7912 Commits

Author SHA1 Message Date
Matt Riedemann
aa47a0a8be ceph: set rbd_secret_uuid in cinder.conf, not rbd_uuid
The ceph cinder backend script was setting the wrong
config option in cinder.conf for the secret uuid. This
was being masked by a bug in nova which is failing on
this bug when trying to fix the nova bug...right. It
makes sense.

See:

http://docs.ceph.com/docs/master/rbd/rbd-openstack/#configuring-cinder

Change-Id: I4655cae3212d589177d2570403b563a83aad529a
Closes-Bug: #1635488
2016-10-20 22:27:25 -04:00
Monty Taylor
201c01f19b
Don't clone dib-utils in install_heat
It's not used, and a recent change to trim down projects lists in
devstack-gate broke devstack in the gate that enabled heat.

Change-Id: I405423bdc9ba8dd9b30fce6fdceacccf662d5da3
2016-10-18 11:24:41 -05:00
Jenkins
093d815d9f Merge "Enable bridge firewalling if iptables are used" 2016-10-18 11:23:54 +00:00
Chuck Short
51db6d33c1 Replace wily support with yakkety
Ubuntu wily support is EOL so lets make room for yakkety.

Change-Id: Ib13d43f6d89bdf7c684cd34655a077a13e237be3
Signed-off-by: Chuck Short <chuck.short@canonical.com>
2016-10-15 09:40:35 -04:00
Jenkins
88172b8763 Merge "Reduce the scope of the subnet pool prefix in neutron" 2016-10-14 20:04:27 +00:00
Jenkins
8caeb035f4 Merge "Make Nova/Ironic communication use Identity v3" 2016-10-13 19:55:06 +00:00
Jenkins
cdcfc74d23 Merge "Remove workaround for openstack complete" 2016-10-13 19:50:54 +00:00
Jenkins
c330a8a661 Merge "nova: stop setting deprecated use_usb_tablet option" 2016-10-12 02:24:04 +00:00
Jenkins
6c55227595 Merge "Add a screen session for tls logs" 2016-10-11 19:48:23 +00:00
Jenkins
fab7a04de8 Merge "Neutron L3 subnetpool creation should be optional" 2016-10-11 19:45:27 +00:00
Steve Martinelli
5ff77d6a2a Remove workaround for openstack complete
This reverts commit 6930ba312f787e0459f7455ac6ba2a70b3c7c37d.

By reverting this patch we are no longer using the bandaid fix mentioned
in the code. The latest openstackclient release (3.3.0) fixes the bug.

Related-Bug: 1619274

Change-Id: I20e3c5a92b97bf46c8d2318cd37044f0f36e1745
2016-10-11 14:09:41 +00:00
Jenkins
1c13be860b Merge "Modify the default Qemu packages name for AArch64." 2016-10-10 13:58:17 +00:00
Jenkins
522cc7581a Merge "Don't install Nova policy.json" 2016-10-10 12:15:55 +00:00
Sean Dague
f06455e1b5 Add a screen session for tls logs
When tls is enabled, we aren't bringing the logs to the forefront,
which makes it hard to debug when things go wrong. This does that.

Change-Id: I7c6c7e324e16da6b9bfa44f4bad17401ca4ed7e3
2016-10-07 06:57:03 -04:00
Clay Gerrard
148d0e6e08 Clarify default IP_VERSION in docs
The prior art on other options in the same document seemed to be
calling out the default in a pre-formatted block after describing the
possible values.

I believe the default value for the option was first changed [1], then
the docs were fixed [2], then the information was unintentionally
dropped from the docs [3].

1. Related-Change: If0e0b818355e4cb1338f7fa72af5e81e24361574
2. Related-Change: Ib6603b4f6ea0b4079f9a4ea46e723ecbb2ea371d
3. Related-Change: Iddd27cb54f1d9f062b9c47ff9ad6a2bef3650d6b

Change-Id: I662403db3b08a351a680587440ad1f15a6f8ee5d
2016-10-07 10:25:25 +11:00
Sean Dague
ec498cd061 remove sites-enabled/keystone.conf link on clean
doing a clean.sh / stack.sh cycle with USE_SSL=True was failing
because we were no longer cleaning up the keystone site fully, so some
of the early mod_ssl queries hit an invalid apache configuration.

Change-Id: Ic6f3f601e532ec50c0234d928c25b378d9e95e32
2016-10-06 15:00:44 -04:00
Jenkins
7480276f5e Merge "Update apache tls proxy logs" 2016-10-06 13:08:28 +00:00
Jenkins
92d8ecf9c4 Merge "XenAPI: Remove legacy tty image" 2016-10-06 05:46:18 +00:00
Jenkins
0a088b1b36 Merge "Update OpenStackClient role list commands" 2016-10-06 05:19:37 +00:00
Jenkins
6af6d6f803 Merge "Add files/*.deb and files/*.deb.* to gitignore" 2016-10-06 05:00:53 +00:00
Jenkins
5a52e99c64 Merge "Updated from generate-devstack-plugins-list" 2016-10-06 00:54:17 +00:00
Clark Boylan
66ce5c257a Update apache tls proxy logs
This creates log files per proxy vhost and sets the log level to info to
help debug potential issues with tls proxying.

Change-Id: I02a62224662b021b35c293909ba045b4b74e1df8
2016-10-05 16:25:53 -07:00
Jenkins
91d8a38e16 Merge "Allow default IPv6 route device names to have dots" 2016-10-05 18:24:12 +00:00
Clenimar Filemon
57df186c13 Make Nova/Ironic communication use Identity v3
As long as nova already supports an Identity v3 auth flow when talking
to ironic (Id837d26bb21c158de0504627e488c0692aef1e24), make it use
v3 by default.

This way we don't fail in a keystone v3-only situation, for
example.

Change-Id: I028dfb52108d0630f47a53f8b420b70d4979eb55
2016-10-04 16:27:02 +00:00
Miguel Angel Ajo
ca89d071b3 Reduce the scope of the subnet pool prefix in neutron
Some of the clouds used for CI use the 10.2xx.0.0/16 range
for VMs, and collide with the wider 10.0.0.0/8.

This setting allows for creation of 256 subnets out of the pool.

Change-Id: I48c86f94098f1501f0e7f90a265dda7e81440eb0
Closes-Bug: 1629133
2016-10-04 18:19:33 +02:00
Mike Perez
c271b3ea1f Update OpenStackClient role list commands
This command is deprecated. The new command is role assignment list.

Change-Id: I8dba0be21d5af6751bea13d8ff29cd4b7589ab3e
2016-10-03 16:50:27 -07:00
rajinir
c58a15575d Neutron L3 subnetpool creation should be optional
Added an option to make subnetpools to be optional
as it ignores the public network specified in
FIXED_RANGE.

DocImpact
Change-Id: Ic89ceca76afda67da5545111972c3348011f294f
Closes-Bug: #1628267
2016-09-30 11:46:38 -05:00
OpenStack Proposal Bot
c12c12f663 Updated from generate-devstack-plugins-list
Change-Id: Id9ce2cbdad53665ca2f6b7e57cb2553cb89cd982
2016-09-30 06:57:24 +00:00
Jenkins
563d377782 Merge "Fix typo in documentation" 2016-09-29 23:50:54 +00:00
Jenkins
e43cca1adf Merge "Fix the logic of if used with is_service_enabled" 2016-09-29 22:15:08 +00:00
Jenkins
411248ddc2 Merge "Move Q_ROUTER_NAME to where it belongs" 2016-09-29 19:42:50 +00:00
Ihar Hrachyshka
b3a210f643 Enable bridge firewalling if iptables are used
With the plan [1] to stop enabling it by Neutron iptables firewall
driver itself, deployment tools should catch up and enable the firewall
themselves.

This is needed for distributions that decided to disable the kernel
firewall by default (upstream kernel has it enabled). This is also
needed for distributions that ship newer kernels but don't load the
br_netfilter module before starting nova-network or Neutron iptables
firewall driver. In the latter case, firewall may not work, depending on
the order of operations executed by the driver.

To isolate devstack setups from the difference in distribution
kernel configuration and version, the following steps are done:

- we load bridge kernel module, and br_netfilter if present, to get
  access to sysctl knobs controlling the firewall;
- once knobs are available, we unconditionally set them to 1, to make
  sure the firewall is in effect.

More details at:
http://wiki.libvirt.org/page/Net.bridge.bridge-nf-call_and_sysctl.conf

[1] I9137ea017624ac92a05f73863b77f9ee4681bbe7

Change-Id: Id6bfd9595f0772a63d1096ef83ebbb6cd630fafd
Related-Bug: #1622914
2016-09-29 04:26:56 +00:00
Andrew Laski
0009869cae Don't install Nova policy.json
Nova ships with an empty policy.json file which it does not need.
oslo.policy previously required the empty file to be there but as of
version 1.14.0 it is possible to run with no policy file at all. Since
there are no policies defined in the sample file let's no install it.

Change-Id: I85a251376dfe38caa4b100861bf764014a98bc37
Depends-On: I09fa842ffbe75bed269cef6edc9c82d18bfe9297
2016-09-28 15:07:14 -04:00
Hironori Shiina
aa7ec81fd7 Fix typo in documentation
This patch just removes a duplicate 'the'.

Change-Id: I3393a51d55ba8ec1639c2548781f8972f0d5c9d0
2016-09-28 20:21:57 +09:00
Jenkins
ced511c593 Merge "Work around issue in glance_store swift driver" 2016-09-27 21:37:14 +00:00
Drago Rosson
b34d459bbc Allow default IPv6 route device names to have dots
When dots are used with sysctl, they are reinterpreted as slashes.
Route devices can have dots in their names, so when they are used in a
sysctl command that also uses dots, its dot will be replaced with a
slash, causing an error.

Change-Id: Ie32126a3aa8d646568d7d37ec4874419b9658935
Closes-Bug: #1627770
2016-09-27 10:24:47 -05:00
Jenkins
ea9b111eef Merge "lib/neutron: Rename core plugin variables" 2016-09-27 14:27:49 +00:00
Jenkins
e75d5044f4 Merge "Update certificate creation for urllib3" 2016-09-27 11:26:47 +00:00
YAMAMOTO Takashi
1aa4368135 Move Q_ROUTER_NAME to where it belongs
The motivation is to make it more friendly with lib/neutron.
ie. independent from lib/neutron-legacy

Change-Id: I19821b009cbf1bc715a6c7b2854e4c77d2041ec4
2016-09-27 13:51:09 +09:00
YAMAMOTO Takashi
4a55d2a660 lib/neutron: Rename core plugin variables
NEUTRON_PLUGIN -> NEUTRON_CORE_PLUGIN
NEUTRON_PLUGIN_* -> NEUTRON_CORE_PLUGIN_*

Change-Id: I1d93d8bd1e6e3bbca0e56a2da0684ab3f3fbb525
2016-09-27 13:51:09 +09:00
Jenkins
71afa25250 Merge "Don't make root CA if it exists" 2016-09-27 04:03:24 +00:00
Jenkins
792a7ab31f Merge "Mount identity admin script at /identity_admin" 2016-09-26 20:39:11 +00:00
Ian Cordasco
69e3c0aac9 Update certificate creation for urllib3
urllib3 1.18 was released today and contains new more correct hostname
matching that takes into account the ipAddress portion of a certificate
and disallows matching an IP Address against a DNS hostname.

Change-Id: I37d247b68911dc85f55adec6a7952ed321c1b1d8
2016-09-26 12:21:41 -07:00
Jenkins
65fc49e283 Merge "lib/neutron: Use NEUTRON_PLUGIN instead of hardcoding ml2" 2016-09-26 18:18:46 +00:00
Jenkins
9cea4e8570 Merge "Remove remaining fwaas code" 2016-09-26 16:54:10 +00:00
Jenkins
e18d6fae72 Merge "Switch keystone to dogpile.cache.memcached backend" 2016-09-26 16:54:00 +00:00
Jenkins
590e21f9a4 Merge "Keystone uwsgi set lazy-apps=true" 2016-09-26 16:53:52 +00:00
Jenkins
fdd6dfa519 Merge "Remove the same configurations as the default" 2016-09-26 16:53:43 +00:00
Jenkins
de0b611032 Merge "Run n-cpu using LXD_GROUP when LXD virt driver" 2016-09-26 15:01:26 +00:00
Jenkins
69700227a9 Merge "Make the Neutron l3 plugin use the subnetpools" 2016-09-26 15:01:16 +00:00