19 Commits

Author SHA1 Message Date
Sean Dague
01796fad29 remove kernel override ability
This was landed to try to address an issue with netns vs nbd during
icehouse development. It never really got us anywhere, and is now
just cruft.

Change-Id: Ie498fae8d1f796c1fc83459c65d0de948d1d50ce
2014-08-05 17:37:36 -04:00
Ian Wienand
8fdb42fc0b Workaround for overwriting setuptools on RHEL
This old setuptools egg-info file causes havoc and really weird pip
install errors.  I think possibly not everyone has the
python-setuptools package installed, so it may only appear in some
situations.

Change-Id: I7ef0fa35c650e323a8945ed7c5c7754ca62a0ca5
2014-07-30 22:04:15 +10:00
Jenkins
4fbb8137af Merge "Reserve Keystone ports from the ephemeral range" 2014-06-17 01:24:47 +00:00
Morgan Fainberg
6cae83efd7 Reserve Keystone ports from the ephemeral range
Reserve Keystone ports from the ephemeral range as early as reasonably
possible in the fixup_stuff.sh process to reduce the likelihood that the
port will be in use. This does not completely resolve the issue
where Keystone's IANA assigned port falls into Linux's ephemeral
range, but this should reduce the occurrences. The default ports
are 35357 and 35358.

Change-Id: I8cfb53d8f90c1ff1fb1083c59fefabca3d14323b
Partial-Bug: #1253482
2014-06-13 21:33:52 +00:00
Attila Fazekas
d7967a4879 selinux permissive on Fedora
The f20 gate job is failing on hpcloud images
(official F20 cloud image), with enforcing selinux.

Setting selinux to permissive on all Fedoras.

Currently selinux policies are violated, when
 - horizon/httpd tries to access a files without
httpd_t friendly security label.
 - horizon/httpd_t tries to connect to openstack
   service port, without an allowing policy.
 - swift tryes rsync content without an authorized
   security label and without rsync_full_access sebool.
 - ..

In permissive mode you will be able to track,
the missing policies and labels by checking
the /var/log/auidit/audit.log*

The enforcing mode might be turned on in the future,
when all label and policy configured correctly.

Change-Id: I6dad705dd11b9eb5f01ce67814f05d294b3979a5
2014-06-12 11:41:54 +02:00
Attila Fazekas
522cfe0951 tempest py26 setup
Simplifying the steps between devstack install and tempest run, by
 * installing tox<1.7, bacuse 1.7 is not compatible with our tox.ini
 * installing and patching 'discover' when the python version is 2.6

Change-Id: I8008837d2fae6cebeeeb051b63066279ca477e01
2014-05-05 07:36:49 +02:00
Ian Wienand
aee18c749b Enforce function declaration format in bash8
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check.  Add a note to HACKING.rst

Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
2014-02-28 07:59:03 +11:00
Ian Wienand
3e37326a35 Move enablement of rhel6-optional repo earlier
Change 4f1fee6eae300a3384900df06ebc857e95854eb0 added the RHEL6
optional repo in fixup_stuff.sh, but it turns out that doesn't get run
until after the package prerequisites phase.  Move this into stack.sh
with the RDO repo setup.

Change-Id: Iae0df85fa94c6c1b6f497dd29fda90d03b903a41
2014-02-26 13:34:18 +11:00
Ian Wienand
4f1fee6eae Fix missing libffi-devel for python-glanceclient
python-glanceclient is failing to install on rhel6 with a dependency
chain from pip as

  cryptography>=0.2.1 (from pyOpenSSL>=0.11->python-glanceclient==0.12.0.56.gb8a850c)

cryptography requires libffi-devel to build.  I'm not sure what
changed, but remove it from "testonly" so it is always installed.

However, RHEL6 includes this in the optional repo, so we enable this
repo in the fixup script.

Change-Id: I9da0e91b75f41578861ee9685b8c7e91dd12dae7
2014-02-25 08:21:22 +11:00
Dean Troyer
d8864feae9 Fix shocco errors
Clean up comments to fix errors seen while processing with shocco

Change-Id: I0e97ad27613313f03e47c107051ea93b115d4744
2014-02-17 11:18:12 -06:00
Sean Dague
d8416d7c1c allow for upgrade of the precise kernel
we are getting kernel crashes in the OpenStack gate, to test
getting around this we'd like devstack to be able to upgrade
the precise kernel to the latest lts backported kernel.

default to off

Change-Id: I5d47aa8d15b1b1c0386a13b65022f6b8108c5c49
2014-01-27 16:08:03 -05:00
Attila Fazekas
3a82319ad7 fixup_stuff prettytable min version
The minimum prettytable version is changed from 0.6 to 0.7
 in the global requirements.

If the system has an older prettytable version the fixup_stuff does not
takes effect in time, because at fixup time the system has the old
version.

Ensure the fixup installs the minimum required version in time.

Change-Id: If1737dacb25db73b68e707953d05576ad8a97da7
2013-11-24 19:21:06 +01:00
Gonéri Le Bouder
394c11c721 horizon: drop nodejs dependency
since commit a0739c9423a4c559b45af96fa4cdb30539dcdbd7, horizon use
a pure Python alternative to nodejs

Change-Id: I231b453e42c303c3cc29e8bea4d7b935fecdccd2
2013-11-14 10:28:51 +01:00
Adam Spiers
cb961597cc Fix shocco errors and warnings
A few Markdown-oriented issues were causing Docutils errors to
leak into the end-user docs on http://devstack.org

Change-Id: I51fa9698afb1bfb48596478d83bd1fdcd84ac52e
2013-10-24 15:43:05 +01:00
Dean Troyer
65f1af6dd3 Fix fixup_stuff.sh package permissions fix
There are a number of different attempts to fix this issue, specifcally on RHEL6.
None of them actually get it right.
* This does not upgrade an OS installed package because we trust them to not make
  these sorts of permissions mistakes. Also we do not have nor want to figure out the
  right version that the OpenStack projects will require.
* This specfically targets the upstream package versions as we do not know how
  later versions behave.

This should address the following reviews:
* https://review.openstack.org/#/c/50540/
* https://review.openstack.org/#/c/51233/ (1238707)
* https://review.openstack.org/#/c/51651/ (1239747)
* https://review.openstack.org/#/c/51843/
* https://review.openstack.org/#/c/51838/
* https://review.openstack.org/#/c/52148/ (1236941)

Change-Id: I99906451dc25654628187b383e8893cce0e276bf
2013-10-16 12:50:19 -05:00
Adam Spiers
c85ade7720 set errexit and xtrace in helper scripts
stack.sh invokes some helper scripts as separate processes, rather than
by source'ing them.  As with stack.sh itself, abort immediately on the
first error, so that errors don't compound and result in confusing error
messages.  If one of these helper scripts aborts, stack.sh itself will
also abort in the usual manner.

Due to the change in behaviour, tweak some mv invocations to ensure that
they don't trigger false failures.

As with stack.sh itself, also enable xtrace so we can see exactly what's
happening.  In particular this allows us to see the cause of any
premature termination due to a command failing whilst errexit is
enabled.

Change-Id: I7a55784c31e5395e29ab9bbe2bb112b83b9be693
2013-10-01 17:54:40 +01:00
Aaron Rosen
1e4551db44 use method pip_install over sudo pip install so proxy settings work
Change-Id: I2f0c69a72ef73c317b707d99c65cab0fb590d158
2013-09-16 13:59:42 -07:00
Dean Troyer
49ba22460b Move RHEL6 hacks to tools/fixup_stuff.sh
Change-Id: Ice983bc16379bc2bc25659c37cfc16b63fdfc34b
2013-08-30 15:20:59 -05:00
Dean Troyer
9acc12a392 More Python package fixes
* Add tools/fixup_stuff.sh to fix prettytable and httplib2 install
  with pip 1.4+
* Cache downloads properly in tools/install_pip.sh

Change-Id: I482590cb91f7a10c1436bc9015afd572ac1cc73e
2013-08-10 16:44:17 -07:00