appears as if virtualenv is already installed and at
the correct version.

The reinstall of virtualenv must use the --force-reinstall argument to
pip to fix up the damage done by yum.

Change-Id: Ib0edf6c4ee8a510e9d671213de35d787f56acfed
Closes-Bug: #1599863
2016-07-21 10:18:41 -04:00
Ian Wienand
cb32230e52 Revert "Work around broken rabbitmq 3.6.1 packages on Fedora 23"
This reverts commit 616957d5981310e465e9fb3fd0c040751d8b0b63.

Fixed packages are released to F23 stable

Change-Id: I6c1ecaf9afb78afa3051922eb8347a2610e57416
2016-04-12 10:31:22 +10:00
Ian Wienand
616957d598 Work around broken rabbitmq 3.6.1 packages on Fedora 23
Downgrade this package until we have a fix for the bug in the
comments.

Change-Id: I980d625fec7b11aff74814ee2d24fe9650e9f0a6
2016-04-06 17:27:01 +10:00
Kashyap Chamarthy
90bc586772 Remove support for Fedora 21 (EOL); add F22 where appropriate
Fedora 21 reached its End Of Life (EOL) on 1-DEC-2015[1]; remove it as
supported distribution.

    - stack.sh: Remove Fedora 21 from list of supported distributions.
    - tools/fixup_stuff.sh: Make the minimum Fedora version to be F22 in
      from a conditional check in 'Python packages' section
    - files/rpms/general: Remove 'f21' from NOPRIME.
    - lib/ceph: Remove 'f21' from the check_os_support_ceph() function.
    - doc/source/index.rst: s/Fedora 21/Fedora 22/
    - pkg/elasticsearch.sh: Remove the 'if' conditional in the
      install_elasticsearch() function.

[1] https://fedoramagazine.org/fedora-21-end-life-december-1st/

Change-Id: Ifbcc3dd783ff2f362a464fbf4ca22f20cc2c658e
2016-01-05 13:07:43 +01:00
Jenkins
80fcf354ed Merge "Restrict requests to fedora" 2015-10-19 16:08:54 +00:00
Mark Hamzy
746e72d4c3 Restrict requests to fedora
The os_RELEASE for RHEL is 7.1 (for example). Which does not work for comparisons
to an integer.  And, while I am at it, change base_path to not use a hard-coded
directory.

Change-Id: I64a04810cc7ba4668c2cb7a8df79c206301e9e16
2015-10-14 13:48:15 -05:00
Ian Wienand
e82bac0498 Detect blank variable in trueorfalse
As a follow-on to I8cefb58f49dcd2cb2def8a5071d0892af520e7f7, put in
some detection around missing variable-to-test arguments in
trueorfalse.

Correct a couple of places where we were passing in blank strings,
resulting in the default always being applied.

Add test-cases and enhance the documentation a little.

Depends-On: I8cefb58f49dcd2cb2def8a5071d0892af520e7f7
Change-Id: Icc0eb3808a2b6583828d8c47f0af4181e7e2c75a
2015-10-09 19:07:50 +11:00
Attila Fazekas
c7e772c164 Use the pip installed version of requests with Fedora
The upstream version of requests contains a copy
of urllib3 and cardet library, common practice in many distros
to create symbolic links for these libraries instead of creating
a huge package which contains the same library as the distro provides
as separate package as well.

Now devstack upgrades the urllib3 to incompatible version,
but it leaves the requests unchanged because Fedora already has the
latest version.
The issue does not happens with Ubuntu because it has older requests
and devstack updates it as well.
The pip installed version contains a bundled urllib3 and the actually
installed urllib3 version does not matters.

This is not the `usual` distro package overrides pip installed package
case.

Change-Id: Icfa71368384b0c2e3ff39265b2fa9190b5566b9b
Related-Bug: #1476770
2015-09-04 09:18:53 +10:00
Ben Nemec
64b2ebca15 Make sure iptables-services is installed
The iptables service files are no longer included by default on
Fedora.  This causes the systemctl calls in fixup_stuff.sh to fail
when disabling firewalld in favor of iptables.

Change-Id: If37691d03e3d07ca8b53c541717081beeb184c16
Closes-Bug: #1462347
2015-06-09 15:22:37 +00:00
Ian Wienand
3380a16974 Disable firewalld always
We've bike-sheded over this before
(I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799) but I have just traced
down further issues to firewalld with neutron+ipv6 (see the bug).

In fact, as mentioned in the comments, RDO disables firewalld and the
neutron guide says to disable it [1].  The force flag is left if
anyone really wants this; but nobody is testing (or, as far as I can
tell, working on) this so bring devstack back into line and disable it
always.  Note we do not remove the package; as has been found in the
puppet scripts this can lead to dependency issues.

[1] http://docs.openstack.org/developer/devstack/guides/neutron.html

Change-Id: Ief7cb33d926a9538f4eb39c74d906ee0c879de35
Partial-Bug: 1455303
2015-05-15 19:14:19 +10:00
Dean Troyer
dc97cb71e8 Mostly docs cleanups
Fix documentation build errors and RST formatting

Change-Id: Id93153400c5b069dd9d772381558c7085f64c207
2015-03-28 14:35:12 -05:00
Vigneshvar.A.S
834b804d3e Upgrades pip under virtualenv
The version of pip supported by python-virtualenv has issues in
environment under proxy, hence uninstalling python-virtualenv package
and installing the latest version using pip.

Change-Id: Id749c37ab7fefa96b35f11816b56b9def5ef4b08
Closes-Bug: 1421541
2015-02-25 08:18:18 +00:00
Attila Fazekas
1f316beb20 Remove rhel6 and py26 support
el6 is shipped with Python 2.6.x which is not expected
to be supported with the openstack kilo release.

For el6 support we need to do lot of thing differently,
which makes the code more complicated.

This change removes el6 and py26 support from devstack.

This change also removed a discontinued (1 year ago)
openSUSE 12.2 code path, which used a similar codepath as el6.

Several comment related to el6 also removed or modified.

Change-Id: Iea0b0c98a5e11fd85bb5e93c099f740fe05d2f3a
2015-01-27 09:22:52 +01:00
Kashyap Chamarthy
7c9df1017c Remove Fedora 19 as supported distribution
Fedora 19 will reach its end of life on 6-JAN-2015

  https://lists.fedoraproject.org/pipermail/announce/2014-December/003243.html

Remove it as a supported distribution and add Fedora 21

  - stack.sh: Remove Fedora 19 from list of 'supported' distributions.
  - tools/fixup_stuff.sh: Remove Fedora 19. Also remove the workaround
    of disabling firewalld for Fedora 21.

Change-Id: If92b87d2f9a2bb95469730cda201a7981670f727
2015-01-06 11:42:26 +01:00
Jeremy Stanley
6ec66bb3d1 Install prettytable>=0.7 to satisfy pip 6/PEP 440
Also use sudo -H with pip so that it doesn't create a ~stack/.cache
other things can't write to as the stack user later.

Change-Id: I2134c7d8f58f8b83f33150c9ed86d87f8ccba2f3
2014-12-23 01:05:42 +00:00
Monty Taylor
0eed532ce3 Remove nose things
We don't use nose anywhere in anything related to devstack. The only
legitimate OpenStack things that are still nose are horizon and swift
unittests, and it turns out we don't really run those in devstack.

Change-Id: I215e0f3664f269e0e1b8f5d5f9c70553dededddd
2014-11-17 11:10:16 +11:00
Chmouel Boudjnah
8fceb49820 Only sysctl reserverd ports when available.
Only set the keystone reserved ports when available, on some system
(like when running under containers) where this sysfs interface is not
exposed we are almost pretty sure these ports would be exclusive for our
devstack.

Change-Id: I06d7d227ae94d564c91c16119e4bbbcc6564a280
2014-10-31 13:57:02 +01:00
Dean Troyer
85ebb3a868 Remove firewalld on Fedora 20 by default
firewalld interacts badly with the libvirt on f20, causing slow-downs
so great that it can timeout the gate.

Developers who want to leave it enabled should set FORCE_FIREWALLD=True

Change-Id: I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799
2014-08-19 11:18:15 -05:00
Dean Troyer
04a351133a Source fixup_stuff...
...so it can pick up config variables from local.conf

Change-Id: I0991f59881f16c72789e3b0342c26a2419ba0878
2014-08-15 14:03:55 -05:00
Sean Dague
01796fad29 remove kernel override ability
This was landed to try to address an issue with netns vs nbd during
icehouse development. It never really got us anywhere, and is now
just cruft.

Change-Id: Ie498fae8d1f796c1fc83459c65d0de948d1d50ce
2014-08-05 17:37:36 -04:00
Ian Wienand
8fdb42fc0b Workaround for overwriting setuptools on RHEL
This old setuptools egg-info file causes havoc and really weird pip
install errors.  I think possibly not everyone has the
python-setuptools package installed, so it may only appear in some
situations.

Change-Id: I7ef0fa35c650e323a8945ed7c5c7754ca62a0ca5
2014-07-30 22:04:15 +10:00
Jenkins
4fbb8137af Merge "Reserve Keystone ports from the ephemeral range" 2014-06-17 01:24:47 +00:00
Morgan Fainberg
6cae83efd7 Reserve Keystone ports from the ephemeral range
Reserve Keystone ports from the ephemeral range as early as reasonably
possible in the fixup_stuff.sh process to reduce the likelihood that the
port will be in use. This does not completely resolve the issue
where Keystone's IANA assigned port falls into Linux's ephemeral
range, but this should reduce the occurrences. The default ports
are 35357 and 35358.

Change-Id: I8cfb53d8f90c1ff1fb1083c59fefabca3d14323b
Partial-Bug: #1253482
2014-06-13 21:33:52 +00:00
Attila Fazekas
d7967a4879 selinux permissive on Fedora
The f20 gate job is failing on hpcloud images
(official F20 cloud image), with enforcing selinux.

Setting selinux to permissive on all Fedoras.

Currently selinux policies are violated, when
 - horizon/httpd tries to access a files without
httpd_t friendly security label.
 - horizon/httpd_t tries to connect to openstack
   service port, without an allowing policy.
 - swift tryes rsync content without an authorized
   security label and without rsync_full_access sebool.
 - ..

In permissive mode you will be able to track,
the missing policies and labels by checking
the /var/log/auidit/audit.log*

The enforcing mode might be turned on in the future,
when all label and policy configured correctly.

Change-Id: I6dad705dd11b9eb5f01ce67814f05d294b3979a5
2014-06-12 11:41:54 +02:00
Attila Fazekas
522cfe0951 tempest py26 setup
Simplifying the steps between devstack install and tempest run, by
 * installing tox<1.7, bacuse 1.7 is not compatible with our tox.ini
 * installing and patching 'discover' when the python version is 2.6

Change-Id: I8008837d2fae6cebeeeb051b63066279ca477e01
2014-05-05 07:36:49 +02:00
Ian Wienand
aee18c749b Enforce function declaration format in bash8
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check.  Add a note to HACKING.rst

Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
2014-02-28 07:59:03 +11:00
Ian Wienand
3e37326a35 Move enablement of rhel6-optional repo earlier
Change 4f1fee6eae300a3384900df06ebc857e95854eb0 added the RHEL6
optional repo in fixup_stuff.sh, but it turns out that doesn't get run
until after the package prerequisites phase.  Move this into stack.sh
with the RDO repo setup.

Change-Id: Iae0df85fa94c6c1b6f497dd29fda90d03b903a41
2014-02-26 13:34:18 +11:00
Ian Wienand
4f1fee6eae Fix missing libffi-devel for python-glanceclient
python-glanceclient is failing to install on rhel6 with a dependency
chain from pip as

  cryptography>=0.2.1 (from pyOpenSSL>=0.11->python-glanceclient==0.12.0.56.gb8a850c)

cryptography requires libffi-devel to build.  I'm not sure what
changed, but remove it from "testonly" so it is always installed.

However, RHEL6 includes this in the optional repo, so we enable this
repo in the fixup script.

Change-Id: I9da0e91b75f41578861ee9685b8c7e91dd12dae7
2014-02-25 08:21:22 +11:00
Dean Troyer
d8864feae9 Fix shocco errors
Clean up comments to fix errors seen while processing with shocco

Change-Id: I0e97ad27613313f03e47c107051ea93b115d4744
2014-02-17 11:18:12 -06:00
Sean Dague
d8416d7c1c allow for upgrade of the precise kernel
we are getting kernel crashes in the OpenStack gate, to test
getting around this we'd like devstack to be able to upgrade
the precise kernel to the latest lts backported kernel.

default to off

Change-Id: I5d47aa8d15b1b1c0386a13b65022f6b8108c5c49
2014-01-27 16:08:03 -05:00
Attila Fazekas
3a82319ad7 fixup_stuff prettytable min version
The minimum prettytable version is changed from 0.6 to 0.7
 in the global requirements.

If the system has an older prettytable version the fixup_stuff does not
takes effect in time, because at fixup time the system has the old
version.

Ensure the fixup installs the minimum required version in time.

Change-Id: If1737dacb25db73b68e707953d05576ad8a97da7
2013-11-24 19:21:06 +01:00
Gonéri Le Bouder
394c11c721 horizon: drop nodejs dependency
since commit a0739c9423a4c559b45af96fa4cdb30539dcdbd7, horizon use
a pure Python alternative to nodejs

Change-Id: I231b453e42c303c3cc29e8bea4d7b935fecdccd2
2013-11-14 10:28:51 +01:00
Adam Spiers
cb961597cc Fix shocco errors and warnings
A few Markdown-oriented issues were causing Docutils errors to
leak into the end-user docs on http://devstack.org

Change-Id: I51fa9698afb1bfb48596478d83bd1fdcd84ac52e
2013-10-24 15:43:05 +01:00
Dean Troyer
65f1af6dd3 Fix fixup_stuff.sh package permissions fix
There are a number of different attempts to fix this issue, specifcally on RHEL6.
None of them actually get it right.
* This does not upgrade an OS installed package because we trust them to not make
  these sorts of permissions mistakes. Also we do not have nor want to figure out the
  right version that the OpenStack projects will require.
* This specfically targets the upstream package versions as we do not know how
  later versions behave.

This should address the following reviews:
* https://review.openstack.org/#/c/50540/
* https://review.openstack.org/#/c/51233/ (1238707)
* https://review.openstack.org/#/c/51651/ (1239747)
* https://review.openstack.org/#/c/51843/
* https://review.openstack.org/#/c/51838/
* https://review.openstack.org/#/c/52148/ (1236941)

Change-Id: I99906451dc25654628187b383e8893cce0e276bf
2013-10-16 12:50:19 -05:00
Adam Spiers
c85ade7720 set errexit and xtrace in helper scripts
stack.sh invokes some helper scripts as separate processes, rather than
by source'ing them.  As with stack.sh itself, abort immediately on the
first error, so that errors don't compound and result in confusing error
messages.  If one of these helper scripts aborts, stack.sh itself will
also abort in the usual manner.

Due to the change in behaviour, tweak some mv invocations to ensure that
they don't trigger false failures.

As with stack.sh itself, also enable xtrace so we can see exactly what's
happening.  In particular this allows us to see the cause of any
premature termination due to a command failing whilst errexit is
enabled.

Change-Id: I7a55784c31e5395e29ab9bbe2bb112b83b9be693
2013-10-01 17:54:40 +01:00
Aaron Rosen
1e4551db44 use method pip_install over sudo pip install so proxy settings work
Change-Id: I2f0c69a72ef73c317b707d99c65cab0fb590d158
2013-09-16 13:59:42 -07:00
Dean Troyer
49ba22460b Move RHEL6 hacks to tools/fixup_stuff.sh
Change-Id: Ice983bc16379bc2bc25659c37cfc16b63fdfc34b
2013-08-30 15:20:59 -05:00