Dnsmasq and haproxy are used frequently by neutron and nova, apparmor
profiles can block some operations and the deployed cloud can't
work properly so some tests are going to fail.
Some openSUSE distros has apparmor enabled by default so we need to
disable it.
Change-Id: I30fda684effb09810643e58bf0b31a73d7d9b378
Signed-off-by: aojeagarcia <aojeagarcia@suse.com>
This updates the UCA usage from Pike to Queens. As a result,
the various volume multiattach checks can also be removed
because the Queens UCA has libvirt 4.0.0.
Change-Id: Icb971831c8d4fe5f940d9e7993d53f1c3765e30f
Neutron functional tests want to use ubuntu cloud archive but it's
not possible to source the fixup_stuff.sh from a neutron CI setup
script. Break it up so that only the UCA portion can be executed
from neutron.
Change-Id: Ie18833bfa30f1789e63cbe9c86f5ece3453f43fb
This adds the ENABLE_VOLUME_MULTIATTACH flag and if True
configures Tempest to run volume multiattach tests.
Note that due to https://bugzilla.redhat.com/show_bug.cgi?id=1378242
we can't run multiattach tests with the Pike UCA packages since
those include qemu 2.10 and libvirt 3.6, and the valid versions for
multiattach support with libvirt is qemu<2.10 or libvirt>=3.10.
Depends-On: I80c20914c03d7371e798ca3567c37307a0d54aaa
Depends-On: I158c6f20e3e6a24bd2e5299abbeb3fc5208e5885
Part of nova blueprint multi-attach-volume
Change-Id: I46b7eabf6a28f230666f6933a087f73cb4408348
This reverts commit a7e9a5d447b3eeacfb52d7ddc94445058a8d6fd1.
The jobs that run live migration tests are failing at about
a rate of 50% since this merged. There are no recent changes
to nova in the last 24 hours that are related to live
migration, and this is failing on the master branch only,
so I suspect the failures are due to new qemu packages
getting pulled in from this change.
Change-Id: Ic8481539c6a0cc7af08a736a625b672979435908
Closes-Bug: #1718295
Now that Pike has been released, switch to using the pike version of
UCA instead of ocata, too.
One reason to do so it that it adds python3-ceph packages, allow to have
progress with the python3 compatibility of the Ceph integration.
Change-Id: I7d95e53892b697c72af75ad0ce7ce2dec6d31fde
In the original change I said "for infra nodes, it shouldn't do
anything anyway ...". Well that was pre-Fedora 26 :)
It seems that dnf > 2.0 now intentionally throws an error when trying
to explicitly install an ignored package. Thus, as described in the
comment, take a simpler approach of skipping this on infra nodes.
pip-and-virtualenv in dib should have installed the latest pip,
virtualenv and setuptools, so we don't want to fiddle with that
anyway.
[1] https://review.openstack.org/#/c/338998/
Change-Id: Ib300b58377a0d0fe1bd7444c71acdb9a87dc033b
Some URLs are broken, so fix them.
The others are redirect to new URLs,
so replace them with new ones.
The config options of nova serial console proxy
have been gathered in nova/conf/serial_console.py.
So the description in doc/source/guides/nova.rst
is fixed.
Change-Id: Ifd81cc09969341fbf8f135a913fc6003b94e0acc
The trove development environment is typically a linux VM within which
openstack is installed, and trove launches guest vm's within that
environment. To make it possible for these vm's to launch in one human
lifetime, one must set vt/x and enable nested hypervisors to use with
kvm; qemu emulation will take way too long.
The new libvirtd (v2.5.0) in Ubuntu Cloud Archive doesn't handle
nested hypervisors well and if you use it, you end up with a guest
hanging on the GRUB line.
To enable that use-case, we provide ENABLE_UBUNTU_CLOUD_ARCHIVE which
the trove developer can set (to False) before running devstack.
Change-Id: Ia0265c67bb7d2a438575a03c0ddbf2d9c53266ed
Closes-Bug: #1689370
It's not only using our upstream caches that you might get an old
libvirt-python wheel that is incompatible with UCA. Move the ignore
out of the mirror check to apply it globally.
This is an alternative to Iba301a8c80c9ed584f5fb5a816f3d2cf5f5f0e77
Change-Id: I588b1e8e49aa60f3ce976dc1b6c8013ba1d88079
It is possible some CI system are using an http_proxy. Use the helper
function to cover this use case.
Change-Id: Iee685147ca0244fc7de328a765f937602223de20
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We have had issues with libvirt 1.3.1 which is stock on Xenial. Try
using 2.5.0 from UCA instead.
Related-Bug: 1643911
Related-Bug: 1646779
Related-Bug: 1638982
Change-Id: Ia4434541c71f050fe1ffb54f4c4c1e302391d00b
On RHEL-based systems pip and yum share the same installation
directory for virtualenv. If yum pulls in the python-virtualenv
package (e.g. due to a dependency) it will clobber what pip has
already installed. The file tools/fixup_stuff.sh tries to ensure that
the proper virtualenv package is installed via pip. If virtualenv has
already been installed via pip, then clobbered by yum, pip skips the
install since it appears as if virtualenv is already installed and at
the correct version.
The reinstall of virtualenv must use the --force-reinstall argument to
pip to fix up the damage done by yum.
Change-Id: Ib0edf6c4ee8a510e9d671213de35d787f56acfed
Closes-Bug: #1599863
This reverts commit 616957d5981310e465e9fb3fd0c040751d8b0b63.
Fixed packages are released to F23 stable
Change-Id: I6c1ecaf9afb78afa3051922eb8347a2610e57416
Fedora 21 reached its End Of Life (EOL) on 1-DEC-2015[1]; remove it as
supported distribution.
- stack.sh: Remove Fedora 21 from list of supported distributions.
- tools/fixup_stuff.sh: Make the minimum Fedora version to be F22 in
from a conditional check in 'Python packages' section
- files/rpms/general: Remove 'f21' from NOPRIME.
- lib/ceph: Remove 'f21' from the check_os_support_ceph() function.
- doc/source/index.rst: s/Fedora 21/Fedora 22/
- pkg/elasticsearch.sh: Remove the 'if' conditional in the
install_elasticsearch() function.
[1] https://fedoramagazine.org/fedora-21-end-life-december-1st/
Change-Id: Ifbcc3dd783ff2f362a464fbf4ca22f20cc2c658e
The os_RELEASE for RHEL is 7.1 (for example). Which does not work for comparisons
to an integer. And, while I am at it, change base_path to not use a hard-coded
directory.
Change-Id: I64a04810cc7ba4668c2cb7a8df79c206301e9e16
As a follow-on to I8cefb58f49dcd2cb2def8a5071d0892af520e7f7, put in
some detection around missing variable-to-test arguments in
trueorfalse.
Correct a couple of places where we were passing in blank strings,
resulting in the default always being applied.
Add test-cases and enhance the documentation a little.
Depends-On: I8cefb58f49dcd2cb2def8a5071d0892af520e7f7
Change-Id: Icc0eb3808a2b6583828d8c47f0af4181e7e2c75a
The upstream version of requests contains a copy
of urllib3 and cardet library, common practice in many distros
to create symbolic links for these libraries instead of creating
a huge package which contains the same library as the distro provides
as separate package as well.
Now devstack upgrades the urllib3 to incompatible version,
but it leaves the requests unchanged because Fedora already has the
latest version.
The issue does not happens with Ubuntu because it has older requests
and devstack updates it as well.
The pip installed version contains a bundled urllib3 and the actually
installed urllib3 version does not matters.
This is not the `usual` distro package overrides pip installed package
case.
Change-Id: Icfa71368384b0c2e3ff39265b2fa9190b5566b9b
Related-Bug: #1476770
The iptables service files are no longer included by default on
Fedora. This causes the systemctl calls in fixup_stuff.sh to fail
when disabling firewalld in favor of iptables.
Change-Id: If37691d03e3d07ca8b53c541717081beeb184c16
Closes-Bug: #1462347
We've bike-sheded over this before
(I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799) but I have just traced
down further issues to firewalld with neutron+ipv6 (see the bug).
In fact, as mentioned in the comments, RDO disables firewalld and the
neutron guide says to disable it [1]. The force flag is left if
anyone really wants this; but nobody is testing (or, as far as I can
tell, working on) this so bring devstack back into line and disable it
always. Note we do not remove the package; as has been found in the
puppet scripts this can lead to dependency issues.
[1] http://docs.openstack.org/developer/devstack/guides/neutron.html
Change-Id: Ief7cb33d926a9538f4eb39c74d906ee0c879de35
Partial-Bug: 1455303
The version of pip supported by python-virtualenv has issues in
environment under proxy, hence uninstalling python-virtualenv package
and installing the latest version using pip.
Change-Id: Id749c37ab7fefa96b35f11816b56b9def5ef4b08
Closes-Bug: 1421541
el6 is shipped with Python 2.6.x which is not expected
to be supported with the openstack kilo release.
For el6 support we need to do lot of thing differently,
which makes the code more complicated.
This change removes el6 and py26 support from devstack.
This change also removed a discontinued (1 year ago)
openSUSE 12.2 code path, which used a similar codepath as el6.
Several comment related to el6 also removed or modified.
Change-Id: Iea0b0c98a5e11fd85bb5e93c099f740fe05d2f3a
Fedora 19 will reach its end of life on 6-JAN-2015
https://lists.fedoraproject.org/pipermail/announce/2014-December/003243.html
Remove it as a supported distribution and add Fedora 21
- stack.sh: Remove Fedora 19 from list of 'supported' distributions.
- tools/fixup_stuff.sh: Remove Fedora 19. Also remove the workaround
of disabling firewalld for Fedora 21.
Change-Id: If92b87d2f9a2bb95469730cda201a7981670f727
Also use sudo -H with pip so that it doesn't create a ~stack/.cache
other things can't write to as the stack user later.
Change-Id: I2134c7d8f58f8b83f33150c9ed86d87f8ccba2f3
We don't use nose anywhere in anything related to devstack. The only
legitimate OpenStack things that are still nose are horizon and swift
unittests, and it turns out we don't really run those in devstack.
Change-Id: I215e0f3664f269e0e1b8f5d5f9c70553dededddd
Only set the keystone reserved ports when available, on some system
(like when running under containers) where this sysfs interface is not
exposed we are almost pretty sure these ports would be exclusive for our
devstack.
Change-Id: I06d7d227ae94d564c91c16119e4bbbcc6564a280
firewalld interacts badly with the libvirt on f20, causing slow-downs
so great that it can timeout the gate.
Developers who want to leave it enabled should set FORCE_FIREWALLD=True
Change-Id: I5252a12223a35f7fb7a4ac3c58aa4a3cd1bc4799
This was landed to try to address an issue with netns vs nbd during
icehouse development. It never really got us anywhere, and is now
just cruft.
Change-Id: Ie498fae8d1f796c1fc83459c65d0de948d1d50ce
This old setuptools egg-info file causes havoc and really weird pip
install errors. I think possibly not everyone has the
python-setuptools package installed, so it may only appear in some
situations.
Change-Id: I7ef0fa35c650e323a8945ed7c5c7754ca62a0ca5
Reserve Keystone ports from the ephemeral range as early as reasonably
possible in the fixup_stuff.sh process to reduce the likelihood that the
port will be in use. This does not completely resolve the issue
where Keystone's IANA assigned port falls into Linux's ephemeral
range, but this should reduce the occurrences. The default ports
are 35357 and 35358.
Change-Id: I8cfb53d8f90c1ff1fb1083c59fefabca3d14323b
Partial-Bug: #1253482
The f20 gate job is failing on hpcloud images
(official F20 cloud image), with enforcing selinux.
Setting selinux to permissive on all Fedoras.
Currently selinux policies are violated, when
- horizon/httpd tries to access a files without
httpd_t friendly security label.
- horizon/httpd_t tries to connect to openstack
service port, without an allowing policy.
- swift tryes rsync content without an authorized
security label and without rsync_full_access sebool.
- ..
In permissive mode you will be able to track,
the missing policies and labels by checking
the /var/log/auidit/audit.log*
The enforcing mode might be turned on in the future,
when all label and policy configured correctly.
Change-Id: I6dad705dd11b9eb5f01ce67814f05d294b3979a5
Simplifying the steps between devstack install and tempest run, by
* installing tox<1.7, bacuse 1.7 is not compatible with our tox.ini
* installing and patching 'discover' when the python version is 2.6
Change-Id: I8008837d2fae6cebeeeb051b63066279ca477e01
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check. Add a note to HACKING.rst
Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
Change 4f1fee6eae300a3384900df06ebc857e95854eb0 added the RHEL6
optional repo in fixup_stuff.sh, but it turns out that doesn't get run
until after the package prerequisites phase. Move this into stack.sh
with the RDO repo setup.
Change-Id: Iae0df85fa94c6c1b6f497dd29fda90d03b903a41
python-glanceclient is failing to install on rhel6 with a dependency
chain from pip as
cryptography>=0.2.1 (from pyOpenSSL>=0.11->python-glanceclient==0.12.0.56.gb8a850c)
cryptography requires libffi-devel to build. I'm not sure what
changed, but remove it from "testonly" so it is always installed.
However, RHEL6 includes this in the optional repo, so we enable this
repo in the fixup script.
Change-Id: I9da0e91b75f41578861ee9685b8c7e91dd12dae7
we are getting kernel crashes in the OpenStack gate, to test
getting around this we'd like devstack to be able to upgrade
the precise kernel to the latest lts backported kernel.
default to off
Change-Id: I5d47aa8d15b1b1c0386a13b65022f6b8108c5c49
The minimum prettytable version is changed from 0.6 to 0.7
in the global requirements.
If the system has an older prettytable version the fixup_stuff does not
takes effect in time, because at fixup time the system has the old
version.
Ensure the fixup installs the minimum required version in time.
Change-Id: If1737dacb25db73b68e707953d05576ad8a97da7
since commit a0739c9423a4c559b45af96fa4cdb30539dcdbd7, horizon use
a pure Python alternative to nodejs
Change-Id: I231b453e42c303c3cc29e8bea4d7b935fecdccd2
A few Markdown-oriented issues were causing Docutils errors to
leak into the end-user docs on http://devstack.org
Change-Id: I51fa9698afb1bfb48596478d83bd1fdcd84ac52e
stack.sh invokes some helper scripts as separate processes, rather than
by source'ing them. As with stack.sh itself, abort immediately on the
first error, so that errors don't compound and result in confusing error
messages. If one of these helper scripts aborts, stack.sh itself will
also abort in the usual manner.
Due to the change in behaviour, tweak some mv invocations to ensure that
they don't trigger false failures.
As with stack.sh itself, also enable xtrace so we can see exactly what's
happening. In particular this allows us to see the cause of any
premature termination due to a command failing whilst errexit is
enabled.
Change-Id: I7a55784c31e5395e29ab9bbe2bb112b83b9be693