Change I188fc2cd1b26fe7a71804f7e7d66b111d6f15e30 in nova stopped us
respecting this when generating the network templates injected into
instances on boot. With the removal of nova-network, there is no longer
any other reason to set this.
Change-Id: I925b7c6c23133cd5a835960f4507c979f615d78e
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
In change I2ce8ff3d7c33a402b8af50182ec01f512859c388, we duplicated the
'default_floating_pool' option, found in the '[DEFAULT]' group, to the
'[neutron]' group. This allowed us to continue with our deprecation
plans for the former option, which should be retired along with
nova-network.
Update the nova lib module so it'll set the new option, we can safely
assume to be the correct one now that we've removed support for cells v1
and nova-network.
Change-Id: If9a02b640e6c2e1300c7b11b7552ba13c1496d79
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Remove nova cells v1 support, which also allows/necessitates removing
support for nova networks (which was only supported with cells v1) and
nova-consoleauth (which was required by cells v1 but is unnecessary
otherwise).
The Depends-On isn't really necessary, but it's here to make sure this
doesn't merge until we _really_ have killed cells v1.
I honestly expected this patch would be bigger.
Change-Id: I90316208d1af42c1659d3bee386f95e38aaf2c56
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
Depends-On: Ib0e0b708c46e4330e51f8f8fdfbb02d45aaf0f44
This patch enables ARP Responder with DVR routers along with
l2pop in devstack.
Related-Bug: #1774459
Change-Id: I82f628c32f6e38c2419b6ffe90d9f9adf96777b1
swift3 is no longer actively maintained in the upstream.
That has been moved to Swift repository as s3api so we should
use s3api middleware instead. As well as swift3, s3token is
also maintained in Swift upstream.
Change-Id: I4582d81da066ab53e6f11ad1df7af91425f2b0ca
Option "lock_path" from group "DEFAULT" is deprecated. Use option
"lock_path" from group "oslo_concurrency".
Change-Id: I7c7501a4a351155eeba77bb7cd43c8d6f5ea73bc
Support for changing the cinder periodic_interval config option
was added way back in havana as a workaround for bug #1180976
by change I20e52e66fcc94b224476cdd14c88bd6981b4e617. As the fix
for that bug does not require modifying this config value, and
such modification may have unintentional adverse effects, end
the support.
Change-Id: I1ef1fe564123216b19582262726cdb1078b7650e
Partial-bug: #1824837
Tempest's scheduler_available_filters has a special 'all' value that
is understood to mean 'all filters are enabled' by various tempest
tests. However, what it really means is 'the default nova filters are
enabled.' In an effort to help clean that up, this patch explicitly
sets scheduler_available_filters to nova's $FILTERS. Because $FILTERS
is now used in both lib/nova and lib/tempest, it is renamed
$NOVA_FILTERS.
Change-Id: I6ffc1e9989cd61d666f9c1db9c94fbabd7151918
Related-bug: 1628443
We should always pass on a region when talking to
ironic. This will also help detect and test issues
specific to regions.
Change-Id: Iaab3c1bcedc5aaa2106c0758cbb43bade3de2cf5
This function will now first filter out all "neutron-" strings from
DISABLED_SERVICES list before looking for "neutron" string in it.
Change-Id: I5cab6a3be553713e1257599fb72042c6001f2672
Close-Bug: #1824884
We're able to run multiple cells in devstack by setting the variable
NOVA_NUM_CELLS in the devstack local.conf. Since we run console
proxies per cell, we will start two console proxies if
NOVA_NUM_CELLS=2. However, we've not been configuring the console
proxy ports in the nova_cellN.conf files, so an attempt to start
more than one will result in a port conflict and failure to start
the subsequent console proxy services with error:
ERROR nova error: [Errno 98] Address already in use
This adds configuration of the console proxy ports based on an offset
while looping across NOVA_NUM_CELLS. The base port values are taken
from the config option defaults in the nova code: nova/conf/vnc.py,
nova/conf/spice.py, and nova/conf/serial_console.py.
Closes-Bug: #1822873
Change-Id: I8934d0b9392f2976347391c8a650ad260f337762
This adds a service to run a tcpdump during the run. This can be
useful to capture various network traffic for post analysis.
There didn't seem to quite be an appropriate place to document it, so
a new debugging file is started, with some terse explaination of our
various system-wide debugging services.
Change-Id: I09aaa57611c5047d09a9bce7932d34e9d50b30e6
OpenSSL 1.0.2 generates key files with default permissions: 644 and the
files are copied to the /etc/pki/* directories with sudo.
When the default CI node Ubuntu version was changed from Xenial =>
Bionic we changed from OpenSSL 1.0.2 => 1.1.0. And OpenSSL 1.1.0
generates key files with default permissions: 600. When we copy the key
file to /etc/pki/* using sudo, it becomes owned by root and then the
console-related users are unable to read it.
This sets the ownership of the /etc/pki/<console> files to the
user:group intended to read them.
Closes-Bug: #1819794
Change-Id: I437a46c875cf633272e8cad0811e5557f2ac3641
When running stack.sh locally on stable branches
with tempest enabled and TEMPEST_PLUGINS set,
devstack will try to fetch master branch of requirements
and that fails if branch is not tracked.
Change-Id: Ia1ae6869a8fede2af5cd7c875e0946b6a75eb518
Closes-Bug: #1820051
The bridge-utils package has been deprecated for some time now [1] and
'brctl' does not exist on some more recent distros like Fedora 28.
Replace references to brctl with the proper ip commands.
Calls to "brctl show" are not being replaced with calls to "bridge link"
because the output format is very different and in testing some bridges
were not listed. So the simpler method of consulting /sys/class/net is
used.
In worlddump.py we try running both because failures are handled
gracefully by _dump_cmd(), as well as "ip link show type bridge" for
additional info.
[1] https://lwn.net/Articles/703776/ for example
Change-Id: Ie4c8ad6ce4a09c38023c9e4ec7834c249403145f
Partial-Bug: #1801919
This introduces a breaking change in the URLs used to access the console
[1]. This is updated in both the documentation and linked nova change.
[1] https://github.com/novnc/noVNC/commit/83391ffc
Change-Id: I14a0be0034f4a76ab37eb90325967500c3bf1ff9
Depends-On: I9a50a111ff4911f4364a1b24d646095c72af3d2c
Related-bug: #1682020
Keystone is currently working through a bunch of changes to add proper
system, domain, and project scope support for its API. This includes
implementing ``admin``, ``member``, and ``reader`` roles for system,
domain, and project assignments. More informaiton on those specific
changes can be found here:
https://review.openstack.org/#/q/(status:open+OR+status:closed)+project:openstack/keystone+branch:master+topic:implement-default-roles
One thing that was uncovered in implementing that support for the
project API was that setting tempest
``CONF.identity.admin_domain_scope = True`` meant domain admins of one
domain would be able to list projects in other domains, highlighted in
the following patch:
https://review.openstack.org/#/c/624218/2
This commit doesn't set this option and assumes the proper
domain-scoping behavior being built into keystone natively.
Change-Id: I12a57cc43de0b17eababa19b7b94de5277689f82
Related-Bug: 1750660
when tempst venv is build, it use the master upper_contraint[1]
but when we install tempest plugin, it use branch upper_contraint.
This leads to mismatch the dependency version between tempest and required
tempest plugins setup.
Current flow after this change is:
1. install tempest form master (until you explicitly change TEMPEST_BRANCH
which is default to master in all stable branch). It applies the upper_constraint
from the stable branch but that will be overridden in step2
2. configure tempest, here the created venv will install all dependency with
master's upper_constraint.
3. install tempest plugins in same venv created above. Now tempest plugin
will also use the master upper_constraint.
With this tempest venv which has all enabled plugin will be contsraint with
master.
[1] 72f632222f/lib/tempest (L590)
Change-Id: I89314e8391e8f26c622fc090cbe27997b3cf049a
Closes-Bug: #1816022
The read_password function is defined inside stack.sh
and it cannot be used inside the "public library interface"
provided by DevStack.
Move the calls found inside library files to stack.sh,
following the same pattern of the other calls to read_password.
Change-Id: I8adc6723b677dfac2bef735f660e056c498bf773
It seems nova has changed defaults on who can create zero-sized disk
instances [1] and now some devstack jobs, like nodepool's, can't
create cirros images using this flavor. It seems the easiest thing to
do is just to bump it up.
[1] https://review.openstack.org/#/c/603910/
Change-Id: I1172d4775d608568ccbeb27e2975d83add892ea9
Cinder v1 was removed over a year ago. Change the cinder template
URLs devstack defines in the glance-api.conf to use cinder v3
instead.
Change-Id: I4a68dc0b53631be0708e7411c37619dd6dfd4fa6
Cinder and etcd are enabled by default and by default
cinder uses etcd as a distributed lock manager with
tooz as an intermediary. We see a lot of ToozConnectionErrors [1]
in the cinder logs when etcd is backed up [2] which results in
cinder operations timing out causing test failures, like
when a volume is not deleted within a given time.
This changes ETCD_USE_RAMDISK=True by default to try and
alleviate some of the pressure. An alternative is if we know
we're in a single-node job we could just not use a DLM for
Cinder.
[1] http://status.openstack.org/elastic-recheck/#1810526
[2] etcd[26824]: sync duration of 12.076762123s, expected less than 1s
Change-Id: I5f82aa40e9d84114e7b7b5cf19ec4942d6552490
Partial-Bug: #1810526
