From 3615cc776d0a926fc45ce280cfc6ee679d01366e Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Fri, 13 Mar 2015 15:46:09 +0000 Subject: baserock-import needs morphlib (morph-utils) to build --- strata/baserock-import.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/baserock-import.morph b/strata/baserock-import.morph index 2b18d02d..c0861105 100644 --- a/strata/baserock-import.morph +++ b/strata/baserock-import.morph @@ -3,7 +3,7 @@ kind: stratum description: Tools for importing software into Baserock definitions. build-depends: - morph: strata/python-common.morph -- morph: strata/python-cliapp.morph +- morph: strata/morph-utils.morph chunks: - name: ansicolor repo: upstream:python-packages/ansicolor -- cgit v1.2.1 From 26865e5553490ef2e084ab1d59a5d9dbd646f624 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Sat, 14 Mar 2015 13:17:10 +0000 Subject: Make python-tools depend on python-core --- strata/python-tools.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/python-tools.morph b/strata/python-tools.morph index 0acc1c0c..5ee65791 100644 --- a/strata/python-tools.morph +++ b/strata/python-tools.morph @@ -3,7 +3,7 @@ kind: stratum description: "A stratum for non-essential python tools: useful python tools that we don't want to include in core." build-depends: -- morph: strata/core.morph +- morph: strata/python-core.morph chunks: - name: virtualenv repo: upstream:python-packages/virtualenv -- cgit v1.2.1 From 9cd4c1464d40bbe66d00eeb351678f5adacaf911 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Sat, 14 Mar 2015 12:52:23 +0000 Subject: Add pylint --- strata/python-tools.morph | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/strata/python-tools.morph b/strata/python-tools.morph index 5ee65791..0bba0502 100644 --- a/strata/python-tools.morph +++ b/strata/python-tools.morph @@ -9,3 +9,20 @@ chunks: repo: upstream:python-packages/virtualenv ref: 9205ff46a67130e8835f14bb4f802fd59e7dcf2c unpetrify-ref: 12.0.5 + +## Pylint +- name: astroid + repo: upstream:python-packages/astroid + ref: 194dc114a33b80b4bfbbeb73f36712848f696025 + unpetrify-ref: astroid-1.3.5 + build-depends: [] +- name: logilab-common + repo: upstream:python-packages/logilab-common + ref: d1d8f793af6d015d885b9ea67b5741d5a093e2f4 + unpetrify-ref: logilab-common-version-0.62.0 + build-depends: [] +- name: pylint + repo: upstream:python-packages/pylint + ref: ba998d7a4e5fce0ea3a3e701ff446bbe4ca406b5 + unpetrify-ref: pylint-1.4.2 + build-depends: [] -- cgit v1.2.1 From 9927467fbb34422ea8bf84cce865b2cc8240e835 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Mon, 16 Mar 2015 15:04:45 +0000 Subject: Remove Gerrit system A new version of a Baserock Gerrit system definition now lives in infrastructure.git. Change-Id: I6aeed4c5381edf5e7736f1816f9d58832c0ac781 --- clusters/gerrit-openstack.morph | 16 ------- gerrit.configure | 50 ---------------------- strata/patch-manager-gerrit.morph | 10 ----- .../gerrit-installation-binaries.morph | 28 ------------ systems/gerrit-x86_64.morph | 32 -------------- 5 files changed, 136 deletions(-) delete mode 100644 clusters/gerrit-openstack.morph delete mode 100755 gerrit.configure delete mode 100644 strata/patch-manager-gerrit.morph delete mode 100644 strata/patch-manager-gerrit/gerrit-installation-binaries.morph delete mode 100644 systems/gerrit-x86_64.morph diff --git a/clusters/gerrit-openstack.morph b/clusters/gerrit-openstack.morph deleted file mode 100644 index bdfb128c..00000000 --- a/clusters/gerrit-openstack.morph +++ /dev/null @@ -1,16 +0,0 @@ -name: open-stack-gerrit -kind: cluster -description: | - Deploy gerrit morphology into openstack -systems: -- morph: systems/gerrit-x86_64.morph - deploy: - openstack-image: - type: openstack - location: http://openstack-host:5000/v2.0/ - DISK_SIZE: 4G - OPENSTACK_USER: openstack-user - OPENSTACK_TENANT: openstack-tenant - OPENSTACK_IMAGENAME: Gerrit - CLOUD_INIT: yes - KERNEL_ARGS: console=ttyS0 console=tty0 diff --git a/gerrit.configure b/gerrit.configure deleted file mode 100755 index b691ea95..00000000 --- a/gerrit.configure +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2014 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# -# This is a "morph deploy" configuration extension to enable bash -# as default shell in gerrit systems. -set -e - -ROOT="$1" - -############################################################################### - -# Set bash as default shell -ln -sfn bash "$ROOT/bin/sh" - -############################################################################### -echo "Creating gerrit-daemon unit file" - -cat << EOF > "$ROOT"/etc/systemd/system/gerrit-daemon.service -[Unit] -Description=Gerrit Code Review Server Service - -ConditionPathExists=/home/gerrit2/gerrit/.gerrit_controller - -[Service] -User=gerrit2 -Group=gerrit2 -Environment="PATH=/usr/bin:/bin" -Type=forking -ExecStart=/home/gerrit2/gerrit/.gerrit_controller/bin/gerrit.sh start - -[Install] -WantedBy=multi-user.target -EOF -ln -sfn "../gerrit-daemon.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/gerrit-daemon.service" diff --git a/strata/patch-manager-gerrit.morph b/strata/patch-manager-gerrit.morph deleted file mode 100644 index 60e6d6cd..00000000 --- a/strata/patch-manager-gerrit.morph +++ /dev/null @@ -1,10 +0,0 @@ -name: patch-manager-gerrit -kind: stratum -build-depends: -- morph: strata/tools.morph -chunks: -- name: gerrit-installation-binaries - morph: strata/patch-manager-gerrit/gerrit-installation-binaries.morph - repo: github:franred/gerrit-installation-binaries - ref: ef262c635890f19eaff8ef6bbd831ee9b0d8693e - unpetrify-ref: master diff --git a/strata/patch-manager-gerrit/gerrit-installation-binaries.morph b/strata/patch-manager-gerrit/gerrit-installation-binaries.morph deleted file mode 100644 index b0d1a393..00000000 --- a/strata/patch-manager-gerrit/gerrit-installation-binaries.morph +++ /dev/null @@ -1,28 +0,0 @@ -name: gerrit-installation-binaries -kind: chunk -configure-commands: [] -build-commands: -- cat jdk-8u20-linux-x64.tar.gz_* > jdk-8u20-linux-x64.tar.gz -install-commands: -- mkdir -p "$DESTDIR$PREFIX"/bin -- mkdir -p "$DESTDIR$PREFIX"/lib -- mkdir -p "$DESTDIR$PREFIX"/share/gerrit -- cp gerrit-2.9.war "$DESTDIR$PREFIX"/share/gerrit -- tar zxf jdk-8u20-linux-x64.tar.gz -C "$DESTDIR$PREFIX"/lib -- unzip jce_policy-8.zip -d "$DESTDIR$PREFIX"/lib/jdk1.8.0_20/jre/lib/security -- ln -sfn "$PREFIX"/lib/jdk1.8.0_20/jre/bin/java "$DESTDIR$PREFIX"/bin/ -system-integration: - gerrit-installation-binaries-misc: - 01-adduser: - - adduser -D -h /home/gerrit2 -g 'Gerrit Administrator' -s /bin/sh gerrit2 - 02-install-gerrit: - - | - install -D /usr/share/gerrit/gerrit-2.9.war /home/gerrit2/gerrit/gerrit-2.9.war \ - -o gerrit2 -g gerrit2 -m 644 - chown gerrit2 /home/gerrit2/gerrit - sudo LD_LIBRARY_PATH=/usr/jdk1.8.0_20/jre/lib/amd64/jli \ - -u gerrit2 java -jar /home/gerrit2/gerrit/gerrit-2.9.war \ - init --batch -d /home/gerrit2/gerrit/.gerrit_controller \ - --no-auto-start - sed -i "s|canonicalWebUrl =.*|canonicalWebUrl = http://localhost:8080|g" \ - /home/gerrit2/gerrit/.gerrit_controller/etc/gerrit.config diff --git a/systems/gerrit-x86_64.morph b/systems/gerrit-x86_64.morph deleted file mode 100644 index 91d4c701..00000000 --- a/systems/gerrit-x86_64.morph +++ /dev/null @@ -1,32 +0,0 @@ -name: gerrit-x86_64 -kind: system -description: system to install gerrit on it -arch: x86_64 -strata: -- name: build-essential - morph: strata/build-essential.morph -- name: bsp-x86_64-generic - morph: strata/bsp-x86_64-generic.morph -- name: foundation - morph: strata/foundation.morph -- name: core - morph: strata/core.morph -- name: tools - morph: strata/tools.morph -- name: nfs - morph: strata/nfs.morph -- name: databases - morph: strata/databases.morph -- name: network-security - morph: strata/network-security.morph -- name: cloudinit-support - morph: strata/cloudinit-support.morph -- name: patch-manager-gerrit - morph: strata/patch-manager-gerrit.morph -configuration-extensions: -- set-hostname -- add-config-files -- nfsboot -- install-files -- cloud-init -- gerrit -- cgit v1.2.1 From 24673741fb1ad30c273e89c25d366e0136dfaa5b Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Mon, 16 Mar 2015 16:07:27 +0000 Subject: Remove Gitlab systems As far as I know, these are out of date, unmaintained and nobody is using them. It was definitely a useful learning process to integrate Gitlab into Baserock, but I think this is now just taking up space in definitions.git needlessly. Change-Id: Ifdd9c0a3dd889382bc5e6825c2df4f3afbd89f3c --- clusters/gitlab-ci-runner-cluster.morph | 16 -- clusters/gitlab-cluster.morph | 48 ---- clusters/gitlab-server-cluster.morph | 22 -- gitlab-ci-runner/manifest | 4 - .../usr/share/gitlab-install/install-runner | 36 --- .../systemd-units/gitlab-ci-runner.service | 15 -- gitlab-server/manifest | 37 --- .../usr/share/gitlab-install/backup-gitlab | 16 -- .../gitlab-ci/config/application.yml | 43 ---- .../gitlab-install/gitlab-ci/config/resque.yml | 3 - .../gitlab-install/gitlab-ci/config/unicorn.rb | 102 -------- .../gitlab-ci/lib/support/nginx/gitlab_ci | 36 --- .../share/gitlab-install/gitlab-remote-backup.sh | 22 -- .../share/gitlab-install/gitlab-remote-restore.sh | 57 ----- .../share/gitlab-install/gitlab-shell/config.yml | 41 ---- .../gitlab-install/gitlab/config/database.yml | 49 ---- .../share/gitlab-install/gitlab/config/gitlab.yml | 270 --------------------- .../gitlab/config/initializers/rack_attack.rb | 18 -- .../share/gitlab-install/gitlab/config/resque.yml | 3 - .../share/gitlab-install/gitlab/config/unicorn.rb | 113 --------- .../gitlab-install/gitlab/lib/support/nginx/gitlab | 70 ------ gitlab-server/usr/share/gitlab-install/nginx.conf | 73 ------ .../systemd-units/gitlab-backup.service | 11 - .../systemd-units/gitlab-backup.timer | 8 - .../systemd-units/gitlab-ci-sidekiq.service | 24 -- .../systemd-units/gitlab-ci-unicorn.service | 24 -- .../systemd-units/gitlab-sidekiq.service | 24 -- .../systemd-units/gitlab-unicorn.service | 24 -- .../gitlab-install/systemd-units/gitlab.target | 15 -- .../gitlab-install/systemd-units/nginx.service | 15 -- .../gitlab-install/systemd-units/postgres.service | 25 -- .../gitlab-install/systemd-units/redis.service | 13 - gitlab-server/usr/share/gitlab-setup | 104 -------- gitlab.configure | 128 ---------- strata/gitlab.morph | 21 -- strata/gitlab/gitlab-ce.morph | 6 - strata/gitlab/gitlab-ci.morph | 6 - strata/gitlab/gitlab-shell.morph | 6 - systems/gitlab-ci-runner.morph | 58 ----- systems/gitlab-server.morph | 34 --- 40 files changed, 1640 deletions(-) delete mode 100644 clusters/gitlab-ci-runner-cluster.morph delete mode 100644 clusters/gitlab-cluster.morph delete mode 100644 clusters/gitlab-server-cluster.morph delete mode 100644 gitlab-ci-runner/manifest delete mode 100755 gitlab-ci-runner/usr/share/gitlab-install/install-runner delete mode 100644 gitlab-ci-runner/usr/share/gitlab-install/systemd-units/gitlab-ci-runner.service delete mode 100644 gitlab-server/manifest delete mode 100644 gitlab-server/usr/share/gitlab-install/backup-gitlab delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-ci/config/application.yml delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-ci/config/resque.yml delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-ci/config/unicorn.rb delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-remote-backup.sh delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-remote-restore.sh delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab-shell/config.yml delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab/config/database.yml delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab/config/gitlab.yml delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab/config/initializers/rack_attack.rb delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab/config/resque.yml delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab/config/unicorn.rb delete mode 100644 gitlab-server/usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab delete mode 100644 gitlab-server/usr/share/gitlab-install/nginx.conf delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.timer delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-sidekiq.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-unicorn.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-sidekiq.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-unicorn.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/gitlab.target delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/nginx.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/postgres.service delete mode 100644 gitlab-server/usr/share/gitlab-install/systemd-units/redis.service delete mode 100755 gitlab-server/usr/share/gitlab-setup delete mode 100644 gitlab.configure delete mode 100644 strata/gitlab.morph delete mode 100644 strata/gitlab/gitlab-ce.morph delete mode 100644 strata/gitlab/gitlab-ci.morph delete mode 100644 strata/gitlab/gitlab-shell.morph delete mode 100644 systems/gitlab-ci-runner.morph delete mode 100644 systems/gitlab-server.morph diff --git a/clusters/gitlab-ci-runner-cluster.morph b/clusters/gitlab-ci-runner-cluster.morph deleted file mode 100644 index 97da4a8d..00000000 --- a/clusters/gitlab-ci-runner-cluster.morph +++ /dev/null @@ -1,16 +0,0 @@ -name: gitlab-ci-runner-cluster -kind: cluster -systems: -- morph: systems/gitlab-ci-runner.morph - deploy-defaults: - AUTOSTART: false - DISK_SIZE: 6G - RAM_SIZE: 3G - VCPUS: 2 - VERSION_LABEL: factory - deploy: - gitlab-ci-runner: - type: kvm - location: kvm+ssh://USER@HOST/gitlab-ci-runner/home/USER/gitlab-ci-runner.img - HOSTNAME: gitlab-ci-runner - INSTALL_FILES: gitlab-ci-runner/manifest diff --git a/clusters/gitlab-cluster.morph b/clusters/gitlab-cluster.morph deleted file mode 100644 index 5f3177ca..00000000 --- a/clusters/gitlab-cluster.morph +++ /dev/null @@ -1,48 +0,0 @@ -name: gitlab-cluster -kind: cluster -description: | - This is an example cluster morphology that can be adapted to set up a GitLab - server with GitLab CI running alongside it, along with one or more CI - runners to actually run the CI tests/builds. - - For the server, you will need to specify the GITLAB_HOSTNAME. This is the - domain name or IP by which your deployed GitLab instance will be able to be - reached by. You will also need a GITLAB_PORT, CI_PORT, UNICORN PORT and - UNICORN_CI_PORT. These are the port to use for GitLab, the port to use for - GitLab CI, the port for GitLab's Unicorn process to listen on, and the port - for GitLab CI's Unicorn process to listen on respectively. Finally, you will - need to define a GITLAB_EMAIL, that is the email that mail from your GitLab - instance will appear to be from. -systems: -- morph: systems/gitlab-server.morph - deploy-defaults: - AUTOSTART: false - DISK_SIZE: 10G - RAM_SIZE: 2G - VCPUS: 2 - VERSION_LABEL: factory - deploy: - gitlab: - type: kvm - location: kvm+ssh://USER@HOST/gitlab/home/USER/gitlab.img - CI_PORT: 81 - GITLAB_EMAIL: gitlab@gitlab.example.com - GITLAB_HOSTNAME: gitlab.example.com - GITLAB_PORT: 80 - HOSTNAME: gitlab - INSTALL_FILES: gitlab-server/manifest - UNICORN_CI_PORT: 8081 - UNICORN_PORT: 8080 -- morph: systems/gitlab-ci-runner.morph - deploy-defaults: - AUTOSTART: false - DISK_SIZE: 10G - RAM_SIZE: 3G - VCPUS: 2 - VERSION_LABEL: factory - deploy: - gitlab-ci-runner: - type: kvm - location: kvm+ssh://USER@HOST/gitlab-ci-runner/home/USER/gitlab-ci-runner.img - HOSTNAME: gitlab-ci-runner - INSTALL_FILES: gitlab-ci-runner/manifest diff --git a/clusters/gitlab-server-cluster.morph b/clusters/gitlab-server-cluster.morph deleted file mode 100644 index fcb7c1d2..00000000 --- a/clusters/gitlab-server-cluster.morph +++ /dev/null @@ -1,22 +0,0 @@ -name: gitlab-server-cluster -kind: cluster -systems: -- morph: systems/gitlab-server.morph - deploy-defaults: - AUTOSTART: false - DISK_SIZE: 6G - RAM_SIZE: 2G - VCPUS: 2 - VERSION_LABEL: factory - deploy: - gitlab: - type: kvm - location: kvm+ssh://USER@HOST/gitlab/home/USER/gitlab.img - CI_PORT: 81 - GITLAB_EMAIL: gitlab@gitlab.example.com - GITLAB_HOSTNAME: gitlab.example.com - GITLAB_PORT: 80 - HOSTNAME: gitlab - INSTALL_FILES: gitlab-server/manifest - UNICORN_CI_PORT: 8081 - UNICORN_PORT: 8080 diff --git a/gitlab-ci-runner/manifest b/gitlab-ci-runner/manifest deleted file mode 100644 index bad84dea..00000000 --- a/gitlab-ci-runner/manifest +++ /dev/null @@ -1,4 +0,0 @@ -0040755 0 0 /usr/share/gitlab-install -0100755 0 0 /usr/share/gitlab-install/install-runner -0040755 0 0 /usr/share/gitlab-install/systemd-units -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-ci-runner.service diff --git a/gitlab-ci-runner/usr/share/gitlab-install/install-runner b/gitlab-ci-runner/usr/share/gitlab-install/install-runner deleted file mode 100755 index f1165af8..00000000 --- a/gitlab-ci-runner/usr/share/gitlab-install/install-runner +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2014 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -set -e - -gem install bundler - -git config --global http.sslVerify false -git config --global user.name 'GitLab CI Runner' -git config --global user.email 'ci_runner@localhost' -git config --global core.autocrlf input - -git clone https://gitlab.com/gitlab-org/gitlab-ci-runner.git -b 5-0-stable -cd gitlab-ci-runner - -bundle install --deployment -bundle exec ./bin/setup -nohup bundle exec ./bin/runner & - -cd /etc/systemd/system -cp /usr/share/gitlab-install/systemd-units/gitlab-ci-runner.service . -systemctl enable gitlab-ci-runner.service diff --git a/gitlab-ci-runner/usr/share/gitlab-install/systemd-units/gitlab-ci-runner.service b/gitlab-ci-runner/usr/share/gitlab-install/systemd-units/gitlab-ci-runner.service deleted file mode 100644 index dfc84d96..00000000 --- a/gitlab-ci-runner/usr/share/gitlab-install/systemd-units/gitlab-ci-runner.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=GitLab CI Runner - -[Service] -User=root -WorkingDirectory=/root/gitlab-ci-runner -SyslogIdentifier=gitlab-ci-runner - -ExecStart=/usr/bin/bundle exec "./bin/runner" -ExecStop=/bin/kill -s QUIT $MAINPID -ExecReload=/bin/kill -s USR2 $MAINPID - -[Install] -WantedBy=multi-user.target - diff --git a/gitlab-server/manifest b/gitlab-server/manifest deleted file mode 100644 index 7ac74744..00000000 --- a/gitlab-server/manifest +++ /dev/null @@ -1,37 +0,0 @@ -0100755 0 0 /usr/share/gitlab-setup -0040755 0 0 /usr/share/gitlab-install -0100755 0 0 /usr/share/gitlab-install/backup-gitlab -0040755 0 0 /usr/share/gitlab-install/gitlab -0040755 0 0 /usr/share/gitlab-install/gitlab/config -0100644 0 0 /usr/share/gitlab-install/gitlab/config/gitlab.yml -0040755 0 0 /usr/share/gitlab-install/gitlab/config/initializers -0100644 0 0 /usr/share/gitlab-install/gitlab/config/resque.yml -0100644 0 0 /usr/share/gitlab-install/gitlab/config/unicorn.rb -0100644 0 0 /usr/share/gitlab-install/gitlab/config/initializers/rack_attack.rb -0040755 0 0 /usr/share/gitlab-install/gitlab/lib -0040755 0 0 /usr/share/gitlab-install/gitlab/lib/support -0040755 0 0 /usr/share/gitlab-install/gitlab/lib/support/nginx -0100644 0 0 /usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab -0040755 0 0 /usr/share/gitlab-install/gitlab-shell -0100644 0 0 /usr/share/gitlab-install/gitlab-shell/config.yml -0040755 0 0 /usr/share/gitlab-install/gitlab-ci -0040755 0 0 /usr/share/gitlab-install/gitlab-ci/config -0100644 0 0 /usr/share/gitlab-install/gitlab-ci/config/application.yml -0100644 0 0 /usr/share/gitlab-install/gitlab-ci/config/resque.yml -0100644 0 0 /usr/share/gitlab-install/gitlab-ci/config/unicorn.rb -0040755 0 0 /usr/share/gitlab-install/gitlab-ci/lib -0040755 0 0 /usr/share/gitlab-install/gitlab-ci/lib/support -0040755 0 0 /usr/share/gitlab-install/gitlab-ci/lib/support/nginx -0100644 0 0 /usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci -0100644 0 0 /usr/share/gitlab-install/nginx.conf -0040755 0 0 /usr/share/gitlab-install/systemd-units -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab.target -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-ci-sidekiq.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-ci-unicorn.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-sidekiq.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-unicorn.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/nginx.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/postgres.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/redis.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-backup.service -0100644 0 0 /usr/share/gitlab-install/systemd-units/gitlab-backup.timer diff --git a/gitlab-server/usr/share/gitlab-install/backup-gitlab b/gitlab-server/usr/share/gitlab-install/backup-gitlab deleted file mode 100644 index 1320df81..00000000 --- a/gitlab-server/usr/share/gitlab-install/backup-gitlab +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -# -# Run the gitlab backup script. The backup will be stored as -# /home/git/gitlab-backup.tar . A separate backup host will need to -# back that up. -# -# This script be run as the postgres user on a Baserock GitLab host. - -set -e - -export PATH=/usr/local/bin:/usr/bin:/bin - -mkdir -p /home/postgres/dumps -cd /home/postgres/dumps -pg_dumpall > new.dump -mv new.dump gitlab.pg_dumpall diff --git a/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/application.yml b/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/application.yml deleted file mode 100644 index 6eb5eb19..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/application.yml +++ /dev/null @@ -1,43 +0,0 @@ -defaults: &defaults - gitlab_server_urls: - # Replace with your gitlab server url - - 'http://##GITLAB_HOSTNAME##/' - - ## Gitlab CI settings - gitlab_ci: - ## Web server settings - host: ##GITLAB_HOSTNAME## - port: ##CI_PORT## - https: false - - ## Email settings - # Email address used in the "From" field in mails sent by GitLab-CI - email_from: gitlab-ci@localhost - - # Email address of your support contact (default: same as email_from) - support_email: support@localhost - - # Default project notifications settings: - # - # Send emails only on broken builds (default: true) - # all_broken_builds: true - # - # Add committer to recipients list (default: false) - # add_committer: true - - gravatar: - enabled: true - plain_url: "http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm" - ssl_url: "https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm" - - -development: - <<: *defaults - -test: - <<: *defaults - gitlab_server_urls: - - 'http://demo.gitlab.com/' - -production: - <<: *defaults diff --git a/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/resque.yml b/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/resque.yml deleted file mode 100644 index f42ffe78..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/resque.yml +++ /dev/null @@ -1,3 +0,0 @@ -development: redis://127.0.0.1:6379 -test: redis://127.0.0.1:6379 -production: redis://127.0.0.1:6379 diff --git a/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/unicorn.rb b/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/unicorn.rb deleted file mode 100644 index cdcbe39a..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab-ci/config/unicorn.rb +++ /dev/null @@ -1,102 +0,0 @@ -# Sample verbose configuration file for Unicorn (not Rack) -# -# This configuration file documents many features of Unicorn -# that may not be needed for some applications. See -# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb -# for a much simpler configuration file. -# -# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete -# documentation. - -# Use at least one worker per core if you're on a dedicated server, -# more will usually help for _short_ waits on databases/caches. -worker_processes 2 - -# Since Unicorn is never exposed to outside clients, it does not need to -# run on the standard HTTP port (80), there is no reason to start Unicorn -# as root unless it's from system init scripts. -# If running the master process as root and the workers as an unprivileged -# user, do this to switch euid/egid in the workers (also chowns logs): -# user "unprivileged_user", "unprivileged_group" - -# Help ensure your application will always spawn in the symlinked -# "current" directory that Capistrano sets up. -working_directory "/home/gitlab_ci/gitlab-ci" # available in 0.94.0+ - -# listen on both a Unix domain socket and a TCP port, -# we use a shorter backlog for quicker failover when busy -listen "/home/gitlab_ci/gitlab-ci/tmp/sockets/gitlab-ci.socket", :backlog => 64 -listen "127.0.0.1:##UNICORN_CI_PORT##", :tcp_nopush => true - -# nuke workers after 30 seconds instead of 60 seconds (the default) -timeout 30 - -# feel free to point this anywhere accessible on the filesystem -pid "/home/gitlab_ci/gitlab-ci/tmp/pids/unicorn.pid" - -# By default, the Unicorn logger will write to stderr. -# Additionally, some applications/frameworks log to stderr or stdout, -# so prevent them from going to /dev/null when daemonized here: -stderr_path "/home/gitlab_ci/gitlab-ci/log/unicorn.stderr.log" -stdout_path "/home/gitlab_ci/gitlab-ci/log/unicorn.stdout.log" - -# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings -# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow -preload_app true -GC.respond_to?(:copy_on_write_friendly=) and - GC.copy_on_write_friendly = true - -# Enable this flag to have unicorn test client connections by writing the -# beginning of the HTTP headers before calling the application. This -# prevents calling the application for connections that have disconnected -# while queued. This is only guaranteed to detect clients on the same -# host unicorn runs on, and unlikely to detect disconnects even on a -# fast LAN. -check_client_connection false - -before_fork do |server, worker| - # the following is highly recomended for Rails + "preload_app true" - # as there's no need for the master process to hold a connection - defined?(ActiveRecord::Base) and - ActiveRecord::Base.connection.disconnect! - - # The following is only recommended for memory/DB-constrained - # installations. It is not needed if your system can house - # twice as many worker_processes as you have configured. - # - # This allows a new master process to incrementally - # phase out the old master process with SIGTTOU to avoid a - # thundering herd (especially in the "preload_app false" case) - # when doing a transparent upgrade. The last worker spawned - # will then kill off the old master process with a SIGQUIT. - old_pid = "#{server.config[:pid]}.oldbin" - if old_pid != server.pid - begin - sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU - Process.kill(sig, File.read(old_pid).to_i) - rescue Errno::ENOENT, Errno::ESRCH - end - end - # - # Throttle the master from forking too quickly by sleeping. Due - # to the implementation of standard Unix signal handlers, this - # helps (but does not completely) prevent identical, repeated signals - # from being lost when the receiving process is busy. - # sleep 1 -end - -after_fork do |server, worker| - # per-process listener ports for debugging/admin/migrations - # addr = "127.0.0.1:#{9293 + worker.nr}" - # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true) - - # the following is *required* for Rails + "preload_app true", - defined?(ActiveRecord::Base) and - ActiveRecord::Base.establish_connection - - # if preload_app is true, then you may also want to check and - # restart any other shared sockets/descriptors such as Memcached, - # and Redis. TokyoCabinet file handles are safe to reuse - # between any number of forked children (assuming your kernel - # correctly implements pread()/pwrite() system calls) -end diff --git a/gitlab-server/usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci b/gitlab-server/usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci deleted file mode 100644 index aa26614c..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci +++ /dev/null @@ -1,36 +0,0 @@ -# GITLAB CI -# Maintainer: @randx -# App Version: 2.0 - -upstream gitlab_ci { - server unix:/home/gitlab_ci/gitlab-ci/tmp/sockets/gitlab-ci.socket; -} - -server { - listen 81 default_server; # e.g., listen 192.168.1.1:80; - server_name ct-gitlab.dyn.ducie.codethink.co.uk; # e.g., server_name source.example.com; - root /home/gitlab_ci/gitlab-ci/public; - - access_log /var/log/nginx/gitlab_ci_access.log; - error_log /var/log/nginx/gitlab_ci_error.log; - - location / { - try_files $uri $uri/index.html $uri.html @gitlab_ci; - } - - location @gitlab_ci { - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_redirect off; - - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - - proxy_pass http://gitlab_ci; - } - - # adjust this to match the largest build log your runners might submit, - # set to 0 to disable limit - client_max_body_size 10m; -} diff --git a/gitlab-server/usr/share/gitlab-install/gitlab-remote-backup.sh b/gitlab-server/usr/share/gitlab-install/gitlab-remote-backup.sh deleted file mode 100644 index 85618811..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab-remote-backup.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh -# -# Copy relevant files of a Baserock Gitlab instance out of the instance. -# -# Usage: backup.sh ADDR -# where ADDR is the address (domain name, IP address) of the instance. -# The files are copied to the current directory. - -set -eux - -ADDR="$1" - -backup() -{ - rsync -ahHS --delete "root@$ADDR:$1" "$2" -} - -mkdir -p dumps repositories uploads -backup /home/postgres/dumps/. dumps/. -backup /home/git/repositories/. repositories/. -backup /home/git/gitlab/public/uploads/. uploads/. - diff --git a/gitlab-server/usr/share/gitlab-install/gitlab-remote-restore.sh b/gitlab-server/usr/share/gitlab-install/gitlab-remote-restore.sh deleted file mode 100644 index 78ff691a..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab-remote-restore.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/sh -# -# Restore a Baserock Gitlab system backup to a fresh instance. -# -# Usage: restore.sh ADDR -# where ADDR is the address (domain name, IP address) of the instance. -# -# What this does is a) stop services b) copy files over c) reset the Postgres -# databases. - -set -eux - -ADDR="$1" - -restore() -{ - rsync -ahHS --delete "$2" "root@$ADDR:$1" -} - -# Stop services so we don't modify files and databases from underneath -# them, and also so they don't modify things while restore is happening. - -ssh "root@$ADDR" systemctl stop \ - crond gitlab-backup.service \ - gitlab-ci-sidekiq.service \ - gitlab-ci-unicorn.service \ - gitlab-sidekiq.service \ - gitlab-unicorn.service \ - gitlab.target \ - gitlab-backup.timer \ - nginx.service \ - redis.service - -# Create the directory where postgres dump files go. - -ssh "root@$ADDR" install -d -o postgres -g postgres /home/postgres/dumps - -# Restore the various files. - -restore /home/postgres/dumps/. dumps/. -restore /home/git/repositories/. repositories/. -restore /home/git/gitlab/public/uploads/. uploads/. - -# And thier uid/gid -ssh "root@$ADDR" chown -R git:git /home/git/repositories /home/git/gitlab/public/uploads - -# Delete tables and roles from Postgres so that the restore can happen. - -ssh "root@$ADDR" sudo -u postgres psql < host with your domain -# 3. Replace gitlab -> email_from - -production: &base - # - # 1. GitLab app settings - # ========================== - - ## GitLab settings - gitlab: - ## Web server settings (note: host is the FQDN, do not include http://) - host: ##GITLAB_HOSTNAME## - port: ##GITLAB_PORT## - https: false - - # Uncomment and customize the last line to run in a non-root path - # WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. - # Note that four settings need to be changed for this to work. - # 1) In your application.rb file: config.relative_url_root = "/gitlab" - # 2) In your gitlab.yml file: relative_url_root: /gitlab - # 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" - # 4) In ../gitlab-shell/config.yml: gitlab_url: "http://127.0.0.1/gitlab" - # To update the path, run: sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production - # - # relative_url_root: /gitlab - - # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') - # user: git - - ## Email settings - # Email address used in the "From" field in mails sent by GitLab - email_from: ##GITLAB_EMAIL## - - # Email address of your support contact (default: same as email_from) - support_email: ##GITLAB_EMAIL## - - ## User settings - default_projects_limit: 10 - # default_can_create_group: false # default: true - # username_changing_enabled: false # default: true - User can change her username/namespace - ## Default theme - ## BASIC = 1 - ## MARS = 2 - ## MODERN = 3 - ## GRAY = 4 - ## COLOR = 5 - # default_theme: 2 # default: 2 - - - ## Users management - # default: false - Account passwords are not sent via the email if signup is enabled. - # signup_enabled: true - # - # default: true - If set to false, standard login form won't be shown on the sign-in page - # signin_enabled: false - - - # Restrict setting visibility levels for non-admin users. - # The default is to allow all levels. - #restricted_visibility_levels: [ "public" ] - - ## Automatic issue closing - # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. - # This happens when the commit is pushed or merged into the default branch of a project. - # When not specified the default issue_closing_pattern as specified below will be used. - # issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) #(\d+)' - - ## Default project features settings - default_projects_features: - issues: true - merge_requests: true - wiki: true - wall: false - snippets: false - visibility_level: "private" # can be "private" | "internal" | "public" - - ## Repository downloads directory - # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory. - # The default is 'tmp/repositories' relative to the root of the Rails app. - # repository_downloads_path: tmp/repositories - - ## External issues trackers - issues_tracker: - # redmine: - # title: "Redmine" - # ## If not nil, link 'Issues' on project page will be replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # project_url: "http://redmine.sample/projects/:issues_tracker_id" - # - # ## If not nil, links from /#\d/ entities from commit messages will replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # ## :id - Issue id (from commit messages) - # issues_url: "http://redmine.sample/issues/:id" - # - # ## If not nil, linkis to creating new issues will be replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new" - # - # jira: - # title: "Atlassian Jira" - # project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id" - # issues_url: "http://jira.sample/browse/:id" - # new_issue_url: "http://jira.sample/secure/CreateIssue.jspa" - - ## Gravatar - gravatar: - enabled: true # Use user avatar image from Gravatar.com (default: true) - # plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm - # ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm - - # - # 2. Auth settings - # ========================== - - ## LDAP settings - # You can inspect a sample of the LDAP users with login access by running: - # bundle exec rake gitlab:ldap:check RAILS_ENV=production - ldap: - enabled: false - host: '_your_ldap_server' - port: 636 - uid: 'sAMAccountName' - method: 'ssl' # "tls" or "ssl" or "plain" - bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' - password: '_the_password_of_the_bind_user' - # If allow_username_or_email_login is enabled, GitLab will ignore everything - # after the first '@' in the LDAP username submitted by the user on login. - # - # Example: - # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials; - # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'. - # - # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to - # disable this setting, because the userPrincipalName contains an '@'. - allow_username_or_email_login: true - - # Base where we can search for users - # - # Ex. ou=People,dc=gitlab,dc=example - # - base: '' - - # Filter LDAP users - # - # Format: RFC 4515 - # Ex. (employeeType=developer) - # - user_filter: '' - - - ## OmniAuth settings - omniauth: - # Allow login via Twitter, Google, etc. using OmniAuth providers - enabled: false - - # CAUTION! - # This allows users to login without having a user account first (default: false). - # User accounts will be created automatically when authentication was successful. - allow_single_sign_on: false - # Locks down those users until they have been cleared by the admin (default: true). - block_auto_created_users: true - - ## Auth providers - # Uncomment the following lines and fill in the data of the auth provider you want to use - # If your favorite auth provider is not listed you can use others: - # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations - # The 'app_id' and 'app_secret' parameters are always passed as the first two - # arguments, followed by optional 'args' which can be either a hash or an array. - # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html - providers: - # - { name: 'google_oauth2', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET', - # args: { access_type: 'offline', approval_prompt: '' } } - # - { name: 'twitter', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET'} - # - { name: 'github', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET', - # args: { scope: 'user:email' } } - - - - # - # 3. Advanced settings - # ========================== - - # GitLab Satellites - satellites: - # Relative paths are relative to Rails.root (default: tmp/repo_satellites/) - path: /home/git/gitlab-satellites/ - - ## Backup settings - backup: - path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - # keep_time: 604800 # default: 0 (forever) (in seconds) - - ## GitLab Shell settings - gitlab_shell: - path: /home/git/gitlab-shell/ - - # REPOS_PATH MUST NOT BE A SYMLINK!!! - repos_path: /home/git/repositories/ - hooks_path: /home/git/gitlab-shell/hooks/ - - # Git over HTTP - upload_pack: true - receive_pack: true - - # If you use non-standard ssh port you need to specify it - # ssh_port: 22 - - ## Git settings - # CAUTION! - # Use the default values unless you really know what you are doing - git: - bin_path: /usr/bin/git - # The next value is the maximum memory size grit can use - # Given in number of bytes per git object (e.g. a commit) - # This value can be increased if you have very large commits - max_size: 5242880 # 5.megabytes - # Git timeout to read a commit, in seconds - timeout: 10 - - # - # 4. Extra customization - # ========================== - - extra: - ## Google analytics. Uncomment if you want it - # google_analytics_id: '_your_tracking_id' - - ## Piwik analytics. - # piwik_url: '_your_piwik_url' - # piwik_site_id: '_your_piwik_site_id' - - ## Text under sign-in page (Markdown enabled) - # sign_in_text: | - # ![Company Logo](http://www.companydomain.com/logo.png) - # [Learn more about CompanyName](http://www.companydomain.com/) - -development: - <<: *base - -test: - <<: *base - gravatar: - enabled: true - gitlab: - host: localhost - port: 80 - issues_tracker: - redmine: - title: "Redmine" - project_url: "http://redmine/projects/:issues_tracker_id" - issues_url: "http://redmine/:project_id/:issues_tracker_id/:id" - new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new" - -staging: - <<: *base diff --git a/gitlab-server/usr/share/gitlab-install/gitlab/config/initializers/rack_attack.rb b/gitlab-server/usr/share/gitlab-install/gitlab/config/initializers/rack_attack.rb deleted file mode 100644 index bc3234bf..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab/config/initializers/rack_attack.rb +++ /dev/null @@ -1,18 +0,0 @@ -# 1. Rename this file to rack_attack.rb -# 2. Review the paths_to_be_protected and add any other path you need protecting -# - -paths_to_be_protected = [ - "#{Rails.application.config.relative_url_root}/users/password", - "#{Rails.application.config.relative_url_root}/users/sign_in", - "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json", - "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session", - "#{Rails.application.config.relative_url_root}/users", - "#{Rails.application.config.relative_url_root}/users/confirmation" -] - -unless Rails.env.test? - Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req| - req.ip if paths_to_be_protected.include?(req.path) && req.post? - end -end diff --git a/gitlab-server/usr/share/gitlab-install/gitlab/config/resque.yml b/gitlab-server/usr/share/gitlab-install/gitlab/config/resque.yml deleted file mode 100644 index f42ffe78..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab/config/resque.yml +++ /dev/null @@ -1,3 +0,0 @@ -development: redis://127.0.0.1:6379 -test: redis://127.0.0.1:6379 -production: redis://127.0.0.1:6379 diff --git a/gitlab-server/usr/share/gitlab-install/gitlab/config/unicorn.rb b/gitlab-server/usr/share/gitlab-install/gitlab/config/unicorn.rb deleted file mode 100644 index 02dbd98a..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab/config/unicorn.rb +++ /dev/null @@ -1,113 +0,0 @@ -# Sample verbose configuration file for Unicorn (not Rack) -# -# This configuration file documents many features of Unicorn -# that may not be needed for some applications. See -# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb -# for a much simpler configuration file. -# -# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete -# documentation. - -# Uncomment and customize the last line to run in a non-root path -# WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. -# Note that four settings need to be changed for this to work. -# 1) In your application.rb file: config.relative_url_root = "/gitlab" -# 2) In your gitlab.yml file: relative_url_root: /gitlab -# 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" -# 4) In ../gitlab-shell/config.yml: gitlab_url: "http://127.0.0.1/gitlab" -# To update the path, run: sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production -# -# ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" - -# Use at least one worker per core if you're on a dedicated server, -# more will usually help for _short_ waits on databases/caches. -worker_processes 2 - -# Since Unicorn is never exposed to outside clients, it does not need to -# run on the standard HTTP port (80), there is no reason to start Unicorn -# as root unless it's from system init scripts. -# If running the master process as root and the workers as an unprivileged -# user, do this to switch euid/egid in the workers (also chowns logs): -# user "unprivileged_user", "unprivileged_group" - -# Help ensure your application will always spawn in the symlinked -# "current" directory that Capistrano sets up. -working_directory "/home/git/gitlab" # available in 0.94.0+ - -# listen on both a Unix domain socket and a TCP port, -# we use a shorter backlog for quicker failover when busy -listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 64 -listen "127.0.0.1:##UNICORN_PORT##", :tcp_nopush => true - -# nuke workers after 30 seconds instead of 60 seconds (the default) -timeout 30 - -# feel free to point this anywhere accessible on the filesystem -pid "/home/git/gitlab/tmp/pids/unicorn.pid" - -# By default, the Unicorn logger will write to stderr. -# Additionally, some applications/frameworks log to stderr or stdout, -# so prevent them from going to /dev/null when daemonized here: -stderr_path "/home/git/gitlab/log/unicorn.stderr.log" -stdout_path "/home/git/gitlab/log/unicorn.stdout.log" - -# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings -# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow -preload_app true -GC.respond_to?(:copy_on_write_friendly=) and - GC.copy_on_write_friendly = true - -# Enable this flag to have unicorn test client connections by writing the -# beginning of the HTTP headers before calling the application. This -# prevents calling the application for connections that have disconnected -# while queued. This is only guaranteed to detect clients on the same -# host unicorn runs on, and unlikely to detect disconnects even on a -# fast LAN. -check_client_connection false - -before_fork do |server, worker| - # the following is highly recomended for Rails + "preload_app true" - # as there's no need for the master process to hold a connection - defined?(ActiveRecord::Base) and - ActiveRecord::Base.connection.disconnect! - - # The following is only recommended for memory/DB-constrained - # installations. It is not needed if your system can house - # twice as many worker_processes as you have configured. - # - # This allows a new master process to incrementally - # phase out the old master process with SIGTTOU to avoid a - # thundering herd (especially in the "preload_app false" case) - # when doing a transparent upgrade. The last worker spawned - # will then kill off the old master process with a SIGQUIT. - old_pid = "#{server.config[:pid]}.oldbin" - if old_pid != server.pid - begin - sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU - Process.kill(sig, File.read(old_pid).to_i) - rescue Errno::ENOENT, Errno::ESRCH - end - end - # - # Throttle the master from forking too quickly by sleeping. Due - # to the implementation of standard Unix signal handlers, this - # helps (but does not completely) prevent identical, repeated signals - # from being lost when the receiving process is busy. - # sleep 1 -end - -after_fork do |server, worker| - # per-process listener ports for debugging/admin/migrations - # addr = "127.0.0.1:#{9293 + worker.nr}" - # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true) - - # the following is *required* for Rails + "preload_app true", - defined?(ActiveRecord::Base) and - ActiveRecord::Base.establish_connection - - # if preload_app is true, then you may also want to check and - # restart any other shared sockets/descriptors such as Memcached, - # and Redis. TokyoCabinet file handles are safe to reuse - # between any number of forked children (assuming your kernel - # correctly implements pread()/pwrite() system calls) -end diff --git a/gitlab-server/usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab b/gitlab-server/usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab deleted file mode 100644 index e9d3b1f0..00000000 --- a/gitlab-server/usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab +++ /dev/null @@ -1,70 +0,0 @@ -# GITLAB -# Maintainer: @randx - -# CHUNKED TRANSFER -# It is a known issue that Git-over-HTTP requires chunked transfer encoding [0] which is not -# supported by Nginx < 1.3.9 [1]. As a result, pushing a large object with Git (i.e. a single large file) -# can lead to a 411 error. In theory you can get around this by tweaking this configuration file and either -# - installing an old version of Nginx with the chunkin module [2] compiled in, or -# - using a newer version of Nginx. -# -# At the time of writing we do not know if either of these theoretical solutions works. As a workaround -# users can use Git over SSH to push large files. -# -# [0] https://git.kernel.org/cgit/git/git.git/tree/Documentation/technical/http-protocol.txt#n99 -# [1] https://github.com/agentzh/chunkin-nginx-module#status -# [2] https://github.com/agentzh/chunkin-nginx-module - -upstream gitlab { - server unix:/home/git/gitlab/tmp/sockets/gitlab.socket; -} - -server { - listen *:##GITLAB_PORT## default_server; # e.g., listen 192.168.1.1:80; In most cases *:80 is a good idea - server_name ##GITLAB_HOSTNAME##; # e.g., server_name source.example.com; - server_tokens off; # don't show the version number, a security best practice - root /home/git/gitlab/public; - - # Increase this if you want to upload large attachments - # Or if you want to accept large git objects over http - client_max_body_size 20m; - - # individual nginx logs for this gitlab vhost - access_log /var/log/nginx/gitlab_access.log; - error_log /var/log/nginx/gitlab_error.log; - - location / { - # serve static files from defined root folder;. - # @gitlab is a named location for the upstream fallback, see below - try_files $uri $uri/index.html $uri.html @gitlab; - } - - # if a file, which is not found in the root folder is requested, - # then the proxy pass the request to the upsteam (gitlab unicorn) - location @gitlab { - # If you use https make sure you disable gzip compression - # to be safe against BREACH attack - # gzip off; - - proxy_read_timeout 300; # Some requests take more than 30 seconds. - proxy_connect_timeout 300; # Some requests take more than 30 seconds. - proxy_redirect off; - - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - proxy_pass http://gitlab; - } - - # Enable gzip compression as per rails guide: http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression - location ~ ^/(assets)/ { - root /home/git/gitlab/public; - #gzip_static on; # to serve pre-gzipped version - expires max; - add_header Cache-Control public; - } - - error_page 502 /502.html; -} diff --git a/gitlab-server/usr/share/gitlab-install/nginx.conf b/gitlab-server/usr/share/gitlab-install/nginx.conf deleted file mode 100644 index 6e40b0e9..00000000 --- a/gitlab-server/usr/share/gitlab-install/nginx.conf +++ /dev/null @@ -1,73 +0,0 @@ - -#user nobody; -worker_processes 1; - -#error_log logs/error.log; -#error_log logs/error.log notice; -#error_log logs/error.log info; - -#pid logs/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include mime.types; - default_type application/octet-stream; - - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - # '$status $body_bytes_sent "$http_referer" ' - # '"$http_user_agent" "$http_x_forwarded_for"'; - - #access_log logs/access.log main; - - sendfile on; - #tcp_nopush on; - - #keepalive_timeout 0; - keepalive_timeout 65; - - #gzip on; - - include /home/git/gitlab/lib/support/nginx/gitlab; - include /home/gitlab_ci/gitlab-ci/lib/support/nginx/gitlab_ci; - - # another virtual host using mix of IP-, name-, and port-based configuration - # - #server { - # listen 8000; - # listen somename:8080; - # server_name somename alias another.alias; - - # location / { - # root html; - # index index.html index.htm; - # } - #} - - - # HTTPS server - # - #server { - # listen 443 ssl; - # server_name localhost; - - # ssl_certificate cert.pem; - # ssl_certificate_key cert.key; - - # ssl_session_cache shared:SSL:1m; - # ssl_session_timeout 5m; - - # ssl_ciphers HIGH:!aNULL:!MD5; - # ssl_prefer_server_ciphers on; - - # location / { - # root html; - # index index.html index.htm; - # } - #} - -} diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.service b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.service deleted file mode 100644 index 8672c36d..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=GitLab Backup Run -After=postgres.service - -[Install] -WantedBy=gitlab.target - -[Service] -ExecStart=/usr/share/gitlab-install/backup-gitlab -User=postgres -Group=postgres diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.timer b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.timer deleted file mode 100644 index 1686843f..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-backup.timer +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=GitLab Backup Timer - -[Install] -WantedBy=gitlab.target - -[Timer] -OnCalendar=*-*-* 00:*:* diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-sidekiq.service b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-sidekiq.service deleted file mode 100644 index 9a1a82d2..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-sidekiq.service +++ /dev/null @@ -1,24 +0,0 @@ -##################################################### -# -# GitLab version : 5.x - 6.x -# Contributors : davispuh, mtorromeo, axilleas, boeserwolf91 -# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd -# -#################################################### - -[Unit] -Description=GitLab CI Sidekiq Worker - -[Service] -Type=forking -User=gitlab_ci -WorkingDirectory=/home/gitlab_ci/gitlab-ci -Environment=RAILS_ENV=production -SyslogIdentifier=gitlab-ci-sidekiq -PIDFile=/home/gitlab_ci/gitlab-ci/tmp/pids/sidekiq.pid - -ExecStart=/usr/bin/bundle exec "sidekiq -q post_receive,mailer,system_hook,project_web_hook,gitlab_shell,common,default -e production -P tmp/pids/sidekiq.pid -d -L log/sidekiq.log >> log/sidekiq.log 2>&1" -ExecStop=/usr/bin/bundle exec "sidekiqctl stop /home/gitlab_ci/gitlab-ci/tmp/pids/sidekiq.pid >> /home/gitlab_ci/gitlab-ci/log/sidekiq.log 2>&1" - -[Install] -WantedBy=gitlab.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-unicorn.service b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-unicorn.service deleted file mode 100644 index 151f9677..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-ci-unicorn.service +++ /dev/null @@ -1,24 +0,0 @@ -##################################################### -# -# GitLab version : 5.x - 6.x -# Contributors : davispuh, mtorromeo, axilleas, boeserwolf91 -# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd -# -#################################################### - -[Unit] -Description=GitLab CI Unicorn Server - -[Service] -User=gitlab_ci -WorkingDirectory=/home/gitlab_ci/gitlab-ci -Environment=RAILS_ENV=production -SyslogIdentifier=gitlab-ci-unicorn -PIDFile=/home/gitlab_ci/gitlab-ci/tmp/pids/unicorn.pid - -ExecStart=/usr/bin/bundle exec "unicorn_rails -c /home/gitlab_ci/gitlab-ci/config/unicorn.rb -E production" -ExecStop=/bin/kill -s QUIT $MAINPID -ExecReload=/bin/kill -s USR2 $MAINPID - -[Install] -WantedBy=gitlab.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-sidekiq.service b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-sidekiq.service deleted file mode 100644 index 82ff78d4..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-sidekiq.service +++ /dev/null @@ -1,24 +0,0 @@ -##################################################### -# -# GitLab version : 5.x - 6.x -# Contributors : davispuh, mtorromeo, axilleas, boeserwolf91 -# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd -# -#################################################### - -[Unit] -Description=GitLab Sidekiq Worker - -[Service] -Type=forking -User=git -WorkingDirectory=/home/git/gitlab -Environment=RAILS_ENV=production -SyslogIdentifier=gitlab-sidekiq -PIDFile=/home/git/gitlab/tmp/pids/sidekiq.pid - -ExecStart=/usr/bin/bundle exec "sidekiq -q post_receive,mailer,system_hook,project_web_hook,gitlab_shell,common,default -e production -P tmp/pids/sidekiq.pid -d -L log/sidekiq.log >> log/sidekiq.log 2>&1" -ExecStop=/usr/bin/bundle exec "sidekiqctl stop /home/git/gitlab/tmp/pids/sidekiq.pid >> /home/git/gitlab/log/sidekiq.log 2>&1" - -[Install] -WantedBy=gitlab.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-unicorn.service b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-unicorn.service deleted file mode 100644 index a901d323..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab-unicorn.service +++ /dev/null @@ -1,24 +0,0 @@ -##################################################### -# -# GitLab version : 5.x - 6.x -# Contributors : davispuh, mtorromeo, axilleas, boeserwolf91 -# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd -# -#################################################### - -[Unit] -Description=GitLab Unicorn Server - -[Service] -User=git -WorkingDirectory=/home/git/gitlab -Environment=RAILS_ENV=production -SyslogIdentifier=gitlab-unicorn -PIDFile=/home/git/gitlab/tmp/pids/unicorn.pid - -ExecStart=/usr/bin/bundle exec "unicorn_rails -c /home/git/gitlab/config/unicorn.rb -E production" -ExecStop=/bin/kill -s QUIT $MAINPID -ExecReload=/bin/kill -s USR2 $MAINPID - -[Install] -WantedBy=gitlab.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab.target b/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab.target deleted file mode 100644 index 11e85441..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/gitlab.target +++ /dev/null @@ -1,15 +0,0 @@ -########################################################################################### -# -# GitLab version : 5.x - 6.x -# Contributors : davispuh, mtorromeo, axilleas, boeserwolf91 -# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd -# -########################################################################################### - -[Unit] -Description=GitLab - Self Hosted Git Management -Requires=redis.service postgres.service -After=redis.service postgres.service syslog.target network.target - -[Install] -WantedBy=multi-user.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/nginx.service b/gitlab-server/usr/share/gitlab-install/systemd-units/nginx.service deleted file mode 100644 index 0a50c50b..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/nginx.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=The nginx HTTP and reverse proxy server -After=syslog.target network.target remote-fs.target nss-lookup.target - -[Service] -Type=forking -PIDFile=/etc/nginx/nginx.pid -ExecStartPre=/usr/sbin/nginx -t -ExecStart=/usr/sbin/nginx -ExecReload=/bin/kill -s HUP $MAINPID -ExecStop=/bin/kill -s QUIT $MAINPID -PrivateTmp=true - -[Install] -WantedBy=multi-user.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/postgres.service b/gitlab-server/usr/share/gitlab-install/systemd-units/postgres.service deleted file mode 100644 index ed46d965..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/postgres.service +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description=PostgreSQL database server -After=network.target - -[Service] -Type=forking -TimeoutSec=120 -User=postgres -Group=postgres - -Environment=PGROOT=/home/postgres/pgsql - -SyslogIdentifier=postgres -PIDFile=/home/postgres/pgsql/data/postmaster.pid - -ExecStart= /usr/bin/pg_ctl -s -D ${PGROOT}/data start -w -t 120 -ExecReload=/usr/bin/pg_ctl -s -D ${PGROOT}/data reload -ExecStop= /usr/bin/pg_ctl -s -D ${PGROOT}/data stop -m fast - -# Due to PostgreSQL's use of shared memory, OOM killer is often overzealous in -# killing Postgres, so adjust it downward -OOMScoreAdjust=-200 - -[Install] -WantedBy=multi-user.target diff --git a/gitlab-server/usr/share/gitlab-install/systemd-units/redis.service b/gitlab-server/usr/share/gitlab-install/systemd-units/redis.service deleted file mode 100644 index c936f8da..00000000 --- a/gitlab-server/usr/share/gitlab-install/systemd-units/redis.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Redis Server -After=network.target - -[Service] -Type=simple -ExecStart=/usr/bin/redis-server -ExecStop=/bin/kill -15 $MAINPID -PIDFile=/var/run/redis.pid -Restart=always - -[Install] -WantedBy=multi-user.target diff --git a/gitlab-server/usr/share/gitlab-setup b/gitlab-server/usr/share/gitlab-setup deleted file mode 100755 index e60dfcdf..00000000 --- a/gitlab-server/usr/share/gitlab-setup +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2014 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -set -e - -# install bundler (not nice, we need to figure out how to do this traceably) -gem install bundler - -# create required users -if [ `grep -c '^git:' /etc/passwd` -ne 1 ] ; then adduser -D --gecos 'GitLab' -s /bin/sh git ; fi -adduser -D -s /bin/sh postgres -adduser -D --gecos 'GitLab CI' -s /bin/sh gitlab_ci - -# initialize postgres database, start server -su -c "mkdir -p pgsql/data" - postgres -su -c "pg_ctl -D pgsql/data initdb" - postgres -su -c "pg_ctl -D pgsql/data -l logfile start" - postgres - -# wait for the database server to start -echo "Waiting for database..." -sleep 2s - -# create gitlab database -su -c "psql -d template1 -c 'CREATE USER git;'" - postgres -su -c "psql -d template1 -c 'CREATE DATABASE gitlabhq_production OWNER git;'" - postgres - -# create the gitlab ci database -su -c "psql -d template1 -c 'CREATE USER gitlab_ci;'" - postgres -su -c "psql -d template1 -c 'CREATE DATABASE gitlab_ci_production OWNER gitlab_ci;'" - postgres - -# set up git config for gitlab user -su -c "git config --global http.sslVerify false" - git -su -c "git config --global user.name 'GitLab'" - git -su -c "git config --global user.email 'gitlab@localhost'" - git -su -c "git config --global core.autocrlf input" - git - -# install gitlab shell -su -c "cp -r /usr/share/gitlab-shell gitlab-shell" - git -cd /home/git/gitlab-shell -cp /usr/share/gitlab-install/gitlab-shell/config.yml ./config.yml -su -c "~/gitlab-shell/bin/install" - git - -# install gitlab -su -c "cp -r /usr/share/gitlab-ce gitlab" - git -cd /home/git/gitlab -su -c "cp config/database.yml.postgresql config/database.yml" git -su -c "cp -r /usr/share/gitlab-install/gitlab/config/* config/" git - -su -c "chmod -R u+rwX log/" git -su -c "chmod -R u+rwX tmp/" git -su -c "chmod o-rwx config/database.yml" git - -su -c "/usr/bin/redis-server" - git & -su -c "bundle install --deployment --without development test mysql aws" git -su -c "export force='yes'; bundle exec rake gitlab:setup RAILS_ENV=production" git -su -c "bundle exec rake assets:precompile RAILS_ENV=production" git - -# set up git config for gitlab_ci user -su -c "git config --global http.sslVerify false" - gitlab_ci -su -c "git config --global user.name 'GitLab CI'" - gitlab_ci -su -c "git config --global user.email 'gitlab_ci@localhost'" - gitlab_ci -su -c "git config --global core.autocrlf input" - gitlab_ci - -# install gitlab ci -su -c "cp -r /usr/share/gitlab-ci gitlab-ci" - gitlab_ci -cd /home/gitlab_ci/gitlab-ci -su -c "cp config/database.yml.postgresql config/database.yml" gitlab_ci -su -c "cp -r /usr/share/gitlab-install/gitlab-ci/config/* config/" gitlab_ci - -su -c "mkdir -p tmp/sockets" gitlab_ci -su -c "mkdir -p tmp/pids" gitlab_ci -su -c "chmod -R u+rwx tmp/sockets" gitlab_ci -su -c "chmod -R u+rwx tmp/pids" gitlab_ci - -su -c "bundle install --without development test mysql --deployment" gitlab_ci -su -c "bundle exec rake setup RAILS_ENV=production" gitlab_ci -su -c "bundle exec whenever -w RAILS_ENV=production" gitlab_ci - -# configure nginx -addgroup nobody -mkdir -p /var/log/nginx -cp /usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab /home/git/gitlab/lib/support/nginx/ -cp /usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci /home/gitlab_ci/gitlab-ci/lib/support/nginx/ -cp /usr/share/gitlab-install/nginx.conf /etc/nginx/nginx.conf - -# make systemd units to start gitlab and required stuff on boot -cd /etc/systemd/system -cp /usr/share/gitlab-install/systemd-units/* . -systemctl enable redis.service nginx.service postgres.service gitlab.target gitlab-unicorn.service gitlab-sidekiq.service gitlab-ci-sidekiq.service gitlab-ci-unicorn.service gitlab-backup.timer gitlab-backup.service -reboot diff --git a/gitlab.configure b/gitlab.configure deleted file mode 100644 index 9798c775..00000000 --- a/gitlab.configure +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2014 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# This is a "morph deploy" configuration extension to fully configure -# a GitLab and GitLab CI instance at deployment time. It uses the -# following variables from the environment: -# -# * GITLAB_HOSTNAME -# * GITLAB_PORT -# * GITLAB_EMAIL -# * UNICORN_PORT -# * CI_PORT -# * UNICORN_CI_PORT -# * MAIL_SEND_TYPE -# * SMTP_ADDR -# * SMTP_PORT -# * SMTP_USER -# * SMTP_PASS -# * SMTP_DOMAIN - -set -e - -ROOT="$1" - - -########################################################################## -# Substitutions in configuration files -########################################################################## - -echo "Creating /etc/gitlab-setup.sed" - -cat < "$ROOT"/etc/gitlab-setup.sed -s/##GITLAB_HOSTNAME##/$GITLAB_HOSTNAME/g -s/##GITLAB_PORT##/$GITLAB_PORT/g -s/##GITLAB_EMAIL##/$GITLAB_EMAIL/g -s/##UNICORN_PORT##/$UNICORN_PORT/g -s/##CI_PORT##/$CI_PORT/g -s/##UNICORN_CI_PORT##/$UNICORN_CI_PORT/g -EOF - -echo "Performing substitutions in /usr/share/gitlab config" - -sed -f "$ROOT"/etc/gitlab-setup.sed -i \ - "$ROOT"/usr/share/gitlab-install/gitlab/config/gitlab.yml \ - "$ROOT"/usr/share/gitlab-install/gitlab/config/unicorn.rb \ - "$ROOT"/usr/share/gitlab-install/gitlab/lib/support/nginx/gitlab \ - "$ROOT"/usr/share/gitlab-install/gitlab-shell/config.yml \ - "$ROOT"/usr/share/gitlab-install/gitlab-ci/config/application.yml \ - "$ROOT"/usr/share/gitlab-install/gitlab-ci/config/unicorn.rb \ - "$ROOT"/usr/share/gitlab-install/gitlab-ci/lib/support/nginx/gitlab_ci \ - "$ROOT"/usr/share/gitlab-install/nginx.conf - -########################################################################## - -echo "Create gitlab-setup unit file" -cat < "$ROOT/etc/systemd/system/gitlab-setup.service" -[Unit] -Description=Run gitlab-setup (once) -Requires=network.target -After=network.target -Requires=local-fs.target -After=local-fs.target - -ConditionPathExists=!/home/git/gitlab - -[Service] -Type=oneshot -ExecStart=/usr/share/gitlab-setup -Restart=no - -[Install] -WantedBy=multi-user.target -EOF - -ln -s "/etc/systemd/system/gitlab-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/gitlab-setup.service" - -########################################################################## - -rubyescape() { - # In ruby, single quoted strings need \ and ' escaping - printf "%s\n" "$1" | sed -e "s/['\\]/\\\&/g" \ - -e "s/^/'/" \ - -e "s/$/'/" -} - -sedescape() { - # Escape all non-alphanumeric characters - printf "%s\n" "$1" | sed -e 's/\W/\\&/g' -} - -do_escapes() { - printf "%s\n" "$(sedescape "$(rubyescape "$1")")" -} - -if [ "$MAIL_SEND_TYPE" = "smtp" ]; then - - echo "Setting up SMTP for sending e-mail" - - for CONFIG_PATH in \ - "/usr/share/gitlab-ce/config" "/usr/share/gitlab-ci/config" - do - sed -i 's/sendmail/smtp/' \ - "$ROOT$CONFIG_PATH/environments/production.rb" - - sed -e s/\"email.server.com\"/"$(do_escapes "$SMTP_ADDR")/g" \ - -e s/\"smtp\"/"$(do_escapes "$SMTP_USER")/g" \ - -e s/\"123456\"/"$(do_escapes "$SMTP_PASS")/g" \ - -e s/\"gitlab.company.com\"/"$(do_escapes "$SMTP_DOMAIN")/g" \ - -e s/456/$SMTP_PORT/g \ - <"$ROOT$CONFIG_PATH/initializers/smtp_settings.rb.sample" \ - >"$ROOT$CONFIG_PATH/initializers/smtp_settings.rb" - done -fi diff --git a/strata/gitlab.morph b/strata/gitlab.morph deleted file mode 100644 index ab77e7bb..00000000 --- a/strata/gitlab.morph +++ /dev/null @@ -1,21 +0,0 @@ -name: gitlab -kind: stratum -description: gitlab components for server, ci etc -build-depends: -- morph: strata/ruby.morph -chunks: -- name: gitlab-ce - morph: strata/gitlab/gitlab-ce.morph - repo: upstream:gitlab/gitlab-ce - ref: 53d98a77d34cbfddaef9eb25cf5f651a78550425 - unpetrify-ref: baserock/v7.0.0 -- name: gitlab-ci - morph: strata/gitlab/gitlab-ci.morph - repo: upstream:gitlab/gitlab-ci - ref: c74044d65dec2ba8311e242c84e07a67abd52d37 - unpetrify-ref: baserock/morph -- name: gitlab-shell - morph: strata/gitlab/gitlab-shell.morph - repo: upstream:gitlab/gitlab-shell - ref: 0b4106d57223c666d9360339fd3790174aa43800 - unpetrify-ref: baserock/morph diff --git a/strata/gitlab/gitlab-ce.morph b/strata/gitlab/gitlab-ce.morph deleted file mode 100644 index 571881f8..00000000 --- a/strata/gitlab/gitlab-ce.morph +++ /dev/null @@ -1,6 +0,0 @@ -name: gitlab-ce -kind: chunk -install-commands: -- mkdir -p "$DESTDIR/$PREFIX/share/gitlab-ce" -- cp -R * "$DESTDIR/$PREFIX/share/gitlab-ce" -- chmod -R a+rX,g+w "$DESTDIR/$PREFIX/share/gitlab-ce" diff --git a/strata/gitlab/gitlab-ci.morph b/strata/gitlab/gitlab-ci.morph deleted file mode 100644 index 99d01367..00000000 --- a/strata/gitlab/gitlab-ci.morph +++ /dev/null @@ -1,6 +0,0 @@ -name: gitlab-ci -kind: chunk -install-commands: -- mkdir -p "$DESTDIR/$PREFIX/share/gitlab-ci" -- cp -R * "$DESTDIR/$PREFIX/share/gitlab-ci" -- chmod -R a+rX,g+w "$DESTDIR/$PREFIX/share/gitlab-ci" diff --git a/strata/gitlab/gitlab-shell.morph b/strata/gitlab/gitlab-shell.morph deleted file mode 100644 index 069c6c41..00000000 --- a/strata/gitlab/gitlab-shell.morph +++ /dev/null @@ -1,6 +0,0 @@ -name: gitlab-shell -kind: chunk -install-commands: -- mkdir -p "$DESTDIR/$PREFIX/share/gitlab-shell" -- cp -R * "$DESTDIR/$PREFIX/share/gitlab-shell" -- chmod -R a+rX,g+w "$DESTDIR/$PREFIX/share/gitlab-shell" diff --git a/systems/gitlab-ci-runner.morph b/systems/gitlab-ci-runner.morph deleted file mode 100644 index 8f89ec74..00000000 --- a/systems/gitlab-ci-runner.morph +++ /dev/null @@ -1,58 +0,0 @@ -name: gitlab-ci-runner -kind: system -description: A system to run build tests as part of GitLab CI architecture. -arch: x86_64 -strata: -- name: build-essential - morph: strata/build-essential.morph -- name: core - morph: strata/core.morph -- name: foundation - morph: strata/foundation.morph -- name: bsp-x86_64-generic - morph: strata/bsp-x86_64-generic.morph -- name: connectivity - morph: strata/connectivity.morph -- name: connman-common - morph: strata/connman-common.morph -- name: audio-bluetooth - morph: strata/audio-bluetooth.morph -- name: x-common - morph: strata/x-common.morph -- name: x-generic - morph: strata/x-generic.morph -- name: multimedia-common - morph: strata/multimedia-common.morph -- name: multimedia-gstreamer - morph: strata/multimedia-gstreamer.morph -- name: genivi - morph: strata/genivi.morph -- name: tools - morph: strata/tools.morph -- name: lvm - morph: strata/lvm.morph -- name: python-core - morph: strata/python-core.morph -- name: virtualization - morph: strata/virtualization.morph -- name: openstack-common - morph: strata/openstack-common.morph -- name: openstack-clients - morph: strata/openstack-clients.morph -- name: python-common - morph: strata/python-common.morph -- name: databases - morph: strata/databases.morph -- name: pcre-utils - morph: strata/pcre-utils.morph -- name: webtools - morph: strata/webtools.morph -- name: ruby - morph: strata/ruby.morph -- name: nfs - morph: strata/nfs.morph -configuration-extensions: -- set-hostname -- add-config-files -- nfsboot -- install-files diff --git a/systems/gitlab-server.morph b/systems/gitlab-server.morph deleted file mode 100644 index 83093ac1..00000000 --- a/systems/gitlab-server.morph +++ /dev/null @@ -1,34 +0,0 @@ -name: gitlab-server -kind: system -description: system which hosts a gitlab server -arch: x86_64 -strata: -- name: build-essential - morph: strata/build-essential.morph -- name: bsp-x86_64-generic - morph: strata/bsp-x86_64-generic.morph -- name: foundation - morph: strata/foundation.morph -- name: core - morph: strata/core.morph -- name: tools - morph: strata/tools.morph -- name: nfs - morph: strata/nfs.morph -- name: databases - morph: strata/databases.morph -- name: pcre-utils - morph: strata/pcre-utils.morph -- name: webtools - morph: strata/webtools.morph -- name: ruby - morph: strata/ruby.morph -- name: gitlab - morph: strata/gitlab.morph -configuration-extensions: -- set-hostname -- add-config-files -- nfsboot -- install-files -- gitlab -- fstab -- cgit v1.2.1 From d1078c682379fad05244a6189e5331627f6282f6 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 17 Mar 2015 11:09:54 +0000 Subject: Update Morph for ref jjardon/simple-network-networkd2 Change-Id: I90345c467c397081d15be4f5e4f3d3c22b8bfbbf --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 62649723..6aeafb1b 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -38,7 +38,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: 68395a12c79c22e266b4a06095533e38da6e29d0 + ref: 60aedc8d97679159678e7ebad2f2d81768e9736a unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From 526b10c718e2815bc67c865b520b5fb9de54f1bc Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 4 Mar 2015 16:06:25 +0000 Subject: Update python-lxml and move it to python-core stratum This moves python-lxml to python-core to avoid duplication of chunks in strata when the openstack-services strata is merged into definition master. lxslt has been moved to core.morph because is a very common dependency and is a requirement for python-lxml. --- strata/core.morph | 9 +++++++++ strata/foundation.morph | 4 ---- strata/python-core.morph | 10 ++++++++++ strata/virtualization.morph | 12 +----------- 4 files changed, 20 insertions(+), 15 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index b424a023..963a89bb 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -273,3 +273,12 @@ chunks: unpetrify-ref: baserock/v2.7.1 build-depends: - shadow +- name: libxslt + repo: upstream:libxslt + ref: 8785a2ffd0d146df0395ab71ce4734d0a8ba0f7e + unpetrify-ref: baserock/morph + build-depends: + - autoconf-tarball + - libtool-tarball + - automake + - libxml2 diff --git a/strata/foundation.morph b/strata/foundation.morph index eea872a8..7bcfc77d 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -135,10 +135,6 @@ chunks: build-depends: - glib - systemd -- name: libxslt - repo: upstream:libxslt - ref: 8785a2ffd0d146df0395ab71ce4734d0a8ba0f7e - unpetrify-ref: baserock/morph - name: openssh morph: strata/foundation/openssh.morph repo: upstream:openssh-git diff --git a/strata/python-core.morph b/strata/python-core.morph index 342e8c68..481f11bf 100644 --- a/strata/python-core.morph +++ b/strata/python-core.morph @@ -36,3 +36,13 @@ chunks: unpetrify-ref: baserock/morph build-depends: - python-setuptools +- name: cython + repo: upstream:cython + ref: 4dd8e762fa51d01775506fbbc102c45dbcea065d + unpetrify-ref: 0.22 +- name: python-lxml + repo: upstream:python-lxml + ref: 14505bc62f5f1fc9fb0ff007955f3e67ab4562bb + unpetrify-ref: lxml-3.4.0 + build-depends: + - cython diff --git a/strata/virtualization.morph b/strata/virtualization.morph index 84eefdaf..54e15727 100644 --- a/strata/virtualization.morph +++ b/strata/virtualization.morph @@ -6,6 +6,7 @@ description: | kernel history to check which config are needed for openvswitch, libvirt, or ebtables, for example. build-depends: +- morph: strata/python-core.morph - morph: strata/connman-common.morph - morph: strata/lvm.morph chunks: @@ -66,23 +67,12 @@ chunks: unpetrify-ref: master build-depends: - pycurl -- name: cython - repo: upstream:cython - ref: 005d38d5921a603d5f4d413aae72f98a6d33192f - unpetrify-ref: master -- name: python-lxml - repo: upstream:python-lxml - ref: 8fc99f8ef3e2f12e74fb407ae62c5db50cfe7b92 - unpetrify-ref: baserock/morph - build-depends: - - cython - name: libvirt-python repo: upstream:libvirt-python ref: 8e09c79a07b097a6ba9af83be4916fb9c9538500 unpetrify-ref: v1.2.10 build-depends: - libvirt - - python-lxml - urlgrabber - name: gnome-common repo: upstream:gnome-common -- cgit v1.2.1 From a5115542f208416e6190516e9c9f141ea5b7b22a Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Fri, 13 Mar 2015 14:42:19 +0000 Subject: Update libxslt This updates libxslt to the latest commit in master because the latest stable release (v1.1.28) is 2 years old and master is 5 months old. This assumes that master is stable enough for using this commit. --- strata/core.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index 963a89bb..263eac60 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -275,8 +275,8 @@ chunks: - shadow - name: libxslt repo: upstream:libxslt - ref: 8785a2ffd0d146df0395ab71ce4734d0a8ba0f7e - unpetrify-ref: baserock/morph + ref: 73e08bf7c36a9145d38f51d37e66529b873c011a + unpetrify-ref: master build-depends: - autoconf-tarball - libtool-tarball -- cgit v1.2.1 From 82b5ba68433a038e151891fb22d0f38adb564413 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 17 Mar 2015 16:56:22 +0000 Subject: licensecheck.pl: sync with upstream Change-Id: Id3b868db36554541334dae3bd6363d5adc0289b8 --- scripts/licensecheck.pl | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/scripts/licensecheck.pl b/scripts/licensecheck.pl index 180e8989..5b6d0d33 100644 --- a/scripts/licensecheck.pl +++ b/scripts/licensecheck.pl @@ -17,7 +17,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along -# with this program. If not, see . +# with this program. If not, see . =head1 NAME @@ -152,7 +152,7 @@ my $default_ignore_regex = ' # File-names that should be ignored (never directories) (?:^|/)(?:DEADJOE|\.cvsignore|\.arch-inventory|\.bzrignore|\.gitignore)$| # File or directory names that should be ignored -(?:^|/)(?:CVS|RCS|\.deps|\{arch\}|\.arch-ids|\.svn|\.hg|_darcs|\.git| +(?:^|/)(?:CVS|RCS|\.pc|\.deps|\{arch\}|\.arch-ids|\.svn|\.hg|_darcs|\.git| \.shelf|_MTN|\.bzr(?:\.backup|tags)?)(?:$|/.*$) '; @@ -160,7 +160,7 @@ my $default_ignore_regex = ' $default_ignore_regex =~ s/^#.*$//mg; $default_ignore_regex =~ s/\n//sg; -my $default_check_regex = '\.(c(c|pp|xx)?|h(h|pp|xx)?|f(77|90)?|go|p(l|m)|xs|sh|php|py(|x)|rb|java|vala|el|sc(i|e)|cs|pas|inc|dtd|xsl|mod|m|tex|mli?)$'; +my $default_check_regex = '\.(c(c|pp|xx)?|h(h|pp|xx)?|f(77|90)?|go|p(l|m)|xs|sh|php|py(|x)|rb|java|js|vala|el|sc(i|e)|cs|pas|inc|dtd|xsl|mod|m|tex|mli?|(c|l)?hs)$'; my $modified_conf_msg; @@ -295,7 +295,7 @@ while (@files) { } close($F); - $copyright = join(" / ", values %copyrights); + $copyright = join(" / ", reverse sort values %copyrights); print qq(----- $file header -----\n$content----- end header -----\n\n) if $OPT{'verbose'}; @@ -329,9 +329,16 @@ sub parse_copyright { )'; my $copyright_disindicator_regex = ' \b(?:info(?:rmation)? # Discussing copyright information - |notice # Discussing the notice - |and|or # Part of a sentence + |(notice|statement|claim|string)s? # Discussing the notice + |and|or|is|in|to # Part of a sentence + |(holder|owner)s? # Part of a sentence + |ownership # Part of a sentence )\b'; + my $copyright_predisindicator_regex = '( + ^[#]define\s+.*\(c\) # #define foo(c) -- not copyright + )'; + + if ( ! m%$copyright_predisindicator_regex%ix) { if (m%$copyright_indicator_regex(?::\s*|\s+)(\S.*)$%ix) { $match = $1; @@ -347,6 +354,7 @@ sub parse_copyright { $copyright = $match; } } + } return $copyright; } @@ -359,8 +367,7 @@ sub clean_comments { # if no such pattern found. my @matches = m/^\s*([^a-zA-Z0-9\s]{1,3})\s\w/mg; if (@matches >= 4) { - my $comment_length = length($matches[0]); - my $comment_re = qr/\s*[\Q$matches[0]\E]{${comment_length}}\s*/; + my $comment_re = qr/\s*[\Q$matches[0]\E]{1,3}\s*/; s/^$comment_re//mg; } @@ -433,6 +440,8 @@ sub parselicense { $gplver = " (v$1)"; } elsif ($licensetext =~ /either version ([^ ]+)(?: of the License)?, or \(at your option\) any later version/) { $gplver = " (v$1 or later)"; + } elsif ($licensetext =~ /either version ([^ ]+)(?: of the License)?, or \(at your option\) version (\d(?:[\.-]\d+)*)/) { + $gplver = " (v$1 or v$2)"; } if ($licensetext =~ /(?:675 Mass Ave|59 Temple Place|51 Franklin Steet|02139|02111-1307)/i) { @@ -489,7 +498,7 @@ sub parselicense { if ($licensetext =~ /THIS SOFTWARE IS PROVIDED .*AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY/) { if ($licensetext =~ /All advertising materials mentioning features or use of this software must display the following acknowledge?ment.*This product includes software developed by/i) { $license = "BSD (4 clause) $license"; - } elsif ($licensetext =~ /(The name .*? may not|Neither the names? .*? nor the names of (its|their|other) contributors may) be used to endorse or promote products derived from this software/i) { + } elsif ($licensetext =~ /(The name(?:\(s\))? .*? may not|Neither the (names? .*?|authors?) nor the names of( (its|their|other|any))? contributors may) be used to endorse or promote products derived from this software/i) { $license = "BSD (3 clause) $license"; } elsif ($licensetext =~ /Redistributions of source code must retain the above copyright notice/i) { $license = "BSD (2 clause) $license"; @@ -593,4 +602,3 @@ sub fatal { $msg =~ s/\n\n$/\n/; die $msg; } - -- cgit v1.2.1 From ad252c62599cf25c78b6b82448e31847fe880a66 Mon Sep 17 00:00:00 2001 From: Adam Coldrick Date: Wed, 18 Mar 2015 09:33:07 +0000 Subject: Update the ref for Ansible The old ref doesn't match the unpetrify-ref, and doesn't build on systems without up-to-date CA certificates since the .gitmodules file in the Ansible repo still pointed at https://github.com/. This patch updates the ref so that it points at HEAD of baserock/v1.8.4, which changes the URLs in .gitmodules to be in the form "upstream:repo" instead of pointing at github. Change-Id: Ib66e9800006e56a6e0124d335ff90f05690f492e --- strata/ansible.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/ansible.morph b/strata/ansible.morph index 33a23750..4af0e805 100644 --- a/strata/ansible.morph +++ b/strata/ansible.morph @@ -8,5 +8,5 @@ chunks: - name: ansible morph: strata/ansible/ansible.morph repo: upstream:ansible - ref: ebc8d48d34296fe010096f044e2b7591df37a622 + ref: 0a7124541247cc613352054f4bc0c3e116e0b657 unpetrify-ref: baserock/v1.8.4 -- cgit v1.2.1 From b199af70c5a46567f5646ef8d7bf2d73600efdba Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Wed, 18 Mar 2015 12:55:51 +0000 Subject: Add git-review to 'devtools' stratum This is a tool that is useful for working with Gerrit. This commit also changes the stratum dependencies of 'devtools'. Change-Id: I5778538110fdf9dd50783e0f77159d01936b86f4 --- strata/devtools.morph | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/strata/devtools.morph b/strata/devtools.morph index 9a295db5..ed8bb852 100644 --- a/strata/devtools.morph +++ b/strata/devtools.morph @@ -6,7 +6,8 @@ description: | stratum should not have any dependants (please don't build-depend on this stratum) build-depends: -- morph: strata/foundation.morph +- morph: strata/core.morph +- morph: strata/python-core.morph chunks: - name: vim morph: strata/devtools/vim.morph @@ -26,3 +27,7 @@ chunks: repo: upstream:less ref: 09a405d8f652b56944c93ebf5c673cdfe5319b04 unpetrify-ref: baserock/morph +- name: git-review + repo: upstream:git-review + ref: 79262a52301c146a6b60d09a828661a83a5f5ba7 + unpetrify-ref: master -- cgit v1.2.1 From a3dc49272557fecb085e1130ce37a71503dc76e5 Mon Sep 17 00:00:00 2001 From: Richard Dale Date: Wed, 18 Mar 2015 15:26:34 +0000 Subject: Update the cmake version in the core stratum to v3.2.1 Change-Id: I58caaebe296d6c7e5684ff6836c1f2b4a155ab8f --- strata/core.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index 263eac60..84dcb722 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -12,8 +12,8 @@ chunks: - name: cmake morph: strata/core/cmake.morph repo: upstream:cmake - ref: 0b3781e4c497566acaa504d4106d11c02a642501 - unpetrify-ref: v2.8.12.2 + ref: 732d8a467ab8a295b1bbf580f865980f8a1a9b29 + unpetrify-ref: v3.2.1 - name: gdbm morph: strata/core/gdbm.morph repo: upstream:gdbm-tarball -- cgit v1.2.1 From 1206418de0dc0292566b9b27175a75539662f2f4 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Wed, 18 Mar 2015 17:51:12 +0000 Subject: kernel: Enable LVM snapshot capability I want to use LVM snapshots for taking backups of data volumes in our infrastructure systems. Change-Id: I665a3ec2e53fb57f529089b5f6e59deddf61dc73 --- strata/bsp-armv7-highbank/linux-armv7-highbank.morph | 1 + strata/bsp-armv7-versatile/linux-armv7-versatile.morph | 1 + strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph | 1 + strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph | 1 + strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 1 + strata/bsp-jetson/linux-jetson-tk1.morph | 1 + strata/bsp-ppc64-generic/linux-ppc64.morph | 1 + strata/bsp-wandboard/linux-armv7-wandboard.morph | 1 + strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 1 + strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 1 + 10 files changed, 10 insertions(+) diff --git a/strata/bsp-armv7-highbank/linux-armv7-highbank.morph b/strata/bsp-armv7-highbank/linux-armv7-highbank.morph index dfebf69c..45868cb2 100644 --- a/strata/bsp-armv7-highbank/linux-armv7-highbank.morph +++ b/strata/bsp-armv7-highbank/linux-armv7-highbank.morph @@ -32,6 +32,7 @@ configure-commands: - scripts/config -e DEVTMPFS_MOUNT - scripts/config -e CONFIG_FHANDLE - scripts/config --set-str UEVENT_HELPER_PATH '' +- scripts/config -e DM_SNAPSHOT - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e TMPFS diff --git a/strata/bsp-armv7-versatile/linux-armv7-versatile.morph b/strata/bsp-armv7-versatile/linux-armv7-versatile.morph index 1da640e7..9125ee51 100644 --- a/strata/bsp-armv7-versatile/linux-armv7-versatile.morph +++ b/strata/bsp-armv7-versatile/linux-armv7-versatile.morph @@ -12,6 +12,7 @@ configure-commands: - scripts/config -e AUTOFS4_FS - scripts/config -e BLK_DEV_LOOP - scripts/config --set-str UEVENT_HELPER_PATH '' +- scripts/config -e DM_SNAPSHOT - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph b/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph index ea1a2d5f..a4de8d6a 100644 --- a/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph +++ b/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph @@ -14,6 +14,7 @@ configure-commands: - scripts/config -e IP_PNP_DHCP - scripts/config -e IP_PNP_BOOTP - scripts/config --set-str UEVENT_HELPER_PATH '' +- scripts/config -e DM_SNAPSHOT - scripts/config -e DEVTMPFS - scripts/config -e DEVTMPFS_MOUNT - scripts/config -e CONFIG_FHANDLE diff --git a/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph b/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph index ecf6b9bc..d9c5ece2 100644 --- a/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph +++ b/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph @@ -14,6 +14,7 @@ configure-commands: - scripts/config -e IP_PNP_DHCP - scripts/config -e IP_PNP_BOOTP - scripts/config --set-str UEVENT_HELPER_PATH '' +- scripts/config -e DM_SNAPSHOT - scripts/config -e DEVTMPFS - scripts/config -e DEVTMPFS_MOUNT - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 4eb92de4..4f845a6e 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -36,6 +36,7 @@ configure-commands: - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config -e CEPH_FS - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e VIRTIO - scripts/config -e VIRTIO_RING - scripts/config -e VIRTIO_PCI diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 42c16f01..f4df4b81 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -38,6 +38,7 @@ configure-commands: - scripts/config -e BLK_DEV_LOOP - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 1740a144..24ce8fe5 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -36,6 +36,7 @@ configure-commands: - scripts/config -e BLK_DEV_LOOP - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-wandboard/linux-armv7-wandboard.morph b/strata/bsp-wandboard/linux-armv7-wandboard.morph index 15317978..b77c3f7a 100644 --- a/strata/bsp-wandboard/linux-armv7-wandboard.morph +++ b/strata/bsp-wandboard/linux-armv7-wandboard.morph @@ -38,6 +38,7 @@ configure-commands: - scripts/config -e BLK_DEV_LOOP - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 593d9a65..4ff10015 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -46,6 +46,7 @@ configure-commands: - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config -e CEPH_FS - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e VIRTIO - scripts/config -e VIRTIO_RING - scripts/config -e VIRTIO_PCI diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index fe0721cc..377536c1 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -46,6 +46,7 @@ configure-commands: - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config -e CEPH_FS - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e VIRTIO - scripts/config -e VIRTIO_RING - scripts/config -e VIRTIO_PCI -- cgit v1.2.1 From b47b1ebb2ebb18b858a44c432cf63f05ec1d0bf7 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Thu, 19 Mar 2015 14:23:29 +0000 Subject: Upgrade OpenSSL to version 1.0.1m to get security updates Change-Id: I6a0b0ebe0fb7d2505ac0fdcdba6a482763724808 --- strata/core.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index 84dcb722..dce6b0ed 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -81,8 +81,8 @@ chunks: - name: openssl-new morph: strata/core/openssl-new.morph repo: upstream:openssl-new - ref: 872e681c00a713e840ebed77a4e05fa0e181f16f - unpetrify-ref: OpenSSL_1_0_1j + ref: 506c1068801fdeef5cb00f2053854bf56150fb6d + unpetrify-ref: OpenSSL_1_0_1m build-depends: - perl - name: bzip2 -- cgit v1.2.1 From 4924d985aab8551a50e3773038438f7cc425ee82 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Thu, 19 Mar 2015 19:34:43 +0000 Subject: Fix error in trove-example cluster --- clusters/trove-example.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/trove-example.morph b/clusters/trove-example.morph index 1b1e9777..2812f60e 100644 --- a/clusters/trove-example.morph +++ b/clusters/trove-example.morph @@ -15,7 +15,7 @@ description: | To do the initial deployment: - morph deploy --upgrade clusters/trove-example.morph \ + morph deploy clusters/trove-example.morph \ initial \ initial.location=kvm+ssh://liw@192.168.122.1/test-trove/tmp/test-trove.img -- cgit v1.2.1 From 55ec8895c4488bc4e6fb888725c54f909b6beba7 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Fri, 20 Mar 2015 11:10:06 +0000 Subject: Fix python-coveragepy's chunk morph path --- strata/python-cliapp.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/python-cliapp.morph b/strata/python-cliapp.morph index ff6fda3e..495a6a2e 100644 --- a/strata/python-cliapp.morph +++ b/strata/python-cliapp.morph @@ -6,7 +6,7 @@ build-depends: - morph: strata/python-core.morph chunks: - name: python-coveragepy - morph: strata/morph-utils/python-coveragepy.morph + morph: strata/python-cliapp/python-coveragepy.morph repo: upstream:python-coveragepy ref: 77d2e3bfd8fb325092aaed37ba1378054d182d19 unpetrify-ref: baserock/morph -- cgit v1.2.1 From 0fdecbd3342899dfa788ea94cb6724db6ffd9aa6 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Wed, 18 Mar 2015 15:34:46 +0000 Subject: Revert "strata/core.morph: bison doesnt depend on bash" This reverts commit c5240343053398d288cc500ff54379a3b0de5309. The original clean-up patch breaks the native build phase of cross-bootstrap on tested platforms - armv8l64, armv8b64, and x86_64. In the bootstrap environment, the native build of bison does rely on being run with bash rather than sh. Change-Id: Id8ed8793f8a179615a2f8733e867445cac544043 --- strata/core.morph | 1 + strata/core/bison.morph | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/strata/core.morph b/strata/core.morph index dce6b0ed..cae24f3f 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -199,6 +199,7 @@ chunks: build-depends: - autoconf-tarball - automake + - bash - flex - gettext-tarball - git diff --git a/strata/core/bison.morph b/strata/core/bison.morph index 5f50fe89..7c7fffd9 100644 --- a/strata/core/bison.morph +++ b/strata/core/bison.morph @@ -2,4 +2,4 @@ name: bison kind: chunk build-system: autotools pre-configure-commands: -- ./bootstrap --skip-po +- bash bootstrap --skip-po -- cgit v1.2.1 From 0af3347318558cbd87d458432dc91701dee80d57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 03:21:49 +0000 Subject: strata/tools.morph: Upgrade vala to latest stable (0.28.0) Change-Id: Ibdde8d7746ef615083b9f61f4f44e1c58d556f55 --- strata/tools.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/tools.morph b/strata/tools.morph index 2bbf7bfa..a3e7740b 100644 --- a/strata/tools.morph +++ b/strata/tools.morph @@ -38,8 +38,8 @@ chunks: unpetrify-ref: baserock/bootstrap - name: vala repo: upstream:vala - ref: 682eba5880fbd76402dec10118883da913a7b255 - unpetrify-ref: 0.26.2 + ref: 5f6ebe007050be12bdc4aa7c902ae4059f28874a + unpetrify-ref: 0.28.0 build-depends: - vala-bootstrap - name: u-boot -- cgit v1.2.1 From 632c674222763a4f0d8ca066862a39d221866ad8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 04:05:00 +0000 Subject: Move 'tar' from webtools to coreutils-common stratum Change-Id: I18c5cb1185bf6c53032a7c4bd29f33598eac7031 --- strata/coreutils-common.morph | 7 +++++++ strata/coreutils-common/tar.morph | 10 ++++++++++ strata/webtools.morph | 5 ----- strata/webtools/tar.morph | 10 ---------- 4 files changed, 17 insertions(+), 15 deletions(-) create mode 100644 strata/coreutils-common/tar.morph delete mode 100644 strata/webtools/tar.morph diff --git a/strata/coreutils-common.morph b/strata/coreutils-common.morph index f226f50b..430e3fe5 100644 --- a/strata/coreutils-common.morph +++ b/strata/coreutils-common.morph @@ -26,3 +26,10 @@ chunks: unpetrify-ref: baserock/v3.3 build-depends: - coreutils +- name: tar + morph: strata/coreutils-common/tar.morph + repo: upstream:tar + ref: 9a58d148c26c220cb1b163c71e7a51a2e41f6b37 + unpetrify-ref: baserock/release_1_28 + build-depends: + - coreutils diff --git a/strata/coreutils-common/tar.morph b/strata/coreutils-common/tar.morph new file mode 100644 index 00000000..9219abeb --- /dev/null +++ b/strata/coreutils-common/tar.morph @@ -0,0 +1,10 @@ +name: tar +kind: chunk +configure-commands: +- bash bootstrap --skip-po +- FORCE_UNSAFE_CONFIGURE=1 ./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/sbin + --disable-nls --disable-gcc-warnings +build-commands: +- make +install-commands: +- make DESTDIR="$DESTDIR" install diff --git a/strata/webtools.morph b/strata/webtools.morph index 68ce80d5..17a1abda 100644 --- a/strata/webtools.morph +++ b/strata/webtools.morph @@ -14,11 +14,6 @@ chunks: repo: upstream:libgit2 ref: 4b0a36e881506a02b43a4ae3c19c93c919b36eeb unpetrify-ref: master -- name: tar - morph: strata/webtools/tar.morph - repo: upstream:tar - ref: 9a58d148c26c220cb1b163c71e7a51a2e41f6b37 - unpetrify-ref: baserock/release_1_28 - name: nginx morph: strata/webtools/nginx.morph repo: upstream:nginx diff --git a/strata/webtools/tar.morph b/strata/webtools/tar.morph deleted file mode 100644 index 9219abeb..00000000 --- a/strata/webtools/tar.morph +++ /dev/null @@ -1,10 +0,0 @@ -name: tar -kind: chunk -configure-commands: -- bash bootstrap --skip-po -- FORCE_UNSAFE_CONFIGURE=1 ./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/sbin - --disable-nls --disable-gcc-warnings -build-commands: -- make -install-commands: -- make DESTDIR="$DESTDIR" install -- cgit v1.2.1 From 66c61f4434780c2f6b2761e72fe959485f636a04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 12:42:31 +0000 Subject: strata/gtk-deps.morph: Update ATK to latest stable (2.16.0) This version doesnt depend on gnome-common anymore Change-Id: I95e1e482eb11cf7afd14255d55c80337c7e9ff93 --- strata/gtk-deps.morph | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/strata/gtk-deps.morph b/strata/gtk-deps.morph index 0493245f..a633c454 100644 --- a/strata/gtk-deps.morph +++ b/strata/gtk-deps.morph @@ -26,10 +26,8 @@ chunks: unpetrify-ref: 2.30.8 - name: atk repo: upstream:atk - ref: 2fb9411c3f32adb7ee421b59e36d2e0aa2f30253 - unpetrify-ref: ATK_2_15_4 - build-depends: - - gnome-common + ref: 3f9e43b94364053fd16eb53391667d161d0dae12 + unpetrify-ref: ATK_2_16_0 - name: at-spi2-core repo: upstream:at-spi2-core ref: 96c2842088008670e72739ea7921d654487a57fb -- cgit v1.2.1 From 0c6c3c2194fb2c724fe19c94cf1188a0bb9f73fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 12:50:51 +0000 Subject: strata/gtk-deps.morph: gnome-common is not needed here anymore new ATK version doesnt depend on it Change-Id: If21f66ac4f1a86753a8de04f40e585486680d24f --- strata/gtk-deps.morph | 4 ---- 1 file changed, 4 deletions(-) diff --git a/strata/gtk-deps.morph b/strata/gtk-deps.morph index a633c454..06110cdc 100644 --- a/strata/gtk-deps.morph +++ b/strata/gtk-deps.morph @@ -15,10 +15,6 @@ chunks: repo: upstream:shared-mime-info ref: c136fc2578aa8f7c0e098008da18d324033eb991 unpetrify-ref: Release-1-4 -- name: gnome-common - repo: upstream:gnome-common - ref: d213283fcb5228d05eb2c796579f18240e8467e8 - unpetrify-ref: 3.12.0 - name: gdk-pixbuf morph: strata/gtk-deps/gdk-pixbuf.morph repo: upstream:gdk-pixbuf -- cgit v1.2.1 From 03aaed6441cd00f95aa7170c96406a3a3113ee17 Mon Sep 17 00:00:00 2001 From: Paul Martin Date: Wed, 4 Mar 2015 14:28:36 +0000 Subject: stage2-glibc: Fix symlink to dynamic linker On non-x86 systems, the linker may not be called ld-linux.so.* but the older name of ld.so.* When the linker is ld.so.1, for example, the install script of stage2-glibc does not exit with an error (as basename/ls are in subshells), but rather $loader is empty string. This means that the symlink made is from /lib/lib to /tools/lib rather than from /lib/ld.so.1 to /tools/lib/ld.so.1. --- strata/build-essential/stage2-glibc.morph | 2 ++ 1 file changed, 2 insertions(+) diff --git a/strata/build-essential/stage2-glibc.morph b/strata/build-essential/stage2-glibc.morph index 48ceb767..7346cd3b 100644 --- a/strata/build-essential/stage2-glibc.morph +++ b/strata/build-essential/stage2-glibc.morph @@ -62,5 +62,7 @@ install-commands: "$DESTDIR/lib64/ld64.so.1" ;; *) loader=$(basename $(ls "$DESTDIR$PREFIX"/lib/ld-linux*)) + [ -z $loader ] && loader=$(basename $(ls "$DESTDIR$PREFIX"/lib/ld.so*)) + [ -z $loader ] && ( echo "Bug in stage2-glibc ld.so symlinks" ; exit 1 ) ln -s "$PREFIX/lib/$loader" "$DESTDIR/lib/$loader" esac -- cgit v1.2.1 From 85f0c8e334c712054b1196e7d70efc2bdeac1dbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Sun, 22 Mar 2015 03:23:53 +0000 Subject: strata/x-generic: Update xserver to latest stable (1.17.1) Change-Id: Iba5ff3e87ed5399cd80369b3bb484f277a73b82b (cherry picked from commit 696373c5b058b3d7f62b1afb7c4250ca58c81a19) --- strata/x-generic.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/x-generic.morph b/strata/x-generic.morph index 665d4c5f..a8a0660a 100644 --- a/strata/x-generic.morph +++ b/strata/x-generic.morph @@ -34,8 +34,8 @@ chunks: - name: xserver morph: strata/x-generic/xserver.morph repo: upstream:xserver - ref: 4393c7f1ba6140a02232f04fbb434a80d663a99d - unpetrify-ref: xorg-server-1.16.2 + ref: 3b0d1ba2266d2780bfc111bab74885b90458eca4 + unpetrify-ref: xorg-server-1.17.1 build-depends: - libepoxy - xorg-font-util -- cgit v1.2.1 From a76aef3fea1d24d5e5b0fd2dfd9f768151c25f82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 18:20:38 +0000 Subject: strata/foundation.morph: Upgrade GLib to latest stable (2.44.0) Change-Id: I003f302c0fc353454c883f12a636330179e17fc3 --- strata/foundation.morph | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index 7bcfc77d..8b7b4e4d 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -43,7 +43,8 @@ chunks: unpetrify-ref: baserock/morph - name: glib repo: upstream:glib - ref: 4125415e7f4d1213fc7122beac0d91af08e37b28 + ref: 966ffb16f6bd54cb3d928a55d00d0eda73592094 + unpetrify-ref: 2.44.0 build-depends: - libffi - name: gobject-introspection -- cgit v1.2.1 From f191384b78af0230a32e9684e3542ba2b97b77c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 18:23:34 +0000 Subject: strata/gtk3: Upgrade GTK+3 to latest stable (3.16.0) Change-Id: I3b59957a2f61275933ac0d61a8c4c68a607724e9 --- strata/gtk3.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/gtk3.morph b/strata/gtk3.morph index 826555a0..f03417a2 100644 --- a/strata/gtk3.morph +++ b/strata/gtk3.morph @@ -12,7 +12,7 @@ chunks: - name: gtk3 morph: strata/gtk3/gtk3.morph repo: upstream:gtk+ - ref: da163469f9d344190f69bfc163517154af0e2dab - unpetrify-ref: 3.15.4 + ref: a816ccd4968f1e221b92bfd1e2b2dc27703d6db5 + unpetrify-ref: 3.16.0 build-depends: - libepoxy -- cgit v1.2.1 From f3360dce6696c5343227c633ff848a15789513c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 24 Mar 2015 00:49:27 +0000 Subject: strata/tools/lsof.morph: Do not try set an owner This will try to avoid a problem when extracting the tarball file This is a regression introduced in commit 7834a992014dd62cacbf7c46ecc259c48fd772dd when we start to use the real tar instead the one provided by busybox Change-Id: I8195d8f2bc1ccc5f9ce062ab9ed12d1167885e0a --- strata/tools/lsof.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/tools/lsof.morph b/strata/tools/lsof.morph index 5fabcd64..38183ae6 100644 --- a/strata/tools/lsof.morph +++ b/strata/tools/lsof.morph @@ -1,7 +1,7 @@ name: lsof kind: chunk configure-commands: -- tar xf lsof_*_src.tar +- tar xf lsof_*_src.tar --no-same-owner - cd lsof_*_src/ && ./Configure -n linux build-commands: - cd lsof_*_src/ && make -- cgit v1.2.1 From 8c8747bdd77f1c097e71a989e6af18db49e71cec Mon Sep 17 00:00:00 2001 From: "Kejia Hu (Terry)" Date: Mon, 23 Mar 2015 16:33:25 +0000 Subject: Fix the stage 2 gawk build failure According to Richard Maw's comments on #baserock, the upstream gawk was broken, and we should use 4.1 stable instead Change-Id: Ifce17b2c90d80e0f1c76ac2bbc145aece74e8dd1 --- strata/build-essential.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/build-essential.morph b/strata/build-essential.morph index 0758fee8..a4758a7f 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -163,8 +163,8 @@ chunks: - name: stage2-gawk morph: strata/build-essential/stage2-gawk.morph repo: upstream:gawk - ref: dc5af665700d9b04fdf9c18930526d28eef5d5d9 - unpetrify-ref: gawk-4.1.1 + ref: 925f9363c4b0a5bb9375298afcdcf404efb32587 + unpetrify-ref: gawk-4.1-stable build-depends: - stage1-binutils - stage1-gcc -- cgit v1.2.1 From 8e3bf0d0cf0aa424bed5b0cc3de1ec4c0dc8dafe Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 24 Mar 2015 17:24:05 +0000 Subject: clusters/release.morph: Fix name of build-system-armv7lhf-jetson Change-Id: I041f7d0090b1fbbcfe1634b1635660fda56c9509 --- clusters/release.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/release.morph b/clusters/release.morph index f161d0df..8daf90b8 100644 --- a/clusters/release.morph +++ b/clusters/release.morph @@ -31,7 +31,7 @@ systems: DISK_SIZE: 6G - morph: systems/build-system-armv7lhf-jetson.morph deploy: - devel-system-armv7lhf-jetson: + build-system-armv7lhf-jetson: type: rawdisk location: build-system-armv7lhf-jetson.img DISK_SIZE: 2G -- cgit v1.2.1 From c58098d21349b3cbe8856c1b40090202e83bd410 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 23 Mar 2015 04:06:40 +0000 Subject: tar.morph: simplify morphology Change-Id: I929981507806d1561187ba8bede8784bede3bd13 --- strata/coreutils-common/tar.morph | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/strata/coreutils-common/tar.morph b/strata/coreutils-common/tar.morph index 9219abeb..d9ee3a36 100644 --- a/strata/coreutils-common/tar.morph +++ b/strata/coreutils-common/tar.morph @@ -1,10 +1,17 @@ name: tar kind: chunk -configure-commands: +build-system: autotools +pre-configure-commands: - bash bootstrap --skip-po -- FORCE_UNSAFE_CONFIGURE=1 ./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/sbin - --disable-nls --disable-gcc-warnings -build-commands: -- make -install-commands: -- make DESTDIR="$DESTDIR" install +configure-commands: +# Configure flag notes: +# 1. Needed to run configure as root +# 2. Disable some warning that cause the build to fail +# 3. To use GNU tar instead the busybox one. +# This will dissappear when we merge /usr/bin and /bin + +- | + `# [1]` env FORCE_UNSAFE_CONFIGURE=1 \ + ./configure --prefix="$PREFIX" \ + `# [2]` --disable-gcc-warnings \ + `# [3]` --bindir=/bin -- cgit v1.2.1 From 8874a7c721f6c513692519eadef67ef90d3d177d Mon Sep 17 00:00:00 2001 From: James Thomas Date: Fri, 20 Feb 2015 14:50:52 +0000 Subject: Fix build of ICU on ARM Change-Id: I44bae2748e070e3a17f15e85865bc6c6e192248c --- strata/qt5-tools/icu.morph | 1 + 1 file changed, 1 insertion(+) diff --git a/strata/qt5-tools/icu.morph b/strata/qt5-tools/icu.morph index 37dec07e..f9532f04 100644 --- a/strata/qt5-tools/icu.morph +++ b/strata/qt5-tools/icu.morph @@ -1,6 +1,7 @@ name: icu kind: chunk configure-commands: +- sed -e 's/LDFLAGSICUDT/#LDFLAGSICUDT/' -i source/config/mh-linux - cd source; ./runConfigureICU Linux --prefix=/usr build-commands: - cd source; unset TARGET ; make -- cgit v1.2.1 From 5592503f7287fdf2d6d671002854036b138cc0dc Mon Sep 17 00:00:00 2001 From: James Thomas Date: Fri, 20 Feb 2015 15:31:13 +0000 Subject: Update qt5 to v5.4.0 Change-Id: If64032824787e28fbe61e805666f6339a2a9bceb --- strata/qt5-tools-qtmultimedia.morph | 4 +-- strata/qt5-tools-qtwebkit.morph | 20 +++++------ strata/qt5-tools.morph | 71 ++++++++++++++++++------------------- 3 files changed, 47 insertions(+), 48 deletions(-) diff --git a/strata/qt5-tools-qtmultimedia.morph b/strata/qt5-tools-qtmultimedia.morph index 92bfcde9..d30acdcc 100644 --- a/strata/qt5-tools-qtmultimedia.morph +++ b/strata/qt5-tools-qtmultimedia.morph @@ -8,5 +8,5 @@ chunks: - name: qtmultimedia morph: strata/qt5-tools/qtmultimedia-gstreamer.morph repo: upstream:qt5/qtmultimedia - ref: b3c2dca466042cf362ffb8d803bf05c9b8a0f95f - unpetrify-ref: v5.3.2 + ref: 8b1ee1724071cc4bbe8cefe195e375ef583d9d7f + unpetrify-ref: v5.4.0 diff --git a/strata/qt5-tools-qtwebkit.morph b/strata/qt5-tools-qtwebkit.morph index e5338d7a..89039789 100644 --- a/strata/qt5-tools-qtwebkit.morph +++ b/strata/qt5-tools-qtwebkit.morph @@ -9,26 +9,26 @@ chunks: - name: qtwebkit morph: strata/qt5-tools/qtwebkit.morph repo: upstream:qt5/qtwebkit - ref: 13f80d34ae84c3231118c8013beee55badab8929 - unpetrify-ref: v5.3.2 + ref: 5d43584babfb43b99159f702160d010778d2190a + unpetrify-ref: v5.4.0 - name: qtwebkit-examples morph: strata/qt5-tools/qtwebkit-examples.morph repo: upstream:qt5/qtwebkit-examples - ref: bce5056b9e16a943357e362455a46685d3f22093 - unpetrify-ref: v5.3.2 + ref: 70bd4d5253f134bf48a30544030bb832f1eba8b3 + unpetrify-ref: v5.4.0 build-depends: - qtwebkit - name: qttools morph: strata/qt5-tools/qttools.morph repo: upstream:qt5/qttools - ref: 8c79a098b8b7da4832ebca1884ee833a2c2078a7 - unpetrify-ref: v5.3.2 - build-depends: + ref: 5060a0ec7dcb26826b19eefbd6063efcbde6101f + unpetrify-ref: v5.4.0 + build-depends: - qtwebkit - name: qttranslations morph: strata/qt5-tools/qttranslations.morph repo: upstream:qt5/qttranslations - ref: cf4d6f7e73bb410ed0aa3d64dffb2b6b242cdfe0 - unpetrify-ref: v5.3.2 - build-depends: + ref: 3aad4ab4718d4bf952275a07e406e93eb6a22eed + unpetrify-ref: v5.4.0 + build-depends: - qttools diff --git a/strata/qt5-tools.morph b/strata/qt5-tools.morph index dbda3a2e..7fb8403e 100644 --- a/strata/qt5-tools.morph +++ b/strata/qt5-tools.morph @@ -13,37 +13,37 @@ chunks: - name: qtbase morph: strata/qt5-tools/qtbase.morph repo: upstream:qt5/qtbase - ref: 05670f586ffe05425b7542a27fcca31bddf231aa - unpetrify-ref: v5.3.2 + ref: 5367fa356233da4c0f28172a8f817791525f5457 + unpetrify-ref: v5.4.0 build-depends: - icu - name: qtsvg morph: strata/qt5-tools/qtsvg.morph repo: upstream:qt5/qtsvg - ref: 35a2f0880831d38c60d2b4820dac808f48f6f3a8 - unpetrify-ref: v5.3.2 + ref: eece19e62638409b479cabcbb985978d61d84307 + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtscript morph: strata/qt5-tools/qtscript.morph repo: upstream:qt5/qtscript - ref: 71f6dee8791c95fd862ca3651d7f4b7d6b9f440e - unpetrify-ref: v5.3.2 + ref: 1371263991489f11774250aa609ace0b12415186 + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtdeclarative morph: strata/qt5-tools/qtdeclarative.morph repo: upstream:qt5/qtdeclarative - ref: a67aa6abc6a406b00ef58a7e07fd39012bfa3eb1 - unpetrify-ref: v5.3.2 + ref: fdf004803d036583f58ceb832803cfe39c6ba6d8 + unpetrify-ref: v5.4.0 build-depends: - qtbase - qtscript - name: qtquick1 morph: strata/qt5-tools/qtquick1.morph repo: upstream:qt5/qtquick1 - ref: 8e7fa2b5aa2e2e4371c4b73926d0e6ad2ebdbd96 - unpetrify-ref: v5.3.2 + ref: 1f92491bd95abc642dcd882846884a5271c8ba16 + unpetrify-ref: v5.4.0 build-depends: - qtbase - qtscript @@ -59,80 +59,79 @@ chunks: - name: qtquickcontrols morph: strata/qt5-tools/qtquickcontrols.morph repo: upstream:qt5/qtquickcontrols - ref: bc91574cca8b6f24968ab4e1cc11fe1fd10f3061 - unpetrify-ref: v5.3.2 + ref: ea099e341b5f8845be56f81b22e44a8b6cb227a2 + unpetrify-ref: v5.4.0 build-depends: - qtbase - qtdeclarative - name: qtsensors morph: strata/qt5-tools/qtsensors.morph repo: upstream:qt5/qtsensors - ref: fd3e65ef5ab6eb8e4b5bdad380d1f6862799856c - unpetrify-ref: v5.3.2 + ref: 10702cfa8ce803e0911306284c246a879d865f1d + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtserialport morph: strata/qt5-tools/qtserialport.morph repo: upstream:qt5/qtserialport - ref: 286d64c202f461cb8ff5a4cc4c2320af8195b8f0 - unpetrify-ref: v5.3.2 + ref: 9aef6c3c8ff97b7998bdd813f7c7f3d845b2a53f + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtx11extras morph: strata/qt5-tools/qtx11extras.morph repo: upstream:qt5/qtx11extras - ref: 2d84caf5ef1b5dace0d678df4581db3c955be6ee - unpetrify-ref: v5.3.2 + ref: a21bbb45019e1bbc7b583811ff2e84757082a01a + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtxmlpatterns morph: strata/qt5-tools/qtxmlpatterns.morph repo: upstream:qt5/qtxmlpatterns - ref: 78c2367e22d87b529610117f5b6abef6934abdcf - unpetrify-ref: v5.3.2 + ref: 2e8b90b33d1d8dce4acdb6a116a227f2a5d3e044 + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtdoc morph: strata/qt5-tools/qtdoc.morph repo: upstream:qt5/qtdoc - ref: 688019893d2cbd9ccdc4d75c550bca4530a46ee4 - unpetrify-ref: v5.3.2 + ref: 251f5eaa2dae740c0d0217893038a3f5bab2bca3 + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtgraphicaleffects morph: strata/qt5-tools/qtgraphicaleffects.morph repo: upstream:qt5/qtgraphicaleffects - ref: 82abf6975b6737259ee656564e5ec7f8ad1d0508 - unpetrify-ref: v5.3.2 + ref: 9e9600d92224084f7942a6bd83b926c630a29747 + unpetrify-ref: v5.4.0 build-depends: - qtbase - qtdeclarative - name: qtimageformats morph: strata/qt5-tools/qtimageformats.morph repo: upstream:qt5/qtimageformats - ref: 85e621e3ecf449bb0587bd4da97ca66179b24f31 - unpetrify-ref: v5.3.2 + ref: fdc7026fb7d098abbf135fd5e7d2cf00884f9235 + unpetrify-ref: v5.4.0 build-depends: - qtbase - name: qtconnectivity morph: strata/qt5-tools/qtconnectivity.morph repo: upstream:qt5/qtconnectivity - ref: 8a33a9b43dcc5e7f9a77237a660a3759286e6b86 - unpetrify-ref: v5.3.2 - build-depends: + ref: 5d405d07fb51502d0bfab08f4d74aa5eba365bab + unpetrify-ref: v5.4.0 + build-depends: - qtbase - name: qtlocation morph: strata/qt5-tools/qtlocation.morph repo: upstream:qt5/qtlocation - ref: a36d9e67e3b8168cb4d1eb76eda96ebb8242fd20 - unpetrify-ref: v5.3.2 - build-depends: + ref: 7791dd790d2b15751b703db70a5fceb31d3fd99f + unpetrify-ref: v5.4.0 + build-depends: - qtbase - name: qtwebsockets morph: strata/qt5-tools/qtwebsockets.morph repo: upstream:qt5/qtwebsockets - ref: 00f77bdc5beb62e980216cfee906ab7aa1d1c4f7 - unpetrify-ref: v5.3.2 - build-depends: + ref: d1c9ede19976767393fe5db2f396c0c18d6fbced + unpetrify-ref: v5.4.0 + build-depends: - qtbase - -- cgit v1.2.1 From e77dd84ec11f0de93db425cb62ab0d3739edbb5c Mon Sep 17 00:00:00 2001 From: Paul Sherwood Date: Thu, 5 Mar 2015 08:49:36 +0000 Subject: Make stage2-linux-api-headers and stage2-gawk dependencies explicit As discussed on the ML at [1] morph somehow infers that stage2-linux-api-headers is required for other stage2 components. This patch makes the inference explicit, which is more consistent, and should not affect any current builds or cache calculations. Also, it seems m4 requires stage2-gawk, so make that explicit too. [1] http://listmaster.pepperfish.net/pipermail/baserock-dev-baserock.org/2015-March/012425.html --- strata/build-essential.morph | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/strata/build-essential.morph b/strata/build-essential.morph index a4758a7f..eb4eb2ff 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -90,6 +90,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc build-mode: bootstrap prefix: /tools @@ -102,6 +103,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc build-mode: bootstrap prefix: /tools @@ -114,6 +116,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc build-mode: bootstrap prefix: /tools @@ -126,6 +129,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc - stage2-gcc-fixed-headers - stage2-libstdc++ @@ -140,6 +144,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc build-mode: bootstrap prefix: /tools @@ -168,6 +173,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc build-mode: bootstrap prefix: /tools @@ -180,6 +186,7 @@ chunks: build-depends: - stage1-binutils - stage1-gcc + - stage2-linux-api-headers - stage2-glibc build-mode: bootstrap prefix: /tools @@ -332,7 +339,9 @@ chunks: - stage2-busybox - stage2-glibc - stage2-fhs-dirs + - stage2-gawk - stage2-gcc + - stage2-linux-api-headers - stage2-make - stage2-reset-specs - glibc -- cgit v1.2.1 From 7114ef7968abd71f5b7e325ff2ef25df032dc093 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Thu, 26 Mar 2015 10:37:15 +0000 Subject: build-essential: Add note about inconsistent use of build-depends field Change-Id: Iff40fb270a403c486e1897ecc8d8a973aec05257 --- strata/build-essential.morph | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/strata/build-essential.morph b/strata/build-essential.morph index eb4eb2ff..24cfed0b 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -34,6 +34,13 @@ description: | PLEASE KEEP THE REFS IN 'armv7lhf-cross-toolchain' STRATUM UP TO DATE WITH THIS ONE! + + Please note that the chunk 'build-depends' field is treated differently in + this stratum to how other strata in definitions.git use it. Other strata + rely on the fact that dependencies of a dependency (called 'transitive + dependencies') are implicitly included in the staging area. Within + build-essential, some chunks list transitive dependencies explicitly to + make clearer what is going on. products: - artifact: build-essential-minimal include: -- cgit v1.2.1 From e1f4965987af082d50f99f2193e6322d3b280538 Mon Sep 17 00:00:00 2001 From: Daniel Silverstone Date: Thu, 26 Mar 2015 13:17:45 +0000 Subject: Add missing build-depend for gcc The gcc chunk was missing one more implicit build dependency (namely that of linux-api-headers). Change-Id: Ia7de9985cfa31444efe572e0bea5dc1d31912055 --- strata/build-essential.morph | 1 + 1 file changed, 1 insertion(+) diff --git a/strata/build-essential.morph b/strata/build-essential.morph index 24cfed0b..7eec73db 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -371,6 +371,7 @@ chunks: - glibc - zlib - m4-tarball + - linux-api-headers artifacts: gcc-libs: build-essential-minimal -- cgit v1.2.1 From 32f6684b640de87293353fd0d6faf25238b043b3 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Thu, 5 Mar 2015 12:40:03 +0000 Subject: hardware-deployment: remove unused DISK_SIZE As the installer system installs the rawdisk into a device, this variable is not used. Change-Id: Id6ba83ecbeb460813a074438930767638f68a141 --- clusters/hardware-deployment.morph | 1 - 1 file changed, 1 deletion(-) diff --git a/clusters/hardware-deployment.morph b/clusters/hardware-deployment.morph index 0b1335ae..c6b7dce9 100644 --- a/clusters/hardware-deployment.morph +++ b/clusters/hardware-deployment.morph @@ -12,7 +12,6 @@ systems: location: AB:CD:EF:12:34:56:78 #MAC address. PXEBOOT_MODE: spawn-novlan PXEBOOT_DEPLOYER_INTERFACE: ens6 - DISK_SIZE: 6G KERNEL_ARGS: console=ttyS1,9600 console=tty0 init=/usr/lib/baserock-installer/installer HOSTNAME: installer-system IPMI_USER: myipmiuser -- cgit v1.2.1 From 1050b19918be4f099941791c867be5d94f44a972 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Thu, 19 Mar 2015 13:46:41 +0000 Subject: Add swift to devel system This is needed to build swift data structures at deploy time Change-Id: I54ea8c1d75195ad33046ff48397458fe5c1d1e79 --- strata/swift.morph | 49 +++++++++++++++++++++++++++ strata/swift/xattr.morph | 8 +++++ systems/devel-system-armv7-chroot.morph | 2 ++ systems/devel-system-armv7-highbank.morph | 2 ++ systems/devel-system-armv7-versatile.morph | 2 ++ systems/devel-system-armv7-wandboard.morph | 2 ++ systems/devel-system-armv7b-chroot.morph | 2 ++ systems/devel-system-armv7b-highbank.morph | 2 ++ systems/devel-system-armv7lhf-chroot.morph | 2 ++ systems/devel-system-armv7lhf-highbank.morph | 2 ++ systems/devel-system-armv7lhf-jetson.morph | 2 ++ systems/devel-system-armv7lhf-wandboard.morph | 2 ++ systems/devel-system-armv8l64.morph | 2 ++ systems/devel-system-ppc64-chroot.morph | 2 ++ systems/devel-system-ppc64-generic.morph | 2 ++ systems/devel-system-x86_32-chroot.morph | 2 ++ systems/devel-system-x86_32-generic.morph | 2 ++ systems/devel-system-x86_64-chroot.morph | 2 ++ systems/devel-system-x86_64-generic.morph | 2 ++ systems/devel-system-x86_64-vagrant.morph | 2 ++ 20 files changed, 93 insertions(+) create mode 100644 strata/swift.morph create mode 100644 strata/swift/xattr.morph diff --git a/strata/swift.morph b/strata/swift.morph new file mode 100644 index 00000000..bf0aea19 --- /dev/null +++ b/strata/swift.morph @@ -0,0 +1,49 @@ +name: swift +kind: stratum +description: Distributed object storage +build-depends: +- morph: strata/openstack-common.morph # for simplejson, cffi +chunks: +- name: dnspython + repo: upstream:python-packages/dnspython + ref: e1369c62d14f82b80ef11197a490ace5d43bb3f3 + unpetrify-ref: v1.12.0 + build-depends: [] +- name: greenlet + ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 + unpetrify-ref: 0.4.5 + repo: upstream:python-packages/greenlet + build-depends: [] +- name: eventlet + ref: 8d2474197de4827a7bca9c33e71a82573b6fc721 + unpetrify-ref: v0.15.2 + repo: upstream:python-packages/eventlet + build-depends: + - greenlet +- name: netifaces + repo: upstream:python-packages/netifaces + ref: 885b200ba717df87f6e8044ec8c66c677c949bcb + unpetrify-ref: release_0_10_4 + build-depends: [] +- name: pastedeploy + repo: upstream:python-packages/pastedeploy + ref: 5ad87be617c2cc1dd31625688172e964db2756dc + unpetrify-ref: 1.5.2 + build-depends: [] +- name: xattr + morph: strata/swift/xattr.morph + repo: upstream:python-packages/xattr + ref: dd10d44e3eb9a1d2303c1f7d5126c099d56e97fc + unpetrify-ref: v0.7.6 + build-depends: [] +- name: swift + repo: upstream:openstack/swift + ref: 2e8261a4dc0d0af0c4a46478b81e167bcf02220b + unpetrify-ref: 2.2.0 + build-depends: + - dnspython + - eventlet + - greenlet + - netifaces + - pastedeploy + - xattr diff --git a/strata/swift/xattr.morph b/strata/swift/xattr.morph new file mode 100644 index 00000000..65f47dae --- /dev/null +++ b/strata/swift/xattr.morph @@ -0,0 +1,8 @@ +name: xattr +kind: chunk +configure-commands: +- cp -r /usr/lib/python2.7/site-packages/cffi . +build-commands: +- python setup.py build +install-commands: +- python setup.py install --prefix "$PREFIX" --root "$DESTDIR" diff --git a/systems/devel-system-armv7-chroot.morph b/systems/devel-system-armv7-chroot.morph index e32db851..2d4beba1 100644 --- a/systems/devel-system-armv7-chroot.morph +++ b/systems/devel-system-armv7-chroot.morph @@ -43,6 +43,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-highbank.morph b/systems/devel-system-armv7-highbank.morph index 9ae051d1..4c0e6f14 100644 --- a/systems/devel-system-armv7-highbank.morph +++ b/systems/devel-system-armv7-highbank.morph @@ -44,6 +44,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-versatile.morph b/systems/devel-system-armv7-versatile.morph index 12a2b2b6..160d3b9e 100644 --- a/systems/devel-system-armv7-versatile.morph +++ b/systems/devel-system-armv7-versatile.morph @@ -44,6 +44,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-wandboard.morph b/systems/devel-system-armv7-wandboard.morph index ec6fea5e..c953fe07 100644 --- a/systems/devel-system-armv7-wandboard.morph +++ b/systems/devel-system-armv7-wandboard.morph @@ -44,6 +44,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7b-chroot.morph b/systems/devel-system-armv7b-chroot.morph index 2023ac21..ce537d80 100644 --- a/systems/devel-system-armv7b-chroot.morph +++ b/systems/devel-system-armv7b-chroot.morph @@ -35,6 +35,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7b-highbank.morph b/systems/devel-system-armv7b-highbank.morph index 2c7f8ed2..0edbb7b9 100644 --- a/systems/devel-system-armv7b-highbank.morph +++ b/systems/devel-system-armv7b-highbank.morph @@ -40,6 +40,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-chroot.morph b/systems/devel-system-armv7lhf-chroot.morph index 1e2a8f8e..bc1dad16 100644 --- a/systems/devel-system-armv7lhf-chroot.morph +++ b/systems/devel-system-armv7lhf-chroot.morph @@ -43,6 +43,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-highbank.morph b/systems/devel-system-armv7lhf-highbank.morph index 3ef00c34..e1a83e07 100644 --- a/systems/devel-system-armv7lhf-highbank.morph +++ b/systems/devel-system-armv7lhf-highbank.morph @@ -47,6 +47,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-jetson.morph b/systems/devel-system-armv7lhf-jetson.morph index dfc28c45..af2cd784 100644 --- a/systems/devel-system-armv7lhf-jetson.morph +++ b/systems/devel-system-armv7lhf-jetson.morph @@ -47,6 +47,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-wandboard.morph b/systems/devel-system-armv7lhf-wandboard.morph index 631692e7..f803b3df 100644 --- a/systems/devel-system-armv7lhf-wandboard.morph +++ b/systems/devel-system-armv7lhf-wandboard.morph @@ -47,6 +47,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv8l64.morph b/systems/devel-system-armv8l64.morph index bad6d6a9..93ddb369 100644 --- a/systems/devel-system-armv8l64.morph +++ b/systems/devel-system-armv8l64.morph @@ -46,6 +46,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-ppc64-chroot.morph b/systems/devel-system-ppc64-chroot.morph index 1ec03145..540b4920 100644 --- a/systems/devel-system-ppc64-chroot.morph +++ b/systems/devel-system-ppc64-chroot.morph @@ -41,6 +41,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-ppc64-generic.morph b/systems/devel-system-ppc64-generic.morph index bfbf3fbb..e9bea7b1 100644 --- a/systems/devel-system-ppc64-generic.morph +++ b/systems/devel-system-ppc64-generic.morph @@ -44,6 +44,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_32-chroot.morph b/systems/devel-system-x86_32-chroot.morph index e83b1a55..59d67660 100644 --- a/systems/devel-system-x86_32-chroot.morph +++ b/systems/devel-system-x86_32-chroot.morph @@ -43,6 +43,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_32-generic.morph b/systems/devel-system-x86_32-generic.morph index c707125c..0acbb7a3 100644 --- a/systems/devel-system-x86_32-generic.morph +++ b/systems/devel-system-x86_32-generic.morph @@ -48,6 +48,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_64-chroot.morph b/systems/devel-system-x86_64-chroot.morph index 00e72c84..2c59c996 100644 --- a/systems/devel-system-x86_64-chroot.morph +++ b/systems/devel-system-x86_64-chroot.morph @@ -45,6 +45,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_64-generic.morph b/systems/devel-system-x86_64-generic.morph index e0bb1a21..a4431ac1 100644 --- a/systems/devel-system-x86_64-generic.morph +++ b/systems/devel-system-x86_64-generic.morph @@ -48,6 +48,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_64-vagrant.morph b/systems/devel-system-x86_64-vagrant.morph index fc40e1f5..0a734280 100644 --- a/systems/devel-system-x86_64-vagrant.morph +++ b/systems/devel-system-x86_64-vagrant.morph @@ -46,6 +46,8 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From 82c7f2a156a43b4cfc34b2cac8c2267961a82749 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Thu, 19 Mar 2015 16:35:01 +0000 Subject: glibc.morph: Make the code faster supporting only > 3.0 kernels This should be safe as we only build 3.19 in our systems (3.18 in the case of the jetson) For reference: http://www.gnu.org/software/libc/manual/html_node/Configuring-and-compiling.html Change-Id: I40df10570e3d2602c6f1b223ebb71753c6f86f8e --- strata/build-essential/glibc.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/build-essential/glibc.morph b/strata/build-essential/glibc.morph index e6f87fde..5e5614e7 100644 --- a/strata/build-essential/glibc.morph +++ b/strata/build-essential/glibc.morph @@ -56,7 +56,7 @@ configure-commands: $ARCH_FLAGS \ --prefix="$PREFIX" \ --disable-profile \ - --enable-kernel=2.6.25 \ + --enable-kernel=3.0.0 \ --without-cvs \ --without-selinux \ --enable-obsolete-rpc -- cgit v1.2.1 From 3075e14d544fc14593c9ead8d1e9d44234135076 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Thu, 19 Mar 2015 16:50:12 +0000 Subject: Upgrade to latest linux kernel (3.19.2) Change-Id: I850fe29ca99dd5223e39062f3b654536e69d3dda --- strata/bsp-armv7-highbank.morph | 6 +++--- strata/bsp-armv7-versatile.morph | 6 +++--- strata/bsp-armv7b-highbank.morph | 6 +++--- strata/bsp-armv7b-vexpress-tc2.morph | 6 +++--- strata/bsp-ppc64-generic.morph | 6 +++--- strata/bsp-wandboard.morph | 6 +++--- strata/bsp-x86_32-generic.morph | 6 +++--- strata/bsp-x86_64-generic.morph | 6 +++--- strata/build-essential.morph | 12 ++++++------ 9 files changed, 30 insertions(+), 30 deletions(-) diff --git a/strata/bsp-armv7-highbank.morph b/strata/bsp-armv7-highbank.morph index 2cf541a7..e81bac28 100644 --- a/strata/bsp-armv7-highbank.morph +++ b/strata/bsp-armv7-highbank.morph @@ -6,6 +6,6 @@ build-depends: chunks: - name: linux-armv7-highbank morph: strata/bsp-armv7-highbank/linux-armv7-highbank.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 diff --git a/strata/bsp-armv7-versatile.morph b/strata/bsp-armv7-versatile.morph index f8d19b9b..470f6c56 100644 --- a/strata/bsp-armv7-versatile.morph +++ b/strata/bsp-armv7-versatile.morph @@ -7,6 +7,6 @@ build-depends: chunks: - name: linux-armv7-versatile morph: strata/bsp-armv7-versatile/linux-armv7-versatile.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 diff --git a/strata/bsp-armv7b-highbank.morph b/strata/bsp-armv7b-highbank.morph index 7b0f0fa0..3f75525d 100644 --- a/strata/bsp-armv7b-highbank.morph +++ b/strata/bsp-armv7b-highbank.morph @@ -6,6 +6,6 @@ build-depends: chunks: - name: linux-armv7b-highbank morph: strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 diff --git a/strata/bsp-armv7b-vexpress-tc2.morph b/strata/bsp-armv7b-vexpress-tc2.morph index 616d564f..ea67c386 100644 --- a/strata/bsp-armv7b-vexpress-tc2.morph +++ b/strata/bsp-armv7b-vexpress-tc2.morph @@ -6,6 +6,6 @@ build-depends: chunks: - name: linux-armv7b-vexpress-tc2 morph: strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 diff --git a/strata/bsp-ppc64-generic.morph b/strata/bsp-ppc64-generic.morph index 58038d60..82395569 100644 --- a/strata/bsp-ppc64-generic.morph +++ b/strata/bsp-ppc64-generic.morph @@ -6,6 +6,6 @@ build-depends: chunks: - name: linux-ppc64 morph: strata/bsp-ppc64-generic/linux-ppc64.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 diff --git a/strata/bsp-wandboard.morph b/strata/bsp-wandboard.morph index 2ab095df..ba704b1b 100644 --- a/strata/bsp-wandboard.morph +++ b/strata/bsp-wandboard.morph @@ -11,8 +11,8 @@ chunks: unpetrify-ref: baserock/morph - name: linux-armv7-wandboard morph: strata/bsp-wandboard/linux-armv7-wandboard.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 build-depends: - u-boot@wandboard diff --git a/strata/bsp-x86_32-generic.morph b/strata/bsp-x86_32-generic.morph index 10c4dbe5..ae7d14cc 100644 --- a/strata/bsp-x86_32-generic.morph +++ b/strata/bsp-x86_32-generic.morph @@ -7,9 +7,9 @@ build-depends: chunks: - name: linux-x86-32-generic morph: strata/bsp-x86_32-generic/linux-x86-32-generic.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 - name: nasm morph: strata/bsp-x86_32-generic/nasm.morph repo: upstream:nasm diff --git a/strata/bsp-x86_64-generic.morph b/strata/bsp-x86_64-generic.morph index 749e3722..81223633 100644 --- a/strata/bsp-x86_64-generic.morph +++ b/strata/bsp-x86_64-generic.morph @@ -7,9 +7,9 @@ build-depends: chunks: - name: linux-x86-64-generic morph: strata/bsp-x86_64-generic/linux-x86-64-generic.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 - name: nasm morph: strata/bsp-x86_64-generic/nasm.morph repo: upstream:nasm diff --git a/strata/build-essential.morph b/strata/build-essential.morph index 7eec73db..c41034bc 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -68,9 +68,9 @@ chunks: - name: stage2-linux-api-headers morph: strata/build-essential/stage2-linux-api-headers.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 build-depends: - stage1-binutils - stage1-gcc @@ -229,9 +229,9 @@ chunks: - name: linux-api-headers morph: strata/build-essential/linux-api-headers.morph - repo: upstream:linux - ref: bfa76d49576599a4b9f9b7a71f23d73d6dcff735 - unpetrify-ref: v3.19 + repo: upstream:linux-stable + ref: 660613d1a4e94144490850b6c3d350331860fac4 + unpetrify-ref: v3.19.2 build-depends: - stage2-binutils - stage2-busybox -- cgit v1.2.1 From 3388b2e893e9c8f4d4ceec5703eca22a2e0f7643 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Fri, 6 Mar 2015 16:38:59 +0000 Subject: Build armv8l64 kernel with IPv6 support Change-Id: I536848f5e5ee37da1288bde5e19dba64a70858c3 --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 1 + 1 file changed, 1 insertion(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 4f845a6e..a7f9691b 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -71,6 +71,7 @@ configure-commands: - scripts/config -e HOTPLUG_PCI_ACPI - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e IPV6 # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 15708549ae011f204089150864766b734aa62cac Mon Sep 17 00:00:00 2001 From: Michael Drake Date: Thu, 26 Mar 2015 15:08:30 +0000 Subject: Fix and update nano. Nano was broken; its binary not ending up in the systems. Here we fix that, update to 2.4.0 (which has full undo/redo functionality), and provide useful default config (enabling syntax highlighting, etc). Nano has also been moved from core to devtools. This stops morph from wanting to rebuild the world when you update Nano. Change-Id: I702b070cde6731fde04fc8a0810e2191e0bd4e6d --- strata/core.morph | 9 --------- strata/core/nano.morph | 4 ---- strata/devtools.morph | 5 +++++ strata/devtools/nano.morph | 16 ++++++++++++++++ 4 files changed, 21 insertions(+), 13 deletions(-) delete mode 100644 strata/core/nano.morph create mode 100644 strata/devtools/nano.morph diff --git a/strata/core.morph b/strata/core.morph index cae24f3f..d36f9a1c 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -240,15 +240,6 @@ chunks: - git - libtool-tarball - pkg-config -- name: nano - morph: strata/core/nano.morph - repo: upstream:nano-tarball - ref: 8b74abeb02c01ddc768c465a826360cf33cec063 - unpetrify-ref: baserock/morph - build-depends: - - ncurses - - automake - - gettext-tarball - name: bc repo: upstream:bc-tarball ref: 0956d119432ff6a2e85bae1fa336df799cad70b0 diff --git a/strata/core/nano.morph b/strata/core/nano.morph deleted file mode 100644 index 6a55dc2d..00000000 --- a/strata/core/nano.morph +++ /dev/null @@ -1,4 +0,0 @@ -name: nano -kind: chunk -pre-configure-commands: -- autoreconf -ivf diff --git a/strata/devtools.morph b/strata/devtools.morph index ed8bb852..5fb93c1d 100644 --- a/strata/devtools.morph +++ b/strata/devtools.morph @@ -9,6 +9,11 @@ build-depends: - morph: strata/core.morph - morph: strata/python-core.morph chunks: +- name: nano + morph: strata/devtools/nano.morph + repo: upstream:nano-tarball + ref: fb040ea36cb8e2158ccd9100600652f94ae90af1 + unpetrify-ref: baserock/morph - name: vim morph: strata/devtools/vim.morph repo: upstream:vim diff --git a/strata/devtools/nano.morph b/strata/devtools/nano.morph new file mode 100644 index 00000000..3eeee120 --- /dev/null +++ b/strata/devtools/nano.morph @@ -0,0 +1,16 @@ +name: nano +kind: chunk +build-system: autotools +configure-commands: +- ./configure --prefix="$PREFIX" --sysconfdir=/etc +post-install-commands: +- | + cat <> nanorc + set smooth + include /usr/share/nano/c.nanorc + include /usr/share/nano/patch.nanorc + include /usr/share/nano/python.nanorc + include /usr/share/nano/sh.nanorc + EOF +- mkdir -p "$DESTDIR"/etc +- install -m 644 nanorc "$DESTDIR"/etc/nanorc -- cgit v1.2.1 From 4c76bf1d6ed7c7a464de475825b142d89012b3d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 31 Mar 2015 15:42:32 +0100 Subject: Remove unneded "build-depends: []" Change-Id: I4c4e7d3d5a9a090c2c4570e8bdd323574e398952 --- strata/python-tools.morph | 3 --- strata/swift.morph | 5 ----- 2 files changed, 8 deletions(-) diff --git a/strata/python-tools.morph b/strata/python-tools.morph index 0bba0502..e84a0691 100644 --- a/strata/python-tools.morph +++ b/strata/python-tools.morph @@ -15,14 +15,11 @@ chunks: repo: upstream:python-packages/astroid ref: 194dc114a33b80b4bfbbeb73f36712848f696025 unpetrify-ref: astroid-1.3.5 - build-depends: [] - name: logilab-common repo: upstream:python-packages/logilab-common ref: d1d8f793af6d015d885b9ea67b5741d5a093e2f4 unpetrify-ref: logilab-common-version-0.62.0 - build-depends: [] - name: pylint repo: upstream:python-packages/pylint ref: ba998d7a4e5fce0ea3a3e701ff446bbe4ca406b5 unpetrify-ref: pylint-1.4.2 - build-depends: [] diff --git a/strata/swift.morph b/strata/swift.morph index bf0aea19..641485b3 100644 --- a/strata/swift.morph +++ b/strata/swift.morph @@ -8,12 +8,10 @@ chunks: repo: upstream:python-packages/dnspython ref: e1369c62d14f82b80ef11197a490ace5d43bb3f3 unpetrify-ref: v1.12.0 - build-depends: [] - name: greenlet ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 unpetrify-ref: 0.4.5 repo: upstream:python-packages/greenlet - build-depends: [] - name: eventlet ref: 8d2474197de4827a7bca9c33e71a82573b6fc721 unpetrify-ref: v0.15.2 @@ -24,18 +22,15 @@ chunks: repo: upstream:python-packages/netifaces ref: 885b200ba717df87f6e8044ec8c66c677c949bcb unpetrify-ref: release_0_10_4 - build-depends: [] - name: pastedeploy repo: upstream:python-packages/pastedeploy ref: 5ad87be617c2cc1dd31625688172e964db2756dc unpetrify-ref: 1.5.2 - build-depends: [] - name: xattr morph: strata/swift/xattr.morph repo: upstream:python-packages/xattr ref: dd10d44e3eb9a1d2303c1f7d5126c099d56e97fc unpetrify-ref: v0.7.6 - build-depends: [] - name: swift repo: upstream:openstack/swift ref: 2e8261a4dc0d0af0c4a46478b81e167bcf02220b -- cgit v1.2.1 From 4b86588589b909bb6ea4bdfe275b8a34ae7ae74d Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 31 Mar 2015 13:58:41 +0000 Subject: Don't install systemd units as executable systemd warns about executable unit files. E.G. "Configuration file /usr/lib/systemd/system/rsync.service is marked executable. Please remove executable permission bits. Proceeding anyway." Change-Id: I47721d7a78d6bbe87ebc171ff9b35db293d37e23 --- distbuild/manifest | 14 +++++++------- strata/bsp-jetson/bsp-support.morph | 2 +- strata/ceph-service/ceph.morph | 8 ++++---- strata/databases/memcached.morph | 2 +- strata/foundation/rsync.morph | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/distbuild/manifest b/distbuild/manifest index 35047028..9363fa85 100644 --- a/distbuild/manifest +++ b/distbuild/manifest @@ -10,14 +10,14 @@ 0100644 0 0 /usr/lib/distbuild-setup/ansible/distbuild-setup.yml 0040755 0 0 /usr/lib/systemd 0040755 0 0 /usr/lib/systemd/system -0100755 0 0 /usr/lib/systemd/system/morph-cache-server.service -0100755 0 0 /usr/lib/systemd/system/morph-controller.service -0100755 0 0 /usr/lib/systemd/system/morph-controller-helper.service -0100755 0 0 /usr/lib/systemd/system/morph-worker.service -0100755 0 0 /usr/lib/systemd/system/morph-worker-helper.service -0100755 0 0 /usr/lib/systemd/system/distbuild-setup.service +0100644 0 0 /usr/lib/systemd/system/morph-cache-server.service +0100644 0 0 /usr/lib/systemd/system/morph-controller.service +0100644 0 0 /usr/lib/systemd/system/morph-controller-helper.service +0100644 0 0 /usr/lib/systemd/system/morph-worker.service +0100644 0 0 /usr/lib/systemd/system/morph-worker-helper.service +0100644 0 0 /usr/lib/systemd/system/distbuild-setup.service 0040755 0 0 /usr/lib/systemd/system/multi-user.target.wants -0120755 0 0 /usr/lib/systemd/system/multi-user.target.wants/distbuild-setup.service +0120644 0 0 /usr/lib/systemd/system/multi-user.target.wants/distbuild-setup.service 0040755 0 0 /usr/share 0040755 0 0 /usr/share/distbuild-setup 0100644 0 0 /usr/share/distbuild-setup/morph.conf diff --git a/strata/bsp-jetson/bsp-support.morph b/strata/bsp-jetson/bsp-support.morph index 23524ac7..5adb02e4 100644 --- a/strata/bsp-jetson/bsp-support.morph +++ b/strata/bsp-jetson/bsp-support.morph @@ -1,6 +1,6 @@ name: bsp-support kind: chunk install-commands: -- install -o 0 -g 0 -m 755 -D nv-ondemand-cpufreq-governor.service "$DESTDIR/usr/lib/systemd/system/nv-ondemand-cpufreq-governor.service" +- install -o 0 -g 0 -m 644 -D nv-ondemand-cpufreq-governor.service "$DESTDIR/usr/lib/systemd/system/nv-ondemand-cpufreq-governor.service" - install -d "$DESTDIR/usr/lib/systemd/system/sysinit.target.wants" - ln -s /usr/lib/systemd/system/nv-ondemand-cpufreq-governor.service "$DESTDIR/usr/lib/systemd/system/sysinit.target.wants/nv-ondemand-cpufreq-governor.service" diff --git a/strata/ceph-service/ceph.morph b/strata/ceph-service/ceph.morph index 9bb038d1..a6b06759 100644 --- a/strata/ceph-service/ceph.morph +++ b/strata/ceph-service/ceph.morph @@ -10,10 +10,10 @@ install-commands: - make install - install -D -m 755 src/init-ceph.in "$DESTDIR"/etc/init.d/ceph-SysV - install -D -m 755 systemd/ceph "$DESTDIR"/etc/systemd/system/ceph -- install -D -m 755 systemd/ceph-mon@.service "$DESTDIR"/etc/systemd/system/ceph-mon@.service -- install -D -m 755 systemd/ceph-osd@.service "$DESTDIR"/etc/systemd/system/ceph-osd@.service -- install -D -m 755 systemd/ceph-mds@.service "$DESTDIR"/etc/systemd/system/ceph-mds@.service -- install -D -m 755 systemd/ceph.target "$DESTDIR"/etc/systemd/system/ceph.target +- install -D -m 644 systemd/ceph-mon@.service "$DESTDIR"/etc/systemd/system/ceph-mon@.service +- install -D -m 644 systemd/ceph-osd@.service "$DESTDIR"/etc/systemd/system/ceph-osd@.service +- install -D -m 644 systemd/ceph-mds@.service "$DESTDIR"/etc/systemd/system/ceph-mds@.service +- install -D -m 644 systemd/ceph.target "$DESTDIR"/etc/systemd/system/ceph.target - install -d "$DESTDIR"/etc/ceph - install -D -d "$DESTDIR"/var/lib/ceph - install -d "$DESTDIR"/var/lib/ceph/mon diff --git a/strata/databases/memcached.morph b/strata/databases/memcached.morph index f1cb287e..e81a8be1 100644 --- a/strata/databases/memcached.morph +++ b/strata/databases/memcached.morph @@ -8,7 +8,7 @@ configure-commands: - ./configure --prefix="$PREFIX" install-commands: - make install -- install -D -m 755 scripts/memcached.service "$DESTDIR$PREFIX"/lib/systemd/system/memcached.service +- install -D -m 644 scripts/memcached.service "$DESTDIR$PREFIX"/lib/systemd/system/memcached.service post-install-commands: - mkdir -p "$DESTDIR"/etc/sysconfig - | diff --git a/strata/foundation/rsync.morph b/strata/foundation/rsync.morph index fb10f94e..54337412 100644 --- a/strata/foundation/rsync.morph +++ b/strata/foundation/rsync.morph @@ -6,4 +6,4 @@ build-commands: - make install-commands: - make install -- install -D -m 755 packaging/systemd/rsync.service "$DESTDIR$PREFIX"/lib/systemd/system/rsync.service +- install -D -m 644 packaging/systemd/rsync.service "$DESTDIR$PREFIX"/lib/systemd/system/rsync.service -- cgit v1.2.1 From e8db8df9d8af02dab53914b365363e07efc38fee Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 31 Mar 2015 18:20:22 +0000 Subject: Update initramfs and installer to support installers better Change-Id: I3cf57335904b57e081ed1ef52929d72965746dcd --- strata/initramfs-utils.morph | 2 +- strata/installer-utils.morph | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/initramfs-utils.morph b/strata/initramfs-utils.morph index 35bc78cd..6df77c96 100644 --- a/strata/initramfs-utils.morph +++ b/strata/initramfs-utils.morph @@ -7,5 +7,5 @@ chunks: - name: initramfs-scripts morph: strata/initramfs-utils/initramfs-scripts.morph repo: baserock:baserock/initramfs-scripts - ref: a97dea93d28ba272613029e46a8a0b1f699729d8 + ref: 062c5d3aece2e308aa7fc03acab1b3b6dd4270b2 unpetrify-ref: master diff --git a/strata/installer-utils.morph b/strata/installer-utils.morph index fe6c65fe..ddc714b6 100644 --- a/strata/installer-utils.morph +++ b/strata/installer-utils.morph @@ -7,5 +7,5 @@ chunks: - name: installer-scripts morph: strata/installer-utils/installer-scripts.morph repo: baserock:baserock/installer-scripts - ref: master + ref: a1629ded9eb499b55b547cd8caa0ade8233b32f4 unpetrify-ref: master -- cgit v1.2.1 From 7e11a6928946b4b105db4b0ce8ea400df82f8f1b Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 31 Mar 2015 18:23:30 +0000 Subject: Add initramfs to outer installer for build-system It needs an initramfs to support UUID, without which you can't reliably determine which device should be used as the rootfs. Change-Id: If5f62428a299c1e06f55e15d0a0d8e3329362ab8 --- clusters/installer-build-system-x86_64.morph | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/clusters/installer-build-system-x86_64.morph b/clusters/installer-build-system-x86_64.morph index b31caced..a9ebcaca 100644 --- a/clusters/installer-build-system-x86_64.morph +++ b/clusters/installer-build-system-x86_64.morph @@ -31,7 +31,13 @@ systems: HOSTNAME: installer-x86_64 INSTALLER_TARGET_STORAGE_DEVICE: /dev/sda INSTALLER_ROOTFS_TO_INSTALL: /rootfs + INITRAMFS_PATH: boot/initramfs.gz subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + installer-initramfs: + type: initramfs + location: boot/initramfs.gz - morph: systems/build-system-x86_64.morph deploy: to-install: @@ -41,6 +47,6 @@ systems: subsystems: - morph: systems/initramfs-x86_64.morph deploy: - initramfs: + to-install-initramfs: type: initramfs location: boot/initramfs.gz -- cgit v1.2.1 From aae104b29605f4b19a04869da228313b51d92742 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 31 Mar 2015 14:20:16 +0000 Subject: Fix procps-ng chunk installing files into / Currently this chunk is creating /include/ and /share/ directories, but these should be in /usr. We do still need to install the binaries in /bin to override the Busybox versions. Change-Id: Idaf0b59a42e186b4efb5396e49ee5a14d3bf02e2 --- strata/tools.morph | 2 +- strata/tools/procps-ng.morph | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 strata/tools/procps-ng.morph diff --git a/strata/tools.morph b/strata/tools.morph index a3e7740b..5b3288ec 100644 --- a/strata/tools.morph +++ b/strata/tools.morph @@ -62,10 +62,10 @@ chunks: ref: a4769dc7999b53260325fb89945bef85714fb338 unpetrify-ref: baserock/morph - name: procps-ng + morph: strata/tools/procps-ng.morph repo: upstream:procps-ng ref: 85fff468fa263cdd2ff1c0144579527c32333695 unpetrify-ref: v3.3.9 - prefix: / - name: ipmitool morph: strata/tools/ipmitool.morph repo: upstream:ipmitool diff --git a/strata/tools/procps-ng.morph b/strata/tools/procps-ng.morph new file mode 100644 index 00000000..69df3d4a --- /dev/null +++ b/strata/tools/procps-ng.morph @@ -0,0 +1,27 @@ +name: procps-ng +kind: chunk + +description: | + Process management tools. + + procps-ng is a fork of the original procps project. + +build-system: autotools + +configure-commands: + - NOCONFIGURE=1 ./autogen.sh + # Setting exec-prefix to /usr causes a bunch of stuff to go in /usr/usr/bin + # Setting prefix to / causes files to go in /include and /share + # So don't do either of those things! + - ./configure --prefix="$PREFIX" --exec-prefix=/ + +post-install-commands: +# We need to link the binaries into /bin so that they override the Busybox +# versions of these tools. This will not be necessary once /bin is merged +# into /usr/bin. It's not possible to get the Makefile to install the binaries +# in /bin -- a bunch of them are hardcoded to live in ${exec_prefix}/usr/bin. + - | + usr_binaries="free pidof pmap slabtop top vmstat watch pgrep pkill pwdx tload uptime w" + for file in $usr_binaries; do + ln -sf "$PREFIX"/bin/$file "$DESTDIR"/bin/$file + done -- cgit v1.2.1 From 8519aad9c4b56c9ea90df7e2d9caf1eec1ec97a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 30 Mar 2015 16:22:23 +0100 Subject: strata/qt5-tools-qtwebkit.morph: Track current stable 5.4 branch This includes a commit to fx the build against latest GLib See https://bugreports.qt.io/browse/QTBUG-44714 Change-Id: I9a0ef3b9e753b7f010a61d202ae92e00ebb51554 --- strata/qt5-tools-qtwebkit.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/qt5-tools-qtwebkit.morph b/strata/qt5-tools-qtwebkit.morph index 89039789..9511281d 100644 --- a/strata/qt5-tools-qtwebkit.morph +++ b/strata/qt5-tools-qtwebkit.morph @@ -9,8 +9,8 @@ chunks: - name: qtwebkit morph: strata/qt5-tools/qtwebkit.morph repo: upstream:qt5/qtwebkit - ref: 5d43584babfb43b99159f702160d010778d2190a - unpetrify-ref: v5.4.0 + ref: f9966f351678351ee6b971d7b6b25a4987407e46 + unpetrify-ref: "5.4" - name: qtwebkit-examples morph: strata/qt5-tools/qtwebkit-examples.morph repo: upstream:qt5/qtwebkit-examples -- cgit v1.2.1 From a459c78d170f5c8bc469229425e036f4c3302e95 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Wed, 1 Apr 2015 15:57:22 +0100 Subject: Add fstab conf ext to devel system Change-Id: I3cf41ebb6aac5e91e433ae3127f7b1b599cf0e8c --- systems/devel-system-armv7-chroot.morph | 1 + systems/devel-system-armv7-highbank.morph | 1 + systems/devel-system-armv7-versatile.morph | 1 + systems/devel-system-armv7-wandboard.morph | 1 + systems/devel-system-armv7b-chroot.morph | 1 + systems/devel-system-armv7b-highbank.morph | 1 + systems/devel-system-armv7lhf-chroot.morph | 1 + systems/devel-system-armv7lhf-highbank.morph | 1 + systems/devel-system-armv7lhf-jetson.morph | 1 + systems/devel-system-armv7lhf-wandboard.morph | 1 + systems/devel-system-armv8l64.morph | 1 + systems/devel-system-ppc64-chroot.morph | 1 + systems/devel-system-ppc64-generic.morph | 1 + systems/devel-system-x86_32-chroot.morph | 1 + systems/devel-system-x86_32-generic.morph | 1 + systems/devel-system-x86_64-chroot.morph | 1 + systems/devel-system-x86_64-generic.morph | 1 + systems/devel-system-x86_64-vagrant.morph | 1 + 18 files changed, 18 insertions(+) diff --git a/systems/devel-system-armv7-chroot.morph b/systems/devel-system-armv7-chroot.morph index 2d4beba1..18f82d3b 100644 --- a/systems/devel-system-armv7-chroot.morph +++ b/systems/devel-system-armv7-chroot.morph @@ -50,3 +50,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7-highbank.morph b/systems/devel-system-armv7-highbank.morph index 4c0e6f14..40303dce 100644 --- a/systems/devel-system-armv7-highbank.morph +++ b/systems/devel-system-armv7-highbank.morph @@ -51,3 +51,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7-versatile.morph b/systems/devel-system-armv7-versatile.morph index 160d3b9e..8f689705 100644 --- a/systems/devel-system-armv7-versatile.morph +++ b/systems/devel-system-armv7-versatile.morph @@ -51,3 +51,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7-wandboard.morph b/systems/devel-system-armv7-wandboard.morph index c953fe07..f139ebc4 100644 --- a/systems/devel-system-armv7-wandboard.morph +++ b/systems/devel-system-armv7-wandboard.morph @@ -51,3 +51,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7b-chroot.morph b/systems/devel-system-armv7b-chroot.morph index ce537d80..5ce8c9c7 100644 --- a/systems/devel-system-armv7b-chroot.morph +++ b/systems/devel-system-armv7b-chroot.morph @@ -42,3 +42,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7b-highbank.morph b/systems/devel-system-armv7b-highbank.morph index 0edbb7b9..51de3509 100644 --- a/systems/devel-system-armv7b-highbank.morph +++ b/systems/devel-system-armv7b-highbank.morph @@ -47,3 +47,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7lhf-chroot.morph b/systems/devel-system-armv7lhf-chroot.morph index bc1dad16..e6db8b26 100644 --- a/systems/devel-system-armv7lhf-chroot.morph +++ b/systems/devel-system-armv7lhf-chroot.morph @@ -50,3 +50,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7lhf-highbank.morph b/systems/devel-system-armv7lhf-highbank.morph index e1a83e07..03ad8fd0 100644 --- a/systems/devel-system-armv7lhf-highbank.morph +++ b/systems/devel-system-armv7lhf-highbank.morph @@ -54,3 +54,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7lhf-jetson.morph b/systems/devel-system-armv7lhf-jetson.morph index af2cd784..a07a66d2 100644 --- a/systems/devel-system-armv7lhf-jetson.morph +++ b/systems/devel-system-armv7lhf-jetson.morph @@ -54,3 +54,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv7lhf-wandboard.morph b/systems/devel-system-armv7lhf-wandboard.morph index f803b3df..b2191c8c 100644 --- a/systems/devel-system-armv7lhf-wandboard.morph +++ b/systems/devel-system-armv7lhf-wandboard.morph @@ -54,3 +54,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-armv8l64.morph b/systems/devel-system-armv8l64.morph index 93ddb369..64df4716 100644 --- a/systems/devel-system-armv8l64.morph +++ b/systems/devel-system-armv8l64.morph @@ -56,3 +56,4 @@ configuration-extensions: - install-files - cloud-init - moonshot-kernel +- fstab diff --git a/systems/devel-system-ppc64-chroot.morph b/systems/devel-system-ppc64-chroot.morph index 540b4920..0c4f3b46 100644 --- a/systems/devel-system-ppc64-chroot.morph +++ b/systems/devel-system-ppc64-chroot.morph @@ -48,3 +48,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-ppc64-generic.morph b/systems/devel-system-ppc64-generic.morph index e9bea7b1..6ad076ea 100644 --- a/systems/devel-system-ppc64-generic.morph +++ b/systems/devel-system-ppc64-generic.morph @@ -51,3 +51,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-x86_32-chroot.morph b/systems/devel-system-x86_32-chroot.morph index 59d67660..5e2e11bf 100644 --- a/systems/devel-system-x86_32-chroot.morph +++ b/systems/devel-system-x86_32-chroot.morph @@ -50,3 +50,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-x86_32-generic.morph b/systems/devel-system-x86_32-generic.morph index 0acbb7a3..2a6f8178 100644 --- a/systems/devel-system-x86_32-generic.morph +++ b/systems/devel-system-x86_32-generic.morph @@ -56,3 +56,4 @@ configuration-extensions: - nfsboot - install-files - cloud-init +- fstab diff --git a/systems/devel-system-x86_64-chroot.morph b/systems/devel-system-x86_64-chroot.morph index 2c59c996..e679cca3 100644 --- a/systems/devel-system-x86_64-chroot.morph +++ b/systems/devel-system-x86_64-chroot.morph @@ -52,3 +52,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- fstab diff --git a/systems/devel-system-x86_64-generic.morph b/systems/devel-system-x86_64-generic.morph index a4431ac1..82fc0cae 100644 --- a/systems/devel-system-x86_64-generic.morph +++ b/systems/devel-system-x86_64-generic.morph @@ -57,3 +57,4 @@ configuration-extensions: - nfsboot - install-files - cloud-init +- fstab diff --git a/systems/devel-system-x86_64-vagrant.morph b/systems/devel-system-x86_64-vagrant.morph index 0a734280..647e627c 100644 --- a/systems/devel-system-x86_64-vagrant.morph +++ b/systems/devel-system-x86_64-vagrant.morph @@ -54,3 +54,4 @@ configuration-extensions: - nfsboot - install-files - vagrant +- fstab -- cgit v1.2.1 From 6ef77141de32c51530404b0106dda055af137e14 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Thu, 2 Apr 2015 09:10:46 +0000 Subject: Configure localstatedir and sysconfdir in Openvswitch Change-Id: Idca5a082d084b64db0bb107d16997b6df8df3567 --- strata/virtualization/openvswitch.morph | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/strata/virtualization/openvswitch.morph b/strata/virtualization/openvswitch.morph index 1b5cdd86..06480827 100644 --- a/strata/virtualization/openvswitch.morph +++ b/strata/virtualization/openvswitch.morph @@ -1,11 +1,11 @@ name: openvswitch kind: chunk -build-system: manual +build-system: autotools pre-configure-commands: - ./boot.sh configure-commands: -- ./configure --enable-ssl -build-commands: -- make -install-commands: -- make install DESTDIR="$DESTDIR" prefix="$PREFIX" +- | + ./configure --prefix="$PREFIX" \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --enable-ssl -- cgit v1.2.1 From 068b1b2d268faa963e851696bafde5abc653a2d2 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 13:39:46 +0000 Subject: Rename NAT kernel configuration item CONFIG_NF_NAT_IPV4 is known as CONFIG_IP_NF_NAT in 3.17 kernels onwards. Change-Id: I4c41eb01c62de37f0c16aedaec01d404de50a2e1 --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 2 +- strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 2 +- strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index a7f9691b..33b6a7bf 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -64,7 +64,7 @@ configure-commands: - scripts/config -e BRIDGE - scripts/config -e VHOST_NET - scripts/config -e NF_NAT -- scripts/config -e NF_NAT_IPV4 +- scripts/config -e IP_NF_NAT - scripts/config -e IP_NF_TARGET_MASQUERADE - scripts/config -e FB_VESA - scripts/config -e HOTPLUG_PCI diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 4ff10015..769cad6e 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -74,7 +74,7 @@ configure-commands: - scripts/config -e BRIDGE - scripts/config -e VHOST_NET - scripts/config -e NF_NAT -- scripts/config -e NF_NAT_IPV4 +- scripts/config -e IP_NF_NAT - scripts/config -e IP_NF_TARGET_MASQUERADE - scripts/config -e FB_VESA - scripts/config -e HOTPLUG_PCI diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 377536c1..cc007133 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -74,7 +74,7 @@ configure-commands: - scripts/config -e BRIDGE - scripts/config -e VHOST_NET - scripts/config -e NF_NAT -- scripts/config -e NF_NAT_IPV4 +- scripts/config -e IP_NF_NAT - scripts/config -e IP_NF_TARGET_MASQUERADE - scripts/config -e FB_VESA - scripts/config -e HOTPLUG_PCI -- cgit v1.2.1 From eb1f469cd1ddaab243c189f3b89493592f2a87b7 Mon Sep 17 00:00:00 2001 From: Patrick Darley Date: Wed, 25 Feb 2015 12:44:33 +0000 Subject: Enable xfs support in kernels Change-Id: Icc538974fcbf565ad70454a19281802b232d6c08 --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 2 ++ strata/bsp-jetson/linux-jetson-tk1.morph | 2 ++ strata/bsp-ppc64-generic/linux-ppc64.morph | 2 ++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 2 ++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 2 ++ 5 files changed, 10 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 33b6a7bf..f5cb790a 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -30,6 +30,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e XFS_FS +- scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index f4df4b81..a3161515 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -33,6 +33,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e XFS_FS +- scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 24ce8fe5..a9b9208a 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -31,6 +31,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e XFS_FS +- scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 769cad6e..67767c47 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -40,6 +40,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e XFS_FS +- scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index cc007133..e1a8ce5c 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -40,6 +40,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e XFS_FS +- scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP -- cgit v1.2.1 From 85a4cd8cad508a725b916c539bfff25e7d271954 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:09:21 +0000 Subject: Enable Network Block Device support in kernels Change-Id: I066f7dcf30452945d973fa8eedb3393975badd1f --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 1 + strata/bsp-jetson/linux-jetson-tk1.morph | 1 + strata/bsp-ppc64-generic/linux-ppc64.morph | 1 + strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 1 + strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 1 + 5 files changed, 5 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index f5cb790a..d630cff4 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -74,6 +74,7 @@ configure-commands: - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e IPV6 +- scripts/config -e BLK_DEV_NBD # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index a3161515..a88c9698 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -51,6 +51,7 @@ configure-commands: - scripts/config -m DRM_NOUVEAU - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e BLK_DEV_NBD - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index a9b9208a..4e6cf473 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -51,6 +51,7 @@ configure-commands: - scripts/config -e ROOT_NFS - scripts/config -e PCI - scripts/config -e TIGON3 +- scripts/config -e BLK_DEV_NBD - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 67767c47..ab1eaa0c 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -83,6 +83,7 @@ configure-commands: - scripts/config -e HOTPLUG_PCI_ACPI - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e BLK_DEV_NBD - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index e1a8ce5c..f6267b0b 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -83,6 +83,7 @@ configure-commands: - scripts/config -e HOTPLUG_PCI_ACPI - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e BLK_DEV_NBD - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From c0815dcce13b32390a7b63ad32010c1b76d59c1f Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:12:49 +0000 Subject: Enable ebtables in kernels These modules are needed for ebtables and netfilter. Change-Id: I36c0fc69c3167de556fd2d0242c4aada1441c55c --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 4 ++++ strata/bsp-jetson/linux-jetson-tk1.morph | 4 ++++ strata/bsp-ppc64-generic/linux-ppc64.morph | 4 ++++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 4 ++++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 4 ++++ 5 files changed, 20 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index d630cff4..f57b3341 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -75,6 +75,10 @@ configure-commands: - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e IPV6 - scripts/config -e BLK_DEV_NBD +- scripts/config -e BRIDGE_NF_EBTABLES +- scripts/config -e NETFILTER +- scripts/config -e NETFILTER_ADVANCED +- scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index a88c9698..e461108c 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -52,6 +52,10 @@ configure-commands: - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e BLK_DEV_NBD +- scripts/config -e BRIDGE_NF_EBTABLES +- scripts/config -e NETFILTER +- scripts/config -e NETFILTER_ADVANCED +- scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 4e6cf473..e01d6fdd 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -52,6 +52,10 @@ configure-commands: - scripts/config -e PCI - scripts/config -e TIGON3 - scripts/config -e BLK_DEV_NBD +- scripts/config -e BRIDGE_NF_EBTABLES +- scripts/config -e NETFILTER +- scripts/config -e NETFILTER_ADVANCED +- scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index ab1eaa0c..29ed8bf9 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -84,6 +84,10 @@ configure-commands: - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e BLK_DEV_NBD +- scripts/config -e BRIDGE_NF_EBTABLES +- scripts/config -e NETFILTER +- scripts/config -e NETFILTER_ADVANCED +- scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index f6267b0b..76e106a7 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -84,6 +84,10 @@ configure-commands: - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e BLK_DEV_NBD +- scripts/config -e BRIDGE_NF_EBTABLES +- scripts/config -e NETFILTER +- scripts/config -e NETFILTER_ADVANCED +- scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From adebf15d27ed0281e9ecab52e984e7f6911df483 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Fri, 3 Apr 2015 18:35:43 +0100 Subject: stage2-glibc.morph: inline stage2-glibc-fix-specs script Change-Id: I55bf8764a105308d965947c3721a193abf7502ac --- strata/build-essential/stage2-glibc.morph | 36 ++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/strata/build-essential/stage2-glibc.morph b/strata/build-essential/stage2-glibc.morph index 7346cd3b..9e5e745b 100644 --- a/strata/build-essential/stage2-glibc.morph +++ b/strata/build-essential/stage2-glibc.morph @@ -41,7 +41,41 @@ install-commands: include /etc/ld.so.conf.d/*.conf EOF - install -m 644 -o root -g root ld.so.conf "$DESTDIR/etc/ld.so.conf" -- sh stage2-glibc-fix-specs +- | + # Fix up GCC to handle the sysroot containing glibc being in a different + # location for each chunk build. + # + # For headers, it's enough to pass -B in the CPPFLAGS. This would work for + # the startup files (crt*.o) as well, except where libtool is involved (in + # which case it strips -B out of your LDFLAGS before calling GCC). We get + # around this by making GCC locate them relative to the environment variable + # STAGE2_SYSROOT, which we can then set along with CPPFLAGS in each stage 2 + # chunk build. + # + # We also force the use of the program loader at PREFIX/lib/ld.so instead + # of its usual home in /lib or /lib64, which is necessary for the output of + # stage 2 to work as a chroot when building stage 3. + + sysroot="$(dirname "$(pwd)")" + specs_dir="$(dirname $($TARGET_STAGE1-gcc --print-libgcc-file-name))" + target_specs_dir="$DESTDIR/${specs_dir#$sysroot}" + mkdir -p "$target_specs_dir" + + $TARGET_STAGE1-gcc -dumpspecs | + sed -e "s@[gMS]\?crt[1in].o%s@%:getenv(STAGE2_SYSROOT $PREFIX/lib/&)@g" \ + -e "s@/lib\(64\)\?/ld@$PREFIX/lib/ld@g" \ + > "$target_specs_dir/specs-for-sysroot" + + # NASTY HACK # + # We create a symlink to the actual specs here, so that later the + # symlink can be replaced with a dangling link. + # + # This is necessary as we need to have gcc use its internal specs, + # which can differ to the specs generated by `gcc -dumpspecs`. + # + # The dangling symlink will not make it onto the final system, just + # like all other bootstrap only components. + ln -s specs-for-sysroot "$target_specs_dir/specs" # Install a symlink for the program interpreter (ld.so) so that binaries # built in stage 3 before the stage 3 glibc is built can use it. -- cgit v1.2.1 From 86f19299f71b16aeaadb5cbc569345efc96f3543 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 6 Apr 2015 00:34:09 +0100 Subject: strata/gtk2: Upgrade to latest stable (2.24.27) Change-Id: I951ce5440acd965f31a38c937e26ed77dab259e9 --- strata/gtk2.morph | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/strata/gtk2.morph b/strata/gtk2.morph index 4a19606a..dd2f30fa 100644 --- a/strata/gtk2.morph +++ b/strata/gtk2.morph @@ -8,4 +8,5 @@ chunks: - name: gtk+ morph: strata/gtk2/gtk+.morph repo: upstream:gtk+ - ref: fbf38d16bcc26630f0f721d266509f5bc292f606 + ref: e6333a1a374591fef456f7fe73942226b5b8b388 + unpetrify-ref: 2.24.27 -- cgit v1.2.1 From a9b03973f1b02740e32deea80a67b87c6c0c3906 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:20:48 +0000 Subject: Enable Open vSwitch kernel support Change-Id: I939022e819a386c45e900e2df23dc3809f4a1a45 --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 10 ++++++++++ strata/bsp-jetson/linux-jetson-tk1.morph | 10 ++++++++++ strata/bsp-ppc64-generic/linux-ppc64.morph | 10 ++++++++++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 10 ++++++++++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 10 ++++++++++ 5 files changed, 50 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index f57b3341..75f660a6 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -79,6 +79,16 @@ configure-commands: - scripts/config -e NETFILTER - scripts/config -e NETFILTER_ADVANCED - scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE +- scripts/config -e OPENVSWITCH +- scripts/config -e OPENVSWITCH_VXLAN +- scripts/config -e CONFIG_OPENVSWITCH_GRE +- scripts/config -e NET_CLS_BASIC +- scripts/config -e NET_SCH_INGRESS +- scripts/config -e NET_ACT_POLICE +- scripts/config -e NET_IPGRE_DEMUX +- scripts/config -e NET_SCH_HTB +- scripts/config -e NET_SCH_HFSC +- scripts/config -e VXLAN # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index e461108c..a7b1ddbe 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -56,6 +56,16 @@ configure-commands: - scripts/config -e NETFILTER - scripts/config -e NETFILTER_ADVANCED - scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE +- scripts/config -e OPENVSWITCH +- scripts/config -e OPENVSWITCH_VXLAN +- scripts/config -e CONFIG_OPENVSWITCH_GRE +- scripts/config -e NET_CLS_BASIC +- scripts/config -e NET_SCH_INGRESS +- scripts/config -e NET_ACT_POLICE +- scripts/config -e NET_IPGRE_DEMUX +- scripts/config -e NET_SCH_HTB +- scripts/config -e NET_SCH_HFSC +- scripts/config -e VXLAN - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index e01d6fdd..9e9cf449 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -56,6 +56,16 @@ configure-commands: - scripts/config -e NETFILTER - scripts/config -e NETFILTER_ADVANCED - scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE +- scripts/config -e OPENVSWITCH +- scripts/config -e OPENVSWITCH_VXLAN +- scripts/config -e CONFIG_OPENVSWITCH_GRE +- scripts/config -e NET_CLS_BASIC +- scripts/config -e NET_SCH_INGRESS +- scripts/config -e NET_ACT_POLICE +- scripts/config -e NET_IPGRE_DEMUX +- scripts/config -e NET_SCH_HTB +- scripts/config -e NET_SCH_HFSC +- scripts/config -e VXLAN - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 29ed8bf9..c661666d 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -88,6 +88,16 @@ configure-commands: - scripts/config -e NETFILTER - scripts/config -e NETFILTER_ADVANCED - scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE +- scripts/config -e OPENVSWITCH +- scripts/config -e OPENVSWITCH_VXLAN +- scripts/config -e CONFIG_OPENVSWITCH_GRE +- scripts/config -e NET_CLS_BASIC +- scripts/config -e NET_SCH_INGRESS +- scripts/config -e NET_ACT_POLICE +- scripts/config -e NET_IPGRE_DEMUX +- scripts/config -e NET_SCH_HTB +- scripts/config -e NET_SCH_HFSC +- scripts/config -e VXLAN - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 76e106a7..03f412df 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -88,6 +88,16 @@ configure-commands: - scripts/config -e NETFILTER - scripts/config -e NETFILTER_ADVANCED - scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE +- scripts/config -e OPENVSWITCH +- scripts/config -e OPENVSWITCH_VXLAN +- scripts/config -e CONFIG_OPENVSWITCH_GRE +- scripts/config -e NET_CLS_BASIC +- scripts/config -e NET_SCH_INGRESS +- scripts/config -e NET_ACT_POLICE +- scripts/config -e NET_IPGRE_DEMUX +- scripts/config -e NET_SCH_HTB +- scripts/config -e NET_SCH_HFSC +- scripts/config -e VXLAN - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From bd47359a20329e2fa45eaa0793457a56292f820c Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:24:29 +0000 Subject: Enable virtual ethernet support in kernels Change-Id: I0f426296df43d6f0bb37b23293fd5268f1461fe3 --- strata/bsp-armv7-highbank/linux-armv7-highbank.morph | 1 + strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph | 1 + strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 1 + strata/bsp-jetson/linux-jetson-tk1.morph | 1 + strata/bsp-ppc64-generic/linux-ppc64.morph | 1 + strata/bsp-wandboard/linux-armv7-wandboard.morph | 1 + strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 1 + strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 1 + 8 files changed, 8 insertions(+) diff --git a/strata/bsp-armv7-highbank/linux-armv7-highbank.morph b/strata/bsp-armv7-highbank/linux-armv7-highbank.morph index 45868cb2..cf0907de 100644 --- a/strata/bsp-armv7-highbank/linux-armv7-highbank.morph +++ b/strata/bsp-armv7-highbank/linux-armv7-highbank.morph @@ -40,6 +40,7 @@ configure-commands: - scripts/config -e VFAT_FS - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e VETH - yes '' | make oldconfig build-commands: - make zImage $MAKEFLAGS diff --git a/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph b/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph index d9c5ece2..a6c0242d 100644 --- a/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph +++ b/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph @@ -42,6 +42,7 @@ configure-commands: - scripts/config -e VFAT_FS - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e VETH - yes '' | make oldconfig build-commands: - make zImage vexpress-v2p-ca15_a7.dtb diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 75f660a6..2751e6a1 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -89,6 +89,7 @@ configure-commands: - scripts/config -e NET_SCH_HTB - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN +- scripts/config -e VETH # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index a7b1ddbe..530d0b7f 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -66,6 +66,7 @@ configure-commands: - scripts/config -e NET_SCH_HTB - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN +- scripts/config -e VETH - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 9e9cf449..1fd6aeaf 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -66,6 +66,7 @@ configure-commands: - scripts/config -e NET_SCH_HTB - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN +- scripts/config -e VETH - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-wandboard/linux-armv7-wandboard.morph b/strata/bsp-wandboard/linux-armv7-wandboard.morph index b77c3f7a..a3a79254 100644 --- a/strata/bsp-wandboard/linux-armv7-wandboard.morph +++ b/strata/bsp-wandboard/linux-armv7-wandboard.morph @@ -47,6 +47,7 @@ configure-commands: - scripts/config -e NFSD_V3 - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e VETH - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x10800000 uImage dtbs diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index c661666d..1e1fa62d 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -98,6 +98,7 @@ configure-commands: - scripts/config -e NET_SCH_HTB - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN +- scripts/config -e VETH - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 03f412df..a1e9fe1a 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -98,6 +98,7 @@ configure-commands: - scripts/config -e NET_SCH_HTB - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN +- scripts/config -e VETH - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From b82cda6e0c64717df961c0232d78f5362ecc69e5 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:39:59 +0000 Subject: Enable all the IP_NF kernel support Change-Id: I87f44ebc26b44a024b39149bfce1e29e4e204051 --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 13 +++++++++++++ strata/bsp-jetson/linux-jetson-tk1.morph | 13 +++++++++++++ strata/bsp-ppc64-generic/linux-ppc64.morph | 13 +++++++++++++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 13 +++++++++++++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 13 +++++++++++++ 5 files changed, 65 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 2751e6a1..1ef31965 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -90,6 +90,19 @@ configure-commands: - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN - scripts/config -e VETH +- scripts/config -e IP_NF_MATCH_AH +- scripts/config -e IP_NF_MATCH_ECN +- scripts/config -e IP_NF_MATCH_RPFILTER +- scripts/config -e IP_NF_MATCH_TTL +- scripts/config -e IP_NF_TARGET_SYNPROXY +- scripts/config -e IP_NF_TARGET_NETMAP +- scripts/config -e IP_NF_TARGET_REDIRECT +- scripts/config -e IP_NF_TARGET_CLUSTERIP +- scripts/config -e IP_NF_TARGET_ECN +- scripts/config -e IP_NF_TARGET_TTL +- scripts/config -e IP_NF_RAW +- scripts/config -e IP_NF_SECURITY +- scripts/config -e IP_NF_ARPTABLES # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 530d0b7f..3abf7535 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -67,6 +67,19 @@ configure-commands: - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN - scripts/config -e VETH +- scripts/config -e IP_NF_MATCH_AH +- scripts/config -e IP_NF_MATCH_ECN +- scripts/config -e IP_NF_MATCH_RPFILTER +- scripts/config -e IP_NF_MATCH_TTL +- scripts/config -e IP_NF_TARGET_SYNPROXY +- scripts/config -e IP_NF_TARGET_NETMAP +- scripts/config -e IP_NF_TARGET_REDIRECT +- scripts/config -e IP_NF_TARGET_CLUSTERIP +- scripts/config -e IP_NF_TARGET_ECN +- scripts/config -e IP_NF_TARGET_TTL +- scripts/config -e IP_NF_RAW +- scripts/config -e IP_NF_SECURITY +- scripts/config -e IP_NF_ARPTABLES - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 1fd6aeaf..a193b3d7 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -67,6 +67,19 @@ configure-commands: - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN - scripts/config -e VETH +- scripts/config -e IP_NF_MATCH_AH +- scripts/config -e IP_NF_MATCH_ECN +- scripts/config -e IP_NF_MATCH_RPFILTER +- scripts/config -e IP_NF_MATCH_TTL +- scripts/config -e IP_NF_TARGET_SYNPROXY +- scripts/config -e IP_NF_TARGET_NETMAP +- scripts/config -e IP_NF_TARGET_REDIRECT +- scripts/config -e IP_NF_TARGET_CLUSTERIP +- scripts/config -e IP_NF_TARGET_ECN +- scripts/config -e IP_NF_TARGET_TTL +- scripts/config -e IP_NF_RAW +- scripts/config -e IP_NF_SECURITY +- scripts/config -e IP_NF_ARPTABLES - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 1e1fa62d..ffd905d4 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -99,6 +99,19 @@ configure-commands: - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN - scripts/config -e VETH +- scripts/config -e IP_NF_MATCH_AH +- scripts/config -e IP_NF_MATCH_ECN +- scripts/config -e IP_NF_MATCH_RPFILTER +- scripts/config -e IP_NF_MATCH_TTL +- scripts/config -e IP_NF_TARGET_SYNPROXY +- scripts/config -e IP_NF_TARGET_NETMAP +- scripts/config -e IP_NF_TARGET_REDIRECT +- scripts/config -e IP_NF_TARGET_CLUSTERIP +- scripts/config -e IP_NF_TARGET_ECN +- scripts/config -e IP_NF_TARGET_TTL +- scripts/config -e IP_NF_RAW +- scripts/config -e IP_NF_SECURITY +- scripts/config -e IP_NF_ARPTABLES - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index a1e9fe1a..da0868c1 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -99,6 +99,19 @@ configure-commands: - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN - scripts/config -e VETH +- scripts/config -e IP_NF_MATCH_AH +- scripts/config -e IP_NF_MATCH_ECN +- scripts/config -e IP_NF_MATCH_RPFILTER +- scripts/config -e IP_NF_MATCH_TTL +- scripts/config -e IP_NF_TARGET_SYNPROXY +- scripts/config -e IP_NF_TARGET_NETMAP +- scripts/config -e IP_NF_TARGET_REDIRECT +- scripts/config -e IP_NF_TARGET_CLUSTERIP +- scripts/config -e IP_NF_TARGET_ECN +- scripts/config -e IP_NF_TARGET_TTL +- scripts/config -e IP_NF_RAW +- scripts/config -e IP_NF_SECURITY +- scripts/config -e IP_NF_ARPTABLES - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From d9bef7b3317625f5860bc78c3e1effdc320ebb7d Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:41:51 +0000 Subject: Enable Intel KVM support in x86 kernels Change-Id: I1b65a1b3add4f8da11f6403bceb1063797a99b5d --- strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 1 + strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 1 + 2 files changed, 2 insertions(+) diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index ffd905d4..f1e4154f 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -112,6 +112,7 @@ configure-commands: - scripts/config -e IP_NF_RAW - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES +- scripts/config -e KVM_INTEL - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index da0868c1..41abf01e 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -112,6 +112,7 @@ configure-commands: - scripts/config -e IP_NF_RAW - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES +- scripts/config -e KVM_INTEL - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From f1b7745620d567436ab6bf14a9e6e51ff3a1a480 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:43:44 +0000 Subject: Enable iproute2 support to kernels Change-Id: I113e08474cc4a1c3a60c9a683725d7fdc13ffe08 --- strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 3 +++ strata/bsp-jetson/linux-jetson-tk1.morph | 3 +++ strata/bsp-ppc64-generic/linux-ppc64.morph | 3 +++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 3 +++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 3 +++ 5 files changed, 15 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 1ef31965..de4aff7a 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -103,6 +103,9 @@ configure-commands: - scripts/config -e IP_NF_RAW - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES +- scripts/config -e NETFILTER_NETLINK_QUEUE +- scripts/config -e SCSI_NETLINK +- scripts/config -e NETFILTER_XT_TARGET_MARK # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 3abf7535..b811630f 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -80,6 +80,9 @@ configure-commands: - scripts/config -e IP_NF_RAW - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES +- scripts/config -e NETFILTER_NETLINK_QUEUE +- scripts/config -e SCSI_NETLINK +- scripts/config -e NETFILTER_XT_TARGET_MARK - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index a193b3d7..93273df3 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -80,6 +80,9 @@ configure-commands: - scripts/config -e IP_NF_RAW - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES +- scripts/config -e NETFILTER_NETLINK_QUEUE +- scripts/config -e SCSI_NETLINK +- scripts/config -e NETFILTER_XT_TARGET_MARK - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index f1e4154f..32ee6f26 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -113,6 +113,9 @@ configure-commands: - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES - scripts/config -e KVM_INTEL +- scripts/config -e NETFILTER_NETLINK_QUEUE +- scripts/config -e SCSI_NETLINK +- scripts/config -e NETFILTER_XT_TARGET_MARK - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 41abf01e..1084cba2 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -113,6 +113,9 @@ configure-commands: - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES - scripts/config -e KVM_INTEL +- scripts/config -e NETFILTER_NETLINK_QUEUE +- scripts/config -e SCSI_NETLINK +- scripts/config -e NETFILTER_XT_TARGET_MARK - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From dd5f18f181b88a8d48a283778618e372d9c2be4d Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:46:09 +0000 Subject: Enable ipset kernel configuration Change-Id: I864631f70fa7feb650d924cc2bb91d787270c27d --- .../bsp-armv8l64-generic/linux-armv8l64-generic.morph | 17 +++++++++++++++++ strata/bsp-jetson/linux-jetson-tk1.morph | 17 +++++++++++++++++ strata/bsp-ppc64-generic/linux-ppc64.morph | 17 +++++++++++++++++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 17 +++++++++++++++++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 17 +++++++++++++++++ 5 files changed, 85 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index de4aff7a..038284fb 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -106,6 +106,23 @@ configure-commands: - scripts/config -e NETFILTER_NETLINK_QUEUE - scripts/config -e SCSI_NETLINK - scripts/config -e NETFILTER_XT_TARGET_MARK +- scripts/config -e NETFILTER_XT_SET +- scripts/config -e IP_SET +- scripts/config -e IP_SET_BITMAP_IP +- scripts/config -e IP_SET_BITMAP_IPMAC +- scripts/config -e IP_SET_BITMAP_PORT +- scripts/config -e IP_SET_HASH_IP +- scripts/config -e IP_SET_HASH_IPMARK +- scripts/config -e IP_SET_HASH_IPPORT +- scripts/config -e IP_SET_HASH_IPPORTIP +- scripts/config -e IP_SET_HASH_IPPORTNET +- scripts/config -e IP_SET_HASH_MAC +- scripts/config -e IP_SET_HASH_NETPORTNET +- scripts/config -e IP_SET_HASH_NET +- scripts/config -e IP_SET_HASH_NETNET +- scripts/config -e IP_SET_HASH_NETPORT +- scripts/config -e IP_SET_HASH_NETIFACE +- scripts/config -e IP_SET_LIST_SET # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index b811630f..0f32c143 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -83,6 +83,23 @@ configure-commands: - scripts/config -e NETFILTER_NETLINK_QUEUE - scripts/config -e SCSI_NETLINK - scripts/config -e NETFILTER_XT_TARGET_MARK +- scripts/config -e NETFILTER_XT_SET +- scripts/config -e IP_SET +- scripts/config -e IP_SET_BITMAP_IP +- scripts/config -e IP_SET_BITMAP_IPMAC +- scripts/config -e IP_SET_BITMAP_PORT +- scripts/config -e IP_SET_HASH_IP +- scripts/config -e IP_SET_HASH_IPMARK +- scripts/config -e IP_SET_HASH_IPPORT +- scripts/config -e IP_SET_HASH_IPPORTIP +- scripts/config -e IP_SET_HASH_IPPORTNET +- scripts/config -e IP_SET_HASH_MAC +- scripts/config -e IP_SET_HASH_NETPORTNET +- scripts/config -e IP_SET_HASH_NET +- scripts/config -e IP_SET_HASH_NETNET +- scripts/config -e IP_SET_HASH_NETPORT +- scripts/config -e IP_SET_HASH_NETIFACE +- scripts/config -e IP_SET_LIST_SET - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 93273df3..f96f221d 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -83,6 +83,23 @@ configure-commands: - scripts/config -e NETFILTER_NETLINK_QUEUE - scripts/config -e SCSI_NETLINK - scripts/config -e NETFILTER_XT_TARGET_MARK +- scripts/config -e NETFILTER_XT_SET +- scripts/config -e IP_SET +- scripts/config -e IP_SET_BITMAP_IP +- scripts/config -e IP_SET_BITMAP_IPMAC +- scripts/config -e IP_SET_BITMAP_PORT +- scripts/config -e IP_SET_HASH_IP +- scripts/config -e IP_SET_HASH_IPMARK +- scripts/config -e IP_SET_HASH_IPPORT +- scripts/config -e IP_SET_HASH_IPPORTIP +- scripts/config -e IP_SET_HASH_IPPORTNET +- scripts/config -e IP_SET_HASH_MAC +- scripts/config -e IP_SET_HASH_NETPORTNET +- scripts/config -e IP_SET_HASH_NET +- scripts/config -e IP_SET_HASH_NETNET +- scripts/config -e IP_SET_HASH_NETPORT +- scripts/config -e IP_SET_HASH_NETIFACE +- scripts/config -e IP_SET_LIST_SET - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 32ee6f26..9db00cda 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -116,6 +116,23 @@ configure-commands: - scripts/config -e NETFILTER_NETLINK_QUEUE - scripts/config -e SCSI_NETLINK - scripts/config -e NETFILTER_XT_TARGET_MARK +- scripts/config -e NETFILTER_XT_SET +- scripts/config -e IP_SET +- scripts/config -e IP_SET_BITMAP_IP +- scripts/config -e IP_SET_BITMAP_IPMAC +- scripts/config -e IP_SET_BITMAP_PORT +- scripts/config -e IP_SET_HASH_IP +- scripts/config -e IP_SET_HASH_IPMARK +- scripts/config -e IP_SET_HASH_IPPORT +- scripts/config -e IP_SET_HASH_IPPORTIP +- scripts/config -e IP_SET_HASH_IPPORTNET +- scripts/config -e IP_SET_HASH_MAC +- scripts/config -e IP_SET_HASH_NETPORTNET +- scripts/config -e IP_SET_HASH_NET +- scripts/config -e IP_SET_HASH_NETNET +- scripts/config -e IP_SET_HASH_NETPORT +- scripts/config -e IP_SET_HASH_NETIFACE +- scripts/config -e IP_SET_LIST_SET - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 1084cba2..0415c40d 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -116,6 +116,23 @@ configure-commands: - scripts/config -e NETFILTER_NETLINK_QUEUE - scripts/config -e SCSI_NETLINK - scripts/config -e NETFILTER_XT_TARGET_MARK +- scripts/config -e NETFILTER_XT_SET +- scripts/config -e IP_SET +- scripts/config -e IP_SET_BITMAP_IP +- scripts/config -e IP_SET_BITMAP_IPMAC +- scripts/config -e IP_SET_BITMAP_PORT +- scripts/config -e IP_SET_HASH_IP +- scripts/config -e IP_SET_HASH_IPMARK +- scripts/config -e IP_SET_HASH_IPPORT +- scripts/config -e IP_SET_HASH_IPPORTIP +- scripts/config -e IP_SET_HASH_IPPORTNET +- scripts/config -e IP_SET_HASH_MAC +- scripts/config -e IP_SET_HASH_NETPORTNET +- scripts/config -e IP_SET_HASH_NET +- scripts/config -e IP_SET_HASH_NETNET +- scripts/config -e IP_SET_HASH_NETPORT +- scripts/config -e IP_SET_HASH_NETIFACE +- scripts/config -e IP_SET_LIST_SET - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From ccf6177c64c31b413d368e5d072655e0a1952b71 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 12 Feb 2015 14:50:14 +0000 Subject: Enable netfilter support in kernels Change-Id: I2ecb0ac435aa6f364b41c0e680c5792dcbe02f50 --- .../linux-armv8l64-generic.morph | 98 ++++++++++++++++++++++ strata/bsp-jetson/linux-jetson-tk1.morph | 98 ++++++++++++++++++++++ strata/bsp-ppc64-generic/linux-ppc64.morph | 98 ++++++++++++++++++++++ .../bsp-x86_32-generic/linux-x86-32-generic.morph | 98 ++++++++++++++++++++++ .../bsp-x86_64-generic/linux-x86-64-generic.morph | 98 ++++++++++++++++++++++ 5 files changed, 490 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 038284fb..34b9d0d4 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -123,6 +123,104 @@ configure-commands: - scripts/config -e IP_SET_HASH_NETPORT - scripts/config -e IP_SET_HASH_NETIFACE - scripts/config -e IP_SET_LIST_SET +- scripts/config -e NF_CONNTRACK_TIMEOUT +- scripts/config -e NF_CONNTRACK_TIMESTAMP +- scripts/config -e NF_CONNTRACK_EVENTS +- scripts/config -e NF_CONNTRACK_LABELS +- scripts/config -e NETFILTER_NETLINK_ACCT +- scripts/config -e NETFILTER_NETLINK_QUEUE_CT +- scripts/config -e NF_CT_PROTO_DCCP +- scripts/config -e NF_CT_PROTO_GRE +- scripts/config -e NF_CT_PROTO_SCTP +- scripts/config -e NF_CT_PROTO_UDPLITE +- scripts/config -e NF_CT_NETLINK_TIMEOUT +- scripts/config -e NF_CT_NETLINK_HELPER +- scripts/config -e NF_CONNTRACK_AMANDA +- scripts/config -e NF_CONNTRACK_H323 +- scripts/config -e NF_CONNTRACK_BROADCAST +- scripts/config -e NF_CONNTRACK_NETBIOS_NS +- scripts/config -e NF_CONNTRACK_SNMP +- scripts/config -e NF_CONNTRACK_PPTP +- scripts/config -e NF_CONNTRACK_SANE +- scripts/config -e NF_CONNTRACK_TFTP +- scripts/config -e NF_LOG_COMMON +- scripts/config -e NF_NAT_PROTO_DCCP +- scripts/config -e NF_NAT_PROTO_UDPLITE +- scripts/config -e NF_NAT_PROTO_SCTP +- scripts/config -e NF_NAT_AMANDA +- scripts/config -e NF_NAT_TFTP +- scripts/config -e NF_TABLES +- scripts/config -e NF_TABLES_INET +- scripts/config -e NFT_COMPAT +- scripts/config -e NFT_EXTHDR +- scripts/config -e NFT_META +- scripts/config -e NFT_CT +- scripts/config -e NFT_LIMIT +- scripts/config -e NFT_NAT +- scripts/config -e NFT_QUEUE +- scripts/config -e NFT_REJECT +- scripts/config -e NFT_REJECT_INET +- scripts/config -e NFT_RBTREE +- scripts/config -e NFT_HASH +- scripts/config -e NFT_COUNTER +- scripts/config -e NFT_LOG +- scripts/config -e NFT_MASQ +- scripts/config -e NETFILTER_XT_CONNMARK +- scripts/config -e NETFILTER_XT_TARGET_AUDIT +- scripts/config -e NETFILTER_XT_TARGET_CHECKSUM +- scripts/config -e NETFILTER_XT_TARGET_CLASSIFY +- scripts/config -e NETFILTER_XT_TARGET_CT +- scripts/config -e NETFILTER_XT_TARGET_DSCP +- scripts/config -e NETFILTER_XT_TARGET_HMARK +- scripts/config -e NETFILTER_XT_TARGET_LED +- scripts/config -e NETFILTER_XT_TARGET_LOG +- scripts/config -e NETFILTER_XT_TARGET_NFQUEUE +- scripts/config -e NETFILTER_XT_TARGET_RATEEST +- scripts/config -e NETFILTER_XT_TARGET_TPROXY +- scripts/config -e NETFILTER_XT_TARGET_TCPOPTSTRIP +- scripts/config -e NETFILTER_XT_TARGET_TEE +- scripts/config -e NETFILTER_XT_TARGET_TRACE +- scripts/config -e NETFILTER_XT_TARGET_IDLETIMER +- scripts/config -e NETFILTER_XT_MATCH_BPF +- scripts/config -e NETFILTER_XT_MATCH_CLUSTER +- scripts/config -e NETFILTER_XT_MATCH_COMMENT +- scripts/config -e NETFILTER_XT_MATCH_CONNBYTES +- scripts/config -e NETFILTER_XT_MATCH_CONNLABEL +- scripts/config -e NETFILTER_XT_MATCH_CONNLIMIT +- scripts/config -e NETFILTER_XT_MATCH_CPU +- scripts/config -e NETFILTER_XT_MATCH_DCCP +- scripts/config -e NETFILTER_XT_MATCH_DEVGROUP +- scripts/config -e NETFILTER_XT_MATCH_DSCP +- scripts/config -e NETFILTER_XT_MATCH_ESP +- scripts/config -e NETFILTER_XT_MATCH_HASHLIMIT +- scripts/config -e NETFILTER_XT_MATCH_HELPER +- scripts/config -e NETFILTER_XT_MATCH_IPCOMP +- scripts/config -e NETFILTER_XT_MATCH_IPRANGE +- scripts/config -e NETFILTER_XT_MATCH_IPVS +- scripts/config -e NETFILTER_XT_MATCH_L2TP +- scripts/config -e NETFILTER_XT_MATCH_LENGTH +- scripts/config -e NETFILTER_XT_MATCH_LIMIT +- scripts/config -e NETFILTER_XT_MATCH_MAC +- scripts/config -e NETFILTER_XT_MATCH_MULTIPORT +- scripts/config -e NETFILTER_XT_MATCH_NFACCT +- scripts/config -e NETFILTER_XT_MATCH_OSF +- scripts/config -e NETFILTER_XT_MATCH_OWNER +- scripts/config -e NETFILTER_XT_MATCH_CGROUP +- scripts/config -e NETFILTER_XT_MATCH_PHYSDEV +- scripts/config -e NETFILTER_XT_MATCH_PKTTYPE +- scripts/config -e NETFILTER_XT_MATCH_QUOTA +- scripts/config -e NETFILTER_XT_MATCH_RATEEST +- scripts/config -e NETFILTER_XT_MATCH_REALM +- scripts/config -e NETFILTER_XT_MATCH_RECENT +- scripts/config -e NETFILTER_XT_MATCH_SCTP +- scripts/config -e NETFILTER_XT_MATCH_SOCKET +- scripts/config -e NETFILTER_XT_MATCH_STATISTIC +- scripts/config -e NETFILTER_XT_MATCH_STRING +- scripts/config -e NETFILTER_XT_MATCH_TCPMSS +- scripts/config -e NETFILTER_XT_MATCH_TIME +- scripts/config -e NETFILTER_XT_MATCH_U32 +- scripts/config -e IP_VS +- scripts/config -e BRIDGE_NETFILTER # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 0f32c143..257a7796 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -100,6 +100,104 @@ configure-commands: - scripts/config -e IP_SET_HASH_NETPORT - scripts/config -e IP_SET_HASH_NETIFACE - scripts/config -e IP_SET_LIST_SET +- scripts/config -e NF_CONNTRACK_TIMEOUT +- scripts/config -e NF_CONNTRACK_TIMESTAMP +- scripts/config -e NF_CONNTRACK_EVENTS +- scripts/config -e NF_CONNTRACK_LABELS +- scripts/config -e NETFILTER_NETLINK_ACCT +- scripts/config -e NETFILTER_NETLINK_QUEUE_CT +- scripts/config -e NF_CT_PROTO_DCCP +- scripts/config -e NF_CT_PROTO_GRE +- scripts/config -e NF_CT_PROTO_SCTP +- scripts/config -e NF_CT_PROTO_UDPLITE +- scripts/config -e NF_CT_NETLINK_TIMEOUT +- scripts/config -e NF_CT_NETLINK_HELPER +- scripts/config -e NF_CONNTRACK_AMANDA +- scripts/config -e NF_CONNTRACK_H323 +- scripts/config -e NF_CONNTRACK_BROADCAST +- scripts/config -e NF_CONNTRACK_NETBIOS_NS +- scripts/config -e NF_CONNTRACK_SNMP +- scripts/config -e NF_CONNTRACK_PPTP +- scripts/config -e NF_CONNTRACK_SANE +- scripts/config -e NF_CONNTRACK_TFTP +- scripts/config -e NF_LOG_COMMON +- scripts/config -e NF_NAT_PROTO_DCCP +- scripts/config -e NF_NAT_PROTO_UDPLITE +- scripts/config -e NF_NAT_PROTO_SCTP +- scripts/config -e NF_NAT_AMANDA +- scripts/config -e NF_NAT_TFTP +- scripts/config -e NF_TABLES +- scripts/config -e NF_TABLES_INET +- scripts/config -e NFT_COMPAT +- scripts/config -e NFT_EXTHDR +- scripts/config -e NFT_META +- scripts/config -e NFT_CT +- scripts/config -e NFT_LIMIT +- scripts/config -e NFT_NAT +- scripts/config -e NFT_QUEUE +- scripts/config -e NFT_REJECT +- scripts/config -e NFT_REJECT_INET +- scripts/config -e NFT_RBTREE +- scripts/config -e NFT_HASH +- scripts/config -e NFT_COUNTER +- scripts/config -e NFT_LOG +- scripts/config -e NFT_MASQ +- scripts/config -e NETFILTER_XT_CONNMARK +- scripts/config -e NETFILTER_XT_TARGET_AUDIT +- scripts/config -e NETFILTER_XT_TARGET_CHECKSUM +- scripts/config -e NETFILTER_XT_TARGET_CLASSIFY +- scripts/config -e NETFILTER_XT_TARGET_CT +- scripts/config -e NETFILTER_XT_TARGET_DSCP +- scripts/config -e NETFILTER_XT_TARGET_HMARK +- scripts/config -e NETFILTER_XT_TARGET_LED +- scripts/config -e NETFILTER_XT_TARGET_LOG +- scripts/config -e NETFILTER_XT_TARGET_NFQUEUE +- scripts/config -e NETFILTER_XT_TARGET_RATEEST +- scripts/config -e NETFILTER_XT_TARGET_TPROXY +- scripts/config -e NETFILTER_XT_TARGET_TCPOPTSTRIP +- scripts/config -e NETFILTER_XT_TARGET_TEE +- scripts/config -e NETFILTER_XT_TARGET_TRACE +- scripts/config -e NETFILTER_XT_TARGET_IDLETIMER +- scripts/config -e NETFILTER_XT_MATCH_BPF +- scripts/config -e NETFILTER_XT_MATCH_CLUSTER +- scripts/config -e NETFILTER_XT_MATCH_COMMENT +- scripts/config -e NETFILTER_XT_MATCH_CONNBYTES +- scripts/config -e NETFILTER_XT_MATCH_CONNLABEL +- scripts/config -e NETFILTER_XT_MATCH_CONNLIMIT +- scripts/config -e NETFILTER_XT_MATCH_CPU +- scripts/config -e NETFILTER_XT_MATCH_DCCP +- scripts/config -e NETFILTER_XT_MATCH_DEVGROUP +- scripts/config -e NETFILTER_XT_MATCH_DSCP +- scripts/config -e NETFILTER_XT_MATCH_ESP +- scripts/config -e NETFILTER_XT_MATCH_HASHLIMIT +- scripts/config -e NETFILTER_XT_MATCH_HELPER +- scripts/config -e NETFILTER_XT_MATCH_IPCOMP +- scripts/config -e NETFILTER_XT_MATCH_IPRANGE +- scripts/config -e NETFILTER_XT_MATCH_IPVS +- scripts/config -e NETFILTER_XT_MATCH_L2TP +- scripts/config -e NETFILTER_XT_MATCH_LENGTH +- scripts/config -e NETFILTER_XT_MATCH_LIMIT +- scripts/config -e NETFILTER_XT_MATCH_MAC +- scripts/config -e NETFILTER_XT_MATCH_MULTIPORT +- scripts/config -e NETFILTER_XT_MATCH_NFACCT +- scripts/config -e NETFILTER_XT_MATCH_OSF +- scripts/config -e NETFILTER_XT_MATCH_OWNER +- scripts/config -e NETFILTER_XT_MATCH_CGROUP +- scripts/config -e NETFILTER_XT_MATCH_PHYSDEV +- scripts/config -e NETFILTER_XT_MATCH_PKTTYPE +- scripts/config -e NETFILTER_XT_MATCH_QUOTA +- scripts/config -e NETFILTER_XT_MATCH_RATEEST +- scripts/config -e NETFILTER_XT_MATCH_REALM +- scripts/config -e NETFILTER_XT_MATCH_RECENT +- scripts/config -e NETFILTER_XT_MATCH_SCTP +- scripts/config -e NETFILTER_XT_MATCH_SOCKET +- scripts/config -e NETFILTER_XT_MATCH_STATISTIC +- scripts/config -e NETFILTER_XT_MATCH_STRING +- scripts/config -e NETFILTER_XT_MATCH_TCPMSS +- scripts/config -e NETFILTER_XT_MATCH_TIME +- scripts/config -e NETFILTER_XT_MATCH_U32 +- scripts/config -e IP_VS +- scripts/config -e BRIDGE_NETFILTER - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index f96f221d..7131b8da 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -100,6 +100,104 @@ configure-commands: - scripts/config -e IP_SET_HASH_NETPORT - scripts/config -e IP_SET_HASH_NETIFACE - scripts/config -e IP_SET_LIST_SET +- scripts/config -e NF_CONNTRACK_TIMEOUT +- scripts/config -e NF_CONNTRACK_TIMESTAMP +- scripts/config -e NF_CONNTRACK_EVENTS +- scripts/config -e NF_CONNTRACK_LABELS +- scripts/config -e NETFILTER_NETLINK_ACCT +- scripts/config -e NETFILTER_NETLINK_QUEUE_CT +- scripts/config -e NF_CT_PROTO_DCCP +- scripts/config -e NF_CT_PROTO_GRE +- scripts/config -e NF_CT_PROTO_SCTP +- scripts/config -e NF_CT_PROTO_UDPLITE +- scripts/config -e NF_CT_NETLINK_TIMEOUT +- scripts/config -e NF_CT_NETLINK_HELPER +- scripts/config -e NF_CONNTRACK_AMANDA +- scripts/config -e NF_CONNTRACK_H323 +- scripts/config -e NF_CONNTRACK_BROADCAST +- scripts/config -e NF_CONNTRACK_NETBIOS_NS +- scripts/config -e NF_CONNTRACK_SNMP +- scripts/config -e NF_CONNTRACK_PPTP +- scripts/config -e NF_CONNTRACK_SANE +- scripts/config -e NF_CONNTRACK_TFTP +- scripts/config -e NF_LOG_COMMON +- scripts/config -e NF_NAT_PROTO_DCCP +- scripts/config -e NF_NAT_PROTO_UDPLITE +- scripts/config -e NF_NAT_PROTO_SCTP +- scripts/config -e NF_NAT_AMANDA +- scripts/config -e NF_NAT_TFTP +- scripts/config -e NF_TABLES +- scripts/config -e NF_TABLES_INET +- scripts/config -e NFT_COMPAT +- scripts/config -e NFT_EXTHDR +- scripts/config -e NFT_META +- scripts/config -e NFT_CT +- scripts/config -e NFT_LIMIT +- scripts/config -e NFT_NAT +- scripts/config -e NFT_QUEUE +- scripts/config -e NFT_REJECT +- scripts/config -e NFT_REJECT_INET +- scripts/config -e NFT_RBTREE +- scripts/config -e NFT_HASH +- scripts/config -e NFT_COUNTER +- scripts/config -e NFT_LOG +- scripts/config -e NFT_MASQ +- scripts/config -e NETFILTER_XT_CONNMARK +- scripts/config -e NETFILTER_XT_TARGET_AUDIT +- scripts/config -e NETFILTER_XT_TARGET_CHECKSUM +- scripts/config -e NETFILTER_XT_TARGET_CLASSIFY +- scripts/config -e NETFILTER_XT_TARGET_CT +- scripts/config -e NETFILTER_XT_TARGET_DSCP +- scripts/config -e NETFILTER_XT_TARGET_HMARK +- scripts/config -e NETFILTER_XT_TARGET_LED +- scripts/config -e NETFILTER_XT_TARGET_LOG +- scripts/config -e NETFILTER_XT_TARGET_NFQUEUE +- scripts/config -e NETFILTER_XT_TARGET_RATEEST +- scripts/config -e NETFILTER_XT_TARGET_TPROXY +- scripts/config -e NETFILTER_XT_TARGET_TCPOPTSTRIP +- scripts/config -e NETFILTER_XT_TARGET_TEE +- scripts/config -e NETFILTER_XT_TARGET_TRACE +- scripts/config -e NETFILTER_XT_TARGET_IDLETIMER +- scripts/config -e NETFILTER_XT_MATCH_BPF +- scripts/config -e NETFILTER_XT_MATCH_CLUSTER +- scripts/config -e NETFILTER_XT_MATCH_COMMENT +- scripts/config -e NETFILTER_XT_MATCH_CONNBYTES +- scripts/config -e NETFILTER_XT_MATCH_CONNLABEL +- scripts/config -e NETFILTER_XT_MATCH_CONNLIMIT +- scripts/config -e NETFILTER_XT_MATCH_CPU +- scripts/config -e NETFILTER_XT_MATCH_DCCP +- scripts/config -e NETFILTER_XT_MATCH_DEVGROUP +- scripts/config -e NETFILTER_XT_MATCH_DSCP +- scripts/config -e NETFILTER_XT_MATCH_ESP +- scripts/config -e NETFILTER_XT_MATCH_HASHLIMIT +- scripts/config -e NETFILTER_XT_MATCH_HELPER +- scripts/config -e NETFILTER_XT_MATCH_IPCOMP +- scripts/config -e NETFILTER_XT_MATCH_IPRANGE +- scripts/config -e NETFILTER_XT_MATCH_IPVS +- scripts/config -e NETFILTER_XT_MATCH_L2TP +- scripts/config -e NETFILTER_XT_MATCH_LENGTH +- scripts/config -e NETFILTER_XT_MATCH_LIMIT +- scripts/config -e NETFILTER_XT_MATCH_MAC +- scripts/config -e NETFILTER_XT_MATCH_MULTIPORT +- scripts/config -e NETFILTER_XT_MATCH_NFACCT +- scripts/config -e NETFILTER_XT_MATCH_OSF +- scripts/config -e NETFILTER_XT_MATCH_OWNER +- scripts/config -e NETFILTER_XT_MATCH_CGROUP +- scripts/config -e NETFILTER_XT_MATCH_PHYSDEV +- scripts/config -e NETFILTER_XT_MATCH_PKTTYPE +- scripts/config -e NETFILTER_XT_MATCH_QUOTA +- scripts/config -e NETFILTER_XT_MATCH_RATEEST +- scripts/config -e NETFILTER_XT_MATCH_REALM +- scripts/config -e NETFILTER_XT_MATCH_RECENT +- scripts/config -e NETFILTER_XT_MATCH_SCTP +- scripts/config -e NETFILTER_XT_MATCH_SOCKET +- scripts/config -e NETFILTER_XT_MATCH_STATISTIC +- scripts/config -e NETFILTER_XT_MATCH_STRING +- scripts/config -e NETFILTER_XT_MATCH_TCPMSS +- scripts/config -e NETFILTER_XT_MATCH_TIME +- scripts/config -e NETFILTER_XT_MATCH_U32 +- scripts/config -e IP_VS +- scripts/config -e BRIDGE_NETFILTER - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 9db00cda..4ed79eac 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -133,6 +133,104 @@ configure-commands: - scripts/config -e IP_SET_HASH_NETPORT - scripts/config -e IP_SET_HASH_NETIFACE - scripts/config -e IP_SET_LIST_SET +- scripts/config -e NF_CONNTRACK_TIMEOUT +- scripts/config -e NF_CONNTRACK_TIMESTAMP +- scripts/config -e NF_CONNTRACK_EVENTS +- scripts/config -e NF_CONNTRACK_LABELS +- scripts/config -e NETFILTER_NETLINK_ACCT +- scripts/config -e NETFILTER_NETLINK_QUEUE_CT +- scripts/config -e NF_CT_PROTO_DCCP +- scripts/config -e NF_CT_PROTO_GRE +- scripts/config -e NF_CT_PROTO_SCTP +- scripts/config -e NF_CT_PROTO_UDPLITE +- scripts/config -e NF_CT_NETLINK_TIMEOUT +- scripts/config -e NF_CT_NETLINK_HELPER +- scripts/config -e NF_CONNTRACK_AMANDA +- scripts/config -e NF_CONNTRACK_H323 +- scripts/config -e NF_CONNTRACK_BROADCAST +- scripts/config -e NF_CONNTRACK_NETBIOS_NS +- scripts/config -e NF_CONNTRACK_SNMP +- scripts/config -e NF_CONNTRACK_PPTP +- scripts/config -e NF_CONNTRACK_SANE +- scripts/config -e NF_CONNTRACK_TFTP +- scripts/config -e NF_LOG_COMMON +- scripts/config -e NF_NAT_PROTO_DCCP +- scripts/config -e NF_NAT_PROTO_UDPLITE +- scripts/config -e NF_NAT_PROTO_SCTP +- scripts/config -e NF_NAT_AMANDA +- scripts/config -e NF_NAT_TFTP +- scripts/config -e NF_TABLES +- scripts/config -e NF_TABLES_INET +- scripts/config -e NFT_COMPAT +- scripts/config -e NFT_EXTHDR +- scripts/config -e NFT_META +- scripts/config -e NFT_CT +- scripts/config -e NFT_LIMIT +- scripts/config -e NFT_NAT +- scripts/config -e NFT_QUEUE +- scripts/config -e NFT_REJECT +- scripts/config -e NFT_REJECT_INET +- scripts/config -e NFT_RBTREE +- scripts/config -e NFT_HASH +- scripts/config -e NFT_COUNTER +- scripts/config -e NFT_LOG +- scripts/config -e NFT_MASQ +- scripts/config -e NETFILTER_XT_CONNMARK +- scripts/config -e NETFILTER_XT_TARGET_AUDIT +- scripts/config -e NETFILTER_XT_TARGET_CHECKSUM +- scripts/config -e NETFILTER_XT_TARGET_CLASSIFY +- scripts/config -e NETFILTER_XT_TARGET_CT +- scripts/config -e NETFILTER_XT_TARGET_DSCP +- scripts/config -e NETFILTER_XT_TARGET_HMARK +- scripts/config -e NETFILTER_XT_TARGET_LED +- scripts/config -e NETFILTER_XT_TARGET_LOG +- scripts/config -e NETFILTER_XT_TARGET_NFQUEUE +- scripts/config -e NETFILTER_XT_TARGET_RATEEST +- scripts/config -e NETFILTER_XT_TARGET_TPROXY +- scripts/config -e NETFILTER_XT_TARGET_TCPOPTSTRIP +- scripts/config -e NETFILTER_XT_TARGET_TEE +- scripts/config -e NETFILTER_XT_TARGET_TRACE +- scripts/config -e NETFILTER_XT_TARGET_IDLETIMER +- scripts/config -e NETFILTER_XT_MATCH_BPF +- scripts/config -e NETFILTER_XT_MATCH_CLUSTER +- scripts/config -e NETFILTER_XT_MATCH_COMMENT +- scripts/config -e NETFILTER_XT_MATCH_CONNBYTES +- scripts/config -e NETFILTER_XT_MATCH_CONNLABEL +- scripts/config -e NETFILTER_XT_MATCH_CONNLIMIT +- scripts/config -e NETFILTER_XT_MATCH_CPU +- scripts/config -e NETFILTER_XT_MATCH_DCCP +- scripts/config -e NETFILTER_XT_MATCH_DEVGROUP +- scripts/config -e NETFILTER_XT_MATCH_DSCP +- scripts/config -e NETFILTER_XT_MATCH_ESP +- scripts/config -e NETFILTER_XT_MATCH_HASHLIMIT +- scripts/config -e NETFILTER_XT_MATCH_HELPER +- scripts/config -e NETFILTER_XT_MATCH_IPCOMP +- scripts/config -e NETFILTER_XT_MATCH_IPRANGE +- scripts/config -e NETFILTER_XT_MATCH_IPVS +- scripts/config -e NETFILTER_XT_MATCH_L2TP +- scripts/config -e NETFILTER_XT_MATCH_LENGTH +- scripts/config -e NETFILTER_XT_MATCH_LIMIT +- scripts/config -e NETFILTER_XT_MATCH_MAC +- scripts/config -e NETFILTER_XT_MATCH_MULTIPORT +- scripts/config -e NETFILTER_XT_MATCH_NFACCT +- scripts/config -e NETFILTER_XT_MATCH_OSF +- scripts/config -e NETFILTER_XT_MATCH_OWNER +- scripts/config -e NETFILTER_XT_MATCH_CGROUP +- scripts/config -e NETFILTER_XT_MATCH_PHYSDEV +- scripts/config -e NETFILTER_XT_MATCH_PKTTYPE +- scripts/config -e NETFILTER_XT_MATCH_QUOTA +- scripts/config -e NETFILTER_XT_MATCH_RATEEST +- scripts/config -e NETFILTER_XT_MATCH_REALM +- scripts/config -e NETFILTER_XT_MATCH_RECENT +- scripts/config -e NETFILTER_XT_MATCH_SCTP +- scripts/config -e NETFILTER_XT_MATCH_SOCKET +- scripts/config -e NETFILTER_XT_MATCH_STATISTIC +- scripts/config -e NETFILTER_XT_MATCH_STRING +- scripts/config -e NETFILTER_XT_MATCH_TCPMSS +- scripts/config -e NETFILTER_XT_MATCH_TIME +- scripts/config -e NETFILTER_XT_MATCH_U32 +- scripts/config -e IP_VS +- scripts/config -e BRIDGE_NETFILTER - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 0415c40d..2a3359a5 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -133,6 +133,104 @@ configure-commands: - scripts/config -e IP_SET_HASH_NETPORT - scripts/config -e IP_SET_HASH_NETIFACE - scripts/config -e IP_SET_LIST_SET +- scripts/config -e NF_CONNTRACK_TIMEOUT +- scripts/config -e NF_CONNTRACK_TIMESTAMP +- scripts/config -e NF_CONNTRACK_EVENTS +- scripts/config -e NF_CONNTRACK_LABELS +- scripts/config -e NETFILTER_NETLINK_ACCT +- scripts/config -e NETFILTER_NETLINK_QUEUE_CT +- scripts/config -e NF_CT_PROTO_DCCP +- scripts/config -e NF_CT_PROTO_GRE +- scripts/config -e NF_CT_PROTO_SCTP +- scripts/config -e NF_CT_PROTO_UDPLITE +- scripts/config -e NF_CT_NETLINK_TIMEOUT +- scripts/config -e NF_CT_NETLINK_HELPER +- scripts/config -e NF_CONNTRACK_AMANDA +- scripts/config -e NF_CONNTRACK_H323 +- scripts/config -e NF_CONNTRACK_BROADCAST +- scripts/config -e NF_CONNTRACK_NETBIOS_NS +- scripts/config -e NF_CONNTRACK_SNMP +- scripts/config -e NF_CONNTRACK_PPTP +- scripts/config -e NF_CONNTRACK_SANE +- scripts/config -e NF_CONNTRACK_TFTP +- scripts/config -e NF_LOG_COMMON +- scripts/config -e NF_NAT_PROTO_DCCP +- scripts/config -e NF_NAT_PROTO_UDPLITE +- scripts/config -e NF_NAT_PROTO_SCTP +- scripts/config -e NF_NAT_AMANDA +- scripts/config -e NF_NAT_TFTP +- scripts/config -e NF_TABLES +- scripts/config -e NF_TABLES_INET +- scripts/config -e NFT_COMPAT +- scripts/config -e NFT_EXTHDR +- scripts/config -e NFT_META +- scripts/config -e NFT_CT +- scripts/config -e NFT_LIMIT +- scripts/config -e NFT_NAT +- scripts/config -e NFT_QUEUE +- scripts/config -e NFT_REJECT +- scripts/config -e NFT_REJECT_INET +- scripts/config -e NFT_RBTREE +- scripts/config -e NFT_HASH +- scripts/config -e NFT_COUNTER +- scripts/config -e NFT_LOG +- scripts/config -e NFT_MASQ +- scripts/config -e NETFILTER_XT_CONNMARK +- scripts/config -e NETFILTER_XT_TARGET_AUDIT +- scripts/config -e NETFILTER_XT_TARGET_CHECKSUM +- scripts/config -e NETFILTER_XT_TARGET_CLASSIFY +- scripts/config -e NETFILTER_XT_TARGET_CT +- scripts/config -e NETFILTER_XT_TARGET_DSCP +- scripts/config -e NETFILTER_XT_TARGET_HMARK +- scripts/config -e NETFILTER_XT_TARGET_LED +- scripts/config -e NETFILTER_XT_TARGET_LOG +- scripts/config -e NETFILTER_XT_TARGET_NFQUEUE +- scripts/config -e NETFILTER_XT_TARGET_RATEEST +- scripts/config -e NETFILTER_XT_TARGET_TPROXY +- scripts/config -e NETFILTER_XT_TARGET_TCPOPTSTRIP +- scripts/config -e NETFILTER_XT_TARGET_TEE +- scripts/config -e NETFILTER_XT_TARGET_TRACE +- scripts/config -e NETFILTER_XT_TARGET_IDLETIMER +- scripts/config -e NETFILTER_XT_MATCH_BPF +- scripts/config -e NETFILTER_XT_MATCH_CLUSTER +- scripts/config -e NETFILTER_XT_MATCH_COMMENT +- scripts/config -e NETFILTER_XT_MATCH_CONNBYTES +- scripts/config -e NETFILTER_XT_MATCH_CONNLABEL +- scripts/config -e NETFILTER_XT_MATCH_CONNLIMIT +- scripts/config -e NETFILTER_XT_MATCH_CPU +- scripts/config -e NETFILTER_XT_MATCH_DCCP +- scripts/config -e NETFILTER_XT_MATCH_DEVGROUP +- scripts/config -e NETFILTER_XT_MATCH_DSCP +- scripts/config -e NETFILTER_XT_MATCH_ESP +- scripts/config -e NETFILTER_XT_MATCH_HASHLIMIT +- scripts/config -e NETFILTER_XT_MATCH_HELPER +- scripts/config -e NETFILTER_XT_MATCH_IPCOMP +- scripts/config -e NETFILTER_XT_MATCH_IPRANGE +- scripts/config -e NETFILTER_XT_MATCH_IPVS +- scripts/config -e NETFILTER_XT_MATCH_L2TP +- scripts/config -e NETFILTER_XT_MATCH_LENGTH +- scripts/config -e NETFILTER_XT_MATCH_LIMIT +- scripts/config -e NETFILTER_XT_MATCH_MAC +- scripts/config -e NETFILTER_XT_MATCH_MULTIPORT +- scripts/config -e NETFILTER_XT_MATCH_NFACCT +- scripts/config -e NETFILTER_XT_MATCH_OSF +- scripts/config -e NETFILTER_XT_MATCH_OWNER +- scripts/config -e NETFILTER_XT_MATCH_CGROUP +- scripts/config -e NETFILTER_XT_MATCH_PHYSDEV +- scripts/config -e NETFILTER_XT_MATCH_PKTTYPE +- scripts/config -e NETFILTER_XT_MATCH_QUOTA +- scripts/config -e NETFILTER_XT_MATCH_RATEEST +- scripts/config -e NETFILTER_XT_MATCH_REALM +- scripts/config -e NETFILTER_XT_MATCH_RECENT +- scripts/config -e NETFILTER_XT_MATCH_SCTP +- scripts/config -e NETFILTER_XT_MATCH_SOCKET +- scripts/config -e NETFILTER_XT_MATCH_STATISTIC +- scripts/config -e NETFILTER_XT_MATCH_STRING +- scripts/config -e NETFILTER_XT_MATCH_TCPMSS +- scripts/config -e NETFILTER_XT_MATCH_TIME +- scripts/config -e NETFILTER_XT_MATCH_U32 +- scripts/config -e IP_VS +- scripts/config -e BRIDGE_NETFILTER - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From 2c42a826dbe382efe31f4dc8512411809565317a Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Wed, 1 Apr 2015 08:12:59 +0000 Subject: Enable Atheros network drivers in x86 kernels Change-Id: Ib98d024f34b6dd0d821335bdf24cb59278977a17 --- strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 3 +++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 3 +++ 2 files changed, 6 insertions(+) diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 4ed79eac..7da478b5 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -65,6 +65,9 @@ configure-commands: - scripts/config -e R8169 - scripts/config -e 8139TOO - scripts/config -e 8139CP +- scripts/config -e ATL1 +- scripts/config -e ATL1C +- scripts/config -e ATL1E - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 2a3359a5..e4e028c7 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -65,6 +65,9 @@ configure-commands: - scripts/config -e R8169 - scripts/config -e 8139TOO - scripts/config -e 8139CP +- scripts/config -e ATL1 +- scripts/config -e ATL1C +- scripts/config -e ATL1E - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP -- cgit v1.2.1 From 1b303743fa241b19743c833442f06bce8a46e8cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Fri, 3 Apr 2015 18:37:51 +0100 Subject: Upgrade to latest glibc (2.21) Change-Id: I375c0af00497f8cbedb0d9759bbb64e0034582ad --- strata/armv7lhf-cross-toolchain.morph | 4 ++-- strata/build-essential.morph | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/strata/armv7lhf-cross-toolchain.morph b/strata/armv7lhf-cross-toolchain.morph index f153e0c3..ffc4a9dd 100644 --- a/strata/armv7lhf-cross-toolchain.morph +++ b/strata/armv7lhf-cross-toolchain.morph @@ -27,8 +27,8 @@ chunks: - name: armv7lhf-cross-glibc morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-glibc.morph repo: upstream:glibc - ref: 52cf9a0153c14df4f6ae3bd0e1e6cc5d171e586c - unpetrify-ref: baserock/glibc-2.20 + ref: 4e42b5b8f89f0e288e68be7ad70f9525aebc2cff + unpetrify-ref: baserock/glibc-2.21 build-depends: - armv7lhf-cross-binutils - armv7lhf-cross-gcc-nolibc diff --git a/strata/build-essential.morph b/strata/build-essential.morph index c41034bc..e2eb23a5 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -80,8 +80,8 @@ chunks: - name: stage2-glibc morph: strata/build-essential/stage2-glibc.morph repo: upstream:glibc - ref: 52cf9a0153c14df4f6ae3bd0e1e6cc5d171e586c - unpetrify-ref: baserock/glibc-2.20 + ref: 4e42b5b8f89f0e288e68be7ad70f9525aebc2cff + unpetrify-ref: glibc-2.21 build-depends: - stage1-binutils - stage1-gcc @@ -201,8 +201,8 @@ chunks: - name: stage2-reset-specs morph: strata/build-essential/stage2-reset-specs.morph repo: upstream:glibc - ref: 52cf9a0153c14df4f6ae3bd0e1e6cc5d171e586c - unpetrify-ref: baserock/glibc-2.20 + ref: 4e42b5b8f89f0e288e68be7ad70f9525aebc2cff + unpetrify-ref: glibc-2.21 build-depends: - stage1-binutils - stage1-gcc @@ -246,8 +246,8 @@ chunks: - name: glibc morph: strata/build-essential/glibc.morph repo: upstream:glibc - ref: 52cf9a0153c14df4f6ae3bd0e1e6cc5d171e586c - unpetrify-ref: baserock/glibc-2.20 + ref: 4e42b5b8f89f0e288e68be7ad70f9525aebc2cff + unpetrify-ref: glibc-2.21 build-depends: - stage2-binutils - stage2-busybox -- cgit v1.2.1 From 259184abd8315109a71541ea64f613a83ac5ede4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 6 Apr 2015 00:43:58 +0100 Subject: strata/foundation: upadte gobject-introspection to 1.44.0 Change-Id: If8d6ec4dd754255464ab6efee67489212e8c612f --- strata/foundation.morph | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index 8b7b4e4d..bfe4e1c1 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -49,7 +49,8 @@ chunks: - libffi - name: gobject-introspection repo: upstream:gobject-introspection - ref: a543d8563f8e9ca059afb7218c63496f577cd0fc + ref: c0243e116c5e261c262dded9f4d7726a770c5a19 + unpetrify-ref: GOBJECT_INTROSPECTION_1_44_0 build-depends: - glib - name: dbus-pre -- cgit v1.2.1 From 3ca9cac4fad26c0ce5c31dbaddca707e8f27fe66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 6 Apr 2015 00:55:12 +0100 Subject: strata/foundation: Upgrade dbus to latest stable (1.8.16) Change-Id: Ie01218cc9c9e40aa6f8bbfe45faff2d227a19d6e --- strata/foundation.morph | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index bfe4e1c1..02b04a40 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -56,8 +56,8 @@ chunks: - name: dbus-pre morph: strata/foundation/dbus-pre.morph repo: upstream:dbus - ref: ff01faa12daa3481d6a3d2936929c5a2a1fe6fb5 - unpetrify-ref: baserock/genivi/dbus-1.8.8 + ref: af6e170d8e040759c83b48075b9ae74cc83dd5ed + unpetrify-ref: dbus-1.8.16 build-depends: - glib - name: libgpg-error @@ -132,8 +132,8 @@ chunks: - name: dbus morph: strata/foundation/dbus.morph repo: upstream:dbus - ref: ff01faa12daa3481d6a3d2936929c5a2a1fe6fb5 - unpetrify-ref: baserock/genivi/dbus-1.8.8 + ref: af6e170d8e040759c83b48075b9ae74cc83dd5ed + unpetrify-ref: dbus-1.8.16 build-depends: - glib - systemd -- cgit v1.2.1 From 14e164bbefcb18bb6ffdbfe217bd419e522b323d Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Tue, 7 Apr 2015 14:34:50 +0100 Subject: Enable python bindings in Kmod This enables kmod python bindings required for iscsi tools. Enabling python in the kmod chunk requires cython for compiling so cython is moved to core.morph. Change-Id: Ic394d75f801efcb0be1e4ec17d9bc907f9d086a0 --- strata/core.morph | 6 ++++++ strata/foundation/kmod.morph | 2 +- strata/python-core.morph | 6 ------ 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index d36f9a1c..150e68e0 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -108,6 +108,12 @@ chunks: - sqlite3 - ncurses - readline +- name: cython + repo: upstream:cython + ref: 4dd8e762fa51d01775506fbbc102c45dbcea065d + unpetrify-ref: 0.22 + build-depends: + - cpython - name: libtool-tarball morph: strata/core/libtool-tarball.morph repo: upstream:libtool-tarball diff --git a/strata/foundation/kmod.morph b/strata/foundation/kmod.morph index 12ac8692..fdfb971f 100644 --- a/strata/foundation/kmod.morph +++ b/strata/foundation/kmod.morph @@ -6,7 +6,7 @@ configure-commands: - sed -i -e'/AC_CONFIG_FILES(\[/,/])/{/docs/d}' configure.ac - autoreconf -fiv - ./configure --prefix=/usr --bindir=/bin --libdir=/lib --sysconfdir=/etc --without-xz - --with-zlib --disable-manpages + --with-zlib --disable-manpages --enable-python build-commands: - make install-commands: diff --git a/strata/python-core.morph b/strata/python-core.morph index 481f11bf..f7ba06c1 100644 --- a/strata/python-core.morph +++ b/strata/python-core.morph @@ -36,13 +36,7 @@ chunks: unpetrify-ref: baserock/morph build-depends: - python-setuptools -- name: cython - repo: upstream:cython - ref: 4dd8e762fa51d01775506fbbc102c45dbcea065d - unpetrify-ref: 0.22 - name: python-lxml repo: upstream:python-lxml ref: 14505bc62f5f1fc9fb0ff007955f3e67ab4562bb unpetrify-ref: lxml-3.4.0 - build-depends: - - cython -- cgit v1.2.1 From 88e05d0f4291fc09e89a510c433fbf20ee6f1ae3 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Tue, 7 Apr 2015 17:09:59 +0100 Subject: Enable ISCSI kernel support Change-Id: Ia45fd5e8bc53b6b8ebe3cc35aa52cb524a992100 --- .../bsp-armv8l64-generic/linux-armv8l64-generic.morph | 17 +++++++++++++++++ strata/bsp-jetson/linux-jetson-tk1.morph | 17 +++++++++++++++++ strata/bsp-ppc64-generic/linux-ppc64.morph | 17 +++++++++++++++++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 17 +++++++++++++++++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 17 +++++++++++++++++ 5 files changed, 85 insertions(+) diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index 34b9d0d4..f69f5d2a 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -221,6 +221,23 @@ configure-commands: - scripts/config -e NETFILTER_XT_MATCH_U32 - scripts/config -e IP_VS - scripts/config -e BRIDGE_NETFILTER +- scripts/config -e CRYPTO_CRC32C +- scripts/config -e CONFIGFS_FS +- scripts/config -e EXPERT +- scripts/config -e TARGET_CORE +- scripts/config -e ISCSI_TARGET +- scripts/config -e TCM_IBLOCK +- scripts/config -e TCM_FILEIO +- scripts/config -e TCM_PSCSI +- scripts/config -e TCM_USER +- scripts/config -e CONFIG_UIO +- scripts/config -e LOOPBACK_TARGET +- scripts/config -e TCM_FC +- scripts/config -e LIBFC +- scripts/config -e SCSI_FC_ATTRS +- scripts/config -e SCSI_ISCSI_ATTRS +- scripts/config -e ISCSI_TCP +- scripts/config -e SCSI_LOWLEVEL # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 257a7796..4559f2ba 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -198,6 +198,23 @@ configure-commands: - scripts/config -e NETFILTER_XT_MATCH_U32 - scripts/config -e IP_VS - scripts/config -e BRIDGE_NETFILTER +- scripts/config -e CRYPTO_CRC32C +- scripts/config -e CONFIGFS_FS +- scripts/config -e EXPERT +- scripts/config -e TARGET_CORE +- scripts/config -e ISCSI_TARGET +- scripts/config -e TCM_IBLOCK +- scripts/config -e TCM_FILEIO +- scripts/config -e TCM_PSCSI +- scripts/config -e TCM_USER +- scripts/config -e CONFIG_UIO +- scripts/config -e LOOPBACK_TARGET +- scripts/config -e TCM_FC +- scripts/config -e LIBFC +- scripts/config -e SCSI_FC_ATTRS +- scripts/config -e SCSI_ISCSI_ATTRS +- scripts/config -e ISCSI_TCP +- scripts/config -e SCSI_LOWLEVEL - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index 7131b8da..cd68c872 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -198,6 +198,23 @@ configure-commands: - scripts/config -e NETFILTER_XT_MATCH_U32 - scripts/config -e IP_VS - scripts/config -e BRIDGE_NETFILTER +- scripts/config -e CRYPTO_CRC32C +- scripts/config -e CONFIGFS_FS +- scripts/config -e EXPERT +- scripts/config -e TARGET_CORE +- scripts/config -e ISCSI_TARGET +- scripts/config -e TCM_IBLOCK +- scripts/config -e TCM_FILEIO +- scripts/config -e TCM_PSCSI +- scripts/config -e TCM_USER +- scripts/config -e CONFIG_UIO +- scripts/config -e LOOPBACK_TARGET +- scripts/config -e TCM_FC +- scripts/config -e LIBFC +- scripts/config -e SCSI_FC_ATTRS +- scripts/config -e SCSI_ISCSI_ATTRS +- scripts/config -e ISCSI_TCP +- scripts/config -e SCSI_LOWLEVEL - yes '' | make oldconfig build-commands: - make $MAKEFLAGS ARCH=powerpc zImage diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 7da478b5..76d6e9f7 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -234,6 +234,23 @@ configure-commands: - scripts/config -e NETFILTER_XT_MATCH_U32 - scripts/config -e IP_VS - scripts/config -e BRIDGE_NETFILTER +- scripts/config -e CRYPTO_CRC32C +- scripts/config -e CONFIGFS_FS +- scripts/config -e EXPERT +- scripts/config -e TARGET_CORE +- scripts/config -e ISCSI_TARGET +- scripts/config -e TCM_IBLOCK +- scripts/config -e TCM_FILEIO +- scripts/config -e TCM_PSCSI +- scripts/config -e TCM_USER +- scripts/config -e CONFIG_UIO +- scripts/config -e LOOPBACK_TARGET +- scripts/config -e TCM_FC +- scripts/config -e LIBFC +- scripts/config -e SCSI_FC_ATTRS +- scripts/config -e SCSI_ISCSI_ATTRS +- scripts/config -e ISCSI_TCP +- scripts/config -e SCSI_LOWLEVEL - yes '' | make oldconfig build-commands: - make $MAKEFLAGS diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index e4e028c7..b323a8b7 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -234,6 +234,23 @@ configure-commands: - scripts/config -e NETFILTER_XT_MATCH_U32 - scripts/config -e IP_VS - scripts/config -e BRIDGE_NETFILTER +- scripts/config -e CRYPTO_CRC32C +- scripts/config -e CONFIGFS_FS +- scripts/config -e EXPERT +- scripts/config -e TARGET_CORE +- scripts/config -e ISCSI_TARGET +- scripts/config -e TCM_IBLOCK +- scripts/config -e TCM_FILEIO +- scripts/config -e TCM_PSCSI +- scripts/config -e TCM_USER +- scripts/config -e CONFIG_UIO +- scripts/config -e LOOPBACK_TARGET +- scripts/config -e TCM_FC +- scripts/config -e LIBFC +- scripts/config -e SCSI_FC_ATTRS +- scripts/config -e SCSI_ISCSI_ATTRS +- scripts/config -e ISCSI_TCP +- scripts/config -e SCSI_LOWLEVEL - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From 9603cfee926e5b010a16463ff765a655382585e8 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Tue, 7 Apr 2015 19:23:17 +0100 Subject: Create kmod symlinks in sbin iSCSI kernel modules and open-iscsi expect modprobe and the rest of the module kernel utils to be in /sbin. This patch create the links in /sbin instead of /bin if /sbin is not a symlink of /usr/bin; if it is a symlink it will create the links in /usr/bin. Also it installs kmod in "$PREFIX" instead of / Change-Id: I89226d0ee7956e294caa66d60101a35daeccf9a1 --- strata/foundation/kmod.morph | 48 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 9 deletions(-) diff --git a/strata/foundation/kmod.morph b/strata/foundation/kmod.morph index fdfb971f..8f158e8e 100644 --- a/strata/foundation/kmod.morph +++ b/strata/foundation/kmod.morph @@ -5,15 +5,45 @@ configure-commands: - sed -i -e'/SUBDIRS/{s/\S*doc\S*//;s/\S*man\S*//}' Makefile.am - sed -i -e'/AC_CONFIG_FILES(\[/,/])/{/docs/d}' configure.ac - autoreconf -fiv -- ./configure --prefix=/usr --bindir=/bin --libdir=/lib --sysconfdir=/etc --without-xz - --with-zlib --disable-manpages --enable-python +- | + ./configure --prefix="$PREFIX" --bindir="$PREFIX"/bin \ + --libdir="$PREFIX"/lib --sysconfdir=/etc \ + --without-xz --with-zlib \ + --disable-manpages --enable-python build-commands: - make install-commands: -- make DESTDIR="$DESTDIR" pkgconfigdir=/usr/lib/pkgconfig install -- ln -s kmod "$DESTDIR"/bin/modprobe -- ln -s kmod "$DESTDIR"/bin/lsmod -- ln -s kmod "$DESTDIR"/bin/rmmod -- ln -s kmod "$DESTDIR"/bin/insmod -- ln -s kmod "$DESTDIR"/bin/modinfo -- ln -s kmod "$DESTDIR"/bin/depmod +- make DESTDIR="$DESTDIR" pkgconfigdir="$PREFIX"/lib/pkgconfig install + +# WARNING with the following command: +# if the staging area when kmod is built is sufficiently different to the +# staging area that kmod is included in, then these symlinks may not work. +# +# i.e. if /sbin isn't a symlink when this is built (fhs-dirs isn't included or +# doesn't symlink /sbin to /usr/bin) then we get symlinks in /sbin which point +# to ../usr/bin, but if /sbin is itself a symlink to /usr/bin, then the symlinks +# would end up in /usr/bin, which would point to ../usr/bin, which would evaluate +# to /usr/usr/bin. +# +# The alternatives to this are: +# +# 1. Use hardlinks instead, which has the problem of ssh-rsync upgrades duplicating +# the binary +# +# 2. Use an absolute path for the symlink, which makes things interesting when +# inspecting a chroot +# +# 3. Use a wrapper script to invoke kmod with a different name, which isn't +# possible in busybox ash without making a temporary directory, which means +# you need an extra process to hang around to clean that directory up. +- | + if [ -h /sbin ]; then + for app in modprobe lsmod rmmod insmod modinfo depmod; do + ln -sf kmod "$DESTDIR$PREFIX/bin/$app" + done + else + install -d "$DESTDIR"/sbin + for app in modprobe lsmod rmmod insmod modinfo depmod; do + ln -sf ../"$PREFIX"/bin/kmod "$DESTDIR/sbin/$app" + done + fi -- cgit v1.2.1 From 8332443c8f62f13606569c9275c0d051fb187a71 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 8 Apr 2015 16:52:17 +0100 Subject: Move configobj to python-common In order to avoid duplicated chunk when merging Openstack branch. Change-Id: I91be6182e40569150a99fa7d28fdb2e988c50374 --- strata/cloudinit-support.morph | 5 ----- strata/python-common.morph | 4 ++++ 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/strata/cloudinit-support.morph b/strata/cloudinit-support.morph index 1c752e58..92d6f03d 100644 --- a/strata/cloudinit-support.morph +++ b/strata/cloudinit-support.morph @@ -7,10 +7,6 @@ build-depends: - morph: strata/python-common.morph - morph: strata/foundation.morph chunks: -- name: configobj - repo: upstream:configobj - ref: 935a78736e4eb43b9fafae87f5e9902328673f63 - unpetrify-ref: baserock/morph - name: python-cheetah repo: upstream:python-cheetah ref: 831aa6b99d9b4fb012ee644d8e80e0bc0eb6d6ed @@ -26,5 +22,4 @@ chunks: unpetrify-ref: baserock/morph build-depends: - boto - - configobj - python-cheetah diff --git a/strata/python-common.morph b/strata/python-common.morph index 5879febd..abe15665 100644 --- a/strata/python-common.morph +++ b/strata/python-common.morph @@ -44,3 +44,7 @@ chunks: repo: upstream:python-prettytable ref: 7a48f1e84049577370cf28632a75d2fd01e4142d unpetrify-ref: master +- name: configobj + repo: upstream:configobj + ref: 935a78736e4eb43b9fafae87f5e9902328673f63 + unpetrify-ref: baserock/morph -- cgit v1.2.1 From aa071e483b8236be742cb3c7157644d786e7834f Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 8 Apr 2015 16:57:37 +0100 Subject: Update configobj to the latest stable tag Update the repository to a maintained fork: see README.md Update the ref to the latest stable tag. Change-Id: I6a7431c1c79fd2a00e99e2db10dbbc8e2deb42d6 --- strata/python-common.morph | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/strata/python-common.morph b/strata/python-common.morph index abe15665..96d65330 100644 --- a/strata/python-common.morph +++ b/strata/python-common.morph @@ -45,6 +45,6 @@ chunks: ref: 7a48f1e84049577370cf28632a75d2fd01e4142d unpetrify-ref: master - name: configobj - repo: upstream:configobj - ref: 935a78736e4eb43b9fafae87f5e9902328673f63 - unpetrify-ref: baserock/morph + repo: upstream:configobj-git + ref: 9d2aab01c77dce600b296ba9da1163cc0bbc14e0 + unpetrify-ref: v5.0.6 -- cgit v1.2.1 From dc7b0a9627e2d5e63f30c74d694a81ca6d07e51f Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 31 Mar 2015 15:02:22 +0000 Subject: Add tcpdump to tools Change-Id: Ib8555258663cb16139efc4b3c004012c4aa054a5 --- strata/tools.morph | 12 ++++++++++++ strata/tools/libpcap.morph | 3 +++ strata/tools/tcpdump.morph | 3 +++ 3 files changed, 18 insertions(+) create mode 100644 strata/tools/libpcap.morph create mode 100644 strata/tools/tcpdump.morph diff --git a/strata/tools.morph b/strata/tools.morph index 5b3288ec..63ef39c2 100644 --- a/strata/tools.morph +++ b/strata/tools.morph @@ -73,3 +73,15 @@ chunks: unpetrify-ref: IPMITOOL_1_8_14 build-depends: - file +- name: libpcap + morph: strata/tools/libpcap.morph + repo: upstream:libpcap + ref: 098a643f817e8a9929c70dfba157e4d399398375 + unpetrify-ref: libpcap-1.7 +- name: tcpdump + morph: strata/tools/tcpdump.morph + repo: upstream:tcpdump + ref: 8aa5edea1b8846740514dee4158b6c707d38fc13 + unpetrify-ref: tcpdump-4.7 + build-depends: + - libpcap diff --git a/strata/tools/libpcap.morph b/strata/tools/libpcap.morph new file mode 100644 index 00000000..7c5ee932 --- /dev/null +++ b/strata/tools/libpcap.morph @@ -0,0 +1,3 @@ +name: libpcap +kind: chunk +build-system: autotools diff --git a/strata/tools/tcpdump.morph b/strata/tools/tcpdump.morph new file mode 100644 index 00000000..7a974dab --- /dev/null +++ b/strata/tools/tcpdump.morph @@ -0,0 +1,3 @@ +name: tcpdump +kind: chunk +build-system: autotools -- cgit v1.2.1 From afe4056e2683d55a9ef0bddaec6bad89139be0ee Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Thu, 9 Apr 2015 12:51:09 +0000 Subject: Enable Intel Ethernet drivers unconditionally in x86 bsp E1000E is not in the standard x86_64 defconfig, but it is in the i386 defconfig, and it's necessary to support commonly available hardware. Change-Id: Ia0f97ffaba190901bd1ae563690b6ebc9d108e66 --- strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 3 +++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 3 +++ 2 files changed, 6 insertions(+) diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 76d6e9f7..9b39d185 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -68,6 +68,9 @@ configure-commands: - scripts/config -e ATL1 - scripts/config -e ATL1C - scripts/config -e ATL1E +- scripts/config -e E100 +- scripts/config -e E1000 +- scripts/config -e E1000E - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index b323a8b7..5a9380b9 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -68,6 +68,9 @@ configure-commands: - scripts/config -e ATL1 - scripts/config -e ATL1C - scripts/config -e ATL1E +- scripts/config -e E100 +- scripts/config -e E1000 +- scripts/config -e E1000E - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP -- cgit v1.2.1 From df5dcd55aa0e0691dfb9cb8793a13298e6157474 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Thu, 9 Apr 2015 14:39:09 +0000 Subject: Add parted to tools It is required for Ironic. Change-Id: Ie5297598201479f7dff182de3a1d39bcd61bd6cb --- strata/tools.morph | 5 +++++ strata/tools/parted.morph | 10 ++++++++++ 2 files changed, 15 insertions(+) create mode 100644 strata/tools/parted.morph diff --git a/strata/tools.morph b/strata/tools.morph index 63ef39c2..e6449631 100644 --- a/strata/tools.morph +++ b/strata/tools.morph @@ -85,3 +85,8 @@ chunks: unpetrify-ref: tcpdump-4.7 build-depends: - libpcap +- name: parted + morph: strata/tools/parted.morph + repo: upstream:parted + ref: 0477d5ac971681b36cb2d2a97d1de8afd2a696d3 + unpetrify-ref: baserock/v3.2 diff --git a/strata/tools/parted.morph b/strata/tools/parted.morph new file mode 100644 index 00000000..d99c73cd --- /dev/null +++ b/strata/tools/parted.morph @@ -0,0 +1,10 @@ +name: parted +kind: chunk +build-system: autotools +pre-configure-commands: +- ./bootstrap --skip-po --no-git --gnulib-srcdir=gnulib +configure-commands: +# Disable device-mapper as it is not installed on Baserock +- ./configure --prefix="$PREFIX" --disable-device-mapper +build-commands: +- make WERROR_CFLAGS="" -- cgit v1.2.1 From c433876ad2f8c85247a4ef6a8c53207980765037 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 9 Apr 2015 17:06:42 +0100 Subject: Add ebtables as build-dependency of libvirt libvirt set the path of ebtables to /sbin during configuration time if they are not present on the system: AC_PATH_PROG([EBTABLES_PATH], [ebtables], /sbin/ebtables, [/usr/sbin:$PATH]) AC_DEFINE_UNQUOTED([EBTABLES_PATH], "$EBTABLES_PATH", [path to ebtables binary]) So adding ebtables as a build dependency will set correctly the ebtlabes binary path. Change-Id: I97c3dbbc9cffd86113248ce0d39251068a6cc78c --- strata/virtualization.morph | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/strata/virtualization.morph b/strata/virtualization.morph index 54e15727..203cfae3 100644 --- a/strata/virtualization.morph +++ b/strata/virtualization.morph @@ -45,6 +45,11 @@ chunks: repo: upstream:dmidecode ref: 47a0aa5d6696a83922ee70279b7253a4e55947d5 unpetrify-ref: master +- name: ebtables + morph: strata/virtualization/ebtables.morph + repo: upstream:ebtables + ref: f4bdc80ae8c1a79b4ab5dcb8431ad85aea618d66 + unpetrify-ref: master - name: libvirt morph: strata/virtualization/libvirt.morph repo: upstream:libvirt @@ -57,6 +62,7 @@ chunks: - xml-catalog - yajl - dmidecode + - ebtables - name: pycurl repo: upstream:pycurl ref: 5ca370827d88817eeca3c56cbb37e4ddccc16c6e @@ -107,11 +113,6 @@ chunks: build-depends: - libvirt-python - libosinfo -- name: ebtables - morph: strata/virtualization/ebtables.morph - repo: upstream:ebtables - ref: f4bdc80ae8c1a79b4ab5dcb8431ad85aea618d66 - unpetrify-ref: master - name: openvswitch morph: strata/virtualization/openvswitch.morph repo: upstream:openvswitch -- cgit v1.2.1 From 54a2d1e21a65a4fada799a7d903c50d61c195e32 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Fri, 10 Apr 2015 09:59:54 +0100 Subject: Remove not required cloud-init support from base systems This patch fixes base-system-x86_{32,64}-generic which were broken since some chunks from cloudinit-support stratum were moved to python-core and python-common. It was decided in IRC that base-systems are not going to support cloud-init (see http://irclogs.baserock.org/ 10-04-2015) leaving the systems minimal. Change-Id: I55fe5cf2a8d46dcbc1bbfc39534f99001b4fc564 --- systems/base-system-x86_32-generic.morph | 3 --- systems/base-system-x86_64-generic.morph | 3 --- 2 files changed, 6 deletions(-) diff --git a/systems/base-system-x86_32-generic.morph b/systems/base-system-x86_32-generic.morph index 40e62cad..612778d7 100644 --- a/systems/base-system-x86_32-generic.morph +++ b/systems/base-system-x86_32-generic.morph @@ -11,11 +11,8 @@ strata: morph: strata/foundation.morph - name: bsp-x86_32-generic morph: strata/bsp-x86_32-generic.morph -- name: cloudinit-support - morph: strata/cloudinit-support.morph configuration-extensions: - set-hostname - add-config-files - nfsboot - install-files -- cloud-init diff --git a/systems/base-system-x86_64-generic.morph b/systems/base-system-x86_64-generic.morph index a3346a44..bd331817 100644 --- a/systems/base-system-x86_64-generic.morph +++ b/systems/base-system-x86_64-generic.morph @@ -12,11 +12,8 @@ strata: morph: strata/foundation.morph - name: bsp-x86_64-generic morph: strata/bsp-x86_64-generic.morph -- name: cloudinit-support - morph: strata/cloudinit-support.morph configuration-extensions: - set-hostname - add-config-files - nfsboot - install-files -- cloud-init -- cgit v1.2.1 From 4171a9255bc913cff40a177daf7611c06d735754 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Wed, 1 Apr 2015 14:39:24 +0000 Subject: Add configuration for swift storage nodes Change-Id: Iad40b665edff7a3605b6600dafbcf67831e4290a --- clusters/example-swift-storage-cluster.morph | 60 +++++ hosts | 1 + swift-build-rings.yml | 34 +++ swift-storage-devices-validate.py | 60 +++++ swift-storage.configure | 105 ++++++++ swift/manifest | 13 + .../lib/systemd/system/swift-storage-setup.service | 11 + swift/usr/lib/systemd/system/swift-storage.service | 12 + swift/usr/share/swift/etc/rsyncd.j2 | 23 ++ swift/usr/share/swift/etc/swift/account-server.j2 | 192 ++++++++++++++ .../usr/share/swift/etc/swift/container-server.j2 | 203 +++++++++++++++ swift/usr/share/swift/etc/swift/object-server.j2 | 283 +++++++++++++++++++++ swift/usr/share/swift/etc/swift/swift.j2 | 118 +++++++++ swift/usr/share/swift/hosts | 1 + swift/usr/share/swift/swift-storage.yml | 24 ++ 15 files changed, 1140 insertions(+) create mode 100644 clusters/example-swift-storage-cluster.morph create mode 100644 hosts create mode 100644 swift-build-rings.yml create mode 100755 swift-storage-devices-validate.py create mode 100644 swift-storage.configure create mode 100644 swift/manifest create mode 100644 swift/usr/lib/systemd/system/swift-storage-setup.service create mode 100644 swift/usr/lib/systemd/system/swift-storage.service create mode 100644 swift/usr/share/swift/etc/rsyncd.j2 create mode 100644 swift/usr/share/swift/etc/swift/account-server.j2 create mode 100644 swift/usr/share/swift/etc/swift/container-server.j2 create mode 100644 swift/usr/share/swift/etc/swift/object-server.j2 create mode 100644 swift/usr/share/swift/etc/swift/swift.j2 create mode 100644 swift/usr/share/swift/hosts create mode 100644 swift/usr/share/swift/swift-storage.yml diff --git a/clusters/example-swift-storage-cluster.morph b/clusters/example-swift-storage-cluster.morph new file mode 100644 index 00000000..2f8dcaeb --- /dev/null +++ b/clusters/example-swift-storage-cluster.morph @@ -0,0 +1,60 @@ +name: example-swift-storage-cluster +kind: cluster +systems: +- morph: systems/devel-system-x86_64-generic.morph + deploy-defaults: + INSTALL_FILES: swift/manifest + + SWIFT_PART_POWER: 10 + SWIFT_REPLICAS: 3 + SWIFT_MIN_PART_HOURS: 1 + + SWIFT_STORAGE_DEVICES: [{ ip: , device: sdb, weight: 100 }, + { ip: , device: sdc, weight: 100 }, + { ip: , device: sdd, weight: 100 }, + + { ip: , device: sdb, weight: 100 }, + { ip: , device: sdc, weight: 100 }, + { ip: , device: sdd, weight: 100 }] + + # This value can be any random string or number + # but each node in your swift cluster must have the same value + SWIFT_REBALANCE_SEED: 3828 + + # NOTE: Replace SWIFT_HASH_PATH_PREFIX and SWIFT_HASH_PATH_SUFFIX + # with your own unique values, + # + # `openssl rand -hex 10' can be used to generate unique values + # + # These values should be kept secret, do not lose them. + # + SWIFT_HASH_PATH_PREFIX: 041fc210e4e1d333ce1d + SWIFT_HASH_PATH_SUFFIX: 4d6f5362a356dda7fb7d + + FSTAB_SDB: /dev/sdb /srv/node/sdb xfs defaults,user,rw 0 0 + FSTAB_SDC: /dev/sdc /srv/node/sdc xfs defaults,user,rw 0 0 + FSTAB_SDD: /dev/sdd /srv/node/sdd xfs defaults,user,rw 0 0 + + deploy: + node0: + type: kvm + location: kvm+ssh://user@host/swift-storage-0/home/user/swift-storage-0.img + DISK_SIZE: 10G + RAM_SIZE: 1G + VCPUS: 1 + HOSTNAME: swift-storage-0 + NIC_CONFIG: network=default + NETWORK_CONFIG: ens3:static,address=,netmask=255.255.255.0 + MANAGEMENT_INTERFACE_IP_ADDRESS: + ATTACH_DISKS: /dev/node0_sdb:/dev/node0_sdc:/dev/node0_sdd + node1: + type: kvm + location: kvm+ssh://user@host/swift-storage-1/home/user/swift-storage-1.img + DISK_SIZE: 10G + RAM_SIZE: 1G + VCPUS: 1 + HOSTNAME: swift-storage-1 + NIC_CONFIG: network=default + NETWORK_CONFIG: ens3:static,address=,netmask=255.255.255.0 + MANAGEMENT_INTERFACE_IP_ADDRESS: + ATTACH_DISKS: /dev/node1_sdb:/dev/node1_sdc:/dev/node1_sdd diff --git a/hosts b/hosts new file mode 100644 index 00000000..5b97818d --- /dev/null +++ b/hosts @@ -0,0 +1 @@ +localhost ansible_connection=local diff --git a/swift-build-rings.yml b/swift-build-rings.yml new file mode 100644 index 00000000..1ffe9c37 --- /dev/null +++ b/swift-build-rings.yml @@ -0,0 +1,34 @@ +--- +- hosts: localhost + vars: + - rings: + - { name: account, port: 6002 } + - { name: container, port: 6001 } + - { name: object, port: 6000 } + remote_user: root + tasks: + - file: path={{ ansible_env.ROOT }}/etc/swift owner=root group=root state=directory + + - name: Create ring + shell: swift-ring-builder {{ item.name }}.builder create {{ ansible_env.SWIFT_PART_POWER }} + {{ ansible_env.SWIFT_REPLICAS }} {{ ansible_env.SWIFT_MIN_PART_HOURS }} + with_items: rings + + - name: Add each storage node to the ring + shell: swift-ring-builder {{ item[0].name }}.builder + add r1z1-{{ item[1].ip }}:{{ item[0].port }}/{{ item[1].device }} {{ item[1].weight }} + with_nested: + - rings + - ansible_env.SWIFT_STORAGE_DEVICES + + - name: Rebalance the ring + shell: swift-ring-builder {{ item.name }}.builder rebalance {{ ansible_env.SWIFT_REBALANCE_SEED }} + with_items: rings + + - name: Copy ring configuration files into place + copy: src={{ item.name }}.ring.gz dest={{ ansible_env.ROOT }}/etc/swift + with_items: rings + + - name: Copy ring builder files into place + copy: src={{ item.name }}.builder dest={{ ansible_env.ROOT }}/etc/swift + with_items: rings diff --git a/swift-storage-devices-validate.py b/swift-storage-devices-validate.py new file mode 100755 index 00000000..57ab23d0 --- /dev/null +++ b/swift-storage-devices-validate.py @@ -0,0 +1,60 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# +# Copyright © 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# This is used by the openstack-swift.configure extension +# to validate any provided storage device specifiers +# under SWIFT_STORAGE_DEVICES +# + + +''' + This is used by the swift-storage.configure extension + to validate any storage device specifiers specified + in the SWIFT_STORAGE_DEVICES environment variable +''' + +from __future__ import print_function + +import yaml +import sys + +EXAMPLE_DEVSPEC = '{device: sdb1, ip: 127.0.0.1, weight: 100}' +REQUIRED_KEYS = ['ip', 'device', 'weight'] + +def err(msg): + print(msg, file=sys.stderr) + sys.exit(1) + +if len(sys.argv) != 2: + err('usage: %s STRING_TO_BE_VALIDATED' % sys.argv[0]) + +swift_storage_devices = yaml.load(sys.argv[1]) + +if not isinstance(swift_storage_devices, list): + err('Expected list of device specifiers\n' + 'Example: [%s]' % EXAMPLE_DEVSPEC) + +for d in swift_storage_devices: + if not isinstance(d, dict): + err("Invalid device specifier: `%s'\n" + 'Device specifier must be a dictionary\n' + 'Example: %s' % (d, EXAMPLE_DEVSPEC)) + + if set(d.keys()) != set(REQUIRED_KEYS): + err("Invalid device specifier: `%s'\n" + 'Specifier should contain: %s\n' + 'Example: %s' % (d, str(REQUIRED_KEYS)[1:-1], EXAMPLE_DEVSPEC)) diff --git a/swift-storage.configure b/swift-storage.configure new file mode 100644 index 00000000..182e0329 --- /dev/null +++ b/swift-storage.configure @@ -0,0 +1,105 @@ +#!/bin/bash +# +# Copyright © 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +# The ansible script needs to know where the rootfs is, so we export it here +export ROOT="$1" + +validate_number() { + local name="$1" + local value="$2" + + local pattern='^[0-9]+$' + if ! [[ $value =~ $pattern ]] + then + echo "'$name' must be a number" >&2 + exit 1 + fi +} + +validate_non_empty() { + local name="$1" + local value="$2" + + if [[ $value = None ]] + then + echo "'$name' cannot be empty" >&2 + exit 1 + fi +} + +MANDATORY_OPTIONS="SWIFT_HASH_PATH_PREFIX \ + SWIFT_HASH_PATH_SUFFIX \ + SWIFT_REBALANCE_SEED \ + SWIFT_PART_POWER \ + SWIFT_REPLICAS \ + SWIFT_MIN_PART_HOURS \ + SWIFT_STORAGE_DEVICES \ + MANAGEMENT_INTERFACE_IP_ADDRESS" + +for option in $MANDATORY_OPTIONS +do + if ! [[ -v $option ]] + then + missing_option=True + echo "Required option $option isn't set!" >&2 + fi +done + +if [[ $missing_option = True ]]; then exit 1; fi + +./swift-storage-devices-validate.py "$SWIFT_STORAGE_DEVICES" + +# Validate SWIFT_PART_POWER, SWIFT_REPLICAS, SWIFT_MIN_PART_HOURS +# just make sure they're numbers + +validate_number "SWIFT_PART_POWER" "$SWIFT_PART_POWER" +validate_number "SWIFT_REPLICAS" "$SWIFT_REPLICAS" +validate_number "SWIFT_MIN_PART_HOURS" "$SWIFT_MIN_PART_HOURS" + +# Make sure these aren't empty +validate_non_empty "SWIFT_HASH_PATH_PREFIX" "$SWIFT_HASH_PATH_PREFIX" +validate_non_empty "SWIFT_HASH_PATH_SUFFIX" "$SWIFT_HASH_PATH_SUFFIX" +validate_non_empty "SWIFT_REBALANCE_SEED" "$SWIFT_REBALANCE_SEED" +validate_non_empty "MANAGEMENT_INTERFACE_IP_ADDRESS" "$MANAGEMENT_INTERFACE_IP_ADDRESS" + +mkdir -p "$ROOT/usr/lib/systemd/system/multi-user.target.wants" # ensure this exists before we make symlinks + +# A swift controller needs the storage setup service +# but does not want any of the other storage services enabled +ln -s "/usr/lib/systemd/system/swift-storage-setup.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/swift-storage-setup.service" + +SWIFT_CONTROLLER=${SWIFT_CONTROLLER:-False} + +if [[ $SWIFT_CONTROLLER = False ]] +then + ln -s "/usr/lib/systemd/system/rsync.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/rsync.service" + ln -s "/usr/lib/systemd/system/swift-storage.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/swift-storage.service" +fi + +# Build swift data structures (the rings) +/usr/bin/ansible-playbook -i hosts swift-build-rings.yml + +cat << EOF > "$ROOT"/usr/share/swift/swift-storage-vars.yml +--- +MANAGEMENT_INTERFACE_IP_ADDRESS: $MANAGEMENT_INTERFACE_IP_ADDRESS +SWIFT_HASH_PATH_PREFIX: $SWIFT_HASH_PATH_PREFIX +SWIFT_HASH_PATH_SUFFIX: $SWIFT_HASH_PATH_SUFFIX +EOF diff --git a/swift/manifest b/swift/manifest new file mode 100644 index 00000000..6c1e2383 --- /dev/null +++ b/swift/manifest @@ -0,0 +1,13 @@ +0040755 0 0 /usr/share +0040755 0 0 /usr/share/swift +0100644 0 0 /usr/share/swift/hosts +0100644 0 0 /usr/share/swift/swift-storage.yml +0040755 0 0 /usr/share/swift/etc +0040755 0 0 /usr/share/swift/etc/swift +0100644 0 0 /usr/share/swift/etc/swift/account-server.j2 +0100644 0 0 /usr/share/swift/etc/swift/swift.j2 +0100644 0 0 /usr/share/swift/etc/swift/object-server.j2 +0100644 0 0 /usr/share/swift/etc/swift/container-server.j2 +0100644 0 0 /usr/share/swift/etc/rsyncd.j2 +0100644 0 0 /usr/lib/systemd/system/swift-storage-setup.service +0100644 0 0 /usr/lib/systemd/system/swift-storage.service diff --git a/swift/usr/lib/systemd/system/swift-storage-setup.service b/swift/usr/lib/systemd/system/swift-storage-setup.service new file mode 100644 index 00000000..e284fbed --- /dev/null +++ b/swift/usr/lib/systemd/system/swift-storage-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run openstack-swift-storage-setup (once) +After=local-fs.target postgres-server.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/swift/hosts /usr/share/swift/swift-storage.yml +Restart=no + +[Install] +WantedBy=multi-user.target diff --git a/swift/usr/lib/systemd/system/swift-storage.service b/swift/usr/lib/systemd/system/swift-storage.service new file mode 100644 index 00000000..dc41d3bc --- /dev/null +++ b/swift/usr/lib/systemd/system/swift-storage.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Swift Storage +After=syslog.target network.target swift-storage-setup.service + +[Service] +Type=forking +Restart=on-failure +ExecStart=/usr/bin/swift-init all start +ExecStop=/usr/bin/swift-init all stop + +[Install] +WantedBy=multi-user.target diff --git a/swift/usr/share/swift/etc/rsyncd.j2 b/swift/usr/share/swift/etc/rsyncd.j2 new file mode 100644 index 00000000..c0657665 --- /dev/null +++ b/swift/usr/share/swift/etc/rsyncd.j2 @@ -0,0 +1,23 @@ +uid = swift +gid = swift +log file = /var/log/rsyncd.log +pid file = /var/run/rsyncd.pid +address = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} + +[account] +max connections = 2 +path = /srv/node/ +read only = false +lock file = /var/lock/account.lock + +[container] +max connections = 2 +path = /srv/node/ +read only = false +lock file = /var/lock/container.lock + +[object] +max connections = 2 +path = /srv/node/ +read only = false +lock file = /var/lock/object.lock diff --git a/swift/usr/share/swift/etc/swift/account-server.j2 b/swift/usr/share/swift/etc/swift/account-server.j2 new file mode 100644 index 00000000..d977e295 --- /dev/null +++ b/swift/usr/share/swift/etc/swift/account-server.j2 @@ -0,0 +1,192 @@ +[DEFAULT] +# bind_ip = 0.0.0.0 +bind_ip = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} +bind_port = 6002 +# bind_timeout = 30 +# backlog = 4096 +user = swift +swift_dir = /etc/swift +devices = /srv/node +# mount_check = true +# disable_fallocate = false +# +# Use an integer to override the number of pre-forked processes that will +# accept connections. +# workers = auto +# +# Maximum concurrent requests per worker +# max_clients = 1024 +# +# You can specify default log routing here if you want: +# log_name = swift +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# The following caps the length of log lines to the value given; no limit if +# set to 0, the default. +# log_max_line_length = 0 +# +# comma separated list of functions to call to setup custom log handlers. +# functions get passed: conf, name, log_to_console, log_route, fmt, logger, +# adapted_logger +# log_custom_handlers = +# +# If set, log_udp_host will override log_address +# log_udp_host = +# log_udp_port = 514 +# +# You can enable StatsD logging here: +# log_statsd_host = localhost +# log_statsd_port = 8125 +# log_statsd_default_sample_rate = 1.0 +# log_statsd_sample_rate_factor = 1.0 +# log_statsd_metric_prefix = +# +# If you don't mind the extra disk space usage in overhead, you can turn this +# on to preallocate disk space with SQLite databases to decrease fragmentation. +# db_preallocation = off +# +# eventlet_debug = false +# +# You can set fallocate_reserve to the number of bytes you'd like fallocate to +# reserve, whether there is space for the given file size or not. +# fallocate_reserve = 0 + +[pipeline:main] +pipeline = healthcheck recon account-server + +[app:account-server] +use = egg:swift#account +# You can override the default log routing for this app here: +# set log_name = account-server +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_requests = true +# set log_address = /dev/log +# +# auto_create_account_prefix = . +# +# Configure parameter for creating specific server +# To handle all verbs, including replication verbs, do not specify +# "replication_server" (this is the default). To only handle replication, +# set to a True value (e.g. "True" or "1"). To handle only non-replication +# verbs, set to "False". Unless you have a separate replication network, you +# should not specify any value for "replication_server". +# replication_server = false + +[filter:healthcheck] +use = egg:swift#healthcheck +# An optional filesystem path, which if present, will cause the healthcheck +# URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE" +# disable_path = + +[filter:recon] +use = egg:swift#recon +recon_cache_path = /var/cache/swift + +[account-replicator] +# You can override the default log routing for this app here (don't use set!): +# log_name = account-replicator +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# vm_test_mode = no +# per_diff = 1000 +# max_diffs = 100 +# concurrency = 8 +# interval = 30 +# +# How long without an error before a node's error count is reset. This will +# also be how long before a node is reenabled after suppression is triggered. +# error_suppression_interval = 60 +# +# How many errors can accumulate before a node is temporarily ignored. +# error_suppression_limit = 10 +# +# node_timeout = 10 +# conn_timeout = 0.5 +# +# The replicator also performs reclamation +# reclaim_age = 604800 +# +# Time in seconds to wait between replication passes +# Note: if the parameter 'interval' is defined then it will be used in place +# of run_pause. +# run_pause = 30 +# +# recon_cache_path = /var/cache/swift + +[account-auditor] +# You can override the default log routing for this app here (don't use set!): +# log_name = account-auditor +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# Will audit each account at most once per interval +# interval = 1800 +# +# log_facility = LOG_LOCAL0 +# log_level = INFO +# accounts_per_second = 200 +# recon_cache_path = /var/cache/swift + +[account-reaper] +# You can override the default log routing for this app here (don't use set!): +# log_name = account-reaper +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# concurrency = 25 +# interval = 3600 +# node_timeout = 10 +# conn_timeout = 0.5 +# +# Normally, the reaper begins deleting account information for deleted accounts +# immediately; you can set this to delay its work however. The value is in +# seconds; 2592000 = 30 days for example. +# delay_reaping = 0 +# +# If the account fails to be be reaped due to a persistent error, the +# account reaper will log a message such as: +# Account has not been reaped since +# You can search logs for this message if space is not being reclaimed +# after you delete account(s). +# Default is 2592000 seconds (30 days). This is in addition to any time +# requested by delay_reaping. +# reap_warn_after = 2592000 + +# Note: Put it at the beginning of the pipeline to profile all middleware. But +# it is safer to put this after healthcheck. +[filter:xprofile] +use = egg:swift#xprofile +# This option enable you to switch profilers which should inherit from python +# standard profiler. Currently the supported value can be 'cProfile', +# 'eventlet.green.profile' etc. +# profile_module = eventlet.green.profile +# +# This prefix will be used to combine process ID and timestamp to name the +# profile data file. Make sure the executing user has permission to write +# into this path (missing path segments will be created, if necessary). +# If you enable profiling in more than one type of daemon, you must override +# it with an unique value like: /var/log/swift/profile/account.profile +# log_filename_prefix = /tmp/log/swift/profile/default.profile +# +# the profile data will be dumped to local disk based on above naming rule +# in this interval. +# dump_interval = 5.0 +# +# Be careful, this option will enable profiler to dump data into the file with +# time stamp which means there will be lots of files piled up in the directory. +# dump_timestamp = false +# +# This is the path of the URL to access the mini web UI. +# path = /__profile__ +# +# Clear the data when the wsgi server shutdown. +# flush_at_shutdown = false +# +# unwind the iterator of applications +# unwind = false diff --git a/swift/usr/share/swift/etc/swift/container-server.j2 b/swift/usr/share/swift/etc/swift/container-server.j2 new file mode 100644 index 00000000..d226d016 --- /dev/null +++ b/swift/usr/share/swift/etc/swift/container-server.j2 @@ -0,0 +1,203 @@ +[DEFAULT] +# bind_ip = 0.0.0.0 +bind_ip = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} +bind_port = 6001 +# bind_timeout = 30 +# backlog = 4096 +user = swift +swift_dir = /etc/swift +devices = /srv/node +# mount_check = true +# disable_fallocate = false +# +# Use an integer to override the number of pre-forked processes that will +# accept connections. +# workers = auto +# +# Maximum concurrent requests per worker +# max_clients = 1024 +# +# This is a comma separated list of hosts allowed in the X-Container-Sync-To +# field for containers. This is the old-style of using container sync. It is +# strongly recommended to use the new style of a separate +# container-sync-realms.conf -- see container-sync-realms.conf-sample +# allowed_sync_hosts = 127.0.0.1 +# +# You can specify default log routing here if you want: +# log_name = swift +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# The following caps the length of log lines to the value given; no limit if +# set to 0, the default. +# log_max_line_length = 0 +# +# comma separated list of functions to call to setup custom log handlers. +# functions get passed: conf, name, log_to_console, log_route, fmt, logger, +# adapted_logger +# log_custom_handlers = +# +# If set, log_udp_host will override log_address +# log_udp_host = +# log_udp_port = 514 +# +# You can enable StatsD logging here: +# log_statsd_host = localhost +# log_statsd_port = 8125 +# log_statsd_default_sample_rate = 1.0 +# log_statsd_sample_rate_factor = 1.0 +# log_statsd_metric_prefix = +# +# If you don't mind the extra disk space usage in overhead, you can turn this +# on to preallocate disk space with SQLite databases to decrease fragmentation. +# db_preallocation = off +# +# eventlet_debug = false +# +# You can set fallocate_reserve to the number of bytes you'd like fallocate to +# reserve, whether there is space for the given file size or not. +# fallocate_reserve = 0 + +[pipeline:main] +pipeline = healthcheck recon container-server + +[app:container-server] +use = egg:swift#container +# You can override the default log routing for this app here: +# set log_name = container-server +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_requests = true +# set log_address = /dev/log +# +# node_timeout = 3 +# conn_timeout = 0.5 +# allow_versions = false +# auto_create_account_prefix = . +# +# Configure parameter for creating specific server +# To handle all verbs, including replication verbs, do not specify +# "replication_server" (this is the default). To only handle replication, +# set to a True value (e.g. "True" or "1"). To handle only non-replication +# verbs, set to "False". Unless you have a separate replication network, you +# should not specify any value for "replication_server". +# replication_server = false + +[filter:healthcheck] +use = egg:swift#healthcheck +# An optional filesystem path, which if present, will cause the healthcheck +# URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE" +# disable_path = + +[filter:recon] +use = egg:swift#recon +recon_cache_path = /var/cache/swift + +[container-replicator] +# You can override the default log routing for this app here (don't use set!): +# log_name = container-replicator +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# vm_test_mode = no +# per_diff = 1000 +# max_diffs = 100 +# concurrency = 8 +# interval = 30 +# node_timeout = 10 +# conn_timeout = 0.5 +# +# The replicator also performs reclamation +# reclaim_age = 604800 +# +# Time in seconds to wait between replication passes +# Note: if the parameter 'interval' is defined then it will be used in place +# of run_pause. +# run_pause = 30 +# +# recon_cache_path = /var/cache/swift + +[container-updater] +# You can override the default log routing for this app here (don't use set!): +# log_name = container-updater +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# interval = 300 +# concurrency = 4 +# node_timeout = 3 +# conn_timeout = 0.5 +# +# slowdown will sleep that amount between containers +# slowdown = 0.01 +# +# Seconds to suppress updating an account that has generated an error +# account_suppression_time = 60 +# +# recon_cache_path = /var/cache/swift + +[container-auditor] +# You can override the default log routing for this app here (don't use set!): +# log_name = container-auditor +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# Will audit each container at most once per interval +# interval = 1800 +# +# containers_per_second = 200 +# recon_cache_path = /var/cache/swift + +[container-sync] +# You can override the default log routing for this app here (don't use set!): +# log_name = container-sync +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# If you need to use an HTTP Proxy, set it here; defaults to no proxy. +# You can also set this to a comma separated list of HTTP Proxies and they will +# be randomly used (simple load balancing). +# sync_proxy = http://10.1.1.1:8888,http://10.1.1.2:8888 +# +# Will sync each container at most once per interval +# interval = 300 +# +# Maximum amount of time to spend syncing each container per pass +# container_time = 60 + +# Note: Put it at the beginning of the pipeline to profile all middleware. But +# it is safer to put this after healthcheck. +[filter:xprofile] +use = egg:swift#xprofile +# This option enable you to switch profilers which should inherit from python +# standard profiler. Currently the supported value can be 'cProfile', +# 'eventlet.green.profile' etc. +# profile_module = eventlet.green.profile +# +# This prefix will be used to combine process ID and timestamp to name the +# profile data file. Make sure the executing user has permission to write +# into this path (missing path segments will be created, if necessary). +# If you enable profiling in more than one type of daemon, you must override +# it with an unique value like: /var/log/swift/profile/container.profile +# log_filename_prefix = /tmp/log/swift/profile/default.profile +# +# the profile data will be dumped to local disk based on above naming rule +# in this interval. +# dump_interval = 5.0 +# +# Be careful, this option will enable profiler to dump data into the file with +# time stamp which means there will be lots of files piled up in the directory. +# dump_timestamp = false +# +# This is the path of the URL to access the mini web UI. +# path = /__profile__ +# +# Clear the data when the wsgi server shutdown. +# flush_at_shutdown = false +# +# unwind the iterator of applications +# unwind = false diff --git a/swift/usr/share/swift/etc/swift/object-server.j2 b/swift/usr/share/swift/etc/swift/object-server.j2 new file mode 100644 index 00000000..66990be9 --- /dev/null +++ b/swift/usr/share/swift/etc/swift/object-server.j2 @@ -0,0 +1,283 @@ +[DEFAULT] +# bind_ip = 0.0.0.0 +bind_ip = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} +bind_port = 6000 +# bind_timeout = 30 +# backlog = 4096 +user = swift +swift_dir = /etc/swift +devices = /srv/node +# mount_check = true +# disable_fallocate = false +# expiring_objects_container_divisor = 86400 +# expiring_objects_account_name = expiring_objects +# +# Use an integer to override the number of pre-forked processes that will +# accept connections. +# workers = auto +# +# Maximum concurrent requests per worker +# max_clients = 1024 +# +# You can specify default log routing here if you want: +# log_name = swift +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# The following caps the length of log lines to the value given; no limit if +# set to 0, the default. +# log_max_line_length = 0 +# +# comma separated list of functions to call to setup custom log handlers. +# functions get passed: conf, name, log_to_console, log_route, fmt, logger, +# adapted_logger +# log_custom_handlers = +# +# If set, log_udp_host will override log_address +# log_udp_host = +# log_udp_port = 514 +# +# You can enable StatsD logging here: +# log_statsd_host = localhost +# log_statsd_port = 8125 +# log_statsd_default_sample_rate = 1.0 +# log_statsd_sample_rate_factor = 1.0 +# log_statsd_metric_prefix = +# +# eventlet_debug = false +# +# You can set fallocate_reserve to the number of bytes you'd like fallocate to +# reserve, whether there is space for the given file size or not. +# fallocate_reserve = 0 +# +# Time to wait while attempting to connect to another backend node. +# conn_timeout = 0.5 +# Time to wait while sending each chunk of data to another backend node. +# node_timeout = 3 +# Time to wait while receiving each chunk of data from a client or another +# backend node. +# client_timeout = 60 +# +# network_chunk_size = 65536 +# disk_chunk_size = 65536 + +[pipeline:main] +pipeline = healthcheck recon object-server + +[app:object-server] +use = egg:swift#object +# You can override the default log routing for this app here: +# set log_name = object-server +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_requests = true +# set log_address = /dev/log +# +# max_upload_time = 86400 +# slow = 0 +# +# Objects smaller than this are not evicted from the buffercache once read +# keep_cache_size = 5424880 +# +# If true, objects for authenticated GET requests may be kept in buffer cache +# if small enough +# keep_cache_private = false +# +# on PUTs, sync data every n MB +# mb_per_sync = 512 +# +# Comma separated list of headers that can be set in metadata on an object. +# This list is in addition to X-Object-Meta-* headers and cannot include +# Content-Type, etag, Content-Length, or deleted +# allowed_headers = Content-Disposition, Content-Encoding, X-Delete-At, X-Object-Manifest, X-Static-Large-Object +# +# auto_create_account_prefix = . +# +# A value of 0 means "don't use thread pools". A reasonable starting point is +# 4. +# threads_per_disk = 0 +# +# Configure parameter for creating specific server +# To handle all verbs, including replication verbs, do not specify +# "replication_server" (this is the default). To only handle replication, +# set to a True value (e.g. "True" or "1"). To handle only non-replication +# verbs, set to "False". Unless you have a separate replication network, you +# should not specify any value for "replication_server". +# replication_server = false +# +# Set to restrict the number of concurrent incoming REPLICATION requests +# Set to 0 for unlimited +# Note that REPLICATION is currently an ssync only item +# replication_concurrency = 4 +# +# Restricts incoming REPLICATION requests to one per device, +# replication_currency above allowing. This can help control I/O to each +# device, but you may wish to set this to False to allow multiple REPLICATION +# requests (up to the above replication_concurrency setting) per device. +# replication_one_per_device = True +# +# Number of seconds to wait for an existing replication device lock before +# giving up. +# replication_lock_timeout = 15 +# +# These next two settings control when the REPLICATION subrequest handler will +# abort an incoming REPLICATION attempt. An abort will occur if there are at +# least threshold number of failures and the value of failures / successes +# exceeds the ratio. The defaults of 100 and 1.0 means that at least 100 +# failures have to occur and there have to be more failures than successes for +# an abort to occur. +# replication_failure_threshold = 100 +# replication_failure_ratio = 1.0 +# +# Use splice() for zero-copy object GETs. This requires Linux kernel +# version 3.0 or greater. If you set "splice = yes" but the kernel +# does not support it, error messages will appear in the object server +# logs at startup, but your object servers should continue to function. +# +# splice = no + +[filter:healthcheck] +use = egg:swift#healthcheck +# An optional filesystem path, which if present, will cause the healthcheck +# URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE" +# disable_path = + +[filter:recon] +use = egg:swift#recon +recon_cache_path = /var/cache/swift +#recon_lock_path = /var/lock + +[object-replicator] +# You can override the default log routing for this app here (don't use set!): +# log_name = object-replicator +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# vm_test_mode = no +# daemonize = on +# run_pause = 30 +# concurrency = 1 +# stats_interval = 300 +# +# The sync method to use; default is rsync but you can use ssync to try the +# EXPERIMENTAL all-swift-code-no-rsync-callouts method. Once ssync is verified +# as having performance comparable to, or better than, rsync, we plan to +# deprecate rsync so we can move on with more features for replication. +# sync_method = rsync +# +# max duration of a partition rsync +# rsync_timeout = 900 +# +# bandwidth limit for rsync in kB/s. 0 means unlimited +# rsync_bwlimit = 0 +# +# passed to rsync for io op timeout +# rsync_io_timeout = 30 +# +# node_timeout = +# max duration of an http request; this is for REPLICATE finalization calls and +# so should be longer than node_timeout +# http_timeout = 60 +# +# attempts to kill all workers if nothing replicates for lockup_timeout seconds +# lockup_timeout = 1800 +# +# The replicator also performs reclamation +# reclaim_age = 604800 +# +# ring_check_interval = 15 +# recon_cache_path = /var/cache/swift +# +# limits how long rsync error log lines are +# 0 means to log the entire line +# rsync_error_log_line_length = 0 +# +# handoffs_first and handoff_delete are options for a special case +# such as disk full in the cluster. These two options SHOULD NOT BE +# CHANGED, except for such an extreme situations. (e.g. disks filled up +# or are about to fill up. Anyway, DO NOT let your drives fill up) +# handoffs_first is the flag to replicate handoffs prior to canonical +# partitions. It allows to force syncing and deleting handoffs quickly. +# If set to a True value(e.g. "True" or "1"), partitions +# that are not supposed to be on the node will be replicated first. +# handoffs_first = False +# +# handoff_delete is the number of replicas which are ensured in swift. +# If the number less than the number of replicas is set, object-replicator +# could delete local handoffs even if all replicas are not ensured in the +# cluster. Object-replicator would remove local handoff partition directories +# after syncing partition when the number of successful responses is greater +# than or equal to this number. By default(auto), handoff partitions will be +# removed when it has successfully replicated to all the canonical nodes. +# handoff_delete = auto + +[object-updater] +# You can override the default log routing for this app here (don't use set!): +# log_name = object-updater +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# interval = 300 +# concurrency = 1 +# node_timeout = +# slowdown will sleep that amount between objects +# slowdown = 0.01 +# +# recon_cache_path = /var/cache/swift + +[object-auditor] +# You can override the default log routing for this app here (don't use set!): +# log_name = object-auditor +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_address = /dev/log +# +# You can set the disk chunk size that the auditor uses making it larger if +# you like for more efficient local auditing of larger objects +# disk_chunk_size = 65536 +# files_per_second = 20 +# concurrency = 1 +# bytes_per_second = 10000000 +# log_time = 3600 +# zero_byte_files_per_second = 50 +# recon_cache_path = /var/cache/swift + +# Takes a comma separated list of ints. If set, the object auditor will +# increment a counter for every object whose size is <= to the given break +# points and report the result after a full scan. +# object_size_stats = + +# Note: Put it at the beginning of the pipleline to profile all middleware. But +# it is safer to put this after healthcheck. +[filter:xprofile] +use = egg:swift#xprofile +# This option enable you to switch profilers which should inherit from python +# standard profiler. Currently the supported value can be 'cProfile', +# 'eventlet.green.profile' etc. +# profile_module = eventlet.green.profile +# +# This prefix will be used to combine process ID and timestamp to name the +# profile data file. Make sure the executing user has permission to write +# into this path (missing path segments will be created, if necessary). +# If you enable profiling in more than one type of daemon, you must override +# it with an unique value like: /var/log/swift/profile/object.profile +# log_filename_prefix = /tmp/log/swift/profile/default.profile +# +# the profile data will be dumped to local disk based on above naming rule +# in this interval. +# dump_interval = 5.0 +# +# Be careful, this option will enable profiler to dump data into the file with +# time stamp which means there will be lots of files piled up in the directory. +# dump_timestamp = false +# +# This is the path of the URL to access the mini web UI. +# path = /__profile__ +# +# Clear the data when the wsgi server shutdown. +# flush_at_shutdown = false +# +# unwind the iterator of applications +# unwind = false diff --git a/swift/usr/share/swift/etc/swift/swift.j2 b/swift/usr/share/swift/etc/swift/swift.j2 new file mode 100644 index 00000000..6d76215a --- /dev/null +++ b/swift/usr/share/swift/etc/swift/swift.j2 @@ -0,0 +1,118 @@ +[swift-hash] + +# swift_hash_path_suffix and swift_hash_path_prefix are used as part of the +# the hashing algorithm when determining data placement in the cluster. +# These values should remain secret and MUST NOT change +# once a cluster has been deployed. + +swift_hash_path_suffix = {{ SWIFT_HASH_PATH_SUFFIX }} +swift_hash_path_prefix = {{ SWIFT_HASH_PATH_PREFIX }} + +# storage policies are defined here and determine various characteristics +# about how objects are stored and treated. Policies are specified by name on +# a per container basis. Names are case-insensitive. The policy index is +# specified in the section header and is used internally. The policy with +# index 0 is always used for legacy containers and can be given a name for use +# in metadata however the ring file name will always be 'object.ring.gz' for +# backwards compatibility. If no policies are defined a policy with index 0 +# will be automatically created for backwards compatibility and given the name +# Policy-0. A default policy is used when creating new containers when no +# policy is specified in the request. If no other policies are defined the +# policy with index 0 will be declared the default. If multiple policies are +# defined you must define a policy with index 0 and you must specify a +# default. It is recommended you always define a section for +# storage-policy:0. +[storage-policy:0] +name = Policy-0 +default = yes + +# the following section would declare a policy called 'silver', the number of +# replicas will be determined by how the ring is built. In this example the +# 'silver' policy could have a lower or higher # of replicas than the +# 'Policy-0' policy above. The ring filename will be 'object-1.ring.gz'. You +# may only specify one storage policy section as the default. If you changed +# this section to specify 'silver' as the default, when a client created a new +# container w/o a policy specified, it will get the 'silver' policy because +# this config has specified it as the default. However if a legacy container +# (one created with a pre-policy version of swift) is accessed, it is known +# implicitly to be assigned to the policy with index 0 as opposed to the +# current default. +#[storage-policy:1] +#name = silver + +# The swift-constraints section sets the basic constraints on data +# saved in the swift cluster. These constraints are automatically +# published by the proxy server in responses to /info requests. + +[swift-constraints] + +# max_file_size is the largest "normal" object that can be saved in +# the cluster. This is also the limit on the size of each segment of +# a "large" object when using the large object manifest support. +# This value is set in bytes. Setting it to lower than 1MiB will cause +# some tests to fail. It is STRONGLY recommended to leave this value at +# the default (5 * 2**30 + 2). + +#max_file_size = 5368709122 + + +# max_meta_name_length is the max number of bytes in the utf8 encoding +# of the name portion of a metadata header. + +#max_meta_name_length = 128 + + +# max_meta_value_length is the max number of bytes in the utf8 encoding +# of a metadata value + +#max_meta_value_length = 256 + + +# max_meta_count is the max number of metadata keys that can be stored +# on a single account, container, or object + +#max_meta_count = 90 + + +# max_meta_overall_size is the max number of bytes in the utf8 encoding +# of the metadata (keys + values) + +#max_meta_overall_size = 4096 + +# max_header_size is the max number of bytes in the utf8 encoding of each +# header. Using 8192 as default because eventlet use 8192 as max size of +# header line. This value may need to be increased when using identity +# v3 API tokens including more than 7 catalog entries. +# See also include_service_catalog in proxy-server.conf-sample +# (documented in overview_auth.rst) + +#max_header_size = 8192 + + +# max_object_name_length is the max number of bytes in the utf8 encoding +# of an object name + +#max_object_name_length = 1024 + + +# container_listing_limit is the default (and max) number of items +# returned for a container listing request + +#container_listing_limit = 10000 + + +# account_listing_limit is the default (and max) number of items returned +# for an account listing request +#account_listing_limit = 10000 + + +# max_account_name_length is the max number of bytes in the utf8 encoding +# of an account name + +#max_account_name_length = 256 + + +# max_container_name_length is the max number of bytes in the utf8 encoding +# of a container name + +#max_container_name_length = 256 diff --git a/swift/usr/share/swift/hosts b/swift/usr/share/swift/hosts new file mode 100644 index 00000000..5b97818d --- /dev/null +++ b/swift/usr/share/swift/hosts @@ -0,0 +1 @@ +localhost ansible_connection=local diff --git a/swift/usr/share/swift/swift-storage.yml b/swift/usr/share/swift/swift-storage.yml new file mode 100644 index 00000000..62a335ed --- /dev/null +++ b/swift/usr/share/swift/swift-storage.yml @@ -0,0 +1,24 @@ +--- +- hosts: localhost + vars_files: + - swift-storage-vars.yml + vars: + remote_user: root + tasks: + - user: name=swift comment="Swift user" + - file: path=/etc/swift owner=swift group=swift state=directory recurse=yes + + - template: src=/usr/share/swift/etc/rsyncd.j2 dest=/etc/rsyncd.conf + mode=0644 owner=swift group=swift + + - template: src=/usr/share/swift/etc/swift/{{ item }}.j2 + dest=/etc/swift/{{ item }}.conf mode=0644 owner=swift group=swift + with_items: + - account-server + - container-server + - object-server + - swift + + - file: path=/srv/node owner=swift group=swift state=directory recurse=yes + - file: path=/var/cache/swift owner=swift group=swift state=directory + recurse=yes -- cgit v1.2.1 From fd4e00e5112cc81aa57de9e8a662eb0d7662cad1 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Wed, 11 Mar 2015 11:20:11 +0000 Subject: Add BSP for big-endian ARMv8 (armv8b64) Add a BSP definition for ARMv8 in big-endian mode. Hopefully applicable to any ARMv8 system. Change-Id: I35d2964fa240ce72bf62d577d2d9af50dbae1d11 --- strata/bsp-armv8b64-generic.morph | 16 +++ .../linux-armv8b64-generic.morph | 108 +++++++++++++++++++++ 2 files changed, 124 insertions(+) create mode 100644 strata/bsp-armv8b64-generic.morph create mode 100644 strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph diff --git a/strata/bsp-armv8b64-generic.morph b/strata/bsp-armv8b64-generic.morph new file mode 100644 index 00000000..a4d6645b --- /dev/null +++ b/strata/bsp-armv8b64-generic.morph @@ -0,0 +1,16 @@ +name: bsp-armv8b64-generic +kind: stratum +description: +- | + The set of platform specific components required for booting generic ARMv8 + systems in big-endian mode, such as the 64-bit APM XGene ARM based m400 + Moonshot cartridge. +build-depends: +- morph: strata/core.morph +chunks: +- name: linux-armv8b64-generic + morph: strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph + repo: upstream:linux + ref: cd1397b1f6e429b82e94565b0af93c6bd44e4271 + unpetrify-ref: baserock/bjdooks/m400-be3 + build-depends: [] diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph new file mode 100644 index 00000000..40dd37ce --- /dev/null +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -0,0 +1,108 @@ +name: linux-armv8b64-generic +kind: chunk +configure-commands: +- make ARCH=arm64 defconfig +- scripts/config -e PACKET +- scripts/config -e SATA_AHCI +- scripts/config -e ATA_GENERIC +- scripts/config -e HAVE_IDE +- scripts/config -d BLK_DEV_IDE_SATA +- scripts/config -e BTRFS_FS +- scripts/config -e BTRFS_FS_POSIX_ACL +- scripts/config -e DEVTMPFS +- scripts/config -e DEVTMPFS_MOUNT +- scripts/config -e CONFIG_FHANDLE +- scripts/config -e CGROUPS +- scripts/config -e AUTOFS4_FS +- scripts/config --set-str UEVENT_HELPER_PATH '' +- scripts/config -e EXT2_FS +- scripts/config -e EXT2_FS_XATTR +- scripts/config -e EXT2_FS_POSIX_ACL +- scripts/config -e EXT2_FS_SECURITY +- scripts/config -e EXT2_FS_XIP +- scripts/config -e EXT3_FS +- scripts/config -d EXT3_DEFAULTS_TO_ORDERED +- scripts/config -e EXT3_FS_XATTR +- scripts/config -e EXT3_FS_POSIX_ACL +- scripts/config -e EXT3_FS_SECURITY +- scripts/config -e EXT4_FS +- scripts/config -e EXT4_FS_XATTR +- scripts/config -e EXT4_FS_POSIX_ACL +- scripts/config -e EXT4_FS_SECURITY +- scripts/config -d EXT4_DEBUG +- scripts/config -d JBD_DEBUG +- scripts/config -d JBD2_DEBUG +- scripts/config -e BLK_DEV_LOOP +- scripts/config -d BLK_DEV_CRYPTOLOOP +- scripts/config -e CEPH_FS +- scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e VIRTIO +- scripts/config -e VIRTIO_RING +- scripts/config -e VIRTIO_PCI +- scripts/config -e VIRTIO_BALLOON +- scripts/config -e VIRTIO_BLK +- scripts/config -e VIRTIO_NET +- scripts/config -e VIRTIO_CONSOLE +- scripts/config -e HW_RANDOM_VIRTIO +- scripts/config -e 9P_FS +- scripts/config -e 9P_FSCACHE +- scripts/config -e 9P_FS_POSIX_ACL +- scripts/config -e NET_9P +- scripts/config -e NET_9P_VIRTIO +- scripts/config -e R8169 +- scripts/config -e 8139TOO +- scripts/config -e 8139CP +- scripts/config -e IKCONFIG +- scripts/config -e IKCONFIG_PROC +- scripts/config -e SECCOMP +- scripts/config -d DEBUG_STACK_TRACE +- scripts/config -e NFSD +- scripts/config -e NFSD_V3 +- scripts/config -e KVM +- scripts/config -e TUN +- scripts/config -e BRIDGE +- scripts/config -e VHOST_NET +- scripts/config -e NF_NAT +- scripts/config -e NF_NAT_IPV4 +- scripts/config -e IP_NF_TARGET_MASQUERADE +- scripts/config -e FB_VESA +- scripts/config -e HOTPLUG_PCI +- scripts/config -e HOTPLUG_PCI_ACPI +- scripts/config -e VLAN_8021Q +- scripts/config -e BRIDGE_VLAN_FILTERING +- scripts/config -e IPV6 +# Required for M400 +- scripts/config -e SATA_AHCI_PLATFORM +- scripts/config -e AHCI_XGENE +- scripts/config -e GENERIC_PHY +- scripts/config -e PHY_XGENE +- scripts/config -e NET_VENDOR_MELLANOX +- scripts/config -e MLX4_EN +- scripts/config -e MLX4_EN_DCB +- scripts/config -e MLX4_EN_VXLAN +- scripts/config -e MLX4_CORE +- scripts/config -e MLX5_CORE +- scripts/config -e NET_IP_TUNNEL +- scripts/config -e VXLAN +- scripts/config -e UIO +- scripts/config -e UIO_PDRV_GENIRQ +- scripts/config -e GPIO_DWAPB +- scripts/config -e KEYBOARD_GPIO +- scripts/config -e INPUT_POLLDEV +- scripts/config -e KEYBOARD_GPIO_POLLED +- scripts/config -d DMA_CMA +- scripts/config -e POWER_RESET +- scripts/config -e POWER_RESET_GPIO +- scripts/config -e POWER_RESET_SYSCON +- scripts/config -e POWER_AVS +# Big endian kernel +- scripts/config -e CPU_BIG_ENDIAN +- yes '' | make ARCH=arm64 oldconfig +build-commands: +# Only generate Image here, uImage generated in deployment +# due to availability of mkimage build systems +- make vmlinux dtbs $MAKEFLAGS +install-commands: +- mkdir -p "$DESTDIR"/boot +- make install dtbs_install INSTALL_PATH="$DESTDIR/boot" +- cp arch/arm64/boot/Image "$DESTDIR/boot/vmlinux" -- cgit v1.2.1 From 779eb58df6626316c3a448b358b2843ebc4700a2 Mon Sep 17 00:00:00 2001 From: Paul Sherwood Date: Sat, 11 Apr 2015 02:18:51 +0000 Subject: Be explicit with make command in acl.morph Change-Id: I6e86553520f1ef7de14d8b58bdf4141cda1db9b7 --- strata/foundation/acl.morph | 2 ++ 1 file changed, 2 insertions(+) diff --git a/strata/foundation/acl.morph b/strata/foundation/acl.morph index 4489f5d5..c742d8ae 100644 --- a/strata/foundation/acl.morph +++ b/strata/foundation/acl.morph @@ -1,4 +1,6 @@ name: acl kind: chunk +build-commands: +- make install-commands: - make DESTDIR="$DESTDIR" install-dev -- cgit v1.2.1 From b949a22d0600c925a7acac195b577731a869d7d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 1 Apr 2015 19:24:46 +0100 Subject: strata/foundation.morph: Add bash-completion So commands can be autocompleted when pressing the "TAB" key Change-Id: I225335496e1007372603a2d0bea23ce0b8cb3692 --- strata/foundation.morph | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/strata/foundation.morph b/strata/foundation.morph index 02b04a40..5f7b9edf 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -4,6 +4,10 @@ description: Basic userland runtime system build-depends: - morph: strata/coreutils-common.morph chunks: +- name: bash-completion + repo: upstream:bash-completion + ref: 3085c7e12179817a02a611016606391295c69942 + unpetrify-ref: 2.1 - name: attr morph: strata/foundation/attr.morph repo: upstream:attr -- cgit v1.2.1 From 33e0784f4d9901ea381ed39014e1cd0007f307dd Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Sat, 11 Apr 2015 13:30:02 +0000 Subject: bsp: Add support for USB ethernet to x86 kernels This works for a few commonly available USB Ethernet devices; and while other architectures may make use of such devices, I don't believe we currently have a use-case that requires us to be able to support extra interfaces on those devices. Change-Id: Ib8974207c04f34cff4f6884409c70aeb116935d5 --- strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 4 ++++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 9b39d185..a8da9549 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -71,6 +71,10 @@ configure-commands: - scripts/config -e E100 - scripts/config -e E1000 - scripts/config -e E1000E +- scripts/config -e USB_USBNET +- scripts/config -e USB_NET_AX8817X +- scripts/config -e USB_NET_AX88179_178A +- scripts/config -e USB_NET_DM9601 - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 5a9380b9..eb4204f6 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -71,6 +71,10 @@ configure-commands: - scripts/config -e E100 - scripts/config -e E1000 - scripts/config -e E1000E +- scripts/config -e USB_USBNET +- scripts/config -e USB_NET_AX8817X +- scripts/config -e USB_NET_AX88179_178A +- scripts/config -e USB_NET_DM9601 - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e SECCOMP -- cgit v1.2.1 From 3eacd36e46d9904e0775c079253c4ed78ef50a96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 13 Apr 2015 11:36:59 +0100 Subject: Upgrade x86 BSP to latest linux kernel (4.0) Change-Id: I55eff5c8e57dbf35274246b60904c6d405f458e9 --- strata/bsp-x86_32-generic.morph | 6 +++--- strata/bsp-x86_64-generic.morph | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/strata/bsp-x86_32-generic.morph b/strata/bsp-x86_32-generic.morph index ae7d14cc..41003643 100644 --- a/strata/bsp-x86_32-generic.morph +++ b/strata/bsp-x86_32-generic.morph @@ -7,9 +7,9 @@ build-depends: chunks: - name: linux-x86-32-generic morph: strata/bsp-x86_32-generic/linux-x86-32-generic.morph - repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + repo: upstream:linux + ref: 39a8804455fb23f09157341d3ba7db6d7ae6ee76 + unpetrify-ref: v4.0 - name: nasm morph: strata/bsp-x86_32-generic/nasm.morph repo: upstream:nasm diff --git a/strata/bsp-x86_64-generic.morph b/strata/bsp-x86_64-generic.morph index 81223633..799af9d2 100644 --- a/strata/bsp-x86_64-generic.morph +++ b/strata/bsp-x86_64-generic.morph @@ -7,9 +7,9 @@ build-depends: chunks: - name: linux-x86-64-generic morph: strata/bsp-x86_64-generic/linux-x86-64-generic.morph - repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + repo: upstream:linux + ref: 39a8804455fb23f09157341d3ba7db6d7ae6ee76 + unpetrify-ref: v4.0 - name: nasm morph: strata/bsp-x86_64-generic/nasm.morph repo: upstream:nasm -- cgit v1.2.1 From 1de35458175c444882ef3c3f917792b546a927e5 Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Wed, 11 Mar 2015 22:17:52 +0000 Subject: Update systemd to development snapshot including netlink fix Change-Id: Ic8258340cd8a5a2750671b0a93c7b89e1b872aa6 --- strata/foundation.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index 5f7b9edf..b742c5ed 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -80,8 +80,8 @@ chunks: - name: systemd morph: strata/foundation/systemd.morph repo: upstream:systemd - ref: a88abde72169ddc2df77df3fa5bed30725022253 - unpetrify-ref: v219 + ref: d736e4f3e76daca4ab1b1fc444737e5ee20a27cd + unpetrify-ref: master build-depends: - dbus-pre - gobject-introspection -- cgit v1.2.1 From 525d7973c04afda87fb1e8eb9ab8e021b3b48e3b Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Wed, 11 Mar 2015 22:33:06 +0000 Subject: systemd: disable building of tests Change-Id: I9e0df7e0617d56af0ea827e3a1c4c37d3a1bbad2 --- strata/foundation/systemd.morph | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/strata/foundation/systemd.morph b/strata/foundation/systemd.morph index 81db9acd..c53cef39 100644 --- a/strata/foundation/systemd.morph +++ b/strata/foundation/systemd.morph @@ -3,9 +3,11 @@ kind: chunk build-system: autotools configure-commands: - sh autogen.sh -- ./configure --prefix="$PREFIX" --enable-xz --disable-manpages --sysconfdir=/etc - --localstatedir=/var --libdir="$PREFIX/lib" --libexecdir="$PREFIX/libexec" --with-rootprefix= - --with-rootlibdir=/lib +- | + ./configure --prefix="$PREFIX" --enable-xz --disable-manpages \ + --disable-tests --sysconfdir=/etc --localstatedir=/var \ + --libdir="$PREFIX/lib" --libexecdir="$PREFIX/libexec" \ + --with-rootprefix= --with-rootlibdir=/lib install-commands: - make DESTDIR="$DESTDIR" install - mkdir -p "$DESTDIR"/sbin -- cgit v1.2.1 From a163a811531f5ea9db30ee955824b8f0ba319d64 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 2 Mar 2015 13:24:34 +0000 Subject: Add openstack ansible modules to ansible.morph Change-Id: Ia8aae92d01eeca9a4058fa73fa1923a1a33b5704 --- strata/ansible.morph | 5 +++++ strata/ansible/openstack-ansible-modules.morph | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 strata/ansible/openstack-ansible-modules.morph diff --git a/strata/ansible.morph b/strata/ansible.morph index 4af0e805..43ebc2bd 100644 --- a/strata/ansible.morph +++ b/strata/ansible.morph @@ -10,3 +10,8 @@ chunks: repo: upstream:ansible ref: 0a7124541247cc613352054f4bc0c3e116e0b657 unpetrify-ref: baserock/v1.8.4 +- name: openstack-ansible-modules + morph: strata/ansible/openstack-ansible-modules.morph + repo: upstream:openstack/openstack-ansible-modules + ref: 451dcdeadfd35615a867d5e59a684e4aa82959ae + unpetrify-ref: master diff --git a/strata/ansible/openstack-ansible-modules.morph b/strata/ansible/openstack-ansible-modules.morph new file mode 100644 index 00000000..d8e885e6 --- /dev/null +++ b/strata/ansible/openstack-ansible-modules.morph @@ -0,0 +1,5 @@ +name: openstack-ansible-modules +kind: chunk +install-commands: +- mkdir -p "$DESTDIR$PREFIX"/share/ansible/ansible-openstack-modules +- cp -r * "$DESTDIR$PREFIX"/share/ansible/ansible-openstack-modules -- cgit v1.2.1 From 7afae9e4948f9f8dca8e2cabf321c7b11df8a1a8 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 13 Mar 2015 16:43:30 +0000 Subject: Change suexec location in httpd-server.morph apache-httpd needs to know where suexec is, even when suexec is being installed by the same chunk. We were moving/copying the binary after installation to /lib/httpd. With this change, the hack won't be needed. Change-Id: I71bb6ea0ff80d41ae4061bfeb441750741343970 --- strata/apache-httpd-server/httpd-server.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/apache-httpd-server/httpd-server.morph b/strata/apache-httpd-server/httpd-server.morph index f7662912..41f0c36b 100644 --- a/strata/apache-httpd-server/httpd-server.morph +++ b/strata/apache-httpd-server/httpd-server.morph @@ -29,7 +29,7 @@ configure-commands: --with-suexec-caller=apache \ --with-suexec-docroot=/var/www \ --with-suexec-logfile=/var/log/httpd/suexec.log \ - --with-suexec-bin="$PREFIX"/lib/httpd/suexec \ + --with-suexec-bin="$PREFIX"/sbin/suexec \ --with-suexec-uidmin=500 --with-suexec-gidmin=100\ --with-suexec-userdir=public_html \ --enable-pie \ -- cgit v1.2.1 From 19700d01c85f015aadb3d441c5fe6e0426a64ace Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 13 Apr 2015 18:08:47 +0100 Subject: strata/foundation.morph: Point systemd's unpetrify-ref to a meaningful branch Change-Id: I65fb89c8c7a82aa4e3696894a210ed1bdcaadf87 --- strata/foundation.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index b742c5ed..9aa6413e 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -81,7 +81,7 @@ chunks: morph: strata/foundation/systemd.morph repo: upstream:systemd ref: d736e4f3e76daca4ab1b1fc444737e5ee20a27cd - unpetrify-ref: master + unpetrify-ref: baserock/v219-314-gd736e4f-network_fixes build-depends: - dbus-pre - gobject-introspection -- cgit v1.2.1 From fe2761b10c06ac2e213fa339560100a6158c2bc5 Mon Sep 17 00:00:00 2001 From: Paul Sherwood Date: Sun, 12 Apr 2015 11:29:33 +0000 Subject: The return of the GENIVI marshalling patch Change-Id: I27b143b3bd027b58b1c9893c0aa4bbf388cd0529 --- strata/foundation.morph | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index 9aa6413e..cc58de5a 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -60,8 +60,8 @@ chunks: - name: dbus-pre morph: strata/foundation/dbus-pre.morph repo: upstream:dbus - ref: af6e170d8e040759c83b48075b9ae74cc83dd5ed - unpetrify-ref: dbus-1.8.16 + ref: 3c055572ced8f63eb9756caa4b1a19225f22e6ff + unpetrify-ref: baserock/dbus-1.8.16-1-g3c05557/genivi/J-1.0 build-depends: - glib - name: libgpg-error @@ -136,8 +136,8 @@ chunks: - name: dbus morph: strata/foundation/dbus.morph repo: upstream:dbus - ref: af6e170d8e040759c83b48075b9ae74cc83dd5ed - unpetrify-ref: dbus-1.8.16 + ref: 3c055572ced8f63eb9756caa4b1a19225f22e6ff + unpetrify-ref: baserock/dbus-1.8.16-1-g3c05557/genivi/J-1.0 build-depends: - glib - systemd -- cgit v1.2.1 From 7f400734b58019c4048ddd263d38a56c1a896900 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Wed, 11 Mar 2015 12:16:29 +0000 Subject: Add system definitions for big-endian ARMv8 (armv8b64) Change-Id: Icdcac240ba75369ae8dbad8132b578a1cb73d684 --- systems/build-system-armv8b64.morph | 50 +++++++++++++++++++ .../cross-bootstrap-system-armv8b64-generic.morph | 15 ++++++ systems/devel-system-armv8b64.morph | 58 ++++++++++++++++++++++ 3 files changed, 123 insertions(+) create mode 100644 systems/build-system-armv8b64.morph create mode 100644 systems/cross-bootstrap-system-armv8b64-generic.morph create mode 100644 systems/devel-system-armv8b64.morph diff --git a/systems/build-system-armv8b64.morph b/systems/build-system-armv8b64.morph new file mode 100644 index 00000000..b79487e5 --- /dev/null +++ b/systems/build-system-armv8b64.morph @@ -0,0 +1,50 @@ +name: build-system-armv8b64 +kind: system +description: +- | + The system that should be used for building all other Baserock systems + for 64-bit ARMv8 computers running in big-endian mode. +arch: armv8b64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-armv8b64-generic + morph: strata/bsp-armv8b64-generic.morph +- name: python-core + morph: strata/python-core.morph +- name: tools + morph: strata/tools.morph +- name: python-cliapp + morph: strata/python-cliapp.morph +- name: python-wsgi + morph: strata/python-wsgi.morph +- name: morph-utils + morph: strata/morph-utils.morph +- name: nfs + morph: strata/nfs.morph +- name: python-common + morph: strata/python-common.morph +- name: ansible + morph: strata/ansible.morph +- name: cloudinit-support + morph: strata/cloudinit-support.morph +- name: openstack-common + morph: strata/openstack-common.morph +- name: openstack-clients + morph: strata/openstack-clients.morph +- name: devtools + morph: strata/devtools.morph +configuration-extensions: +- set-hostname +- add-config-files +- nfsboot +- install-files +- distbuild +- fstab +- mason +- cloud-init +- moonshot-kernel diff --git a/systems/cross-bootstrap-system-armv8b64-generic.morph b/systems/cross-bootstrap-system-armv8b64-generic.morph new file mode 100644 index 00000000..ed2cbc89 --- /dev/null +++ b/systems/cross-bootstrap-system-armv8b64-generic.morph @@ -0,0 +1,15 @@ +name: cross-bootstrap-system-armv8b64-generic +kind: system +description: A system that produces the minimum needed to build a devel system +arch: armv8b64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: python-cliapp + morph: strata/python-cliapp.morph +- name: morph-utils + morph: strata/morph-utils.morph +- name: cross-bootstrap + morph: strata/cross-bootstrap.morph diff --git a/systems/devel-system-armv8b64.morph b/systems/devel-system-armv8b64.morph new file mode 100644 index 00000000..c5e32beb --- /dev/null +++ b/systems/devel-system-armv8b64.morph @@ -0,0 +1,58 @@ +name: devel-system-armv8b64 +kind: system +description: | + A system with useful tools for doing Baserock development. + + For use on 64-bit ARMv8 computers using big-endian word. +arch: armv8b64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-armv8b64-generic + morph: strata/bsp-armv8b64-generic.morph +- name: tools + morph: strata/tools.morph +- name: python-cliapp + morph: strata/python-cliapp.morph +- name: python-wsgi + morph: strata/python-wsgi.morph +- name: morph-utils + morph: strata/morph-utils.morph +- name: openstack-common + morph: strata/openstack-common.morph +- name: openstack-clients + morph: strata/openstack-clients.morph +- name: cloudinit-support + morph: strata/cloudinit-support.morph +- name: nodejs + morph: strata/nodejs.morph +- name: ruby + morph: strata/ruby.morph +- name: lorry + morph: strata/lorry.morph +- name: baserock-import + morph: strata/baserock-import.morph +- name: nfs + morph: strata/nfs.morph +- name: python-core + morph: strata/python-core.morph +- name: python-tools + morph: strata/python-tools.morph +- name: python-common + morph: strata/python-common.morph +- name: devtools + morph: strata/devtools.morph +- name: ansible + morph: strata/ansible.morph +configuration-extensions: +- set-hostname +- add-config-files +- simple-network +- nfsboot +- install-files +- cloud-init +- moonshot-kernel -- cgit v1.2.1 From 17b306dc661ed8199e26a55b8f90bed743933410 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Wed, 11 Mar 2015 18:23:52 +0000 Subject: Add definition for big-endian deployment to a Moonshot node (netboot) Add a cluster definition to enable deployment of a big-endian system to an NFS/TFTP netboot server, from which a Moonshot node's U-Boot can "pxe" boot. Change-Id: I6654879d61b58aebdb83bf490d77d8d403d13155 --- clusters/moonshot-pxe-armv8b64.morph | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 clusters/moonshot-pxe-armv8b64.morph diff --git a/clusters/moonshot-pxe-armv8b64.morph b/clusters/moonshot-pxe-armv8b64.morph new file mode 100644 index 00000000..2d32efb0 --- /dev/null +++ b/clusters/moonshot-pxe-armv8b64.morph @@ -0,0 +1,30 @@ +name: moonshot-m400-armv8b64-netboot +kind: cluster +description: | + Deploy a big-endian armv8b64 devel system onto an HP Moonshot node + + The system will be configured to boot through PXE from existing DHCP, + TFTP and NFS servers. +systems: +- morph: systems/devel-system-armv8b64.morph + deploy: + netboot: + type: pxeboot + location: 14:58:d0:57:7f:42 + PXEBOOT_MODE: existing-server + PXEBOOT_CONFIG_TFTP_ADDRESS: sftp://192.168.0.1/srv/nfsboot/tftp/ + PXEBOOT_ROOTFS_RSYNC_ADDRESS: rsync://192.168.0.1/srv/nfsboot/ + PXEBOOT_PXE_REBOOT_COMMAND: | + ssh Administrator@10.0.1.10 set node power off force c31n1 + ssh Administrator@10.0.1.10 set node boot pxe c31n1 + # Nodes are powered on twice as sometimes powering them on + # once is not enough + ssh Administrator@10.0.1.10 set node power on c31n1 + ssh Administrator@10.0.1.10 set node power on c31n1 + PXE_INSTALLER: no + + HOSTNAME: baserock-c31n1 + DTB_PATH: boot/m400-1003.dtb + KERNEL_ARGS: console=ttyS0,9600n8r rw + INSTALL_FILES: moonshot/manifest + MOONSHOT_KERNEL: yes -- cgit v1.2.1 From 1efc267023ab34479e3b4b0565823b8a0ebaedbf Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Wed, 11 Mar 2015 18:31:28 +0000 Subject: Add definitions for big-endian deployment to a Moonshot node (M.2) Add cluster definition and install system definition, to enable deployment of a big-endian system to a moonshot M.2 (SSD) device. Change-Id: Icb2d48eff152a3df9556739fadbf4055478e79f4 --- clusters/moonshot-m2-armv8b64.morph | 56 +++++++++++++++++++++++++++++++++ systems/installer-system-armv8b64.morph | 29 +++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 clusters/moonshot-m2-armv8b64.morph create mode 100644 systems/installer-system-armv8b64.morph diff --git a/clusters/moonshot-m2-armv8b64.morph b/clusters/moonshot-m2-armv8b64.morph new file mode 100644 index 00000000..c8e5bc81 --- /dev/null +++ b/clusters/moonshot-m2-armv8b64.morph @@ -0,0 +1,56 @@ +name: moonshot-m2-deployment +kind: cluster +description: | + Install a build armv8b64 system into the M.2 SSD storage of an HP + Moonshot node, using a combination of the pxeboot.write extension and + the installer system. +systems: +- morph: systems/installer-system-armv8b64.morph + deploy: + installer: + type: pxeboot + location: 14:58:d0:57:7f:42 + PXEBOOT_MODE: existing-server + PXEBOOT_CONFIG_TFTP_ADDRESS: sftp://192.168.0.1/srv/nfsboot/tftp/ + PXEBOOT_ROOTFS_RSYNC_ADDRESS: rsync://192.168.0.1/srv/nfsboot/ + PXEBOOT_PXE_REBOOT_COMMAND: | + ssh Administrator@10.0.1.10 set node power off force c31n1 + ssh Administrator@10.0.1.10 set node boot pxe c31n1 + # Nodes are powered on twice as sometimes powering them on + # once is not enough + ssh Administrator@10.0.1.10 set node power on c31n1 + ssh Administrator@10.0.1.10 set node power on c31n1 + PXEBOOT_REBOOT_COMMAND: | + ssh Administrator@10.0.1.10 set node power off force c31n1 + ssh Administrator@10.0.1.10 set node boot m.2 c31n1 + ssh Administrator@10.0.1.10 set node power on c31n1 + ssh Administrator@10.0.1.10 set node power on c31n1 + + INSTALLER_TARGET_STORAGE_DEVICE: /dev/sda + INSTALLER_ROOTFS_TO_INSTALL: /rootfs + INSTALLER_POST_INSTALL_COMMAND: | + while : ; do + echo "enter 'installed' in your deployment machine to finish the installation" + sleep 2 + done + INSTALLER_CREATE_BOOT_PARTITION: yes + + HOSTNAME: installer-system-c31n1 + DTB_PATH: boot/m400-1003.dtb + KERNEL_ARGS: console=ttyS0,9600n8r init=/usr/lib/baserock-installer/installer + INSTALL_FILES: moonshot/manifest + MOONSHOT_KERNEL: yes + subsystems: + - morph: systems/devel-system-armv8b64.morph + deploy: + to-install: + type: sysroot + location: /rootfs + HOSTNAME: baserock-c31n1 + DTB_PATH: boot/m400-1003.dtb + INSTALL_FILES: moonshot/manifest + MOONSHOT_KERNEL: yes + BOOT_DEVICE: /dev/sda1 + ROOT_DEVICE: /dev/sda2 + BOOTLOADER_CONFIG_FORMAT: extlinux + BOOTLOADER_INSTALL: "none" diff --git a/systems/installer-system-armv8b64.morph b/systems/installer-system-armv8b64.morph new file mode 100644 index 00000000..b2606aee --- /dev/null +++ b/systems/installer-system-armv8b64.morph @@ -0,0 +1,29 @@ +name: installer-system-armv8b64 +kind: system +description: The system that should be used as an Installer to install other Baserock systems. +arch: armv8b64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: python-core + morph: strata/python-core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-armv8b64-generic + morph: strata/bsp-armv8b64-generic.morph +- name: python-cliapp + morph: strata/python-cliapp.morph +- name: python-wsgi + morph: strata/python-wsgi.morph +- name: morph-utils + morph: strata/morph-utils.morph +- name: installer-utils + morph: strata/installer-utils.morph +configuration-extensions: +- set-hostname +- install-files +- fstab +- installer +- moonshot-kernel -- cgit v1.2.1 From 519885d04dffaa5d9bb21271f8c1ffc0a63f5f67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 14 Apr 2015 12:30:19 +0100 Subject: mesa: Fix a compilation problem with missing fstat Point mesa stratum to a patch cherry-picked from master to fix this compilation error: loader.c: In function 'udev_device_new_from_fd': loader.c:163:4: error: implicit declaration of function 'fstat' [-Werror=implicit-function-declaration] if (fstat(fd, &buf) < 0) { ^ cc1: some warnings being treated as errors More info here: https://bugs.freedesktop.org/show_bug.cgi?id=89530 Change-Id: I3bd4856b07318ce97772a4755b253c918f4b1e66 --- strata/mesa-common.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/mesa-common.morph b/strata/mesa-common.morph index 8967446c..28c0cef3 100644 --- a/strata/mesa-common.morph +++ b/strata/mesa-common.morph @@ -8,5 +8,5 @@ chunks: - name: mesa morph: strata/mesa-common/mesa.morph repo: upstream:mesa - ref: 1a9cc5f50db5d27530a3449743b43aac389d781f - unpetrify-ref: mesa-10.3.3 + ref: f7d157a4f011fd5ace94f55c8674be4b12d86f95 + unpetrify-ref: baserock/mesa-10.3.7-2-gf7d157a/fstat_fix -- cgit v1.2.1 From b48eff60cd046fb0ba00ef8111d82f31bdf74849 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 14 Apr 2015 12:36:42 +0100 Subject: Fix linux repo for bsp-armv7-highbank We switched to linux-stable.git from linux.git as only the former contains 'point' releases (3.18.1, 3.18.2 etc.) of Linux. Change-Id: I94388266b4a94a652458460d0b15f465e10dfe85 --- strata/bsp-armv7-highbank.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/bsp-armv7-highbank.morph b/strata/bsp-armv7-highbank.morph index e81bac28..bc0c3a8c 100644 --- a/strata/bsp-armv7-highbank.morph +++ b/strata/bsp-armv7-highbank.morph @@ -6,6 +6,6 @@ build-depends: chunks: - name: linux-armv7-highbank morph: strata/bsp-armv7-highbank/linux-armv7-highbank.morph - repo: upstream:linux-stable-stable + repo: upstream:linux-stable ref: 660613d1a4e94144490850b6c3d350331860fac4 unpetrify-ref: v3.19.2 -- cgit v1.2.1 From 501218d6271d09adfd09b6cb2dc0a7d9a85c2097 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 13 Apr 2015 11:38:25 +0100 Subject: strata/build-essential: Upgrade linux-api-headers to 4.0 Change-Id: I73ed1c3c43f341d6e09521fc8bf0c4899616e972 --- strata/build-essential.morph | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/strata/build-essential.morph b/strata/build-essential.morph index e2eb23a5..4eb5fdb9 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -68,9 +68,9 @@ chunks: - name: stage2-linux-api-headers morph: strata/build-essential/stage2-linux-api-headers.morph - repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + repo: upstream:linux + ref: 39a8804455fb23f09157341d3ba7db6d7ae6ee76 + unpetrify-ref: v4.0 build-depends: - stage1-binutils - stage1-gcc @@ -229,9 +229,9 @@ chunks: - name: linux-api-headers morph: strata/build-essential/linux-api-headers.morph - repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + repo: upstream:linux + ref: 39a8804455fb23f09157341d3ba7db6d7ae6ee76 + unpetrify-ref: v4.0 build-depends: - stage2-binutils - stage2-busybox -- cgit v1.2.1 From 43ae529a39e96602335e0282d9f294614f69d5e4 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 14 Apr 2015 16:25:10 +0000 Subject: Revert "Add a compatibility symlink for /lib/ld-linux.so.3 on ARMv7 hard-float" This reverts commit a51a8ee9fe2c691a4b2d73fe06c1fde1d18f1153. This symlink was a bad idea. We found that if the stage1-gcc chunk is built on an ARM system with EGLIBC 2.15, then run on a system with GLIBC 2.20, the GCC binaries segfault on startup, inside the _dl_addr() function. This is likely the result of an ABI compatibility between EGLIBC 2.15 and GLIBC 2.20. Morph still has a big hole in its caching algorithm whereby 'bootstrap' mode chunks built against incompatible libc versions get the same cache-key, and cause random breakages. We either need to fix this, or ensure that the reference bootstrap is entirely statically linked, as soon as possible. Change-Id: I400d293dc8022ca6ab5a0ebda62ce378e9bf3317 --- strata/build-essential/glibc.morph | 6 ------ 1 file changed, 6 deletions(-) diff --git a/strata/build-essential/glibc.morph b/strata/build-essential/glibc.morph index 5e5614e7..ecd7c7c4 100644 --- a/strata/build-essential/glibc.morph +++ b/strata/build-essential/glibc.morph @@ -92,9 +92,3 @@ install-commands: include /etc/ld.so.conf.d/*.conf EOF - install -m 644 -o root -g root ld.so.conf "$DESTDIR/etc/ld.so.conf" -# Compatibility symlink to work around the ABI break GLIBC introduced for -# ARMv7 hard-float platforms in commit d3b36017d43. -- case "$MORPH_ARCH" in - armv7*hf*) - ln -s ld-2.20.so "$DESTDIR/lib/ld-linux.so.3" ;; - esac -- cgit v1.2.1 From ba804d367743d9bfee7380707c80d00b9dafc303 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Mon, 13 Apr 2015 19:12:37 +0000 Subject: Update ntpd to 4.2.8p2 Change-Id: I9840f6b44b9d08d7ec61393f9cb4a01808e2a529 --- strata/ntpd.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/ntpd.morph b/strata/ntpd.morph index e2ccc84a..969e3d85 100644 --- a/strata/ntpd.morph +++ b/strata/ntpd.morph @@ -5,5 +5,5 @@ build-depends: chunks: - name: ntpd repo: upstream:ntp - ref: d4b7cd9723cce9561fa15f74b90b85a3a61b5ef8 - unpetrify-ref: ntp-dev-4.2.7p482 + ref: b2ccf8dd31d1457ae9f0ae270054117179220370 + unpetrify-ref: ntp-4.2.8p2 -- cgit v1.2.1 From 784ba5a7c019f120a6a818c3ff0aaf6714aeab32 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Mon, 13 Apr 2015 19:14:31 +0000 Subject: Run ntpd as non-root user Building with libcap allows ntpd to drop root privileges it doesn't need, we also don't want to run ntpd as root, so we create an ntp user and an ntp group. Change-Id: Idd8a7916af97c10704290234c1bb1f34a14baf2c --- strata/ntpd.morph | 3 ++- strata/ntpd/ntpd.morph | 10 ++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 strata/ntpd/ntpd.morph diff --git a/strata/ntpd.morph b/strata/ntpd.morph index 969e3d85..4c5483e5 100644 --- a/strata/ntpd.morph +++ b/strata/ntpd.morph @@ -1,9 +1,10 @@ name: ntpd kind: stratum build-depends: -- morph: strata/core.morph +- morph: strata/foundation.morph chunks: - name: ntpd + morph: strata/ntpd/ntpd.morph repo: upstream:ntp ref: b2ccf8dd31d1457ae9f0ae270054117179220370 unpetrify-ref: ntp-4.2.8p2 diff --git a/strata/ntpd/ntpd.morph b/strata/ntpd/ntpd.morph new file mode 100644 index 00000000..fd561de1 --- /dev/null +++ b/strata/ntpd/ntpd.morph @@ -0,0 +1,10 @@ +name: ntpd +kind: chunk +build-system: autotools +configure-commands: + - ./configure --prefix="$PREFIX" --enable-linuxcaps +system-integration: + ntpd-misc: + 00-add-ntpd-user: + - groupadd -r ntp + - useradd -g ntp -d /home/ntp -s /bin/false -r ntp -- cgit v1.2.1 From 7b503f884ef65ac44b3cf9f009391f45621880fa Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Mon, 13 Apr 2015 19:25:09 +0000 Subject: Add ntp configure extension Change-Id: If7926bc7ed11d966feca2aa9ef767dc29996729e --- ntpd.configure | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 ntpd.configure diff --git a/ntpd.configure b/ntpd.configure new file mode 100644 index 00000000..fd39d9e9 --- /dev/null +++ b/ntpd.configure @@ -0,0 +1,54 @@ +#!/bin/bash +# +# Copyright © 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + + +set -e + +ROOT="$1" + +# NTP conflicts with systemd-timesyncd, +# so if we want to use NTP then we need to disable systemd-timesyncd +rm "$ROOT/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service" + +# On at least x86 64 the default rlimit +# ntp sets (32kB) isn't enough, so increase it +cat >> "$ROOT/etc/ntp.conf" << EOF + +# The default rlimit isn't enough in some cases +# so we set a higher limit here +rlimit memlock 256 +EOF + +NTPD_PIDFILE=/run/ntpd.pid +cat > "$ROOT/usr/lib/systemd/system/ntpd.service" << EOF +[Unit] +Description=Network Time Service +After=network.target nss-lookup.target +Conflicts=systemd-timesyncd.service + +[Service] +Type=forking +PIDFile=$NTPD_PIDFILE +ExecStart=/usr/bin/ntpd -u ntp:ntp -p $NTPD_PIDFILE +PrivateTmp=True +Restart=on-failure + +[Install] +WantedBy=multi-user.target +EOF + +ln -s "/usr/lib/systemd/system/ntpd.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/ntpd.service" -- cgit v1.2.1 From 53c38ebe7a45d8c4cfd50ef73564783d53205a79 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Mon, 13 Apr 2015 19:48:41 +0000 Subject: Add swift system Change-Id: I41fe796802f930f954716bfa4edcb038b95c90ce --- systems/swift-system-x86_64.morph | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 systems/swift-system-x86_64.morph diff --git a/systems/swift-system-x86_64.morph b/systems/swift-system-x86_64.morph new file mode 100644 index 00000000..385f9cd5 --- /dev/null +++ b/systems/swift-system-x86_64.morph @@ -0,0 +1,34 @@ +name: swift-system-x86_64 +kind: system +description: A base system for deploying swift nodes +arch: x86_64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-x86_64-generic + morph: strata/bsp-x86_64-generic.morph +- name: swift + morph: strata/swift.morph +- name: ntpd + morph: strata/ntpd.morph +- name: python-core + morph: strata/python-core.morph +- name: python-common + morph: strata/python-common.morph +- name: ansible + morph: strata/ansible.morph +- name: openstack-common + morph: strata/openstack-common.morph +configuration-extensions: +- set-hostname +- add-config-files +- simple-network +- nfsboot +- install-files +- fstab +- swift-storage +- ntpd -- cgit v1.2.1 From 019743fde767b09c1ed823b4a2418eb71e27ee4c Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Sat, 11 Apr 2015 16:52:23 +0000 Subject: Add ntp client sync config to swift storage nodes Change-Id: Idd5ea038831e60a0a0ccc5620d81075ab421fbad --- swift-storage.configure | 2 ++ swift/etc/ntp.conf | 1 + swift/manifest | 1 + 3 files changed, 4 insertions(+) create mode 100644 swift/etc/ntp.conf diff --git a/swift-storage.configure b/swift-storage.configure index 182e0329..391b392a 100644 --- a/swift-storage.configure +++ b/swift-storage.configure @@ -49,6 +49,7 @@ MANDATORY_OPTIONS="SWIFT_HASH_PATH_PREFIX \ SWIFT_REPLICAS \ SWIFT_MIN_PART_HOURS \ SWIFT_STORAGE_DEVICES \ + CONTROLLER_HOST_ADDRESS \ MANAGEMENT_INTERFACE_IP_ADDRESS" for option in $MANDATORY_OPTIONS @@ -75,6 +76,7 @@ validate_number "SWIFT_MIN_PART_HOURS" "$SWIFT_MIN_PART_HOURS" validate_non_empty "SWIFT_HASH_PATH_PREFIX" "$SWIFT_HASH_PATH_PREFIX" validate_non_empty "SWIFT_HASH_PATH_SUFFIX" "$SWIFT_HASH_PATH_SUFFIX" validate_non_empty "SWIFT_REBALANCE_SEED" "$SWIFT_REBALANCE_SEED" +validate_non_empty "CONTROLLER_HOST_ADDRESS" "$CONTROLLER_HOST_ADDRESS" validate_non_empty "MANAGEMENT_INTERFACE_IP_ADDRESS" "$MANAGEMENT_INTERFACE_IP_ADDRESS" mkdir -p "$ROOT/usr/lib/systemd/system/multi-user.target.wants" # ensure this exists before we make symlinks diff --git a/swift/etc/ntp.conf b/swift/etc/ntp.conf new file mode 100644 index 00000000..617a41c9 --- /dev/null +++ b/swift/etc/ntp.conf @@ -0,0 +1 @@ +server {{ CONTROLLER_HOST_ADDRESS }} iburst diff --git a/swift/manifest b/swift/manifest index 6c1e2383..171b04fc 100644 --- a/swift/manifest +++ b/swift/manifest @@ -11,3 +11,4 @@ 0100644 0 0 /usr/share/swift/etc/rsyncd.j2 0100644 0 0 /usr/lib/systemd/system/swift-storage-setup.service 0100644 0 0 /usr/lib/systemd/system/swift-storage.service +template 0100644 0 0 /etc/ntp.conf -- cgit v1.2.1 From 063aec5c91bbf011d10ebc41b2c2d8631e03109e Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Tue, 14 Apr 2015 16:30:01 +0000 Subject: Update example swift storage cluster We now deploy swift systems rather than devel systems. We also now need to specify the controller host address, since swift storage nodes will use the controller node to get their ntp time updates. Change-Id: I2416aa9fc92161cb2df00ad1676c48810851f7f3 --- clusters/example-swift-storage-cluster.morph | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/clusters/example-swift-storage-cluster.morph b/clusters/example-swift-storage-cluster.morph index 2f8dcaeb..b1ea784f 100644 --- a/clusters/example-swift-storage-cluster.morph +++ b/clusters/example-swift-storage-cluster.morph @@ -1,10 +1,12 @@ name: example-swift-storage-cluster kind: cluster systems: -- morph: systems/devel-system-x86_64-generic.morph +- morph: systems/swift-system-x86_64.morph deploy-defaults: INSTALL_FILES: swift/manifest + CONTROLLER_HOST_ADDRESS: + SWIFT_PART_POWER: 10 SWIFT_REPLICAS: 3 SWIFT_MIN_PART_HOURS: 1 -- cgit v1.2.1 From 1ec9fced3606cf71c80414093289672ef56c4b92 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Wed, 15 Apr 2015 16:32:22 +0000 Subject: Use Linux 3.15.10 for Calxeda Highbank systems 3.16 and newer do not boot. A panic happens just before 'init' due to the following error: Unhandled fault: imprecise external abort (0xc06) at 0xb6fea878 We should 'git bisect' to find out what causes this, but I don't have time right now. I've tested the little-endian kernel only. Change-Id: I173e74c1e460f798fcdd5c707a83a177412b9e03 --- strata/bsp-armv7-highbank.morph | 10 ++++++++-- strata/bsp-armv7b-highbank.morph | 10 ++++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/strata/bsp-armv7-highbank.morph b/strata/bsp-armv7-highbank.morph index bc0c3a8c..9ac97e6c 100644 --- a/strata/bsp-armv7-highbank.morph +++ b/strata/bsp-armv7-highbank.morph @@ -7,5 +7,11 @@ chunks: - name: linux-armv7-highbank morph: strata/bsp-armv7-highbank/linux-armv7-highbank.morph repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + + # Linux 3.16 and later do not boot on Calxeda. They fail just before + # starting 'init' with this sort of message: + # + # Unhandled fault: imprecise external abort (0xc06) at 0xb6fea878 + + ref: f35b5e46feabab668a44df5b33f3558629f94dfc + unpetrify-ref: v3.15.10 diff --git a/strata/bsp-armv7b-highbank.morph b/strata/bsp-armv7b-highbank.morph index 3f75525d..397b9fcb 100644 --- a/strata/bsp-armv7b-highbank.morph +++ b/strata/bsp-armv7b-highbank.morph @@ -7,5 +7,11 @@ chunks: - name: linux-armv7b-highbank morph: strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + + # Linux 3.16 and later do not boot on Calxeda. They fail just before + # starting 'init' with this sort of message: + # + # Unhandled fault: imprecise external abort (0xc06) at 0xb6fea878 + + ref: f35b5e46feabab668a44df5b33f3558629f94dfc + unpetrify-ref: v3.15.10 -- cgit v1.2.1 From 0425200cc159e6baa007f8a80f451bb670452c71 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 13 Apr 2015 15:42:05 +0000 Subject: Add Openstack system Add Openstack system and stratum pointing they components to Juno tag 2014.2.1. Change-Id: Iaa9a31c44b0a2c711c5a147dc3156bab14577fb7 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Richard Maw Signed-off-by: Richard Ipsum Signed-off-by: Patrick Darley Signed-off-by: Zara Zaimeche Signed-off-by: Mike Smith --- strata/openstack-services.morph | 837 +++++++++++++++++++++++ strata/openstack-services/cinder.morph | 18 + strata/openstack-services/horizon.morph | 59 ++ strata/openstack-services/ipaddr-py.morph | 6 + strata/openstack-services/librabbitmq.morph | 10 + strata/openstack-services/neutron.morph | 17 + strata/openstack-services/nova.morph | 18 + strata/openstack-services/novnc.morph | 11 + strata/openstack-services/open-iscsi.morph | 45 ++ strata/openstack-services/pies.morph | 11 + strata/openstack-services/python-xattr.morph | 8 + strata/openstack-services/qpid-python.morph | 6 + strata/openstack-services/rabbitmq-codegen.morph | 7 + strata/openstack-services/rabbitmq-server.morph | 16 + strata/openstack-services/rtslib-fb.morph | 27 + strata/openstack-services/subunit.morph | 3 + strata/openstack-services/tempest.morph | 11 + strata/openstack-services/thrift.morph | 6 + systems/openstack-system-x86_64.morph | 65 ++ 19 files changed, 1181 insertions(+) create mode 100644 strata/openstack-services.morph create mode 100644 strata/openstack-services/cinder.morph create mode 100644 strata/openstack-services/horizon.morph create mode 100644 strata/openstack-services/ipaddr-py.morph create mode 100644 strata/openstack-services/librabbitmq.morph create mode 100644 strata/openstack-services/neutron.morph create mode 100644 strata/openstack-services/nova.morph create mode 100644 strata/openstack-services/novnc.morph create mode 100644 strata/openstack-services/open-iscsi.morph create mode 100644 strata/openstack-services/pies.morph create mode 100644 strata/openstack-services/python-xattr.morph create mode 100644 strata/openstack-services/qpid-python.morph create mode 100644 strata/openstack-services/rabbitmq-codegen.morph create mode 100644 strata/openstack-services/rabbitmq-server.morph create mode 100644 strata/openstack-services/rtslib-fb.morph create mode 100644 strata/openstack-services/subunit.morph create mode 100644 strata/openstack-services/tempest.morph create mode 100644 strata/openstack-services/thrift.morph create mode 100644 systems/openstack-system-x86_64.morph diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph new file mode 100644 index 00000000..3288350b --- /dev/null +++ b/strata/openstack-services.morph @@ -0,0 +1,837 @@ +name: openstack-services +kind: stratum +description: Openstack clients and services +build-depends: +- morph: strata/erlang.morph +- morph: strata/django.morph +- morph: strata/xstatic.morph +- morph: strata/openstack-clients.morph +chunks: +- name: rabbitmq-codegen + morph: strata/openstack-services/rabbitmq-codegen.morph + ref: 4dc5ccde2a0b3d638e5754b00abf94196fe9ca32 + unpetrify-ref: rabbitmq_v3_4_1 + repo: upstream:rabbitmq-codegen +- name: rabbitmq-server + morph: strata/openstack-services/rabbitmq-server.morph + ref: 9afcf9b95d2c53f866e9a33ddce46562f8950ded + unpetrify-ref: baserock/master + repo: upstream:rabbitmq-server + build-depends: + - rabbitmq-codegen +- name: oslo-rootwrap + repo: upstream:openstack/oslo-rootwrap + ref: 62d732277de5cf663172eafe6d3a6c149a9cf814 + unpetrify-ref: master +- name: check + repo: upstream:check + ref: 8c872aca6675e95fa47e7514e28fbdf25fce6170 + unpetrify-ref: 0.9.8 +- name: cppunit + repo: upstream:cppunit + ref: 8133cf2b977f013216f0a41b6fcb740410d83926 + unpetrify-ref: 1.13.2 +- name: webob + repo: upstream:python-packages/webob + ref: ae0ac90f22f9e1ff351e445f92330efd89195f51 + unpetrify-ref: 1.4 +- name: greenlet + ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 + unpetrify-ref: 0.4.5 + repo: upstream:python-packages/greenlet +- name: eventlet + ref: 8d2474197de4827a7bca9c33e71a82573b6fc721 + unpetrify-ref: v0.15.2 + repo: upstream:python-packages/eventlet + build-depends: + - greenlet +- name: py-amqp + repo: upstream:python-packages/py-amqp + ref: 875b10d1715def640042c7ff2f42c00a6c07eed1 + unpetrify-ref: 1.4.6 +- name: librabbitmq + morph: strata/openstack-services/librabbitmq.morph + repo: upstream:python-packages/librabbitmq + ref: 0087f3c6fa81d4ec4c573319ee2149a5db7018e6 + unpetrify-ref: baserock/v1.6.1 + build-depends: + - py-amqp +- name: anyjson + repo: upstream:python-packages/anyjson + ref: 016506078e94718e1fe750eb5083ab5ba07498c8 + unpetrify-ref: 0.3.3 +- name: kombu + repo: upstream:python-packages/kombu + ref: 6e68e54b3a846faa6f8b7e14a4a7ca51d1967bc2 + unpetrify-ref: v3.0.23 + build-depends: + - anyjson + - py-amqp + - librabbitmq +- name: sqlalchemy + repo: upstream:python-packages/sqlalchemy + ref: ff34c480dfd2b8b7c72339d196f5477980a5124c + unpetrify-ref: rel_0_9_8 +- name: mako + repo: upstream:python-packages/mako.git + ref: 285bc818a50ccc0f9549630f7c4f4c250585c3e7 + unpetrify-ref: rel_1_0_0 +- name: alembic + repo: upstream:python-packages/alembic + ref: 5f952f25caa688d89204d134ee867de7dbad917c + unpetrify-ref: rel_0_7_1 + build-depends: + - sqlalchemy + - mako +- name: lockfile + repo: upstream:python-packages/lockfile + ref: 777758cdf4520271370b3338b86b5c66f9b104f0 + unpetrify-ref: master +- name: dogpile-core + repo: upstream:python-packages/dogpile-core + ref: 3e6f0f86b4161b48898e656039154092426e5cc8 + unpetrify-ref: rel_0_4_1 +- name: dogpile-cache + repo: upstream:python-packages/dogpile-cache + ref: 1c753914b335b4391bc5847a87b7c52ca81c2bc6 + unpetrify-ref: rel_0_5_4 + build-depends: + - dogpile-core +- name: pyjwt + repo: upstream:python-packages/pyjwt + ref: 739efeff4c6c1fc30ab5cf5eb0ac337e8ee107d7 + unpetrify-ref: 0.2.3 +- name: creole + repo: upstream:python-packages/creole + ref: 6390231688adb5d8678a71cd33204e9bca555d4a + unpetrify-ref: v1.2.1 +- name: mock + repo: upstream:python-packages/mock + ref: 35b35f7ad239005a950f870af57b44dbdc99d66b + unpetrify-ref: master +- name: nose + repo: upstream:python-packages/nose + ref: 08d134270b035dac3310cd877bb0fe9ab678303a + unpetrify-ref: release_1.3.4 +- name: pygments + repo: upstream:python-packages/pygments + ref: f41e8c594e76855611b3b3dfca300894bd29f1c4 + unpetrify-ref: 2.0rc1 +- name: docutils + repo: upstream:python-packages/docutils + ref: 1976ba91eff979abc3e13e5d8cb68324833af6a0 + unpetrify-ref: docutils-0.12 +- name: snowballstemmer + repo: upstream:python-packages/snowballstemmer.git + ref: f0d81ce1606d685029302ea073b59d9437d12569 + unpetrify-ref: master +- name: sphinx + repo: upstream:python-packages/sphinx + ref: e76c9771bad16e68cdb7deb18b4d13de0a718c68 + unpetrify-ref: 1.3b1 + build-depends: + - pygments + - docutils + - snowballstemmer +- name: logilab-common + repo: upstream:python-packages/logilab-common.git + ref: d1d8f793af6d015d885b9ea67b5741d5a093e2f4 + unpetrify-ref: logilab-common-version-0.62.0 +- name: astroid + repo: upstream:python-packages/astroid.git + ref: 7657331baa162122890aa4327f4f441cde9f5188 + unpetrify-ref: astroid-1.2.1 + build-depends: + - logilab-common +- name: pylint + repo: upstream:python-packages/pylint + ref: 541466c31aae21c7cfbf30470f0f6a2dc0a948c3 + unpetrify-ref: pylint-1.3.1 + build-depends: + - logilab-common + - astroid +- name: python-markdown + repo: upstream:python-markdown + ref: f0c5b71acbc02af60a33d67c59558bb513b25e74 + unpetrify-ref: 2.5.1-final +- name: pystache + repo: upstream:python-packages/pystache.git + ref: 0c5e61a4ccc05bde7f6c6132b4fb6c49a3c093fd + unpetrify-ref: baserock/v0.5.4 +- name: pies + repo: upstream:python-packages/pies.git + ref: 593dcce07fdb3e8d0053a863a7aba7f2ce8a6c9c + unpetrify-ref: 2.6.1 +- name: natsort + repo: upstream:python-packages/natsort.git + ref: ce94d418c3849e891f0508b41f5bccc4ae1d4e4d + unpetrify-ref: 3.5.1 +- name: isort + repo: upstream:python-packages/isort.git + ref: 9d1b03b6e1fd2f87be1c635d6159a76a131f8155 + unpetrify-ref: 3.9.0 + build-depends: + - pies + - natsort +- name: pep8 + repo: upstream:python-packages/pep8.git + ref: 164066c4d85f212f5f4a11699b848942c678b947 + unpetrify-ref: 1.5.7 +- name: pyflakes + repo: upstream:python-packages/pyflakes.git + ref: 71b7b6776856912d50a0b9a85a8ea2a1dc7eb75c + unpetrify-ref: 0.8.1 +- name: smartypants + repo: upstream:python-packages/smartypants.git + ref: e89b6e7e119694edcd414a556c634d5ca85bff76 + unpetrify-ref: v1.8.6 + build-depends: + - isort + - pep8 + - pyflakes + - pylint +- name: pycco + repo: upstream:python-packages/pycco + ref: 22e157e525760e843dba391ca85fbe9bd35fdc5b + unpetrify-ref: master + build-depends: + - python-markdown + - pygments + - pystache + - smartypants +- name: python-decorator + repo: upstream:python-packages/python-decorator + ref: b02f7a254c3679dfac57a824e08dd02ced850636 + unpetrify-ref: decorator-3.4.0 +- name: dateutil + repo: upstream:python-packages/dateutil + ref: 8c6026ba09716a4e164f5420120bfe2ebb2d9d82 + unpetrify-ref: trunk +- name: posix-ipc-tarball + repo: upstream:python-packages/posix-ipc-tarball + ref: f3765db04b903b3671733e07cf1541a51966dd14 + unpetrify-ref: posix_ipc-0.9.8 +- name: pastedeploy + repo: upstream:python-packages/pastedeploy + ref: 5ad87be617c2cc1dd31625688172e964db2756dc + unpetrify-ref: 1.5.2 +- name: paste + repo: upstream:python-packages/paste + ref: 4c177fce89fee925f0f4fbfde00ce2e1252562c0 + unpetrify-ref: master +- name: repoze-lru + repo: upstream:python-packages/repoze-lru + ref: 29c8281dee7fe8dae8c66c7c40ce7c058ec2ab0f + unpetrify-ref: 0.6 +- name: routes + repo: upstream:python-packages/routes + ref: 8b165a52ab568f6fcaaa11cbbc7402e0360f60a3 + unpetrify-ref: v2.0 + build-depends: + - repoze-lru +- name: passlib + repo: upstream:python-packages/passlib + ref: f407312597727a08440e41bc8e31d3b3b334c66f + unpetrify-ref: 1.6.2 +- name: tempita + repo: upstream:python-packages/tempita + ref: b2b67795a009e9f825cbd855d766b78a00273f10 + unpetrify-ref: 0.5 +- name: cython + repo: upstream:cython + ref: f66e01ff743b6d010245a08b144a94e474f29967 + unpetrify-ref: 0.21.1 +- name: numpy + repo: upstream:python-packages/numpy.git + ref: ac07f6d3e45090b224a7da81708e60a762a65f76 + unpetrify-ref: baserock/v1.9.0 + build-depends: + - cython + - sphinx +- name: websockify + repo: upstream:python-packages/websockify + ref: e0863aa0c2103069961bc24e618615a0f2bb1487 + unpetrify-ref: baserock/v0.6.0 + build-depends: + - numpy +- name: python-mimeparse + repo: upstream:python-packages/python-mimeparse.git + ref: 2d600d3fc4a386af69d20fba433843b4df2b3c92 + unpetrify-ref: master +- name: httplib2 + ref: 058a1f9448d5c27c23772796f83a596caf9188e6 + unpetrify-ref: v0.9 + repo: upstream:python-packages/httplib2 +- name: extras + repo: upstream:python-packages/python-test-extras.git + ref: cdeb596f01241e9c779332e86f6edcd0c2e8e9f0 + unpetrify-ref: master +- name: testtools + repo: upstream:python-packages/testtools + ref: ee9946228ce5a03a84cf146027de0a8a9a46c4fe + unpetrify-ref: testools-1.1.0 + build-depends: + - extras + - python-mimeparse +- name: fixtures + repo: upstream:python-packages/fixtures + ref: 9f9d89ce718463b24cd3910b9a99efb60b3c9e1b + unpetrify-ref: 0.3.16 + build-depends: + - testtools +- name: subunit + morph: strata/openstack-services/subunit.morph + repo: upstream:python-packages/subunit + ref: e18ffe65a3229d5c1d91be988405d40219db0887 + unpetrify-ref: 0.0.21 + build-depends: + - extras + - testtools + - check + - cppunit +- name: testrepository + repo: upstream:python-packages/testrepository + ref: 6419a3dcaabaf09eaf438c6d8d85c90eba7a2b91 + unpetrify-ref: 0.0.19 + build-depends: + - fixtures + - subunit + - testtools +- name: suds + repo: upstream:python-packages/suds + ref: badd30a87f676d632d7386b05401e6029a5df83c + unpetrify-ref: release-0.3.2 +- name: testscenarios + repo: upstream:python-packages/testscenarios + ref: 475857af19a8190c9c0c7f8241b9907b942e19fd + unpetrify-ref: trunk +- name: mox + repo: upstream:python-packages/mox + ref: 160491d0384285698d726b1af21277f336107f51 + unpetrify-ref: master +- name: jsonrpclib + repo: upstream:python-packages/jsonrpclib + ref: 53c8ffcfe4dd1718086cc551dce8ac459e8abc67 + unpetrify-ref: master +- name: rtslib-fb + repo: upstream:python-packages/rtslib-fb + ref: 8ffb4739d596fb1aac5d62d173d1e6f80270af9d + unpetrify-ref: v2.1.fb52 + morph: strata/openstack-services/rtslib-fb.morph +- name: netifaces + repo: upstream:python-packages/netifaces + ref: 885b200ba717df87f6e8044ec8c66c677c949bcb + unpetrify-ref: release_0_10_4 +- name: networkx + repo: upstream:python-packages/networkx + ref: 8ac796aba866ade1a56b83e30f25ed392ca3512c + unpetrify-ref: v1.9.1 + build-depends: + - python-decorator +- name: dnspython + repo: upstream:python-packages/dnspython + ref: e1369c62d14f82b80ef11197a490ace5d43bb3f3 + unpetrify-ref: v1.12.0 +- name: pexpect + repo: upstream:python-packages/pexpect + ref: 671417beb41c21f772687c565196fdde444b053b + unpetrify-ref: 3.3 +- name: ply + repo: upstream:python-packages/ply.git + ref: 6513f3537d80f483ec9c7e36d52e87f107a57f23 + unpetrify-ref: master +- name: jsonpath-rw + repo: upstream:python-packages/jsonpath-rw + ref: f4cfe56b8e8370116c5275ddcea970e9a68fd75d + unpetrify-ref: 1.2.3 + build-depends: + - ply + - python-decorator +- name: waitress + repo: upstream:python-packages/waitress.git + ref: b795d573a5a9e6e39b46a6e82da367a6a5db8dbd + unpetrify-ref: 0.8.9 +- name: beautifulsoup4 + repo: upstream:python-packages/beautifulsoup4.git + ref: bcd7af0e9159d97aa511fb2d879424d1c1c5aadf + unpetrify-ref: trunk +- name: webtest + repo: upstream:python-packages/webtest.git + ref: 6a24fba456d1c4ac2609b90f1fdc377c595608a4 + unpetrify-ref: 2.0.16 + build-depends: + - webob + - waitress + - beautifulsoup4 +- name: logutils + repo: upstream:python-packages/logutils.git + ref: 095f14efbaaf838b7772bffd36a466abb9668efe + unpetrify-ref: 0.3.3 +- name: pecan + repo: upstream:python-packages/pecan + ref: c7f241fd6bb8a0b10e02b8b43aaf1810c312cfbf + unpetrify-ref: 0.8.0 + build-depends: + - webob + - mako + - webtest + - logutils +- name: croniter + repo: upstream:python-packages/croniter + ref: 0c3aeac05791cb4ece9e30da29442e9cd5b22f36 + unpetrify-ref: 0.3.5 + build-depends: + - dateutil +- name: msgpack-python + repo: upstream:python-packages/msgpack-python + ref: 61bac2f586e82313a0e618093bfed2435cd18983 + unpetrify-ref: 0.4.2 +- name: qpid-python + morph: strata/openstack-services/qpid-python.morph + repo: upstream:python-packages/qpid-python + ref: 587b0febaf1996db1e483137ed6addb45580ee9e + unpetrify-ref: 0.30 +- name: simplegeneric-tarball + repo: upstream:python-packages/simplegeneric-tarball + ref: 601fab9b154c557dfd848d531a8969f4697d1aa2 + unpetrify-ref: simplegeneric_0.8.1.orig +- name: ipaddr-py + morph: strata/openstack-services/ipaddr-py.morph + ref: c813f4790d1092b1515ee18fe8270180ed3cc5cb + unpetrify-ref: master + repo: upstream:python-packages/ipaddr-py +- name: wsme + repo: upstream:python-packages/wsme + ref: 99d7668789cc6252398222549599d1363cddb081 + unpetrify-ref: 0.6.1 + build-depends: + - ipaddr-py + - simplegeneric-tarball + - webob +- name: pysnmp + repo: upstream:python-packages/pysnmp + ref: 1b377afeaf9ee96ab1d48aeebb2b7a6d65a4ac9d + unpetrify-ref: release_4_2_5_tag +- name: thrift + morph: strata/openstack-services/thrift.morph + repo: upstream:thrift + ref: 591e20f9636c37527a70dc03598218c3468a0eff + unpetrify-ref: 0.9.2 +- name: retrying + repo: upstream:python-packages/retrying + ref: cab083eb5791615fadbc0c98ad77a70d64b77d0d + unpetrify-ref: v1.3.1 +- name: boto + repo: upstream:boto + ref: 2517f660f8ef9012708d46da3a36ab967993d2f6 + unpetrify-ref: 2.33.0 +- name: oslo-messaging + repo: upstream:openstack/oslo-messaging + ref: 6ea3b12492e86f9e8d109fc3490cc4d3a0edd8b6 + unpetrify-ref: 1.4.0.0a5 + build-depends: + - eventlet + - kombu +- name: oslo-vmware + repo: upstream:openstack/oslo-vmware + ref: 047d62c4bbd01a951f77a1a4a75fb2b3d8ce23ee + unpetrify-ref: 0.6.0 + build-depends: + - suds + - eventlet +- name: taskflow + repo: upstream:openstack/taskflow + ref: 1caaecc5d6b2aa4cde4a50e31d1d993fce7a66c4 + unpetrify-ref: 0.5.0 + build-depends: + - networkx +- name: sqlalchemy-migrate + repo: upstream:python-packages/sqlalchemy-migrate + ref: 089663761cc15f8b3cdb874b6a76270ccdd0a412 + unpetrify-ref: 0.9.1 + build-depends: + - sqlalchemy + - python-decorator + - tempita +- name: oauthlib + repo: upstream:python-packages/oauthlib + ref: de773eefcb3c1afe54a0c12d5bf9bd214ceaf404 + unpetrify-ref: 0.6.3 + build-depends: + - docutils + - creole + - pycco + - mock + - nose + - sphinx + - pyjwt +- name: happybase + repo: upstream:python-packages/happybase + ref: 90a4b7ef741f0ecfe5145693f64c6f7180b9ba3d + unpetrify-ref: 0.8 + build-depends: + - thrift +- name: osprofiler + repo: upstream:python-packages/osprofiler + ref: bbe39b517263017c9db56ae1d904d08846eacff7 + unpetrify-ref: 0.3.0 + build-depends: + - webob +- name: oslotest + repo: upstream:openstack/oslotest + ref: cfdb562a6e07728570ca624a8c4faf3f5b61423b + unpetrify-ref: 1.2.0 + build-depends: + - fixtures + - subunit + - testrepository + - testscenarios + - testtools + - mock + - mox +- name: pycadf + repo: upstream:python-packages/pycadf + ref: 52727bcea3a98e72331e748ce5f9e3a111a64cd1 + unpetrify-ref: 0.6.0 + build-depends: + - oslo-messaging + - posix-ipc-tarball + - webob +- name: python-xattr + morph: strata/openstack-services/python-xattr.morph + repo: upstream:python-packages/xattr + ref: dd10d44e3eb9a1d2303c1f7d5126c099d56e97fc + unpetrify-ref: v0.7.6 +- name: keystonemiddleware + repo: upstream:openstack/keystonemiddleware + ref: a7beb50b38be5c3dd4c44d68ad79d1bb206dab6b + unpetrify-ref: 1.2.0 + build-depends: + - webob +- name: oslo-db + repo: upstream:openstack/oslo-db + ref: 0bb1e236daae53a3f5b4b88761d7b19f7961ed6c + unpetrify-ref: 1.0.2 + build-depends: + - alembic + - sqlalchemy + - sqlalchemy-migrate +- name: glance_store + repo: upstream:openstack/glance_store.git + ref: 54f673d4133c1244e2555e7ceb3344c104a74154 + unpetrify-ref: 0.1.8 + build-depends: + - eventlet +- name: glance + repo: upstream:openstack/glance + ref: 055adff1d95dca72074da898b541cb4a6b62406d + unpetrify-ref: 2014.2.1 + build-depends: + - greenlet + - sqlalchemy + - anyjson + - eventlet + - pastedeploy + - routes + - webob + - boto + - sqlalchemy-migrate + - httplib2 + - kombu + - keystonemiddleware + - wsme + - oslo-vmware + - paste + - oslo-db + - oslo-messaging + - retrying + - osprofiler + - glance_store +- name: sqlparse + repo: upstream:python-packages/sqlparse + ref: 991e7348075accae6d08025212251af21e92e664 + unpetrify-ref: 0.1.13 +- name: keystone + repo: upstream:openstack/keystone + ref: 615f79bb97883eee76923527cea13c2f72baa7ff + unpetrify-ref: 2014.2.1 + build-depends: + - webob + - eventlet + - greenlet + - pastedeploy + - paste + - routes + - sqlalchemy + - sqlalchemy-migrate + - passlib + - keystonemiddleware + - oslo-messaging + - oslo-db + - oauthlib + - dogpile-cache + - pycadf + - posix-ipc-tarball + - sqlparse +- name: neutron + morph: strata/openstack-services/neutron.morph + repo: upstream:openstack/neutron + ref: dfa4b4b9b6b19a627cfb5eb5c6ab9db4961a06ea + unpetrify-ref: 2014.2.1 + build-depends: + - paste + - pastedeploy + - routes + - anyjson + - eventlet + - greenlet + - httplib2 + - jsonrpclib + - keystonemiddleware + - sqlalchemy + - webob + - alembic + - oslo-db + - oslo-messaging + - oslo-rootwrap +- name: swift + repo: upstream:openstack/swift + ref: 2e8261a4dc0d0af0c4a46478b81e167bcf02220b + unpetrify-ref: 2.2.0 + build-depends: + - dnspython + - eventlet + - greenlet + - netifaces + - pastedeploy + - python-xattr +- name: trove + repo: upstream:openstack/trove + ref: a4c38cc6ddbfba2301766eced939229cccc31953 + unpetrify-ref: 2014.2 + build-depends: + - sqlalchemy + - eventlet + - keystonemiddleware + - kombu + - routes + - webob + - pastedeploy + - paste + - sqlalchemy-migrate + - netifaces + - httplib2 + - passlib + - pexpect +- name: wsgiref + repo: upstream:python-packages/wsgiref.git + ref: e8360785eef259394e13b2062407edc3c2cbc1e0 + unpetrify-ref: baserock/master +- name: rfc3986 + repo: upstream:python-packages/python-rfc3986.git + ref: 9817ec3e47bca8fba9a7cac56d785e9d644f7473 + unpetrify-ref: rfc3986-0.2.0 +- name: urwid + repo: upstream:python-packages/urwid + ref: 838839f7a300a774240d52f943aafd6ff44b2413 + unpetrify-ref: release-1.3.0 +- name: configshell-fb + repo: upstream:python-packages/configshell-fb + ref: 8c151ccdd75956da60b2304417c41a60a2c28231 + unpetrify-ref: v1.1.fb17 +- name: targetcli-fb + repo: upstream:python-packages/targetcli + ref: c62610f3c2da6b4d364028c18bcc7f0d3da54477 + unpetrify-ref: v2.1.fb39 + build-depends: + - configshell-fb + - rtslib-fb +- name: sysfsutils + repo: upstream:sysfsutils + ref: 237bf36e664db92f95b75067bf0f246726993254 + unpetrify-ref: sysfsutils-2_1_0 +- name: open-iscsi + morph: strata/openstack-services/open-iscsi.morph + repo: upstream:open-iscsi + ref: 8da14e6f9eeeb4fd03938d40fe1126fe0d110b68 + unpetrify-ref: master +- name: nova + morph: strata/openstack-services/nova.morph + repo: upstream:openstack/nova + ref: ba25e9ea6d0d42dd3b78cc6440710fd9362ae1b5 + unpetrify-ref: 2014.2.1 + build-depends: + - sqlalchemy + - anyjson + - boto + - python-decorator + - eventlet + - keystonemiddleware + - kombu + - routes + - webob + - greenlet + - pastedeploy + - paste + - sqlalchemy-migrate + - suds + - posix-ipc-tarball + - websockify + - wsgiref + - oslo-db + - oslo-rootwrap + - pycadf + - oslo-messaging + - lockfile + - rfc3986 + - oslo-vmware +- name: cinder + morph: strata/openstack-services/cinder.morph + repo: upstream:openstack/cinder + ref: b48aee211ad9b2571c8554dd162b37b8a8d80a42 + unpetrify-ref: 2014.2.1 + build-depends: + - anyjson + - eventlet + - greenlet + - keystonemiddleware + - kombu + - oslo-db + - oslo-messaging + - oslo-rootwrap + - osprofiler + - paste + - pastedeploy + - routes + - taskflow + - rtslib-fb + - sqlalchemy + - sqlalchemy-migrate + - suds + - webob + - wsgiref +- name: kazoo + repo: upstream:python-packages/kazoo.git + ref: 93a718ea4c20df797766742c3d74de281613c651 + unpretrify-ref: 2.0 +- name: pymemcache + repo: upstream:python-packages/pymemcache.git + ref: 3824d3b0bcdea3e8d0c08598bedfce10fd3c79e0 + unpetrify-ref: master + build-depends: + - nose +- name: zake + repo: upstream:python-packages/zake.git + ref: 13b92d9db4ad37d9550ef5c5abd323a2530a1e72 + unpetrify-ref: master + build-depends: + - kazoo + - testtools +- name: sysv_ipc-tarball + repo: upstream:python-packages/sysv-ipc-tarball.git + ref: a77e3a63f004e6ee789fa05e4a5bbc333b1529f1 + unpetrify-ref: sysv_ipc-0.6.8 +- name: tooz + repo: upstream:python-packages/tooz.git + ref: a90940a506b7c1bf52ef7d2f2ff52204fdcc6221 + unpetrify-ref: 0.7 + build-depends: + - kazoo + - pymemcache + - zake + - sysv_ipc-tarball + - msgpack-python + - retrying +- name: ceilometer + repo: upstream:openstack/ceilometer + ref: 94579bfc81b820380d03703e4e2311b3bd25c022 + unpetrify-ref: 2014.2 + build-depends: + - alembic + - anyjson + - croniter + - eventlet + - happybase + - jsonpath-rw + - keystonemiddleware + - lockfile + - msgpack-python + - oslo-db + - oslo-rootwrap + - oslo-vmware + - pastedeploy + - pecan + - posix-ipc-tarball + - oslo-messaging + - pysnmp + - sqlalchemy + - sqlalchemy-migrate + - tooz + - webob + - wsme +- name: heat + repo: upstream:openstack/heat + ref: c06772571a81383aa37336a78d72d455067b75e8 + unpetrify-ref: 2014.2 + build-depends: + - eventlet + - greenlet + - httplib2 + - keystonemiddleware + - kombu + - oslo-db + - oslo-messaging + - pastedeploy + - posix-ipc-tarball + - qpid-python + - routes + - sqlalchemy + - sqlalchemy-migrate + - webob +- name: django-openstack-auth + repo: upstream:openstack/django_openstack_auth + ref: e676c88a329af57d6c4f13df54f6e1e06c1f8360 + unpetrify-ref: 1.1.8 +- name: horizon + morph: strata/openstack-services/horizon.morph + repo: upstream:openstack/horizon + ref: 3d9a31e2a05288e9a48a51eb4fe693c42e92aac7 + unpetrify-ref: 2014.2.1 + build-depends: + - django-openstack-auth + - lockfile +- name: novnc + morph: strata/openstack-services/novnc.morph + repo: upstream:novnc + ref: fc00821eba469641c6c94706726c3d78e46460a2 + unpetrify-ref: v0.5.1 +- name: oauth + repo: upstream:python-packages/oauthlib + ref: fd239fca84644896b1971cf24bc6213d065adb86 + unpetrify-ref: 0.072 +- name: pyserial + repo: upstream:python-packages/pyserial + ref: bcfc1ec2fdb9a8c9c867481d7673e85fe512e667 + unpetrify-ref: release2_7 +- name: testresources + repo: upstream:python-packages/testresources + ref: ef938bcce0e436f9e9ffef932a898dc248a1d6ea + unpetrify-ref: 0.2.7 + build-depends: + - testtools + - fixtures + - check + - cppunit +- name: mox3 + repo: upstream:python-packages/pymox + ref: 444fa40f4edb529efbffa2da8dbd97e9b8564b5c + unpetrify-ref: master +- name: mocker + repo: upstream:python-packages/mocker + ref: f7f87e4ac1c52342162cf2035f5fe3d273f8b07f + unpetrify-ref: master +- name: tempest + morph: strata/openstack-services/tempest.morph + repo: upstream:openstack/tempest.git + ref: acba5510785258949679304f3e1a55e53b851962 + unpetrify-ref: "2" diff --git a/strata/openstack-services/cinder.morph b/strata/openstack-services/cinder.morph new file mode 100644 index 00000000..cd680b09 --- /dev/null +++ b/strata/openstack-services/cinder.morph @@ -0,0 +1,18 @@ +name: cinder +kind: chunk +build-system: python-distutils +post-install-commands: +# Install rootwrap.conf +- install -D -m 640 etc/cinder/rootwrap.conf "$DESTDIR"/etc/cinder/rootwrap.conf +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/cinder/rootwrap.d +- install -D -m 644 etc/cinder/rootwrap.d/* "$DESTDIR"/etc/cinder/rootwrap.d/ +# Add cinder to sudoers controlling which commands will run as a root +# using the openstack rootwrap. +- mkdir -p "$DESTDIR"/etc/sudoers.d +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/cinder-rootwrap + Defaults:cinder !requiretty + + cinder ALL=(root) NOPASSWD: /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf * + EOF diff --git a/strata/openstack-services/horizon.morph b/strata/openstack-services/horizon.morph new file mode 100644 index 00000000..ae6399b1 --- /dev/null +++ b/strata/openstack-services/horizon.morph @@ -0,0 +1,59 @@ +name: horizon +kind: chunk +configure-commands: +# Remove unnecessary .mo files they will be generated +# later during package build. +- find . -name "django*.mo" -exec rm -f '{}' \; +# Set COMPRESS_OFFLINE=True +- | + sed -i 's:COMPRESS_OFFLINE.=.False:COMPRESS_OFFLINE = True:' \ + openstack_dashboard/settings.py +build-commands: +# Compile message strings +- cd horizon && django-admin.py compilemessages && cd .. +- cd openstack_dashboard && django-admin.py compilemessages && cd .. +- python setup.py build +post-build-commands: +# Use the local_settings.py example to compile and compress the css, js, etc files. +# This is a hack to make SECRET_KEY work. +- | + cp openstack_dashboard/local/local_settings.py.example \ + openstack_dashboard/local/local_settings.py +# Collect the static files and compress them. +- python manage.py collectstatic --noinput +- python manage.py compress --force +install-commands: +# Undo hack +- | + cp openstack_dashboard/local/local_settings.py.example \ + openstack_dashboard/local/local_settings.py +# Install horizon +- python setup.py install -O1 --skip-build --prefix "$PREFIX" --root "$DESTDIR" +post-install-commands: +# Remove unnecessary .po files +- find "$DESTDIR" -name django.po -exec rm '{}' \; +- find "$DESTDIR" -name djangojs.po -exec rm '{}' \; +# Link Openstack local_settings where openstack_dashboard is installed. +- mkdir -p "$DESTDIR"/var/lib/horizon/openstack_dashboard/local +- | + ln -sf /etc/horizon/openstack_dashboard/local_settings.py \ + "$DESTDIR$PREFIX"/lib/python2.7/site-packages/openstack_dashboard/local/local_settings.py +# Create the static directory (STATIC_ROOT) used in local_settings.py to keep +# the static objects like css files. +- mkdir -p "$DESTDIR"/var/lib/horizon/openstack_dashboard/static +# Copy the compressed static files to horizon. +- cp -a openstack_dashboard/static/* "$DESTDIR"/var/lib/horizon/openstack_dashboard/static +- cp -a horizon/static/* "$DESTDIR"/var/lib/horizon/openstack_dashboard/static +- cp -a static/* "$DESTDIR"/var/lib/horizon/openstack_dashboard/static +# Work around to make django.wsgi working with horizon +# See: https://bugs.launchpad.net/osprofiler/+bug/1361235 +# and: https://git.openstack.org/cgit/openstack/tripleo-image-elements/commit/?id=41c9a1dfad23f8aee366afb6a0b20a6c57ec8f79 +- | + sed -i "s|'../..'|os.path.realpath('../..')|" \ + "$DESTDIR$PREFIX"/lib/python2.7/site-packages/openstack_dashboard/wsgi/django.wsgi +# And link this django.wsgi file to the horizon home directory +- | + ln -sf "$PREFIX"/lib/python2.7/site-packages/openstack_dashboard/wsgi/django.wsgi \ + "$DESTDIR"/var/lib/horizon/openstack_dashboard/django.wsgi +# Create the horizon document root for apache configuration +- mkdir -p "$DESTDIR"/var/lib/horizon/.blackhole diff --git a/strata/openstack-services/ipaddr-py.morph b/strata/openstack-services/ipaddr-py.morph new file mode 100644 index 00000000..f6691ab7 --- /dev/null +++ b/strata/openstack-services/ipaddr-py.morph @@ -0,0 +1,6 @@ +name: ipaddr-py +kind: chunk +build-commands: +- cd trunk && python setup.py build +install-commands: +- cd trunk && python setup.py install --prefix "$PREFIX" --root "$DESTDIR" diff --git a/strata/openstack-services/librabbitmq.morph b/strata/openstack-services/librabbitmq.morph new file mode 100644 index 00000000..b87ce369 --- /dev/null +++ b/strata/openstack-services/librabbitmq.morph @@ -0,0 +1,10 @@ +name: librabbitmq +kind: chunk +build-system: python-distutils +configure-commands: +- (cd rabbitmq-c; rm -rf codegen; ln -sf ../rabbitmq-codegen ./codegen) +- (cd rabbitmq-c; autoreconf -fvi) +- (cd rabbitmq-c; automake --add-missing) +- (cd rabbitmq-c; ./configure --disable-tools --disable-docs) +- (cd rabbitmq-c; make distdir) +- mv rabbitmq-c/rabbitmq-c-0.5.3 clib diff --git a/strata/openstack-services/neutron.morph b/strata/openstack-services/neutron.morph new file mode 100644 index 00000000..b79a089b --- /dev/null +++ b/strata/openstack-services/neutron.morph @@ -0,0 +1,17 @@ +name: neutron +kind: chunk +build-system: python-distutils +post-install-commands: +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/neutron +- mv "$DESTDIR$PREFIX"/etc/neutron/rootwrap.d "$DESTDIR"/etc/neutron/ +- mv "$DESTDIR$PREFIX"/etc/neutron/rootwrap.conf "$DESTDIR"/etc/neutron/ +# Add neutron to sudoers controlling which commands is running as a root +# using the openstack rootwrap. +- mkdir -p "$DESTDIR"/etc/sudoers.d +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/neutron-rootwrap + Defaults:neutron !requiretty + + neutron ALL=(root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf * + EOF diff --git a/strata/openstack-services/nova.morph b/strata/openstack-services/nova.morph new file mode 100644 index 00000000..bb6dd756 --- /dev/null +++ b/strata/openstack-services/nova.morph @@ -0,0 +1,18 @@ +name: nova +kind: chunk +build-system: python-distutils +post-install-commands: +# Install rootwrap.conf +- install -D -m 640 etc/nova/rootwrap.conf "$DESTDIR"/etc/nova/rootwrap.conf +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/nova/rootwrap.d +- install -D -m 644 etc/nova/rootwrap.d/* "$DESTDIR"/etc/nova/rootwrap.d/ +# Add nova to sudoers controlling which commands will run as a root +# using the openstack rootwrap. +- mkdir -p "$DESTDIR"/etc/sudoers.d +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/nova-rootwrap + Defaults:nova !requiretty + + nova ALL=(root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf * + EOF diff --git a/strata/openstack-services/novnc.morph b/strata/openstack-services/novnc.morph new file mode 100644 index 00000000..858320a0 --- /dev/null +++ b/strata/openstack-services/novnc.morph @@ -0,0 +1,11 @@ +name: novnc +kind: chunk +install-commands: +- mkdir -p "$DESTDIR$PREFIX"/share/novnc/utils +- install -m 444 *html "$DESTDIR$PREFIX"/share/novnc +- install -m 444 vnc.html "$DESTDIR$PREFIX"/share/novnc/index.html +- mkdir -p "$DESTDIR$PREFIX"/share/novnc/include +- install -m 444 include/*.* "$DESTDIR$PREFIX"/share/novnc/include +- mkdir -p "$DESTDIR$PREFIX"/share/novnc/images +- install -m 444 images/*.* "$DESTDIR$PREFIX"/share/novnc/images +- install -d "$DESTDIR"/etc/sysconfig diff --git a/strata/openstack-services/open-iscsi.morph b/strata/openstack-services/open-iscsi.morph new file mode 100644 index 00000000..9d135ab2 --- /dev/null +++ b/strata/openstack-services/open-iscsi.morph @@ -0,0 +1,45 @@ +name: open-iscsi +kind: chunk +build-commands: +- make +install-commands: +# Rewrite prefix and exec_prefix which are set to "/usr" and "/" respectively +- make prefix="$PREFIX" exec_prefix="$PREFIX" DESTDIR="$DESTDIR" install +# Install iscsistart app which is not listed by default in PROGRAMS +- make prefix="$PREFIX" exec_prefix="$PREFIX" DESTDIR="$DESTDIR" PROGRAMS="usr/iscsistart" install +post-install-commands: +# Configure iscsi daemon +# Point the startup to the installed binary +- | + sed -i -e "s|iscsid.startup = \/sbin\/iscsid|iscsid.startup = "$PREFIX"/sbin/iscsid|" \ + etc/iscsid.conf +# Start up a session automatically +- sed -i -e 's|node.startup = manual|node.startup = automatic|' etc/iscsid.conf +# Install config file +- install -D -m 644 etc/iscsid.conf "$DESTDIR"/etc/iscsi +# Install custom systemd unit file +- | + install -D -m 644 /proc/self/fd/0 << 'EOF' "$DESTDIR$PREFIX"/lib/systemd/system/iscsid.service + [Unit] + Description=Open iSCSI Daemon + After=network.target + + [Service] + Type=forking + ExecStart=/usr/sbin/iscsid + + [Install] + WantedBy=multi-user.target + EOF +# Install iscsi socket unit +- | + install -D -m 644 /proc/self/fd/0 << 'EOF' "$DESTDIR$PREFIX"/lib/systemd/system/iscsid.socket + [Unit] + Description=Open-iSCSI iscsid Socket + + [Socket] + ListenStream=@ISCSIADM_ABSTRACT_NAMESPACE + + [Install] + WantedBy=sockets.target + EOF diff --git a/strata/openstack-services/pies.morph b/strata/openstack-services/pies.morph new file mode 100644 index 00000000..327c1dc9 --- /dev/null +++ b/strata/openstack-services/pies.morph @@ -0,0 +1,11 @@ +name: pies +kind: chunk +configure-commands: +- | + cd pies2override + && python setup.py build + && python setup.py install --prefix "$PREFIX" --root "$DESTDIR" +build-commands: +- python setup.py build +install-commands: +- python setup.py install --prefix "$PREFIX" --root "$DESTDIR" diff --git a/strata/openstack-services/python-xattr.morph b/strata/openstack-services/python-xattr.morph new file mode 100644 index 00000000..7916bbf2 --- /dev/null +++ b/strata/openstack-services/python-xattr.morph @@ -0,0 +1,8 @@ +name: python-xattr +kind: chunk +configure-commands: +- cp -r /usr/lib/python2.7/site-packages/cffi . +build-commands: +- python setup.py build +install-commands: +- python setup.py install --prefix "$PREFIX" --root "$DESTDIR" diff --git a/strata/openstack-services/qpid-python.morph b/strata/openstack-services/qpid-python.morph new file mode 100644 index 00000000..203b3db5 --- /dev/null +++ b/strata/openstack-services/qpid-python.morph @@ -0,0 +1,6 @@ +name: qpid-python +kind: chunk +build-commands: +- cd qpid/python && python setup.py build +install-commands: +- cd qpid/python && python setup.py install --prefix "$PREFIX" --root "$DESTDIR" diff --git a/strata/openstack-services/rabbitmq-codegen.morph b/strata/openstack-services/rabbitmq-codegen.morph new file mode 100644 index 00000000..2b06aeb5 --- /dev/null +++ b/strata/openstack-services/rabbitmq-codegen.morph @@ -0,0 +1,7 @@ +name: rabbitmq-codegen +kind: chunk +configure-commands: [] +build-commands: [] +install-commands: +- mkdir -p "$DESTDIR$PREFIX"/lib/rabbitmq-codegen +- cp * "$DESTDIR$PREFIX"/lib/rabbitmq-codegen diff --git a/strata/openstack-services/rabbitmq-server.morph b/strata/openstack-services/rabbitmq-server.morph new file mode 100644 index 00000000..97b8a126 --- /dev/null +++ b/strata/openstack-services/rabbitmq-server.morph @@ -0,0 +1,16 @@ +name: rabbitmq-server +kind: chunk +configure-commands: +- mkdir -p codegen +- cp /usr/lib/rabbitmq-codegen/* codegen +build-commands: +- make +install-commands: +- | + make install_bin TARGET_DIR="$DESTDIR$PREFIX" \ + SBIN_DIR="$DESTDIR$PREFIX"/sbin \ + MAN_DIR="$PREFIX"/share/man \ + DOC_INSTALL_DIR="$PREFIX"/share + +post-install-commands: +- rm "$DESTDIR$PREFIX"/LICENSE* "$DESTDIR$PREFIX"/INSTALL diff --git a/strata/openstack-services/rtslib-fb.morph b/strata/openstack-services/rtslib-fb.morph new file mode 100644 index 00000000..26de3f9b --- /dev/null +++ b/strata/openstack-services/rtslib-fb.morph @@ -0,0 +1,27 @@ +name: rtslib-fb +kind: chunk +build-system: python-distutils +post-install-commands: +- mkdir -p "$DESTDIR$PREFIX"/lib/systemd/system + +# The following systemd unit is from the fedora package see +# http://pkgs.fedoraproject.org/cgit/python-rtslib.git/tree/target.service for +# more information + +- | + install -D -m 0644 /proc/self/fd/0 <<'EOF' "$DESTDIR$PREFIX"/lib/systemd/system/target.service + [Unit] + Description=Restore LIO kernel target configuration + Requires=sys-kernel-config.mount + After=sys-kernel-config.mount network.target local-fs.target + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=/usr/bin/targetctl restore + ExecStop=/usr/bin/targetctl clear + SyslogIdentifier=target + + [Install] + WantedBy=multi-user.target + EOF diff --git a/strata/openstack-services/subunit.morph b/strata/openstack-services/subunit.morph new file mode 100644 index 00000000..b7b43a39 --- /dev/null +++ b/strata/openstack-services/subunit.morph @@ -0,0 +1,3 @@ +name: python-subunit +kind: chunk +build-system: autotools diff --git a/strata/openstack-services/tempest.morph b/strata/openstack-services/tempest.morph new file mode 100644 index 00000000..da42c929 --- /dev/null +++ b/strata/openstack-services/tempest.morph @@ -0,0 +1,11 @@ +name: tempest +kind: chunk +build-system: python-distutils +post-install-commands: +- mkdir -p "$DESTDIR"/etc/tempest + +# Tempest is not supposed to be installed, just cloned and used from the clone, +# that's why we copy all the contents of the repository here, given that we +# don't know yet what things we can avoid copying. +- cp -R * "$DESTDIR"/etc/tempest +- cp .testr.conf "$DESTDIR"/etc/tempest diff --git a/strata/openstack-services/thrift.morph b/strata/openstack-services/thrift.morph new file mode 100644 index 00000000..39062351 --- /dev/null +++ b/strata/openstack-services/thrift.morph @@ -0,0 +1,6 @@ +name: thrift +kind: chunk +build-system: autotools +max-jobs: 1 +pre-configure-commands: +- ./bootstrap.sh diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph new file mode 100644 index 00000000..593794e0 --- /dev/null +++ b/systems/openstack-system-x86_64.morph @@ -0,0 +1,65 @@ +name: openstack-system-x86_64 +kind: system +description: Openstack system in baserock for the x86_64 architecture +arch: x86_64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: python-core + morph: strata/python-core.morph +- name: python-common + morph: strata/python-common.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-x86_64-generic + morph: strata/bsp-x86_64-generic.morph +- name: coreutils-common + morph: strata/coreutils-common.morph +- name: devtools + morph: strata/devtools.morph +- name: tools + morph: strata/tools.morph +- name: cloudinit-support + morph: strata/cloudinit-support.morph +- name: lvm + morph: strata/lvm.morph +- name: virtualization + morph: strata/virtualization.morph +- name: connectivity + morph: strata/connectivity.morph +- name: networking-utils + morph: strata/networking-utils.morph +- name: nfs + morph: strata/nfs.morph +- name: databases + morph: strata/databases.morph +- name: erlang + morph: strata/erlang.morph +- name: pcre-utils + morph: strata/pcre-utils.morph +- name: apache-httpd-server + morph: strata/apache-httpd-server.morph +- name: django + morph: strata/django.morph +- name: xstatic + morph: strata/xstatic.morph +- name: openstack-common + morph: strata/openstack-common.morph +- name: openstack-clients + morph: strata/openstack-clients.morph +- name: openstack-services + morph: strata/openstack-services.morph +- name: ansible + morph: strata/ansible.morph +- name: ntpd + morph: strata/ntpd.morph +configuration-extensions: +- set-hostname +- add-config-files +- simple-network +- nfsboot +- install-files +- cloud-init +- hosts -- cgit v1.2.1 From ffd35eafd549a923f43569d12ec0fbd39a43cc46 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 13 Apr 2015 16:19:41 +0000 Subject: Add default configuration files for Openstack This configuration files are from: - Cinder: http://git.baserock.org/cgi-bin/cgit.cgi/delta/openstack/cinder.git/tree/etc/cinder?id=2014.2.1 - Glance: http://git.baserock.org/cgi-bin/cgit.cgi/delta/openstack/glance.git/tree/etc?id=2014.2.1 - Keystone: http://git.baserock.org/cgi-bin/cgit.cgi/delta/openstack/keystone.git/tree/etc?id=2014.2.1 - Neutron: http://git.baserock.org/cgi-bin/cgit.cgi/delta/openstack/neutron.git/tree/etc?id=2014.2.1 - Nova: http://git.baserock.org/cgi-bin/cgit.cgi/delta/openstack/nova.git/tree/etc/nova?id=2014.2.1 - nova.conf: http://pkgs.fedoraproject.org/cgit/openstack-nova.git/tree/nova.conf.sample Signed-off-by: Mark Doffman Signed-off-by: Francisco Redondo Marchena Change-Id: If376202ad6cfe27a8551b7a672754bb9a10ed188 --- openstack/usr/share/openstack/cinder/api-paste.ini | 60 + openstack/usr/share/openstack/cinder/cinder.conf | 2825 +++++++++++++++ openstack/usr/share/openstack/cinder/policy.json | 80 + .../share/openstack/glance/glance-api-paste.ini | 77 + .../usr/share/openstack/glance/glance-api.conf | 697 ++++ .../usr/share/openstack/glance/glance-cache.conf | 200 + .../openstack/glance/glance-registry-paste.ini | 30 + .../share/openstack/glance/glance-registry.conf | 244 ++ .../share/openstack/glance/glance-scrubber.conf | 108 + openstack/usr/share/openstack/glance/logging.conf | 54 + openstack/usr/share/openstack/glance/policy.json | 52 + .../usr/share/openstack/glance/schema-image.json | 28 + .../share/openstack/keystone/keystone-paste.ini | 121 + .../usr/share/openstack/keystone/keystone.conf | 1587 ++++++++ .../usr/share/openstack/keystone/logging.conf | 65 + openstack/usr/share/openstack/keystone/policy.json | 171 + .../usr/share/openstack/neutron/api-paste.ini | 30 + .../usr/share/openstack/neutron/dhcp_agent.ini | 88 + .../usr/share/openstack/neutron/fwaas_driver.ini | 3 + openstack/usr/share/openstack/neutron/l3_agent.ini | 102 + .../usr/share/openstack/neutron/lbaas_agent.ini | 42 + .../usr/share/openstack/neutron/metadata_agent.ini | 59 + .../usr/share/openstack/neutron/metering_agent.ini | 18 + openstack/usr/share/openstack/neutron/neutron.conf | 637 ++++ .../neutron/plugins/bigswitch/restproxy.ini | 114 + .../neutron/plugins/bigswitch/ssl/ca_certs/README | 3 + .../plugins/bigswitch/ssl/host_certs/README | 6 + .../openstack/neutron/plugins/brocade/brocade.ini | 29 + .../neutron/plugins/cisco/cisco_cfg_agent.ini | 15 + .../neutron/plugins/cisco/cisco_plugins.ini | 100 + .../neutron/plugins/cisco/cisco_router_plugin.ini | 76 + .../neutron/plugins/cisco/cisco_vpn_agent.ini | 26 + .../neutron/plugins/embrane/heleos_conf.ini | 41 + .../plugins/hyperv/hyperv_neutron_plugin.ini | 63 + .../neutron/plugins/ibm/sdnve_neutron_plugin.ini | 50 + .../plugins/linuxbridge/linuxbridge_conf.ini | 78 + .../neutron/plugins/metaplugin/metaplugin.ini | 31 + .../openstack/neutron/plugins/midonet/midonet.ini | 19 + .../openstack/neutron/plugins/ml2/ml2_conf.ini | 71 + .../neutron/plugins/ml2/ml2_conf_arista.ini | 100 + .../neutron/plugins/ml2/ml2_conf_brocade.ini | 15 + .../neutron/plugins/ml2/ml2_conf_cisco.ini | 118 + .../neutron/plugins/ml2/ml2_conf_fslsdn.ini | 52 + .../neutron/plugins/ml2/ml2_conf_mlnx.ini | 4 + .../openstack/neutron/plugins/ml2/ml2_conf_ncs.ini | 28 + .../openstack/neutron/plugins/ml2/ml2_conf_odl.ini | 30 + .../openstack/neutron/plugins/ml2/ml2_conf_ofa.ini | 13 + .../neutron/plugins/ml2/ml2_conf_sriov.ini | 31 + .../openstack/neutron/plugins/mlnx/mlnx_conf.ini | 79 + .../share/openstack/neutron/plugins/nec/nec.ini | 60 + .../neutron/plugins/nuage/nuage_plugin.ini | 41 + .../neutron/plugins/oneconvergence/nvsdplugin.ini | 35 + .../plugins/opencontrail/contrailplugin.ini | 26 + .../plugins/openvswitch/ovs_neutron_plugin.ini | 190 + .../neutron/plugins/plumgrid/plumgrid.ini | 14 + .../share/openstack/neutron/plugins/ryu/ryu.ini | 44 + .../share/openstack/neutron/plugins/vmware/nsx.ini | 200 + openstack/usr/share/openstack/neutron/policy.json | 138 + .../usr/share/openstack/neutron/vpn_agent.ini | 14 + openstack/usr/share/openstack/nova/api-paste.ini | 118 + openstack/usr/share/openstack/nova/cells.json | 26 + openstack/usr/share/openstack/nova/logging.conf | 81 + openstack/usr/share/openstack/nova/nova.conf | 3805 ++++++++++++++++++++ openstack/usr/share/openstack/nova/policy.json | 324 ++ 64 files changed, 13686 insertions(+) create mode 100644 openstack/usr/share/openstack/cinder/api-paste.ini create mode 100644 openstack/usr/share/openstack/cinder/cinder.conf create mode 100644 openstack/usr/share/openstack/cinder/policy.json create mode 100644 openstack/usr/share/openstack/glance/glance-api-paste.ini create mode 100644 openstack/usr/share/openstack/glance/glance-api.conf create mode 100644 openstack/usr/share/openstack/glance/glance-cache.conf create mode 100644 openstack/usr/share/openstack/glance/glance-registry-paste.ini create mode 100644 openstack/usr/share/openstack/glance/glance-registry.conf create mode 100644 openstack/usr/share/openstack/glance/glance-scrubber.conf create mode 100644 openstack/usr/share/openstack/glance/logging.conf create mode 100644 openstack/usr/share/openstack/glance/policy.json create mode 100644 openstack/usr/share/openstack/glance/schema-image.json create mode 100644 openstack/usr/share/openstack/keystone/keystone-paste.ini create mode 100644 openstack/usr/share/openstack/keystone/keystone.conf create mode 100644 openstack/usr/share/openstack/keystone/logging.conf create mode 100644 openstack/usr/share/openstack/keystone/policy.json create mode 100644 openstack/usr/share/openstack/neutron/api-paste.ini create mode 100644 openstack/usr/share/openstack/neutron/dhcp_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/fwaas_driver.ini create mode 100644 openstack/usr/share/openstack/neutron/l3_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/lbaas_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/metadata_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/metering_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/neutron.conf create mode 100644 openstack/usr/share/openstack/neutron/plugins/bigswitch/restproxy.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/ca_certs/README create mode 100644 openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/host_certs/README create mode 100644 openstack/usr/share/openstack/neutron/plugins/brocade/brocade.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/cisco/cisco_cfg_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/cisco/cisco_plugins.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/cisco/cisco_router_plugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/cisco/cisco_vpn_agent.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/embrane/heleos_conf.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/hyperv/hyperv_neutron_plugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ibm/sdnve_neutron_plugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/linuxbridge/linuxbridge_conf.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/metaplugin/metaplugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/midonet/midonet.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_arista.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_brocade.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_cisco.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_fslsdn.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_mlnx.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ncs.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_odl.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ofa.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_sriov.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/mlnx/mlnx_conf.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/nec/nec.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/nuage/nuage_plugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/oneconvergence/nvsdplugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/opencontrail/contrailplugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/openvswitch/ovs_neutron_plugin.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/plumgrid/plumgrid.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/ryu/ryu.ini create mode 100644 openstack/usr/share/openstack/neutron/plugins/vmware/nsx.ini create mode 100644 openstack/usr/share/openstack/neutron/policy.json create mode 100644 openstack/usr/share/openstack/neutron/vpn_agent.ini create mode 100644 openstack/usr/share/openstack/nova/api-paste.ini create mode 100644 openstack/usr/share/openstack/nova/cells.json create mode 100644 openstack/usr/share/openstack/nova/logging.conf create mode 100644 openstack/usr/share/openstack/nova/nova.conf create mode 100644 openstack/usr/share/openstack/nova/policy.json diff --git a/openstack/usr/share/openstack/cinder/api-paste.ini b/openstack/usr/share/openstack/cinder/api-paste.ini new file mode 100644 index 00000000..ba922d5f --- /dev/null +++ b/openstack/usr/share/openstack/cinder/api-paste.ini @@ -0,0 +1,60 @@ +############# +# OpenStack # +############# + +[composite:osapi_volume] +use = call:cinder.api:root_app_factory +/: apiversions +/v1: openstack_volume_api_v1 +/v2: openstack_volume_api_v2 + +[composite:openstack_volume_api_v1] +use = call:cinder.api.middleware.auth:pipeline_factory +noauth = request_id faultwrap sizelimit osprofiler noauth apiv1 +keystone = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv1 +keystone_nolimit = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv1 + +[composite:openstack_volume_api_v2] +use = call:cinder.api.middleware.auth:pipeline_factory +noauth = request_id faultwrap sizelimit osprofiler noauth apiv2 +keystone = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv2 +keystone_nolimit = request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv2 + +[filter:request_id] +paste.filter_factory = cinder.openstack.common.middleware.request_id:RequestIdMiddleware.factory + +[filter:faultwrap] +paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory + +[filter:osprofiler] +paste.filter_factory = osprofiler.web:WsgiMiddleware.factory +hmac_keys = SECRET_KEY +enabled = yes + +[filter:noauth] +paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory + +[filter:sizelimit] +paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory + +[app:apiv1] +paste.app_factory = cinder.api.v1.router:APIRouter.factory + +[app:apiv2] +paste.app_factory = cinder.api.v2.router:APIRouter.factory + +[pipeline:apiversions] +pipeline = faultwrap osvolumeversionapp + +[app:osvolumeversionapp] +paste.app_factory = cinder.api.versions:Versions.factory + +########## +# Shared # +########## + +[filter:keystonecontext] +paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory diff --git a/openstack/usr/share/openstack/cinder/cinder.conf b/openstack/usr/share/openstack/cinder/cinder.conf new file mode 100644 index 00000000..30c3f15b --- /dev/null +++ b/openstack/usr/share/openstack/cinder/cinder.conf @@ -0,0 +1,2825 @@ +[DEFAULT] + +# +# Options defined in oslo.messaging +# + +# Use durable queues in AMQP. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in AMQP. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# Qpid broker hostname. (string value) +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +#qpid_username= + +# Password for Qpid connection. (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth. +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats. (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer +# value) +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + +# SSL version to use (valid only if SSL enabled). valid values +# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on +# some distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled). (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled). (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL +# enabled). (string value) +#kombu_ssl_ca_certs= + +# How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. (floating point value) +#kombu_reconnect_delay=1.0 + +# The RabbitMQ broker address where a single node is used. +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used. +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid. (string value) +#rabbit_userid=guest + +# The RabbitMQ password. (string value) +#rabbit_password=guest + +# The RabbitMQ login method. (string value) +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ. (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + +# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake +# (boolean value) +#fake_rabbit=false + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve +# to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per +# topic. Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP +# address. Must match "host" option, if running Nova. (string +# value) +#rpc_zmq_host=cinder + +# Seconds to wait before a cast expires (TTL). Only supported +# by impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of RPC greenthread pool. (integer value) +#rpc_thread_pool_size=64 + +# Driver or drivers to handle sending notifications. (multi +# valued) +#notification_driver= + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend +# option and driver specific configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other +# drivers include qpid and zmq. (string value) +#rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the +# transport_url option. (string value) +#control_exchange=openstack + + +# +# Options defined in cinder.exception +# + +# Make exception message format errors fatal. (boolean value) +#fatal_exception_format_errors=false + + +# +# Options defined in cinder.quota +# + +# Number of volumes allowed per project (integer value) +#quota_volumes=10 + +# Number of volume snapshots allowed per project (integer +# value) +#quota_snapshots=10 + +# Number of consistencygroups allowed per project (integer +# value) +#quota_consistencygroups=10 + +# Total amount of storage, in gigabytes, allowed for volumes +# and snapshots per project (integer value) +#quota_gigabytes=1000 + +# Number of volume backups allowed per project (integer value) +#quota_backups=10 + +# Total amount of storage, in gigabytes, allowed for backups +# per project (integer value) +#quota_backup_gigabytes=1000 + +# Number of seconds until a reservation expires (integer +# value) +#reservation_expire=86400 + +# Count of reservations until usage is refreshed (integer +# value) +#until_refresh=0 + +# Number of seconds between subsequent usage refreshes +# (integer value) +#max_age=0 + +# Default driver to use for quota checks (string value) +#quota_driver=cinder.quota.DbQuotaDriver + +# Enables or disables use of default quota class with default +# quota. (boolean value) +#use_default_quota_class=true + + +# +# Options defined in cinder.service +# + +# Interval, in seconds, between nodes reporting state to +# datastore (integer value) +#report_interval=10 + +# Interval, in seconds, between running periodic tasks +# (integer value) +#periodic_interval=60 + +# Range, in seconds, to randomly delay when starting the +# periodic task scheduler to reduce stampeding. (Disable by +# setting to 0) (integer value) +#periodic_fuzzy_delay=60 + +# IP address on which OpenStack Volume API listens (string +# value) +#osapi_volume_listen=0.0.0.0 + +# Port on which OpenStack Volume API listens (integer value) +#osapi_volume_listen_port=8776 + +# Number of workers for OpenStack Volume API service. The +# default is equal to the number of CPUs available. (integer +# value) +#osapi_volume_workers= + + +# +# Options defined in cinder.ssh_utils +# + +# Option to enable strict host key checking. When set to +# "True" Cinder will only connect to systems with a host key +# present in the configured "ssh_hosts_key_file". When set to +# "False" the host key will be saved upon first connection and +# used for subsequent connections. Default=False (boolean +# value) +#strict_ssh_host_key_policy=false + +# File containing SSH host keys for the systems with which +# Cinder needs to communicate. OPTIONAL: +# Default=$state_path/ssh_known_hosts (string value) +#ssh_hosts_key_file=$state_path/ssh_known_hosts + + +# +# Options defined in cinder.test +# + +# File name of clean sqlite db (string value) +#sqlite_clean_db=clean.sqlite + + +# +# Options defined in cinder.wsgi +# + +# Maximum line size of message headers to be accepted. +# max_header_line may need to be increased when using large +# tokens (typically those generated by the Keystone v3 API +# with big service catalogs). (integer value) +#max_header_line=16384 + +# If False, closes the client socket connection explicitly. +# Setting it to True to maintain backward compatibility. +# Recommended setting is set it to False. (boolean value) +#wsgi_keep_alive=true + +# Sets the value of TCP_KEEPALIVE (True/False) for each server +# socket. (boolean value) +#tcp_keepalive=true + +# Sets the value of TCP_KEEPIDLE in seconds for each server +# socket. Not supported on OS X. (integer value) +#tcp_keepidle=600 + +# Sets the value of TCP_KEEPINTVL in seconds for each server +# socket. Not supported on OS X. (integer value) +#tcp_keepalive_interval= + +# Sets the value of TCP_KEEPCNT for each server socket. Not +# supported on OS X. (integer value) +#tcp_keepalive_count= + +# CA certificate file to use to verify connecting clients +# (string value) +#ssl_ca_file= + +# Certificate file to use when starting the server securely +# (string value) +#ssl_cert_file= + +# Private key file to use when starting the server securely +# (string value) +#ssl_key_file= + + +# +# Options defined in cinder.api.common +# + +# The maximum number of items that a collection resource +# returns in a single response (integer value) +#osapi_max_limit=1000 + +# Base URL that will be presented to users in links to the +# OpenStack Volume API (string value) +# Deprecated group/name - [DEFAULT]/osapi_compute_link_prefix +#osapi_volume_base_URL= + + +# +# Options defined in cinder.api.middleware.auth +# + +# Treat X-Forwarded-For as the canonical remote address. Only +# enable this if you have a sanitizing proxy. (boolean value) +#use_forwarded_for=false + + +# +# Options defined in cinder.api.middleware.sizelimit +# + +# Max size for body of a request (integer value) +#osapi_max_request_body_size=114688 + + +# +# Options defined in cinder.backup.driver +# + +# Backup metadata version to be used when backing up volume +# metadata. If this number is bumped, make sure the service +# doing the restore supports the new version. (integer value) +#backup_metadata_version=1 + + +# +# Options defined in cinder.backup.drivers.ceph +# + +# Ceph configuration file to use. (string value) +#backup_ceph_conf=/etc/ceph/ceph.conf + +# The Ceph user to connect with. Default here is to use the +# same user as for Cinder volumes. If not using cephx this +# should be set to None. (string value) +#backup_ceph_user=cinder + +# The chunk size, in bytes, that a backup is broken into +# before transfer to the Ceph object store. (integer value) +#backup_ceph_chunk_size=134217728 + +# The Ceph pool where volume backups are stored. (string +# value) +#backup_ceph_pool=backups + +# RBD stripe unit to use when creating a backup image. +# (integer value) +#backup_ceph_stripe_unit=0 + +# RBD stripe count to use when creating a backup image. +# (integer value) +#backup_ceph_stripe_count=0 + +# If True, always discard excess bytes when restoring volumes +# i.e. pad with zeroes. (boolean value) +#restore_discard_excess_bytes=true + + +# +# Options defined in cinder.backup.drivers.swift +# + +# The URL of the Swift endpoint (string value) +#backup_swift_url= + +# Info to match when looking for swift in the service catalog. +# Format is: separated values of the form: +# :: - Only used if +# backup_swift_url is unset (string value) +#swift_catalog_info=object-store:swift:publicURL + +# Swift authentication mechanism (string value) +#backup_swift_auth=per_user + +# Swift authentication version. Specify "1" for auth 1.0, or +# "2" for auth 2.0 (string value) +#backup_swift_auth_version=1 + +# Swift tenant/account name. Required when connecting to an +# auth 2.0 system (string value) +#backup_swift_tenant= + +# Swift user name (string value) +#backup_swift_user= + +# Swift key for authentication (string value) +#backup_swift_key= + +# The default Swift container to use (string value) +#backup_swift_container=volumebackups + +# The size in bytes of Swift backup objects (integer value) +#backup_swift_object_size=52428800 + +# The number of retries to make for Swift operations (integer +# value) +#backup_swift_retry_attempts=3 + +# The backoff time in seconds between Swift retries (integer +# value) +#backup_swift_retry_backoff=2 + +# Compression algorithm (None to disable) (string value) +#backup_compression_algorithm=zlib + + +# +# Options defined in cinder.backup.drivers.tsm +# + +# Volume prefix for the backup id when backing up to TSM +# (string value) +#backup_tsm_volume_prefix=backup + +# TSM password for the running username (string value) +#backup_tsm_password=password + +# Enable or Disable compression for backups (boolean value) +#backup_tsm_compression=true + + +# +# Options defined in cinder.backup.manager +# + +# Driver to use for backups. (string value) +# Deprecated group/name - [DEFAULT]/backup_service +#backup_driver=cinder.backup.drivers.swift + + +# +# Options defined in cinder.common.config +# + +# File name for the paste.deploy config for cinder-api (string +# value) +#api_paste_config=api-paste.ini + +# Top-level directory for maintaining cinder's state (string +# value) +# Deprecated group/name - [DEFAULT]/pybasedir +#state_path=/var/lib/cinder + +# IP address of this host (string value) +#my_ip=10.0.0.1 + +# Default glance host name or IP (string value) +#glance_host=$my_ip + +# Default glance port (integer value) +#glance_port=9292 + +# A list of the glance API servers available to cinder +# ([hostname|ip]:port) (list value) +#glance_api_servers=$glance_host:$glance_port + +# Version of the glance API to use (integer value) +#glance_api_version=1 + +# Number retries when downloading an image from glance +# (integer value) +#glance_num_retries=0 + +# Allow to perform insecure SSL (https) requests to glance +# (boolean value) +#glance_api_insecure=false + +# Enables or disables negotiation of SSL layer compression. In +# some cases disabling compression can improve data +# throughput, such as when high network bandwidth is available +# and you use compressed image formats like qcow2. (boolean +# value) +#glance_api_ssl_compression=false + +# Location of ca certificates file to use for glance client +# requests. (string value) +#glance_ca_certificates_file= + +# http/https timeout value for glance operations. If no value +# (None) is supplied here, the glanceclient default value is +# used. (integer value) +#glance_request_timeout= + +# The topic that scheduler nodes listen on (string value) +#scheduler_topic=cinder-scheduler + +# The topic that volume nodes listen on (string value) +#volume_topic=cinder-volume + +# The topic that volume backup nodes listen on (string value) +#backup_topic=cinder-backup + +# DEPRECATED: Deploy v1 of the Cinder API. (boolean value) +#enable_v1_api=true + +# Deploy v2 of the Cinder API. (boolean value) +#enable_v2_api=true + +# Enables or disables rate limit of the API. (boolean value) +#api_rate_limit=true + +# Specify list of extensions to load when using +# osapi_volume_extension option with +# cinder.api.contrib.select_extensions (list value) +#osapi_volume_ext_list= + +# osapi volume extension to load (multi valued) +#osapi_volume_extension=cinder.api.contrib.standard_extensions + +# Full class name for the Manager for volume (string value) +#volume_manager=cinder.volume.manager.VolumeManager + +# Full class name for the Manager for volume backup (string +# value) +#backup_manager=cinder.backup.manager.BackupManager + +# Full class name for the Manager for scheduler (string value) +#scheduler_manager=cinder.scheduler.manager.SchedulerManager + +# Name of this node. This can be an opaque identifier. It is +# not necessarily a host name, FQDN, or IP address. (string +# value) +#host=cinder + +# Availability zone of this node (string value) +#storage_availability_zone=nova + +# Default availability zone for new volumes. If not set, the +# storage_availability_zone option value is used as the +# default for new volumes. (string value) +#default_availability_zone= + +# Default volume type to use (string value) +#default_volume_type= + +# Time period for which to generate volume usages. The options +# are hour, day, month, or year. (string value) +#volume_usage_audit_period=month + +# Path to the rootwrap configuration file to use for running +# commands as root (string value) +#rootwrap_config=/etc/cinder/rootwrap.conf + +# Enable monkey patching (boolean value) +#monkey_patch=false + +# List of modules/decorators to monkey patch (list value) +#monkey_patch_modules= + +# Maximum time since last check-in for a service to be +# considered up (integer value) +#service_down_time=60 + +# The full class name of the volume API class to use (string +# value) +#volume_api_class=cinder.volume.api.API + +# The full class name of the volume backup API class (string +# value) +#backup_api_class=cinder.backup.api.API + +# The strategy to use for auth. Supports noauth, keystone, and +# deprecated. (string value) +#auth_strategy=noauth + +# A list of backend names to use. These backend names should +# be backed by a unique [CONFIG] group with its options (list +# value) +#enabled_backends= + +# Whether snapshots count against GigaByte quota (boolean +# value) +#no_snapshot_gb_quota=false + +# The full class name of the volume transfer API class (string +# value) +#transfer_api_class=cinder.transfer.api.API + +# The full class name of the volume replication API class +# (string value) +#replication_api_class=cinder.replication.api.API + +# The full class name of the consistencygroup API class +# (string value) +#consistencygroup_api_class=cinder.consistencygroup.api.API + + +# +# Options defined in cinder.compute +# + +# The full class name of the compute API class to use (string +# value) +#compute_api_class=cinder.compute.nova.API + + +# +# Options defined in cinder.compute.nova +# + +# Match this value when searching for nova in the service +# catalog. Format is: separated values of the form: +# :: (string value) +#nova_catalog_info=compute:nova:publicURL + +# Same as nova_catalog_info, but for admin endpoint. (string +# value) +#nova_catalog_admin_info=compute:nova:adminURL + +# Override service catalog lookup with template for nova +# endpoint e.g. http://localhost:8774/v2/%(project_id)s +# (string value) +#nova_endpoint_template= + +# Same as nova_endpoint_template, but for admin endpoint. +# (string value) +#nova_endpoint_admin_template= + +# Region name of this node (string value) +#os_region_name= + +# Location of ca certificates file to use for nova client +# requests. (string value) +#nova_ca_certificates_file= + +# Allow to perform insecure SSL requests to nova (boolean +# value) +#nova_api_insecure=false + + +# +# Options defined in cinder.db.api +# + +# The backend to use for db (string value) +#db_backend=sqlalchemy + +# Services to be added to the available pool on create +# (boolean value) +#enable_new_services=true + +# Template string to be used to generate volume names (string +# value) +#volume_name_template=volume-%s + +# Template string to be used to generate snapshot names +# (string value) +#snapshot_name_template=snapshot-%s + +# Template string to be used to generate backup names (string +# value) +#backup_name_template=backup-%s + + +# +# Options defined in cinder.db.base +# + +# Driver to use for database access (string value) +#db_driver=cinder.db + + +# +# Options defined in cinder.image.glance +# + +# Default core properties of image (list value) +#glance_core_properties=checksum,container_format,disk_format,image_name,image_id,min_disk,min_ram,name,size + +# A list of url schemes that can be downloaded directly via +# the direct_url. Currently supported schemes: [file]. (list +# value) +#allowed_direct_url_schemes= + + +# +# Options defined in cinder.image.image_utils +# + +# Directory used for temporary storage during image conversion +# (string value) +#image_conversion_dir=$state_path/conversion + + +# +# Options defined in cinder.openstack.common.eventlet_backdoor +# + +# Enable eventlet backdoor. Acceptable values are 0, , +# and :, where 0 results in listening on a random +# tcp port number; results in listening on the +# specified port number (and not enabling backdoor if that +# port is in use); and : results in listening on +# the smallest unused port number within the specified range +# of port numbers. The chosen port is displayed in the +# service's log file. (string value) +#backdoor_port= + + +# +# Options defined in cinder.openstack.common.lockutils +# + +# Whether to disable inter-process locks (boolean value) +#disable_process_locking=false + +# Directory to use for lock files. Default to a temp directory +# (string value) +#lock_path= + + +# +# Options defined in cinder.openstack.common.log +# + +# Print debugging output (set logging level to DEBUG instead +# of default WARNING level). (boolean value) +#debug=false + +# Print more verbose output (set logging level to INFO instead +# of default WARNING level). (boolean value) +#verbose=false + +# Log output to standard error. (boolean value) +#use_stderr=true + +# Format string to use for log messages with context. (string +# value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. +# (string value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string +# value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. +# (string value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN + +# Enables or disables publication of error events. (boolean +# value) +#publish_errors=false + +# Enables or disables fatal status of deprecations. (boolean +# value) +#fatal_deprecations=false + +# The format for an instance that is passed with the log +# message. (string value) +#instance_format="[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log +# message. (string value) +#instance_uuid_format="[instance: %(uuid)s] " + +# The name of a logging configuration file. This file is +# appended to any existing logging configuration files. For +# details about logging configuration files, see the Python +# logging module documentation. (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string +# which may use any of the available logging.LogRecord +# attributes. This option is deprecated. Please use +# logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: +# %(default)s . (string value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is +# set, logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file= + +# (Optional) The base directory used for relative --log-file +# paths. (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir= + +# Use syslog for logging. Existing syslog format is DEPRECATED +# during I, and will change in J to honor RFC5424. (boolean +# value) +#use_syslog=false + +# (Optional) Enables or disables syslog rfc5424 format for +# logging. If enabled, prefixes the MSG part of the syslog +# message with APP-NAME (RFC5424). The format without the APP- +# NAME is deprecated in I, and will be removed in J. (boolean +# value) +#use_syslog_rfc_format=false + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility=LOG_USER + + +# +# Options defined in cinder.openstack.common.periodic_task +# + +# Some periodic tasks can be run in a separate process. Should +# we run them here? (boolean value) +#run_external_periodic_tasks=true + + +# +# Options defined in cinder.openstack.common.policy +# + +# The JSON file that defines policies. (string value) +#policy_file=policy.json + +# Default rule. Enforced when a requested rule is not found. +# (string value) +#policy_default_rule=default + + +# +# Options defined in cinder.scheduler.driver +# + +# The scheduler host manager class to use (string value) +#scheduler_host_manager=cinder.scheduler.host_manager.HostManager + +# Maximum number of attempts to schedule an volume (integer +# value) +#scheduler_max_attempts=3 + + +# +# Options defined in cinder.scheduler.host_manager +# + +# Which filter class names to use for filtering hosts when not +# specified in the request. (list value) +#scheduler_default_filters=AvailabilityZoneFilter,CapacityFilter,CapabilitiesFilter + +# Which weigher class names to use for weighing hosts. (list +# value) +#scheduler_default_weighers=CapacityWeigher + + +# +# Options defined in cinder.scheduler.manager +# + +# Default scheduler driver to use (string value) +#scheduler_driver=cinder.scheduler.filter_scheduler.FilterScheduler + + +# +# Options defined in cinder.scheduler.scheduler_options +# + +# Absolute path to scheduler configuration JSON file. (string +# value) +#scheduler_json_config_location= + + +# +# Options defined in cinder.scheduler.simple +# + +# This configure option has been deprecated along with the +# SimpleScheduler. New scheduler is able to gather capacity +# information for each host, thus setting the maximum number +# of volume gigabytes for host is no longer needed. It's safe +# to remove this configure from cinder.conf. (integer value) +#max_gigabytes=10000 + + +# +# Options defined in cinder.scheduler.weights.capacity +# + +# Multiplier used for weighing volume capacity. Negative +# numbers mean to stack vs spread. (floating point value) +#capacity_weight_multiplier=1.0 + +# Multiplier used for weighing volume capacity. Negative +# numbers mean to stack vs spread. (floating point value) +#allocated_capacity_weight_multiplier=-1.0 + + +# +# Options defined in cinder.scheduler.weights.volume_number +# + +# Multiplier used for weighing volume number. Negative numbers +# mean to spread vs stack. (floating point value) +#volume_number_multiplier=-1.0 + + +# +# Options defined in cinder.transfer.api +# + +# The number of characters in the salt. (integer value) +#volume_transfer_salt_length=8 + +# The number of characters in the autogenerated auth key. +# (integer value) +#volume_transfer_key_length=16 + + +# +# Options defined in cinder.volume.api +# + +# Cache volume availability zones in memory for the provided +# duration in seconds (integer value) +#az_cache_duration=3600 + +# Create volume from snapshot at the host where snapshot +# resides (boolean value) +#snapshot_same_host=true + +# Ensure that the new volumes are the same AZ as snapshot or +# source volume (boolean value) +#cloned_volume_same_az=true + + +# +# Options defined in cinder.volume.driver +# + +# The maximum number of times to rescan iSER targetto find +# volume (integer value) +#num_iser_scan_tries=3 + +# The maximum number of iSER target IDs per host (integer +# value) +#iser_num_targets=100 + +# Prefix for iSER volumes (string value) +#iser_target_prefix=iqn.2010-10.org.iser.openstack: + +# The IP address that the iSER daemon is listening on (string +# value) +#iser_ip_address=$my_ip + +# The port that the iSER daemon is listening on (integer +# value) +#iser_port=3260 + +# The name of the iSER target user-land tool to use (string +# value) +#iser_helper=tgtadm + +# Number of times to attempt to run flakey shell commands +# (integer value) +#num_shell_tries=3 + +# The percentage of backend capacity is reserved (integer +# value) +#reserved_percentage=0 + +# The maximum number of iSCSI target IDs per host (integer +# value) +#iscsi_num_targets=100 + +# Prefix for iSCSI volumes (string value) +#iscsi_target_prefix=iqn.2010-10.org.openstack: + +# The IP address that the iSCSI daemon is listening on (string +# value) +#iscsi_ip_address=$my_ip + +# The port that the iSCSI daemon is listening on (integer +# value) +#iscsi_port=3260 + +# The maximum number of times to rescan targets to find volume +# (integer value) +# Deprecated group/name - [DEFAULT]/num_iscsi_scan_tries +#num_volume_device_scan_tries=3 + +# The backend name for a given driver implementation (string +# value) +#volume_backend_name= + +# Do we attach/detach volumes in cinder using multipath for +# volume to image and image to volume transfers? (boolean +# value) +#use_multipath_for_image_xfer=false + +# Method used to wipe old volumes (valid options are: none, +# zero, shred) (string value) +#volume_clear=zero + +# Size in MiB to wipe at start of old volumes. 0 => all +# (integer value) +#volume_clear_size=0 + +# The flag to pass to ionice to alter the i/o priority of the +# process used to zero a volume after deletion, for example +# "-c3" for idle only priority. (string value) +#volume_clear_ionice= + +# iSCSI target user-land tool to use. tgtadm is default, use +# lioadm for LIO iSCSI support, iseradm for the ISER protocol, +# or fake for testing. (string value) +#iscsi_helper=tgtadm + +# Volume configuration file storage directory (string value) +#volumes_dir=$state_path/volumes + +# IET configuration file (string value) +#iet_conf=/etc/iet/ietd.conf + +# Comma-separated list of initiator IQNs allowed to connect to +# the iSCSI target. (From Nova compute nodes.) (string value) +#lio_initiator_iqns= + +# Sets the behavior of the iSCSI target to either perform +# blockio or fileio optionally, auto can be set and Cinder +# will autodetect type of backing device (string value) +#iscsi_iotype=fileio + +# The default block size used when copying/clearing volumes +# (string value) +#volume_dd_blocksize=1M + +# The blkio cgroup name to be used to limit bandwidth of +# volume copy (string value) +#volume_copy_blkio_cgroup_name=cinder-volume-copy + +# The upper limit of bandwidth of volume copy. 0 => unlimited +# (integer value) +#volume_copy_bps_limit=0 + +# Sets the behavior of the iSCSI target to either perform +# write-back(on) or write-through(off). This parameter is +# valid if iscsi_helper is set to tgtadm or iseradm. (string +# value) +#iscsi_write_cache=on + +# The path to the client certificate key for verification, if +# the driver supports it. (string value) +#driver_client_cert_key= + +# The path to the client certificate for verification, if the +# driver supports it. (string value) +#driver_client_cert= + + +# +# Options defined in cinder.volume.drivers.block_device +# + +# List of all available devices (list value) +#available_devices= + + +# +# Options defined in cinder.volume.drivers.coraid +# + +# IP address of Coraid ESM (string value) +#coraid_esm_address= + +# User name to connect to Coraid ESM (string value) +#coraid_user=admin + +# Name of group on Coraid ESM to which coraid_user belongs +# (must have admin privilege) (string value) +#coraid_group=admin + +# Password to connect to Coraid ESM (string value) +#coraid_password=password + +# Volume Type key name to store ESM Repository Name (string +# value) +#coraid_repository_key=coraid_repository + + +# +# Options defined in cinder.volume.drivers.datera +# + +# Datera API token. (string value) +#datera_api_token= + +# Datera API port. (string value) +#datera_api_port=7717 + +# Datera API version. (string value) +#datera_api_version=1 + +# Number of replicas to create of an inode. (string value) +#datera_num_replicas=3 + + +# +# Options defined in cinder.volume.drivers.emc.emc_vmax_common +# + +# use this file for cinder emc plugin config data (string +# value) +#cinder_emc_config_file=/etc/cinder/cinder_emc_config.xml + + +# +# Options defined in cinder.volume.drivers.emc.emc_vnx_cli +# + +# VNX authentication scope type. (string value) +#storage_vnx_authentication_type=global + +# Directory path that contains the VNX security file. Make +# sure the security file is generated first. (string value) +#storage_vnx_security_file_dir= + +# Naviseccli Path. (string value) +#naviseccli_path= + +# Storage pool name. (string value) +#storage_vnx_pool_name= + +# VNX secondary SP IP Address. (string value) +#san_secondary_ip= + +# Default timeout for CLI operations in minutes. For example, +# LUN migration is a typical long running operation, which +# depends on the LUN size and the load of the array. An upper +# bound in the specific deployment can be set to avoid +# unnecessary long wait. By default, it is 365 days long. +# (integer value) +#default_timeout=525600 + +# Default max number of LUNs in a storage group. By default, +# the value is 255. (integer value) +#max_luns_per_storage_group=255 + +# To destroy storage group when the last LUN is removed from +# it. By default, the value is False. (boolean value) +#destroy_empty_storage_group=false + +# Mapping between hostname and its iSCSI initiator IP +# addresses. (string value) +#iscsi_initiators= + +# Automatically register initiators. By default, the value is +# False. (boolean value) +#initiator_auto_registration=false + + +# +# Options defined in cinder.volume.drivers.eqlx +# + +# Group name to use for creating volumes (string value) +#eqlx_group_name=group-0 + +# Timeout for the Group Manager cli command execution (integer +# value) +#eqlx_cli_timeout=30 + +# Maximum retry count for reconnection (integer value) +#eqlx_cli_max_retries=5 + +# Use CHAP authentication for targets? (boolean value) +#eqlx_use_chap=false + +# Existing CHAP account name (string value) +#eqlx_chap_login=admin + +# Password for specified CHAP account name (string value) +#eqlx_chap_password=password + +# Pool in which volumes will be created (string value) +#eqlx_pool=default + + +# +# Options defined in cinder.volume.drivers.fujitsu_eternus_dx_common +# + +# The configuration file for the Cinder SMI-S driver (string +# value) +#cinder_smis_config_file=/etc/cinder/cinder_fujitsu_eternus_dx.xml + + +# +# Options defined in cinder.volume.drivers.fusionio.ioControl +# + +# amount of time wait for iSCSI target to come online (integer +# value) +#fusionio_iocontrol_targetdelay=5 + +# number of retries for GET operations (integer value) +#fusionio_iocontrol_retry=3 + +# verify the array certificate on each transaction (boolean +# value) +#fusionio_iocontrol_verify_cert=true + + +# +# Options defined in cinder.volume.drivers.glusterfs +# + +# File with the list of available gluster shares (string +# value) +#glusterfs_shares_config=/etc/cinder/glusterfs_shares + +# Create volumes as sparsed files which take no space.If set +# to False volume is created as regular file.In such case +# volume creation takes a lot of time. (boolean value) +#glusterfs_sparsed_volumes=true + +# Create volumes as QCOW2 files rather than raw files. +# (boolean value) +#glusterfs_qcow2_volumes=false + +# Base dir containing mount points for gluster shares. (string +# value) +#glusterfs_mount_point_base=$state_path/mnt + + +# +# Options defined in cinder.volume.drivers.hds.hds +# + +# The configuration file for the Cinder HDS driver for HUS +# (string value) +#hds_cinder_config_file=/opt/hds/hus/cinder_hus_conf.xml + + +# +# Options defined in cinder.volume.drivers.hds.iscsi +# + +# Configuration file for HDS iSCSI cinder plugin (string +# value) +#hds_hnas_iscsi_config_file=/opt/hds/hnas/cinder_iscsi_conf.xml + + +# +# Options defined in cinder.volume.drivers.hds.nfs +# + +# Configuration file for HDS NFS cinder plugin (string value) +#hds_hnas_nfs_config_file=/opt/hds/hnas/cinder_nfs_conf.xml + + +# +# Options defined in cinder.volume.drivers.hitachi.hbsd_common +# + +# Serial number of storage system (string value) +#hitachi_serial_number= + +# Name of an array unit (string value) +#hitachi_unit_name= + +# Pool ID of storage system (integer value) +#hitachi_pool_id= + +# Thin pool ID of storage system (integer value) +#hitachi_thin_pool_id= + +# Range of logical device of storage system (string value) +#hitachi_ldev_range= + +# Default copy method of storage system (string value) +#hitachi_default_copy_method=FULL + +# Copy speed of storage system (integer value) +#hitachi_copy_speed=3 + +# Interval to check copy (integer value) +#hitachi_copy_check_interval=3 + +# Interval to check copy asynchronously (integer value) +#hitachi_async_copy_check_interval=10 + +# Control port names for HostGroup or iSCSI Target (string +# value) +#hitachi_target_ports= + +# Range of group number (string value) +#hitachi_group_range= + +# Request for creating HostGroup or iSCSI Target (boolean +# value) +#hitachi_group_request=false + + +# +# Options defined in cinder.volume.drivers.hitachi.hbsd_fc +# + +# Request for FC Zone creating HostGroup (boolean value) +#hitachi_zoning_request=false + + +# +# Options defined in cinder.volume.drivers.hitachi.hbsd_horcm +# + +# Instance numbers for HORCM (string value) +#hitachi_horcm_numbers=200,201 + +# Username of storage system for HORCM (string value) +#hitachi_horcm_user= + +# Password of storage system for HORCM (string value) +#hitachi_horcm_password= + +# Add to HORCM configuration (boolean value) +#hitachi_horcm_add_conf=true + + +# +# Options defined in cinder.volume.drivers.hitachi.hbsd_iscsi +# + +# Add CHAP user (boolean value) +#hitachi_add_chap_user=false + +# iSCSI authentication method (string value) +#hitachi_auth_method= + +# iSCSI authentication username (string value) +#hitachi_auth_user=HBSD-CHAP-user + +# iSCSI authentication password (string value) +#hitachi_auth_password=HBSD-CHAP-password + + +# +# Options defined in cinder.volume.drivers.huawei +# + +# The configuration file for the Cinder Huawei driver (string +# value) +#cinder_huawei_conf_file=/etc/cinder/cinder_huawei_conf.xml + + +# +# Options defined in cinder.volume.drivers.ibm.gpfs +# + +# Specifies the path of the GPFS directory where Block Storage +# volume and snapshot files are stored. (string value) +#gpfs_mount_point_base= + +# Specifies the path of the Image service repository in GPFS. +# Leave undefined if not storing images in GPFS. (string +# value) +#gpfs_images_dir= + +# Specifies the type of image copy to be used. Set this when +# the Image service repository also uses GPFS so that image +# files can be transferred efficiently from the Image service +# to the Block Storage service. There are two valid values: +# "copy" specifies that a full copy of the image is made; +# "copy_on_write" specifies that copy-on-write optimization +# strategy is used and unmodified blocks of the image file are +# shared efficiently. (string value) +#gpfs_images_share_mode= + +# Specifies an upper limit on the number of indirections +# required to reach a specific block due to snapshots or +# clones. A lengthy chain of copy-on-write snapshots or +# clones can have a negative impact on performance, but +# improves space utilization. 0 indicates unlimited clone +# depth. (integer value) +#gpfs_max_clone_depth=0 + +# Specifies that volumes are created as sparse files which +# initially consume no space. If set to False, the volume is +# created as a fully allocated file, in which case, creation +# may take a significantly longer time. (boolean value) +#gpfs_sparse_volumes=true + +# Specifies the storage pool that volumes are assigned to. By +# default, the system storage pool is used. (string value) +#gpfs_storage_pool=system + + +# +# Options defined in cinder.volume.drivers.ibm.ibmnas +# + +# IP address or Hostname of NAS system. (string value) +#nas_ip= + +# User name to connect to NAS system. (string value) +#nas_login=admin + +# Password to connect to NAS system. (string value) +#nas_password= + +# SSH port to use to connect to NAS system. (integer value) +#nas_ssh_port=22 + +# Filename of private key to use for SSH authentication. +# (string value) +#nas_private_key= + +# IBMNAS platform type to be used as backend storage; valid +# values are - v7ku : for using IBM Storwize V7000 Unified, +# sonas : for using IBM Scale Out NAS, gpfs-nas : for using +# NFS based IBM GPFS deployments. (string value) +#ibmnas_platform_type=v7ku + + +# +# Options defined in cinder.volume.drivers.ibm.storwize_svc +# + +# Storage system storage pool for volumes (string value) +#storwize_svc_volpool_name=volpool + +# Storage system space-efficiency parameter for volumes +# (percentage) (integer value) +#storwize_svc_vol_rsize=2 + +# Storage system threshold for volume capacity warnings +# (percentage) (integer value) +#storwize_svc_vol_warning=0 + +# Storage system autoexpand parameter for volumes (True/False) +# (boolean value) +#storwize_svc_vol_autoexpand=true + +# Storage system grain size parameter for volumes +# (32/64/128/256) (integer value) +#storwize_svc_vol_grainsize=256 + +# Storage system compression option for volumes (boolean +# value) +#storwize_svc_vol_compression=false + +# Enable Easy Tier for volumes (boolean value) +#storwize_svc_vol_easytier=true + +# The I/O group in which to allocate volumes (integer value) +#storwize_svc_vol_iogrp=0 + +# Maximum number of seconds to wait for FlashCopy to be +# prepared. Maximum value is 600 seconds (10 minutes) (integer +# value) +#storwize_svc_flashcopy_timeout=120 + +# Connection protocol (iSCSI/FC) (string value) +#storwize_svc_connection_protocol=iSCSI + +# Configure CHAP authentication for iSCSI connections +# (Default: Enabled) (boolean value) +#storwize_svc_iscsi_chap_enabled=true + +# Connect with multipath (FC only; iSCSI multipath is +# controlled by Nova) (boolean value) +#storwize_svc_multipath_enabled=false + +# Allows vdisk to multi host mapping (boolean value) +#storwize_svc_multihostmap_enabled=true + +# Indicate whether svc driver is compatible for NPIV setup. If +# it is compatible, it will allow no wwpns being returned on +# get_conn_fc_wwpns during initialize_connection (boolean +# value) +#storwize_svc_npiv_compatibility_mode=false + +# Allow tenants to specify QOS on create (boolean value) +#storwize_svc_allow_tenant_qos=false + +# If operating in stretched cluster mode, specify the name of +# the pool in which mirrored copies are stored.Example: +# "pool2" (string value) +#storwize_svc_stretched_cluster_partner= + + +# +# Options defined in cinder.volume.drivers.ibm.xiv_ds8k +# + +# Proxy driver that connects to the IBM Storage Array (string +# value) +#xiv_ds8k_proxy=xiv_ds8k_openstack.nova_proxy.XIVDS8KNovaProxy + +# Connection type to the IBM Storage Array +# (fibre_channel|iscsi) (string value) +#xiv_ds8k_connection_type=iscsi + +# CHAP authentication mode, effective only for iscsi +# (disabled|enabled) (string value) +#xiv_chap=disabled + + +# +# Options defined in cinder.volume.drivers.lvm +# + +# Name for the VG that will contain exported volumes (string +# value) +#volume_group=cinder-volumes + +# If >0, create LVs with multiple mirrors. Note that this +# requires lvm_mirrors + 2 PVs with available space (integer +# value) +#lvm_mirrors=0 + +# Type of LVM volumes to deploy; (default or thin) (string +# value) +#lvm_type=default + + +# +# Options defined in cinder.volume.drivers.netapp.options +# + +# The vFiler unit on which provisioning of block storage +# volumes will be done. This option is only used by the driver +# when connecting to an instance with a storage family of Data +# ONTAP operating in 7-Mode and the storage protocol selected +# is iSCSI. Only use this option when utilizing the MultiStore +# feature on the NetApp storage system. (string value) +#netapp_vfiler= + +# Administrative user account name used to access the storage +# system or proxy server. (string value) +#netapp_login= + +# Password for the administrative user account specified in +# the netapp_login option. (string value) +#netapp_password= + +# This option specifies the virtual storage server (Vserver) +# name on the storage cluster on which provisioning of block +# storage volumes should occur. If using the NFS storage +# protocol, this parameter is mandatory for storage service +# catalog support (utilized by Cinder volume type extra_specs +# support). If this option is specified, the exports belonging +# to the Vserver will only be used for provisioning in the +# future. Block storage volumes on exports not belonging to +# the Vserver specified by this option will continue to +# function normally. (string value) +#netapp_vserver= + +# The hostname (or IP address) for the storage system or proxy +# server. (string value) +#netapp_server_hostname= + +# The TCP port to use for communication with the storage +# system or proxy server. Traditionally, port 80 is used for +# HTTP and port 443 is used for HTTPS; however, this value +# should be changed if an alternate port has been configured +# on the storage system or proxy server. (integer value) +#netapp_server_port=80 + +# This option is used to specify the path to the E-Series +# proxy application on a proxy server. The value is combined +# with the value of the netapp_transport_type, +# netapp_server_hostname, and netapp_server_port options to +# create the URL used by the driver to connect to the proxy +# application. (string value) +#netapp_webservice_path=/devmgr/v2 + +# This option is only utilized when the storage family is +# configured to eseries. This option is used to restrict +# provisioning to the specified controllers. Specify the value +# of this option to be a comma separated list of controller +# hostnames or IP addresses to be used for provisioning. +# (string value) +#netapp_controller_ips= + +# Password for the NetApp E-Series storage array. (string +# value) +#netapp_sa_password= + +# This option is used to restrict provisioning to the +# specified storage pools. Only dynamic disk pools are +# currently supported. Specify the value of this option to be +# a comma separated list of disk pool names to be used for +# provisioning. (string value) +#netapp_storage_pools= + +# This option is used to define how the controllers in the +# E-Series storage array will work with the particular +# operating system on the hosts that are connected to it. +# (string value) +#netapp_eseries_host_type=linux_dm_mp + +# If the percentage of available space for an NFS share has +# dropped below the value specified by this option, the NFS +# image cache will be cleaned. (integer value) +#thres_avl_size_perc_start=20 + +# When the percentage of available space on an NFS share has +# reached the percentage specified by this option, the driver +# will stop clearing files from the NFS image cache that have +# not been accessed in the last M minutes, where M is the +# value of the expiry_thres_minutes configuration option. +# (integer value) +#thres_avl_size_perc_stop=60 + +# This option specifies the threshold for last access time for +# images in the NFS image cache. When a cache cleaning cycle +# begins, images in the cache that have not been accessed in +# the last M minutes, where M is the value of this parameter, +# will be deleted from the cache to create free space on the +# NFS share. (integer value) +#expiry_thres_minutes=720 + +# This option specifies the path of the NetApp copy offload +# tool binary. Ensure that the binary has execute permissions +# set which allow the effective user of the cinder-volume +# process to execute the file. (string value) +#netapp_copyoffload_tool_path= + +# The quantity to be multiplied by the requested volume size +# to ensure enough space is available on the virtual storage +# server (Vserver) to fulfill the volume creation request. +# (floating point value) +#netapp_size_multiplier=1.2 + +# This option is only utilized when the storage protocol is +# configured to use iSCSI. This option is used to restrict +# provisioning to the specified controller volumes. Specify +# the value of this option to be a comma separated list of +# NetApp controller volume names to be used for provisioning. +# (string value) +#netapp_volume_list= + +# The storage family type used on the storage system; valid +# values are ontap_7mode for using Data ONTAP operating in +# 7-Mode, ontap_cluster for using clustered Data ONTAP, or +# eseries for using E-Series. (string value) +#netapp_storage_family=ontap_cluster + +# The storage protocol to be used on the data path with the +# storage system; valid values are iscsi or nfs. (string +# value) +#netapp_storage_protocol= + +# The transport protocol used when communicating with the +# storage system or proxy server. Valid values are http or +# https. (string value) +#netapp_transport_type=http + + +# +# Options defined in cinder.volume.drivers.nexenta.options +# + +# IP address of Nexenta SA (string value) +#nexenta_host= + +# HTTP port to connect to Nexenta REST API server (integer +# value) +#nexenta_rest_port=2000 + +# Use http or https for REST connection (default auto) (string +# value) +#nexenta_rest_protocol=auto + +# User name to connect to Nexenta SA (string value) +#nexenta_user=admin + +# Password to connect to Nexenta SA (string value) +#nexenta_password=nexenta + +# Nexenta target portal port (integer value) +#nexenta_iscsi_target_portal_port=3260 + +# SA Pool that holds all volumes (string value) +#nexenta_volume=cinder + +# IQN prefix for iSCSI targets (string value) +#nexenta_target_prefix=iqn.1986-03.com.sun:02:cinder- + +# Prefix for iSCSI target groups on SA (string value) +#nexenta_target_group_prefix=cinder/ + +# File with the list of available nfs shares (string value) +#nexenta_shares_config=/etc/cinder/nfs_shares + +# Base directory that contains NFS share mount points (string +# value) +#nexenta_mount_point_base=$state_path/mnt + +# Enables or disables the creation of volumes as sparsed files +# that take no space. If disabled (False), volume is created +# as a regular file, which takes a long time. (boolean value) +#nexenta_sparsed_volumes=true + +# Default compression value for new ZFS folders. (string +# value) +#nexenta_volume_compression=on + +# If set True cache NexentaStor appliance volroot option +# value. (boolean value) +#nexenta_nms_cache_volroot=true + +# Enable stream compression, level 1..9. 1 - gives best speed; +# 9 - gives best compression. (integer value) +#nexenta_rrmgr_compression=0 + +# TCP Buffer size in KiloBytes. (integer value) +#nexenta_rrmgr_tcp_buf_size=4096 + +# Number of TCP connections. (integer value) +#nexenta_rrmgr_connections=2 + +# Block size for volumes (default=blank means 8KB) (string +# value) +#nexenta_blocksize= + +# Enables or disables the creation of sparse volumes (boolean +# value) +#nexenta_sparse=false + + +# +# Options defined in cinder.volume.drivers.nfs +# + +# File with the list of available nfs shares (string value) +#nfs_shares_config=/etc/cinder/nfs_shares + +# Create volumes as sparsed files which take no space.If set +# to False volume is created as regular file.In such case +# volume creation takes a lot of time. (boolean value) +#nfs_sparsed_volumes=true + +# Percent of ACTUAL usage of the underlying volume before no +# new volumes can be allocated to the volume destination. +# (floating point value) +#nfs_used_ratio=0.95 + +# This will compare the allocated to available space on the +# volume destination. If the ratio exceeds this number, the +# destination will no longer be valid. (floating point value) +#nfs_oversub_ratio=1.0 + +# Base dir containing mount points for nfs shares. (string +# value) +#nfs_mount_point_base=$state_path/mnt + +# Mount options passed to the nfs client. See section of the +# nfs man page for details. (string value) +#nfs_mount_options= + + +# +# Options defined in cinder.volume.drivers.nimble +# + +# Nimble Controller pool name (string value) +#nimble_pool_name=default + +# Nimble Subnet Label (string value) +#nimble_subnet_label=* + + +# +# Options defined in cinder.volume.drivers.prophetstor.options +# + +# DPL pool uuid in which DPL volumes are stored. (string +# value) +#dpl_pool= + +# DPL port number. (integer value) +#dpl_port=8357 + + +# +# Options defined in cinder.volume.drivers.pure +# + +# REST API authorization token. (string value) +#pure_api_token= + + +# +# Options defined in cinder.volume.drivers.rbd +# + +# The RADOS pool where rbd volumes are stored (string value) +#rbd_pool=rbd + +# The RADOS client name for accessing rbd volumes - only set +# when using cephx authentication (string value) +#rbd_user= + +# Path to the ceph configuration file (string value) +#rbd_ceph_conf= + +# Flatten volumes created from snapshots to remove dependency +# from volume to snapshot (boolean value) +#rbd_flatten_volume_from_snapshot=false + +# The libvirt uuid of the secret for the rbd_user volumes +# (string value) +#rbd_secret_uuid= + +# Directory where temporary image files are stored when the +# volume driver does not write them directly to the volume. +# (string value) +#volume_tmp_dir= + +# Maximum number of nested volume clones that are taken before +# a flatten occurs. Set to 0 to disable cloning. (integer +# value) +#rbd_max_clone_depth=5 + +# Volumes will be chunked into objects of this size (in +# megabytes). (integer value) +#rbd_store_chunk_size=4 + +# Timeout value (in seconds) used when connecting to ceph +# cluster. If value < 0, no timeout is set and default +# librados value is used. (integer value) +#rados_connect_timeout=-1 + + +# +# Options defined in cinder.volume.drivers.remotefs +# + +# IP address or Hostname of NAS system. (string value) +#nas_ip= + +# User name to connect to NAS system. (string value) +#nas_login=admin + +# Password to connect to NAS system. (string value) +#nas_password= + +# SSH port to use to connect to NAS system. (integer value) +#nas_ssh_port=22 + +# Filename of private key to use for SSH authentication. +# (string value) +#nas_private_key= + + +# +# Options defined in cinder.volume.drivers.san.hp.hp_3par_common +# + +# 3PAR WSAPI Server Url like https://<3par ip>:8080/api/v1 +# (string value) +#hp3par_api_url= + +# 3PAR Super user username (string value) +#hp3par_username= + +# 3PAR Super user password (string value) +#hp3par_password= + +# The CPG to use for volume creation (string value) +#hp3par_cpg=OpenStack + +# The CPG to use for Snapshots for volumes. If empty +# hp3par_cpg will be used (string value) +#hp3par_cpg_snap= + +# The time in hours to retain a snapshot. You can't delete it +# before this expires. (string value) +#hp3par_snapshot_retention= + +# The time in hours when a snapshot expires and is deleted. +# This must be larger than expiration (string value) +#hp3par_snapshot_expiration= + +# Enable HTTP debugging to 3PAR (boolean value) +#hp3par_debug=false + +# List of target iSCSI addresses to use. (list value) +#hp3par_iscsi_ips= + +# Enable CHAP authentication for iSCSI connections. (boolean +# value) +#hp3par_iscsi_chap_enabled=false + + +# +# Options defined in cinder.volume.drivers.san.hp.hp_lefthand_rest_proxy +# + +# HP LeftHand WSAPI Server Url like https://:8081/lhos (string value) +#hplefthand_api_url= + +# HP LeftHand Super user username (string value) +#hplefthand_username= + +# HP LeftHand Super user password (string value) +#hplefthand_password= + +# HP LeftHand cluster name (string value) +#hplefthand_clustername= + +# Configure CHAP authentication for iSCSI connections +# (Default: Disabled) (boolean value) +#hplefthand_iscsi_chap_enabled=false + +# Enable HTTP debugging to LeftHand (boolean value) +#hplefthand_debug=false + + +# +# Options defined in cinder.volume.drivers.san.hp.hp_msa_common +# + +# The VDisk to use for volume creation. (string value) +#msa_vdisk=OpenStack + + +# +# Options defined in cinder.volume.drivers.san.san +# + +# Use thin provisioning for SAN volumes? (boolean value) +#san_thin_provision=true + +# IP address of SAN controller (string value) +#san_ip= + +# Username for SAN controller (string value) +#san_login=admin + +# Password for SAN controller (string value) +#san_password= + +# Filename of private key to use for SSH authentication +# (string value) +#san_private_key= + +# Cluster name to use for creating volumes (string value) +#san_clustername= + +# SSH port to use with SAN (integer value) +#san_ssh_port=22 + +# Execute commands locally instead of over SSH; use if the +# volume service is running on the SAN device (boolean value) +#san_is_local=false + +# SSH connection timeout in seconds (integer value) +#ssh_conn_timeout=30 + +# Minimum ssh connections in the pool (integer value) +#ssh_min_pool_conn=1 + +# Maximum ssh connections in the pool (integer value) +#ssh_max_pool_conn=5 + + +# +# Options defined in cinder.volume.drivers.san.solaris +# + +# The ZFS path under which to create zvols for volumes. +# (string value) +#san_zfs_volume_base=rpool/ + + +# +# Options defined in cinder.volume.drivers.scality +# + +# Path or URL to Scality SOFS configuration file (string +# value) +#scality_sofs_config= + +# Base dir where Scality SOFS shall be mounted (string value) +#scality_sofs_mount_point=$state_path/scality + +# Path from Scality SOFS root to volume dir (string value) +#scality_sofs_volume_dir=cinder/volumes + + +# +# Options defined in cinder.volume.drivers.smbfs +# + +# File with the list of available smbfs shares. (string value) +#smbfs_shares_config=/etc/cinder/smbfs_shares + +# Default format that will be used when creating volumes if no +# volume format is specified. Can be set to: raw, qcow2, vhd +# or vhdx. (string value) +#smbfs_default_volume_format=qcow2 + +# Create volumes as sparsed files which take no space rather +# than regular files when using raw format, in which case +# volume creation takes lot of time. (boolean value) +#smbfs_sparsed_volumes=true + +# Percent of ACTUAL usage of the underlying volume before no +# new volumes can be allocated to the volume destination. +# (floating point value) +#smbfs_used_ratio=0.95 + +# This will compare the allocated to available space on the +# volume destination. If the ratio exceeds this number, the +# destination will no longer be valid. (floating point value) +#smbfs_oversub_ratio=1.0 + +# Base dir containing mount points for smbfs shares. (string +# value) +#smbfs_mount_point_base=$state_path/mnt + +# Mount options passed to the smbfs client. See mount.cifs man +# page for details. (string value) +#smbfs_mount_options=noperm,file_mode=0775,dir_mode=0775 + + +# +# Options defined in cinder.volume.drivers.solidfire +# + +# Set 512 byte emulation on volume creation; (boolean value) +#sf_emulate_512=true + +# Allow tenants to specify QOS on create (boolean value) +#sf_allow_tenant_qos=false + +# Create SolidFire accounts with this prefix. Any string can +# be used here, but the string "hostname" is special and will +# create a prefix using the cinder node hostsname (previous +# default behavior). The default is NO prefix. (string value) +#sf_account_prefix= + +# SolidFire API port. Useful if the device api is behind a +# proxy on a different port. (integer value) +#sf_api_port=443 + + +# +# Options defined in cinder.volume.drivers.vmware.vmdk +# + +# IP address for connecting to VMware ESX/VC server. (string +# value) +#vmware_host_ip= + +# Username for authenticating with VMware ESX/VC server. +# (string value) +#vmware_host_username= + +# Password for authenticating with VMware ESX/VC server. +# (string value) +#vmware_host_password= + +# Optional VIM service WSDL Location e.g +# http:///vimService.wsdl. Optional over-ride to +# default location for bug work-arounds. (string value) +#vmware_wsdl_location= + +# Number of times VMware ESX/VC server API must be retried +# upon connection related issues. (integer value) +#vmware_api_retry_count=10 + +# The interval (in seconds) for polling remote tasks invoked +# on VMware ESX/VC server. (floating point value) +#vmware_task_poll_interval=0.5 + +# Name for the folder in the VC datacenter that will contain +# cinder volumes. (string value) +#vmware_volume_folder=cinder-volumes + +# Timeout in seconds for VMDK volume transfer between Cinder +# and Glance. (integer value) +#vmware_image_transfer_timeout_secs=7200 + +# Max number of objects to be retrieved per batch. Query +# results will be obtained in batches from the server and not +# in one shot. Server may still limit the count to something +# less than the configured value. (integer value) +#vmware_max_objects_retrieval=100 + +# Optional string specifying the VMware VC server version. The +# driver attempts to retrieve the version from VMware VC +# server. Set this configuration only if you want to override +# the VC server version. (string value) +#vmware_host_version= + +# Directory where virtual disks are stored during volume +# backup and restore. (string value) +#vmware_tmp_dir=/tmp + + +# +# Options defined in cinder.volume.drivers.windows.windows +# + +# Path to store VHD backed volumes (string value) +#windows_iscsi_lun_path=C:\iSCSIVirtualDisks + + +# +# Options defined in cinder.volume.drivers.zadara +# + +# Management IP of Zadara VPSA (string value) +#zadara_vpsa_ip= + +# Zadara VPSA port number (string value) +#zadara_vpsa_port= + +# Use SSL connection (boolean value) +#zadara_vpsa_use_ssl=false + +# User name for the VPSA (string value) +#zadara_user= + +# Password for the VPSA (string value) +#zadara_password= + +# Name of VPSA storage pool for volumes (string value) +#zadara_vpsa_poolname= + +# Default thin provisioning policy for volumes (boolean value) +#zadara_vol_thin=true + +# Default encryption policy for volumes (boolean value) +#zadara_vol_encrypt=false + +# Default template for VPSA volume names (string value) +#zadara_vol_name_template=OS_%s + +# Automatically detach from servers on volume delete (boolean +# value) +#zadara_vpsa_auto_detach_on_delete=true + +# Don't halt on deletion of non-existing volumes (boolean +# value) +#zadara_vpsa_allow_nonexistent_delete=true + + +# +# Options defined in cinder.volume.drivers.zfssa.zfssaiscsi +# + +# Storage pool name. (string value) +#zfssa_pool= + +# Project name. (string value) +#zfssa_project= + +# Block size: 512, 1k, 2k, 4k, 8k, 16k, 32k, 64k, 128k. +# (string value) +#zfssa_lun_volblocksize=8k + +# Flag to enable sparse (thin-provisioned): True, False. +# (boolean value) +#zfssa_lun_sparse=false + +# Data compression-off, lzjb, gzip-2, gzip, gzip-9. (string +# value) +#zfssa_lun_compression= + +# Synchronous write bias-latency, throughput. (string value) +#zfssa_lun_logbias= + +# iSCSI initiator group. (string value) +#zfssa_initiator_group= + +# iSCSI initiator IQNs. (comma separated) (string value) +#zfssa_initiator= + +# iSCSI initiator CHAP user. (string value) +#zfssa_initiator_user= + +# iSCSI initiator CHAP password. (string value) +#zfssa_initiator_password= + +# iSCSI target group name. (string value) +#zfssa_target_group=tgt-grp + +# iSCSI target CHAP user. (string value) +#zfssa_target_user= + +# iSCSI target CHAP password. (string value) +#zfssa_target_password= + +# iSCSI target portal (Data-IP:Port, w.x.y.z:3260). (string +# value) +#zfssa_target_portal= + +# Network interfaces of iSCSI targets. (comma separated) +# (string value) +#zfssa_target_interfaces= + +# REST connection timeout. (seconds) (integer value) +#zfssa_rest_timeout= + + +# +# Options defined in cinder.volume.manager +# + +# Driver to use for volume creation (string value) +#volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver + +# Timeout for creating the volume to migrate to when +# performing volume migration (seconds) (integer value) +#migration_create_volume_timeout_secs=300 + +# Offload pending volume delete during volume service startup +# (boolean value) +#volume_service_inithost_offload=false + +# FC Zoning mode configured (string value) +#zoning_mode=none + +# User defined capabilities, a JSON formatted string +# specifying key/value pairs. (string value) +#extra_capabilities={} + + +[BRCD_FABRIC_EXAMPLE] + +# +# Options defined in cinder.zonemanager.drivers.brocade.brcd_fabric_opts +# + +# Management IP of fabric (string value) +#fc_fabric_address= + +# Fabric user ID (string value) +#fc_fabric_user= + +# Password for user (string value) +#fc_fabric_password= + +# Connecting port (integer value) +#fc_fabric_port=22 + +# overridden zoning policy (string value) +#zoning_policy=initiator-target + +# overridden zoning activation state (boolean value) +#zone_activate=true + +# overridden zone name prefix (string value) +#zone_name_prefix= + +# Principal switch WWN of the fabric (string value) +#principal_switch_wwn= + + +[CISCO_FABRIC_EXAMPLE] + +# +# Options defined in cinder.zonemanager.drivers.cisco.cisco_fabric_opts +# + +# Management IP of fabric (string value) +#cisco_fc_fabric_address= + +# Fabric user ID (string value) +#cisco_fc_fabric_user= + +# Password for user (string value) +#cisco_fc_fabric_password= + +# Connecting port (integer value) +#cisco_fc_fabric_port=22 + +# overridden zoning policy (string value) +#cisco_zoning_policy=initiator-target + +# overridden zoning activation state (boolean value) +#cisco_zone_activate=true + +# overridden zone name prefix (string value) +#cisco_zone_name_prefix= + +# VSAN of the Fabric (string value) +#cisco_zoning_vsan= + + +[database] + +# +# Options defined in oslo.db +# + +# The file name to use with SQLite. (string value) +#sqlite_db=oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +#sqlite_synchronous=true + +# The back end to use for the database. (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend=sqlalchemy + +# The SQLAlchemy connection string to use to connect to the +# database. (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection= + +# The SQLAlchemy connection string to use to connect to the +# slave database. (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, +# including the default, overrides any server-set SQL mode. To +# use whatever SQL mode is set by the server configuration, +# set this to no value. Example: mysql_sql_mode= (string +# value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum number of database connection retries during +# startup. Set to -1 to specify an infinite retry count. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a SQL connection. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, +# 100=Everything. (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. +# (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + +# Enable the experimental use of database reconnect on +# connection lost. (boolean value) +#use_db_reconnect=false + +# Seconds between database connection retries. (integer value) +#db_retry_interval=1 + +# If True, increases the interval between database connection +# retries up to db_max_retry_interval. (boolean value) +#db_inc_retry_interval=true + +# If db_inc_retry_interval is set, the maximum seconds between +# database connection retries. (integer value) +#db_max_retry_interval=10 + +# Maximum database connection retries before error is raised. +# Set to -1 to specify an infinite retry count. (integer +# value) +#db_max_retries=20 + + +# +# Options defined in oslo.db.concurrency +# + +# Enable the experimental use of thread pooling for all DB API +# calls (boolean value) +# Deprecated group/name - [DEFAULT]/dbapi_use_tpool +#use_tpool=false + + +[fc-zone-manager] + +# +# Options defined in cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver +# + +# Southbound connector for zoning operation (string value) +#brcd_sb_connector=cinder.zonemanager.drivers.brocade.brcd_fc_zone_client_cli.BrcdFCZoneClientCLI + + +# +# Options defined in cinder.zonemanager.drivers.cisco.cisco_fc_zone_driver +# + +# Southbound connector for zoning operation (string value) +#cisco_sb_connector=cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI + + +# +# Options defined in cinder.zonemanager.fc_zone_manager +# + +# FC Zone Driver responsible for zone management (string +# value) +#zone_driver=cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver + +# Zoning policy configured by user (string value) +#zoning_policy=initiator-target + +# Comma separated list of fibre channel fabric names. This +# list of names is used to retrieve other SAN credentials for +# connecting to each SAN fabric (string value) +#fc_fabric_names= + +# FC San Lookup Service (string value) +#fc_san_lookup_service=cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService + + +[keymgr] + +# +# Options defined in cinder.keymgr +# + +# The full class name of the key manager API class (string +# value) +#api_class=cinder.keymgr.conf_key_mgr.ConfKeyManager + + +# +# Options defined in cinder.keymgr.conf_key_mgr +# + +# Fixed key returned by key manager, specified in hex (string +# value) +#fixed_key= + + +# +# Options defined in cinder.keymgr.key_mgr +# + +# Authentication url for encryption service. (string value) +#encryption_auth_url=http://localhost:5000/v2.0 + +# Url for encryption service. (string value) +#encryption_api_url=http://localhost:9311/v1 + + +[keystone_authtoken] + +# +# Options defined in keystonemiddleware.auth_token +# + +# Prefix to prepend at the beginning of the path. Deprecated, +# use identity_uri. (string value) +#auth_admin_prefix= + +# Host providing the admin Identity API endpoint. Deprecated, +# use identity_uri. (string value) +#auth_host=127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) +#auth_port=35357 + +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) +#auth_protocol=https + +# Complete public Identity API endpoint (string value) +#auth_uri= + +# Complete admin Identity API endpoint. This should specify +# the unversioned root endpoint e.g. https://localhost:35357/ +# (string value) +#identity_uri= + +# API version of the admin Identity API endpoint (string +# value) +#auth_version= + +# Do not handle authorization requests within the middleware, +# but delegate the authorization decision to downstream WSGI +# components (boolean value) +#delay_auth_decision=false + +# Request timeout value for communicating with Identity API +# server. (boolean value) +#http_connect_timeout= + +# How many times are we trying to reconnect when communicating +# with Identity API Server. (integer value) +#http_request_max_retries=3 + +# This option is deprecated and may be removed in a future +# release. Single shared secret with the Keystone +# configuration used for bootstrapping a Keystone +# installation, or otherwise bypassing the normal +# authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) +#admin_token= + +# Keystone account username (string value) +#admin_user= + +# Keystone account password (string value) +#admin_password= + +# Keystone service account tenant name to validate user tokens +# (string value) +#admin_tenant_name=admin + +# Env key for the swift cache (string value) +#cache= + +# Required if Keystone server requires client certificate +# (string value) +#certfile= + +# Required if Keystone server requires client certificate +# (string value) +#keyfile= + +# A PEM encoded Certificate Authority to use when verifying +# HTTPs connections. Defaults to system CAs. (string value) +#cafile= + +# Verify HTTPS connections. (boolean value) +#insecure=false + +# Directory used to cache files related to PKI tokens (string +# value) +#signing_dir= + +# Optionally specify a list of memcached server(s) to use for +# caching. If left undefined, tokens will instead be cached +# in-process. (list value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers= + +# In order to prevent excessive effort spent validating +# tokens, the middleware caches previously-seen tokens for a +# configurable duration (in seconds). Set to -1 to disable +# caching completely. (integer value) +#token_cache_time=300 + +# Determines the frequency at which the list of revoked tokens +# is retrieved from the Identity service (in seconds). A high +# number of revocation events combined with a low cache +# duration may significantly reduce performance. (integer +# value) +#revocation_cache_time=10 + +# (optional) if defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable +# values are MAC or ENCRYPT. If MAC, token data is +# authenticated (with HMAC) in the cache. If ENCRYPT, token +# data is encrypted and authenticated in the cache. If the +# value is not one of these options or empty, auth_token will +# raise an exception on initialization. (string value) +#memcache_security_strategy= + +# (optional, mandatory if memcache_security_strategy is +# defined) this string is used for key derivation. (string +# value) +#memcache_secret_key= + +# (optional) number of seconds memcached server is considered +# dead before it is tried again. (integer value) +#memcache_pool_dead_retry=300 + +# (optional) max total number of open connections to every +# memcached server. (integer value) +#memcache_pool_maxsize=10 + +# (optional) socket timeout in seconds for communicating with +# a memcache server. (integer value) +#memcache_pool_socket_timeout=3 + +# (optional) number of seconds a connection to memcached is +# held unused in the pool before it is closed. (integer value) +#memcache_pool_unused_timeout=60 + +# (optional) number of seconds that an operation will wait to +# get a memcache client connection from the pool. (integer +# value) +#memcache_pool_conn_get_timeout=10 + +# (optional) use the advanced (eventlet safe) memcache client +# pool. The advanced pool will only work under python 2.x. +# (boolean value) +#memcache_use_advanced_pool=false + +# (optional) indicate whether to set the X-Service-Catalog +# header. If False, middleware will not ask for service +# catalog on token validation and will not set the X-Service- +# Catalog header. (boolean value) +#include_service_catalog=true + +# Used to control the use and type of token binding. Can be +# set to: "disabled" to not check token binding. "permissive" +# (default) to validate binding information if the bind type +# is of a form known to the server and ignore it if not. +# "strict" like "permissive" but if the bind type is unknown +# the token will be rejected. "required" any form of token +# binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string +# value) +#enforce_token_bind=permissive + +# If true, the revocation list will be checked for cached +# tokens. This requires that PKI tokens are configured on the +# Keystone server. (boolean value) +#check_revocations_for_cached=false + +# Hash algorithms to use for hashing PKI tokens. This may be a +# single algorithm or multiple. The algorithms are those +# supported by Python standard hashlib.new(). The hashes will +# be tried in the order given, so put the preferred one first +# for performance. The result of the first hash will be stored +# in the cache. This will typically be set to multiple values +# only while migrating from a less secure algorithm to a more +# secure one. Once all the old tokens are expired this option +# should be set to a single value for better performance. +# (list value) +#hash_algorithms=md5 + + +[matchmaker_redis] + +# +# Options defined in oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# Options defined in oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[oslo_messaging_amqp] + +# +# Options defined in oslo.messaging +# +# NOTE: Options in this group are supported when using oslo.messaging >=1.5.0. + +# address prefix used when sending to a specific server +# (string value) +#server_request_prefix=exclusive + +# address prefix used when broadcasting to all servers (string +# value) +#broadcast_prefix=broadcast + +# address prefix when sending to any server in group (string +# value) +#group_request_prefix=unicast + +# Name for the AMQP container (string value) +#container_name= + +# Timeout for inactive connections (in seconds) (integer +# value) +#idle_timeout=0 + +# Debug: dump AMQP frames to stdout (boolean value) +#trace=false + +# CA certificate PEM file for verifing server certificate +# (string value) +#ssl_ca_file= + +# Identifying certificate PEM file to present to clients +# (string value) +#ssl_cert_file= + +# Private key PEM file used to sign cert_file certificate +# (string value) +#ssl_key_file= + +# Password for decrypting ssl_key_file (if encrypted) (string +# value) +#ssl_key_password= + +# Accept clients using either SSL or plain TCP (boolean value) +#allow_insecure_clients=false + + +[profiler] + +# +# Options defined in cinder.service +# + +# If False fully disable profiling feature. (boolean value) +#profiler_enabled=false + +# If False doesn't trace SQL requests. (boolean value) +#trace_sqlalchemy=false + + +[ssl] + +# +# Options defined in cinder.openstack.common.sslutils +# + +# CA certificate file to use to verify connecting clients +# (string value) +#ca_file= + +# Certificate file to use when starting the server securely +# (string value) +#cert_file= + +# Private key file to use when starting the server securely +# (string value) +#key_file= + + diff --git a/openstack/usr/share/openstack/cinder/policy.json b/openstack/usr/share/openstack/cinder/policy.json new file mode 100644 index 00000000..8f3a7b2f --- /dev/null +++ b/openstack/usr/share/openstack/cinder/policy.json @@ -0,0 +1,80 @@ +{ + "context_is_admin": "role:admin", + "admin_or_owner": "is_admin:True or project_id:%(project_id)s", + "default": "rule:admin_or_owner", + + "admin_api": "is_admin:True", + + "volume:create": "", + "volume:get_all": "", + "volume:get_volume_metadata": "", + "volume:get_volume_admin_metadata": "rule:admin_api", + "volume:delete_volume_admin_metadata": "rule:admin_api", + "volume:update_volume_admin_metadata": "rule:admin_api", + "volume:get_snapshot": "", + "volume:get_all_snapshots": "", + "volume:extend": "", + "volume:update_readonly_flag": "", + "volume:retype": "", + + "volume_extension:types_manage": "rule:admin_api", + "volume_extension:types_extra_specs": "rule:admin_api", + "volume_extension:volume_type_encryption": "rule:admin_api", + "volume_extension:volume_encryption_metadata": "rule:admin_or_owner", + "volume_extension:extended_snapshot_attributes": "", + "volume_extension:volume_image_metadata": "", + + "volume_extension:quotas:show": "", + "volume_extension:quotas:update": "rule:admin_api", + "volume_extension:quota_classes": "", + + "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", + "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", + "volume_extension:backup_admin_actions:reset_status": "rule:admin_api", + "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", + "volume_extension:volume_admin_actions:force_detach": "rule:admin_api", + "volume_extension:snapshot_admin_actions:force_delete": "rule:admin_api", + "volume_extension:volume_admin_actions:migrate_volume": "rule:admin_api", + "volume_extension:volume_admin_actions:migrate_volume_completion": "rule:admin_api", + + "volume_extension:volume_host_attribute": "rule:admin_api", + "volume_extension:volume_tenant_attribute": "rule:admin_or_owner", + "volume_extension:volume_mig_status_attribute": "rule:admin_api", + "volume_extension:hosts": "rule:admin_api", + "volume_extension:services": "rule:admin_api", + + "volume_extension:volume_manage": "rule:admin_api", + "volume_extension:volume_unmanage": "rule:admin_api", + + "volume:services": "rule:admin_api", + + "volume:create_transfer": "", + "volume:accept_transfer": "", + "volume:delete_transfer": "", + "volume:get_all_transfers": "", + + "volume_extension:replication:promote": "rule:admin_api", + "volume_extension:replication:reenable": "rule:admin_api", + + "backup:create" : "", + "backup:delete": "", + "backup:get": "", + "backup:get_all": "", + "backup:restore": "", + "backup:backup-import": "rule:admin_api", + "backup:backup-export": "rule:admin_api", + + "snapshot_extension:snapshot_actions:update_snapshot_status": "", + + "consistencygroup:create" : "group:nobody", + "consistencygroup:delete": "group:nobody", + "consistencygroup:get": "group:nobody", + "consistencygroup:get_all": "group:nobody", + + "consistencygroup:create_cgsnapshot" : "", + "consistencygroup:delete_cgsnapshot": "", + "consistencygroup:get_cgsnapshot": "", + "consistencygroup:get_all_cgsnapshots": "", + + "scheduler_extension:scheduler_stats:get_pools" : "rule:admin_api" +} diff --git a/openstack/usr/share/openstack/glance/glance-api-paste.ini b/openstack/usr/share/openstack/glance/glance-api-paste.ini new file mode 100644 index 00000000..86a4cdb1 --- /dev/null +++ b/openstack/usr/share/openstack/glance/glance-api-paste.ini @@ -0,0 +1,77 @@ +# Use this pipeline for no auth or image caching - DEFAULT +[pipeline:glance-api] +pipeline = versionnegotiation osprofiler unauthenticated-context rootapp + +# Use this pipeline for image caching and no auth +[pipeline:glance-api-caching] +pipeline = versionnegotiation osprofiler unauthenticated-context cache rootapp + +# Use this pipeline for caching w/ management interface but no auth +[pipeline:glance-api-cachemanagement] +pipeline = versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp + +# Use this pipeline for keystone auth +[pipeline:glance-api-keystone] +pipeline = versionnegotiation osprofiler authtoken context rootapp + +# Use this pipeline for keystone auth with image caching +[pipeline:glance-api-keystone+caching] +pipeline = versionnegotiation osprofiler authtoken context cache rootapp + +# Use this pipeline for keystone auth with caching and cache management +[pipeline:glance-api-keystone+cachemanagement] +pipeline = versionnegotiation osprofiler authtoken context cache cachemanage rootapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user. +[pipeline:glance-api-trusted-auth] +pipeline = versionnegotiation osprofiler context rootapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user and uses cache management +[pipeline:glance-api-trusted-auth+cachemanagement] +pipeline = versionnegotiation osprofiler context cache cachemanage rootapp + +[composite:rootapp] +paste.composite_factory = glance.api:root_app_factory +/: apiversions +/v1: apiv1app +/v2: apiv2app + +[app:apiversions] +paste.app_factory = glance.api.versions:create_resource + +[app:apiv1app] +paste.app_factory = glance.api.v1.router:API.factory + +[app:apiv2app] +paste.app_factory = glance.api.v2.router:API.factory + +[filter:versionnegotiation] +paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory + +[filter:cache] +paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory + +[filter:cachemanage] +paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory + +[filter:context] +paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory + +[filter:unauthenticated-context] +paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory +delay_auth_decision = true + +[filter:gzip] +paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory + +[filter:osprofiler] +paste.filter_factory = osprofiler.web:WsgiMiddleware.factory +hmac_keys = SECRET_KEY +enabled = yes diff --git a/openstack/usr/share/openstack/glance/glance-api.conf b/openstack/usr/share/openstack/glance/glance-api.conf new file mode 100644 index 00000000..cfc214e9 --- /dev/null +++ b/openstack/usr/share/openstack/glance/glance-api.conf @@ -0,0 +1,697 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +#verbose = False + +# Show debugging output in logs (sets DEBUG log level output) +#debug = False + +# Which backend scheme should Glance use by default is not specified +# in a request to add a new image to Glance? Known schemes are determined +# by the known_stores option below. +# Default: 'file' +default_store = file + +# Maximum image size (in bytes) that may be uploaded through the +# Glance API server. Defaults to 1 TB. +# WARNING: this value should only be increased after careful consideration +# and must be set to a value under 8 EB (9223372036854775808). +#image_size_cap = 1099511627776 + +# Address to bind the API server +bind_host = 0.0.0.0 + +# Port the bind the API server to +bind_port = 9292 + +# Log to this file. Make sure you do not set the same log file for both the API +# and registry servers! +# +# If `log_file` is omitted and `use_syslog` is false, then log messages are +# sent to stdout as a fallback. +log_file = /var/log/glance/api.log + +# Backlog requests when creating socket +backlog = 4096 + +# TCP_KEEPIDLE value in seconds when creating socket. +# Not supported on OS X. +#tcp_keepidle = 600 + +# API to use for accessing data. Default value points to sqlalchemy +# package, it is also possible to use: glance.db.registry.api +# data_api = glance.db.sqlalchemy.api + +# The number of child process workers that will be +# created to service API requests. The default will be +# equal to the number of CPUs available. (integer value) +#workers = 4 + +# Maximum line size of message headers to be accepted. +# max_header_line may need to be increased when using large tokens +# (typically those generated by the Keystone v3 API with big service +# catalogs) +# max_header_line = 16384 + +# Role used to identify an authenticated user as administrator +#admin_role = admin + +# Allow unauthenticated users to access the API with read-only +# privileges. This only applies when using ContextMiddleware. +#allow_anonymous_access = False + +# Allow access to version 1 of glance api +#enable_v1_api = True + +# Allow access to version 2 of glance api +#enable_v2_api = True + +# Return the URL that references where the data is stored on +# the backend storage system. For example, if using the +# file system store a URL of 'file:///path/to/image' will +# be returned to the user in the 'direct_url' meta-data field. +# The default value is false. +#show_image_direct_url = False + +# Send headers containing user and tenant information when making requests to +# the v1 glance registry. This allows the registry to function as if a user is +# authenticated without the need to authenticate a user itself using the +# auth_token middleware. +# The default value is false. +#send_identity_headers = False + +# Supported values for the 'container_format' image attribute +#container_formats=ami,ari,aki,bare,ovf,ova + +# Supported values for the 'disk_format' image attribute +#disk_formats=ami,ari,aki,vhd,vmdk,raw,qcow2,vdi,iso + +# Directory to use for lock files. Default to a temp directory +# (string value). This setting needs to be the same for both +# glance-scrubber and glance-api. +#lock_path= + +# Property Protections config file +# This file contains the rules for property protections and the roles/policies +# associated with it. +# If this config value is not specified, by default, property protections +# won't be enforced. +# If a value is specified and the file is not found, then the glance-api +# service will not start. +#property_protection_file = + +# Specify whether 'roles' or 'policies' are used in the +# property_protection_file. +# The default value for property_protection_rule_format is 'roles'. +#property_protection_rule_format = roles + +# This value sets what strategy will be used to determine the image location +# order. Currently two strategies are packaged with Glance 'location_order' +# and 'store_type'. +#location_strategy = location_order + +# ================= Syslog Options ============================ + +# Send logs to syslog (/dev/log) instead of to file specified +# by `log_file` +#use_syslog = False + +# Facility to use. If unset defaults to LOG_USER. +#syslog_log_facility = LOG_LOCAL0 + +# ================= SSL Options =============================== + +# Certificate file to use when starting API server securely +#cert_file = /path/to/certfile + +# Private key file to use when starting API server securely +#key_file = /path/to/keyfile + +# CA certificate file to use to verify connecting clients +#ca_file = /path/to/cafile + +# ================= Security Options ========================== + +# AES key for encrypting store 'location' metadata, including +# -- if used -- Swift or S3 credentials +# Should be set to a random string of length 16, 24 or 32 bytes +#metadata_encryption_key = <16, 24 or 32 char registry metadata key> + +# ============ Registry Options =============================== + +# Address to find the registry server +registry_host = 0.0.0.0 + +# Port the registry server is listening on +registry_port = 9191 + +# What protocol to use when connecting to the registry server? +# Set to https for secure HTTP communication +registry_client_protocol = http + +# The path to the key file to use in SSL connections to the +# registry server, if any. Alternately, you may set the +# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file +#registry_client_key_file = /path/to/key/file + +# The path to the cert file to use in SSL connections to the +# registry server, if any. Alternately, you may set the +# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file +#registry_client_cert_file = /path/to/cert/file + +# The path to the certifying authority cert file to use in SSL connections +# to the registry server, if any. Alternately, you may set the +# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file +#registry_client_ca_file = /path/to/ca/file + +# When using SSL in connections to the registry server, do not require +# validation via a certifying authority. This is the registry's equivalent of +# specifying --insecure on the command line using glanceclient for the API +# Default: False +#registry_client_insecure = False + +# The period of time, in seconds, that the API server will wait for a registry +# request to complete. A value of '0' implies no timeout. +# Default: 600 +#registry_client_timeout = 600 + +# Whether to automatically create the database tables. +# Default: False +#db_auto_create = False + +# Enable DEBUG log messages from sqlalchemy which prints every database +# query and response. +# Default: False +#sqlalchemy_debug = True + +# Pass the user's token through for API requests to the registry. +# Default: True +#use_user_token = True + +# If 'use_user_token' is not in effect then admin credentials +# can be specified. Requests to the registry on behalf of +# the API will use these credentials. +# Admin user name +#admin_user = None +# Admin password +#admin_password = None +# Admin tenant name +#admin_tenant_name = None +# Keystone endpoint +#auth_url = None +# Keystone region +#auth_region = None +# Auth strategy +#auth_strategy = keystone + +# ============ Notification System Options ===================== + +# Driver or drivers to handle sending notifications. Set to +# 'messaging' to send notifications to a message queue. +# notification_driver = noop + +# Default publisher_id for outgoing notifications. +# default_publisher_id = image.localhost + +# Messaging driver used for 'messaging' notifications driver +# rpc_backend = 'rabbit' + +# Configuration options if sending notifications via rabbitmq (these are +# the defaults) +rabbit_host = localhost +rabbit_port = 5672 +rabbit_use_ssl = false +rabbit_userid = guest +rabbit_password = guest +rabbit_virtual_host = / +rabbit_notification_exchange = glance +rabbit_notification_topic = notifications +rabbit_durable_queues = False + +# Configuration options if sending notifications via Qpid (these are +# the defaults) +qpid_notification_exchange = glance +qpid_notification_topic = notifications +qpid_hostname = localhost +qpid_port = 5672 +qpid_username = +qpid_password = +qpid_sasl_mechanisms = +qpid_reconnect_timeout = 0 +qpid_reconnect_limit = 0 +qpid_reconnect_interval_min = 0 +qpid_reconnect_interval_max = 0 +qpid_reconnect_interval = 0 +qpid_heartbeat = 5 +# Set to 'ssl' to enable SSL +qpid_protocol = tcp +qpid_tcp_nodelay = True + +# ============ Delayed Delete Options ============================= + +# Turn on/off delayed delete +delayed_delete = False + +# Delayed delete time in seconds +scrub_time = 43200 + +# Directory that the scrubber will use to remind itself of what to delete +# Make sure this is also set in glance-scrubber.conf +scrubber_datadir = /var/lib/glance/scrubber + +# =============== Quota Options ================================== + +# The maximum number of image members allowed per image +#image_member_quota = 128 + +# The maximum number of image properties allowed per image +#image_property_quota = 128 + +# The maximum number of tags allowed per image +#image_tag_quota = 128 + +# The maximum number of locations allowed per image +#image_location_quota = 10 + +# Set a system wide quota for every user. This value is the total number +# of bytes that a user can use across all storage systems. A value of +# 0 means unlimited. +#user_storage_quota = 0 + +# =============== Image Cache Options ============================= + +# Base directory that the Image Cache uses +image_cache_dir = /var/lib/glance/image-cache/ + +# =============== Database Options ================================= + +[database] +# The file name to use with SQLite (string value) +#sqlite_db = oslo.sqlite + +# If True, SQLite uses synchronous mode (boolean value) +#sqlite_synchronous = True + +# The backend to use for db (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend = sqlalchemy + +# The SQLAlchemy connection string used to connect to the +# database (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection = + +# The SQL mode to be used for MySQL sessions. This option, +# including the default, overrides any server-set SQL mode. To +# use whatever SQL mode is set by the server configuration, +# set this to no value. Example: mysql_sql_mode= (string +# value) +#mysql_sql_mode = TRADITIONAL + +# Timeout before idle sql connections are reaped (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout = 3600 + +# Minimum number of SQL connections to keep open in a pool +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size = + +# Maximum db connection retries during startup. (setting -1 +# implies an infinite retry count) (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries = 10 + +# Interval between retries of opening a sql connection +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval = 10 + +# If set, use this value for max_overflow with sqlalchemy +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow = + +# Verbosity of SQL debugging information. 0=None, +# 100=Everything (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug = 0 + +# Add python stack traces to SQL as comment strings (boolean +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace = False + +# If set, use this value for pool_timeout with sqlalchemy +# (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout = + +# Enable the experimental use of database reconnect on +# connection lost (boolean value) +#use_db_reconnect = False + +# seconds between db connection retries (integer value) +#db_retry_interval = 1 + +# Whether to increase interval between db connection retries, +# up to db_max_retry_interval (boolean value) +#db_inc_retry_interval = True + +# max seconds between db connection retries, if +# db_inc_retry_interval is enabled (integer value) +#db_max_retry_interval = 10 + +# maximum db connection retries before error is raised. +# (setting -1 implies an infinite retry count) (integer value) +#db_max_retries = 20 + +[keystone_authtoken] +identity_uri = http://127.0.0.1:35357 +admin_tenant_name = %SERVICE_TENANT_NAME% +admin_user = %SERVICE_USER% +admin_password = %SERVICE_PASSWORD% +revocation_cache_time = 10 + +[paste_deploy] +# Name of the paste configuration file that defines the available pipelines +#config_file = glance-api-paste.ini + +# Partial name of a pipeline in your paste configuration file with the +# service name removed. For example, if your paste section name is +# [pipeline:glance-api-keystone], you would configure the flavor below +# as 'keystone'. +#flavor= + +[store_type_location_strategy] +# The scheme list to use to get store preference order. The scheme must be +# registered by one of the stores defined by the 'known_stores' config option. +# This option will be applied when you using 'store_type' option as image +# location strategy defined by the 'location_strategy' config option. +#store_type_preference = + +[profiler] +# If False fully disable profiling feature. +#enabled = False + +# If False doesn't trace SQL requests. +#trace_sqlalchemy = False + +[task] +# ================= Glance Tasks Options ============================ + +# Specifies how long (in hours) a task is supposed to live in the tasks DB +# after succeeding or failing before getting soft-deleted. +# The default value for task_time_to_live is 48 hours. +# task_time_to_live = 48 + +# Specifies which task executor to be used to run the task scripts. +# The default value for task_executor is eventlet. +# task_executor = eventlet + +# Specifies the maximum number of eventlet threads which can be spun up by +# the eventlet based task executor to perform execution of Glance tasks. +# eventlet_executor_pool_size = 1000 + +[glance_store] +# List of which store classes and store class locations are +# currently known to glance at startup. +# Existing but disabled stores: +# glance.store.rbd.Store, +# glance.store.s3.Store, +# glance.store.swift.Store, +# glance.store.sheepdog.Store, +# glance.store.cinder.Store, +# glance.store.gridfs.Store, +# glance.store.vmware_datastore.Store, +#stores = glance.store.filesystem.Store, +# glance.store.http.Store + +# ============ Filesystem Store Options ======================== + +# Directory that the Filesystem backend store +# writes image data to +filesystem_store_datadir = /var/lib/glance/images/ + +# A list of directories where image data can be stored. +# This option may be specified multiple times for specifying multiple store +# directories. Either one of filesystem_store_datadirs or +# filesystem_store_datadir option is required. A priority number may be given +# after each directory entry, separated by a ":". +# When adding an image, the highest priority directory will be selected, unless +# there is not enough space available in cases where the image size is already +# known. If no priority is given, it is assumed to be zero and the directory +# will be considered for selection last. If multiple directories have the same +# priority, then the one with the most free space available is selected. +# If same store is specified multiple times then BadStoreConfiguration +# exception will be raised. +#filesystem_store_datadirs = /var/lib/glance/images/:1 + +# A path to a JSON file that contains metadata describing the storage +# system. When show_multiple_locations is True the information in this +# file will be returned with any location that is contained in this +# store. +#filesystem_store_metadata_file = None + +# ============ Swift Store Options ============================= + +# Version of the authentication service to use +# Valid versions are '2' for keystone and '1' for swauth and rackspace +swift_store_auth_version = 2 + +# Address where the Swift authentication service lives +# Valid schemes are 'http://' and 'https://' +# If no scheme specified, default to 'https://' +# For swauth, use something like '127.0.0.1:8080/v1.0/' +swift_store_auth_address = 127.0.0.1:5000/v2.0/ + +# User to authenticate against the Swift authentication service +# If you use Swift authentication service, set it to 'account':'user' +# where 'account' is a Swift storage account and 'user' +# is a user in that account +swift_store_user = jdoe:jdoe + +# Auth key for the user authenticating against the +# Swift authentication service +swift_store_key = a86850deb2742ec3cb41518e26aa2d89 + +# Container within the account that the account should use +# for storing images in Swift +swift_store_container = glance + +# Do we create the container if it does not exist? +swift_store_create_container_on_put = False + +# What size, in MB, should Glance start chunking image files +# and do a large object manifest in Swift? By default, this is +# the maximum object size in Swift, which is 5GB +swift_store_large_object_size = 5120 + +# swift_store_config_file = glance-swift.conf +# This file contains references for each of the configured +# Swift accounts/backing stores. If used, this option can prevent +# credentials being stored in the database. Using Swift references +# is disabled if this config is left blank. + +# The reference to the default Swift parameters to use for adding new images. +# default_swift_reference = 'ref1' + +# When doing a large object manifest, what size, in MB, should +# Glance write chunks to Swift? This amount of data is written +# to a temporary disk buffer during the process of chunking +# the image file, and the default is 200MB +swift_store_large_object_chunk_size = 200 + +# Whether to use ServiceNET to communicate with the Swift storage servers. +# (If you aren't RACKSPACE, leave this False!) +# +# To use ServiceNET for authentication, prefix hostname of +# `swift_store_auth_address` with 'snet-'. +# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ +swift_enable_snet = False + +# If set to True enables multi-tenant storage mode which causes Glance images +# to be stored in tenant specific Swift accounts. +#swift_store_multi_tenant = False + +# A list of swift ACL strings that will be applied as both read and +# write ACLs to the containers created by Glance in multi-tenant +# mode. This grants the specified tenants/users read and write access +# to all newly created image objects. The standard swift ACL string +# formats are allowed, including: +# : +# : +# *: +# Multiple ACLs can be combined using a comma separated list, for +# example: swift_store_admin_tenants = service:glance,*:admin +#swift_store_admin_tenants = + +# The region of the swift endpoint to be used for single tenant. This setting +# is only necessary if the tenant has multiple swift endpoints. +#swift_store_region = + +# If set to False, disables SSL layer compression of https swift requests. +# Setting to 'False' may improve performance for images which are already +# in a compressed format, eg qcow2. If set to True, enables SSL layer +# compression (provided it is supported by the target swift proxy). +#swift_store_ssl_compression = True + +# The number of times a Swift download will be retried before the +# request fails +#swift_store_retry_get_count = 0 + +# Bypass SSL verification for Swift +#swift_store_auth_insecure = False + +# ============ S3 Store Options ============================= + +# Address where the S3 authentication service lives +# Valid schemes are 'http://' and 'https://' +# If no scheme specified, default to 'http://' +s3_store_host = 127.0.0.1:8080/v1.0/ + +# User to authenticate against the S3 authentication service +s3_store_access_key = <20-char AWS access key> + +# Auth key for the user authenticating against the +# S3 authentication service +s3_store_secret_key = <40-char AWS secret key> + +# Container within the account that the account should use +# for storing images in S3. Note that S3 has a flat namespace, +# so you need a unique bucket name for your glance images. An +# easy way to do this is append your AWS access key to "glance". +# S3 buckets in AWS *must* be lowercased, so remember to lowercase +# your AWS access key if you use it in your bucket name below! +s3_store_bucket = glance + +# Do we create the bucket if it does not exist? +s3_store_create_bucket_on_put = False + +# When sending images to S3, the data will first be written to a +# temporary buffer on disk. By default the platform's temporary directory +# will be used. If required, an alternative directory can be specified here. +#s3_store_object_buffer_dir = /path/to/dir + +# When forming a bucket url, boto will either set the bucket name as the +# subdomain or as the first token of the path. Amazon's S3 service will +# accept it as the subdomain, but Swift's S3 middleware requires it be +# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'. +#s3_store_bucket_url_format = subdomain + +# Size, in MB, should S3 start chunking image files +# and do a multipart upload in S3. The default is 100MB. +#s3_store_large_object_size = 100 + +# Multipart upload part size, in MB, should S3 use when uploading +# parts. The size must be greater than or equal to +# 5MB. The default is 10MB. +#s3_store_large_object_chunk_size = 10 + +# The number of thread pools to perform a multipart upload +# in S3. The default is 10. +#s3_store_thread_pools = 10 + +# ============ RBD Store Options ============================= + +# Ceph configuration file path +# If using cephx authentication, this file should +# include a reference to the right keyring +# in a client. section +#rbd_store_ceph_conf = /etc/ceph/ceph.conf + +# RADOS user to authenticate as (only applicable if using cephx) +# If , a default will be chosen based on the client. section +# in rbd_store_ceph_conf +#rbd_store_user = + +# RADOS pool in which images are stored +#rbd_store_pool = images + +# RADOS images will be chunked into objects of this size (in megabytes). +# For best performance, this should be a power of two +#rbd_store_chunk_size = 8 + +# ============ Sheepdog Store Options ============================= + +sheepdog_store_address = localhost + +sheepdog_store_port = 7000 + +# Images will be chunked into objects of this size (in megabytes). +# For best performance, this should be a power of two +sheepdog_store_chunk_size = 64 + +# ============ Cinder Store Options =============================== + +# Info to match when looking for cinder in the service catalog +# Format is : separated values of the form: +# :: (string value) +#cinder_catalog_info = volume:cinder:publicURL + +# Override service catalog lookup with template for cinder endpoint +# e.g. http://localhost:8776/v1/%(project_id)s (string value) +#cinder_endpoint_template = + +# Region name of this node (string value) +#os_region_name = + +# Location of ca certicates file to use for cinder client requests +# (string value) +#cinder_ca_certificates_file = + +# Number of cinderclient retries on failed http calls (integer value) +#cinder_http_retries = 3 + +# Allow to perform insecure SSL requests to cinder (boolean value) +#cinder_api_insecure = False + +# ============ VMware Datastore Store Options ===================== + +# ESX/ESXi or vCenter Server target system. +# The server value can be an IP address or a DNS name +# e.g. 127.0.0.1, 127.0.0.1:443, www.vmware-infra.com +#vmware_server_host = + +# Server username (string value) +#vmware_server_username = + +# Server password (string value) +#vmware_server_password = + +# Inventory path to a datacenter (string value) +# Value optional when vmware_server_ip is an ESX/ESXi host: if specified +# should be `ha-datacenter`. +#vmware_datacenter_path = + +# Datastore associated with the datacenter (string value) +#vmware_datastore_name = + +# The number of times we retry on failures +# e.g., socket error, etc (integer value) +#vmware_api_retry_count = 10 + +# The interval used for polling remote tasks +# invoked on VMware ESX/VC server in seconds (integer value) +#vmware_task_poll_interval = 5 + +# Absolute path of the folder containing the images in the datastore +# (string value) +#vmware_store_image_dir = /openstack_glance + +# Allow to perform insecure SSL requests to the target system (boolean value) +#vmware_api_insecure = False diff --git a/openstack/usr/share/openstack/glance/glance-cache.conf b/openstack/usr/share/openstack/glance/glance-cache.conf new file mode 100644 index 00000000..0246b672 --- /dev/null +++ b/openstack/usr/share/openstack/glance/glance-cache.conf @@ -0,0 +1,200 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +#verbose = False + +# Show debugging output in logs (sets DEBUG log level output) +#debug = False + +# Log to this file. Make sure you do not set the same log file for both the API +# and registry servers! +# +# If `log_file` is omitted and `use_syslog` is false, then log messages are +# sent to stdout as a fallback. +log_file = /var/log/glance/image-cache.log + +# Send logs to syslog (/dev/log) instead of to file specified by `log_file` +#use_syslog = False + +# Directory that the Image Cache writes data to +image_cache_dir = /var/lib/glance/image-cache/ + +# Number of seconds after which we should consider an incomplete image to be +# stalled and eligible for reaping +image_cache_stall_time = 86400 + +# Max cache size in bytes +image_cache_max_size = 10737418240 + +# Address to find the registry server +registry_host = 0.0.0.0 + +# Port the registry server is listening on +registry_port = 9191 + +# Auth settings if using Keystone +# auth_url = http://127.0.0.1:5000/v2.0/ +# admin_tenant_name = %SERVICE_TENANT_NAME% +# admin_user = %SERVICE_USER% +# admin_password = %SERVICE_PASSWORD% + +# List of which store classes and store class locations are +# currently known to glance at startup. +# known_stores = glance.store.filesystem.Store, +# glance.store.http.Store, +# glance.store.rbd.Store, +# glance.store.s3.Store, +# glance.store.swift.Store, +# glance.store.sheepdog.Store, +# glance.store.cinder.Store, +# glance.store.vmware_datastore.Store, + +# ============ Filesystem Store Options ======================== + +# Directory that the Filesystem backend store +# writes image data to +filesystem_store_datadir = /var/lib/glance/images/ + +# ============ Swift Store Options ============================= + +# Version of the authentication service to use +# Valid versions are '2' for keystone and '1' for swauth and rackspace +swift_store_auth_version = 2 + +# Address where the Swift authentication service lives +# Valid schemes are 'http://' and 'https://' +# If no scheme specified, default to 'https://' +# For swauth, use something like '127.0.0.1:8080/v1.0/' +swift_store_auth_address = 127.0.0.1:5000/v2.0/ + +# User to authenticate against the Swift authentication service +# If you use Swift authentication service, set it to 'account':'user' +# where 'account' is a Swift storage account and 'user' +# is a user in that account +swift_store_user = jdoe:jdoe + +# Auth key for the user authenticating against the +# Swift authentication service +swift_store_key = a86850deb2742ec3cb41518e26aa2d89 + +# Container within the account that the account should use +# for storing images in Swift +swift_store_container = glance + +# Do we create the container if it does not exist? +swift_store_create_container_on_put = False + +# What size, in MB, should Glance start chunking image files +# and do a large object manifest in Swift? By default, this is +# the maximum object size in Swift, which is 5GB +swift_store_large_object_size = 5120 + +# When doing a large object manifest, what size, in MB, should +# Glance write chunks to Swift? This amount of data is written +# to a temporary disk buffer during the process of chunking +# the image file, and the default is 200MB +swift_store_large_object_chunk_size = 200 + +# Whether to use ServiceNET to communicate with the Swift storage servers. +# (If you aren't RACKSPACE, leave this False!) +# +# To use ServiceNET for authentication, prefix hostname of +# `swift_store_auth_address` with 'snet-'. +# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ +swift_enable_snet = False + +# ============ S3 Store Options ============================= + +# Address where the S3 authentication service lives +# Valid schemes are 'http://' and 'https://' +# If no scheme specified, default to 'http://' +s3_store_host = 127.0.0.1:8080/v1.0/ + +# User to authenticate against the S3 authentication service +s3_store_access_key = <20-char AWS access key> + +# Auth key for the user authenticating against the +# S3 authentication service +s3_store_secret_key = <40-char AWS secret key> + +# Container within the account that the account should use +# for storing images in S3. Note that S3 has a flat namespace, +# so you need a unique bucket name for your glance images. An +# easy way to do this is append your AWS access key to "glance". +# S3 buckets in AWS *must* be lowercased, so remember to lowercase +# your AWS access key if you use it in your bucket name below! +s3_store_bucket = glance + +# Do we create the bucket if it does not exist? +s3_store_create_bucket_on_put = False + +# When sending images to S3, the data will first be written to a +# temporary buffer on disk. By default the platform's temporary directory +# will be used. If required, an alternative directory can be specified here. +# s3_store_object_buffer_dir = /path/to/dir + +# ============ Cinder Store Options =========================== + +# Info to match when looking for cinder in the service catalog +# Format is : separated values of the form: +# :: (string value) +#cinder_catalog_info = volume:cinder:publicURL + +# Override service catalog lookup with template for cinder endpoint +# e.g. http://localhost:8776/v1/%(project_id)s (string value) +#cinder_endpoint_template = + +# Region name of this node (string value) +#os_region_name = + +# Location of ca certicates file to use for cinder client requests +# (string value) +#cinder_ca_certificates_file = + +# Number of cinderclient retries on failed http calls (integer value) +#cinder_http_retries = 3 + +# Allow to perform insecure SSL requests to cinder (boolean value) +#cinder_api_insecure = False + +# ============ VMware Datastore Store Options ===================== + +# ESX/ESXi or vCenter Server target system. +# The server value can be an IP address or a DNS name +# e.g. 127.0.0.1, 127.0.0.1:443, www.vmware-infra.com +#vmware_server_host = + +# Server username (string value) +#vmware_server_username = + +# Server password (string value) +#vmware_server_password = + +# Inventory path to a datacenter (string value) +# Value optional when vmware_server_ip is an ESX/ESXi host: if specified +# should be `ha-datacenter`. +#vmware_datacenter_path = + +# Datastore associated with the datacenter (string value) +#vmware_datastore_name = + +# The number of times we retry on failures +# e.g., socket error, etc (integer value) +#vmware_api_retry_count = 10 + +# The interval used for polling remote tasks +# invoked on VMware ESX/VC server in seconds (integer value) +#vmware_task_poll_interval = 5 + +# Absolute path of the folder containing the images in the datastore +# (string value) +#vmware_store_image_dir = /openstack_glance + +# Allow to perform insecure SSL requests to the target system (boolean value) +#vmware_api_insecure = False + +# ================= Security Options ========================== + +# AES key for encrypting store 'location' metadata, including +# -- if used -- Swift or S3 credentials +# Should be set to a random string of length 16, 24 or 32 bytes +# metadata_encryption_key = <16, 24 or 32 char registry metadata key> diff --git a/openstack/usr/share/openstack/glance/glance-registry-paste.ini b/openstack/usr/share/openstack/glance/glance-registry-paste.ini new file mode 100644 index 00000000..df403f6e --- /dev/null +++ b/openstack/usr/share/openstack/glance/glance-registry-paste.ini @@ -0,0 +1,30 @@ +# Use this pipeline for no auth - DEFAULT +[pipeline:glance-registry] +pipeline = osprofiler unauthenticated-context registryapp + +# Use this pipeline for keystone auth +[pipeline:glance-registry-keystone] +pipeline = osprofiler authtoken context registryapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user. +[pipeline:glance-registry-trusted-auth] +pipeline = osprofiler context registryapp + +[app:registryapp] +paste.app_factory = glance.registry.api:API.factory + +[filter:context] +paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory + +[filter:unauthenticated-context] +paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory + +[filter:osprofiler] +paste.filter_factory = osprofiler.web:WsgiMiddleware.factory +hmac_keys = SECRET_KEY +enabled = yes diff --git a/openstack/usr/share/openstack/glance/glance-registry.conf b/openstack/usr/share/openstack/glance/glance-registry.conf new file mode 100644 index 00000000..a72abf8c --- /dev/null +++ b/openstack/usr/share/openstack/glance/glance-registry.conf @@ -0,0 +1,244 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +#verbose = False + +# Show debugging output in logs (sets DEBUG log level output) +#debug = False + +# Address to bind the registry server +bind_host = 0.0.0.0 + +# Port the bind the registry server to +bind_port = 9191 + +# Log to this file. Make sure you do not set the same log file for both the API +# and registry servers! +# +# If `log_file` is omitted and `use_syslog` is false, then log messages are +# sent to stdout as a fallback. +log_file = /var/log/glance/registry.log + +# Backlog requests when creating socket +backlog = 4096 + +# TCP_KEEPIDLE value in seconds when creating socket. +# Not supported on OS X. +#tcp_keepidle = 600 + +# API to use for accessing data. Default value points to sqlalchemy +# package. +#data_api = glance.db.sqlalchemy.api + +# The number of child process workers that will be +# created to service Registry requests. The default will be +# equal to the number of CPUs available. (integer value) +#workers = None + +# Enable Registry API versions individually or simultaneously +#enable_v1_registry = True +#enable_v2_registry = True + +# Limit the api to return `param_limit_max` items in a call to a container. If +# a larger `limit` query param is provided, it will be reduced to this value. +api_limit_max = 1000 + +# If a `limit` query param is not provided in an api request, it will +# default to `limit_param_default` +limit_param_default = 25 + +# Role used to identify an authenticated user as administrator +#admin_role = admin + +# Whether to automatically create the database tables. +# Default: False +#db_auto_create = False + +# Enable DEBUG log messages from sqlalchemy which prints every database +# query and response. +# Default: False +#sqlalchemy_debug = True + +# ================= Syslog Options ============================ + +# Send logs to syslog (/dev/log) instead of to file specified +# by `log_file` +#use_syslog = False + +# Facility to use. If unset defaults to LOG_USER. +#syslog_log_facility = LOG_LOCAL1 + +# ================= SSL Options =============================== + +# Certificate file to use when starting registry server securely +#cert_file = /path/to/certfile + +# Private key file to use when starting registry server securely +#key_file = /path/to/keyfile + +# CA certificate file to use to verify connecting clients +#ca_file = /path/to/cafile + +# ============ Notification System Options ===================== + +# Driver or drivers to handle sending notifications. Set to +# 'messaging' to send notifications to a message queue. +# notification_driver = noop + +# Default publisher_id for outgoing notifications. +# default_publisher_id = image.localhost + +# Messaging driver used for 'messaging' notifications driver +# rpc_backend = 'rabbit' + +# Configuration options if sending notifications via rabbitmq (these are +# the defaults) +rabbit_host = localhost +rabbit_port = 5672 +rabbit_use_ssl = false +rabbit_userid = guest +rabbit_password = guest +rabbit_virtual_host = / +rabbit_notification_exchange = glance +rabbit_notification_topic = notifications +rabbit_durable_queues = False + +# Configuration options if sending notifications via Qpid (these are +# the defaults) +qpid_notification_exchange = glance +qpid_notification_topic = notifications +qpid_hostname = localhost +qpid_port = 5672 +qpid_username = +qpid_password = +qpid_sasl_mechanisms = +qpid_reconnect_timeout = 0 +qpid_reconnect_limit = 0 +qpid_reconnect_interval_min = 0 +qpid_reconnect_interval_max = 0 +qpid_reconnect_interval = 0 +qpid_heartbeat = 5 +# Set to 'ssl' to enable SSL +qpid_protocol = tcp +qpid_tcp_nodelay = True + + +# ================= Database Options ========================== + +[database] +# The file name to use with SQLite (string value) +#sqlite_db = glance.sqlite + +# If True, SQLite uses synchronous mode (boolean value) +#sqlite_synchronous = True + +# The backend to use for db (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend = sqlalchemy + +# The SQLAlchemy connection string used to connect to the +# database (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection = + +# The SQL mode to be used for MySQL sessions. This option, +# including the default, overrides any server-set SQL mode. To +# use whatever SQL mode is set by the server configuration, +# set this to no value. Example: mysql_sql_mode= (string +# value) +#mysql_sql_mode = TRADITIONAL + +# Timeout before idle sql connections are reaped (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout = 3600 + +# Minimum number of SQL connections to keep open in a pool +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size = + +# Maximum db connection retries during startup. (setting -1 +# implies an infinite retry count) (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries = 10 + +# Interval between retries of opening a sql connection +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval = 10 + +# If set, use this value for max_overflow with sqlalchemy +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow = + +# Verbosity of SQL debugging information. 0=None, +# 100=Everything (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug = 0 + +# Add python stack traces to SQL as comment strings (boolean +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace = False + +# If set, use this value for pool_timeout with sqlalchemy +# (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout = + +# Enable the experimental use of database reconnect on +# connection lost (boolean value) +#use_db_reconnect = False + +# seconds between db connection retries (integer value) +#db_retry_interval = 1 + +# Whether to increase interval between db connection retries, +# up to db_max_retry_interval (boolean value) +#db_inc_retry_interval = True + +# max seconds between db connection retries, if +# db_inc_retry_interval is enabled (integer value) +#db_max_retry_interval = 10 + +# maximum db connection retries before error is raised. +# (setting -1 implies an infinite retry count) (integer value) +#db_max_retries = 20 + +[keystone_authtoken] +identity_uri = http://127.0.0.1:35357 +admin_tenant_name = %SERVICE_TENANT_NAME% +admin_user = %SERVICE_USER% +admin_password = %SERVICE_PASSWORD% + +[paste_deploy] +# Name of the paste configuration file that defines the available pipelines +#config_file = glance-registry-paste.ini + +# Partial name of a pipeline in your paste configuration file with the +# service name removed. For example, if your paste section name is +# [pipeline:glance-registry-keystone], you would configure the flavor below +# as 'keystone'. +#flavor= + +[profiler] +# If False fully disable profiling feature. +#enabled = False + +# If False doesn't trace SQL requests. +#trace_sqlalchemy = False diff --git a/openstack/usr/share/openstack/glance/glance-scrubber.conf b/openstack/usr/share/openstack/glance/glance-scrubber.conf new file mode 100644 index 00000000..ecfc7bff --- /dev/null +++ b/openstack/usr/share/openstack/glance/glance-scrubber.conf @@ -0,0 +1,108 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +#verbose = False + +# Show debugging output in logs (sets DEBUG log level output) +#debug = False + +# Log to this file. Make sure you do not set the same log file for both the API +# and registry servers! +# +# If `log_file` is omitted and `use_syslog` is false, then log messages are +# sent to stdout as a fallback. +log_file = /var/log/glance/scrubber.log + +# Send logs to syslog (/dev/log) instead of to file specified by `log_file` +#use_syslog = False + +# Should we run our own loop or rely on cron/scheduler to run us +daemon = False + +# Loop time between checking for new items to schedule for delete +wakeup_time = 300 + +# Directory that the scrubber will use to remind itself of what to delete +# Make sure this is also set in glance-api.conf +scrubber_datadir = /var/lib/glance/scrubber + +# Only one server in your deployment should be designated the cleanup host +cleanup_scrubber = False + +# pending_delete items older than this time are candidates for cleanup +cleanup_scrubber_time = 86400 + +# Address to find the registry server for cleanups +registry_host = 0.0.0.0 + +# Port the registry server is listening on +registry_port = 9191 + +# Auth settings if using Keystone +# auth_url = http://127.0.0.1:5000/v2.0/ +# admin_tenant_name = %SERVICE_TENANT_NAME% +# admin_user = %SERVICE_USER% +# admin_password = %SERVICE_PASSWORD% + +# Directory to use for lock files. Default to a temp directory +# (string value). This setting needs to be the same for both +# glance-scrubber and glance-api. +#lock_path= + +# API to use for accessing data. Default value points to sqlalchemy +# package, it is also possible to use: glance.db.registry.api +#data_api = glance.db.sqlalchemy.api + +# ================= Security Options ========================== + +# AES key for encrypting store 'location' metadata, including +# -- if used -- Swift or S3 credentials +# Should be set to a random string of length 16, 24 or 32 bytes +#metadata_encryption_key = <16, 24 or 32 char registry metadata key> + +# ================= Database Options ===============+========== + +[database] + +# The SQLAlchemy connection string used to connect to the +# database (string value) +#connection=sqlite:////glance/openstack/common/db/$sqlite_db + +# The SQLAlchemy connection string used to connect to the +# slave database (string value) +#slave_connection= + +# timeout before idle sql connections are reaped (integer +# value) +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool +# (integer value) +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool +# (integer value) +#max_pool_size= + +# maximum db connection retries during startup. (setting -1 +# implies an infinite retry count) (integer value) +#max_retries=10 + +# interval between retries of opening a sql connection +# (integer value) +#retry_interval=10 + +# If set, use this value for max_overflow with sqlalchemy +# (integer value) +#max_overflow= + +# Verbosity of SQL debugging information. 0=None, +# 100=Everything (integer value) +#connection_debug=0 + +# Add python stack traces to SQL as comment strings (boolean +# value) +#connection_trace=false + +# If set, use this value for pool_timeout with sqlalchemy +# (integer value) +#pool_timeout= diff --git a/openstack/usr/share/openstack/glance/logging.conf b/openstack/usr/share/openstack/glance/logging.conf new file mode 100644 index 00000000..7e7f31f0 --- /dev/null +++ b/openstack/usr/share/openstack/glance/logging.conf @@ -0,0 +1,54 @@ +[loggers] +keys=root,api,registry,combined + +[formatters] +keys=normal,normal_with_name,debug + +[handlers] +keys=production,file,devel + +[logger_root] +level=NOTSET +handlers=devel + +[logger_api] +level=DEBUG +handlers=devel +qualname=glance-api + +[logger_registry] +level=DEBUG +handlers=devel +qualname=glance-registry + +[logger_combined] +level=DEBUG +handlers=devel +qualname=glance-combined + +[handler_production] +class=handlers.SysLogHandler +level=ERROR +formatter=normal_with_name +args=(('localhost', handlers.SYSLOG_UDP_PORT), handlers.SysLogHandler.LOG_USER) + +[handler_file] +class=FileHandler +level=DEBUG +formatter=normal_with_name +args=('glance.log', 'w') + +[handler_devel] +class=StreamHandler +level=NOTSET +formatter=debug +args=(sys.stdout,) + +[formatter_normal] +format=%(asctime)s %(levelname)s %(message)s + +[formatter_normal_with_name] +format=(%(name)s): %(asctime)s %(levelname)s %(message)s + +[formatter_debug] +format=(%(name)s): %(asctime)s %(levelname)s %(module)s %(funcName)s %(message)s diff --git a/openstack/usr/share/openstack/glance/policy.json b/openstack/usr/share/openstack/glance/policy.json new file mode 100644 index 00000000..325f00b2 --- /dev/null +++ b/openstack/usr/share/openstack/glance/policy.json @@ -0,0 +1,52 @@ +{ + "context_is_admin": "role:admin", + "default": "", + + "add_image": "", + "delete_image": "", + "get_image": "", + "get_images": "", + "modify_image": "", + "publicize_image": "role:admin", + "copy_from": "", + + "download_image": "", + "upload_image": "", + + "delete_image_location": "", + "get_image_location": "", + "set_image_location": "", + + "add_member": "", + "delete_member": "", + "get_member": "", + "get_members": "", + "modify_member": "", + + "manage_image_cache": "role:admin", + + "get_task": "", + "get_tasks": "", + "add_task": "", + "modify_task": "", + + "get_metadef_namespace": "", + "get_metadef_namespaces":"", + "modify_metadef_namespace":"", + "add_metadef_namespace":"", + + "get_metadef_object":"", + "get_metadef_objects":"", + "modify_metadef_object":"", + "add_metadef_object":"", + + "list_metadef_resource_types":"", + "get_metadef_resource_type":"", + "add_metadef_resource_type_association":"", + + "get_metadef_property":"", + "get_metadef_properties":"", + "modify_metadef_property":"", + "add_metadef_property":"" + +} diff --git a/openstack/usr/share/openstack/glance/schema-image.json b/openstack/usr/share/openstack/glance/schema-image.json new file mode 100644 index 00000000..5aafd6b3 --- /dev/null +++ b/openstack/usr/share/openstack/glance/schema-image.json @@ -0,0 +1,28 @@ +{ + "kernel_id": { + "type": "string", + "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", + "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." + }, + "ramdisk_id": { + "type": "string", + "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", + "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." + }, + "instance_uuid": { + "type": "string", + "description": "ID of instance used to create this image." + }, + "architecture": { + "description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", + "type": "string" + }, + "os_distro": { + "description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html", + "type": "string" + }, + "os_version": { + "description": "Operating system version as specified by the distributor", + "type": "string" + } +} diff --git a/openstack/usr/share/openstack/keystone/keystone-paste.ini b/openstack/usr/share/openstack/keystone/keystone-paste.ini new file mode 100644 index 00000000..46f994c3 --- /dev/null +++ b/openstack/usr/share/openstack/keystone/keystone-paste.ini @@ -0,0 +1,121 @@ +# Keystone PasteDeploy configuration file. + +[filter:debug] +paste.filter_factory = keystone.common.wsgi:Debug.factory + +[filter:build_auth_context] +paste.filter_factory = keystone.middleware:AuthContextMiddleware.factory + +[filter:token_auth] +paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory + +[filter:admin_token_auth] +paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory + +[filter:xml_body] +paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory + +[filter:xml_body_v2] +paste.filter_factory = keystone.middleware:XmlBodyMiddlewareV2.factory + +[filter:xml_body_v3] +paste.filter_factory = keystone.middleware:XmlBodyMiddlewareV3.factory + +[filter:json_body] +paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory + +[filter:user_crud_extension] +paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory + +[filter:crud_extension] +paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory + +[filter:ec2_extension] +paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory + +[filter:ec2_extension_v3] +paste.filter_factory = keystone.contrib.ec2:Ec2ExtensionV3.factory + +[filter:federation_extension] +paste.filter_factory = keystone.contrib.federation.routers:FederationExtension.factory + +[filter:oauth1_extension] +paste.filter_factory = keystone.contrib.oauth1.routers:OAuth1Extension.factory + +[filter:s3_extension] +paste.filter_factory = keystone.contrib.s3:S3Extension.factory + +[filter:endpoint_filter_extension] +paste.filter_factory = keystone.contrib.endpoint_filter.routers:EndpointFilterExtension.factory + +[filter:endpoint_policy_extension] +paste.filter_factory = keystone.contrib.endpoint_policy.routers:EndpointPolicyExtension.factory + +[filter:simple_cert_extension] +paste.filter_factory = keystone.contrib.simple_cert:SimpleCertExtension.factory + +[filter:revoke_extension] +paste.filter_factory = keystone.contrib.revoke.routers:RevokeExtension.factory + +[filter:url_normalize] +paste.filter_factory = keystone.middleware:NormalizingFilter.factory + +[filter:sizelimit] +paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory + +[filter:stats_monitoring] +paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory + +[filter:stats_reporting] +paste.filter_factory = keystone.contrib.stats:StatsExtension.factory + +[filter:access_log] +paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory + +[app:public_service] +paste.app_factory = keystone.service:public_app_factory + +[app:service_v3] +paste.app_factory = keystone.service:v3_app_factory + +[app:admin_service] +paste.app_factory = keystone.service:admin_app_factory + +[pipeline:public_api] +# The last item in this pipeline must be public_service or an equivalent +# application. It cannot be a filter. +pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension user_crud_extension public_service + +[pipeline:admin_api] +# The last item in this pipeline must be admin_service or an equivalent +# application. It cannot be a filter. +pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v2 json_body ec2_extension s3_extension crud_extension admin_service + +[pipeline:api_v3] +# The last item in this pipeline must be service_v3 or an equivalent +# application. It cannot be a filter. +pipeline = sizelimit url_normalize build_auth_context token_auth admin_token_auth xml_body_v3 json_body ec2_extension_v3 s3_extension simple_cert_extension revoke_extension service_v3 + +[app:public_version_service] +paste.app_factory = keystone.service:public_version_app_factory + +[app:admin_version_service] +paste.app_factory = keystone.service:admin_version_app_factory + +[pipeline:public_version_api] +pipeline = sizelimit url_normalize xml_body public_version_service + +[pipeline:admin_version_api] +pipeline = sizelimit url_normalize xml_body admin_version_service + +[composite:main] +use = egg:Paste#urlmap +/v2.0 = public_api +/v3 = api_v3 +/ = public_version_api + +[composite:admin] +use = egg:Paste#urlmap +/v2.0 = admin_api +/v3 = api_v3 +/ = admin_version_api diff --git a/openstack/usr/share/openstack/keystone/keystone.conf b/openstack/usr/share/openstack/keystone/keystone.conf new file mode 100644 index 00000000..c058a030 --- /dev/null +++ b/openstack/usr/share/openstack/keystone/keystone.conf @@ -0,0 +1,1587 @@ +[DEFAULT] + +# +# Options defined in keystone +# + +# A "shared secret" that can be used to bootstrap Keystone. +# This "token" does not represent a user, and carries no +# explicit authorization. To disable in production (highly +# recommended), remove AdminTokenAuthMiddleware from your +# paste application pipelines (for example, in keystone- +# paste.ini). (string value) +#admin_token=ADMIN + +# The IP address of the network interface for the public +# service to listen on. (string value) +# Deprecated group/name - [DEFAULT]/bind_host +#public_bind_host=0.0.0.0 + +# The IP address of the network interface for the admin +# service to listen on. (string value) +# Deprecated group/name - [DEFAULT]/bind_host +#admin_bind_host=0.0.0.0 + +# (Deprecated) The port which the OpenStack Compute service +# listens on. This option was only used for string replacement +# in the templated catalog backend. Templated catalogs should +# replace the "$(compute_port)s" substitution with the static +# port of the compute service. As of Juno, this option is +# deprecated and will be removed in the L release. (integer +# value) +#compute_port=8774 + +# The port number which the admin service listens on. (integer +# value) +#admin_port=35357 + +# The port number which the public service listens on. +# (integer value) +#public_port=5000 + +# The base public endpoint URL for Keystone that is advertised +# to clients (NOTE: this does NOT affect how Keystone listens +# for connections). Defaults to the base host URL of the +# request. E.g. a request to http://server:5000/v2.0/users +# will default to http://server:5000. You should only need to +# set this value if the base URL contains a path (e.g. +# /prefix/v2.0) or the endpoint should be found on a different +# server. (string value) +#public_endpoint= + +# The base admin endpoint URL for Keystone that is advertised +# to clients (NOTE: this does NOT affect how Keystone listens +# for connections). Defaults to the base host URL of the +# request. E.g. a request to http://server:35357/v2.0/users +# will default to http://server:35357. You should only need to +# set this value if the base URL contains a path (e.g. +# /prefix/v2.0) or the endpoint should be found on a different +# server. (string value) +#admin_endpoint= + +# The number of worker processes to serve the public WSGI +# application. Defaults to number of CPUs (minimum of 2). +# (integer value) +#public_workers= + +# The number of worker processes to serve the admin WSGI +# application. Defaults to number of CPUs (minimum of 2). +# (integer value) +#admin_workers= + +# Enforced by optional sizelimit middleware +# (keystone.middleware:RequestBodySizeLimiter). (integer +# value) +#max_request_body_size=114688 + +# Limit the sizes of user & project ID/names. (integer value) +#max_param_size=64 + +# Similar to max_param_size, but provides an exception for +# token values. (integer value) +#max_token_size=8192 + +# During a SQL upgrade member_role_id will be used to create a +# new role that will replace records in the assignment table +# with explicit role grants. After migration, the +# member_role_id will be used in the API add_user_to_project. +# (string value) +#member_role_id=9fe2ff9ee4384b1894a90878d3e92bab + +# During a SQL upgrade member_role_name will be used to create +# a new role that will replace records in the assignment table +# with explicit role grants. After migration, member_role_name +# will be ignored. (string value) +#member_role_name=_member_ + +# The value passed as the keyword "rounds" to passlib's +# encrypt method. (integer value) +#crypt_strength=40000 + +# Set this to true if you want to enable TCP_KEEPALIVE on +# server sockets, i.e. sockets used by the Keystone wsgi +# server for client connections. (boolean value) +#tcp_keepalive=false + +# Sets the value of TCP_KEEPIDLE in seconds for each server +# socket. Only applies if tcp_keepalive is true. Not supported +# on OS X. (integer value) +#tcp_keepidle=600 + +# The maximum number of entities that will be returned in a +# collection, with no limit set by default. This global limit +# may be then overridden for a specific driver, by specifying +# a list_limit in the appropriate section (e.g. [assignment]). +# (integer value) +#list_limit= + +# Set this to false if you want to enable the ability for +# user, group and project entities to be moved between domains +# by updating their domain_id. Allowing such movement is not +# recommended if the scope of a domain admin is being +# restricted by use of an appropriate policy file (see +# policy.v3cloudsample as an example). (boolean value) +#domain_id_immutable=true + +# If set to true, strict password length checking is performed +# for password manipulation. If a password exceeds the maximum +# length, the operation will fail with an HTTP 403 Forbidden +# error. If set to false, passwords are automatically +# truncated to the maximum length. (boolean value) +#strict_password_check=false + + +# +# Options defined in oslo.messaging +# + +# Use durable queues in amqp. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in amqp. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# Qpid broker hostname. (string value) +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +#qpid_username= + +# Password for Qpid connection. (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth. +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats. (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer +# value) +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + +# SSL version to use (valid only if SSL enabled). valid values +# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some +# distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled). (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled). (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL +# enabled). (string value) +#kombu_ssl_ca_certs= + +# How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. (floating point value) +#kombu_reconnect_delay=1.0 + +# The RabbitMQ broker address where a single node is used. +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used. +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid. (string value) +#rabbit_userid=guest + +# The RabbitMQ password. (string value) +#rabbit_password=guest + +# the RabbitMQ login method (string value) +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ. (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + +# If passed, use a fake RabbitMQ provider. (boolean value) +#fake_rabbit=false + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve +# to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per +# topic. Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP +# address. Must match "host" option, if running Nova. (string +# value) +#rpc_zmq_host=keystone + +# Seconds to wait before a cast expires (TTL). Only supported +# by impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of RPC greenthread pool. (integer value) +#rpc_thread_pool_size=64 + +# Driver or drivers to handle sending notifications. (multi +# valued) +#notification_driver= + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend +# option and driver specific configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other +# drivers include qpid and zmq. (string value) +#rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the +# transport_url option. (string value) +#control_exchange=keystone + + +# +# Options defined in keystone.notifications +# + +# Default publisher_id for outgoing notifications (string +# value) +#default_publisher_id= + + +# +# Options defined in keystone.openstack.common.eventlet_backdoor +# + +# Enable eventlet backdoor. Acceptable values are 0, , +# and :, where 0 results in listening on a random +# tcp port number; results in listening on the +# specified port number (and not enabling backdoor if that +# port is in use); and : results in listening on +# the smallest unused port number within the specified range +# of port numbers. The chosen port is displayed in the +# service's log file. (string value) +#backdoor_port= + + +# +# Options defined in keystone.openstack.common.log +# + +# Print debugging output (set logging level to DEBUG instead +# of default WARNING level). (boolean value) +#debug=false + +# Print more verbose output (set logging level to INFO instead +# of default WARNING level). (boolean value) +#verbose=false + +# Log output to standard error. (boolean value) +#use_stderr=true + +# Format string to use for log messages with context. (string +# value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. +# (string value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string +# value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. +# (string value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN + +# Enables or disables publication of error events. (boolean +# value) +#publish_errors=false + +# Enables or disables fatal status of deprecations. (boolean +# value) +#fatal_deprecations=false + +# The format for an instance that is passed with the log +# message. (string value) +#instance_format="[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log +# message. (string value) +#instance_uuid_format="[instance: %(uuid)s] " + +# The name of a logging configuration file. This file is +# appended to any existing logging configuration files. For +# details about logging configuration files, see the Python +# logging module documentation. (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string +# which may use any of the available logging.LogRecord +# attributes. This option is deprecated. Please use +# logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: +# %(default)s . (string value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is +# set, logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file= + +# (Optional) The base directory used for relative --log-file +# paths. (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir= + +# Use syslog for logging. Existing syslog format is DEPRECATED +# during I, and will change in J to honor RFC5424. (boolean +# value) +#use_syslog=false + +# (Optional) Enables or disables syslog rfc5424 format for +# logging. If enabled, prefixes the MSG part of the syslog +# message with APP-NAME (RFC5424). The format without the APP- +# NAME is deprecated in I, and will be removed in J. (boolean +# value) +#use_syslog_rfc_format=false + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility=LOG_USER + + +# +# Options defined in keystone.openstack.common.policy +# + +# The JSON file that defines policies. (string value) +#policy_file=policy.json + +# Default rule. Enforced when a requested rule is not found. +# (string value) +#policy_default_rule=default + + +[assignment] + +# +# Options defined in keystone +# + +# Assignment backend driver. (string value) +#driver= + +# Toggle for assignment caching. This has no effect unless +# global caching is enabled. (boolean value) +#caching=true + +# TTL (in seconds) to cache assignment data. This has no +# effect unless global caching is enabled. (integer value) +#cache_time= + +# Maximum number of entities that will be returned in an +# assignment collection. (integer value) +#list_limit= + + +[auth] + +# +# Options defined in keystone +# + +# Default auth methods. (list value) +#methods=external,password,token + +# The password auth plugin module. (string value) +#password=keystone.auth.plugins.password.Password + +# The token auth plugin module. (string value) +#token=keystone.auth.plugins.token.Token + +# The external (REMOTE_USER) auth plugin module. (string +# value) +#external=keystone.auth.plugins.external.DefaultDomain + + +[cache] + +# +# Options defined in keystone +# + +# Prefix for building the configuration dictionary for the +# cache region. This should not need to be changed unless +# there is another dogpile.cache region with the same +# configuration name. (string value) +#config_prefix=cache.keystone + +# Default TTL, in seconds, for any cached item in the +# dogpile.cache region. This applies to any cached method that +# doesn't have an explicit cache expiration time defined for +# it. (integer value) +#expiration_time=600 + +# Dogpile.cache backend module. It is recommended that +# Memcache with pooling (keystone.cache.memcache_pool) or +# Redis (dogpile.cache.redis) be used in production +# deployments. Small workloads (single process) like devstack +# can use the dogpile.cache.memory backend. (string value) +#backend=keystone.common.cache.noop + +# Arguments supplied to the backend module. Specify this +# option once per argument to be passed to the dogpile.cache +# backend. Example format: ":". (multi valued) +#backend_argument= + +# Proxy classes to import that will affect the way the +# dogpile.cache backend functions. See the dogpile.cache +# documentation on changing-backend-behavior. (list value) +#proxies= + +# Global toggle for all caching using the should_cache_fn +# mechanism. (boolean value) +#enabled=false + +# Extra debugging from the cache backend (cache keys, +# get/set/delete/etc calls). This is only really useful if you +# need to see the specific cache-backend get/set/delete calls +# with the keys/values. Typically this should be left set to +# false. (boolean value) +#debug_cache_backend=false + +# Memcache servers in the format of "host:port". +# (dogpile.cache.memcache and keystone.cache.memcache_pool +# backends only) (list value) +#memcache_servers=localhost:11211 + +# Number of seconds memcached server is considered dead before +# it is tried again. (dogpile.cache.memcache and +# keystone.cache.memcache_pool backends only) (integer value) +#memcache_dead_retry=300 + +# Timeout in seconds for every call to a server. +# (dogpile.cache.memcache and keystone.cache.memcache_pool +# backends only) (integer value) +#memcache_socket_timeout=3 + +# Max total number of open connections to every memcached +# server. (keystone.cache.memcache_pool backend only) (integer +# value) +#memcache_pool_maxsize=10 + +# Number of seconds a connection to memcached is held unused +# in the pool before it is closed. +# (keystone.cache.memcache_pool backend only) (integer value) +#memcache_pool_unused_timeout=60 + +# Number of seconds that an operation will wait to get a +# memcache client connection. (integer value) +#memcache_pool_connection_get_timeout=10 + + +[catalog] + +# +# Options defined in keystone +# + +# Catalog template file name for use with the template catalog +# backend. (string value) +#template_file=default_catalog.templates + +# Catalog backend driver. (string value) +#driver=keystone.catalog.backends.sql.Catalog + +# Toggle for catalog caching. This has no effect unless global +# caching is enabled. (boolean value) +#caching=true + +# Time to cache catalog data (in seconds). This has no effect +# unless global and catalog caching are enabled. (integer +# value) +#cache_time= + +# Maximum number of entities that will be returned in a +# catalog collection. (integer value) +#list_limit= + +# (Deprecated) List of possible substitutions for use in +# formatting endpoints. Use caution when modifying this list. +# It will give users with permission to create endpoints the +# ability to see those values in your configuration file. This +# option will be removed in Juno. (list value) +#endpoint_substitution_whitelist=tenant_id,user_id,public_bind_host,admin_bind_host,compute_host,compute_port,admin_port,public_port,public_endpoint,admin_endpoint + + +[credential] + +# +# Options defined in keystone +# + +# Credential backend driver. (string value) +#driver=keystone.credential.backends.sql.Credential + + +[database] + +# +# Options defined in oslo.db +# + +# The file name to use with SQLite. (string value) +#sqlite_db=oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +#sqlite_synchronous=true + +# The back end to use for the database. (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend=sqlalchemy + +# The SQLAlchemy connection string to use to connect to the +# database. (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection= + +# The SQLAlchemy connection string to use to connect to the +# slave database. (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, +# including the default, overrides any server-set SQL mode. To +# use whatever SQL mode is set by the server configuration, +# set this to no value. Example: mysql_sql_mode= (string +# value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum db connection retries during startup. Set to -1 to +# specify an infinite retry count. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a SQL connection. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, +# 100=Everything. (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. +# (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + +# Enable the experimental use of database reconnect on +# connection lost. (boolean value) +#use_db_reconnect=false + +# Seconds between database connection retries. (integer value) +#db_retry_interval=1 + +# If True, increases the interval between database connection +# retries up to db_max_retry_interval. (boolean value) +#db_inc_retry_interval=true + +# If db_inc_retry_interval is set, the maximum seconds between +# database connection retries. (integer value) +#db_max_retry_interval=10 + +# Maximum database connection retries before error is raised. +# Set to -1 to specify an infinite retry count. (integer +# value) +#db_max_retries=20 + + +[ec2] + +# +# Options defined in keystone +# + +# EC2Credential backend driver. (string value) +#driver=keystone.contrib.ec2.backends.kvs.Ec2 + + +[endpoint_filter] + +# +# Options defined in keystone +# + +# Endpoint Filter backend driver (string value) +#driver=keystone.contrib.endpoint_filter.backends.sql.EndpointFilter + +# Toggle to return all active endpoints if no filter exists. +# (boolean value) +#return_all_endpoints_if_no_filter=true + + +[endpoint_policy] + +# +# Options defined in keystone +# + +# Endpoint policy backend driver (string value) +#driver=keystone.contrib.endpoint_policy.backends.sql.EndpointPolicy + + +[federation] + +# +# Options defined in keystone +# + +# Federation backend driver. (string value) +#driver=keystone.contrib.federation.backends.sql.Federation + +# Value to be used when filtering assertion parameters from +# the environment. (string value) +#assertion_prefix= + + +[identity] + +# +# Options defined in keystone +# + +# This references the domain to use for all Identity API v2 +# requests (which are not aware of domains). A domain with +# this ID will be created for you by keystone-manage db_sync +# in migration 008. The domain referenced by this ID cannot be +# deleted on the v3 API, to prevent accidentally breaking the +# v2 API. There is nothing special about this domain, other +# than the fact that it must exist to order to maintain +# support for your v2 clients. (string value) +#default_domain_id=default + +# A subset (or all) of domains can have their own identity +# driver, each with their own partial configuration file in a +# domain configuration directory. Only values specific to the +# domain need to be placed in the domain specific +# configuration file. This feature is disabled by default; set +# to true to enable. (boolean value) +#domain_specific_drivers_enabled=false + +# Path for Keystone to locate the domain specific identity +# configuration files if domain_specific_drivers_enabled is +# set to true. (string value) +#domain_config_dir=/etc/keystone/domains + +# Identity backend driver. (string value) +#driver=keystone.identity.backends.sql.Identity + +# Maximum supported length for user passwords; decrease to +# improve performance. (integer value) +#max_password_length=4096 + +# Maximum number of entities that will be returned in an +# identity collection. (integer value) +#list_limit= + + +[identity_mapping] + +# +# Options defined in keystone +# + +# Keystone Identity Mapping backend driver. (string value) +#driver=keystone.identity.mapping_backends.sql.Mapping + +# Public ID generator for user and group entities. The +# Keystone identity mapper only supports generators that +# produce no more than 64 characters. (string value) +#generator=keystone.identity.id_generators.sha256.Generator + +# The format of user and group IDs changed in Juno for +# backends that do not generate UUIDs (e.g. LDAP), with +# keystone providing a hash mapping to the underlying +# attribute in LDAP. By default this mapping is disabled, +# which ensures that existing IDs will not change. Even when +# the mapping is enabled by using domain specific drivers, any +# users and groups from the default domain being handled by +# LDAP will still not be mapped to ensure their IDs remain +# backward compatible. Setting this value to False will enable +# the mapping for even the default LDAP driver. It is only +# safe to do this if you do not already have assignments for +# users and groups from the default LDAP domain, and it is +# acceptable for Keystone to provide the different IDs to +# clients than it did previously. Typically this means that +# the only time you can set this value to False is when +# configuring a fresh installation. (boolean value) +#backward_compatible_ids=true + + +[kvs] + +# +# Options defined in keystone +# + +# Extra dogpile.cache backend modules to register with the +# dogpile.cache library. (list value) +#backends= + +# Prefix for building the configuration dictionary for the KVS +# region. This should not need to be changed unless there is +# another dogpile.cache region with the same configuration +# name. (string value) +#config_prefix=keystone.kvs + +# Toggle to disable using a key-mangling function to ensure +# fixed length keys. This is toggle-able for debugging +# purposes, it is highly recommended to always leave this set +# to true. (boolean value) +#enable_key_mangler=true + +# Default lock timeout for distributed locking. (integer +# value) +#default_lock_timeout=5 + + +[ldap] + +# +# Options defined in keystone +# + +# URL for connecting to the LDAP server. (string value) +#url=ldap://localhost + +# User BindDN to query the LDAP server. (string value) +#user= + +# Password for the BindDN to query the LDAP server. (string +# value) +#password= + +# LDAP server suffix (string value) +#suffix=cn=example,cn=com + +# If true, will add a dummy member to groups. This is required +# if the objectclass for groups requires the "member" +# attribute. (boolean value) +#use_dumb_member=false + +# DN of the "dummy member" to use when "use_dumb_member" is +# enabled. (string value) +#dumb_member=cn=dumb,dc=nonexistent + +# Delete subtrees using the subtree delete control. Only +# enable this option if your LDAP server supports subtree +# deletion. (boolean value) +#allow_subtree_delete=false + +# The LDAP scope for queries, this can be either "one" +# (onelevel/singleLevel) or "sub" (subtree/wholeSubtree). +# (string value) +#query_scope=one + +# Maximum results per page; a value of zero ("0") disables +# paging. (integer value) +#page_size=0 + +# The LDAP dereferencing option for queries. This can be +# either "never", "searching", "always", "finding" or +# "default". The "default" option falls back to using default +# dereferencing configured by your ldap.conf. (string value) +#alias_dereferencing=default + +# Sets the LDAP debugging level for LDAP calls. A value of 0 +# means that debugging is not enabled. This value is a +# bitmask, consult your LDAP documentation for possible +# values. (integer value) +#debug_level= + +# Override the system's default referral chasing behavior for +# queries. (boolean value) +#chase_referrals= + +# Search base for users. (string value) +#user_tree_dn= + +# LDAP search filter for users. (string value) +#user_filter= + +# LDAP objectclass for users. (string value) +#user_objectclass=inetOrgPerson + +# LDAP attribute mapped to user id. WARNING: must not be a +# multivalued attribute. (string value) +#user_id_attribute=cn + +# LDAP attribute mapped to user name. (string value) +#user_name_attribute=sn + +# LDAP attribute mapped to user email. (string value) +#user_mail_attribute=mail + +# LDAP attribute mapped to password. (string value) +#user_pass_attribute=userPassword + +# LDAP attribute mapped to user enabled flag. (string value) +#user_enabled_attribute=enabled + +# Invert the meaning of the boolean enabled values. Some LDAP +# servers use a boolean lock attribute where "true" means an +# account is disabled. Setting "user_enabled_invert = true" +# will allow these lock attributes to be used. This setting +# will have no effect if "user_enabled_mask" or +# "user_enabled_emulation" settings are in use. (boolean +# value) +#user_enabled_invert=false + +# Bitmask integer to indicate the bit that the enabled value +# is stored in if the LDAP server represents "enabled" as a +# bit on an integer rather than a boolean. A value of "0" +# indicates the mask is not used. If this is not set to "0" +# the typical value is "2". This is typically used when +# "user_enabled_attribute = userAccountControl". (integer +# value) +#user_enabled_mask=0 + +# Default value to enable users. This should match an +# appropriate int value if the LDAP server uses non-boolean +# (bitmask) values to indicate if a user is enabled or +# disabled. If this is not set to "True" the typical value is +# "512". This is typically used when "user_enabled_attribute = +# userAccountControl". (string value) +#user_enabled_default=True + +# List of attributes stripped off the user on update. (list +# value) +#user_attribute_ignore=default_project_id,tenants + +# LDAP attribute mapped to default_project_id for users. +# (string value) +#user_default_project_id_attribute= + +# Allow user creation in LDAP backend. (boolean value) +#user_allow_create=true + +# Allow user updates in LDAP backend. (boolean value) +#user_allow_update=true + +# Allow user deletion in LDAP backend. (boolean value) +#user_allow_delete=true + +# If true, Keystone uses an alternative method to determine if +# a user is enabled or not by checking if they are a member of +# the "user_enabled_emulation_dn" group. (boolean value) +#user_enabled_emulation=false + +# DN of the group entry to hold enabled users when using +# enabled emulation. (string value) +#user_enabled_emulation_dn= + +# List of additional LDAP attributes used for mapping +# additional attribute mappings for users. Attribute mapping +# format is :, where ldap_attr is the +# attribute in the LDAP entry and user_attr is the Identity +# API attribute. (list value) +#user_additional_attribute_mapping= + +# Search base for projects (string value) +# Deprecated group/name - [ldap]/tenant_tree_dn +#project_tree_dn= + +# LDAP search filter for projects. (string value) +# Deprecated group/name - [ldap]/tenant_filter +#project_filter= + +# LDAP objectclass for projects. (string value) +# Deprecated group/name - [ldap]/tenant_objectclass +#project_objectclass=groupOfNames + +# LDAP attribute mapped to project id. (string value) +# Deprecated group/name - [ldap]/tenant_id_attribute +#project_id_attribute=cn + +# LDAP attribute mapped to project membership for user. +# (string value) +# Deprecated group/name - [ldap]/tenant_member_attribute +#project_member_attribute=member + +# LDAP attribute mapped to project name. (string value) +# Deprecated group/name - [ldap]/tenant_name_attribute +#project_name_attribute=ou + +# LDAP attribute mapped to project description. (string value) +# Deprecated group/name - [ldap]/tenant_desc_attribute +#project_desc_attribute=description + +# LDAP attribute mapped to project enabled. (string value) +# Deprecated group/name - [ldap]/tenant_enabled_attribute +#project_enabled_attribute=enabled + +# LDAP attribute mapped to project domain_id. (string value) +# Deprecated group/name - [ldap]/tenant_domain_id_attribute +#project_domain_id_attribute=businessCategory + +# List of attributes stripped off the project on update. (list +# value) +# Deprecated group/name - [ldap]/tenant_attribute_ignore +#project_attribute_ignore= + +# Allow project creation in LDAP backend. (boolean value) +# Deprecated group/name - [ldap]/tenant_allow_create +#project_allow_create=true + +# Allow project update in LDAP backend. (boolean value) +# Deprecated group/name - [ldap]/tenant_allow_update +#project_allow_update=true + +# Allow project deletion in LDAP backend. (boolean value) +# Deprecated group/name - [ldap]/tenant_allow_delete +#project_allow_delete=true + +# If true, Keystone uses an alternative method to determine if +# a project is enabled or not by checking if they are a member +# of the "project_enabled_emulation_dn" group. (boolean value) +# Deprecated group/name - [ldap]/tenant_enabled_emulation +#project_enabled_emulation=false + +# DN of the group entry to hold enabled projects when using +# enabled emulation. (string value) +# Deprecated group/name - [ldap]/tenant_enabled_emulation_dn +#project_enabled_emulation_dn= + +# Additional attribute mappings for projects. Attribute +# mapping format is :, where ldap_attr +# is the attribute in the LDAP entry and user_attr is the +# Identity API attribute. (list value) +# Deprecated group/name - [ldap]/tenant_additional_attribute_mapping +#project_additional_attribute_mapping= + +# Search base for roles. (string value) +#role_tree_dn= + +# LDAP search filter for roles. (string value) +#role_filter= + +# LDAP objectclass for roles. (string value) +#role_objectclass=organizationalRole + +# LDAP attribute mapped to role id. (string value) +#role_id_attribute=cn + +# LDAP attribute mapped to role name. (string value) +#role_name_attribute=ou + +# LDAP attribute mapped to role membership. (string value) +#role_member_attribute=roleOccupant + +# List of attributes stripped off the role on update. (list +# value) +#role_attribute_ignore= + +# Allow role creation in LDAP backend. (boolean value) +#role_allow_create=true + +# Allow role update in LDAP backend. (boolean value) +#role_allow_update=true + +# Allow role deletion in LDAP backend. (boolean value) +#role_allow_delete=true + +# Additional attribute mappings for roles. Attribute mapping +# format is :, where ldap_attr is the +# attribute in the LDAP entry and user_attr is the Identity +# API attribute. (list value) +#role_additional_attribute_mapping= + +# Search base for groups. (string value) +#group_tree_dn= + +# LDAP search filter for groups. (string value) +#group_filter= + +# LDAP objectclass for groups. (string value) +#group_objectclass=groupOfNames + +# LDAP attribute mapped to group id. (string value) +#group_id_attribute=cn + +# LDAP attribute mapped to group name. (string value) +#group_name_attribute=ou + +# LDAP attribute mapped to show group membership. (string +# value) +#group_member_attribute=member + +# LDAP attribute mapped to group description. (string value) +#group_desc_attribute=description + +# List of attributes stripped off the group on update. (list +# value) +#group_attribute_ignore= + +# Allow group creation in LDAP backend. (boolean value) +#group_allow_create=true + +# Allow group update in LDAP backend. (boolean value) +#group_allow_update=true + +# Allow group deletion in LDAP backend. (boolean value) +#group_allow_delete=true + +# Additional attribute mappings for groups. Attribute mapping +# format is :, where ldap_attr is the +# attribute in the LDAP entry and user_attr is the Identity +# API attribute. (list value) +#group_additional_attribute_mapping= + +# CA certificate file path for communicating with LDAP +# servers. (string value) +#tls_cacertfile= + +# CA certificate directory path for communicating with LDAP +# servers. (string value) +#tls_cacertdir= + +# Enable TLS for communicating with LDAP servers. (boolean +# value) +#use_tls=false + +# Valid options for tls_req_cert are demand, never, and allow. +# (string value) +#tls_req_cert=demand + +# Enable LDAP connection pooling. (boolean value) +#use_pool=false + +# Connection pool size. (integer value) +#pool_size=10 + +# Maximum count of reconnect trials. (integer value) +#pool_retry_max=3 + +# Time span in seconds to wait between two reconnect trials. +# (floating point value) +#pool_retry_delay=0.1 + +# Connector timeout in seconds. Value -1 indicates indefinite +# wait for response. (integer value) +#pool_connection_timeout=-1 + +# Connection lifetime in seconds. (integer value) +#pool_connection_lifetime=600 + +# Enable LDAP connection pooling for end user authentication. +# If use_pool is disabled, then this setting is meaningless +# and is not used at all. (boolean value) +#use_auth_pool=false + +# End user auth connection pool size. (integer value) +#auth_pool_size=100 + +# End user auth connection lifetime in seconds. (integer +# value) +#auth_pool_connection_lifetime=60 + + +[matchmaker_redis] + +# +# Options defined in oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# Options defined in oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[memcache] + +# +# Options defined in keystone +# + +# Memcache servers in the format of "host:port". (list value) +#servers=localhost:11211 + +# Number of seconds memcached server is considered dead before +# it is tried again. This is used by the key value store +# system (e.g. token pooled memcached persistence backend). +# (integer value) +#dead_retry=300 + +# Timeout in seconds for every call to a server. This is used +# by the key value store system (e.g. token pooled memcached +# persistence backend). (integer value) +#socket_timeout=3 + +# Max total number of open connections to every memcached +# server. This is used by the key value store system (e.g. +# token pooled memcached persistence backend). (integer value) +#pool_maxsize=10 + +# Number of seconds a connection to memcached is held unused +# in the pool before it is closed. This is used by the key +# value store system (e.g. token pooled memcached persistence +# backend). (integer value) +#pool_unused_timeout=60 + +# Number of seconds that an operation will wait to get a +# memcache client connection. This is used by the key value +# store system (e.g. token pooled memcached persistence +# backend). (integer value) +#pool_connection_get_timeout=10 + + +[oauth1] + +# +# Options defined in keystone +# + +# Credential backend driver. (string value) +#driver=keystone.contrib.oauth1.backends.sql.OAuth1 + +# Duration (in seconds) for the OAuth Request Token. (integer +# value) +#request_token_duration=28800 + +# Duration (in seconds) for the OAuth Access Token. (integer +# value) +#access_token_duration=86400 + + +[os_inherit] + +# +# Options defined in keystone +# + +# role-assignment inheritance to projects from owning domain +# can be optionally enabled. (boolean value) +#enabled=false + + +[paste_deploy] + +# +# Options defined in keystone +# + +# Name of the paste configuration file that defines the +# available pipelines. (string value) +#config_file=keystone-paste.ini + + +[policy] + +# +# Options defined in keystone +# + +# Policy backend driver. (string value) +#driver=keystone.policy.backends.sql.Policy + +# Maximum number of entities that will be returned in a policy +# collection. (integer value) +#list_limit= + + +[revoke] + +# +# Options defined in keystone +# + +# An implementation of the backend for persisting revocation +# events. (string value) +#driver=keystone.contrib.revoke.backends.kvs.Revoke + +# This value (calculated in seconds) is added to token +# expiration before a revocation event may be removed from the +# backend. (integer value) +#expiration_buffer=1800 + +# Toggle for revocation event caching. This has no effect +# unless global caching is enabled. (boolean value) +#caching=true + + +[saml] + +# +# Options defined in keystone +# + +# Default TTL, in seconds, for any generated SAML assertion +# created by Keystone. (integer value) +#assertion_expiration_time=3600 + +# Binary to be called for XML signing. Install the appropriate +# package, specify absolute path or adjust your PATH +# environment variable if the binary cannot be found. (string +# value) +#xmlsec1_binary=xmlsec1 + +# Path of the certfile for SAML signing. For non-production +# environments, you may be interested in using `keystone- +# manage pki_setup` to generate self-signed certificates. +# Note, the path cannot contain a comma. (string value) +#certfile=/etc/keystone/ssl/certs/signing_cert.pem + +# Path of the keyfile for SAML signing. Note, the path cannot +# contain a comma. (string value) +#keyfile=/etc/keystone/ssl/private/signing_key.pem + +# Entity ID value for unique Identity Provider identification. +# Usually FQDN is set with a suffix. A value is required to +# generate IDP Metadata. For example: +# https://keystone.example.com/v3/OS-FEDERATION/saml2/idp +# (string value) +#idp_entity_id= + +# Identity Provider Single-Sign-On service value, required in +# the Identity Provider's metadata. A value is required to +# generate IDP Metadata. For example: +# https://keystone.example.com/v3/OS-FEDERATION/saml2/sso +# (string value) +#idp_sso_endpoint= + +# Language used by the organization. (string value) +#idp_lang=en + +# Organization name the installation belongs to. (string +# value) +#idp_organization_name= + +# Organization name to be displayed. (string value) +#idp_organization_display_name= + +# URL of the organization. (string value) +#idp_organization_url= + +# Company of contact person. (string value) +#idp_contact_company= + +# Given name of contact person (string value) +#idp_contact_name= + +# Surname of contact person. (string value) +#idp_contact_surname= + +# Email address of contact person. (string value) +#idp_contact_email= + +# Telephone number of contact person. (string value) +#idp_contact_telephone= + +# Contact type. Allowed values are: technical, support, +# administrative billing, and other (string value) +#idp_contact_type=other + +# Path to the Identity Provider Metadata file. This file +# should be generated with the keystone-manage +# saml_idp_metadata command. (string value) +#idp_metadata_path=/etc/keystone/saml2_idp_metadata.xml + + +[signing] + +# +# Options defined in keystone +# + +# Deprecated in favor of provider in the [token] section. +# (string value) +#token_format= + +# Path of the certfile for token signing. For non-production +# environments, you may be interested in using `keystone- +# manage pki_setup` to generate self-signed certificates. +# (string value) +#certfile=/etc/keystone/ssl/certs/signing_cert.pem + +# Path of the keyfile for token signing. (string value) +#keyfile=/etc/keystone/ssl/private/signing_key.pem + +# Path of the CA for token signing. (string value) +#ca_certs=/etc/keystone/ssl/certs/ca.pem + +# Path of the CA key for token signing. (string value) +#ca_key=/etc/keystone/ssl/private/cakey.pem + +# Key size (in bits) for token signing cert (auto generated +# certificate). (integer value) +#key_size=2048 + +# Days the token signing cert is valid for (auto generated +# certificate). (integer value) +#valid_days=3650 + +# Certificate subject (auto generated certificate) for token +# signing. (string value) +#cert_subject=/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com + + +[ssl] + +# +# Options defined in keystone +# + +# Toggle for SSL support on the Keystone eventlet servers. +# (boolean value) +#enable=false + +# Path of the certfile for SSL. For non-production +# environments, you may be interested in using `keystone- +# manage ssl_setup` to generate self-signed certificates. +# (string value) +#certfile=/etc/keystone/ssl/certs/keystone.pem + +# Path of the keyfile for SSL. (string value) +#keyfile=/etc/keystone/ssl/private/keystonekey.pem + +# Path of the ca cert file for SSL. (string value) +#ca_certs=/etc/keystone/ssl/certs/ca.pem + +# Path of the CA key file for SSL. (string value) +#ca_key=/etc/keystone/ssl/private/cakey.pem + +# Require client certificate. (boolean value) +#cert_required=false + +# SSL key length (in bits) (auto generated certificate). +# (integer value) +#key_size=1024 + +# Days the certificate is valid for once signed (auto +# generated certificate). (integer value) +#valid_days=3650 + +# SSL certificate subject (auto generated certificate). +# (string value) +#cert_subject=/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost + + +[stats] + +# +# Options defined in keystone +# + +# Stats backend driver. (string value) +#driver=keystone.contrib.stats.backends.kvs.Stats + + +[token] + +# +# Options defined in keystone +# + +# External auth mechanisms that should add bind information to +# token, e.g., kerberos,x509. (list value) +#bind= + +# Enforcement policy on tokens presented to Keystone with bind +# information. One of disabled, permissive, strict, required +# or a specifically required bind mode, e.g., kerberos or x509 +# to require binding to that authentication. (string value) +#enforce_token_bind=permissive + +# Amount of time a token should remain valid (in seconds). +# (integer value) +#expiration=3600 + +# Controls the token construction, validation, and revocation +# operations. Core providers are +# "keystone.token.providers.[pkiz|pki|uuid].Provider". The +# default provider is uuid. (string value) +#provider= + +# Token persistence backend driver. (string value) +#driver=keystone.token.persistence.backends.sql.Token + +# Toggle for token system caching. This has no effect unless +# global caching is enabled. (boolean value) +#caching=true + +# Time to cache the revocation list and the revocation events +# if revoke extension is enabled (in seconds). This has no +# effect unless global and token caching are enabled. (integer +# value) +#revocation_cache_time=3600 + +# Time to cache tokens (in seconds). This has no effect unless +# global and token caching are enabled. (integer value) +#cache_time= + +# Revoke token by token identifier. Setting revoke_by_id to +# true enables various forms of enumerating tokens, e.g. `list +# tokens for user`. These enumerations are processed to +# determine the list of tokens to revoke. Only disable if you +# are switching to using the Revoke extension with a backend +# other than KVS, which stores events in memory. (boolean +# value) +#revoke_by_id=true + +# The hash algorithm to use for PKI tokens. This can be set to +# any algorithm that hashlib supports. WARNING: Before +# changing this value, the auth_token middleware must be +# configured with the hash_algorithms, otherwise token +# revocation will not be processed correctly. (string value) +#hash_algorithm=md5 + + +[trust] + +# +# Options defined in keystone +# + +# Delegation and impersonation features can be optionally +# disabled. (boolean value) +#enabled=true + +# Trust backend driver. (string value) +#driver=keystone.trust.backends.sql.Trust + + diff --git a/openstack/usr/share/openstack/keystone/logging.conf b/openstack/usr/share/openstack/keystone/logging.conf new file mode 100644 index 00000000..6cb8c425 --- /dev/null +++ b/openstack/usr/share/openstack/keystone/logging.conf @@ -0,0 +1,65 @@ +[loggers] +keys=root,access + +[handlers] +keys=production,file,access_file,devel + +[formatters] +keys=minimal,normal,debug + + +########### +# Loggers # +########### + +[logger_root] +level=WARNING +handlers=file + +[logger_access] +level=INFO +qualname=access +handlers=access_file + + +################ +# Log Handlers # +################ + +[handler_production] +class=handlers.SysLogHandler +level=ERROR +formatter=normal +args=(('localhost', handlers.SYSLOG_UDP_PORT), handlers.SysLogHandler.LOG_USER) + +[handler_file] +class=handlers.WatchedFileHandler +level=WARNING +formatter=normal +args=('error.log',) + +[handler_access_file] +class=handlers.WatchedFileHandler +level=INFO +formatter=minimal +args=('access.log',) + +[handler_devel] +class=StreamHandler +level=NOTSET +formatter=debug +args=(sys.stdout,) + + +################## +# Log Formatters # +################## + +[formatter_minimal] +format=%(message)s + +[formatter_normal] +format=(%(name)s): %(asctime)s %(levelname)s %(message)s + +[formatter_debug] +format=(%(name)s): %(asctime)s %(levelname)s %(module)s %(funcName)s %(message)s diff --git a/openstack/usr/share/openstack/keystone/policy.json b/openstack/usr/share/openstack/keystone/policy.json new file mode 100644 index 00000000..af65205e --- /dev/null +++ b/openstack/usr/share/openstack/keystone/policy.json @@ -0,0 +1,171 @@ +{ + "admin_required": "role:admin or is_admin:1", + "service_role": "role:service", + "service_or_admin": "rule:admin_required or rule:service_role", + "owner" : "user_id:%(user_id)s", + "admin_or_owner": "rule:admin_required or rule:owner", + + "default": "rule:admin_required", + + "identity:get_region": "", + "identity:list_regions": "", + "identity:create_region": "rule:admin_required", + "identity:update_region": "rule:admin_required", + "identity:delete_region": "rule:admin_required", + + "identity:get_service": "rule:admin_required", + "identity:list_services": "rule:admin_required", + "identity:create_service": "rule:admin_required", + "identity:update_service": "rule:admin_required", + "identity:delete_service": "rule:admin_required", + + "identity:get_endpoint": "rule:admin_required", + "identity:list_endpoints": "rule:admin_required", + "identity:create_endpoint": "rule:admin_required", + "identity:update_endpoint": "rule:admin_required", + "identity:delete_endpoint": "rule:admin_required", + + "identity:get_domain": "rule:admin_required", + "identity:list_domains": "rule:admin_required", + "identity:create_domain": "rule:admin_required", + "identity:update_domain": "rule:admin_required", + "identity:delete_domain": "rule:admin_required", + + "identity:get_project": "rule:admin_required", + "identity:list_projects": "rule:admin_required", + "identity:list_user_projects": "rule:admin_or_owner", + "identity:create_project": "rule:admin_required", + "identity:update_project": "rule:admin_required", + "identity:delete_project": "rule:admin_required", + + "identity:get_user": "rule:admin_required", + "identity:list_users": "rule:admin_required", + "identity:create_user": "rule:admin_required", + "identity:update_user": "rule:admin_required", + "identity:delete_user": "rule:admin_required", + "identity:change_password": "rule:admin_or_owner", + + "identity:get_group": "rule:admin_required", + "identity:list_groups": "rule:admin_required", + "identity:list_groups_for_user": "rule:admin_or_owner", + "identity:create_group": "rule:admin_required", + "identity:update_group": "rule:admin_required", + "identity:delete_group": "rule:admin_required", + "identity:list_users_in_group": "rule:admin_required", + "identity:remove_user_from_group": "rule:admin_required", + "identity:check_user_in_group": "rule:admin_required", + "identity:add_user_to_group": "rule:admin_required", + + "identity:get_credential": "rule:admin_required", + "identity:list_credentials": "rule:admin_required", + "identity:create_credential": "rule:admin_required", + "identity:update_credential": "rule:admin_required", + "identity:delete_credential": "rule:admin_required", + + "identity:ec2_get_credential": "rule:admin_or_owner", + "identity:ec2_list_credentials": "rule:admin_or_owner", + "identity:ec2_create_credential": "rule:admin_or_owner", + "identity:ec2_delete_credential": "rule:admin_required or (rule:owner and user_id:%(target.credential.user_id)s)", + + "identity:get_role": "rule:admin_required", + "identity:list_roles": "rule:admin_required", + "identity:create_role": "rule:admin_required", + "identity:update_role": "rule:admin_required", + "identity:delete_role": "rule:admin_required", + + "identity:check_grant": "rule:admin_required", + "identity:list_grants": "rule:admin_required", + "identity:create_grant": "rule:admin_required", + "identity:revoke_grant": "rule:admin_required", + + "identity:list_role_assignments": "rule:admin_required", + + "identity:get_policy": "rule:admin_required", + "identity:list_policies": "rule:admin_required", + "identity:create_policy": "rule:admin_required", + "identity:update_policy": "rule:admin_required", + "identity:delete_policy": "rule:admin_required", + + "identity:check_token": "rule:admin_required", + "identity:validate_token": "rule:service_or_admin", + "identity:validate_token_head": "rule:service_or_admin", + "identity:revocation_list": "rule:service_or_admin", + "identity:revoke_token": "rule:admin_or_owner", + + "identity:create_trust": "user_id:%(trust.trustor_user_id)s", + "identity:get_trust": "rule:admin_or_owner", + "identity:list_trusts": "", + "identity:list_roles_for_trust": "", + "identity:check_role_for_trust": "", + "identity:get_role_for_trust": "", + "identity:delete_trust": "", + + "identity:create_consumer": "rule:admin_required", + "identity:get_consumer": "rule:admin_required", + "identity:list_consumers": "rule:admin_required", + "identity:delete_consumer": "rule:admin_required", + "identity:update_consumer": "rule:admin_required", + + "identity:authorize_request_token": "rule:admin_required", + "identity:list_access_token_roles": "rule:admin_required", + "identity:get_access_token_role": "rule:admin_required", + "identity:list_access_tokens": "rule:admin_required", + "identity:get_access_token": "rule:admin_required", + "identity:delete_access_token": "rule:admin_required", + + "identity:list_projects_for_endpoint": "rule:admin_required", + "identity:add_endpoint_to_project": "rule:admin_required", + "identity:check_endpoint_in_project": "rule:admin_required", + "identity:list_endpoints_for_project": "rule:admin_required", + "identity:remove_endpoint_from_project": "rule:admin_required", + + "identity:create_endpoint_group": "rule:admin_required", + "identity:list_endpoint_groups": "rule:admin_required", + "identity:get_endpoint_group": "rule:admin_required", + "identity:update_endpoint_group": "rule:admin_required", + "identity:delete_endpoint_group": "rule:admin_required", + "identity:list_projects_associated_with_endpoint_group": "rule:admin_required", + "identity:list_endpoints_associated_with_endpoint_group": "rule:admin_required", + "identity:list_endpoint_groups_for_project": "rule:admin_required", + "identity:add_endpoint_group_to_project": "rule:admin_required", + "identity:remove_endpoint_group_from_project": "rule:admin_required", + + "identity:create_identity_provider": "rule:admin_required", + "identity:list_identity_providers": "rule:admin_required", + "identity:get_identity_providers": "rule:admin_required", + "identity:update_identity_provider": "rule:admin_required", + "identity:delete_identity_provider": "rule:admin_required", + + "identity:create_protocol": "rule:admin_required", + "identity:update_protocol": "rule:admin_required", + "identity:get_protocol": "rule:admin_required", + "identity:list_protocols": "rule:admin_required", + "identity:delete_protocol": "rule:admin_required", + + "identity:create_mapping": "rule:admin_required", + "identity:get_mapping": "rule:admin_required", + "identity:list_mappings": "rule:admin_required", + "identity:delete_mapping": "rule:admin_required", + "identity:update_mapping": "rule:admin_required", + + "identity:get_auth_catalog": "", + "identity:get_auth_projects": "", + "identity:get_auth_domains": "", + + "identity:list_projects_for_groups": "", + "identity:list_domains_for_groups": "", + + "identity:list_revoke_events": "", + + "identity:create_policy_association_for_endpoint": "rule:admin_required", + "identity:check_policy_association_for_endpoint": "rule:admin_required", + "identity:delete_policy_association_for_endpoint": "rule:admin_required", + "identity:create_policy_association_for_service": "rule:admin_required", + "identity:check_policy_association_for_service": "rule:admin_required", + "identity:delete_policy_association_for_service": "rule:admin_required", + "identity:create_policy_association_for_region_and_service": "rule:admin_required", + "identity:check_policy_association_for_region_and_service": "rule:admin_required", + "identity:delete_policy_association_for_region_and_service": "rule:admin_required", + "identity:get_policy_for_endpoint": "rule:admin_required", + "identity:list_endpoints_for_policy": "rule:admin_required" +} diff --git a/openstack/usr/share/openstack/neutron/api-paste.ini b/openstack/usr/share/openstack/neutron/api-paste.ini new file mode 100644 index 00000000..bbcd4152 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/api-paste.ini @@ -0,0 +1,30 @@ +[composite:neutron] +use = egg:Paste#urlmap +/: neutronversions +/v2.0: neutronapi_v2_0 + +[composite:neutronapi_v2_0] +use = call:neutron.auth:pipeline_factory +noauth = request_id catch_errors extensions neutronapiapp_v2_0 +keystone = request_id catch_errors authtoken keystonecontext extensions neutronapiapp_v2_0 + +[filter:request_id] +paste.filter_factory = neutron.openstack.common.middleware.request_id:RequestIdMiddleware.factory + +[filter:catch_errors] +paste.filter_factory = neutron.openstack.common.middleware.catch_errors:CatchErrorsMiddleware.factory + +[filter:keystonecontext] +paste.filter_factory = neutron.auth:NeutronKeystoneContext.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory + +[filter:extensions] +paste.filter_factory = neutron.api.extensions:plugin_aware_extension_middleware_factory + +[app:neutronversions] +paste.app_factory = neutron.api.versions:Versions.factory + +[app:neutronapiapp_v2_0] +paste.app_factory = neutron.api.v2.router:APIRouter.factory diff --git a/openstack/usr/share/openstack/neutron/dhcp_agent.ini b/openstack/usr/share/openstack/neutron/dhcp_agent.ini new file mode 100644 index 00000000..9836d350 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/dhcp_agent.ini @@ -0,0 +1,88 @@ +[DEFAULT] +# Show debugging output in log (sets DEBUG log level output) +# debug = False + +# The DHCP agent will resync its state with Neutron to recover from any +# transient notification or rpc errors. The interval is number of +# seconds between attempts. +# resync_interval = 5 + +# The DHCP agent requires an interface driver be set. Choose the one that best +# matches your plugin. +# interface_driver = + +# Example of interface_driver option for OVS based plugins(OVS, Ryu, NEC, NVP, +# BigSwitch/Floodlight) +# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver + +# Name of Open vSwitch bridge to use +# ovs_integration_bridge = br-int + +# Use veth for an OVS interface or not. +# Support kernels with limited namespace support +# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True. +# ovs_use_veth = False + +# Example of interface_driver option for LinuxBridge +# interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver + +# The agent can use other DHCP drivers. Dnsmasq is the simplest and requires +# no additional setup of the DHCP server. +# dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq + +# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and +# iproute2 package that supports namespaces). +# use_namespaces = True + +# The DHCP server can assist with providing metadata support on isolated +# networks. Setting this value to True will cause the DHCP server to append +# specific host routes to the DHCP request. The metadata service will only +# be activated when the subnet does not contain any router port. The guest +# instance must be configured to request host routes via DHCP (Option 121). +# enable_isolated_metadata = False + +# Allows for serving metadata requests coming from a dedicated metadata +# access network whose cidr is 169.254.169.254/16 (or larger prefix), and +# is connected to a Neutron router from which the VMs send metadata +# request. In this case DHCP Option 121 will not be injected in VMs, as +# they will be able to reach 169.254.169.254 through a router. +# This option requires enable_isolated_metadata = True +# enable_metadata_network = False + +# Number of threads to use during sync process. Should not exceed connection +# pool size configured on server. +# num_sync_threads = 4 + +# Location to store DHCP server config files +# dhcp_confs = $state_path/dhcp + +# Domain to use for building the hostnames +# dhcp_domain = openstacklocal + +# Override the default dnsmasq settings with this file +# dnsmasq_config_file = + +# Comma-separated list of DNS servers which will be used by dnsmasq +# as forwarders. +# dnsmasq_dns_servers = + +# Limit number of leases to prevent a denial-of-service. +# dnsmasq_lease_max = 16777216 + +# Location to DHCP lease relay UNIX domain socket +# dhcp_lease_relay_socket = $state_path/dhcp/lease_relay + +# Location of Metadata Proxy UNIX domain socket +# metadata_proxy_socket = $state_path/metadata_proxy + +# dhcp_delete_namespaces, which is false by default, can be set to True if +# namespaces can be deleted cleanly on the host running the dhcp agent. +# Do not enable this until you understand the problem with the Linux iproute +# utility mentioned in https://bugs.launchpad.net/neutron/+bug/1052535 and +# you are sure that your version of iproute does not suffer from the problem. +# If True, namespaces will be deleted when a dhcp server is disabled. +# dhcp_delete_namespaces = False + +# Timeout for ovs-vsctl commands. +# If the timeout expires, ovs commands will fail with ALARMCLOCK error. +# ovs_vsctl_timeout = 10 diff --git a/openstack/usr/share/openstack/neutron/fwaas_driver.ini b/openstack/usr/share/openstack/neutron/fwaas_driver.ini new file mode 100644 index 00000000..41f761ab --- /dev/null +++ b/openstack/usr/share/openstack/neutron/fwaas_driver.ini @@ -0,0 +1,3 @@ +[fwaas] +#driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver +#enabled = True diff --git a/openstack/usr/share/openstack/neutron/l3_agent.ini b/openstack/usr/share/openstack/neutron/l3_agent.ini new file mode 100644 index 00000000..94c97147 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/l3_agent.ini @@ -0,0 +1,102 @@ +[DEFAULT] +# Show debugging output in log (sets DEBUG log level output) +# debug = False + +# L3 requires that an interface driver be set. Choose the one that best +# matches your plugin. +# interface_driver = + +# Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC) +# that supports L3 agent +# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver + +# Use veth for an OVS interface or not. +# Support kernels with limited namespace support +# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True. +# ovs_use_veth = False + +# Example of interface_driver option for LinuxBridge +# interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver + +# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and +# iproute2 package that supports namespaces). +# use_namespaces = True + +# If use_namespaces is set as False then the agent can only configure one router. + +# This is done by setting the specific router_id. +# router_id = + +# When external_network_bridge is set, each L3 agent can be associated +# with no more than one external network. This value should be set to the UUID +# of that external network. To allow L3 agent support multiple external +# networks, both the external_network_bridge and gateway_external_network_id +# must be left empty. +# gateway_external_network_id = + +# Indicates that this L3 agent should also handle routers that do not have +# an external network gateway configured. This option should be True only +# for a single agent in a Neutron deployment, and may be False for all agents +# if all routers must have an external network gateway +# handle_internal_only_routers = True + +# Name of bridge used for external network traffic. This should be set to +# empty value for the linux bridge. when this parameter is set, each L3 agent +# can be associated with no more than one external network. +# external_network_bridge = br-ex + +# TCP Port used by Neutron metadata server +# metadata_port = 9697 + +# Send this many gratuitous ARPs for HA setup. Set it below or equal to 0 +# to disable this feature. +# send_arp_for_ha = 3 + +# seconds between re-sync routers' data if needed +# periodic_interval = 40 + +# seconds to start to sync routers' data after +# starting agent +# periodic_fuzzy_delay = 5 + +# enable_metadata_proxy, which is true by default, can be set to False +# if the Nova metadata server is not available +# enable_metadata_proxy = True + +# Location of Metadata Proxy UNIX domain socket +# metadata_proxy_socket = $state_path/metadata_proxy + +# router_delete_namespaces, which is false by default, can be set to True if +# namespaces can be deleted cleanly on the host running the L3 agent. +# Do not enable this until you understand the problem with the Linux iproute +# utility mentioned in https://bugs.launchpad.net/neutron/+bug/1052535 and +# you are sure that your version of iproute does not suffer from the problem. +# If True, namespaces will be deleted when a router is destroyed. +# router_delete_namespaces = False + +# Timeout for ovs-vsctl commands. +# If the timeout expires, ovs commands will fail with ALARMCLOCK error. +# ovs_vsctl_timeout = 10 + +# The working mode for the agent. Allowed values are: +# - legacy: this preserves the existing behavior where the L3 agent is +# deployed on a centralized networking node to provide L3 services +# like DNAT, and SNAT. Use this mode if you do not want to adopt DVR. +# - dvr: this mode enables DVR functionality, and must be used for an L3 +# agent that runs on a compute host. +# - dvr_snat: this enables centralized SNAT support in conjunction with +# DVR. This mode must be used for an L3 agent running on a centralized +# node (or in single-host deployments, e.g. devstack). +# agent_mode = legacy + +# Location to store keepalived and all HA configurations +# ha_confs_path = $state_path/ha_confs + +# VRRP authentication type AH/PASS +# ha_vrrp_auth_type = PASS + +# VRRP authentication password +# ha_vrrp_auth_password = + +# The advertisement interval in seconds +# ha_vrrp_advert_int = 2 diff --git a/openstack/usr/share/openstack/neutron/lbaas_agent.ini b/openstack/usr/share/openstack/neutron/lbaas_agent.ini new file mode 100644 index 00000000..68a2759e --- /dev/null +++ b/openstack/usr/share/openstack/neutron/lbaas_agent.ini @@ -0,0 +1,42 @@ +[DEFAULT] +# Show debugging output in log (sets DEBUG log level output). +# debug = False + +# The LBaaS agent will resync its state with Neutron to recover from any +# transient notification or rpc errors. The interval is number of +# seconds between attempts. +# periodic_interval = 10 + +# LBaas requires an interface driver be set. Choose the one that best +# matches your plugin. +# interface_driver = + +# Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC, NVP, +# BigSwitch/Floodlight) +# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver + +# Use veth for an OVS interface or not. +# Support kernels with limited namespace support +# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True. +# ovs_use_veth = False + +# Example of interface_driver option for LinuxBridge +# interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver + +# The agent requires drivers to manage the loadbalancer. HAProxy is the opensource version. +# Multiple device drivers reflecting different service providers could be specified: +# device_driver = path.to.provider1.driver.Driver +# device_driver = path.to.provider2.driver.Driver +# Default is: +# device_driver = neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver + +[haproxy] +# Location to store config and state files +# loadbalancer_state_path = $state_path/lbaas + +# The user group +# user_group = nogroup + +# When delete and re-add the same vip, send this many gratuitous ARPs to flush +# the ARP cache in the Router. Set it below or equal to 0 to disable this feature. +# send_gratuitous_arp = 3 diff --git a/openstack/usr/share/openstack/neutron/metadata_agent.ini b/openstack/usr/share/openstack/neutron/metadata_agent.ini new file mode 100644 index 00000000..84442ea1 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/metadata_agent.ini @@ -0,0 +1,59 @@ +[DEFAULT] +# Show debugging output in log (sets DEBUG log level output) +# debug = True + +# The Neutron user information for accessing the Neutron API. +auth_url = http://localhost:5000/v2.0 +auth_region = RegionOne +# Turn off verification of the certificate for ssl +# auth_insecure = False +# Certificate Authority public key (CA cert) file for ssl +# auth_ca_cert = +admin_tenant_name = %SERVICE_TENANT_NAME% +admin_user = %SERVICE_USER% +admin_password = %SERVICE_PASSWORD% + +# Network service endpoint type to pull from the keystone catalog +# endpoint_type = adminURL + +# IP address used by Nova metadata server +# nova_metadata_ip = 127.0.0.1 + +# TCP Port used by Nova metadata server +# nova_metadata_port = 8775 + +# Which protocol to use for requests to Nova metadata server, http or https +# nova_metadata_protocol = http + +# Whether insecure SSL connection should be accepted for Nova metadata server +# requests +# nova_metadata_insecure = False + +# Client certificate for nova api, needed when nova api requires client +# certificates +# nova_client_cert = + +# Private key for nova client certificate +# nova_client_priv_key = + +# When proxying metadata requests, Neutron signs the Instance-ID header with a +# shared secret to prevent spoofing. You may select any string for a secret, +# but it must match here and in the configuration used by the Nova Metadata +# Server. NOTE: Nova uses a different key: neutron_metadata_proxy_shared_secret +# metadata_proxy_shared_secret = + +# Location of Metadata Proxy UNIX domain socket +# metadata_proxy_socket = $state_path/metadata_proxy + +# Number of separate worker processes for metadata server. Defaults to +# half the number of CPU cores +# metadata_workers = + +# Number of backlog requests to configure the metadata server socket with +# metadata_backlog = 4096 + +# URL to connect to the cache backend. +# default_ttl=0 parameter will cause cache entries to never expire. +# Otherwise default_ttl specifies time in seconds a cache entry is valid for. +# No cache is used in case no value is passed. +# cache_url = memory://?default_ttl=5 diff --git a/openstack/usr/share/openstack/neutron/metering_agent.ini b/openstack/usr/share/openstack/neutron/metering_agent.ini new file mode 100644 index 00000000..88826ce7 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/metering_agent.ini @@ -0,0 +1,18 @@ +[DEFAULT] +# Show debugging output in log (sets DEBUG log level output) +# debug = True + +# Default driver: +# driver = neutron.services.metering.drivers.noop.noop_driver.NoopMeteringDriver +# Example of non-default driver +# driver = neutron.services.metering.drivers.iptables.iptables_driver.IptablesMeteringDriver + +# Interval between two metering measures +# measure_interval = 30 + +# Interval between two metering reports +# report_interval = 300 + +# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver + +# use_namespaces = True diff --git a/openstack/usr/share/openstack/neutron/neutron.conf b/openstack/usr/share/openstack/neutron/neutron.conf new file mode 100644 index 00000000..08366264 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/neutron.conf @@ -0,0 +1,637 @@ +[DEFAULT] +# Print more verbose output (set logging level to INFO instead of default WARNING level). +# verbose = False + +# =========Start Global Config Option for Distributed L3 Router=============== +# Setting the "router_distributed" flag to "True" will default to the creation +# of distributed tenant routers. The admin can override this flag by specifying +# the type of the router on the create request (admin-only attribute). Default +# value is "False" to support legacy mode (centralized) routers. +# +# router_distributed = False +# +# ===========End Global Config Option for Distributed L3 Router=============== + +# Print debugging output (set logging level to DEBUG instead of default WARNING level). +# debug = False + +# Where to store Neutron state files. This directory must be writable by the +# user executing the agent. +# state_path = /var/lib/neutron + +# Where to store lock files +lock_path = $state_path/lock + +# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s +# log_date_format = %Y-%m-%d %H:%M:%S + +# use_syslog -> syslog +# log_file and log_dir -> log_dir/log_file +# (not log_file) and log_dir -> log_dir/{binary_name}.log +# use_stderr -> stderr +# (not user_stderr) and (not log_file) -> stdout +# publish_errors -> notification system + +# use_syslog = False +# syslog_log_facility = LOG_USER + +# use_stderr = True +# log_file = +# log_dir = + +# publish_errors = False + +# Address to bind the API server to +# bind_host = 0.0.0.0 + +# Port the bind the API server to +# bind_port = 9696 + +# Path to the extensions. Note that this can be a colon-separated list of +# paths. For example: +# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions +# The __path__ of neutron.extensions is appended to this, so if your +# extensions are in there you don't need to specify them here +# api_extensions_path = + +# (StrOpt) Neutron core plugin entrypoint to be loaded from the +# neutron.core_plugins namespace. See setup.cfg for the entrypoint names of the +# plugins included in the neutron source distribution. For compatibility with +# previous versions, the class name of a plugin can be specified instead of its +# entrypoint name. +# +# core_plugin = +# Example: core_plugin = ml2 + +# (ListOpt) List of service plugin entrypoints to be loaded from the +# neutron.service_plugins namespace. See setup.cfg for the entrypoint names of +# the plugins included in the neutron source distribution. For compatibility +# with previous versions, the class name of a plugin can be specified instead +# of its entrypoint name. +# +# service_plugins = +# Example: service_plugins = router,firewall,lbaas,vpnaas,metering + +# Paste configuration file +# api_paste_config = api-paste.ini + +# The strategy to be used for auth. +# Supported values are 'keystone'(default), 'noauth'. +# auth_strategy = keystone + +# Base MAC address. The first 3 octets will remain unchanged. If the +# 4h octet is not 00, it will also be used. The others will be +# randomly generated. +# 3 octet +# base_mac = fa:16:3e:00:00:00 +# 4 octet +# base_mac = fa:16:3e:4f:00:00 + +# DVR Base MAC address. The first 3 octets will remain unchanged. If the +# 4th octet is not 00, it will also be used. The others will be randomly +# generated. The 'dvr_base_mac' *must* be different from 'base_mac' to +# avoid mixing them up with MAC's allocated for tenant ports. +# A 4 octet example would be dvr_base_mac = fa:16:3f:4f:00:00 +# The default is 3 octet +# dvr_base_mac = fa:16:3f:00:00:00 + +# Maximum amount of retries to generate a unique MAC address +# mac_generation_retries = 16 + +# DHCP Lease duration (in seconds). Use -1 to +# tell dnsmasq to use infinite lease times. +# dhcp_lease_duration = 86400 + +# Allow sending resource operation notification to DHCP agent +# dhcp_agent_notification = True + +# Enable or disable bulk create/update/delete operations +# allow_bulk = True +# Enable or disable pagination +# allow_pagination = False +# Enable or disable sorting +# allow_sorting = False +# Enable or disable overlapping IPs for subnets +# Attention: the following parameter MUST be set to False if Neutron is +# being used in conjunction with nova security groups +# allow_overlapping_ips = False +# Ensure that configured gateway is on subnet. For IPv6, validate only if +# gateway is not a link local address. Deprecated, to be removed during the +# K release, at which point the check will be mandatory. +# force_gateway_on_subnet = True + +# Default maximum number of items returned in a single response, +# value == infinite and value < 0 means no max limit, and value must +# be greater than 0. If the number of items requested is greater than +# pagination_max_limit, server will just return pagination_max_limit +# of number of items. +# pagination_max_limit = -1 + +# Maximum number of DNS nameservers per subnet +# max_dns_nameservers = 5 + +# Maximum number of host routes per subnet +# max_subnet_host_routes = 20 + +# Maximum number of fixed ips per port +# max_fixed_ips_per_port = 5 + +# Maximum number of routes per router +# max_routes = 30 + +# =========== items for agent management extension ============= +# Seconds to regard the agent as down; should be at least twice +# report_interval, to be sure the agent is down for good +# agent_down_time = 75 +# =========== end of items for agent management extension ===== + +# =========== items for agent scheduler extension ============= +# Driver to use for scheduling network to DHCP agent +# network_scheduler_driver = neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler +# Driver to use for scheduling router to a default L3 agent +# router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler +# Driver to use for scheduling a loadbalancer pool to an lbaas agent +# loadbalancer_pool_scheduler_driver = neutron.services.loadbalancer.agent_scheduler.ChanceScheduler + +# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted +# networks to first DHCP agent which sends get_active_networks message to +# neutron server +# network_auto_schedule = True + +# Allow auto scheduling routers to L3 agent. It will schedule non-hosted +# routers to first L3 agent which sends sync_routers message to neutron server +# router_auto_schedule = True + +# Allow automatic rescheduling of routers from dead L3 agents with +# admin_state_up set to True to alive agents. +# allow_automatic_l3agent_failover = False + +# Number of DHCP agents scheduled to host a network. This enables redundant +# DHCP agents for configured networks. +# dhcp_agents_per_network = 1 + +# =========== end of items for agent scheduler extension ===== + +# =========== items for l3 extension ============== +# Enable high availability for virtual routers. +# l3_ha = False +# +# Maximum number of l3 agents which a HA router will be scheduled on. If it +# is set to 0 the router will be scheduled on every agent. +# max_l3_agents_per_router = 3 +# +# Minimum number of l3 agents which a HA router will be scheduled on. The +# default value is 2. +# min_l3_agents_per_router = 2 +# +# CIDR of the administrative network if HA mode is enabled +# l3_ha_net_cidr = 169.254.192.0/18 +# =========== end of items for l3 extension ======= + +# =========== WSGI parameters related to the API server ============== +# Number of separate worker processes to spawn. The default, 0, runs the +# worker thread in the current process. Greater than 0 launches that number of +# child processes as workers. The parent process manages them. +# api_workers = 0 + +# Number of separate RPC worker processes to spawn. The default, 0, runs the +# worker thread in the current process. Greater than 0 launches that number of +# child processes as RPC workers. The parent process manages them. +# This feature is experimental until issues are addressed and testing has been +# enabled for various plugins for compatibility. +# rpc_workers = 0 + +# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when +# starting API server. Not supported on OS X. +# tcp_keepidle = 600 + +# Number of seconds to keep retrying to listen +# retry_until_window = 30 + +# Number of backlog requests to configure the socket with. +# backlog = 4096 + +# Max header line to accommodate large tokens +# max_header_line = 16384 + +# Enable SSL on the API server +# use_ssl = False + +# Certificate file to use when starting API server securely +# ssl_cert_file = /path/to/certfile + +# Private key file to use when starting API server securely +# ssl_key_file = /path/to/keyfile + +# CA certificate file to use when starting API server securely to +# verify connecting clients. This is an optional parameter only required if +# API clients need to authenticate to the API server using SSL certificates +# signed by a trusted CA +# ssl_ca_file = /path/to/cafile +# ======== end of WSGI parameters related to the API server ========== + + +# ======== neutron nova interactions ========== +# Send notification to nova when port status is active. +# notify_nova_on_port_status_changes = True + +# Send notifications to nova when port data (fixed_ips/floatingips) change +# so nova can update it's cache. +# notify_nova_on_port_data_changes = True + +# URL for connection to nova (Only supports one nova region currently). +# nova_url = http://127.0.0.1:8774/v2 + +# Name of nova region to use. Useful if keystone manages more than one region +# nova_region_name = + +# Username for connection to nova in admin context +# nova_admin_username = + +# The uuid of the admin nova tenant +# nova_admin_tenant_id = + +# Password for connection to nova in admin context. +# nova_admin_password = + +# Authorization URL for connection to nova in admin context. +# nova_admin_auth_url = + +# CA file for novaclient to verify server certificates +# nova_ca_certificates_file = + +# Boolean to control ignoring SSL errors on the nova url +# nova_api_insecure = False + +# Number of seconds between sending events to nova if there are any events to send +# send_events_interval = 2 + +# ======== end of neutron nova interactions ========== + +# +# Options defined in oslo.messaging +# + +# Use durable queues in amqp. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in amqp. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# Qpid broker hostname. (string value) +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +#qpid_username= + +# Password for Qpid connection. (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth. +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats. (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +#qpid_tcp_nodelay=true + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + +# SSL version to use (valid only if SSL enabled). valid values +# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some +# distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled). (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled). (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL +# enabled). (string value) +#kombu_ssl_ca_certs= + +# How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. (floating point value) +#kombu_reconnect_delay=1.0 + +# The RabbitMQ broker address where a single node is used. +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used. +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid. (string value) +#rabbit_userid=guest + +# The RabbitMQ password. (string value) +#rabbit_password=guest + +# the RabbitMQ login method (string value) +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ. (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + +# If passed, use a fake RabbitMQ provider. (boolean value) +#fake_rabbit=false + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve +# to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per +# topic. Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP +# address. Must match "host" option, if running Nova. (string +# value) +#rpc_zmq_host=oslo + +# Seconds to wait before a cast expires (TTL). Only supported +# by impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of RPC greenthread pool. (integer value) +#rpc_thread_pool_size=64 + +# Driver or drivers to handle sending notifications. (multi +# valued) +#notification_driver= + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend +# option and driver specific configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other +# drivers include qpid and zmq. (string value) +#rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the +# transport_url option. (string value) +#control_exchange=openstack + + +[matchmaker_redis] + +# +# Options defined in oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# Options defined in oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + +[quotas] +# Default driver to use for quota checks +# quota_driver = neutron.db.quota_db.DbQuotaDriver + +# Resource name(s) that are supported in quota features +# quota_items = network,subnet,port + +# Default number of resource allowed per tenant. A negative value means +# unlimited. +# default_quota = -1 + +# Number of networks allowed per tenant. A negative value means unlimited. +# quota_network = 10 + +# Number of subnets allowed per tenant. A negative value means unlimited. +# quota_subnet = 10 + +# Number of ports allowed per tenant. A negative value means unlimited. +# quota_port = 50 + +# Number of security groups allowed per tenant. A negative value means +# unlimited. +# quota_security_group = 10 + +# Number of security group rules allowed per tenant. A negative value means +# unlimited. +# quota_security_group_rule = 100 + +# Number of vips allowed per tenant. A negative value means unlimited. +# quota_vip = 10 + +# Number of pools allowed per tenant. A negative value means unlimited. +# quota_pool = 10 + +# Number of pool members allowed per tenant. A negative value means unlimited. +# The default is unlimited because a member is not a real resource consumer +# on Openstack. However, on back-end, a member is a resource consumer +# and that is the reason why quota is possible. +# quota_member = -1 + +# Number of health monitors allowed per tenant. A negative value means +# unlimited. +# The default is unlimited because a health monitor is not a real resource +# consumer on Openstack. However, on back-end, a member is a resource consumer +# and that is the reason why quota is possible. +# quota_health_monitor = -1 + +# Number of routers allowed per tenant. A negative value means unlimited. +# quota_router = 10 + +# Number of floating IPs allowed per tenant. A negative value means unlimited. +# quota_floatingip = 50 + +# Number of firewalls allowed per tenant. A negative value means unlimited. +# quota_firewall = 1 + +# Number of firewall policies allowed per tenant. A negative value means +# unlimited. +# quota_firewall_policy = 1 + +# Number of firewall rules allowed per tenant. A negative value means +# unlimited. +# quota_firewall_rule = 100 + +[agent] +# Use "sudo neutron-rootwrap /etc/neutron/rootwrap.conf" to use the real +# root filter facility. +# Change to "sudo" to skip the filtering and just run the comand directly +# root_helper = sudo + +# =========== items for agent management extension ============= +# seconds between nodes reporting state to server; should be less than +# agent_down_time, best if it is half or less than agent_down_time +# report_interval = 30 + +# =========== end of items for agent management extension ===== + +[keystone_authtoken] +auth_host = 127.0.0.1 +auth_port = 35357 +auth_protocol = http +admin_tenant_name = %SERVICE_TENANT_NAME% +admin_user = %SERVICE_USER% +admin_password = %SERVICE_PASSWORD% + +[database] +# This line MUST be changed to actually run the plugin. +# Example: +# connection = mysql://root:pass@127.0.0.1:3306/neutron +# Replace 127.0.0.1 above with the IP address of the database used by the +# main neutron server. (Leave it as is if the database runs on this host.) +# connection = sqlite:// +# NOTE: In deployment the [database] section and its connection attribute may +# be set in the corresponding core plugin '.ini' file. However, it is suggested +# to put the [database] section and its connection attribute in this +# configuration file. + +# Database engine for which script will be generated when using offline +# migration +# engine = + +# The SQLAlchemy connection string used to connect to the slave database +# slave_connection = + +# Database reconnection retry times - in event connectivity is lost +# set to -1 implies an infinite retry count +# max_retries = 10 + +# Database reconnection interval in seconds - if the initial connection to the +# database fails +# retry_interval = 10 + +# Minimum number of SQL connections to keep open in a pool +# min_pool_size = 1 + +# Maximum number of SQL connections to keep open in a pool +# max_pool_size = 10 + +# Timeout in seconds before idle sql connections are reaped +# idle_timeout = 3600 + +# If set, use this value for max_overflow with sqlalchemy +# max_overflow = 20 + +# Verbosity of SQL debugging information. 0=None, 100=Everything +# connection_debug = 0 + +# Add python stack traces to SQL as comment strings +# connection_trace = False + +# If set, use this value for pool_timeout with sqlalchemy +# pool_timeout = 10 + +[service_providers] +# Specify service providers (drivers) for advanced services like loadbalancer, VPN, Firewall. +# Must be in form: +# service_provider=::[:default] +# List of allowed service types includes LOADBALANCER, FIREWALL, VPN +# Combination of and must be unique; must also be unique +# This is multiline option, example for default provider: +# service_provider=LOADBALANCER:name:lbaas_plugin_driver_path:default +# example of non-default provider: +# service_provider=FIREWALL:name2:firewall_driver_path +# --- Reference implementations --- +service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default +service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default +# In order to activate Radware's lbaas driver you need to uncomment the next line. +# If you want to keep the HA Proxy as the default lbaas driver, remove the attribute default from the line below. +# Otherwise comment the HA Proxy line +# service_provider = LOADBALANCER:Radware:neutron.services.loadbalancer.drivers.radware.driver.LoadBalancerDriver:default +# uncomment the following line to make the 'netscaler' LBaaS provider available. +# service_provider=LOADBALANCER:NetScaler:neutron.services.loadbalancer.drivers.netscaler.netscaler_driver.NetScalerPluginDriver +# Uncomment the following line (and comment out the OpenSwan VPN line) to enable Cisco's VPN driver. +# service_provider=VPN:cisco:neutron.services.vpn.service_drivers.cisco_ipsec.CiscoCsrIPsecVPNDriver:default +# Uncomment the line below to use Embrane heleos as Load Balancer service provider. +# service_provider=LOADBALANCER:Embrane:neutron.services.loadbalancer.drivers.embrane.driver.EmbraneLbaas:default +# Uncomment the line below to use the A10 Networks LBaaS driver. Requires 'pip install a10-neutron-lbaas'. +#service_provider = LOADBALANCER:A10Networks:neutron.services.loadbalancer.drivers.a10networks.driver_v1.ThunderDriver:default +# Uncomment the following line to test the LBaaS v2 API _WITHOUT_ a real backend +# service_provider = LOADBALANCER:LoggingNoop:neutron.services.loadbalancer.drivers.logging_noop.driver.LoggingNoopLoadBalancerDriver:default diff --git a/openstack/usr/share/openstack/neutron/plugins/bigswitch/restproxy.ini b/openstack/usr/share/openstack/neutron/plugins/bigswitch/restproxy.ini new file mode 100644 index 00000000..256f7855 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/bigswitch/restproxy.ini @@ -0,0 +1,114 @@ +# Config file for neutron-proxy-plugin. + +[restproxy] +# All configuration for this plugin is in section '[restproxy]' +# +# The following parameters are supported: +# servers : [,]* (Error if not set) +# server_auth : (default: no auth) +# server_ssl : True | False (default: True) +# ssl_cert_directory : (default: /etc/neutron/plugins/bigswitch/ssl) +# no_ssl_validation : True | False (default: False) +# ssl_sticky : True | False (default: True) +# sync_data : True | False (default: False) +# auto_sync_on_failure : True | False (default: True) +# consistency_interval : (default: 60 seconds) +# server_timeout : (default: 10 seconds) +# neutron_id : (default: neutron-) +# add_meta_server_route : True | False (default: True) +# thread_pool_size : (default: 4) + +# A comma separated list of BigSwitch or Floodlight servers and port numbers. The plugin proxies the requests to the BigSwitch/Floodlight server, which performs the networking configuration. Note that only one server is needed per deployment, but you may wish to deploy multiple servers to support failover. +servers=localhost:8080 + +# The username and password for authenticating against the BigSwitch or Floodlight controller. +# server_auth=username:password + +# Use SSL when connecting to the BigSwitch or Floodlight controller. +# server_ssl=True + +# Directory which contains the ca_certs and host_certs to be used to validate +# controller certificates. +# ssl_cert_directory=/etc/neutron/plugins/bigswitch/ssl/ + +# If a certificate does not exist for a controller, trust and store the first +# certificate received for that controller and use it to validate future +# connections to that controller. +# ssl_sticky=True + +# Do not validate the controller certificates for SSL +# Warning: This will not provide protection against man-in-the-middle attacks +# no_ssl_validation=False + +# Sync data on connect +# sync_data=False + +# If neutron fails to create a resource because the backend controller +# doesn't know of a dependency, automatically trigger a full data +# synchronization to the controller. +# auto_sync_on_failure=True + +# Time between verifications that the backend controller +# database is consistent with Neutron. (0 to disable) +# consistency_interval = 60 + +# Maximum number of seconds to wait for proxy request to connect and complete. +# server_timeout=10 + +# User defined identifier for this Neutron deployment +# neutron_id = + +# Flag to decide if a route to the metadata server should be injected into the VM +# add_meta_server_route = True + +# Number of threads to use to handle large volumes of port creation requests +# thread_pool_size = 4 + +[nova] +# Specify the VIF_TYPE that will be controlled on the Nova compute instances +# options: ivs or ovs +# default: ovs +# vif_type = ovs + +# Overrides for vif types based on nova compute node host IDs +# Comma separated list of host IDs to fix to a specific VIF type +# The VIF type is taken from the end of the configuration item +# node_override_vif_ +# For example, the following would set the VIF type to IVS for +# host-id1 and host-id2 +# node_overrride_vif_ivs=host-id1,host-id2 + +[router] +# Specify the default router rules installed in newly created tenant routers +# Specify multiple times for multiple rules +# Format is ::: +# Optionally, a comma-separated list of nexthops may be included after +# Use an * to specify default for all tenants +# Default is any any allow for all tenants +# tenant_default_router_rule=*:any:any:permit + +# Maximum number of rules that a single router may have +# Default is 200 +# max_router_rules=200 + +[restproxyagent] + +# Specify the name of the bridge used on compute nodes +# for attachment. +# Default: br-int +# integration_bridge=br-int + +# Change the frequency of polling by the restproxy agent. +# Value is seconds +# Default: 5 +# polling_interval=5 + +# Virtual switch type on the compute node. +# Options: ovs or ivs +# Default: ovs +# virtual_switch_type = ovs + +[securitygroup] +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True diff --git a/openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/ca_certs/README b/openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/ca_certs/README new file mode 100644 index 00000000..e7e47a27 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/ca_certs/README @@ -0,0 +1,3 @@ +Certificates in this folder will be used to +verify signatures for any controllers the plugin +connects to. diff --git a/openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/host_certs/README b/openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/host_certs/README new file mode 100644 index 00000000..8f5f5e77 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/bigswitch/ssl/host_certs/README @@ -0,0 +1,6 @@ +Certificates in this folder must match the name +of the controller they should be used to authenticate +with a .pem extension. + +For example, the certificate for the controller +"192.168.0.1" should be named "192.168.0.1.pem". diff --git a/openstack/usr/share/openstack/neutron/plugins/brocade/brocade.ini b/openstack/usr/share/openstack/neutron/plugins/brocade/brocade.ini new file mode 100644 index 00000000..916e9e5d --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/brocade/brocade.ini @@ -0,0 +1,29 @@ +[switch] +# username = The SSH username to use +# password = The SSH password to use +# address = The address of the host to SSH to +# ostype = Should be NOS, but is unused otherwise +# +# Example: +# username = admin +# password = password +# address = 10.24.84.38 +# ostype = NOS + +[physical_interface] +# physical_interface = The network interface to use when creating a port +# +# Example: +# physical_interface = physnet1 + +[vlans] +# network_vlan_ranges = :nnnn:mmmm +# +# Example: +# network_vlan_ranges = physnet1:1000:2999 + +[linux_bridge] +# physical_interface_mappings = : +# +# Example: +# physical_interface_mappings = physnet1:em1 diff --git a/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_cfg_agent.ini b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_cfg_agent.ini new file mode 100644 index 00000000..d99e8382 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_cfg_agent.ini @@ -0,0 +1,15 @@ +[cfg_agent] +# (IntOpt) Interval in seconds for processing of service updates. +# That is when the config agent's process_services() loop executes +# and it lets each service helper to process its service resources. +# rpc_loop_interval = 10 + +# (StrOpt) Period-separated module path to the routing service helper class. +# routing_svc_helper_class = neutron.plugins.cisco.cfg_agent.service_helpers.routing_svc_helper.RoutingServiceHelper + +# (IntOpt) Timeout value in seconds for connecting to a hosting device. +# device_connection_timeout = 30 + +# (IntOpt) The time in seconds until a backlogged hosting device is +# presumed dead or booted to an error state. +# hosting_device_dead_timeout = 300 diff --git a/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_plugins.ini b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_plugins.ini new file mode 100644 index 00000000..17eae737 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_plugins.ini @@ -0,0 +1,100 @@ +[cisco] + +# (StrOpt) A short prefix to prepend to the VLAN number when creating a +# VLAN interface. For example, if an interface is being created for +# VLAN 2001 it will be named 'q-2001' using the default prefix. +# +# vlan_name_prefix = q- +# Example: vlan_name_prefix = vnet- + +# (StrOpt) A short prefix to prepend to the VLAN number when creating a +# provider VLAN interface. For example, if an interface is being created +# for provider VLAN 3003 it will be named 'p-3003' using the default prefix. +# +# provider_vlan_name_prefix = p- +# Example: provider_vlan_name_prefix = PV- + +# (BoolOpt) A flag indicating whether Openstack networking should manage the +# creation and removal of VLAN interfaces for provider networks on the Nexus +# switches. If the flag is set to False then Openstack will not create or +# remove VLAN interfaces for provider networks, and the administrator needs +# to manage these interfaces manually or by external orchestration. +# +# provider_vlan_auto_create = True + +# (BoolOpt) A flag indicating whether Openstack networking should manage +# the adding and removing of provider VLANs from trunk ports on the Nexus +# switches. If the flag is set to False then Openstack will not add or +# remove provider VLANs from trunk ports, and the administrator needs to +# manage these operations manually or by external orchestration. +# +# provider_vlan_auto_trunk = True + +# (StrOpt) Period-separated module path to the model class to use for +# the Cisco neutron plugin. +# +# model_class = neutron.plugins.cisco.models.virt_phy_sw_v2.VirtualPhysicalSwitchModelV2 + +# (BoolOpt) A flag to enable Layer 3 support on the Nexus switches. +# Note: This feature is not supported on all models/versions of Cisco +# Nexus switches. To use this feature, all of the Nexus switches in the +# deployment must support it. +# nexus_l3_enable = False + +# (BoolOpt) A flag to enable round robin scheduling of routers for SVI. +# svi_round_robin = False + +# Cisco Nexus Switch configurations. +# Each switch to be managed by Openstack Neutron must be configured here. +# +# N1KV Format. +# [N1KV:] +# username= +# password= +# +# Example: +# [N1KV:2.2.2.2] +# username=admin +# password=mySecretPassword + +[cisco_n1k] + +# (StrOpt) Specify the name of the integration bridge to which the VIFs are +# attached. +# Default value: br-int +# integration_bridge = br-int + +# (StrOpt) Name of the policy profile to be associated with a port when no +# policy profile is specified during port creates. +# Default value: service_profile +# default_policy_profile = service_profile + +# (StrOpt) Name of the policy profile to be associated with a port owned by +# network node (dhcp, router). +# Default value: dhcp_pp +# network_node_policy_profile = dhcp_pp + +# (StrOpt) Name of the network profile to be associated with a network when no +# network profile is specified during network creates. Admin should pre-create +# a network profile with this name. +# Default value: default_network_profile +# default_network_profile = network_pool + +# (IntOpt) Time in seconds for which the plugin polls the VSM for updates in +# policy profiles. +# Default value: 60 +# poll_duration = 60 + +# (BoolOpt) Specify whether tenants are restricted from accessing all the +# policy profiles. +# Default value: False, indicating all tenants can access all policy profiles. +# +# restrict_policy_profiles = False + +# (IntOpt) Number of threads to use to make HTTP requests to the VSM. +# Default value: 4 +# http_pool_size = 4 + +# (IntOpt) Timeout duration in seconds for the http request +# Default value: 15 +# http_timeout = 15 diff --git a/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_router_plugin.ini b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_router_plugin.ini new file mode 100644 index 00000000..3ef271d2 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_router_plugin.ini @@ -0,0 +1,76 @@ +[general] +#(IntOpt) Time in seconds between renewed scheduling attempts of non-scheduled routers +# backlog_processing_interval = 10 + +#(StrOpt) Name of the L3 admin tenant +# l3_admin_tenant = L3AdminTenant + +#(StrOpt) Name of management network for hosting device configuration +# management_network = osn_mgmt_nw + +#(StrOpt) Default security group applied on management port +# default_security_group = mgmt_sec_grp + +#(IntOpt) Seconds of no status update until a cfg agent is considered down +# cfg_agent_down_time = 60 + +#(StrOpt) Path to templates for hosting devices +# templates_path = /opt/stack/data/neutron/cisco/templates + +#(StrOpt) Path to config drive files for service VM instances +# service_vm_config_path = /opt/stack/data/neutron/cisco/config_drive + +#(BoolOpt) Ensure that Nova is running before attempting to create any VM +# ensure_nova_running = True + +[hosting_devices] +# Settings coupled to CSR1kv VM devices +# ------------------------------------- +#(StrOpt) Name of Glance image for CSR1kv +# csr1kv_image = csr1kv_openstack_img + +#(StrOpt) UUID of Nova flavor for CSR1kv +# csr1kv_flavor = 621 + +#(StrOpt) Plugging driver for CSR1kv +# csr1kv_plugging_driver = neutron.plugins.cisco.l3.plugging_drivers.n1kv_trunking_driver.N1kvTrunkingPlugDriver + +#(StrOpt) Hosting device driver for CSR1kv +# csr1kv_device_driver = neutron.plugins.cisco.l3.hosting_device_drivers.csr1kv_hd_driver.CSR1kvHostingDeviceDriver + +#(StrOpt) Config agent router service driver for CSR1kv +# csr1kv_cfgagent_router_driver = neutron.plugins.cisco.cfg_agent.device_drivers.csr1kv.csr1kv_routing_driver.CSR1kvRoutingDriver + +#(StrOpt) Configdrive template file for CSR1kv +# csr1kv_configdrive_template = csr1kv_cfg_template + +#(IntOpt) Booting time in seconds before a CSR1kv becomes operational +# csr1kv_booting_time = 420 + +#(StrOpt) Username to use for CSR1kv configurations +# csr1kv_username = stack + +#(StrOpt) Password to use for CSR1kv configurations +# csr1kv_password = cisco + +[n1kv] +# Settings coupled to inter-working with N1kv plugin +# -------------------------------------------------- +#(StrOpt) Name of N1kv port profile for management ports +# management_port_profile = osn_mgmt_pp + +#(StrOpt) Name of N1kv port profile for T1 ports (i.e., ports carrying traffic +# from VXLAN segmented networks). +# t1_port_profile = osn_t1_pp + +#(StrOpt) Name of N1kv port profile for T2 ports (i.e., ports carrying traffic +# from VLAN segmented networks). +# t2_port_profile = osn_t2_pp + +#(StrOpt) Name of N1kv network profile for T1 networks (i.e., trunk networks +# for VXLAN segmented traffic). +# t1_network_profile = osn_t1_np + +#(StrOpt) Name of N1kv network profile for T2 networks (i.e., trunk networks +# for VLAN segmented traffic). +# t2_network_profile = osn_t2_np diff --git a/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_vpn_agent.ini b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_vpn_agent.ini new file mode 100644 index 00000000..0aee17eb --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/cisco/cisco_vpn_agent.ini @@ -0,0 +1,26 @@ +[cisco_csr_ipsec] +# Status check interval in seconds, for VPNaaS IPSec connections used on CSR +# status_check_interval = 60 + +# Cisco CSR management port information for REST access used by VPNaaS +# TODO(pcm): Remove once CSR is integrated in as a Neutron router. +# +# Format is: +# [cisco_csr_rest:] +# rest_mgmt = +# tunnel_ip = +# username = +# password = +# timeout = +# host = +# tunnel_if = +# +# where: +# public IP ----- Public IP address of router used with a VPN service (1:1 with CSR) +# tunnel IP ----- Public IP address of the CSR used for the IPSec tunnel +# mgmt port IP -- IP address of CSR for REST API access +# user ---------- Username for REST management port access to Cisco CSR +# password ------ Password for REST management port access to Cisco CSR +# timeout ------- REST request timeout to Cisco CSR (optional) +# hostname ------ Name of host where CSR is running as a VM +# tunnel I/F ---- CSR port name used for tunnels' IP address diff --git a/openstack/usr/share/openstack/neutron/plugins/embrane/heleos_conf.ini b/openstack/usr/share/openstack/neutron/plugins/embrane/heleos_conf.ini new file mode 100644 index 00000000..0ca9b46f --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/embrane/heleos_conf.ini @@ -0,0 +1,41 @@ +[heleos] +#configure the ESM management address +#in the first version of this plugin, only one ESM can be specified +#Example: +#esm_mgmt= + +#configure admin username and password +#admin_username= +#admin_password= + +#router image id +#Example: +#router_image=932ce713-e210-3d54-a0a5-518b0b5ee1b0 + +#mgmt shared security zone id +#defines the shared management security zone. Each tenant can have a private one configured through the ESM +#Example: +#mgmt_id=c0bc9b6c-f110-46cf-bb01-733bfe4b5a1a + +#in-band shared security zone id +#defines the shared in-band security zone. Each tenant can have a private one configured through the ESM +#Example: +#inband_id=a6b7999d-3806-4b04-81f6-e0c5c8271afc + +#oob-band shared security zone id +#defines the shared out-of-band security zone. Each tenant can have a private one configured through the ESM +#Example: +#oob_id=e7eda5cc-b977-46cb-9c14-cab43c1b7871 + +#dummy security zone id +#defines the dummy security zone ID. this security zone will be used by the DVAs with no neutron interfaces +#Example: +#dummy_utif_id=d9911310-25fc-4733-a2e0-c0eda024ef08 + +#resource pool id +#define the shared resource pool. Each tenant can have a private one configured through the ESM +#Example +#resource_pool_id= + +#define if the requests have to be executed asynchronously by the plugin or not +#async_requests= diff --git a/openstack/usr/share/openstack/neutron/plugins/hyperv/hyperv_neutron_plugin.ini b/openstack/usr/share/openstack/neutron/plugins/hyperv/hyperv_neutron_plugin.ini new file mode 100644 index 00000000..5eeec570 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/hyperv/hyperv_neutron_plugin.ini @@ -0,0 +1,63 @@ +[hyperv] +# (StrOpt) Type of network to allocate for tenant networks. The +# default value 'local' is useful only for single-box testing and +# provides no connectivity between hosts. You MUST either change this +# to 'vlan' and configure network_vlan_ranges below or to 'flat'. +# Set to 'none' to disable creation of tenant networks. +# +# tenant_network_type = local +# Example: tenant_network_type = vlan + +# (ListOpt) Comma-separated list of +# [::] tuples enumerating ranges +# of VLAN IDs on named physical networks that are available for +# allocation. All physical networks listed are available for flat and +# VLAN provider network creation. Specified ranges of VLAN IDs are +# available for tenant network allocation if tenant_network_type is +# 'vlan'. If empty, only gre and local networks may be created. +# +# network_vlan_ranges = +# Example: network_vlan_ranges = physnet1:1000:2999 + +[agent] +# Agent's polling interval in seconds +# polling_interval = 2 + +# (ListOpt) Comma separated list of : +# where the physical networks can be expressed with wildcards, +# e.g.: ."*:external". +# The referred external virtual switches need to be already present on +# the Hyper-V server. +# If a given physical network name will not match any value in the list +# the plugin will look for a virtual switch with the same name. +# +# physical_network_vswitch_mappings = *:external +# Example: physical_network_vswitch_mappings = net1:external1,net2:external2 + +# (StrOpt) Private virtual switch name used for local networking. +# +# local_network_vswitch = private +# Example: local_network_vswitch = custom_vswitch + +# (BoolOpt) Enables metrics collections for switch ports by using Hyper-V's +# metric APIs. Collected data can by retrieved by other apps and services, +# e.g.: Ceilometer. Requires Hyper-V / Windows Server 2012 and above. +# +# enable_metrics_collection = False + +#----------------------------------------------------------------------------- +# Sample Configurations. +#----------------------------------------------------------------------------- +# +# Neutron server: +# +# [HYPERV] +# tenant_network_type = vlan +# network_vlan_ranges = default:2000:3999 +# +# Agent running on Hyper-V node: +# +# [AGENT] +# polling_interval = 2 +# physical_network_vswitch_mappings = *:external +# local_network_vswitch = private diff --git a/openstack/usr/share/openstack/neutron/plugins/ibm/sdnve_neutron_plugin.ini b/openstack/usr/share/openstack/neutron/plugins/ibm/sdnve_neutron_plugin.ini new file mode 100644 index 00000000..0fab5070 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ibm/sdnve_neutron_plugin.ini @@ -0,0 +1,50 @@ +[sdnve] +# (ListOpt) The IP address of one (or more) SDN-VE controllers +# Default value is: controller_ips = 127.0.0.1 +# Example: controller_ips = 127.0.0.1,127.0.0.2 +# (StrOpt) The integration bridge for OF based implementation +# The default value for integration_bridge is None +# Example: integration_bridge = br-int +# (ListOpt) The interface mapping connecting the integration +# bridge to external network as a list of physical network names and +# interfaces: : +# Example: interface_mappings = default:eth2 +# (BoolOpt) Used to reset the integration bridge, if exists +# The default value for reset_bridge is True +# Example: reset_bridge = False +# (BoolOpt) Used to set the OVS controller as out-of-band +# The default value for out_of_band is True +# Example: out_of_band = False +# +# (BoolOpt) The fake controller for testing purposes +# Default value is: use_fake_controller = False +# (StrOpt) The port number for use with controller +# The default value for the port is 8443 +# Example: port = 8443 +# (StrOpt) The userid for use with controller +# The default value for the userid is admin +# Example: userid = sdnve_user +# (StrOpt) The password for use with controller +# The default value for the password is admin +# Example: password = sdnve_password +# +# (StrOpt) The default type of tenants (and associated resources) +# Available choices are: OVERLAY or OF +# The default value for tenant type is OVERLAY +# Example: default_tenant_type = OVERLAY +# (StrOpt) The string in tenant description that indicates +# Default value for OF tenants: of_signature = SDNVE-OF +# (StrOpt) The string in tenant description that indicates +# Default value for OVERLAY tenants: overlay_signature = SDNVE-OVERLAY + +[sdnve_agent] +# (IntOpt) Agent's polling interval in seconds +# polling_interval = 2 +# (StrOpt) What to use for root helper +# The default value: root_helper = 'sudo' +# (BoolOpt) Whether to use rpc or not +# The default value: rpc = True + +[securitygroup] +# The security group is not supported: +# firewall_driver = neutron.agent.firewall.NoopFirewallDriver diff --git a/openstack/usr/share/openstack/neutron/plugins/linuxbridge/linuxbridge_conf.ini b/openstack/usr/share/openstack/neutron/plugins/linuxbridge/linuxbridge_conf.ini new file mode 100644 index 00000000..94fe9803 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/linuxbridge/linuxbridge_conf.ini @@ -0,0 +1,78 @@ +[vlans] +# (StrOpt) Type of network to allocate for tenant networks. The +# default value 'local' is useful only for single-box testing and +# provides no connectivity between hosts. You MUST change this to +# 'vlan' and configure network_vlan_ranges below in order for tenant +# networks to provide connectivity between hosts. Set to 'none' to +# disable creation of tenant networks. +# +# tenant_network_type = local +# Example: tenant_network_type = vlan + +# (ListOpt) Comma-separated list of +# [::] tuples enumerating ranges +# of VLAN IDs on named physical networks that are available for +# allocation. All physical networks listed are available for flat and +# VLAN provider network creation. Specified ranges of VLAN IDs are +# available for tenant network allocation if tenant_network_type is +# 'vlan'. If empty, only local networks may be created. +# +# network_vlan_ranges = +# Example: network_vlan_ranges = physnet1:1000:2999 + +[linux_bridge] +# (ListOpt) Comma-separated list of +# : tuples mapping physical +# network names to the agent's node-specific physical network +# interfaces to be used for flat and VLAN networks. All physical +# networks listed in network_vlan_ranges on the server should have +# mappings to appropriate interfaces on each agent. +# +# physical_interface_mappings = +# Example: physical_interface_mappings = physnet1:eth1 + +[vxlan] +# (BoolOpt) enable VXLAN on the agent +# VXLAN support can be enabled when agent is managed by ml2 plugin using +# linuxbridge mechanism driver. Useless if set while using linuxbridge plugin. +# enable_vxlan = False +# +# (IntOpt) use specific TTL for vxlan interface protocol packets +# ttl = +# +# (IntOpt) use specific TOS for vxlan interface protocol packets +# tos = +# +# (StrOpt) multicast group to use for broadcast emulation. +# This group must be the same on all the agents. +# vxlan_group = 224.0.0.1 +# +# (StrOpt) Local IP address to use for VXLAN endpoints (required) +# local_ip = +# +# (BoolOpt) Flag to enable l2population extension. This option should be used +# in conjunction with ml2 plugin l2population mechanism driver (in that case, +# both linuxbridge and l2population mechanism drivers should be loaded). +# It enables plugin to populate VXLAN forwarding table, in order to limit +# the use of broadcast emulation (multicast will be turned off if kernel and +# iproute2 supports unicast flooding - requires 3.11 kernel and iproute2 3.10) +# l2_population = False + +[agent] +# Agent's polling interval in seconds +# polling_interval = 2 + +# (BoolOpt) Enable server RPC compatibility with old (pre-havana) +# agents. +# +# rpc_support_old_agents = False +# Example: rpc_support_old_agents = True + +[securitygroup] +# Firewall driver for realizing neutron security group function +# firewall_driver = neutron.agent.firewall.NoopFirewallDriver +# Example: firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True diff --git a/openstack/usr/share/openstack/neutron/plugins/metaplugin/metaplugin.ini b/openstack/usr/share/openstack/neutron/plugins/metaplugin/metaplugin.ini new file mode 100644 index 00000000..2b9bfa5e --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/metaplugin/metaplugin.ini @@ -0,0 +1,31 @@ +# Config file for Metaplugin + +[meta] +# Comma separated list of flavor:neutron_plugin for plugins to load. +# Extension method is searched in the list order and the first one is used. +plugin_list = 'ml2:neutron.plugins.ml2.plugin.Ml2Plugin,nvp:neutron.plugins.vmware.plugin.NsxPluginV2' + +# Comma separated list of flavor:neutron_plugin for L3 service plugins +# to load. +# This is intended for specifying L2 plugins which support L3 functions. +# If you use a router service plugin, set this blank. +l3_plugin_list = + +# Default flavor to use, when flavor:network is not specified at network +# creation. +default_flavor = 'nvp' + +# Default L3 flavor to use, when flavor:router is not specified at router +# creation. +# Ignored if 'l3_plugin_list' is blank. +default_l3_flavor = + +# Comma separated list of supported extension aliases. +supported_extension_aliases = 'provider,binding,agent,dhcp_agent_scheduler' + +# Comma separated list of method:flavor to select specific plugin for a method. +# This has priority over method search order based on 'plugin_list'. +extension_map = 'get_port_stats:nvp' + +# Specifies flavor for plugin to handle 'q-plugin' RPC requests. +rpc_flavor = 'ml2' diff --git a/openstack/usr/share/openstack/neutron/plugins/midonet/midonet.ini b/openstack/usr/share/openstack/neutron/plugins/midonet/midonet.ini new file mode 100644 index 00000000..f2e94052 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/midonet/midonet.ini @@ -0,0 +1,19 @@ + +[midonet] +# MidoNet API server URI +# midonet_uri = http://localhost:8080/midonet-api + +# MidoNet admin username +# username = admin + +# MidoNet admin password +# password = passw0rd + +# ID of the project that MidoNet admin user belongs to +# project_id = 77777777-7777-7777-7777-777777777777 + +# Virtual provider router ID +# provider_router_id = 00112233-0011-0011-0011-001122334455 + +# Path to midonet host uuid file +# midonet_host_uuid_path = /etc/midolman/host_uuid.properties diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini new file mode 100644 index 00000000..4fb1a4a3 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini @@ -0,0 +1,71 @@ +[ml2] +# (ListOpt) List of network type driver entrypoints to be loaded from +# the neutron.ml2.type_drivers namespace. +# +# type_drivers = local,flat,vlan,gre,vxlan +# Example: type_drivers = flat,vlan,gre,vxlan + +# (ListOpt) Ordered list of network_types to allocate as tenant +# networks. The default value 'local' is useful for single-box testing +# but provides no connectivity between hosts. +# +# tenant_network_types = local +# Example: tenant_network_types = vlan,gre,vxlan + +# (ListOpt) Ordered list of networking mechanism driver entrypoints +# to be loaded from the neutron.ml2.mechanism_drivers namespace. +# mechanism_drivers = +# Example: mechanism_drivers = openvswitch,mlnx +# Example: mechanism_drivers = arista +# Example: mechanism_drivers = cisco,logger +# Example: mechanism_drivers = openvswitch,brocade +# Example: mechanism_drivers = linuxbridge,brocade + +# (ListOpt) Ordered list of extension driver entrypoints +# to be loaded from the neutron.ml2.extension_drivers namespace. +# extension_drivers = +# Example: extension_drivers = anewextensiondriver + +[ml2_type_flat] +# (ListOpt) List of physical_network names with which flat networks +# can be created. Use * to allow flat networks with arbitrary +# physical_network names. +# +# flat_networks = +# Example:flat_networks = physnet1,physnet2 +# Example:flat_networks = * + +[ml2_type_vlan] +# (ListOpt) List of [::] tuples +# specifying physical_network names usable for VLAN provider and +# tenant networks, as well as ranges of VLAN tags on each +# physical_network available for allocation as tenant networks. +# +# network_vlan_ranges = +# Example: network_vlan_ranges = physnet1:1000:2999,physnet2 + +[ml2_type_gre] +# (ListOpt) Comma-separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation +# tunnel_id_ranges = + +[ml2_type_vxlan] +# (ListOpt) Comma-separated list of : tuples enumerating +# ranges of VXLAN VNI IDs that are available for tenant network allocation. +# +# vni_ranges = + +# (StrOpt) Multicast group for the VXLAN interface. When configured, will +# enable sending all broadcast traffic to this multicast group. When left +# unconfigured, will disable multicast VXLAN mode. +# +# vxlan_group = +# Example: vxlan_group = 239.1.1.1 + +[securitygroup] +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True + +# Use ipset to speed-up the iptables security groups. Enabling ipset support +# requires that ipset is installed on L2 agent node. +# enable_ipset = True diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_arista.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_arista.ini new file mode 100644 index 00000000..abaf5bc7 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_arista.ini @@ -0,0 +1,100 @@ +# Defines configuration options specific for Arista ML2 Mechanism driver + +[ml2_arista] +# (StrOpt) EOS IP address. This is required field. If not set, all +# communications to Arista EOS will fail +# +# eapi_host = +# Example: eapi_host = 192.168.0.1 +# +# (StrOpt) EOS command API username. This is required field. +# if not set, all communications to Arista EOS will fail. +# +# eapi_username = +# Example: arista_eapi_username = admin +# +# (StrOpt) EOS command API password. This is required field. +# if not set, all communications to Arista EOS will fail. +# +# eapi_password = +# Example: eapi_password = my_password +# +# (StrOpt) Defines if hostnames are sent to Arista EOS as FQDNs +# ("node1.domain.com") or as short names ("node1"). This is +# optional. If not set, a value of "True" is assumed. +# +# use_fqdn = +# Example: use_fqdn = True +# +# (IntOpt) Sync interval in seconds between Neutron plugin and EOS. +# This field defines how often the synchronization is performed. +# This is an optional field. If not set, a value of 180 seconds +# is assumed. +# +# sync_interval = +# Example: sync_interval = 60 +# +# (StrOpt) Defines Region Name that is assigned to this OpenStack Controller. +# This is useful when multiple OpenStack/Neutron controllers are +# managing the same Arista HW clusters. Note that this name must +# match with the region name registered (or known) to keystone +# service. Authentication with Keysotne is performed by EOS. +# This is optional. If not set, a value of "RegionOne" is assumed. +# +# region_name = +# Example: region_name = RegionOne + + +[l3_arista] + +# (StrOpt) primary host IP address. This is required field. If not set, all +# communications to Arista EOS will fail. This is the host where +# primary router is created. +# +# primary_l3_host = +# Example: primary_l3_host = 192.168.10.10 +# +# (StrOpt) Primary host username. This is required field. +# if not set, all communications to Arista EOS will fail. +# +# primary_l3_host_username = +# Example: arista_primary_l3_username = admin +# +# (StrOpt) Primary host password. This is required field. +# if not set, all communications to Arista EOS will fail. +# +# primary_l3_host_password = +# Example: primary_l3_password = my_password +# +# (StrOpt) IP address of the second Arista switch paired as +# MLAG (Multi-chassis Link Aggregation) with the first. +# This is optional field, however, if mlag_config flag is set, +# then this is a required field. If not set, all +# communications to Arista EOS will fail. If mlag_config is set +# to False, then this field is ignored +# +# seconadary_l3_host = +# Example: seconadary_l3_host = 192.168.10.20 +# +# (BoolOpt) Defines if Arista switches are configured in MLAG mode +# If yes, all L3 configuration is pushed to both switches +# automatically. If this flag is set, ensure that secondary_l3_host +# is set to the second switch's IP. +# This flag is Optional. If not set, a value of "False" is assumed. +# +# mlag_config = +# Example: mlag_config = True +# +# (BoolOpt) Defines if the router is created in default VRF or a +# a specific VRF. This is optional. +# If not set, a value of "False" is assumed. +# +# Example: use_vrf = True +# +# (IntOpt) Sync interval in seconds between Neutron plugin and EOS. +# This field defines how often the synchronization is performed. +# This is an optional field. If not set, a value of 180 seconds +# is assumed. +# +# l3_sync_interval = +# Example: l3_sync_interval = 60 diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_brocade.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_brocade.ini new file mode 100644 index 00000000..67574110 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_brocade.ini @@ -0,0 +1,15 @@ +[ml2_brocade] +# username = +# password = +# address = +# ostype = NOS +# osversion = autodetect | n.n.n +# physical_networks = physnet1,physnet2 +# +# Example: +# username = admin +# password = password +# address = 10.24.84.38 +# ostype = NOS +# osversion = 4.1.1 +# physical_networks = physnet1,physnet2 diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_cisco.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_cisco.ini new file mode 100644 index 00000000..1b69100e --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_cisco.ini @@ -0,0 +1,118 @@ +[ml2_cisco] + +# (StrOpt) A short prefix to prepend to the VLAN number when creating a +# VLAN interface. For example, if an interface is being created for +# VLAN 2001 it will be named 'q-2001' using the default prefix. +# +# vlan_name_prefix = q- +# Example: vlan_name_prefix = vnet- + +# (BoolOpt) A flag to enable round robin scheduling of routers for SVI. +# svi_round_robin = False + +# +# (StrOpt) The name of the physical_network managed via the Cisco Nexus Switch. +# This string value must be present in the ml2_conf.ini network_vlan_ranges +# variable. +# +# managed_physical_network = +# Example: managed_physical_network = physnet1 + +# Cisco Nexus Switch configurations. +# Each switch to be managed by Openstack Neutron must be configured here. +# +# Cisco Nexus Switch Format. +# [ml2_mech_cisco_nexus:] +# = (1) +# ssh_port= (2) +# username= (3) +# password= (4) +# +# (1) For each host connected to a port on the switch, specify the hostname +# and the Nexus physical port (interface) it is connected to. +# Valid intf_type's are 'ethernet' and 'port-channel'. +# The default setting for is 'ethernet' and need not be +# added to this setting. +# (2) The TCP port for connecting via SSH to manage the switch. This is +# port number 22 unless the switch has been configured otherwise. +# (3) The username for logging into the switch to manage it. +# (4) The password for logging into the switch to manage it. +# +# Example: +# [ml2_mech_cisco_nexus:1.1.1.1] +# compute1=1/1 +# compute2=ethernet:1/2 +# compute3=port-channel:1 +# ssh_port=22 +# username=admin +# password=mySecretPassword + +[ml2_cisco_apic] + +# Hostname:port list of APIC controllers +# apic_hosts = 1.1.1.1:80, 1.1.1.2:8080, 1.1.1.3:80 + +# Username for the APIC controller +# apic_username = user + +# Password for the APIC controller +# apic_password = password + +# Whether use SSl for connecting to the APIC controller or not +# apic_use_ssl = True + +# How to map names to APIC: use_uuid or use_name +# apic_name_mapping = use_name + +# Names for APIC objects used by Neutron +# Note: When deploying multiple clouds against one APIC, +# these names must be unique between the clouds. +# apic_vmm_domain = openstack +# apic_vlan_ns_name = openstack_ns +# apic_node_profile = openstack_profile +# apic_entity_profile = openstack_entity +# apic_function_profile = openstack_function +# apic_app_profile_name = openstack_app +# Agent timers for State reporting and topology discovery +# apic_sync_interval = 30 +# apic_agent_report_interval = 30 +# apic_agent_poll_interval = 2 + +# Specify your network topology. +# This section indicates how your compute nodes are connected to the fabric's +# switches and ports. The format is as follows: +# +# [apic_switch:] +# , = +# +# You can have multiple sections, one for each switch in your fabric that is +# participating in Openstack. e.g. +# +# [apic_switch:17] +# ubuntu,ubuntu1 = 1/10 +# ubuntu2,ubuntu3 = 1/11 +# +# [apic_switch:18] +# ubuntu5,ubuntu6 = 1/1 +# ubuntu7,ubuntu8 = 1/2 + +# Describe external connectivity. +# In this section you can specify the external network configuration in order +# for the plugin to be able to teach the fabric how to route the internal +# traffic to the outside world. The external connectivity configuration +# format is as follows: +# +# [apic_external_network:] +# switch = +# port = +# encap = +# cidr_exposed = +# gateway_ip = +# +# An example follows: +# [apic_external_network:network_ext] +# switch=203 +# port=1/34 +# encap=vlan-100 +# cidr_exposed=10.10.40.2/16 +# gateway_ip=10.10.40.1 diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_fslsdn.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_fslsdn.ini new file mode 100644 index 00000000..6ee4a4e0 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_fslsdn.ini @@ -0,0 +1,52 @@ +# Defines Configuration options for FSL SDN OS Mechanism Driver +# Cloud Resource Discovery (CRD) authorization credentials +[ml2_fslsdn] +#(StrOpt) User name for authentication to CRD. +# e.g.: user12 +# +# crd_user_name = + +#(StrOpt) Password for authentication to CRD. +# e.g.: secret +# +# crd_password = + +#(StrOpt) Tenant name for CRD service. +# e.g.: service +# +# crd_tenant_name = + +#(StrOpt) CRD auth URL. +# e.g.: http://127.0.0.1:5000/v2.0/ +# +# crd_auth_url = + +#(StrOpt) URL for connecting to CRD Service. +# e.g.: http://127.0.0.1:9797 +# +# crd_url= + +#(IntOpt) Timeout value for connecting to CRD service +# in seconds, e.g.: 30 +# +# crd_url_timeout= + +#(StrOpt) Region name for connecting to CRD in +# admin context, e.g.: RegionOne +# +# crd_region_name= + +#(BoolOpt)If set, ignore any SSL validation issues (boolean value) +# e.g.: False +# +# crd_api_insecure= + +#(StrOpt)Authorization strategy for connecting to CRD in admin +# context, e.g.: keystone +# +# crd_auth_strategy= + +#(StrOpt)Location of CA certificates file to use for CRD client +# requests. +# +# crd_ca_certificates_file= diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_mlnx.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_mlnx.ini new file mode 100644 index 00000000..46139aed --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_mlnx.ini @@ -0,0 +1,4 @@ +[eswitch] +# (StrOpt) Type of Network Interface to allocate for VM: +# mlnx_direct or hostdev according to libvirt terminology +# vnic_type = mlnx_direct diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ncs.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ncs.ini new file mode 100644 index 00000000..dbbfcbd2 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ncs.ini @@ -0,0 +1,28 @@ +# Defines configuration options specific to the Tail-f NCS Mechanism Driver + +[ml2_ncs] +# (StrOpt) Tail-f NCS HTTP endpoint for REST access to the OpenStack +# subtree. +# If this is not set then no HTTP requests will be made. +# +# url = +# Example: url = http://ncs/api/running/services/openstack + +# (StrOpt) Username for HTTP basic authentication to NCS. +# This is an optional parameter. If unspecified then no authentication is used. +# +# username = +# Example: username = admin + +# (StrOpt) Password for HTTP basic authentication to NCS. +# This is an optional parameter. If unspecified then no authentication is used. +# +# password = +# Example: password = admin + +# (IntOpt) Timeout in seconds to wait for NCS HTTP request completion. +# This is an optional parameter, default value is 10 seconds. +# +# timeout = +# Example: timeout = 15 + diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_odl.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_odl.ini new file mode 100644 index 00000000..9e88c1bb --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_odl.ini @@ -0,0 +1,30 @@ +# Configuration for the OpenDaylight MechanismDriver + +[ml2_odl] +# (StrOpt) OpenDaylight REST URL +# If this is not set then no HTTP requests will be made. +# +# url = +# Example: url = http://192.168.56.1:8080/controller/nb/v2/neutron + +# (StrOpt) Username for HTTP basic authentication to ODL. +# +# username = +# Example: username = admin + +# (StrOpt) Password for HTTP basic authentication to ODL. +# +# password = +# Example: password = admin + +# (IntOpt) Timeout in seconds to wait for ODL HTTP request completion. +# This is an optional parameter, default value is 10 seconds. +# +# timeout = 10 +# Example: timeout = 15 + +# (IntOpt) Timeout in minutes to wait for a Tomcat session timeout. +# This is an optional parameter, default value is 30 minutes. +# +# session_timeout = 30 +# Example: session_timeout = 60 diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ofa.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ofa.ini new file mode 100644 index 00000000..4a94b987 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_ofa.ini @@ -0,0 +1,13 @@ +# Defines configuration options specific to the OpenFlow Agent Mechanism Driver + +[ovs] +# Please refer to configuration options to the OpenvSwitch + +[agent] +# (IntOpt) Number of seconds to retry acquiring an Open vSwitch datapath. +# This is an optional parameter, default value is 60 seconds. +# +# get_datapath_retry_times = +# Example: get_datapath_retry_times = 30 + +# Please refer to configuration options to the OpenvSwitch else the above. diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_sriov.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_sriov.ini new file mode 100644 index 00000000..9566f54c --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf_sriov.ini @@ -0,0 +1,31 @@ +# Defines configuration options for SRIOV NIC Switch MechanismDriver +# and Agent + +[ml2_sriov] +# (ListOpt) Comma-separated list of +# supported Vendor PCI Devices, in format vendor_id:product_id +# +# supported_pci_vendor_devs = 15b3:1004, 8086:10c9 +# Example: supported_pci_vendor_devs = 15b3:1004 +# +# (BoolOpt) Requires running SRIOV neutron agent for port binding +# agent_required = True + +[sriov_nic] +# (ListOpt) Comma-separated list of : +# tuples mapping physical network names to the agent's node-specific +# physical network device interfaces of SR-IOV physical function to be used +# for VLAN networks. All physical networks listed in network_vlan_ranges on +# the server should have mappings to appropriate interfaces on each agent. +# +# physical_device_mappings = +# Example: physical_device_mappings = physnet1:eth1 +# +# (ListOpt) Comma-separated list of : +# tuples, mapping network_device to the agent's node-specific list of virtual +# functions that should not be used for virtual networking. +# vfs_to_exclude is a semicolon-separated list of virtual +# functions to exclude from network_device. The network_device in the +# mapping should appear in the physical_device_mappings list. +# exclude_devices = +# Example: exclude_devices = eth1:0000:07:00.2; 0000:07:00.3 diff --git a/openstack/usr/share/openstack/neutron/plugins/mlnx/mlnx_conf.ini b/openstack/usr/share/openstack/neutron/plugins/mlnx/mlnx_conf.ini new file mode 100644 index 00000000..b1225111 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/mlnx/mlnx_conf.ini @@ -0,0 +1,79 @@ +[mlnx] +# (StrOpt) Type of network to allocate for tenant networks. The +# default value is 'vlan' You MUST configure network_vlan_ranges below +# in order for tenant networks to provide connectivity between hosts. +# Set to 'none' to disable creation of tenant networks. +# +# tenant_network_type = vlan +# Example: tenant_network_type = vlan + +# (ListOpt) Comma-separated list of +# [::] tuples enumerating ranges +# of VLAN IDs on named physical networks that are available for +# allocation. All physical networks listed are available for flat and +# VLAN provider network creation. Specified ranges of VLAN IDs are +# available for tenant network allocation if tenant_network_type is +# 'vlan'. If empty, only local networks may be created. +# +# network_vlan_ranges = +# Example: network_vlan_ranges = default:1:100 + +# (ListOpt) Comma-separated list of +# : tuples mapping physical +# network names to physical network types. All physical +# networks listed in network_vlan_ranges should have +# mappings to appropriate physical network type. +# Type of the physical network can be either eth (Ethernet) or +# ib (InfiniBand). If empty, physical network eth type is assumed. +# +# physical_network_type_mappings = +# Example: physical_network_type_mappings = default:eth + +# (StrOpt) Type of the physical network, can be either 'eth' or 'ib' +# The default value is 'eth' +# physical_network_type = eth + +[eswitch] +# (ListOpt) Comma-separated list of +# : tuples mapping physical +# network names to the agent's node-specific physical network +# interfaces to be used for flat and VLAN networks. All physical +# networks listed in network_vlan_ranges on the server should have +# mappings to appropriate interfaces on each agent. +# +# physical_interface_mappings = +# Example: physical_interface_mappings = default:eth2 + +# (StrOpt) Type of Network Interface to allocate for VM: +# direct or hosdev according to libvirt terminology +# vnic_type = mlnx_direct + +# (StrOpt) Eswitch daemon end point connection url +# daemon_endpoint = 'tcp://127.0.0.1:60001' + +# The number of milliseconds the agent will wait for +# response on request to daemon +# request_timeout = 3000 + +# The number of retries the agent will send request +# to daemon before giving up +# retries = 3 + +# The backoff rate multiplier for waiting period between retries +# on request to daemon, i.e. value of 2 will double +# the request timeout each retry +# backoff_rate = 2 + +[agent] +# Agent's polling interval in seconds +# polling_interval = 2 + +# (BoolOpt) Enable server RPC compatibility with old (pre-havana) +# agents. +# +# rpc_support_old_agents = False + +[securitygroup] +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True diff --git a/openstack/usr/share/openstack/neutron/plugins/nec/nec.ini b/openstack/usr/share/openstack/neutron/plugins/nec/nec.ini new file mode 100644 index 00000000..aa4171da --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/nec/nec.ini @@ -0,0 +1,60 @@ +# Sample Configurations + +[ovs] +# Do not change this parameter unless you have a good reason to. +# This is the name of the OVS integration bridge. There is one per hypervisor. +# The integration bridge acts as a virtual "patch port". All VM VIFs are +# attached to this bridge and then "patched" according to their network +# connectivity. +# integration_bridge = br-int + +[agent] +# Agent's polling interval in seconds +# polling_interval = 2 + +[securitygroup] +# Firewall driver for realizing neutron security group function +firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver + +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True + +[ofc] +# Specify OpenFlow Controller Host, Port and Driver to connect. +# host = 127.0.0.1 +# port = 8888 + +# Base URL of OpenFlow Controller REST API. +# It is prepended to a path of each API request. +# path_prefix = + +# Drivers are in neutron/plugins/nec/drivers/ . +# driver = trema + +# PacketFilter is available when it's enabled in this configuration +# and supported by the driver. +# enable_packet_filter = true + +# Use SSL to connect +# use_ssl = false + +# Key file +# key_file = + +# Certificate file +# cert_file = + +# Disable SSL certificate verification +# insecure_ssl = false + +# Maximum attempts per OFC API request. NEC plugin retries +# API request to OFC when OFC returns ServiceUnavailable (503). +# The value must be greater than 0. +# api_max_attempts = 3 + +[provider] +# Default router provider to use. +# default_router_provider = l3-agent +# List of enabled router providers. +# router_providers = l3-agent,openflow diff --git a/openstack/usr/share/openstack/neutron/plugins/nuage/nuage_plugin.ini b/openstack/usr/share/openstack/neutron/plugins/nuage/nuage_plugin.ini new file mode 100644 index 00000000..aad37bd5 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/nuage/nuage_plugin.ini @@ -0,0 +1,41 @@ +# Please fill in the correct data for all the keys below and uncomment key-value pairs +[restproxy] +# (StrOpt) Default Network partition in which VSD will +# orchestrate network resources using openstack +# +#default_net_partition_name = + +# (StrOpt) Nuage provided uri for initial authorization to +# access VSD +# +#auth_resource = /auth + +# (StrOpt) IP Address and Port of VSD +# +#server = ip:port + +# (StrOpt) Organization name in which VSD will orchestrate +# network resources using openstack +# +#organization = org + +# (StrOpt) Username and password of VSD for authentication +# +#serverauth = uname:pass + +# (BoolOpt) Boolean for SSL connection with VSD server +# +#serverssl = True + +# (StrOpt) Nuage provided base uri to reach out to VSD +# +#base_uri = /base + +[syncmanager] +# (BoolOpt) Boolean to enable sync between openstack and VSD +# +#enable_sync = False + +# (IntOpt) Sync interval in seconds between openstack and VSD +# +#sync_interval = 0 \ No newline at end of file diff --git a/openstack/usr/share/openstack/neutron/plugins/oneconvergence/nvsdplugin.ini b/openstack/usr/share/openstack/neutron/plugins/oneconvergence/nvsdplugin.ini new file mode 100644 index 00000000..a1c05d97 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/oneconvergence/nvsdplugin.ini @@ -0,0 +1,35 @@ +[nvsd] +# Configure the NVSD controller. The plugin proxies the api calls using +# to NVSD controller which implements the required functionality. + +# IP address of NVSD controller api server +# nvsd_ip = + +# Port number of NVSD controller api server +# nvsd_port = 8082 + +# Authentication credentials to access the api server +# nvsd_user = +# nvsd_passwd = + +# API request timeout in seconds +# request_timeout = + +# Maximum number of retry attempts to login to the NVSD controller +# Specify 0 to retry until success (default) +# nvsd_retries = 0 + +[securitygroup] +# Specify firewall_driver option, if neutron security groups are disabled, +# then NoopFirewallDriver otherwise OVSHybridIptablesFirewallDriver. +# firewall_driver = neutron.agent.firewall.NoopFirewallDriver + +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True + +[agent] +# root_helper = sudo /usr/local/bin/neutron-rootwrap /etc/neutron/rootwrap.conf + +[database] +# connection = mysql://root:@127.0.0.1/?charset=utf8 diff --git a/openstack/usr/share/openstack/neutron/plugins/opencontrail/contrailplugin.ini b/openstack/usr/share/openstack/neutron/plugins/opencontrail/contrailplugin.ini new file mode 100644 index 00000000..629f1fc4 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/opencontrail/contrailplugin.ini @@ -0,0 +1,26 @@ +# OpenContrail is an Apache 2.0-licensed project that is built using +# standards-based protocols and provides all the necessary components for +# network virtualization–SDN controller, virtual router, analytics engine, +# and published northbound APIs +# For more information visit: http://opencontrail.org + +# Opencontrail plugin specific configuration +[CONTRAIL] +# (StrOpt) IP address to connect to opencontrail controller. +# Uncomment this line for specifying the IP address of the opencontrail +# Api-Server. +# Default value is local host(127.0.0.1). +# api_server_ip='127.0.0.1' + +# (IntOpt) port to connect to opencontrail controller. +# Uncomment this line for the specifying the Port of the opencontrail +# Api-Server. +# Default value is 8082 +# api_server_port=8082 + +# (DictOpt) enable opencontrail extensions +# Opencontrail in future would support extension such as ipam, policy, +# these extensions can be configured as shown below. Plugin will then +# load the specified extensions. +# Default value is None, it wont load any extension +# contrail_extensions=ipam:,policy: diff --git a/openstack/usr/share/openstack/neutron/plugins/openvswitch/ovs_neutron_plugin.ini b/openstack/usr/share/openstack/neutron/plugins/openvswitch/ovs_neutron_plugin.ini new file mode 100644 index 00000000..9c8e6b58 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/openvswitch/ovs_neutron_plugin.ini @@ -0,0 +1,190 @@ +[ovs] +# (StrOpt) Type of network to allocate for tenant networks. The +# default value 'local' is useful only for single-box testing and +# provides no connectivity between hosts. You MUST either change this +# to 'vlan' and configure network_vlan_ranges below or change this to +# 'gre' or 'vxlan' and configure tunnel_id_ranges below in order for +# tenant networks to provide connectivity between hosts. Set to 'none' +# to disable creation of tenant networks. +# +# tenant_network_type = local +# Example: tenant_network_type = gre +# Example: tenant_network_type = vxlan + +# (ListOpt) Comma-separated list of +# [::] tuples enumerating ranges +# of VLAN IDs on named physical networks that are available for +# allocation. All physical networks listed are available for flat and +# VLAN provider network creation. Specified ranges of VLAN IDs are +# available for tenant network allocation if tenant_network_type is +# 'vlan'. If empty, only gre, vxlan and local networks may be created. +# +# network_vlan_ranges = +# Example: network_vlan_ranges = physnet1:1000:2999 + +# (BoolOpt) Set to True in the server and the agents to enable support +# for GRE or VXLAN networks. Requires kernel support for OVS patch ports and +# GRE or VXLAN tunneling. +# +# WARNING: This option will be deprecated in the Icehouse release, at which +# point setting tunnel_type below will be required to enable +# tunneling. +# +# enable_tunneling = False + +# (StrOpt) The type of tunnel network, if any, supported by the plugin. If +# this is set, it will cause tunneling to be enabled. If this is not set and +# the option enable_tunneling is set, this will default to 'gre'. +# +# tunnel_type = +# Example: tunnel_type = gre +# Example: tunnel_type = vxlan + +# (ListOpt) Comma-separated list of : tuples +# enumerating ranges of GRE or VXLAN tunnel IDs that are available for +# tenant network allocation if tenant_network_type is 'gre' or 'vxlan'. +# +# tunnel_id_ranges = +# Example: tunnel_id_ranges = 1:1000 + +# Do not change this parameter unless you have a good reason to. +# This is the name of the OVS integration bridge. There is one per hypervisor. +# The integration bridge acts as a virtual "patch bay". All VM VIFs are +# attached to this bridge and then "patched" according to their network +# connectivity. +# +# integration_bridge = br-int + +# Only used for the agent if tunnel_id_ranges (above) is not empty for +# the server. In most cases, the default value should be fine. +# +# tunnel_bridge = br-tun + +# Peer patch port in integration bridge for tunnel bridge +# int_peer_patch_port = patch-tun + +# Peer patch port in tunnel bridge for integration bridge +# tun_peer_patch_port = patch-int + +# Uncomment this line for the agent if tunnel_id_ranges (above) is not +# empty for the server. Set local-ip to be the local IP address of +# this hypervisor. +# +# local_ip = + +# (ListOpt) Comma-separated list of : tuples +# mapping physical network names to the agent's node-specific OVS +# bridge names to be used for flat and VLAN networks. The length of +# bridge names should be no more than 11. Each bridge must +# exist, and should have a physical network interface configured as a +# port. All physical networks listed in network_vlan_ranges on the +# server should have mappings to appropriate bridges on each agent. +# +# bridge_mappings = +# Example: bridge_mappings = physnet1:br-eth1 + +# (BoolOpt) Use veths instead of patch ports to interconnect the integration +# bridge to physical networks. Support kernel without ovs patch port support +# so long as it is set to True. +# use_veth_interconnection = False + +[agent] +# Agent's polling interval in seconds +# polling_interval = 2 + +# Minimize polling by monitoring ovsdb for interface changes +# minimize_polling = True + +# When minimize_polling = True, the number of seconds to wait before +# respawning the ovsdb monitor after losing communication with it +# ovsdb_monitor_respawn_interval = 30 + +# (ListOpt) The types of tenant network tunnels supported by the agent. +# Setting this will enable tunneling support in the agent. This can be set to +# either 'gre' or 'vxlan'. If this is unset, it will default to [] and +# disable tunneling support in the agent. When running the agent with the OVS +# plugin, this value must be the same as "tunnel_type" in the "[ovs]" section. +# When running the agent with ML2, you can specify as many values here as +# your compute hosts supports. +# +# tunnel_types = +# Example: tunnel_types = gre +# Example: tunnel_types = vxlan +# Example: tunnel_types = vxlan, gre + +# (IntOpt) The port number to utilize if tunnel_types includes 'vxlan'. By +# default, this will make use of the Open vSwitch default value of '4789' if +# not specified. +# +# vxlan_udp_port = +# Example: vxlan_udp_port = 8472 + +# (IntOpt) This is the MTU size of veth interfaces. +# Do not change unless you have a good reason to. +# The default MTU size of veth interfaces is 1500. +# This option has no effect if use_veth_interconnection is False +# veth_mtu = +# Example: veth_mtu = 1504 + +# (BoolOpt) Flag to enable l2-population extension. This option should only be +# used in conjunction with ml2 plugin and l2population mechanism driver. It'll +# enable plugin to populate remote ports macs and IPs (using fdb_add/remove +# RPC calbbacks instead of tunnel_sync/update) on OVS agents in order to +# optimize tunnel management. +# +# l2_population = False + +# Enable local ARP responder. Requires OVS 2.1. This is only used by the l2 +# population ML2 MechanismDriver. +# +# arp_responder = False + +# (BoolOpt) Set or un-set the don't fragment (DF) bit on outgoing IP packet +# carrying GRE/VXLAN tunnel. The default value is True. +# +# dont_fragment = True + +# (BoolOpt) Set to True on L2 agents to enable support +# for distributed virtual routing. +# +# enable_distributed_routing = False + +[securitygroup] +# Firewall driver for realizing neutron security group function. +# firewall_driver = neutron.agent.firewall.NoopFirewallDriver +# Example: firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver + +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True + +#----------------------------------------------------------------------------- +# Sample Configurations. +#----------------------------------------------------------------------------- +# +# 1. With VLANs on eth1. +# [ovs] +# network_vlan_ranges = default:2000:3999 +# tunnel_id_ranges = +# integration_bridge = br-int +# bridge_mappings = default:br-eth1 +# +# 2. With GRE tunneling. +# [ovs] +# network_vlan_ranges = +# tunnel_id_ranges = 1:1000 +# integration_bridge = br-int +# tunnel_bridge = br-tun +# local_ip = 10.0.0.3 +# +# 3. With VXLAN tunneling. +# [ovs] +# network_vlan_ranges = +# tenant_network_type = vxlan +# tunnel_type = vxlan +# tunnel_id_ranges = 1:1000 +# integration_bridge = br-int +# tunnel_bridge = br-tun +# local_ip = 10.0.0.3 +# [agent] +# tunnel_types = vxlan diff --git a/openstack/usr/share/openstack/neutron/plugins/plumgrid/plumgrid.ini b/openstack/usr/share/openstack/neutron/plugins/plumgrid/plumgrid.ini new file mode 100644 index 00000000..bfe8062a --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/plumgrid/plumgrid.ini @@ -0,0 +1,14 @@ +# Config file for Neutron PLUMgrid Plugin + +[plumgriddirector] +# This line should be pointing to the PLUMgrid Director, +# for the PLUMgrid platform. +# director_server= +# director_server_port= +# Authentification parameters for the Director. +# These are the admin credentials to manage and control +# the PLUMgrid Director server. +# username= +# password= +# servertimeout=5 +# driver= diff --git a/openstack/usr/share/openstack/neutron/plugins/ryu/ryu.ini b/openstack/usr/share/openstack/neutron/plugins/ryu/ryu.ini new file mode 100644 index 00000000..9d9cfa25 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/ryu/ryu.ini @@ -0,0 +1,44 @@ +[ovs] +# integration_bridge = br-int + +# openflow_rest_api = : +# openflow_rest_api = 127.0.0.1:8080 + +# tunnel key range: 0 < tunnel_key_min < tunnel_key_max +# VLAN: 12bits, GRE, VXLAN: 24bits +# tunnel_key_min = 1 +# tunnel_key_max = 0xffffff + +# tunnel_ip = +# tunnel_interface = interface for tunneling +# when tunnel_ip is NOT specified, ip address is read +# from this interface +# tunnel_ip = +# tunnel_interface = +tunnel_interface = eth0 + +# ovsdb_port = port number on which ovsdb is listening +# ryu-agent uses this parameter to setup ovsdb. +# ovs-vsctl set-manager ptcp: +# See set-manager section of man ovs-vsctl for details. +# currently ptcp is only supported. +# ovsdb_ip = +# ovsdb_interface = interface for ovsdb +# when ovsdb_addr NOT specifiied, ip address is gotten +# from this interface +# ovsdb_port = 6634 +# ovsdb_ip = +# ovsdb_interface = +ovsdb_interface = eth0 + +[securitygroup] +# Firewall driver for realizing neutron security group function +# firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver + +# Controls if neutron security group is enabled or not. +# It should be false when you use nova security group. +# enable_security_group = True + +[agent] +# Agent's polling interval in seconds +# polling_interval = 2 diff --git a/openstack/usr/share/openstack/neutron/plugins/vmware/nsx.ini b/openstack/usr/share/openstack/neutron/plugins/vmware/nsx.ini new file mode 100644 index 00000000..baca73b8 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/plugins/vmware/nsx.ini @@ -0,0 +1,200 @@ +[DEFAULT] +# User name for NSX controller +# nsx_user = admin + +# Password for NSX controller +# nsx_password = admin + +# Time before aborting a request on an unresponsive controller (Seconds) +# http_timeout = 75 + +# Maximum number of times a particular request should be retried +# retries = 2 + +# Maximum number of times a redirect response should be followed +# redirects = 2 + +# Comma-separated list of NSX controller endpoints (:). When port +# is omitted, 443 is assumed. This option MUST be specified, e.g.: +# nsx_controllers = xx.yy.zz.ww:443, aa.bb.cc.dd, ee.ff.gg.hh.ee:80 + +# UUID of the pre-existing default NSX Transport zone to be used for creating +# tunneled isolated "Neutron" networks. This option MUST be specified, e.g.: +# default_tz_uuid = 1e8e52cf-fa7f-46b0-a14a-f99835a9cb53 + +# (Optional) UUID for the default l3 gateway service to use with this cluster. +# To be specified if planning to use logical routers with external gateways. +# default_l3_gw_service_uuid = + +# (Optional) UUID for the default l2 gateway service to use with this cluster. +# To be specified for providing a predefined gateway tenant for connecting their networks. +# default_l2_gw_service_uuid = + +# (Optional) UUID for the default service cluster. A service cluster is introduced to +# represent a group of gateways and it is needed in order to use Logical Services like +# dhcp and metadata in the logical space. NOTE: If agent_mode is set to 'agentless' this +# config parameter *MUST BE* set to a valid pre-existent service cluster uuid. +# default_service_cluster_uuid = + +# Name of the default interface name to be used on network-gateway. This value +# will be used for any device associated with a network gateway for which an +# interface name was not specified +# default_interface_name = breth0 + +[quotas] +# number of network gateways allowed per tenant, -1 means unlimited +# quota_network_gateway = 5 + +[vcns] +# URL for VCNS manager +# manager_uri = https://management_ip + +# User name for VCNS manager +# user = admin + +# Password for VCNS manager +# password = default + +# (Optional) Datacenter ID for Edge deployment +# datacenter_moid = + +# (Optional) Deployment Container ID for NSX Edge deployment +# If not specified, either a default global container will be used, or +# the resource pool and datastore specified below will be used +# deployment_container_id = + +# (Optional) Resource pool ID for NSX Edge deployment +# resource_pool_id = + +# (Optional) Datastore ID for NSX Edge deployment +# datastore_id = + +# (Required) UUID of logic switch for physical network connectivity +# external_network = + +# (Optional) Asynchronous task status check interval +# default is 2000 (millisecond) +# task_status_check_interval = 2000 + +[nsx] +# Maximum number of ports for each bridged logical switch +# The recommended value for this parameter varies with NSX version +# Please use: +# NSX 2.x -> 64 +# NSX 3.0, 3.1 -> 5000 +# NSX 3.2 -> 10000 +# max_lp_per_bridged_ls = 5000 + +# Maximum number of ports for each overlay (stt, gre) logical switch +# max_lp_per_overlay_ls = 256 + +# Number of connections to each controller node. +# default is 10 +# concurrent_connections = 10 + +# Number of seconds a generation id should be valid for (default -1 meaning do not time out) +# nsx_gen_timeout = -1 + +# Acceptable values for 'metadata_mode' are: +# - 'access_network': this enables a dedicated connection to the metadata +# proxy for metadata server access via Neutron router. +# - 'dhcp_host_route': this enables host route injection via the dhcp agent. +# This option is only useful if running on a host that does not support +# namespaces otherwise access_network should be used. +# metadata_mode = access_network + +# The default network transport type to use (stt, gre, bridge, ipsec_gre, or ipsec_stt) +# default_transport_type = stt + +# Specifies in which mode the plugin needs to operate in order to provide DHCP and +# metadata proxy services to tenant instances. If 'agent' is chosen (default) +# the NSX plugin relies on external RPC agents (i.e. dhcp and metadata agents) to +# provide such services. In this mode, the plugin supports API extensions 'agent' +# and 'dhcp_agent_scheduler'. If 'agentless' is chosen (experimental in Icehouse), +# the plugin will use NSX logical services for DHCP and metadata proxy. This +# simplifies the deployment model for Neutron, in that the plugin no longer requires +# the RPC agents to operate. When 'agentless' is chosen, the config option metadata_mode +# becomes ineffective. The 'agentless' mode is supported from NSX 4.2 or above. +# Furthermore, a 'combined' mode is also provided and is used to support existing +# deployments that want to adopt the agentless mode going forward. With this mode, +# existing networks keep being served by the existing infrastructure (thus preserving +# backward compatibility, whereas new networks will be served by the new infrastructure. +# Migration tools are provided to 'move' one network from one model to another; with +# agent_mode set to 'combined', option 'network_auto_schedule' in neutron.conf is +# ignored, as new networks will no longer be scheduled to existing dhcp agents. +# agent_mode = agent + +# Specifies which mode packet replication should be done in. If set to service +# a service node is required in order to perform packet replication. This can +# also be set to source if one wants replication to be performed locally (NOTE: +# usually only useful for testing if one does not want to deploy a service node). +# In order to leverage distributed routers, replication_mode should be set to +# "service". +# replication_mode = service + +[nsx_sync] +# Interval in seconds between runs of the status synchronization task. +# The plugin will aim at resynchronizing operational status for all +# resources in this interval, and it should be therefore large enough +# to ensure the task is feasible. Otherwise the plugin will be +# constantly synchronizing resource status, ie: a new task is started +# as soon as the previous is completed. +# If this value is set to 0, the state synchronization thread for this +# Neutron instance will be disabled. +# state_sync_interval = 10 + +# Random additional delay between two runs of the state synchronization task. +# An additional wait time between 0 and max_random_sync_delay seconds +# will be added on top of state_sync_interval. +# max_random_sync_delay = 0 + +# Minimum delay, in seconds, between two status synchronization requests for NSX. +# Depending on chunk size, controller load, and other factors, state +# synchronization requests might be pretty heavy. This means the +# controller might take time to respond, and its load might be quite +# increased by them. This parameter allows to specify a minimum +# interval between two subsequent requests. +# The value for this parameter must never exceed state_sync_interval. +# If this does, an error will be raised at startup. +# min_sync_req_delay = 1 + +# Minimum number of resources to be retrieved from NSX in a single status +# synchronization request. +# The actual size of the chunk will increase if the number of resources is such +# that using the minimum chunk size will cause the interval between two +# requests to be less than min_sync_req_delay +# min_chunk_size = 500 + +# Enable this option to allow punctual state synchronization on show +# operations. In this way, show operations will always fetch the operational +# status of the resource from the NSX backend, and this might have +# a considerable impact on overall performance. +# always_read_status = False + +[nsx_lsn] +# Pull LSN information from NSX in case it is missing from the local +# data store. This is useful to rebuild the local store in case of +# server recovery +# sync_on_missing_data = False + +[nsx_dhcp] +# (Optional) Comma separated list of additional dns servers. Default is an empty list +# extra_domain_name_servers = + +# Domain to use for building the hostnames +# domain_name = openstacklocal + +# Default DHCP lease time +# default_lease_time = 43200 + +[nsx_metadata] +# IP address used by Metadata server +# metadata_server_address = 127.0.0.1 + +# TCP Port used by Metadata server +# metadata_server_port = 8775 + +# When proxying metadata requests, Neutron signs the Instance-ID header with a +# shared secret to prevent spoofing. You may select any string for a secret, +# but it MUST match with the configuration used by the Metadata server +# metadata_shared_secret = diff --git a/openstack/usr/share/openstack/neutron/policy.json b/openstack/usr/share/openstack/neutron/policy.json new file mode 100644 index 00000000..e7db4357 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/policy.json @@ -0,0 +1,138 @@ +{ + "context_is_admin": "role:admin", + "admin_or_owner": "rule:context_is_admin or tenant_id:%(tenant_id)s", + "admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s", + "admin_only": "rule:context_is_admin", + "regular_user": "", + "shared": "field:networks:shared=True", + "shared_firewalls": "field:firewalls:shared=True", + "external": "field:networks:router:external=True", + "default": "rule:admin_or_owner", + + "create_subnet": "rule:admin_or_network_owner", + "get_subnet": "rule:admin_or_owner or rule:shared", + "update_subnet": "rule:admin_or_network_owner", + "delete_subnet": "rule:admin_or_network_owner", + + "create_network": "", + "get_network": "rule:admin_or_owner or rule:shared or rule:external", + "get_network:router:external": "rule:regular_user", + "get_network:segments": "rule:admin_only", + "get_network:provider:network_type": "rule:admin_only", + "get_network:provider:physical_network": "rule:admin_only", + "get_network:provider:segmentation_id": "rule:admin_only", + "get_network:queue_id": "rule:admin_only", + "create_network:shared": "rule:admin_only", + "create_network:router:external": "rule:admin_only", + "create_network:segments": "rule:admin_only", + "create_network:provider:network_type": "rule:admin_only", + "create_network:provider:physical_network": "rule:admin_only", + "create_network:provider:segmentation_id": "rule:admin_only", + "update_network": "rule:admin_or_owner", + "update_network:segments": "rule:admin_only", + "update_network:shared": "rule:admin_only", + "update_network:provider:network_type": "rule:admin_only", + "update_network:provider:physical_network": "rule:admin_only", + "update_network:provider:segmentation_id": "rule:admin_only", + "update_network:router:external": "rule:admin_only", + "delete_network": "rule:admin_or_owner", + + "create_port": "", + "create_port:mac_address": "rule:admin_or_network_owner", + "create_port:fixed_ips": "rule:admin_or_network_owner", + "create_port:port_security_enabled": "rule:admin_or_network_owner", + "create_port:binding:host_id": "rule:admin_only", + "create_port:binding:profile": "rule:admin_only", + "create_port:mac_learning_enabled": "rule:admin_or_network_owner", + "get_port": "rule:admin_or_owner", + "get_port:queue_id": "rule:admin_only", + "get_port:binding:vif_type": "rule:admin_only", + "get_port:binding:vif_details": "rule:admin_only", + "get_port:binding:host_id": "rule:admin_only", + "get_port:binding:profile": "rule:admin_only", + "update_port": "rule:admin_or_owner", + "update_port:fixed_ips": "rule:admin_or_network_owner", + "update_port:port_security_enabled": "rule:admin_or_network_owner", + "update_port:binding:host_id": "rule:admin_only", + "update_port:binding:profile": "rule:admin_only", + "update_port:mac_learning_enabled": "rule:admin_or_network_owner", + "delete_port": "rule:admin_or_owner", + + "get_router:ha": "rule:admin_only", + "create_router": "rule:regular_user", + "create_router:external_gateway_info:enable_snat": "rule:admin_only", + "create_router:distributed": "rule:admin_only", + "create_router:ha": "rule:admin_only", + "get_router": "rule:admin_or_owner", + "get_router:distributed": "rule:admin_only", + "update_router:external_gateway_info:enable_snat": "rule:admin_only", + "update_router:distributed": "rule:admin_only", + "update_router:ha": "rule:admin_only", + "delete_router": "rule:admin_or_owner", + + "add_router_interface": "rule:admin_or_owner", + "remove_router_interface": "rule:admin_or_owner", + + "create_firewall": "", + "get_firewall": "rule:admin_or_owner", + "create_firewall:shared": "rule:admin_only", + "get_firewall:shared": "rule:admin_only", + "update_firewall": "rule:admin_or_owner", + "update_firewall:shared": "rule:admin_only", + "delete_firewall": "rule:admin_or_owner", + + "create_firewall_policy": "", + "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewalls", + "create_firewall_policy:shared": "rule:admin_or_owner", + "update_firewall_policy": "rule:admin_or_owner", + "delete_firewall_policy": "rule:admin_or_owner", + + "create_firewall_rule": "", + "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls", + "update_firewall_rule": "rule:admin_or_owner", + "delete_firewall_rule": "rule:admin_or_owner", + + "create_qos_queue": "rule:admin_only", + "get_qos_queue": "rule:admin_only", + + "update_agent": "rule:admin_only", + "delete_agent": "rule:admin_only", + "get_agent": "rule:admin_only", + + "create_dhcp-network": "rule:admin_only", + "delete_dhcp-network": "rule:admin_only", + "get_dhcp-networks": "rule:admin_only", + "create_l3-router": "rule:admin_only", + "delete_l3-router": "rule:admin_only", + "get_l3-routers": "rule:admin_only", + "get_dhcp-agents": "rule:admin_only", + "get_l3-agents": "rule:admin_only", + "get_loadbalancer-agent": "rule:admin_only", + "get_loadbalancer-pools": "rule:admin_only", + + "create_floatingip": "rule:regular_user", + "update_floatingip": "rule:admin_or_owner", + "delete_floatingip": "rule:admin_or_owner", + "get_floatingip": "rule:admin_or_owner", + + "create_network_profile": "rule:admin_only", + "update_network_profile": "rule:admin_only", + "delete_network_profile": "rule:admin_only", + "get_network_profiles": "", + "get_network_profile": "", + "update_policy_profiles": "rule:admin_only", + "get_policy_profiles": "", + "get_policy_profile": "", + + "create_metering_label": "rule:admin_only", + "delete_metering_label": "rule:admin_only", + "get_metering_label": "rule:admin_only", + + "create_metering_label_rule": "rule:admin_only", + "delete_metering_label_rule": "rule:admin_only", + "get_metering_label_rule": "rule:admin_only", + + "get_service_provider": "rule:regular_user", + "get_lsn": "rule:admin_only", + "create_lsn": "rule:admin_only" +} diff --git a/openstack/usr/share/openstack/neutron/vpn_agent.ini b/openstack/usr/share/openstack/neutron/vpn_agent.ini new file mode 100644 index 00000000..c3089df9 --- /dev/null +++ b/openstack/usr/share/openstack/neutron/vpn_agent.ini @@ -0,0 +1,14 @@ +[DEFAULT] +# VPN-Agent configuration file +# Note vpn-agent inherits l3-agent, so you can use configs on l3-agent also + +[vpnagent] +# vpn device drivers which vpn agent will use +# If we want to use multiple drivers, we need to define this option multiple times. +# vpn_device_driver=neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver +# vpn_device_driver=neutron.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver +# vpn_device_driver=another_driver + +[ipsec] +# Status check interval +# ipsec_status_check_interval=60 diff --git a/openstack/usr/share/openstack/nova/api-paste.ini b/openstack/usr/share/openstack/nova/api-paste.ini new file mode 100644 index 00000000..2a825a5b --- /dev/null +++ b/openstack/usr/share/openstack/nova/api-paste.ini @@ -0,0 +1,118 @@ +############ +# Metadata # +############ +[composite:metadata] +use = egg:Paste#urlmap +/: meta + +[pipeline:meta] +pipeline = ec2faultwrap logrequest metaapp + +[app:metaapp] +paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory + +####### +# EC2 # +####### + +[composite:ec2] +use = egg:Paste#urlmap +/services/Cloud: ec2cloud + +[composite:ec2cloud] +use = call:nova.api.auth:pipeline_factory +noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor +keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor + +[filter:ec2faultwrap] +paste.filter_factory = nova.api.ec2:FaultWrapper.factory + +[filter:logrequest] +paste.filter_factory = nova.api.ec2:RequestLogging.factory + +[filter:ec2lockout] +paste.filter_factory = nova.api.ec2:Lockout.factory + +[filter:ec2keystoneauth] +paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory + +[filter:ec2noauth] +paste.filter_factory = nova.api.ec2:NoAuth.factory + +[filter:cloudrequest] +controller = nova.api.ec2.cloud.CloudController +paste.filter_factory = nova.api.ec2:Requestify.factory + +[filter:authorizer] +paste.filter_factory = nova.api.ec2:Authorizer.factory + +[filter:validator] +paste.filter_factory = nova.api.ec2:Validator.factory + +[app:ec2executor] +paste.app_factory = nova.api.ec2:Executor.factory + +############# +# OpenStack # +############# + +[composite:osapi_compute] +use = call:nova.api.openstack.urlmap:urlmap_factory +/: oscomputeversions +/v1.1: openstack_compute_api_v2 +/v2: openstack_compute_api_v2 +/v3: openstack_compute_api_v3 + +[composite:openstack_compute_api_v2] +use = call:nova.api.auth:pipeline_factory +noauth = compute_req_id faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 +keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 +keystone_nolimit = compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 + +[composite:openstack_compute_api_v3] +use = call:nova.api.auth:pipeline_factory_v3 +noauth = request_id faultwrap sizelimit noauth_v3 osapi_compute_app_v3 +keystone = request_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v3 + +[filter:request_id] +paste.filter_factory = nova.openstack.common.middleware.request_id:RequestIdMiddleware.factory + +[filter:compute_req_id] +paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory + +[filter:faultwrap] +paste.filter_factory = nova.api.openstack:FaultWrapper.factory + +[filter:noauth] +paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory + +[filter:noauth_v3] +paste.filter_factory = nova.api.openstack.auth:NoAuthMiddlewareV3.factory + +[filter:ratelimit] +paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory + +[filter:sizelimit] +paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory + +[app:osapi_compute_app_v2] +paste.app_factory = nova.api.openstack.compute:APIRouter.factory + +[app:osapi_compute_app_v3] +paste.app_factory = nova.api.openstack.compute:APIRouterV3.factory + +[pipeline:oscomputeversions] +pipeline = faultwrap oscomputeversionapp + +[app:oscomputeversionapp] +paste.app_factory = nova.api.openstack.compute.versions:Versions.factory + +########## +# Shared # +########## + +[filter:keystonecontext] +paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory diff --git a/openstack/usr/share/openstack/nova/cells.json b/openstack/usr/share/openstack/nova/cells.json new file mode 100644 index 00000000..cc74930d --- /dev/null +++ b/openstack/usr/share/openstack/nova/cells.json @@ -0,0 +1,26 @@ +{ + "parent": { + "name": "parent", + "api_url": "http://api.example.com:8774", + "transport_url": "rabbit://rabbit.example.com", + "weight_offset": 0.0, + "weight_scale": 1.0, + "is_parent": true + }, + "cell1": { + "name": "cell1", + "api_url": "http://api.example.com:8774", + "transport_url": "rabbit://rabbit1.example.com", + "weight_offset": 0.0, + "weight_scale": 1.0, + "is_parent": false + }, + "cell2": { + "name": "cell2", + "api_url": "http://api.example.com:8774", + "transport_url": "rabbit://rabbit2.example.com", + "weight_offset": 0.0, + "weight_scale": 1.0, + "is_parent": false + } +} diff --git a/openstack/usr/share/openstack/nova/logging.conf b/openstack/usr/share/openstack/nova/logging.conf new file mode 100644 index 00000000..5482a040 --- /dev/null +++ b/openstack/usr/share/openstack/nova/logging.conf @@ -0,0 +1,81 @@ +[loggers] +keys = root, nova + +[handlers] +keys = stderr, stdout, watchedfile, syslog, null + +[formatters] +keys = context, default + +[logger_root] +level = WARNING +handlers = null + +[logger_nova] +level = INFO +handlers = stderr +qualname = nova + +[logger_amqp] +level = WARNING +handlers = stderr +qualname = amqp + +[logger_amqplib] +level = WARNING +handlers = stderr +qualname = amqplib + +[logger_sqlalchemy] +level = WARNING +handlers = stderr +qualname = sqlalchemy +# "level = INFO" logs SQL queries. +# "level = DEBUG" logs SQL queries and results. +# "level = WARNING" logs neither. (Recommended for production systems.) + +[logger_boto] +level = WARNING +handlers = stderr +qualname = boto + +[logger_suds] +level = INFO +handlers = stderr +qualname = suds + +[logger_eventletwsgi] +level = WARNING +handlers = stderr +qualname = eventlet.wsgi.server + +[handler_stderr] +class = StreamHandler +args = (sys.stderr,) +formatter = context + +[handler_stdout] +class = StreamHandler +args = (sys.stdout,) +formatter = context + +[handler_watchedfile] +class = handlers.WatchedFileHandler +args = ('nova.log',) +formatter = context + +[handler_syslog] +class = handlers.SysLogHandler +args = ('/dev/log', handlers.SysLogHandler.LOG_USER) +formatter = context + +[handler_null] +class = nova.openstack.common.log.NullHandler +formatter = default +args = () + +[formatter_context] +class = nova.openstack.common.log.ContextFormatter + +[formatter_default] +format = %(message)s diff --git a/openstack/usr/share/openstack/nova/nova.conf b/openstack/usr/share/openstack/nova/nova.conf new file mode 100644 index 00000000..abda2151 --- /dev/null +++ b/openstack/usr/share/openstack/nova/nova.conf @@ -0,0 +1,3805 @@ +[DEFAULT] + +# +# Options defined in oslo.messaging +# + +# Use durable queues in amqp. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in amqp. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# Qpid broker hostname. (string value) +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +#qpid_username= + +# Password for Qpid connection. (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth. +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats. (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer +# value) +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + +# SSL version to use (valid only if SSL enabled). valid values +# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some +# distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled). (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled). (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL +# enabled). (string value) +#kombu_ssl_ca_certs= + +# How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. (floating point value) +#kombu_reconnect_delay=1.0 + +# The RabbitMQ broker address where a single node is used. +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used. +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid. (string value) +#rabbit_userid=guest + +# The RabbitMQ password. (string value) +#rabbit_password=guest + +# the RabbitMQ login method (string value) +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ. (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + +# If passed, use a fake RabbitMQ provider. (boolean value) +#fake_rabbit=false + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve +# to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per +# topic. Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP +# address. Must match "host" option, if running Nova. (string +# value) +#rpc_zmq_host=nova + +# Seconds to wait before a cast expires (TTL). Only supported +# by impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of RPC greenthread pool. (integer value) +#rpc_thread_pool_size=64 + +# Driver or drivers to handle sending notifications. (multi +# valued) +#notification_driver= + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend +# option and driver specific configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other +# drivers include qpid and zmq. (string value) +#rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the +# transport_url option. (string value) +#control_exchange=openstack + + +# +# Options defined in nova.availability_zones +# + +# The availability_zone to show internal services under +# (string value) +#internal_service_availability_zone=internal + +# Default compute node availability_zone (string value) +#default_availability_zone=nova + + +# +# Options defined in nova.crypto +# + +# Filename of root CA (string value) +#ca_file=cacert.pem + +# Filename of private key (string value) +#key_file=private/cakey.pem + +# Filename of root Certificate Revocation List (string value) +#crl_file=crl.pem + +# Where we keep our keys (string value) +#keys_path=$state_path/keys + +# Where we keep our root CA (string value) +#ca_path=$state_path/CA + +# Should we use a CA for each project? (boolean value) +#use_project_ca=false + +# Subject for certificate for users, %s for project, user, +# timestamp (string value) +#user_cert_subject=/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=%.16s-%.16s-%s + +# Subject for certificate for projects, %s for project, +# timestamp (string value) +#project_cert_subject=/C=US/ST=California/O=OpenStack/OU=NovaDev/CN=project-ca-%.16s-%s + + +# +# Options defined in nova.exception +# + +# Make exception message format errors fatal (boolean value) +#fatal_exception_format_errors=false + + +# +# Options defined in nova.netconf +# + +# IP address of this host (string value) +#my_ip=10.0.0.1 + +# Name of this node. This can be an opaque identifier. It is +# not necessarily a hostname, FQDN, or IP address. However, +# the node name must be valid within an AMQP key, and if using +# ZeroMQ, a valid hostname, FQDN, or IP address (string value) +#host=nova + +# Use IPv6 (boolean value) +#use_ipv6=false + + +# +# Options defined in nova.notifications +# + +# If set, send compute.instance.update notifications on +# instance state changes. Valid values are None for no +# notifications, "vm_state" for notifications on VM state +# changes, or "vm_and_task_state" for notifications on VM and +# task state changes. (string value) +#notify_on_state_change= + +# If set, send api.fault notifications on caught exceptions in +# the API service. (boolean value) +#notify_api_faults=false + +# Default notification level for outgoing notifications +# (string value) +#default_notification_level=INFO + +# Default publisher_id for outgoing notifications (string +# value) +#default_publisher_id= + + +# +# Options defined in nova.paths +# + +# Directory where the nova python module is installed (string +# value) +#pybasedir=/usr/lib/python/site-packages + +# Directory where nova binaries are installed (string value) +#bindir=/usr/local/bin + +# Top-level directory for maintaining nova's state (string +# value) +#state_path=$pybasedir + + +# +# Options defined in nova.quota +# + +# Number of instances allowed per project (integer value) +#quota_instances=10 + +# Number of instance cores allowed per project (integer value) +#quota_cores=20 + +# Megabytes of instance RAM allowed per project (integer +# value) +#quota_ram=51200 + +# Number of floating IPs allowed per project (integer value) +#quota_floating_ips=10 + +# Number of fixed IPs allowed per project (this should be at +# least the number of instances allowed) (integer value) +#quota_fixed_ips=-1 + +# Number of metadata items allowed per instance (integer +# value) +#quota_metadata_items=128 + +# Number of injected files allowed (integer value) +#quota_injected_files=5 + +# Number of bytes allowed per injected file (integer value) +#quota_injected_file_content_bytes=10240 + +# Length of injected file path (integer value) +# Deprecated group/name - [DEFAULT]/quota_injected_file_path_bytes +#quota_injected_file_path_length=255 + +# Number of security groups per project (integer value) +#quota_security_groups=10 + +# Number of security rules per security group (integer value) +#quota_security_group_rules=20 + +# Number of key pairs per user (integer value) +#quota_key_pairs=100 + +# Number of server groups per project (integer value) +#quota_server_groups=10 + +# Number of servers per server group (integer value) +#quota_server_group_members=10 + +# Number of seconds until a reservation expires (integer +# value) +#reservation_expire=86400 + +# Count of reservations until usage is refreshed (integer +# value) +#until_refresh=0 + +# Number of seconds between subsequent usage refreshes +# (integer value) +#max_age=0 + +# Default driver to use for quota checks (string value) +#quota_driver=nova.quota.DbQuotaDriver + + +# +# Options defined in nova.service +# + +# Seconds between nodes reporting state to datastore (integer +# value) +#report_interval=10 + +# Enable periodic tasks (boolean value) +#periodic_enable=true + +# Range of seconds to randomly delay when starting the +# periodic task scheduler to reduce stampeding. (Disable by +# setting to 0) (integer value) +#periodic_fuzzy_delay=60 + +# A list of APIs to enable by default (list value) +#enabled_apis=ec2,osapi_compute,metadata + +# A list of APIs with enabled SSL (list value) +#enabled_ssl_apis= + +# The IP address on which the EC2 API will listen. (string +# value) +#ec2_listen=0.0.0.0 + +# The port on which the EC2 API will listen. (integer value) +#ec2_listen_port=8773 + +# Number of workers for EC2 API service. The default will be +# equal to the number of CPUs available. (integer value) +#ec2_workers= + +# The IP address on which the OpenStack API will listen. +# (string value) +#osapi_compute_listen=0.0.0.0 + +# The port on which the OpenStack API will listen. (integer +# value) +#osapi_compute_listen_port=8774 + +# Number of workers for OpenStack API service. The default +# will be the number of CPUs available. (integer value) +#osapi_compute_workers= + +# OpenStack metadata service manager (string value) +#metadata_manager=nova.api.manager.MetadataManager + +# The IP address on which the metadata API will listen. +# (string value) +#metadata_listen=0.0.0.0 + +# The port on which the metadata API will listen. (integer +# value) +#metadata_listen_port=8775 + +# Number of workers for metadata service. The default will be +# the number of CPUs available. (integer value) +#metadata_workers= + +# Full class name for the Manager for compute (string value) +#compute_manager=nova.compute.manager.ComputeManager + +# Full class name for the Manager for console proxy (string +# value) +#console_manager=nova.console.manager.ConsoleProxyManager + +# Manager for console auth (string value) +#consoleauth_manager=nova.consoleauth.manager.ConsoleAuthManager + +# Full class name for the Manager for cert (string value) +#cert_manager=nova.cert.manager.CertManager + +# Full class name for the Manager for network (string value) +#network_manager=nova.network.manager.VlanManager + +# Full class name for the Manager for scheduler (string value) +#scheduler_manager=nova.scheduler.manager.SchedulerManager + +# Maximum time since last check-in for up service (integer +# value) +#service_down_time=60 + + +# +# Options defined in nova.test +# + +# File name of clean sqlite db (string value) +#sqlite_clean_db=clean.sqlite + + +# +# Options defined in nova.utils +# + +# Whether to log monkey patching (boolean value) +#monkey_patch=false + +# List of modules/decorators to monkey patch (list value) +#monkey_patch_modules=nova.api.ec2.cloud:nova.notifications.notify_decorator,nova.compute.api:nova.notifications.notify_decorator + +# Length of generated instance admin passwords (integer value) +#password_length=12 + +# Time period to generate instance usages for. Time period +# must be hour, day, month or year (string value) +#instance_usage_audit_period=month + +# Path to the rootwrap configuration file to use for running +# commands as root (string value) +#rootwrap_config=/etc/nova/rootwrap.conf + +# Explicitly specify the temporary working directory (string +# value) +#tempdir= + + +# +# Options defined in nova.wsgi +# + +# File name for the paste.deploy config for nova-api (string +# value) +#api_paste_config=api-paste.ini + +# A python format string that is used as the template to +# generate log lines. The following values can be formatted +# into it: client_ip, date_time, request_line, status_code, +# body_length, wall_seconds. (string value) +#wsgi_log_format=%(client_ip)s "%(request_line)s" status: %(status_code)s len: %(body_length)s time: %(wall_seconds).7f + +# CA certificate file to use to verify connecting clients +# (string value) +#ssl_ca_file= + +# SSL certificate of API server (string value) +#ssl_cert_file= + +# SSL private key of API server (string value) +#ssl_key_file= + +# Sets the value of TCP_KEEPIDLE in seconds for each server +# socket. Not supported on OS X. (integer value) +#tcp_keepidle=600 + +# Size of the pool of greenthreads used by wsgi (integer +# value) +#wsgi_default_pool_size=1000 + +# Maximum line size of message headers to be accepted. +# max_header_line may need to be increased when using large +# tokens (typically those generated by the Keystone v3 API +# with big service catalogs). (integer value) +#max_header_line=16384 + + +# +# Options defined in nova.api.auth +# + +# Whether to use per-user rate limiting for the api. This +# option is only used by v2 api. Rate limiting is removed from +# v3 api. (boolean value) +#api_rate_limit=false + +# The strategy to use for auth: noauth or keystone. (string +# value) +#auth_strategy=keystone + +# Treat X-Forwarded-For as the canonical remote address. Only +# enable this if you have a sanitizing proxy. (boolean value) +#use_forwarded_for=false + + +# +# Options defined in nova.api.ec2 +# + +# Number of failed auths before lockout. (integer value) +#lockout_attempts=5 + +# Number of minutes to lockout if triggered. (integer value) +#lockout_minutes=15 + +# Number of minutes for lockout window. (integer value) +#lockout_window=15 + +# URL to get token from ec2 request. (string value) +#keystone_ec2_url=http://localhost:5000/v2.0/ec2tokens + +# Return the IP address as private dns hostname in describe +# instances (boolean value) +#ec2_private_dns_show_ip=false + +# Validate security group names according to EC2 specification +# (boolean value) +#ec2_strict_validation=true + +# Time in seconds before ec2 timestamp expires (integer value) +#ec2_timestamp_expiry=300 + + +# +# Options defined in nova.api.ec2.cloud +# + +# The IP address of the EC2 API server (string value) +#ec2_host=$my_ip + +# The internal IP address of the EC2 API server (string value) +#ec2_dmz_host=$my_ip + +# The port of the EC2 API server (integer value) +#ec2_port=8773 + +# The protocol to use when connecting to the EC2 API server +# (http, https) (string value) +#ec2_scheme=http + +# The path prefix used to call the ec2 API server (string +# value) +#ec2_path=/services/Cloud + +# List of region=fqdn pairs separated by commas (list value) +#region_list= + + +# +# Options defined in nova.api.metadata.base +# + +# List of metadata versions to skip placing into the config +# drive (string value) +#config_drive_skip_versions=1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15 2008-02-01 2008-09-01 + +# Driver to use for vendor data (string value) +#vendordata_driver=nova.api.metadata.vendordata_json.JsonFileVendorData + + +# +# Options defined in nova.api.metadata.vendordata_json +# + +# File to load JSON formatted vendor data from (string value) +#vendordata_jsonfile_path= + + +# +# Options defined in nova.api.openstack.common +# + +# The maximum number of items returned in a single response +# from a collection resource (integer value) +#osapi_max_limit=1000 + +# Base URL that will be presented to users in links to the +# OpenStack Compute API (string value) +#osapi_compute_link_prefix= + +# Base URL that will be presented to users in links to glance +# resources (string value) +#osapi_glance_link_prefix= + + +# +# Options defined in nova.api.openstack.compute +# + +# Permit instance snapshot operations. (boolean value) +#allow_instance_snapshots=true + + +# +# Options defined in nova.api.openstack.compute.contrib +# + +# Specify list of extensions to load when using +# osapi_compute_extension option with +# nova.api.openstack.compute.contrib.select_extensions (list +# value) +#osapi_compute_ext_list= + + +# +# Options defined in nova.api.openstack.compute.contrib.fping +# + +# Full path to fping. (string value) +#fping_path=/usr/sbin/fping + + +# +# Options defined in nova.api.openstack.compute.contrib.os_tenant_networks +# + +# Enables or disables quota checking for tenant networks +# (boolean value) +#enable_network_quota=false + +# Control for checking for default networks (string value) +#use_neutron_default_nets=False + +# Default tenant id when creating neutron networks (string +# value) +#neutron_default_tenant_id=default + + +# +# Options defined in nova.api.openstack.compute.extensions +# + +# osapi compute extension to load (multi valued) +#osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions + + +# +# Options defined in nova.api.openstack.compute.plugins.v3.hide_server_addresses +# + +# List of instance states that should hide network info (list +# value) +#osapi_hide_server_address_states=building + + +# +# Options defined in nova.api.openstack.compute.servers +# + +# Enables returning of the instance password by the relevant +# server API calls such as create, rebuild or rescue, If the +# hypervisor does not support password injection then the +# password returned will not be correct (boolean value) +#enable_instance_password=true + + +# +# Options defined in nova.api.sizelimit +# + +# The maximum body size per each osapi request(bytes) (integer +# value) +#osapi_max_request_body_size=114688 + + +# +# Options defined in nova.cert.rpcapi +# + +# The topic cert nodes listen on (string value) +#cert_topic=cert + + +# +# Options defined in nova.cloudpipe.pipelib +# + +# Image ID used when starting up a cloudpipe vpn server +# (string value) +#vpn_image_id=0 + +# Flavor for vpn instances (string value) +#vpn_flavor=m1.tiny + +# Template for cloudpipe instance boot script (string value) +#boot_script_template=$pybasedir/nova/cloudpipe/bootscript.template + +# Network to push into openvpn config (string value) +#dmz_net=10.0.0.0 + +# Netmask to push into openvpn config (string value) +#dmz_mask=255.255.255.0 + +# Suffix to add to project name for vpn key and secgroups +# (string value) +#vpn_key_suffix=-vpn + + +# +# Options defined in nova.cmd.novnc +# + +# Record sessions to FILE.[session_number] (boolean value) +#record=false + +# Become a daemon (background process) (boolean value) +#daemon=false + +# Disallow non-encrypted connections (boolean value) +#ssl_only=false + +# Source is ipv6 (boolean value) +#source_is_ipv6=false + +# SSL certificate file (string value) +#cert=self.pem + +# SSL key file (if separate from cert) (string value) +#key= + +# Run webserver on same port. Serve files from DIR. (string +# value) +#web=/usr/share/spice-html5 + + +# +# Options defined in nova.cmd.novncproxy +# + +# Host on which to listen for incoming requests (string value) +#novncproxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer +# value) +#novncproxy_port=6080 + + +# +# Options defined in nova.compute.api +# + +# Allow destination machine to match source for resize. Useful +# when testing in single-host environments. (boolean value) +#allow_resize_to_same_host=false + +# Allow migrate machine to the same host. Useful when testing +# in single-host environments. (boolean value) +#allow_migrate_to_same_host=false + +# Availability zone to use when user doesn't specify one +# (string value) +#default_schedule_zone= + +# These are image properties which a snapshot should not +# inherit from an instance (list value) +#non_inheritable_image_properties=cache_in_nova,bittorrent + +# Kernel image that indicates not to use a kernel, but to use +# a raw disk image instead (string value) +#null_kernel=nokernel + +# When creating multiple instances with a single request using +# the os-multiple-create API extension, this template will be +# used to build the display name for each instance. The +# benefit is that the instances end up with different +# hostnames. To restore legacy behavior of every instance +# having the same name, set this option to "%(name)s". Valid +# keys for the template are: name, uuid, count. (string value) +#multi_instance_display_name_template=%(name)s-%(uuid)s + +# Maximum number of devices that will result in a local image +# being created on the hypervisor node. Setting this to 0 +# means nova will allow only boot from volume. A negative +# number means unlimited. (integer value) +#max_local_block_devices=3 + + +# +# Options defined in nova.compute.flavors +# + +# Default flavor to use for the EC2 API only. The Nova API +# does not support a default flavor. (string value) +#default_flavor=m1.small + + +# +# Options defined in nova.compute.manager +# + +# Console proxy host to use to connect to instances on this +# host. (string value) +#console_host=nova + +# Name of network to use to set access IPs for instances +# (string value) +#default_access_ip_network_name= + +# Whether to batch up the application of IPTables rules during +# a host restart and apply all at the end of the init phase +# (boolean value) +#defer_iptables_apply=false + +# Where instances are stored on disk (string value) +#instances_path=$state_path/instances + +# Generate periodic compute.instance.exists notifications +# (boolean value) +#instance_usage_audit=false + +# Number of 1 second retries needed in live_migration (integer +# value) +#live_migration_retry_count=30 + +# Whether to start guests that were running before the host +# rebooted (boolean value) +#resume_guests_state_on_host_boot=false + +# Number of times to retry network allocation on failures +# (integer value) +#network_allocate_retries=0 + +# Number of times to retry block device allocation on failures +# (integer value) +#block_device_allocate_retries=60 + +# The number of times to attempt to reap an instance's files. +# (integer value) +#maximum_instance_delete_attempts=5 + +# Interval to pull network bandwidth usage info. Not supported +# on all hypervisors. Set to -1 to disable. Setting this to 0 +# will disable, but this will change in the K release to mean +# "run at the default rate". (integer value) +#bandwidth_poll_interval=600 + +# Interval to sync power states between the database and the +# hypervisor. Set to -1 to disable. Setting this to 0 will +# disable, but this will change in Juno to mean "run at the +# default rate". (integer value) +#sync_power_state_interval=600 + +# Number of seconds between instance info_cache self healing +# updates (integer value) +#heal_instance_info_cache_interval=60 + +# Interval in seconds for reclaiming deleted instances +# (integer value) +#reclaim_instance_interval=0 + +# Interval in seconds for gathering volume usages (integer +# value) +#volume_usage_poll_interval=0 + +# Interval in seconds for polling shelved instances to +# offload. Set to -1 to disable.Setting this to 0 will +# disable, but this will change in Juno to mean "run at the +# default rate". (integer value) +#shelved_poll_interval=3600 + +# Time in seconds before a shelved instance is eligible for +# removing from a host. -1 never offload, 0 offload when +# shelved (integer value) +#shelved_offload_time=0 + +# Interval in seconds for retrying failed instance file +# deletes (integer value) +#instance_delete_interval=300 + +# Waiting time interval (seconds) between block device +# allocation retries on failures (integer value) +#block_device_allocate_retries_interval=3 + +# Action to take if a running deleted instance is +# detected.Valid options are 'noop', 'log', 'shutdown', or +# 'reap'. Set to 'noop' to take no action. (string value) +#running_deleted_instance_action=reap + +# Number of seconds to wait between runs of the cleanup task. +# (integer value) +#running_deleted_instance_poll_interval=1800 + +# Number of seconds after being deleted when a running +# instance should be considered eligible for cleanup. (integer +# value) +#running_deleted_instance_timeout=0 + +# Automatically hard reboot an instance if it has been stuck +# in a rebooting state longer than N seconds. Set to 0 to +# disable. (integer value) +#reboot_timeout=0 + +# Amount of time in seconds an instance can be in BUILD before +# going into ERROR status.Set to 0 to disable. (integer value) +#instance_build_timeout=0 + +# Automatically unrescue an instance after N seconds. Set to 0 +# to disable. (integer value) +#rescue_timeout=0 + +# Automatically confirm resizes after N seconds. Set to 0 to +# disable. (integer value) +#resize_confirm_window=0 + +# Total amount of time to wait in seconds for an instance to +# perform a clean shutdown. (integer value) +#shutdown_timeout=60 + + +# +# Options defined in nova.compute.monitors +# + +# Monitor classes available to the compute which may be +# specified more than once. (multi valued) +#compute_available_monitors=nova.compute.monitors.all_monitors + +# A list of monitors that can be used for getting compute +# metrics. (list value) +#compute_monitors= + + +# +# Options defined in nova.compute.resource_tracker +# + +# Amount of disk in MB to reserve for the host (integer value) +#reserved_host_disk_mb=0 + +# Amount of memory in MB to reserve for the host (integer +# value) +#reserved_host_memory_mb=512 + +# Class that will manage stats for the local compute host +# (string value) +#compute_stats_class=nova.compute.stats.Stats + +# The names of the extra resources to track. (list value) +#compute_resources=vcpu + + +# +# Options defined in nova.compute.rpcapi +# + +# The topic compute nodes listen on (string value) +#compute_topic=compute + + +# +# Options defined in nova.conductor.tasks.live_migrate +# + +# Number of times to retry live-migration before failing. If +# == -1, try until out of hosts. If == 0, only try once, no +# retries. (integer value) +#migrate_max_retries=-1 + + +# +# Options defined in nova.console.manager +# + +# Driver to use for the console proxy (string value) +#console_driver=nova.console.xvp.XVPConsoleProxy + +# Stub calls to compute worker for tests (boolean value) +#stub_compute=false + +# Publicly visible name for this console host (string value) +#console_public_hostname=nova + + +# +# Options defined in nova.console.rpcapi +# + +# The topic console proxy nodes listen on (string value) +#console_topic=console + + +# +# Options defined in nova.console.vmrc +# + +# DEPRECATED. Port for VMware VMRC connections (integer value) +#console_vmrc_port=443 + +# DEPRECATED. Number of retries for retrieving VMRC +# information (integer value) +#console_vmrc_error_retries=10 + + +# +# Options defined in nova.console.xvp +# + +# XVP conf template (string value) +#console_xvp_conf_template=$pybasedir/nova/console/xvp.conf.template + +# Generated XVP conf file (string value) +#console_xvp_conf=/etc/xvp.conf + +# XVP master process pid file (string value) +#console_xvp_pid=/var/run/xvp.pid + +# XVP log file (string value) +#console_xvp_log=/var/log/xvp.log + +# Port for XVP to multiplex VNC connections on (integer value) +#console_xvp_multiplex_port=5900 + + +# +# Options defined in nova.consoleauth +# + +# The topic console auth proxy nodes listen on (string value) +#consoleauth_topic=consoleauth + + +# +# Options defined in nova.consoleauth.manager +# + +# How many seconds before deleting tokens (integer value) +#console_token_ttl=600 + + +# +# Options defined in nova.db.api +# + +# Services to be added to the available pool on create +# (boolean value) +#enable_new_services=true + +# Template string to be used to generate instance names +# (string value) +#instance_name_template=instance-%08x + +# Template string to be used to generate snapshot names +# (string value) +#snapshot_name_template=snapshot-%s + + +# +# Options defined in nova.db.base +# + +# The driver to use for database access (string value) +#db_driver=nova.db + + +# +# Options defined in nova.db.sqlalchemy.api +# + +# When set, compute API will consider duplicate hostnames +# invalid within the specified scope, regardless of case. +# Should be empty, "project" or "global". (string value) +#osapi_compute_unique_server_name_scope= + + +# +# Options defined in nova.image.s3 +# + +# Parent directory for tempdir used for image decryption +# (string value) +#image_decryption_dir=/tmp + +# Hostname or IP for OpenStack to use when accessing the S3 +# api (string value) +#s3_host=$my_ip + +# Port used when accessing the S3 api (integer value) +#s3_port=3333 + +# Access key to use for S3 server for images (string value) +#s3_access_key=notchecked + +# Secret key to use for S3 server for images (string value) +#s3_secret_key=notchecked + +# Whether to use SSL when talking to S3 (boolean value) +#s3_use_ssl=false + +# Whether to affix the tenant id to the access key when +# downloading from S3 (boolean value) +#s3_affix_tenant=false + + +# +# Options defined in nova.ipv6.api +# + +# Backend to use for IPv6 generation (string value) +#ipv6_backend=rfc2462 + + +# +# Options defined in nova.network +# + +# The full class name of the network API class to use (string +# value) +#network_api_class=nova.network.api.API + + +# +# Options defined in nova.network.driver +# + +# Driver to use for network creation (string value) +#network_driver=nova.network.linux_net + + +# +# Options defined in nova.network.floating_ips +# + +# Default pool for floating IPs (string value) +#default_floating_pool=nova + +# Autoassigning floating IP to VM (boolean value) +#auto_assign_floating_ip=false + +# Full class name for the DNS Manager for floating IPs (string +# value) +#floating_ip_dns_manager=nova.network.noop_dns_driver.NoopDNSDriver + +# Full class name for the DNS Manager for instance IPs (string +# value) +#instance_dns_manager=nova.network.noop_dns_driver.NoopDNSDriver + +# Full class name for the DNS Zone for instance IPs (string +# value) +#instance_dns_domain= + + +# +# Options defined in nova.network.ldapdns +# + +# URL for LDAP server which will store DNS entries (string +# value) +#ldap_dns_url=ldap://ldap.example.com:389 + +# User for LDAP DNS (string value) +#ldap_dns_user=uid=admin,ou=people,dc=example,dc=org + +# Password for LDAP DNS (string value) +#ldap_dns_password=password + +# Hostmaster for LDAP DNS driver Statement of Authority +# (string value) +#ldap_dns_soa_hostmaster=hostmaster@example.org + +# DNS Servers for LDAP DNS driver (multi valued) +#ldap_dns_servers=dns.example.org + +# Base DN for DNS entries in LDAP (string value) +#ldap_dns_base_dn=ou=hosts,dc=example,dc=org + +# Refresh interval (in seconds) for LDAP DNS driver Statement +# of Authority (string value) +#ldap_dns_soa_refresh=1800 + +# Retry interval (in seconds) for LDAP DNS driver Statement of +# Authority (string value) +#ldap_dns_soa_retry=3600 + +# Expiry interval (in seconds) for LDAP DNS driver Statement +# of Authority (string value) +#ldap_dns_soa_expiry=86400 + +# Minimum interval (in seconds) for LDAP DNS driver Statement +# of Authority (string value) +#ldap_dns_soa_minimum=7200 + + +# +# Options defined in nova.network.linux_net +# + +# Location of flagfiles for dhcpbridge (multi valued) +#dhcpbridge_flagfile=/etc/nova/nova-dhcpbridge.conf + +# Location to keep network config files (string value) +#networks_path=$state_path/networks + +# Interface for public IP addresses (string value) +#public_interface=eth0 + +# Location of nova-dhcpbridge (string value) +#dhcpbridge=$bindir/nova-dhcpbridge + +# Public IP of network host (string value) +#routing_source_ip=$my_ip + +# Lifetime of a DHCP lease in seconds (integer value) +#dhcp_lease_time=86400 + +# If set, uses specific DNS server for dnsmasq. Can be +# specified multiple times. (multi valued) +#dns_server= + +# If set, uses the dns1 and dns2 from the network ref. as dns +# servers. (boolean value) +#use_network_dns_servers=false + +# A list of dmz range that should be accepted (list value) +#dmz_cidr= + +# Traffic to this range will always be snatted to the fallback +# ip, even if it would normally be bridged out of the node. +# Can be specified multiple times. (multi valued) +#force_snat_range= + +# Override the default dnsmasq settings with this file (string +# value) +#dnsmasq_config_file= + +# Driver used to create ethernet devices. (string value) +#linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver + +# Name of Open vSwitch bridge used with linuxnet (string +# value) +#linuxnet_ovs_integration_bridge=br-int + +# Send gratuitous ARPs for HA setup (boolean value) +#send_arp_for_ha=false + +# Send this many gratuitous ARPs for HA setup (integer value) +#send_arp_for_ha_count=3 + +# Use single default gateway. Only first nic of vm will get +# default gateway from dhcp server (boolean value) +#use_single_default_gateway=false + +# An interface that bridges can forward to. If this is set to +# all then all traffic will be forwarded. Can be specified +# multiple times. (multi valued) +#forward_bridge_interface=all + +# The IP address for the metadata API server (string value) +#metadata_host=$my_ip + +# The port for the metadata API port (integer value) +#metadata_port=8775 + +# Regular expression to match iptables rule that should always +# be on the top. (string value) +#iptables_top_regex= + +# Regular expression to match iptables rule that should always +# be on the bottom. (string value) +#iptables_bottom_regex= + +# The table that iptables to jump to when a packet is to be +# dropped. (string value) +#iptables_drop_action=DROP + +# Amount of time, in seconds, that ovs_vsctl should wait for a +# response from the database. 0 is to wait forever. (integer +# value) +#ovs_vsctl_timeout=120 + +# If passed, use fake network devices and addresses (boolean +# value) +#fake_network=false + + +# +# Options defined in nova.network.manager +# + +# Bridge for simple network instances (string value) +#flat_network_bridge= + +# DNS server for simple network (string value) +#flat_network_dns=8.8.4.4 + +# Whether to attempt to inject network setup into guest +# (boolean value) +#flat_injected=false + +# FlatDhcp will bridge into this interface if set (string +# value) +#flat_interface= + +# First VLAN for private networks (integer value) +#vlan_start=100 + +# VLANs will bridge into this interface if set (string value) +#vlan_interface= + +# Number of networks to support (integer value) +#num_networks=1 + +# Public IP for the cloudpipe VPN servers (string value) +#vpn_ip=$my_ip + +# First Vpn port for private networks (integer value) +#vpn_start=1000 + +# Number of addresses in each private subnet (integer value) +#network_size=256 + +# Fixed IPv6 address block (string value) +#fixed_range_v6=fd00::/48 + +# Default IPv4 gateway (string value) +#gateway= + +# Default IPv6 gateway (string value) +#gateway_v6= + +# Number of addresses reserved for vpn clients (integer value) +#cnt_vpn_clients=0 + +# Seconds after which a deallocated IP is disassociated +# (integer value) +#fixed_ip_disassociate_timeout=600 + +# Number of attempts to create unique mac address (integer +# value) +#create_unique_mac_address_attempts=5 + +# If True, skip using the queue and make local calls (boolean +# value) +#fake_call=false + +# If True, unused gateway devices (VLAN and bridge) are +# deleted in VLAN network mode with multi hosted networks +# (boolean value) +#teardown_unused_network_gateway=false + +# If True, send a dhcp release on instance termination +# (boolean value) +#force_dhcp_release=true + +# If True, when a DNS entry must be updated, it sends a fanout +# cast to all network hosts to update their DNS entries in +# multi host mode (boolean value) +#update_dns_entries=false + +# Number of seconds to wait between runs of updates to DNS +# entries. (integer value) +#dns_update_periodic_interval=-1 + +# Domain to use for building the hostnames (string value) +#dhcp_domain=novalocal + +# Indicates underlying L3 management library (string value) +#l3_lib=nova.network.l3.LinuxNetL3 + + +# +# Options defined in nova.network.rpcapi +# + +# The topic network nodes listen on (string value) +#network_topic=network + +# Default value for multi_host in networks. Also, if set, some +# rpc network calls will be sent directly to host. (boolean +# value) +#multi_host=false + + +# +# Options defined in nova.network.security_group.openstack_driver +# + +# The full class name of the security API class (string value) +#security_group_api=nova + + +# +# Options defined in nova.objects.network +# + +# DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE +# NETWORK. If True in multi_host mode, all compute hosts share +# the same dhcp address. The same IP address used for DHCP +# will be added on each nova-network node which is only +# visible to the vms on the same host. (boolean value) +#share_dhcp_address=false + +# DEPRECATED: THIS VALUE SHOULD BE SET WHEN CREATING THE +# NETWORK. MTU setting for network interface. (integer value) +#network_device_mtu= + + +# +# Options defined in nova.objectstore.s3server +# + +# Path to S3 buckets (string value) +#buckets_path=$state_path/buckets + +# IP address for S3 API to listen (string value) +#s3_listen=0.0.0.0 + +# Port for S3 API to listen (integer value) +#s3_listen_port=3333 + + +# +# Options defined in nova.openstack.common.eventlet_backdoor +# + +# Enable eventlet backdoor. Acceptable values are 0, , +# and :, where 0 results in listening on a random +# tcp port number; results in listening on the +# specified port number (and not enabling backdoor if that +# port is in use); and : results in listening on +# the smallest unused port number within the specified range +# of port numbers. The chosen port is displayed in the +# service's log file. (string value) +#backdoor_port= + + +# +# Options defined in nova.openstack.common.lockutils +# + +# Enables or disables inter-process locks. (boolean value) +#disable_process_locking=false + +# Directory to use for lock files. (string value) +#lock_path= + + +# +# Options defined in nova.openstack.common.log +# + +# Print debugging output (set logging level to DEBUG instead +# of default WARNING level). (boolean value) +#debug=false + +# Print more verbose output (set logging level to INFO instead +# of default WARNING level). (boolean value) +#verbose=false + +# Log output to standard error. (boolean value) +#use_stderr=true + +# Format string to use for log messages with context. (string +# value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. +# (string value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string +# value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. +# (string value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN + +# Enables or disables publication of error events. (boolean +# value) +#publish_errors=false + +# Enables or disables fatal status of deprecations. (boolean +# value) +#fatal_deprecations=false + +# The format for an instance that is passed with the log +# message. (string value) +#instance_format="[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log +# message. (string value) +#instance_uuid_format="[instance: %(uuid)s] " + +# The name of a logging configuration file. This file is +# appended to any existing logging configuration files. For +# details about logging configuration files, see the Python +# logging module documentation. (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string +# which may use any of the available logging.LogRecord +# attributes. This option is deprecated. Please use +# logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: +# %(default)s . (string value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is +# set, logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file= + +# (Optional) The base directory used for relative --log-file +# paths. (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir= + +# Use syslog for logging. Existing syslog format is DEPRECATED +# during I, and will change in J to honor RFC5424. (boolean +# value) +#use_syslog=false + +# (Optional) Enables or disables syslog rfc5424 format for +# logging. If enabled, prefixes the MSG part of the syslog +# message with APP-NAME (RFC5424). The format without the APP- +# NAME is deprecated in I, and will be removed in J. (boolean +# value) +#use_syslog_rfc_format=false + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility=LOG_USER + + +# +# Options defined in nova.openstack.common.memorycache +# + +# Memcached servers or None for in process cache. (list value) +#memcached_servers= + + +# +# Options defined in nova.openstack.common.periodic_task +# + +# Some periodic tasks can be run in a separate process. Should +# we run them here? (boolean value) +#run_external_periodic_tasks=true + + +# +# Options defined in nova.openstack.common.policy +# + +# The JSON file that defines policies. (string value) +#policy_file=policy.json + +# Default rule. Enforced when a requested rule is not found. +# (string value) +#policy_default_rule=default + + +# +# Options defined in nova.pci.pci_request +# + +# An alias for a PCI passthrough device requirement. This +# allows users to specify the alias in the extra_spec for a +# flavor, without needing to repeat all the PCI property +# requirements. For example: pci_alias = { "name": +# "QuicAssist", "product_id": "0443", "vendor_id": "8086", +# "device_type": "ACCEL" } defines an alias for the Intel +# QuickAssist card. (multi valued) (multi valued) +#pci_alias= + + +# +# Options defined in nova.pci.pci_whitelist +# + +# White list of PCI devices available to VMs. For example: +# pci_passthrough_whitelist = [{"vendor_id": "8086", +# "product_id": "0443"}] (multi valued) +#pci_passthrough_whitelist= + + +# +# Options defined in nova.scheduler.driver +# + +# The scheduler host manager class to use (string value) +#scheduler_host_manager=nova.scheduler.host_manager.HostManager + + +# +# Options defined in nova.scheduler.filter_scheduler +# + +# New instances will be scheduled on a host chosen randomly +# from a subset of the N best hosts. This property defines the +# subset size that a host is chosen from. A value of 1 chooses +# the first host returned by the weighing functions. This +# value must be at least 1. Any value less than 1 will be +# ignored, and 1 will be used instead (integer value) +#scheduler_host_subset_size=1 + + +# +# Options defined in nova.scheduler.filters.aggregate_image_properties_isolation +# + +# Force the filter to consider only keys matching the given +# namespace. (string value) +#aggregate_image_properties_isolation_namespace= + +# The separator used between the namespace and keys (string +# value) +#aggregate_image_properties_isolation_separator=. + + +# +# Options defined in nova.scheduler.filters.core_filter +# + +# Virtual CPU to physical CPU allocation ratio which affects +# all CPU filters. This configuration specifies a global ratio +# for CoreFilter. For AggregateCoreFilter, it will fall back +# to this configuration value if no per-aggregate setting +# found. (floating point value) +#cpu_allocation_ratio=16.0 + + +# +# Options defined in nova.scheduler.filters.disk_filter +# + +# Virtual disk to physical disk allocation ratio (floating +# point value) +#disk_allocation_ratio=1.0 + + +# +# Options defined in nova.scheduler.filters.io_ops_filter +# + +# Tells filters to ignore hosts that have this many or more +# instances currently in build, resize, snapshot, migrate, +# rescue or unshelve task states (integer value) +#max_io_ops_per_host=8 + + +# +# Options defined in nova.scheduler.filters.isolated_hosts_filter +# + +# Images to run on isolated host (list value) +#isolated_images= + +# Host reserved for specific images (list value) +#isolated_hosts= + +# Whether to force isolated hosts to run only isolated images +# (boolean value) +#restrict_isolated_hosts_to_isolated_images=true + + +# +# Options defined in nova.scheduler.filters.num_instances_filter +# + +# Ignore hosts that have too many instances (integer value) +#max_instances_per_host=50 + + +# +# Options defined in nova.scheduler.filters.ram_filter +# + +# Virtual ram to physical ram allocation ratio which affects +# all ram filters. This configuration specifies a global ratio +# for RamFilter. For AggregateRamFilter, it will fall back to +# this configuration value if no per-aggregate setting found. +# (floating point value) +#ram_allocation_ratio=1.5 + + +# +# Options defined in nova.scheduler.host_manager +# + +# Filter classes available to the scheduler which may be +# specified more than once. An entry of +# "nova.scheduler.filters.standard_filters" maps to all +# filters included with nova. (multi valued) +#scheduler_available_filters=nova.scheduler.filters.all_filters + +# Which filter class names to use for filtering hosts when not +# specified in the request. (list value) +#scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter + +# Which weight class names to use for weighing hosts (list +# value) +#scheduler_weight_classes=nova.scheduler.weights.all_weighers + + +# +# Options defined in nova.scheduler.ironic_host_manager +# + +# Which filter class names to use for filtering baremetal +# hosts when not specified in the request. (list value) +#baremetal_scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ExactRamFilter,ExactDiskFilter,ExactCoreFilter + +# Flag to decide whether to use +# baremetal_scheduler_default_filters or not. (boolean value) +#scheduler_use_baremetal_filters=false + + +# +# Options defined in nova.scheduler.manager +# + +# Default driver to use for the scheduler (string value) +#scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler + +# How often (in seconds) to run periodic tasks in the +# scheduler driver of your choice. Please note this is likely +# to interact with the value of service_down_time, but exactly +# how they interact will depend on your choice of scheduler +# driver. (integer value) +#scheduler_driver_task_period=60 + + +# +# Options defined in nova.scheduler.rpcapi +# + +# The topic scheduler nodes listen on (string value) +#scheduler_topic=scheduler + + +# +# Options defined in nova.scheduler.scheduler_options +# + +# Absolute path to scheduler configuration JSON file. (string +# value) +#scheduler_json_config_location= + + +# +# Options defined in nova.scheduler.utils +# + +# Maximum number of attempts to schedule an instance (integer +# value) +#scheduler_max_attempts=3 + + +# +# Options defined in nova.scheduler.weights.ram +# + +# Multiplier used for weighing ram. Negative numbers mean to +# stack vs spread. (floating point value) +#ram_weight_multiplier=1.0 + + +# +# Options defined in nova.servicegroup.api +# + +# The driver for servicegroup service (valid options are: db, +# zk, mc) (string value) +#servicegroup_driver=db + + +# +# Options defined in nova.virt.configdrive +# + +# Config drive format. One of iso9660 (default) or vfat +# (string value) +#config_drive_format=iso9660 + +# DEPRECATED (not needed any more): Where to put temporary +# files associated with config drive creation (string value) +#config_drive_tempdir= + +# Set to force injection to take place on a config drive (if +# set, valid options are: always) (string value) +#force_config_drive= + +# Name and optionally path of the tool used for ISO image +# creation (string value) +#mkisofs_cmd=genisoimage + + +# +# Options defined in nova.virt.disk.api +# + +# Name of the mkfs commands for ephemeral device. The format +# is = (multi valued) +#virt_mkfs= + +# Attempt to resize the filesystem by accessing the image over +# a block device. This is done by the host and may not be +# necessary if the image contains a recent version of cloud- +# init. Possible mechanisms require the nbd driver (for qcow +# and raw), or loop (for raw). (boolean value) +#resize_fs_using_block_device=false + + +# +# Options defined in nova.virt.disk.mount.nbd +# + +# Amount of time, in seconds, to wait for NBD device start up. +# (integer value) +#timeout_nbd=10 + + +# +# Options defined in nova.virt.driver +# + +# Driver to use for controlling virtualization. Options +# include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, +# fake.FakeDriver, baremetal.BareMetalDriver, +# vmwareapi.VMwareVCDriver, hyperv.HyperVDriver (string value) +#compute_driver= + +# The default format an ephemeral_volume will be formatted +# with on creation. (string value) +#default_ephemeral_format= + +# VM image preallocation mode: "none" => no storage +# provisioning is done up front, "space" => storage is fully +# allocated at instance start (string value) +#preallocate_images=none + +# Whether to use cow images (boolean value) +#use_cow_images=true + +# Fail instance boot if vif plugging fails (boolean value) +#vif_plugging_is_fatal=true + +# Number of seconds to wait for neutron vif plugging events to +# arrive before continuing or failing (see +# vif_plugging_is_fatal). If this is set to zero and +# vif_plugging_is_fatal is False, events should not be +# expected to arrive at all. (integer value) +#vif_plugging_timeout=300 + + +# +# Options defined in nova.virt.firewall +# + +# Firewall driver (defaults to hypervisor specific iptables +# driver) (string value) +#firewall_driver= + +# Whether to allow network traffic from same network (boolean +# value) +#allow_same_net_traffic=true + + +# +# Options defined in nova.virt.hardware +# + +# Defines which pcpus that instance vcpus can use. For +# example, "4-12,^8,15" (string value) +#vcpu_pin_set= + + +# +# Options defined in nova.virt.imagecache +# + +# Number of seconds to wait between runs of the image cache +# manager. Set to -1 to disable. Setting this to 0 will +# disable, but this will change in the K release to mean "run +# at the default rate". (integer value) +#image_cache_manager_interval=2400 + +# Where cached images are stored under $instances_path. This +# is NOT the full path - just a folder name. For per-compute- +# host cached images, set to _base_$my_ip (string value) +#image_cache_subdirectory_name=_base + +# Should unused base images be removed? (boolean value) +#remove_unused_base_images=true + +# Unused unresized base images younger than this will not be +# removed (integer value) +#remove_unused_original_minimum_age_seconds=86400 + + +# +# Options defined in nova.virt.images +# + +# Force backing images to raw format (boolean value) +#force_raw_images=true + + +# +# Options defined in nova.virt.netutils +# + +# Template file for injected network (string value) +#injected_network_template=$pybasedir/nova/virt/interfaces.template + + +# +# Options defined in nova.vnc +# + +# Location of VNC console proxy, in the form +# "http://127.0.0.1:6080/vnc_auto.html" (string value) +#novncproxy_base_url=http://127.0.0.1:6080/vnc_auto.html + +# Location of nova xvp VNC console proxy, in the form +# "http://127.0.0.1:6081/console" (string value) +#xvpvncproxy_base_url=http://127.0.0.1:6081/console + +# IP address on which instance vncservers should listen +# (string value) +#vncserver_listen=127.0.0.1 + +# The address to which proxy clients (like nova-xvpvncproxy) +# should connect (string value) +#vncserver_proxyclient_address=127.0.0.1 + +# Enable VNC related features (boolean value) +#vnc_enabled=true + +# Keymap for VNC (string value) +#vnc_keymap=en-us + + +# +# Options defined in nova.vnc.xvp_proxy +# + +# Port that the XCP VNC proxy should bind to (integer value) +#xvpvncproxy_port=6081 + +# Address that the XCP VNC proxy should bind to (string value) +#xvpvncproxy_host=0.0.0.0 + + +# +# Options defined in nova.volume +# + +# The full class name of the volume API class to use (string +# value) +#volume_api_class=nova.volume.cinder.API + + +[baremetal] + +# +# Options defined in nova.virt.baremetal.db.api +# + +# The backend to use for bare-metal database (string value) +#db_backend=sqlalchemy + + +# +# Options defined in nova.virt.baremetal.db.sqlalchemy.session +# + +# The SQLAlchemy connection string used to connect to the +# bare-metal database (string value) +#sql_connection=sqlite:///$state_path/baremetal_nova.sqlite + + +# +# Options defined in nova.virt.baremetal.driver +# + +# Baremetal VIF driver. (string value) +#vif_driver=nova.virt.baremetal.vif_driver.BareMetalVIFDriver + +# Baremetal volume driver. (string value) +#volume_driver=nova.virt.baremetal.volume_driver.LibvirtVolumeDriver + +# A list of additional capabilities corresponding to +# flavor_extra_specs for this compute host to advertise. Valid +# entries are name=value, pairs For example, "key1:val1, +# key2:val2" (list value) +#flavor_extra_specs= + +# Baremetal driver back-end (pxe or tilera) (string value) +#driver=nova.virt.baremetal.pxe.PXE + +# Baremetal power management method (string value) +#power_manager=nova.virt.baremetal.ipmi.IPMI + +# Baremetal compute node's tftp root path (string value) +#tftp_root=/tftpboot + + +# +# Options defined in nova.virt.baremetal.ipmi +# + +# Path to baremetal terminal program (string value) +#terminal=shellinaboxd + +# Path to baremetal terminal SSL cert(PEM) (string value) +#terminal_cert_dir= + +# Path to directory stores pidfiles of baremetal_terminal +# (string value) +#terminal_pid_dir=$state_path/baremetal/console + +# Maximal number of retries for IPMI operations (integer +# value) +#ipmi_power_retry=10 + + +# +# Options defined in nova.virt.baremetal.pxe +# + +# Default kernel image ID used in deployment phase (string +# value) +#deploy_kernel= + +# Default ramdisk image ID used in deployment phase (string +# value) +#deploy_ramdisk= + +# Template file for injected network config (string value) +#net_config_template=$pybasedir/nova/virt/baremetal/net-dhcp.ubuntu.template + +# Additional append parameters for baremetal PXE boot (string +# value) +#pxe_append_params=nofb nomodeset vga=normal + +# Template file for PXE configuration (string value) +#pxe_config_template=$pybasedir/nova/virt/baremetal/pxe_config.template + +# If True, enable file injection for network info, files and +# admin password (boolean value) +#use_file_injection=false + +# Timeout for PXE deployments. Default: 0 (unlimited) (integer +# value) +#pxe_deploy_timeout=0 + +# If set, pass the network configuration details to the +# initramfs via cmdline. (boolean value) +#pxe_network_config=false + +# This gets passed to Neutron as the bootfile dhcp parameter. +# (string value) +#pxe_bootfile_name=pxelinux.0 + + +# +# Options defined in nova.virt.baremetal.tilera_pdu +# + +# IP address of tilera pdu (string value) +#tile_pdu_ip=10.0.100.1 + +# Management script for tilera pdu (string value) +#tile_pdu_mgr=/tftpboot/pdu_mgr + +# Power status of tilera PDU is OFF (integer value) +#tile_pdu_off=2 + +# Power status of tilera PDU is ON (integer value) +#tile_pdu_on=1 + +# Power status of tilera PDU (integer value) +#tile_pdu_status=9 + +# Wait time in seconds until check the result after tilera +# power operations (integer value) +#tile_power_wait=9 + + +# +# Options defined in nova.virt.baremetal.virtual_power_driver +# + +# IP or name to virtual power host (string value) +#virtual_power_ssh_host= + +# Port to use for ssh to virtual power host (integer value) +#virtual_power_ssh_port=22 + +# Base command to use for virtual power(vbox, virsh) (string +# value) +#virtual_power_type=virsh + +# User to execute virtual power commands as (string value) +#virtual_power_host_user= + +# Password for virtual power host_user (string value) +#virtual_power_host_pass= + +# The ssh key for virtual power host_user (string value) +#virtual_power_host_key= + + +# +# Options defined in nova.virt.baremetal.volume_driver +# + +# Do not set this out of dev/test environments. If a node does +# not have a fixed PXE IP address, volumes are exported with +# globally opened ACL (boolean value) +#use_unsafe_iscsi=false + +# The iSCSI IQN prefix used in baremetal volume connections. +# (string value) +#iscsi_iqn_prefix=iqn.2010-10.org.openstack.baremetal + + +[cells] + +# +# Options defined in nova.cells.manager +# + +# Cells communication driver to use (string value) +#driver=nova.cells.rpc_driver.CellsRPCDriver + +# Number of seconds after an instance was updated or deleted +# to continue to update cells (integer value) +#instance_updated_at_threshold=3600 + +# Number of instances to update per periodic task run (integer +# value) +#instance_update_num_instances=1 + + +# +# Options defined in nova.cells.messaging +# + +# Maximum number of hops for cells routing. (integer value) +#max_hop_count=10 + +# Cells scheduler to use (string value) +#scheduler=nova.cells.scheduler.CellsScheduler + + +# +# Options defined in nova.cells.opts +# + +# Enable cell functionality (boolean value) +#enable=false + +# The topic cells nodes listen on (string value) +#topic=cells + +# Manager for cells (string value) +#manager=nova.cells.manager.CellsManager + +# Name of this cell (string value) +#name=nova + +# Key/Multi-value list with the capabilities of the cell (list +# value) +#capabilities=hypervisor=xenserver;kvm,os=linux;windows + +# Seconds to wait for response from a call to a cell. (integer +# value) +#call_timeout=60 + +# Percentage of cell capacity to hold in reserve. Affects both +# memory and disk utilization (floating point value) +#reserve_percent=10.0 + +# Type of cell: api or compute (string value) +#cell_type=compute + +# Number of seconds after which a lack of capability and +# capacity updates signals the child cell is to be treated as +# a mute. (integer value) +#mute_child_interval=300 + +# Seconds between bandwidth updates for cells. (integer value) +#bandwidth_update_interval=600 + + +# +# Options defined in nova.cells.rpc_driver +# + +# Base queue name to use when communicating between cells. +# Various topics by message type will be appended to this. +# (string value) +#rpc_driver_queue_base=cells.intercell + + +# +# Options defined in nova.cells.scheduler +# + +# Filter classes the cells scheduler should use. An entry of +# "nova.cells.filters.all_filters" maps to all cells filters +# included with nova. (list value) +#scheduler_filter_classes=nova.cells.filters.all_filters + +# Weigher classes the cells scheduler should use. An entry of +# "nova.cells.weights.all_weighers" maps to all cell weighers +# included with nova. (list value) +#scheduler_weight_classes=nova.cells.weights.all_weighers + +# How many retries when no cells are available. (integer +# value) +#scheduler_retries=10 + +# How often to retry in seconds when no cells are available. +# (integer value) +#scheduler_retry_delay=2 + + +# +# Options defined in nova.cells.state +# + +# Interval, in seconds, for getting fresh cell information +# from the database. (integer value) +#db_check_interval=60 + +# Configuration file from which to read cells configuration. +# If given, overrides reading cells from the database. (string +# value) +#cells_config= + + +# +# Options defined in nova.cells.weights.mute_child +# + +# Multiplier used to weigh mute children. (The value should be +# negative.) (floating point value) +#mute_weight_multiplier=-10.0 + +# Weight value assigned to mute children. (The value should be +# positive.) (floating point value) +#mute_weight_value=1000.0 + + +# +# Options defined in nova.cells.weights.ram_by_instance_type +# + +# Multiplier used for weighing ram. Negative numbers mean to +# stack vs spread. (floating point value) +#ram_weight_multiplier=10.0 + + +# +# Options defined in nova.cells.weights.weight_offset +# + +# Multiplier used to weigh offset weigher. (floating point +# value) +#offset_weight_multiplier=1.0 + + +[cinder] + +# +# Options defined in nova.volume.cinder +# + +# Info to match when looking for cinder in the service +# catalog. Format is: separated values of the form: +# :: (string value) +# Deprecated group/name - [DEFAULT]/cinder_catalog_info +#catalog_info=volume:cinder:publicURL + +# Override service catalog lookup with template for cinder +# endpoint e.g. http://localhost:8776/v1/%(project_id)s +# (string value) +# Deprecated group/name - [DEFAULT]/cinder_endpoint_template +#endpoint_template= + +# Region name of this node (string value) +# Deprecated group/name - [DEFAULT]/os_region_name +#os_region_name= + +# Location of ca certificates file to use for cinder client +# requests. (string value) +# Deprecated group/name - [DEFAULT]/cinder_ca_certificates_file +#ca_certificates_file= + +# Number of cinderclient retries on failed http calls (integer +# value) +# Deprecated group/name - [DEFAULT]/cinder_http_retries +#http_retries=3 + +# HTTP inactivity timeout (in seconds) (integer value) +# Deprecated group/name - [DEFAULT]/cinder_http_timeout +#http_timeout= + +# Allow to perform insecure SSL requests to cinder (boolean +# value) +# Deprecated group/name - [DEFAULT]/cinder_api_insecure +#api_insecure=false + +# Allow attach between instance and volume in different +# availability zones. (boolean value) +# Deprecated group/name - [DEFAULT]/cinder_cross_az_attach +#cross_az_attach=true + + +[conductor] + +# +# Options defined in nova.conductor.api +# + +# Perform nova-conductor operations locally (boolean value) +#use_local=false + +# The topic on which conductor nodes listen (string value) +#topic=conductor + +# Full class name for the Manager for conductor (string value) +#manager=nova.conductor.manager.ConductorManager + +# Number of workers for OpenStack Conductor service. The +# default will be the number of CPUs available. (integer +# value) +#workers= + + +[ephemeral_storage_encryption] + +# +# Options defined in nova.compute.api +# + +# Whether to encrypt ephemeral storage (boolean value) +#enabled=false + +# The cipher and mode to be used to encrypt ephemeral storage. +# Which ciphers are available ciphers depends on kernel +# support. See /proc/crypto for the list of available options. +# (string value) +#cipher=aes-xts-plain64 + +# The bit length of the encryption key to be used to encrypt +# ephemeral storage (in XTS mode only half of the bits are +# used for encryption key) (integer value) +#key_size=512 + + +[glance] + +# +# Options defined in nova.image.glance +# + +# Default glance hostname or IP address (string value) +# Deprecated group/name - [DEFAULT]/glance_host +#host=$my_ip + +# Default glance port (integer value) +# Deprecated group/name - [DEFAULT]/glance_port +#port=9292 + +# Default protocol to use when connecting to glance. Set to +# https for SSL. (string value) +# Deprecated group/name - [DEFAULT]/glance_protocol +#protocol=http + +# A list of the glance api servers available to nova. Prefix +# with https:// for ssl-based glance api servers. +# ([hostname|ip]:port) (list value) +# Deprecated group/name - [DEFAULT]/glance_api_servers +#api_servers= + +# Allow to perform insecure SSL (https) requests to glance +# (boolean value) +# Deprecated group/name - [DEFAULT]/glance_api_insecure +#api_insecure=false + +# Number of retries when downloading an image from glance +# (integer value) +# Deprecated group/name - [DEFAULT]/glance_num_retries +#num_retries=0 + +# A list of url scheme that can be downloaded directly via the +# direct_url. Currently supported schemes: [file]. (list +# value) +#allowed_direct_url_schemes= + + +[hyperv] + +# +# Options defined in nova.virt.hyperv.pathutils +# + +# The name of a Windows share name mapped to the +# "instances_path" dir and used by the resize feature to copy +# files to the target host. If left blank, an administrative +# share will be used, looking for the same "instances_path" +# used locally (string value) +#instances_path_share= + + +# +# Options defined in nova.virt.hyperv.utilsfactory +# + +# Force V1 WMI utility classes (boolean value) +#force_hyperv_utils_v1=false + +# Force V1 volume utility class (boolean value) +#force_volumeutils_v1=false + + +# +# Options defined in nova.virt.hyperv.vif +# + +# External virtual switch Name, if not provided, the first +# external virtual switch is used (string value) +#vswitch_name= + + +# +# Options defined in nova.virt.hyperv.vmops +# + +# Required for live migration among hosts with different CPU +# features (boolean value) +#limit_cpu_features=false + +# Sets the admin password in the config drive image (boolean +# value) +#config_drive_inject_password=false + +# Path of qemu-img command which is used to convert between +# different image types (string value) +#qemu_img_cmd=qemu-img.exe + +# Attaches the Config Drive image as a cdrom drive instead of +# a disk drive (boolean value) +#config_drive_cdrom=false + +# Enables metrics collections for an instance by using +# Hyper-V's metric APIs. Collected data can by retrieved by +# other apps and services, e.g.: Ceilometer. Requires Hyper-V +# / Windows Server 2012 and above (boolean value) +#enable_instance_metrics_collection=false + +# Enables dynamic memory allocation (ballooning) when set to a +# value greater than 1. The value expresses the ratio between +# the total RAM assigned to an instance and its startup RAM +# amount. For example a ratio of 2.0 for an instance with +# 1024MB of RAM implies 512MB of RAM allocated at startup +# (floating point value) +#dynamic_memory_ratio=1.0 + +# Number of seconds to wait for instance to shut down after +# soft reboot request is made. We fall back to hard reboot if +# instance does not shutdown within this window. (integer +# value) +#wait_soft_reboot_seconds=60 + + +# +# Options defined in nova.virt.hyperv.volumeops +# + +# The number of times to retry to attach a volume (integer +# value) +#volume_attach_retry_count=10 + +# Interval between volume attachment attempts, in seconds +# (integer value) +#volume_attach_retry_interval=5 + +# The number of times to retry checking for a disk mounted via +# iSCSI. (integer value) +#mounted_disk_query_retry_count=10 + +# Interval between checks for a mounted iSCSI disk, in +# seconds. (integer value) +#mounted_disk_query_retry_interval=5 + + +[image_file_url] + +# +# Options defined in nova.image.download.file +# + +# List of file systems that are configured in this file in the +# image_file_url: sections (list value) +#filesystems= + + +[ironic] + +# +# Options defined in nova.virt.ironic.driver +# + +# Version of Ironic API service endpoint. (integer value) +#api_version=1 + +# URL for Ironic API endpoint. (string value) +#api_endpoint= + +# Ironic keystone admin name (string value) +#admin_username= + +# Ironic keystone admin password. (string value) +#admin_password= + +# Ironic keystone auth token. (string value) +#admin_auth_token= + +# Keystone public API endpoint. (string value) +#admin_url= + +# Log level override for ironicclient. Set this in order to +# override the global "default_log_levels", "verbose", and +# "debug" settings. (string value) +#client_log_level= + +# Ironic keystone tenant name. (string value) +#admin_tenant_name= + +# How many retries when a request does conflict. (integer +# value) +#api_max_retries=60 + +# How often to retry in seconds when a request does conflict +# (integer value) +#api_retry_interval=2 + + +[keymgr] + +# +# Options defined in nova.keymgr +# + +# The full class name of the key manager API class (string +# value) +#api_class=nova.keymgr.conf_key_mgr.ConfKeyManager + + +# +# Options defined in nova.keymgr.conf_key_mgr +# + +# Fixed key returned by key manager, specified in hex (string +# value) +#fixed_key= + + +[keystone_authtoken] + +# +# Options defined in keystonemiddleware.auth_token +# + +# Prefix to prepend at the beginning of the path. Deprecated, +# use identity_uri. (string value) +#auth_admin_prefix= + +# Host providing the admin Identity API endpoint. Deprecated, +# use identity_uri. (string value) +#auth_host=127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) +#auth_port=35357 + +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) +#auth_protocol=https + +# Complete public Identity API endpoint (string value) +#auth_uri= + +# Complete admin Identity API endpoint. This should specify +# the unversioned root endpoint e.g. https://localhost:35357/ +# (string value) +#identity_uri= + +# API version of the admin Identity API endpoint (string +# value) +#auth_version= + +# Do not handle authorization requests within the middleware, +# but delegate the authorization decision to downstream WSGI +# components (boolean value) +#delay_auth_decision=false + +# Request timeout value for communicating with Identity API +# server. (boolean value) +#http_connect_timeout= + +# How many times are we trying to reconnect when communicating +# with Identity API Server. (integer value) +#http_request_max_retries=3 + +# This option is deprecated and may be removed in a future +# release. Single shared secret with the Keystone +# configuration used for bootstrapping a Keystone +# installation, or otherwise bypassing the normal +# authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) +#admin_token= + +# Keystone account username (string value) +#admin_user= + +# Keystone account password (string value) +#admin_password= + +# Keystone service account tenant name to validate user tokens +# (string value) +#admin_tenant_name=admin + +# Env key for the swift cache (string value) +#cache= + +# Required if Keystone server requires client certificate +# (string value) +#certfile= + +# Required if Keystone server requires client certificate +# (string value) +#keyfile= + +# A PEM encoded Certificate Authority to use when verifying +# HTTPs connections. Defaults to system CAs. (string value) +#cafile= + +# Verify HTTPS connections. (boolean value) +#insecure=false + +# Directory used to cache files related to PKI tokens (string +# value) +#signing_dir= + +# Optionally specify a list of memcached server(s) to use for +# caching. If left undefined, tokens will instead be cached +# in-process. (list value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers= + +# In order to prevent excessive effort spent validating +# tokens, the middleware caches previously-seen tokens for a +# configurable duration (in seconds). Set to -1 to disable +# caching completely. (integer value) +#token_cache_time=300 + +# Determines the frequency at which the list of revoked tokens +# is retrieved from the Identity service (in seconds). A high +# number of revocation events combined with a low cache +# duration may significantly reduce performance. (integer +# value) +#revocation_cache_time=10 + +# (optional) if defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable +# values are MAC or ENCRYPT. If MAC, token data is +# authenticated (with HMAC) in the cache. If ENCRYPT, token +# data is encrypted and authenticated in the cache. If the +# value is not one of these options or empty, auth_token will +# raise an exception on initialization. (string value) +#memcache_security_strategy= + +# (optional, mandatory if memcache_security_strategy is +# defined) this string is used for key derivation. (string +# value) +#memcache_secret_key= + +# (optional) number of seconds memcached server is considered +# dead before it is tried again. (integer value) +#memcache_pool_dead_retry=300 + +# (optional) max total number of open connections to every +# memcached server. (integer value) +#memcache_pool_maxsize=10 + +# (optional) socket timeout in seconds for communicating with +# a memcache server. (integer value) +#memcache_pool_socket_timeout=3 + +# (optional) number of seconds a connection to memcached is +# held unused in the pool before it is closed. (integer value) +#memcache_pool_unused_timeout=60 + +# (optional) number of seconds that an operation will wait to +# get a memcache client connection from the pool. (integer +# value) +#memcache_pool_conn_get_timeout=10 + +# (optional) use the advanced (eventlet safe) memcache client +# pool. The advanced pool will only work under python 2.x. +# (boolean value) +#memcache_use_advanced_pool=false + +# (optional) indicate whether to set the X-Service-Catalog +# header. If False, middleware will not ask for service +# catalog on token validation and will not set the X-Service- +# Catalog header. (boolean value) +#include_service_catalog=true + +# Used to control the use and type of token binding. Can be +# set to: "disabled" to not check token binding. "permissive" +# (default) to validate binding information if the bind type +# is of a form known to the server and ignore it if not. +# "strict" like "permissive" but if the bind type is unknown +# the token will be rejected. "required" any form of token +# binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string +# value) +#enforce_token_bind=permissive + +# If true, the revocation list will be checked for cached +# tokens. This requires that PKI tokens are configured on the +# Keystone server. (boolean value) +#check_revocations_for_cached=false + +# Hash algorithms to use for hashing PKI tokens. This may be a +# single algorithm or multiple. The algorithms are those +# supported by Python standard hashlib.new(). The hashes will +# be tried in the order given, so put the preferred one first +# for performance. The result of the first hash will be stored +# in the cache. This will typically be set to multiple values +# only while migrating from a less secure algorithm to a more +# secure one. Once all the old tokens are expired this option +# should be set to a single value for better performance. +# (list value) +#hash_algorithms=md5 + + +[libvirt] + +# +# Options defined in nova.virt.libvirt.driver +# + +# Rescue ami image. This will not be used if an image id is +# provided by the user. (string value) +#rescue_image_id= + +# Rescue aki image (string value) +#rescue_kernel_id= + +# Rescue ari image (string value) +#rescue_ramdisk_id= + +# Libvirt domain type (valid options are: kvm, lxc, qemu, uml, +# xen) (string value) +#virt_type=kvm + +# Override the default libvirt URI (which is dependent on +# virt_type) (string value) +#connection_uri= + +# Inject the admin password at boot time, without an agent. +# (boolean value) +#inject_password=false + +# Inject the ssh public key at boot time (boolean value) +#inject_key=false + +# The partition to inject to : -2 => disable, -1 => inspect +# (libguestfs only), 0 => not partitioned, >0 => partition +# number (integer value) +#inject_partition=-2 + +# Sync virtual and real mouse cursors in Windows VMs (boolean +# value) +#use_usb_tablet=true + +# Migration target URI (any included "%s" is replaced with the +# migration target hostname) (string value) +#live_migration_uri=qemu+tcp://%s/system + +# Migration flags to be set for live migration (string value) +#live_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED + +# Migration flags to be set for block migration (string value) +#block_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER, VIR_MIGRATE_LIVE, VIR_MIGRATE_TUNNELLED, VIR_MIGRATE_NON_SHARED_INC + +# Maximum bandwidth to be used during migration, in Mbps +# (integer value) +#live_migration_bandwidth=0 + +# Snapshot image format (valid options are : raw, qcow2, vmdk, +# vdi). Defaults to same as source image (string value) +#snapshot_image_format= + +# DEPRECATED. Libvirt handlers for remote volumes. This option +# is deprecated and will be removed in the Kilo release. (list +# value) +#volume_drivers=iscsi=nova.virt.libvirt.volume.LibvirtISCSIVolumeDriver,iser=nova.virt.libvirt.volume.LibvirtISERVolumeDriver,local=nova.virt.libvirt.volume.LibvirtVolumeDriver,fake=nova.virt.libvirt.volume.LibvirtFakeVolumeDriver,rbd=nova.virt.libvirt.volume.LibvirtNetVolumeDriver,sheepdog=nova.virt.libvirt.volume.LibvirtNetVolumeDriver,nfs=nova.virt.libvirt.volume.LibvirtNFSVolumeDriver,aoe=nova.virt.libvirt.volume.LibvirtAOEVolumeDriver,glusterfs=nova.virt.libvirt.volume.LibvirtGlusterfsVolumeDriver,fibre_channel=nova.virt.libvirt.volume.LibvirtFibreChannelVolumeDriver,scality=nova.virt.libvirt.volume.LibvirtScalityVolumeDriver + +# Override the default disk prefix for the devices attached to +# a server, which is dependent on virt_type. (valid options +# are: sd, xvd, uvd, vd) (string value) +#disk_prefix= + +# Number of seconds to wait for instance to shut down after +# soft reboot request is made. We fall back to hard reboot if +# instance does not shutdown within this window. (integer +# value) +#wait_soft_reboot_seconds=120 + +# Set to "host-model" to clone the host CPU feature flags; to +# "host-passthrough" to use the host CPU model exactly; to +# "custom" to use a named CPU model; to "none" to not set any +# CPU model. If virt_type="kvm|qemu", it will default to +# "host-model", otherwise it will default to "none" (string +# value) +#cpu_mode= + +# Set to a named libvirt CPU model (see names listed in +# /usr/share/libvirt/cpu_map.xml). Only has effect if +# cpu_mode="custom" and virt_type="kvm|qemu" (string value) +#cpu_model= + +# Location where libvirt driver will store snapshots before +# uploading them to image service (string value) +#snapshots_directory=$instances_path/snapshots + +# Location where the Xen hvmloader is kept (string value) +#xen_hvmloader_path=/usr/lib/xen/boot/hvmloader + +# Specific cachemodes to use for different disk types e.g: +# file=directsync,block=none (list value) +#disk_cachemodes= + +# A path to a device that will be used as source of entropy on +# the host. Permitted options are: /dev/random or /dev/hwrng +# (string value) +#rng_dev_path= + +# For qemu or KVM guests, set this option to specify a default +# machine type per host architecture. You can find a list of +# supported machine types in your environment by checking the +# output of the "virsh capabilities"command. The format of the +# value for this config option is host-arch=machine-type. For +# example: x86_64=machinetype1,armv7l=machinetype2 (list +# value) +#hw_machine_type= + +# The data source used to the populate the host "serial" UUID +# exposed to guest in the virtual BIOS. Permitted options are +# "hardware", "os", "none" or "auto" (default). (string value) +#sysinfo_serial=auto + +# A number of seconds to memory usage statistics period. Zero +# or negative value mean to disable memory usage statistics. +# (integer value) +#mem_stats_period_seconds=10 + +# List of uid targets and ranges.Syntax is guest-uid:host- +# uid:countMaximum of 5 allowed. (list value) +#uid_maps= + +# List of guid targets and ranges.Syntax is guest-gid:host- +# gid:countMaximum of 5 allowed. (list value) +#gid_maps= + + +# +# Options defined in nova.virt.libvirt.imagebackend +# + +# VM Images format. Acceptable values are: raw, qcow2, lvm, +# rbd, default. If default is specified, then use_cow_images +# flag is used instead of this one. (string value) +#images_type=default + +# LVM Volume Group that is used for VM images, when you +# specify images_type=lvm. (string value) +#images_volume_group= + +# Create sparse logical volumes (with virtualsize) if this +# flag is set to True. (boolean value) +#sparse_logical_volumes=false + +# Method used to wipe old volumes (valid options are: none, +# zero, shred) (string value) +#volume_clear=zero + +# Size in MiB to wipe at start of old volumes. 0 => all +# (integer value) +#volume_clear_size=0 + +# The RADOS pool in which rbd volumes are stored (string +# value) +#images_rbd_pool=rbd + +# Path to the ceph configuration file to use (string value) +#images_rbd_ceph_conf= + +# Discard option for nova managed disks (valid options are: +# ignore, unmap). Need Libvirt(1.0.6) Qemu1.5 (raw format) +# Qemu1.6(qcow2 format) (string value) +#hw_disk_discard= + + +# +# Options defined in nova.virt.libvirt.imagecache +# + +# Allows image information files to be stored in non-standard +# locations (string value) +#image_info_filename_pattern=$instances_path/$image_cache_subdirectory_name/%(image)s.info + +# Should unused kernel images be removed? This is only safe to +# enable if all compute nodes have been updated to support +# this option. This will be enabled by default in future. +# (boolean value) +#remove_unused_kernels=false + +# Unused resized base images younger than this will not be +# removed (integer value) +#remove_unused_resized_minimum_age_seconds=3600 + +# Write a checksum for files in _base to disk (boolean value) +#checksum_base_images=false + +# How frequently to checksum base images (integer value) +#checksum_interval_seconds=3600 + + +# +# Options defined in nova.virt.libvirt.utils +# + +# Compress snapshot images when possible. This currently +# applies exclusively to qcow2 images (boolean value) +#snapshot_compression=false + + +# +# Options defined in nova.virt.libvirt.vif +# + +# Use virtio for bridge interfaces with KVM/QEMU (boolean +# value) +#use_virtio_for_bridges=true + + +# +# Options defined in nova.virt.libvirt.volume +# + +# Number of times to rescan iSCSI target to find volume +# (integer value) +#num_iscsi_scan_tries=5 + +# Number of times to rescan iSER target to find volume +# (integer value) +#num_iser_scan_tries=5 + +# The RADOS client name for accessing rbd volumes (string +# value) +#rbd_user= + +# The libvirt UUID of the secret for the rbd_uservolumes +# (string value) +#rbd_secret_uuid= + +# Directory where the NFS volume is mounted on the compute +# node (string value) +#nfs_mount_point_base=$state_path/mnt + +# Mount options passedf to the NFS client. See section of the +# nfs man page for details (string value) +#nfs_mount_options= + +# Number of times to rediscover AoE target to find volume +# (integer value) +#num_aoe_discover_tries=3 + +# Directory where the glusterfs volume is mounted on the +# compute node (string value) +#glusterfs_mount_point_base=$state_path/mnt + +# Use multipath connection of the iSCSI volume (boolean value) +#iscsi_use_multipath=false + +# Use multipath connection of the iSER volume (boolean value) +#iser_use_multipath=false + +# Path or URL to Scality SOFS configuration file (string +# value) +#scality_sofs_config= + +# Base dir where Scality SOFS shall be mounted (string value) +#scality_sofs_mount_point=$state_path/scality + +# Protocols listed here will be accessed directly from QEMU. +# Currently supported protocols: [gluster] (list value) +#qemu_allowed_storage_drivers= + + +[matchmaker_redis] + +# +# Options defined in oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# Options defined in oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[metrics] + +# +# Options defined in nova.scheduler.weights.metrics +# + +# Multiplier used for weighing metrics. (floating point value) +#weight_multiplier=1.0 + +# How the metrics are going to be weighed. This should be in +# the form of "=, =, ...", where +# is one of the metrics to be weighed, and is +# the corresponding ratio. So for "name1=1.0, name2=-1.0" The +# final weight would be name1.value * 1.0 + name2.value * +# -1.0. (list value) +#weight_setting= + +# How to treat the unavailable metrics. When a metric is NOT +# available for a host, if it is set to be True, it would +# raise an exception, so it is recommended to use the +# scheduler filter MetricFilter to filter out those hosts. If +# it is set to be False, the unavailable metric would be +# treated as a negative factor in weighing process, the +# returned value would be set by the option +# weight_of_unavailable. (boolean value) +#required=true + +# The final weight value to be returned if required is set to +# False and any one of the metrics set by weight_setting is +# unavailable. (floating point value) +#weight_of_unavailable=-10000.0 + + +[neutron] + +# +# Options defined in nova.api.metadata.handler +# + +# Set flag to indicate Neutron will proxy metadata requests +# and resolve instance ids. (boolean value) +# Deprecated group/name - [DEFAULT]/service_neutron_metadata_proxy +#service_metadata_proxy=false + +# Shared secret to validate proxies Neutron metadata requests +# (string value) +# Deprecated group/name - [DEFAULT]/neutron_metadata_proxy_shared_secret +#metadata_proxy_shared_secret= + + +# +# Options defined in nova.network.neutronv2.api +# + +# URL for connecting to neutron (string value) +# Deprecated group/name - [DEFAULT]/neutron_url +#url=http://127.0.0.1:9696 + +# Timeout value for connecting to neutron in seconds (integer +# value) +# Deprecated group/name - [DEFAULT]/neutron_url_timeout +#url_timeout=30 + +# User id for connecting to neutron in admin context (string +# value) +#admin_user_id= + +# Username for connecting to neutron in admin context (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_admin_username +#admin_username= + +# Password for connecting to neutron in admin context (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_admin_password +#admin_password= + +# Tenant id for connecting to neutron in admin context (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_admin_tenant_id +#admin_tenant_id= + +# Tenant name for connecting to neutron in admin context. This +# option will be ignored if neutron_admin_tenant_id is set. +# Note that with Keystone V3 tenant names are only unique +# within a domain. (string value) +# Deprecated group/name - [DEFAULT]/neutron_admin_tenant_name +#admin_tenant_name= + +# Region name for connecting to neutron in admin context +# (string value) +# Deprecated group/name - [DEFAULT]/neutron_region_name +#region_name= + +# Authorization URL for connecting to neutron in admin context +# (string value) +# Deprecated group/name - [DEFAULT]/neutron_admin_auth_url +#admin_auth_url=http://localhost:5000/v2.0 + +# If set, ignore any SSL validation issues (boolean value) +# Deprecated group/name - [DEFAULT]/neutron_api_insecure +#api_insecure=false + +# Authorization strategy for connecting to neutron in admin +# context (string value) +# Deprecated group/name - [DEFAULT]/neutron_auth_strategy +#auth_strategy=keystone + +# Name of Integration Bridge used by Open vSwitch (string +# value) +# Deprecated group/name - [DEFAULT]/neutron_ovs_bridge +#ovs_bridge=br-int + +# Number of seconds before querying neutron for extensions +# (integer value) +# Deprecated group/name - [DEFAULT]/neutron_extension_sync_interval +#extension_sync_interval=600 + +# Location of CA certificates file to use for neutron client +# requests. (string value) +# Deprecated group/name - [DEFAULT]/neutron_ca_certificates_file +#ca_certificates_file= + +# Allow an instance to have multiple vNICs attached to the +# same Neutron network. (boolean value) +#allow_duplicate_networks=false + + +[osapi_v3] + +# +# Options defined in nova.api.openstack +# + +# Whether the V3 API is enabled or not (boolean value) +#enabled=false + +# A list of v3 API extensions to never load. Specify the +# extension aliases here. (list value) +#extensions_blacklist= + +# If the list is not empty then a v3 API extension will only +# be loaded if it exists in this list. Specify the extension +# aliases here. (list value) +#extensions_whitelist= + + +[rdp] + +# +# Options defined in nova.rdp +# + +# Location of RDP html5 console proxy, in the form +# "http://127.0.0.1:6083/" (string value) +#html5_proxy_base_url=http://127.0.0.1:6083/ + +# Enable RDP related features (boolean value) +#enabled=false + + +[serial_console] + +# +# Options defined in nova.cmd.serialproxy +# + +# Host on which to listen for incoming requests (string value) +#serialproxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer +# value) +#serialproxy_port=6083 + + +# +# Options defined in nova.console.serial +# + +# Enable serial console related features (boolean value) +#enabled=false + +# Range of TCP ports to use for serial ports on compute hosts +# (string value) +#port_range=10000:20000 + +# Location of serial console proxy. (string value) +#base_url=ws://127.0.0.1:6083/ + +# IP address on which instance serial console should listen +# (string value) +#listen=127.0.0.1 + +# The address to which proxy clients (like nova-serialproxy) +# should connect (string value) +#proxyclient_address=127.0.0.1 + + +[spice] + +# +# Options defined in nova.cmd.spicehtml5proxy +# + +# Host on which to listen for incoming requests (string value) +# Deprecated group/name - [DEFAULT]/spicehtml5proxy_host +#html5proxy_host=0.0.0.0 + +# Port on which to listen for incoming requests (integer +# value) +# Deprecated group/name - [DEFAULT]/spicehtml5proxy_port +#html5proxy_port=6082 + + +# +# Options defined in nova.spice +# + +# Location of spice HTML5 console proxy, in the form +# "http://127.0.0.1:6082/spice_auto.html" (string value) +#html5proxy_base_url=http://127.0.0.1:6082/spice_auto.html + +# IP address on which instance spice server should listen +# (string value) +#server_listen=127.0.0.1 + +# The address to which proxy clients (like nova- +# spicehtml5proxy) should connect (string value) +#server_proxyclient_address=127.0.0.1 + +# Enable spice related features (boolean value) +#enabled=false + +# Enable spice guest agent support (boolean value) +#agent_enabled=true + +# Keymap for spice (string value) +#keymap=en-us + + +[ssl] + +# +# Options defined in nova.openstack.common.sslutils +# + +# CA certificate file to use to verify connecting clients. +# (string value) +#ca_file= + +# Certificate file to use when starting the server securely. +# (string value) +#cert_file= + +# Private key file to use when starting the server securely. +# (string value) +#key_file= + + +[trusted_computing] + +# +# Options defined in nova.scheduler.filters.trusted_filter +# + +# Attestation server HTTP (string value) +#attestation_server= + +# Attestation server Cert file for Identity verification +# (string value) +#attestation_server_ca_file= + +# Attestation server port (string value) +#attestation_port=8443 + +# Attestation web API URL (string value) +#attestation_api_url=/OpenAttestationWebServices/V1.0 + +# Attestation authorization blob - must change (string value) +#attestation_auth_blob= + +# Attestation status cache valid period length (integer value) +#attestation_auth_timeout=60 + +# Disable SSL cert verification for Attestation service +# (boolean value) +#attestation_insecure_ssl=false + + +[upgrade_levels] + +# +# Options defined in nova.baserpc +# + +# Set a version cap for messages sent to the base api in any +# service (string value) +#baseapi= + + +# +# Options defined in nova.cells.rpc_driver +# + +# Set a version cap for messages sent between cells services +# (string value) +#intercell= + + +# +# Options defined in nova.cells.rpcapi +# + +# Set a version cap for messages sent to local cells services +# (string value) +#cells= + + +# +# Options defined in nova.cert.rpcapi +# + +# Set a version cap for messages sent to cert services (string +# value) +#cert= + + +# +# Options defined in nova.compute.rpcapi +# + +# Set a version cap for messages sent to compute services. If +# you plan to do a live upgrade from havana to icehouse, you +# should set this option to "icehouse-compat" before beginning +# the live upgrade procedure. (string value) +#compute= + + +# +# Options defined in nova.conductor.rpcapi +# + +# Set a version cap for messages sent to conductor services +# (string value) +#conductor= + + +# +# Options defined in nova.console.rpcapi +# + +# Set a version cap for messages sent to console services +# (string value) +#console= + + +# +# Options defined in nova.consoleauth.rpcapi +# + +# Set a version cap for messages sent to consoleauth services +# (string value) +#consoleauth= + + +# +# Options defined in nova.network.rpcapi +# + +# Set a version cap for messages sent to network services +# (string value) +#network= + + +# +# Options defined in nova.scheduler.rpcapi +# + +# Set a version cap for messages sent to scheduler services +# (string value) +#scheduler= + + +[vmware] + +# +# Options defined in nova.virt.vmwareapi.driver +# + +# Hostname or IP address for connection to VMware VC host. +# (string value) +#host_ip= + +# Port for connection to VMware VC host. (integer value) +#host_port=443 + +# Username for connection to VMware VC host. (string value) +#host_username= + +# Password for connection to VMware VC host. (string value) +#host_password= + +# Name of a VMware Cluster ComputeResource. (multi valued) +#cluster_name= + +# Regex to match the name of a datastore. (string value) +#datastore_regex= + +# The interval used for polling of remote tasks. (floating +# point value) +#task_poll_interval=0.5 + +# The number of times we retry on failures, e.g., socket +# error, etc. (integer value) +#api_retry_count=10 + +# VNC starting port (integer value) +#vnc_port=5900 + +# Total number of VNC ports (integer value) +#vnc_port_total=10000 + +# Whether to use linked clone (boolean value) +#use_linked_clone=true + +# Optional VIM Service WSDL Location e.g +# http:///vimService.wsdl. Optional over-ride to +# default location for bug work-arounds (string value) +#wsdl_location= + + +# +# Options defined in nova.virt.vmwareapi.vif +# + +# Physical ethernet adapter name for vlan networking (string +# value) +#vlan_interface=vmnic0 + +# Name of Integration Bridge (string value) +#integration_bridge=br-int + + +# +# Options defined in nova.virt.vmwareapi.vim_util +# + +# The maximum number of ObjectContent data objects that should +# be returned in a single result. A positive value will cause +# the operation to suspend the retrieval when the count of +# objects reaches the specified maximum. The server may still +# limit the count to something less than the configured value. +# Any remaining objects may be retrieved with additional +# requests. (integer value) +#maximum_objects=100 + + +[xenserver] + +# +# Options defined in nova.virt.xenapi.agent +# + +# Number of seconds to wait for agent reply (integer value) +#agent_timeout=30 + +# Number of seconds to wait for agent to be fully operational +# (integer value) +#agent_version_timeout=300 + +# Number of seconds to wait for agent reply to resetnetwork +# request (integer value) +#agent_resetnetwork_timeout=60 + +# Specifies the path in which the XenAPI guest agent should be +# located. If the agent is present, network configuration is +# not injected into the image. Used if +# compute_driver=xenapi.XenAPIDriver and flat_injected=True +# (string value) +#agent_path=usr/sbin/xe-update-networking + +# Disables the use of the XenAPI agent in any image regardless +# of what image properties are present. (boolean value) +#disable_agent=false + +# Determines if the XenAPI agent should be used when the image +# used does not contain a hint to declare if the agent is +# present or not. The hint is a glance property +# "xenapi_use_agent" that has the value "True" or "False". +# Note that waiting for the agent when it is not present will +# significantly increase server boot times. (boolean value) +#use_agent_default=false + + +# +# Options defined in nova.virt.xenapi.client.session +# + +# Timeout in seconds for XenAPI login. (integer value) +#login_timeout=10 + +# Maximum number of concurrent XenAPI connections. Used only +# if compute_driver=xenapi.XenAPIDriver (integer value) +#connection_concurrent=5 + + +# +# Options defined in nova.virt.xenapi.driver +# + +# URL for connection to XenServer/Xen Cloud Platform. A +# special value of unix://local can be used to connect to the +# local unix socket. Required if +# compute_driver=xenapi.XenAPIDriver (string value) +#connection_url= + +# Username for connection to XenServer/Xen Cloud Platform. +# Used only if compute_driver=xenapi.XenAPIDriver (string +# value) +#connection_username=root + +# Password for connection to XenServer/Xen Cloud Platform. +# Used only if compute_driver=xenapi.XenAPIDriver (string +# value) +#connection_password= + +# The interval used for polling of coalescing vhds. Used only +# if compute_driver=xenapi.XenAPIDriver (floating point value) +#vhd_coalesce_poll_interval=5.0 + +# Ensure compute service is running on host XenAPI connects +# to. (boolean value) +#check_host=true + +# Max number of times to poll for VHD to coalesce. Used only +# if compute_driver=xenapi.XenAPIDriver (integer value) +#vhd_coalesce_max_attempts=20 + +# Base path to the storage repository (string value) +#sr_base_path=/var/run/sr-mount + +# The iSCSI Target Host (string value) +#target_host= + +# The iSCSI Target Port, default is port 3260 (string value) +#target_port=3260 + +# IQN Prefix (string value) +#iqn_prefix=iqn.2010-10.org.openstack + +# Used to enable the remapping of VBD dev (Works around an +# issue in Ubuntu Maverick) (boolean value) +#remap_vbd_dev=false + +# Specify prefix to remap VBD dev to (ex. /dev/xvdb -> +# /dev/sdb) (string value) +#remap_vbd_dev_prefix=sd + + +# +# Options defined in nova.virt.xenapi.image.bittorrent +# + +# Base URL for torrent files. (string value) +#torrent_base_url= + +# Probability that peer will become a seeder. (1.0 = 100%) +# (floating point value) +#torrent_seed_chance=1.0 + +# Number of seconds after downloading an image via BitTorrent +# that it should be seeded for other peers. (integer value) +#torrent_seed_duration=3600 + +# Cached torrent files not accessed within this number of +# seconds can be reaped (integer value) +#torrent_max_last_accessed=86400 + +# Beginning of port range to listen on (integer value) +#torrent_listen_port_start=6881 + +# End of port range to listen on (integer value) +#torrent_listen_port_end=6891 + +# Number of seconds a download can remain at the same progress +# percentage w/o being considered a stall (integer value) +#torrent_download_stall_cutoff=600 + +# Maximum number of seeder processes to run concurrently +# within a given dom0. (-1 = no limit) (integer value) +#torrent_max_seeder_processes_per_host=1 + + +# +# Options defined in nova.virt.xenapi.pool +# + +# To use for hosts with different CPUs (boolean value) +#use_join_force=true + + +# +# Options defined in nova.virt.xenapi.vif +# + +# Name of Integration Bridge used by Open vSwitch (string +# value) +#ovs_integration_bridge=xapi1 + + +# +# Options defined in nova.virt.xenapi.vm_utils +# + +# Cache glance images locally. `all` will cache all images, +# `some` will only cache images that have the image_property +# `cache_in_nova=True`, and `none` turns off caching entirely +# (string value) +#cache_images=all + +# Compression level for images, e.g., 9 for gzip -9. Range is +# 1-9, 9 being most compressed but most CPU intensive on dom0. +# (integer value) +#image_compression_level= + +# Default OS type (string value) +#default_os_type=linux + +# Time to wait for a block device to be created (integer +# value) +#block_device_creation_timeout=10 + +# Maximum size in bytes of kernel or ramdisk images (integer +# value) +#max_kernel_ramdisk_size=16777216 + +# Filter for finding the SR to be used to install guest +# instances on. To use the Local Storage in default +# XenServer/XCP installations set this flag to other-config +# :i18n-key=local-storage. To select an SR with a different +# matching criteria, you could set it to other- +# config:my_favorite_sr=true. On the other hand, to fall back +# on the Default SR, as displayed by XenCenter, set this flag +# to: default-sr:true (string value) +#sr_matching_filter=default-sr:true + +# Whether to use sparse_copy for copying data on a resize down +# (False will use standard dd). This speeds up resizes down +# considerably since large runs of zeros won't have to be +# rsynced (boolean value) +#sparse_copy=true + +# Maximum number of retries to unplug VBD (integer value) +#num_vbd_unplug_retries=10 + +# Whether or not to download images via Bit Torrent +# (all|some|none). (string value) +#torrent_images=none + +# Name of network to use for booting iPXE ISOs (string value) +#ipxe_network_name= + +# URL to the iPXE boot menu (string value) +#ipxe_boot_menu_url= + +# Name and optionally path of the tool used for ISO image +# creation (string value) +#ipxe_mkisofs_cmd=mkisofs + + +# +# Options defined in nova.virt.xenapi.vmops +# + +# Number of seconds to wait for instance to go to running +# state (integer value) +#running_timeout=60 + +# The XenAPI VIF driver using XenServer Network APIs. (string +# value) +#vif_driver=nova.virt.xenapi.vif.XenAPIBridgeDriver + +# Dom0 plugin driver used to handle image uploads. (string +# value) +#image_upload_handler=nova.virt.xenapi.image.glance.GlanceStore + + +# +# Options defined in nova.virt.xenapi.volume_utils +# + +# Number of seconds to wait for an SR to settle if the VDI +# does not exist when first introduced (integer value) +#introduce_vdi_retry_wait=20 + + +[zookeeper] + +# +# Options defined in nova.servicegroup.drivers.zk +# + +# The ZooKeeper addresses for servicegroup service in the +# format of host1:port,host2:port,host3:port (string value) +#address= + +# The recv_timeout parameter for the zk session (integer +# value) +#recv_timeout=4000 + +# The prefix used in ZooKeeper to store ephemeral nodes +# (string value) +#sg_prefix=/servicegroups + +# Number of seconds to wait until retrying to join the session +# (integer value) +#sg_retry_interval=5 + + diff --git a/openstack/usr/share/openstack/nova/policy.json b/openstack/usr/share/openstack/nova/policy.json new file mode 100644 index 00000000..cc5b8ea4 --- /dev/null +++ b/openstack/usr/share/openstack/nova/policy.json @@ -0,0 +1,324 @@ +{ + "context_is_admin": "role:admin", + "admin_or_owner": "is_admin:True or project_id:%(project_id)s", + "default": "rule:admin_or_owner", + + "cells_scheduler_filter:TargetCellFilter": "is_admin:True", + + "compute:create": "", + "compute:create:attach_network": "", + "compute:create:attach_volume": "", + "compute:create:forced_host": "is_admin:True", + "compute:get_all": "", + "compute:get_all_tenants": "", + "compute:start": "rule:admin_or_owner", + "compute:stop": "rule:admin_or_owner", + "compute:unlock_override": "rule:admin_api", + + "compute:shelve": "", + "compute:shelve_offload": "", + "compute:unshelve": "", + + "compute:volume_snapshot_create": "", + "compute:volume_snapshot_delete": "", + + "admin_api": "is_admin:True", + "compute:v3:servers:start": "rule:admin_or_owner", + "compute:v3:servers:stop": "rule:admin_or_owner", + "compute_extension:v3:os-access-ips:discoverable": "", + "compute_extension:v3:os-access-ips": "", + "compute_extension:accounts": "rule:admin_api", + "compute_extension:admin_actions": "rule:admin_api", + "compute_extension:admin_actions:pause": "rule:admin_or_owner", + "compute_extension:admin_actions:unpause": "rule:admin_or_owner", + "compute_extension:admin_actions:suspend": "rule:admin_or_owner", + "compute_extension:admin_actions:resume": "rule:admin_or_owner", + "compute_extension:admin_actions:lock": "rule:admin_or_owner", + "compute_extension:admin_actions:unlock": "rule:admin_or_owner", + "compute_extension:admin_actions:resetNetwork": "rule:admin_api", + "compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api", + "compute_extension:admin_actions:createBackup": "rule:admin_or_owner", + "compute_extension:admin_actions:migrateLive": "rule:admin_api", + "compute_extension:admin_actions:resetState": "rule:admin_api", + "compute_extension:admin_actions:migrate": "rule:admin_api", + "compute_extension:v3:os-admin-actions": "rule:admin_api", + "compute_extension:v3:os-admin-actions:discoverable": "", + "compute_extension:v3:os-admin-actions:reset_network": "rule:admin_api", + "compute_extension:v3:os-admin-actions:inject_network_info": "rule:admin_api", + "compute_extension:v3:os-admin-actions:reset_state": "rule:admin_api", + "compute_extension:v3:os-admin-password": "", + "compute_extension:v3:os-admin-password:discoverable": "", + "compute_extension:aggregates": "rule:admin_api", + "compute_extension:v3:os-aggregates:discoverable": "", + "compute_extension:v3:os-aggregates:index": "rule:admin_api", + "compute_extension:v3:os-aggregates:create": "rule:admin_api", + "compute_extension:v3:os-aggregates:show": "rule:admin_api", + "compute_extension:v3:os-aggregates:update": "rule:admin_api", + "compute_extension:v3:os-aggregates:delete": "rule:admin_api", + "compute_extension:v3:os-aggregates:add_host": "rule:admin_api", + "compute_extension:v3:os-aggregates:remove_host": "rule:admin_api", + "compute_extension:v3:os-aggregates:set_metadata": "rule:admin_api", + "compute_extension:agents": "rule:admin_api", + "compute_extension:v3:os-agents": "rule:admin_api", + "compute_extension:v3:os-agents:discoverable": "", + "compute_extension:attach_interfaces": "", + "compute_extension:v3:os-attach-interfaces": "", + "compute_extension:v3:os-attach-interfaces:discoverable": "", + "compute_extension:baremetal_nodes": "rule:admin_api", + "compute_extension:cells": "rule:admin_api", + "compute_extension:v3:os-cells": "rule:admin_api", + "compute_extension:v3:os-cells:discoverable": "", + "compute_extension:certificates": "", + "compute_extension:v3:os-certificates:create": "", + "compute_extension:v3:os-certificates:show": "", + "compute_extension:v3:os-certificates:discoverable": "", + "compute_extension:cloudpipe": "rule:admin_api", + "compute_extension:cloudpipe_update": "rule:admin_api", + "compute_extension:console_output": "", + "compute_extension:v3:consoles:discoverable": "", + "compute_extension:v3:os-console-output:discoverable": "", + "compute_extension:v3:os-console-output": "", + "compute_extension:consoles": "", + "compute_extension:v3:os-remote-consoles": "", + "compute_extension:v3:os-remote-consoles:discoverable": "", + "compute_extension:createserverext": "", + "compute_extension:v3:os-create-backup:discoverable": "", + "compute_extension:v3:os-create-backup": "rule:admin_or_owner", + "compute_extension:deferred_delete": "", + "compute_extension:v3:os-deferred-delete": "", + "compute_extension:v3:os-deferred-delete:discoverable": "", + "compute_extension:disk_config": "", + "compute_extension:evacuate": "rule:admin_api", + "compute_extension:v3:os-evacuate": "rule:admin_api", + "compute_extension:v3:os-evacuate:discoverable": "", + "compute_extension:extended_server_attributes": "rule:admin_api", + "compute_extension:v3:os-extended-server-attributes": "rule:admin_api", + "compute_extension:v3:os-extended-server-attributes:discoverable": "", + "compute_extension:extended_status": "", + "compute_extension:v3:os-extended-status": "", + "compute_extension:v3:os-extended-status:discoverable": "", + "compute_extension:extended_availability_zone": "", + "compute_extension:v3:os-extended-availability-zone": "", + "compute_extension:v3:os-extended-availability-zone:discoverable": "", + "compute_extension:extended_ips": "", + "compute_extension:extended_ips_mac": "", + "compute_extension:extended_vif_net": "", + "compute_extension:v3:extension_info:discoverable": "", + "compute_extension:extended_volumes": "", + "compute_extension:v3:os-extended-volumes": "", + "compute_extension:v3:os-extended-volumes:swap": "", + "compute_extension:v3:os-extended-volumes:discoverable": "", + "compute_extension:v3:os-extended-volumes:attach": "", + "compute_extension:v3:os-extended-volumes:detach": "", + "compute_extension:fixed_ips": "rule:admin_api", + "compute_extension:flavor_access": "", + "compute_extension:flavor_access:addTenantAccess": "rule:admin_api", + "compute_extension:flavor_access:removeTenantAccess": "rule:admin_api", + "compute_extension:v3:flavor-access": "", + "compute_extension:v3:flavor-access:discoverable": "", + "compute_extension:v3:flavor-access:remove_tenant_access": "rule:admin_api", + "compute_extension:v3:flavor-access:add_tenant_access": "rule:admin_api", + "compute_extension:flavor_disabled": "", + "compute_extension:flavor_rxtx": "", + "compute_extension:v3:os-flavor-rxtx": "", + "compute_extension:v3:os-flavor-rxtx:discoverable": "", + "compute_extension:flavor_swap": "", + "compute_extension:flavorextradata": "", + "compute_extension:flavorextraspecs:index": "", + "compute_extension:flavorextraspecs:show": "", + "compute_extension:flavorextraspecs:create": "rule:admin_api", + "compute_extension:flavorextraspecs:update": "rule:admin_api", + "compute_extension:flavorextraspecs:delete": "rule:admin_api", + "compute_extension:v3:flavors:discoverable": "", + "compute_extension:v3:flavor-extra-specs:discoverable": "", + "compute_extension:v3:flavor-extra-specs:index": "", + "compute_extension:v3:flavor-extra-specs:show": "", + "compute_extension:v3:flavor-extra-specs:create": "rule:admin_api", + "compute_extension:v3:flavor-extra-specs:update": "rule:admin_api", + "compute_extension:v3:flavor-extra-specs:delete": "rule:admin_api", + "compute_extension:flavormanage": "rule:admin_api", + "compute_extension:v3:flavor-manage": "rule:admin_api", + "compute_extension:floating_ip_dns": "", + "compute_extension:floating_ip_pools": "", + "compute_extension:floating_ips": "", + "compute_extension:floating_ips_bulk": "rule:admin_api", + "compute_extension:fping": "", + "compute_extension:fping:all_tenants": "rule:admin_api", + "compute_extension:hide_server_addresses": "is_admin:False", + "compute_extension:v3:os-hide-server-addresses": "is_admin:False", + "compute_extension:v3:os-hide-server-addresses:discoverable": "", + "compute_extension:hosts": "rule:admin_api", + "compute_extension:v3:os-hosts": "rule:admin_api", + "compute_extension:v3:os-hosts:discoverable": "", + "compute_extension:hypervisors": "rule:admin_api", + "compute_extension:v3:os-hypervisors": "rule:admin_api", + "compute_extension:v3:os-hypervisors:discoverable": "", + "compute_extension:image_size": "", + "compute_extension:instance_actions": "", + "compute_extension:v3:os-server-actions": "", + "compute_extension:v3:os-server-actions:discoverable": "", + "compute_extension:instance_actions:events": "rule:admin_api", + "compute_extension:v3:os-server-actions:events": "rule:admin_api", + "compute_extension:instance_usage_audit_log": "rule:admin_api", + "compute_extension:v3:ips:discoverable": "", + "compute_extension:keypairs": "", + "compute_extension:keypairs:index": "", + "compute_extension:keypairs:show": "", + "compute_extension:keypairs:create": "", + "compute_extension:keypairs:delete": "", + "compute_extension:v3:keypairs:discoverable": "", + "compute_extension:v3:keypairs": "", + "compute_extension:v3:keypairs:index": "", + "compute_extension:v3:keypairs:show": "", + "compute_extension:v3:keypairs:create": "", + "compute_extension:v3:keypairs:delete": "", + "compute_extension:v3:os-lock-server:discoverable": "", + "compute_extension:v3:os-lock-server:lock": "rule:admin_or_owner", + "compute_extension:v3:os-lock-server:unlock": "rule:admin_or_owner", + "compute_extension:v3:os-migrate-server:discoverable": "", + "compute_extension:v3:os-migrate-server:migrate": "rule:admin_api", + "compute_extension:v3:os-migrate-server:migrate_live": "rule:admin_api", + "compute_extension:multinic": "", + "compute_extension:v3:os-multinic": "", + "compute_extension:v3:os-multinic:discoverable": "", + "compute_extension:networks": "rule:admin_api", + "compute_extension:networks:view": "", + "compute_extension:networks_associate": "rule:admin_api", + "compute_extension:v3:os-pause-server:discoverable": "", + "compute_extension:v3:os-pause-server:pause": "rule:admin_or_owner", + "compute_extension:v3:os-pause-server:unpause": "rule:admin_or_owner", + "compute_extension:v3:os-pci:pci_servers": "", + "compute_extension:v3:os-pci:discoverable": "", + "compute_extension:v3:os-pci:index": "rule:admin_api", + "compute_extension:v3:os-pci:detail": "rule:admin_api", + "compute_extension:v3:os-pci:show": "rule:admin_api", + "compute_extension:quotas:show": "", + "compute_extension:quotas:update": "rule:admin_api", + "compute_extension:quotas:delete": "rule:admin_api", + "compute_extension:v3:os-quota-sets:discoverable": "", + "compute_extension:v3:os-quota-sets:show": "", + "compute_extension:v3:os-quota-sets:update": "rule:admin_api", + "compute_extension:v3:os-quota-sets:delete": "rule:admin_api", + "compute_extension:v3:os-quota-sets:detail": "rule:admin_api", + "compute_extension:quota_classes": "", + "compute_extension:rescue": "", + "compute_extension:v3:os-rescue": "", + "compute_extension:v3:os-rescue:discoverable": "", + "compute_extension:v3:os-scheduler-hints:discoverable": "", + "compute_extension:security_group_default_rules": "rule:admin_api", + "compute_extension:security_groups": "", + "compute_extension:v3:os-security-groups": "", + "compute_extension:v3:os-security-groups:discoverable": "", + "compute_extension:server_diagnostics": "rule:admin_api", + "compute_extension:v3:os-server-diagnostics": "rule:admin_api", + "compute_extension:v3:os-server-diagnostics:discoverable": "", + "compute_extension:server_groups": "", + "compute_extension:server_password": "", + "compute_extension:v3:os-server-password": "", + "compute_extension:v3:os-server-password:discoverable": "", + "compute_extension:server_usage": "", + "compute_extension:v3:os-server-usage": "", + "compute_extension:v3:os-server-usage:discoverable": "", + "compute_extension:services": "rule:admin_api", + "compute_extension:v3:os-services": "rule:admin_api", + "compute_extension:v3:os-services:discoverable": "", + "compute_extension:v3:server-metadata:discoverable": "", + "compute_extension:v3:servers:discoverable": "", + "compute_extension:shelve": "", + "compute_extension:shelveOffload": "rule:admin_api", + "compute_extension:v3:os-shelve:shelve": "", + "compute_extension:v3:os-shelve:shelve:discoverable": "", + "compute_extension:v3:os-shelve:shelve_offload": "rule:admin_api", + "compute_extension:simple_tenant_usage:show": "rule:admin_or_owner", + "compute_extension:v3:os-suspend-server:discoverable": "", + "compute_extension:v3:os-suspend-server:suspend": "rule:admin_or_owner", + "compute_extension:v3:os-suspend-server:resume": "rule:admin_or_owner", + "compute_extension:simple_tenant_usage:list": "rule:admin_api", + "compute_extension:unshelve": "", + "compute_extension:v3:os-shelve:unshelve": "", + "compute_extension:users": "rule:admin_api", + "compute_extension:v3:os-user-data:discoverable": "", + "compute_extension:virtual_interfaces": "", + "compute_extension:virtual_storage_arrays": "", + "compute_extension:volumes": "", + "compute_extension:volume_attachments:index": "", + "compute_extension:volume_attachments:show": "", + "compute_extension:volume_attachments:create": "", + "compute_extension:volume_attachments:update": "", + "compute_extension:volume_attachments:delete": "", + "compute_extension:volumetypes": "", + "compute_extension:availability_zone:list": "", + "compute_extension:v3:os-availability-zone:list": "", + "compute_extension:v3:os-availability-zone:discoverable": "", + "compute_extension:availability_zone:detail": "rule:admin_api", + "compute_extension:v3:os-availability-zone:detail": "rule:admin_api", + "compute_extension:used_limits_for_admin": "rule:admin_api", + "compute_extension:migrations:index": "rule:admin_api", + "compute_extension:v3:os-migrations:index": "rule:admin_api", + "compute_extension:v3:os-migrations:discoverable": "", + "compute_extension:os-assisted-volume-snapshots:create": "rule:admin_api", + "compute_extension:os-assisted-volume-snapshots:delete": "rule:admin_api", + "compute_extension:console_auth_tokens": "rule:admin_api", + "compute_extension:v3:os-console-auth-tokens": "rule:admin_api", + "compute_extension:os-server-external-events:create": "rule:admin_api", + "compute_extension:v3:os-server-external-events:create": "rule:admin_api", + + "volume:create": "", + "volume:get_all": "", + "volume:get_volume_metadata": "", + "volume:get_snapshot": "", + "volume:get_all_snapshots": "", + + + "volume_extension:types_manage": "rule:admin_api", + "volume_extension:types_extra_specs": "rule:admin_api", + "volume_extension:volume_admin_actions:reset_status": "rule:admin_api", + "volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api", + "volume_extension:volume_admin_actions:force_delete": "rule:admin_api", + + + "network:get_all": "", + "network:get": "", + "network:create": "", + "network:delete": "", + "network:associate": "", + "network:disassociate": "", + "network:get_vifs_by_instance": "", + "network:allocate_for_instance": "", + "network:deallocate_for_instance": "", + "network:validate_networks": "", + "network:get_instance_uuids_by_ip_filter": "", + "network:get_instance_id_by_floating_address": "", + "network:setup_networks_on_host": "", + "network:get_backdoor_port": "", + + "network:get_floating_ip": "", + "network:get_floating_ip_pools": "", + "network:get_floating_ip_by_address": "", + "network:get_floating_ips_by_project": "", + "network:get_floating_ips_by_fixed_address": "", + "network:allocate_floating_ip": "", + "network:deallocate_floating_ip": "", + "network:associate_floating_ip": "", + "network:disassociate_floating_ip": "", + "network:release_floating_ip": "", + "network:migrate_instance_start": "", + "network:migrate_instance_finish": "", + + "network:get_fixed_ip": "", + "network:get_fixed_ip_by_address": "", + "network:add_fixed_ip_to_instance": "", + "network:remove_fixed_ip_from_instance": "", + "network:add_network_to_project": "", + "network:get_instance_nw_info": "", + + "network:get_dns_domains": "", + "network:add_dns_entry": "", + "network:modify_dns_entry": "", + "network:delete_dns_entry": "", + "network:get_dns_entries_by_address": "", + "network:get_dns_entries_by_name": "", + "network:create_private_dns_domain": "", + "network:create_public_dns_domain": "", + "network:delete_dns_domain": "" +} -- cgit v1.2.1 From 8d76e18a6debb4b421c5d443bc673f88abc7a8e6 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 13 Apr 2015 17:19:04 +0000 Subject: Openstack: Make Keystone configurable Change-Id: Ic29d7c367622e0ab35486466e5e32ca432539c39 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena --- openstack-keystone.configure | 99 +++++++++++ openstack/manifest | 18 ++ .../system/openstack-keystone-setup.service | 12 ++ .../lib/systemd/system/openstack-keystone.service | 13 ++ .../usr/lib/systemd/system/postgres-server.service | 25 +++ .../usr/lib/systemd/system/rabbitmq-server.service | 16 ++ openstack/usr/share/openstack/hosts | 1 + openstack/usr/share/openstack/keystone.yml | 188 +++++++++++++++++++++ .../usr/share/openstack/keystone/keystone.conf | 27 +-- openstack/usr/share/openstack/postgres/pg_hba.conf | 4 + .../usr/share/openstack/postgres/postgresql.conf | 11 ++ .../usr/share/openstack/rabbitmq/rabbitmq-env.conf | 3 + .../usr/share/openstack/rabbitmq/rabbitmq.config | 9 + systems/openstack-system-x86_64.morph | 1 + 14 files changed, 414 insertions(+), 13 deletions(-) create mode 100644 openstack-keystone.configure create mode 100644 openstack/manifest create mode 100644 openstack/usr/lib/systemd/system/openstack-keystone-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-keystone.service create mode 100644 openstack/usr/lib/systemd/system/postgres-server.service create mode 100644 openstack/usr/lib/systemd/system/rabbitmq-server.service create mode 100644 openstack/usr/share/openstack/hosts create mode 100644 openstack/usr/share/openstack/keystone.yml create mode 100644 openstack/usr/share/openstack/postgres/pg_hba.conf create mode 100644 openstack/usr/share/openstack/postgres/postgresql.conf create mode 100644 openstack/usr/share/openstack/rabbitmq/rabbitmq-env.conf create mode 100644 openstack/usr/share/openstack/rabbitmq/rabbitmq.config diff --git a/openstack-keystone.configure b/openstack-keystone.configure new file mode 100644 index 00000000..7c8631ce --- /dev/null +++ b/openstack-keystone.configure @@ -0,0 +1,99 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -s "/usr/lib/systemd/system/openstack-keystone-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-keystone-setup.service" + +ln -s "/usr/lib/systemd/system/openstack-horizon-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-horizon-setup.service" + +########################################################################## +# Check variables +########################################################################## + +if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ + -z "$KEYSTONE_ADMIN_PASSWORD" -a \ + -z "$KEYSTONE_DB_USER" -a \ + -z "$KEYSTONE_DB_PASSWORD" -a \ + -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ + -z "$CONTROLLER_HOST_ADDRESS" ]; then + # No Keystone options defined, do nothing. + exit 0 +fi + +if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$KEYSTONE_ADMIN_PASSWORD" -o \ + -z "$KEYSTONE_DB_USER" -o \ + -z "$KEYSTONE_DB_PASSWORD" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$CONTROLLER_HOST_ADDRESS" ]; then + echo Some options required for Keystone were defined, but not all. + exit 1 +fi + + +python <<'EOF' +import socket +import sys +import os + +try: + socket.inet_pton(socket.AF_INET, os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS']) +except: + print "Error: MANAGEMENT_INTERFACE_IP_ADDRESS is not a valid IP" + sys.exit(1) +EOF + + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/keystone.conf" +import os, sys, yaml + +keystone_configuration={ + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + 'KEYSTONE_ADMIN_PASSWORD': os.environ['KEYSTONE_ADMIN_PASSWORD'], + 'KEYSTONE_DB_USER': os.environ['KEYSTONE_DB_USER'], + 'KEYSTONE_DB_PASSWORD': os.environ['KEYSTONE_DB_PASSWORD'], + 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], +} + +yaml.dump(keystone_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest new file mode 100644 index 00000000..d48d5f9d --- /dev/null +++ b/openstack/manifest @@ -0,0 +1,18 @@ +0040755 0 0 /usr/share/openstack +0100644 0 0 /usr/share/openstack/hosts +0100644 0 0 /usr/share/openstack/keystone.yml +0040755 0 0 /usr/share/openstack/keystone +0100644 0 0 /usr/share/openstack/keystone/logging.conf +0100644 0 0 /usr/share/openstack/keystone/keystone.conf +0100644 0 0 /usr/share/openstack/keystone/policy.json +0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini +0040755 0 0 /usr/share/openstack/postgres +0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf +0100644 0 0 /usr/share/openstack/postgres/postgresql.conf +0040755 0 0 /usr/share/openstack/rabbitmq +0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq-env.conf +0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq.config +0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service +0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service +0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service +0100644 0 0 /usr/lib/systemd/system/postgres-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service new file mode 100644 index 00000000..9ea04c1d --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Run keystone-setup Ansible scripts +After=local-fs.target postgres-server.service +ConditionPathExists=/etc/openstack/keystone.conf + +[Service] +# Oneshot, since others setup have to wait until this service finishes +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/keystone.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-keystone.service b/openstack/usr/lib/systemd/system/openstack-keystone.service new file mode 100644 index 00000000..0aa9e1ef --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-keystone.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Identity Service (code-named Keystone) +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=notify +Restart=always +User=keystone +ExecStart=/usr/bin/keystone-all --config-file /etc/keystone/keystone.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/postgres-server.service b/openstack/usr/lib/systemd/system/postgres-server.service new file mode 100644 index 00000000..70b2fd09 --- /dev/null +++ b/openstack/usr/lib/systemd/system/postgres-server.service @@ -0,0 +1,25 @@ +[Unit] +Description=PostgreSQL database server +After=network.target + +[Service] +Type=forking +TimeoutSec=120 +User=postgres +Group=postgres + +Environment=PGROOT=/var/lib/pgsql + +SyslogIdentifier=postgres +PIDFile=/var/lib/pgsql/data/postmaster.pid + +ExecStart= /usr/bin/pg_ctl -s -D ${PGROOT}/data start -w -t 120 +ExecReload=/usr/bin/pg_ctl -s -D ${PGROOT}/data reload +ExecStop= /usr/bin/pg_ctl -s -D ${PGROOT}/data stop -m fast + +# Due to PostgreSQL's use of shared memory, OOM killer is often overzealous in +# killing Postgres, so adjust it downward +OOMScoreAdjust=-200 + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/rabbitmq-server.service b/openstack/usr/lib/systemd/system/rabbitmq-server.service new file mode 100644 index 00000000..f161b9d0 --- /dev/null +++ b/openstack/usr/lib/systemd/system/rabbitmq-server.service @@ -0,0 +1,16 @@ +[Unit] +Description=RabbitMQ broker +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=notify +User=rabbitmq +Group=rabbitmq +Environment=HOME=/var/lib/rabbitmq +WorkingDirectory=/var/lib/rabbitmq +ExecStart=/usr/sbin/rabbitmq-server +ExecStop=/usr/sbin/rabbitmqctl stop + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/hosts b/openstack/usr/share/openstack/hosts new file mode 100644 index 00000000..5b97818d --- /dev/null +++ b/openstack/usr/share/openstack/hosts @@ -0,0 +1 @@ +localhost ansible_connection=local diff --git a/openstack/usr/share/openstack/keystone.yml b/openstack/usr/share/openstack/keystone.yml new file mode 100644 index 00000000..20753a9c --- /dev/null +++ b/openstack/usr/share/openstack/keystone.yml @@ -0,0 +1,188 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/keystone.conf" + tasks: + + # RabbitMQ configuration, this may end up in a different playbook + - name: Create rabbitmq user + user: + name: rabbitmq + comment: Rabbitmq server daemon + shell: /sbin/nologin + home: /var/lib/rabbitmq + + - name: Create the rabbitmq directories + file: + path: "{{ item }}" + state: directory + owner: rabbitmq + group: rabbitmq + with_items: + - /var/run/rabbitmq + - /var/log/rabbitmq + - /etc/rabbitmq + + - name: Add the configuration needed for rabbitmq in /etc/rabbitmq using templates + template: + src: /usr/share/openstack/rabbitmq/{{ item }} + dest: /etc/rabbitmq/{{ item }} + owner: rabbitmq + group: rabbitmq + mode: 0644 + with_items: + - rabbitmq.config + - rabbitmq-env.conf + + - name: Enable and start rabbitmq services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - rabbitmq-server + + # Postgres configuration, this may end up in a different playbook + - name: Create postgres user + user: + name: postgres + comment: PostgreSQL Server + shell: /sbin/nologin + home: /var/lib/pgsql + + - name: Create the postgres directories + file: + path: "{{ item }}" + state: directory + owner: postgres + group: postgres + with_items: + - /var/run/postgresql + - /var/lib/pgsql/data + + - name: Initialise postgres database + command: pg_ctl -D /var/lib/pgsql/data initdb + args: + creates: /var/lib/pgsql/data/base + sudo: yes + sudo_user: postgres + + - name: Add the configuration needed for postgres for Openstack + template: + src: /usr/share/openstack/postgres/{{ item }} + dest: /var/lib/pgsql/data/{{ item }} + owner: postgres + group: postgres + mode: 0600 + with_items: + - postgresql.conf + - pg_hba.conf + + - name: Enable and start postgres services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - postgres-server + + + # Keystone configuration + - name: Create the keystone user. + user: + name: keystone + comment: Openstack Keystone Daemons + shell: /sbin/nologin + home: /var/lib/keystone + + - name: Create the /var folders for keystone + file: + path: "{{ item }}" + state: directory + owner: keystone + group: keystone + with_items: + - /var/run/keystone + - /var/lock/keystone + - /var/log/keystone + - /var/lib/keystone + + - name: Create /etc/keystone directory + file: + path: /etc/keystone + state: directory + + - name: Add the configuration needed for lorry in /etc using templates + template: + src: /usr/share/openstack/keystone/{{ item }} + dest: /etc/keystone/{{ item }} + with_lines: + - cd /usr/share/openstack/keystone && find -type f + + - name: Create postgresql user for keystone + postgresql_user: + name: "{{ KEYSTONE_DB_USER }}" + password: "{{ KEYSTONE_DB_PASSWORD }}" + sudo: yes + sudo_user: keystone + + - name: Create database for keystone services + postgresql_db: + name: keystone + owner: "{{ KEYSTONE_DB_USER }}" + sudo: yes + sudo_user: keystone + + - name: Initiatie keystone database + keystone_manage: + action: dbsync + sudo: yes + sudo_user: keystone + + - name: Enable and start openstack-keystone service + service: + name: openstack-keystone.service + enabled: yes + state: started + + - name: Create admin tenant + keystone_user: + tenant: admin + tenant_description: Admin Tenant + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 + + - name: Create admin user for the admin tenant + keystone_user: + user: admin + tenant: admin + password: "{{ KEYSTONE_ADMIN_PASSWORD }}" + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 + + - name: Create admin role for admin user in the admin tenant + keystone_user: + role: admin + user: admin + tenant: admin + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 + + - name: Create service tenant + keystone_user: + tenant: service + tenant_description: Service Tenant + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 + + - name: Add kestone endpoint + keystone_service: + name: keystone + type: identity + description: Keystone Identity Service + publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 + internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 + adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 diff --git a/openstack/usr/share/openstack/keystone/keystone.conf b/openstack/usr/share/openstack/keystone/keystone.conf index c058a030..3d242a50 100644 --- a/openstack/usr/share/openstack/keystone/keystone.conf +++ b/openstack/usr/share/openstack/keystone/keystone.conf @@ -10,7 +10,7 @@ # recommended), remove AdminTokenAuthMiddleware from your # paste application pipelines (for example, in keystone- # paste.ini). (string value) -#admin_token=ADMIN +admin_token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }} # The IP address of the network interface for the public # service to listen on. (string value) @@ -33,11 +33,11 @@ # The port number which the admin service listens on. (integer # value) -#admin_port=35357 +admin_port=35357 # The port number which the public service listens on. # (integer value) -#public_port=5000 +public_port=5000 # The base public endpoint URL for Keystone that is advertised # to clients (NOTE: this does NOT affect how Keystone listens @@ -207,23 +207,23 @@ # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) -#rabbit_hosts=$rabbit_host:$rabbit_port +rabbit_hosts=$rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ. (boolean value) -#rabbit_use_ssl=false +rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN @@ -308,7 +308,7 @@ # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -#rpc_backend=rabbit +rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the @@ -630,6 +630,7 @@ # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection= +connection=postgresql://{{ KEYSTONE_DB_USER }}:{{ KEYSTONE_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/keystone # The SQLAlchemy connection string to use to connect to the # slave database. (string value) @@ -1534,11 +1535,11 @@ # Controls the token construction, validation, and revocation # operations. Core providers are # "keystone.token.providers.[pkiz|pki|uuid].Provider". The -# default provider is uuid. (string value) -#provider= +# default provider is pkiz. (string value) +provider=keystone.token.providers.uuid.Provider # Token persistence backend driver. (string value) -#driver=keystone.token.persistence.backends.sql.Token +driver=keystone.token.backends.sql.Token # Toggle for token system caching. This has no effect unless # global caching is enabled. (boolean value) diff --git a/openstack/usr/share/openstack/postgres/pg_hba.conf b/openstack/usr/share/openstack/postgres/pg_hba.conf new file mode 100644 index 00000000..0968fc44 --- /dev/null +++ b/openstack/usr/share/openstack/postgres/pg_hba.conf @@ -0,0 +1,4 @@ +local all all trust +host all all 127.0.0.0/8 trust +host all all ::1/128 trust +host all all {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}/32 trust diff --git a/openstack/usr/share/openstack/postgres/postgresql.conf b/openstack/usr/share/openstack/postgres/postgresql.conf new file mode 100644 index 00000000..74153385 --- /dev/null +++ b/openstack/usr/share/openstack/postgres/postgresql.conf @@ -0,0 +1,11 @@ +listen_addresses = '{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}' +max_connections = 100 +shared_buffers = 128MB +log_timezone = 'UTC' +datestyle = 'iso, mdy' +timezone = 'UTC' +lc_messages = 'C' +lc_monetary = 'C' +lc_numeric = 'C' +lc_time = 'C' +default_text_search_config = 'pg_catalog.english' diff --git a/openstack/usr/share/openstack/rabbitmq/rabbitmq-env.conf b/openstack/usr/share/openstack/rabbitmq/rabbitmq-env.conf new file mode 100644 index 00000000..d4c58dae --- /dev/null +++ b/openstack/usr/share/openstack/rabbitmq/rabbitmq-env.conf @@ -0,0 +1,3 @@ +# Configure port node where rabbitmq-server will listen from. +NODE_PORT={{ RABBITMQ_PORT }} +CONFIG_FILE=/etc/rabbitmq/rabbitmq diff --git a/openstack/usr/share/openstack/rabbitmq/rabbitmq.config b/openstack/usr/share/openstack/rabbitmq/rabbitmq.config new file mode 100644 index 00000000..9b93881e --- /dev/null +++ b/openstack/usr/share/openstack/rabbitmq/rabbitmq.config @@ -0,0 +1,9 @@ +%% -*- Rabbit configuration for Openstack in Baserock +[ + {rabbit, + [ + {default_user, <<"{{ RABBITMQ_USER }}">>}, + {default_pass, <<"{{ RABBITMQ_PASSWORD }}">>}, + {tcp_listeners, [{{ RABBITMQ_PORT }}]} + ]} +]. diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 593794e0..64125a73 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -63,3 +63,4 @@ configuration-extensions: - install-files - cloud-init - hosts +- openstack-keystone -- cgit v1.2.1 From 2abd264299f6bda6a512db75f4382b856da9f9e0 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 13 Apr 2015 18:06:31 +0000 Subject: Openstack: Make Glance configurable Change-Id: I137bd286b2f8ad6eeb37d34803f9ae41a735e7ec Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena --- openstack-glance.configure | 85 ++++++++++++++++++++ openstack/manifest | 14 ++++ .../systemd/system/openstack-glance-api.service | 13 +++ .../system/openstack-glance-registry.service | 13 +++ .../systemd/system/openstack-glance-setup.service | 9 +++ openstack/usr/share/openstack/glance.yml | 93 ++++++++++++++++++++++ .../usr/share/openstack/glance/glance-api.conf | 64 +++++++-------- .../usr/share/openstack/glance/glance-cache.conf | 6 +- .../share/openstack/glance/glance-registry.conf | 18 +++-- .../share/openstack/glance/glance-scrubber.conf | 6 +- systems/openstack-system-x86_64.morph | 1 + 11 files changed, 277 insertions(+), 45 deletions(-) create mode 100644 openstack-glance.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-glance-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-glance-registry.service create mode 100644 openstack/usr/lib/systemd/system/openstack-glance-setup.service create mode 100644 openstack/usr/share/openstack/glance.yml diff --git a/openstack-glance.configure b/openstack-glance.configure new file mode 100644 index 00000000..44b4d6aa --- /dev/null +++ b/openstack-glance.configure @@ -0,0 +1,85 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -s "/usr/lib/systemd/system/openstack-glance-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-glance-setup.service" + +########################################################################## +# Check variables +########################################################################## + +if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ + -z "$GLANCE_SERVICE_USER" -a \ + -z "$GLANCE_SERVICE_PASSWORD" -a \ + -z "$GLANCE_DB_USER" -a \ + -z "$GLANCE_DB_PASSWORD" -a \ + -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ + -z "$CONTROLLER_HOST_ADDRESS" ]; then + # No Glance options defined, do nothing. + exit 0 +fi + +if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$GLANCE_SERVICE_USER" -o \ + -z "$GLANCE_SERVICE_PASSWORD" -o \ + -z "$GLANCE_DB_USER" -o \ + -z "$GLANCE_DB_PASSWORD" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$CONTROLLER_HOST_ADDRESS" ]; then + echo Some options required for Glance were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/glance.conf" +import os, sys, yaml + +glance_configuration={ + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + 'GLANCE_SERVICE_PASSWORD': os.environ['GLANCE_SERVICE_PASSWORD'], + 'GLANCE_SERVICE_USER': os.environ['GLANCE_SERVICE_USER'], + 'GLANCE_DB_USER': os.environ['GLANCE_DB_USER'], + 'GLANCE_DB_PASSWORD': os.environ['GLANCE_DB_PASSWORD'], + 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], +} + +yaml.dump(glance_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index d48d5f9d..85b9cc7a 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -1,5 +1,16 @@ 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts +0100644 0 0 /usr/share/openstack/glance.yml +0040755 0 0 /usr/share/openstack/glance +0100644 0 0 /usr/share/openstack/glance/logging.conf +0100644 0 0 /usr/share/openstack/glance/glance-api.conf +0100644 0 0 /usr/share/openstack/glance/glance-registry.conf +0100644 0 0 /usr/share/openstack/glance/glance-scrubber.conf +0100644 0 0 /usr/share/openstack/glance/glance-cache.conf +0100644 0 0 /usr/share/openstack/glance/schema-image.json +0100644 0 0 /usr/share/openstack/glance/policy.json +0100644 0 0 /usr/share/openstack/glance/glance-api-paste.ini +0100644 0 0 /usr/share/openstack/glance/glance-registry-paste.ini 0100644 0 0 /usr/share/openstack/keystone.yml 0040755 0 0 /usr/share/openstack/keystone 0100644 0 0 /usr/share/openstack/keystone/logging.conf @@ -14,5 +25,8 @@ 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq.config 0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-glance-api.service b/openstack/usr/lib/systemd/system/openstack-glance-api.service new file mode 100644 index 00000000..e1387118 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-glance-api.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Image Service (code-named Glance) API server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=glance +ExecStart=/usr/bin/glance-api --config-file /etc/glance/glance-api.conf + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/lib/systemd/system/openstack-glance-registry.service b/openstack/usr/lib/systemd/system/openstack-glance-registry.service new file mode 100644 index 00000000..f3134352 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-glance-registry.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Image Service (code-named Glance) Registry server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=glance +ExecStart=/usr/bin/glance-registry --config-file /etc/glance/glance-registry.conf + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/lib/systemd/system/openstack-glance-setup.service b/openstack/usr/lib/systemd/system/openstack-glance-setup.service new file mode 100644 index 00000000..c00c520c --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-glance-setup.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run glance-setup Ansible scripts +After=local-fs.target openstack-keystone-setup.service postgres-server.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/glance.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/glance.yml b/openstack/usr/share/openstack/glance.yml new file mode 100644 index 00000000..aa7e4c78 --- /dev/null +++ b/openstack/usr/share/openstack/glance.yml @@ -0,0 +1,93 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/glance.conf" + tasks: + - name: Create the glance user. + user: + name: glance + comment: Openstack Glance Daemons + shell: /sbin/nologin + home: /var/lib/glance + + - name: Create the /var folders for glance + file: + path: "{{ item }}" + state: directory + owner: glance + group: glance + with_items: + - /var/run/glance + - /var/lock/glance + - /var/log/glance + - /var/lib/glance + - /var/lib/glance/images + - /var/lib/glance/image-cache + + - name: Create /etc/glance directory + file: + path: /etc/glance + state: directory + + - name: Add the configuration needed for glance in /etc/glance using templates + template: + src: /usr/share/openstack/glance/{{ item }} + dest: /etc/glance/{{ item }} + with_lines: + - cd /usr/share/openstack/glance && find -type f + + - name: Create glance service user in service tenant + keystone_user: + user: "{{ GLANCE_SERVICE_USER }}" + password: "{{ GLANCE_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to glances service user in the service tenant + keystone_user: + role: admin + user: "{{ GLANCE_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add glance endpoint + keystone_service: + name: glance + type: image + description: Openstack Image Service + publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9292 + internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9292 + adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9292 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for glance + postgresql_user: + name: "{{ GLANCE_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ GLANCE_DB_PASSWORD }}" + sudo: yes + sudo_user: glance + + - name: Create database for glance services + postgresql_db: + name: glance + owner: "{{ GLANCE_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: glance + + - name: Initiate glance database + glance_manage: + action: dbsync + sudo: yes + sudo_user: glance + + - name: Enable and start openstack-glance services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-glance-api.service + - openstack-glance-registry.service diff --git a/openstack/usr/share/openstack/glance/glance-api.conf b/openstack/usr/share/openstack/glance/glance-api.conf index cfc214e9..675062a6 100644 --- a/openstack/usr/share/openstack/glance/glance-api.conf +++ b/openstack/usr/share/openstack/glance/glance-api.conf @@ -18,7 +18,7 @@ default_store = file #image_size_cap = 1099511627776 # Address to bind the API server -bind_host = 0.0.0.0 +bind_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Port the bind the API server to bind_port = 9292 @@ -28,7 +28,7 @@ bind_port = 9292 # # If `log_file` is omitted and `use_syslog` is false, then log messages are # sent to stdout as a fallback. -log_file = /var/log/glance/api.log +# log_file = /var/log/glance/api.log # Backlog requests when creating socket backlog = 4096 @@ -113,7 +113,7 @@ backlog = 4096 # Send logs to syslog (/dev/log) instead of to file specified # by `log_file` -#use_syslog = False +use_syslog = True # Facility to use. If unset defaults to LOG_USER. #syslog_log_facility = LOG_LOCAL0 @@ -139,7 +139,7 @@ backlog = 4096 # ============ Registry Options =============================== # Address to find the registry server -registry_host = 0.0.0.0 +registry_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Port the registry server is listening on registry_port = 9191 @@ -213,15 +213,14 @@ registry_client_protocol = http # default_publisher_id = image.localhost # Messaging driver used for 'messaging' notifications driver -# rpc_backend = 'rabbit' +rpc_backend=rabbit -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 +# Configuration options if sending notifications via rabbitmq +rabbit_host = {{ RABBITMQ_HOST }} +rabbit_port = {{ RABBITMQ_PORT }} rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest +rabbit_userid = {{ RABBITMQ_USER }} +rabbit_password = {{ RABBITMQ_PASSWORD }} rabbit_virtual_host = / rabbit_notification_exchange = glance rabbit_notification_topic = notifications @@ -229,22 +228,22 @@ rabbit_durable_queues = False # Configuration options if sending notifications via Qpid (these are # the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_hostname = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 +#qpid_notification_exchange = glance +#qpid_notification_topic = notifications +#qpid_hostname = localhost +#qpid_port = 5672 +#qpid_username = +#qpid_password = +#qpid_sasl_mechanisms = +#qpid_reconnect_timeout = 0 +#qpid_reconnect_limit = 0 +#qpid_reconnect_interval_min = 0 +#qpid_reconnect_interval_max = 0 +#qpid_reconnect_interval = 0 +#qpid_heartbeat = 5 # Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True +#qpid_protocol = tcp +#qpid_tcp_nodelay = True # ============ Delayed Delete Options ============================= @@ -301,6 +300,8 @@ image_cache_dir = /var/lib/glance/image-cache/ # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = +connection=postgresql://{{ GLANCE_DB_USER }}:{{ GLANCE_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/glance + # The SQL mode to be used for MySQL sessions. This option, # including the default, overrides any server-set SQL mode. To @@ -381,10 +382,11 @@ image_cache_dir = /var/lib/glance/image-cache/ #db_max_retries = 20 [keystone_authtoken] -identity_uri = http://127.0.0.1:35357 -admin_tenant_name = %SERVICE_TENANT_NAME% -admin_user = %SERVICE_USER% -admin_password = %SERVICE_PASSWORD% +auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 +admin_tenant_name = service +admin_user = {{ GLANCE_SERVICE_USER }} +admin_password = {{ GLANCE_SERVICE_PASSWORD }} revocation_cache_time = 10 [paste_deploy] @@ -395,7 +397,7 @@ revocation_cache_time = 10 # service name removed. For example, if your paste section name is # [pipeline:glance-api-keystone], you would configure the flavor below # as 'keystone'. -#flavor= +flavor=keystone [store_type_location_strategy] # The scheme list to use to get store preference order. The scheme must be diff --git a/openstack/usr/share/openstack/glance/glance-cache.conf b/openstack/usr/share/openstack/glance/glance-cache.conf index 0246b672..3f2d4603 100644 --- a/openstack/usr/share/openstack/glance/glance-cache.conf +++ b/openstack/usr/share/openstack/glance/glance-cache.conf @@ -10,10 +10,10 @@ # # If `log_file` is omitted and `use_syslog` is false, then log messages are # sent to stdout as a fallback. -log_file = /var/log/glance/image-cache.log +# log_file = /var/log/glance/image-cache.log # Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False +use_syslog = True # Directory that the Image Cache writes data to image_cache_dir = /var/lib/glance/image-cache/ @@ -26,7 +26,7 @@ image_cache_stall_time = 86400 image_cache_max_size = 10737418240 # Address to find the registry server -registry_host = 0.0.0.0 +registry_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Port the registry server is listening on registry_port = 9191 diff --git a/openstack/usr/share/openstack/glance/glance-registry.conf b/openstack/usr/share/openstack/glance/glance-registry.conf index a72abf8c..e663148d 100644 --- a/openstack/usr/share/openstack/glance/glance-registry.conf +++ b/openstack/usr/share/openstack/glance/glance-registry.conf @@ -6,7 +6,7 @@ #debug = False # Address to bind the registry server -bind_host = 0.0.0.0 +bind_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Port the bind the registry server to bind_port = 9191 @@ -16,7 +16,7 @@ bind_port = 9191 # # If `log_file` is omitted and `use_syslog` is false, then log messages are # sent to stdout as a fallback. -log_file = /var/log/glance/registry.log +# log_file = /var/log/glance/registry.log # Backlog requests when creating socket backlog = 4096 @@ -62,7 +62,7 @@ limit_param_default = 25 # Send logs to syslog (/dev/log) instead of to file specified # by `log_file` -#use_syslog = False +use_syslog = True # Facility to use. If unset defaults to LOG_USER. #syslog_log_facility = LOG_LOCAL1 @@ -141,6 +141,7 @@ qpid_tcp_nodelay = True # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = +connection=postgresql://{{ GLANCE_DB_USER }}:{{ GLANCE_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/glance # The SQL mode to be used for MySQL sessions. This option, # including the default, overrides any server-set SQL mode. To @@ -221,10 +222,11 @@ qpid_tcp_nodelay = True #db_max_retries = 20 [keystone_authtoken] -identity_uri = http://127.0.0.1:35357 -admin_tenant_name = %SERVICE_TENANT_NAME% -admin_user = %SERVICE_USER% -admin_password = %SERVICE_PASSWORD% +auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 +admin_tenant_name = service +admin_user = {{ GLANCE_SERVICE_USER }} +admin_password = {{ GLANCE_SERVICE_PASSWORD }} [paste_deploy] # Name of the paste configuration file that defines the available pipelines @@ -234,7 +236,7 @@ admin_password = %SERVICE_PASSWORD% # service name removed. For example, if your paste section name is # [pipeline:glance-registry-keystone], you would configure the flavor below # as 'keystone'. -#flavor= +flavor=keystone [profiler] # If False fully disable profiling feature. diff --git a/openstack/usr/share/openstack/glance/glance-scrubber.conf b/openstack/usr/share/openstack/glance/glance-scrubber.conf index ecfc7bff..cdbfda71 100644 --- a/openstack/usr/share/openstack/glance/glance-scrubber.conf +++ b/openstack/usr/share/openstack/glance/glance-scrubber.conf @@ -10,10 +10,10 @@ # # If `log_file` is omitted and `use_syslog` is false, then log messages are # sent to stdout as a fallback. -log_file = /var/log/glance/scrubber.log +# log_file = /var/log/glance/scrubber.log # Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False +use_syslog = True # Should we run our own loop or rely on cron/scheduler to run us daemon = False @@ -32,7 +32,7 @@ cleanup_scrubber = False cleanup_scrubber_time = 86400 # Address to find the registry server for cleanups -registry_host = 0.0.0.0 +registry_host = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Port the registry server is listening on registry_port = 9191 diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 64125a73..cec51aa3 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -64,3 +64,4 @@ configuration-extensions: - cloud-init - hosts - openstack-keystone +- openstack-glance -- cgit v1.2.1 From 93a6551b87e8a722b7d0f5b851a3c6c1f67da1e8 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 08:52:51 +0000 Subject: Openstack: Make Cinder configurable Change-Id: I9c2bb1a204a01fa82e90d517663f6cf654666395 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Patrick Darley --- openstack-cinder.configure | 88 ++++++++++++ openstack/manifest | 10 ++ .../systemd/system/openstack-cinder-api.service | 12 ++ .../systemd/system/openstack-cinder-backup.service | 12 ++ .../system/openstack-cinder-scheduler.service | 12 ++ .../systemd/system/openstack-cinder-setup.service | 9 ++ .../systemd/system/openstack-cinder-volume.service | 12 ++ openstack/usr/share/openstack/cinder.yml | 153 +++++++++++++++++++++ openstack/usr/share/openstack/cinder/cinder.conf | 54 ++++---- systems/openstack-system-x86_64.morph | 1 + 10 files changed, 336 insertions(+), 27 deletions(-) create mode 100644 openstack-cinder.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-backup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-volume.service create mode 100644 openstack/usr/share/openstack/cinder.yml diff --git a/openstack-cinder.configure b/openstack-cinder.configure new file mode 100644 index 00000000..0c15bd23 --- /dev/null +++ b/openstack-cinder.configure @@ -0,0 +1,88 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -sf "/usr/lib/systemd/system/openstack-cinder-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-cinder-setup.service" + +########################################################################## +# Check variables +########################################################################## + +if [ -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ + -z "$CINDER_DB_USER" -a \ + -z "$CINDER_DB_PASSWORD" -a \ + -z "$CONTROLLER_HOST_ADDRESS" -a \ + -z "$CINDER_SERVICE_USER" -a \ + -z "$CINDER_SERVICE_PASSWORD" -a \ + -z "$CINDER_DEVICE" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then + # No Cinder options defined, do nothing. + exit 0 +fi + +if [ -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$CINDER_DB_USER" -o \ + -z "$CINDER_DB_PASSWORD" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$CINDER_SERVICE_USER" -o \ + -z "$CINDER_SERVICE_PASSWORD" -o \ + -z "$CINDER_DEVICE" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then + echo Some options required for Cinder were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/cinder.conf" +import os, sys, yaml + +cinder_configuration={ + 'RABBITMQ_HOST':os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT':os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER':os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD':os.environ['RABBITMQ_PASSWORD'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN':os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + 'CINDER_DB_USER':os.environ['CINDER_DB_USER'], + 'CINDER_DB_PASSWORD':os.environ['CINDER_DB_PASSWORD'], + 'CONTROLLER_HOST_ADDRESS':os.environ['CONTROLLER_HOST_ADDRESS'], + 'CINDER_SERVICE_USER':os.environ['CINDER_SERVICE_USER'], + 'CINDER_SERVICE_PASSWORD':os.environ['CINDER_SERVICE_PASSWORD'], + 'CINDER_DEVICE':os.environ['CINDER_DEVICE'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS':os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], +} + +yaml.dump(cinder_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 85b9cc7a..02155ed2 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -1,5 +1,10 @@ 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts +0040755 0 0 /usr/share/openstack/cinder +0100644 0 0 /usr/share/openstack/cinder.yml +0100644 0 0 /usr/share/openstack/cinder/cinder.conf +0100644 0 0 /usr/share/openstack/cinder/api-paste.ini +0100644 0 0 /usr/share/openstack/cinder/policy.json 0100644 0 0 /usr/share/openstack/glance.yml 0040755 0 0 /usr/share/openstack/glance 0100644 0 0 /usr/share/openstack/glance/logging.conf @@ -29,4 +34,9 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-backup.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service new file mode 100644 index 00000000..c863f3f5 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Volume Service (code-named Cinder) API server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-api --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-api.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service new file mode 100644 index 00000000..2f489228 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Cinder backup server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-backup --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-backup.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service new file mode 100644 index 00000000..025f1f3c --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Cinder scheduler server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-scheduler --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-scheduler.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-setup.service new file mode 100644 index 00000000..bac80b6b --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-setup.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run cinder-setup Ansible scripts +After=local-fs.target openstack-keystone-setup.service postgres-server.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service new file mode 100644 index 00000000..4a8da9c3 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Cinder volume server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=cinder +ExecStart=/usr/bin/cinder-volume --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-volume.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/cinder.yml b/openstack/usr/share/openstack/cinder.yml new file mode 100644 index 00000000..29490843 --- /dev/null +++ b/openstack/usr/share/openstack/cinder.yml @@ -0,0 +1,153 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/cinder.conf" + tasks: + +# Configure iscsid, this can go in a separate script + - name: Update kernel module dependencies + command: depmod -a + + - name: generate InitiatorName for iscsi + shell: iscsi-iname + register: initiator_name + + - lineinfile: + dest: /etc/iscsi/initiatorname.iscsi + regexp: '^InitiatorName=$' + line: 'InitiatorName={{ initiator_name.stdout }}' + backrefs: yes + + - name: Enable and start iscsid + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - iscsid + +# Configure LVM and target for Cinder + - name: Check that CINDER_DEVICE exists + stat: + path: "{{ CINDER_DEVICE }}" + register: cinder_device_stats + failed_when: cinder_device_stats.stat.exists == false + + - name: Configure LVM group for cinder + lvg: + vg: cinder-volumes + pvs: "{{ CINDER_DEVICE }}" + + - lineinfile: + dest: /etc/lvm/lvm.conf + regexp: '# filter = \[ \"a\/\.\*/\" \]' + line: ' filter = [ "a|{{ CINDER_DEVICE }}|", "r/.*/" ]' + backrefs: yes + + - name: Enable and start lvm2-lvmetad and target services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - lvm2-lvmetad + - target + +# Configure cinder + - name: Create the cinder user. + user: + name: cinder + comment: Openstack Cinder Daemons + shell: /sbin/nologin + home: /var/lib/cinder + + - name: Create the /var folders for cinder + file: + path: "{{ item }}" + state: directory + owner: cinder + group: cinder + with_items: + - /var/run/cinder + - /var/lock/cinder + - /var/log/cinder + - /var/lib/cinder + - /var/lib/cinder/volumer + + - name: Create /etc/cinder directory + file: + path: /etc/cinder + state: directory + + - name: Add the configuration needed for cinder in /etc/cinder using templates + template: + src: /usr/share/openstack/cinder/{{ item }} + dest: /etc/cinder/{{ item }} + with_lines: + - cd /usr/share/openstack/cinder && find -type f + + - name: Create cinder service user in service tenant + keystone_user: + user: "{{ CINDER_SERVICE_USER }}" + password: "{{ CINDER_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to cinder service user in the service tenant + keystone_user: + role: admin + user: "{{ CINDER_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add cinder endpoint + keystone_service: + name: cinder + type: volume + description: Openstack Block Storage + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add cinderv2 endpoint + keystone_service: + name: cinderv2 + type: volumev2 + description: Openstack Block Storage + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for cinder + postgresql_user: + name: "{{ CINDER_DB_USER }}" + sudo: yes + sudo_user: cinder + + - name: Create database for cinder services + postgresql_db: + name: cinder + owner: "{{ CINDER_DB_USER }}" + sudo: yes + sudo_user: cinder + + - name: Initiate cinder database + cinder_manage: + action: dbsync + sudo: yes + sudo_user: cinder + + - name: Enable and start openstack-cinder services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-cinder-api + - openstack-cinder-scheduler + - openstack-cinder-volume + - openstack-cinder-backup diff --git a/openstack/usr/share/openstack/cinder/cinder.conf b/openstack/usr/share/openstack/cinder/cinder.conf index 30c3f15b..1ca21082 100644 --- a/openstack/usr/share/openstack/cinder/cinder.conf +++ b/openstack/usr/share/openstack/cinder/cinder.conf @@ -76,11 +76,11 @@ # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port @@ -89,12 +89,12 @@ #rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} -# The RabbitMQ login method. (string value) +# the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN # The RabbitMQ virtual host. (string value) @@ -178,7 +178,7 @@ # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -#rpc_backend=rabbit +rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the @@ -492,18 +492,18 @@ # File name for the paste.deploy config for cinder-api (string # value) -#api_paste_config=api-paste.ini +api_paste_config=api-paste.ini # Top-level directory for maintaining cinder's state (string # value) # Deprecated group/name - [DEFAULT]/pybasedir -#state_path=/var/lib/cinder +state_path=/var/lib/cinder # IP address of this host (string value) -#my_ip=10.0.0.1 +my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Default glance host name or IP (string value) -#glance_host=$my_ip +glance_host={{ CONTROLLER_HOST_ADDRESS }} # Default glance port (integer value) #glance_port=9292 @@ -597,7 +597,7 @@ # Path to the rootwrap configuration file to use for running # commands as root (string value) -#rootwrap_config=/etc/cinder/rootwrap.conf +rootwrap_config=/etc/cinder/rootwrap.conf # Enable monkey patching (boolean value) #monkey_patch=false @@ -619,7 +619,7 @@ # The strategy to use for auth. Supports noauth, keystone, and # deprecated. (string value) -#auth_strategy=noauth +auth_strategy=keystone # A list of backend names to use. These backend names should # be backed by a unique [CONFIG] group with its options (list @@ -699,7 +699,7 @@ # Template string to be used to generate volume names (string # value) -#volume_name_template=volume-%s +volume_name_template=volume-%s # Template string to be used to generate snapshot names # (string value) @@ -764,7 +764,7 @@ # Directory to use for lock files. Default to a temp directory # (string value) -#lock_path= +lock_path=/var/lock/cinder # @@ -848,7 +848,7 @@ # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) -#use_syslog=false +use_syslog = True # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog @@ -1031,7 +1031,7 @@ # The IP address that the iSCSI daemon is listening on (string # value) -#iscsi_ip_address=$my_ip +iscsi_ip_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # The port that the iSCSI daemon is listening on (integer # value) @@ -1044,7 +1044,7 @@ # The backend name for a given driver implementation (string # value) -#volume_backend_name= +volume_backend_name=LVM_iSCSI # Do we attach/detach volumes in cinder using multipath for # volume to image and image to volume transfers? (boolean @@ -1067,10 +1067,10 @@ # iSCSI target user-land tool to use. tgtadm is default, use # lioadm for LIO iSCSI support, iseradm for the ISER protocol, # or fake for testing. (string value) -#iscsi_helper=tgtadm +iscsi_helper=lioadm # Volume configuration file storage directory (string value) -#volumes_dir=$state_path/volumes +volumes_dir=$state_path/volumes # IET configuration file (string value) #iet_conf=/etc/iet/ietd.conf @@ -1565,7 +1565,7 @@ # Name for the VG that will contain exported volumes (string # value) -#volume_group=cinder-volumes +volume_group=cinder-volumes # If >0, create LVs with multiple mirrors. Note that this # requires lvm_mirrors + 2 PVs with available space (integer @@ -2267,7 +2267,7 @@ # # Driver to use for volume creation (string value) -#volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver +volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver # Timeout for creating the volume to migrate to when # performing volume migration (seconds) (integer value) @@ -2368,7 +2368,7 @@ # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection -#connection= +connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/cinder # The SQLAlchemy connection string to use to connect to the # slave database. (string value) @@ -2557,12 +2557,12 @@ #auth_protocol=https # Complete public Identity API endpoint (string value) -#auth_uri= +auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) -#identity_uri= +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 # API version of the admin Identity API endpoint (string # value) @@ -2590,14 +2590,14 @@ #admin_token= # Keystone account username (string value) -#admin_user= +admin_user={{ CINDER_SERVICE_USER }} # Keystone account password (string value) -#admin_password= +admin_password={{ CINDER_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) -#admin_tenant_name=admin +admin_tenant_name=service # Env key for the swift cache (string value) #cache= diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index cec51aa3..1b53df06 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -65,3 +65,4 @@ configuration-extensions: - hosts - openstack-keystone - openstack-glance +- openstack-cinder -- cgit v1.2.1 From 7a7c07591f05aeb124d229794c04bd933859c61a Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 09:51:00 +0000 Subject: Openstack: Make Nova configurable Change-Id: Ia5e2450351359d35fd2aa37b75534178d8305936 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Richard Maw --- openstack-nova.configure | 115 +++++++++++++++++++++ openstack/manifest | 17 +++ .../lib/systemd/system/openstack-nova-api.service | 12 +++ .../lib/systemd/system/openstack-nova-cert.service | 12 +++ .../systemd/system/openstack-nova-compute.service | 13 +++ .../system/openstack-nova-conductor.service | 13 +++ .../system/openstack-nova-consoleauth.service | 12 +++ .../system/openstack-nova-novncproxy.service | 12 +++ .../system/openstack-nova-scheduler.service | 12 +++ .../system/openstack-nova-serialproxy.service | 12 +++ .../systemd/system/openstack-nova-setup.service | 9 ++ openstack/usr/share/openstack/nova.yml | 102 ++++++++++++++++++ .../usr/share/openstack/nova/nova-compute.conf | 4 + openstack/usr/share/openstack/nova/nova.conf | 112 ++++++++++---------- systems/openstack-system-x86_64.morph | 1 + 15 files changed, 404 insertions(+), 54 deletions(-) create mode 100644 openstack-nova.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-cert.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-compute.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-conductor.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-scheduler.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-setup.service create mode 100644 openstack/usr/share/openstack/nova.yml create mode 100644 openstack/usr/share/openstack/nova/nova-compute.conf diff --git a/openstack-nova.configure b/openstack-nova.configure new file mode 100644 index 00000000..3605f8b9 --- /dev/null +++ b/openstack-nova.configure @@ -0,0 +1,115 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -sf "/usr/lib/systemd/system/openstack-nova-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service" + +########################################################################## +# Enable libvirtd and libvirt-guests services +########################################################################## + +wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants +mkdir -p "$wants_dir" +mkdir -p "$ROOT"/var/lock/subsys +ln -sf ../libvirtd.service "$wants_dir/libvirtd.service" + +########################################################################## +# Change iprange for the interal libvirt to avoid clashes +# with eth0 ip range +########################################################################## + +sed -i "s/192\.168\.122\./192\.168\.1\./g" \ + "$ROOT"/etc/libvirt/qemu/networks/default.xml + +########################################################################## +# Check variables +########################################################################## + + +if [ -z "$NOVA_SERVICE_USER" -a \ + -z "$NOVA_SERVICE_PASSWORD" -a \ + -z "$NOVA_DB_USER" -a \ + -z "$NOVA_DB_PASSWORD" -a \ + -z "$NOVA_VIRT_TYPE" -a \ + -z "$NEUTRON_SERVICE_USER" -a \ + -z "$NEUTRON_SERVICE_PASSWORD" -a \ + -z "$METADATA_PROXY_SHARED_SECRET" -a \ + -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$CONTROLLER_HOST_ADDRESS" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + # No NOVA options defined, do nothing. + exit 0 +fi + +if [ -z "$NOVA_SERVICE_USER" -o \ + -z "$NOVA_SERVICE_PASSWORD" -o \ + -z "$NOVA_DB_USER" -o \ + -z "$NOVA_DB_PASSWORD" -o \ + -z "$NOVA_VIRT_TYPE" -o \ + -z "$NEUTRON_SERVICE_USER" -o \ + -z "$NEUTRON_SERVICE_PASSWORD" -o \ + -z "$METADATA_PROXY_SHARED_SECRET" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + echo Some options required for Nova were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/nova.conf" +import os, sys, yaml + +nova_configuration={ + 'NOVA_SERVICE_USER': os.environ['NOVA_SERVICE_USER'], + 'NOVA_SERVICE_PASSWORD': os.environ['NOVA_SERVICE_PASSWORD'], + 'NOVA_DB_USER': os.environ['NOVA_DB_USER'], + 'NOVA_DB_PASSWORD': os.environ['NOVA_DB_PASSWORD'], + 'NOVA_VIRT_TYPE': os.environ['NOVA_VIRT_TYPE'], + 'NEUTRON_SERVICE_USER': os.environ['NEUTRON_SERVICE_USER'], + 'NEUTRON_SERVICE_PASSWORD': os.environ['NEUTRON_SERVICE_PASSWORD'], + 'METADATA_PROXY_SHARED_SECRET': os.environ['METADATA_PROXY_SHARED_SECRET'], + 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], + 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'], + 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], +} + +yaml.dump(nova_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 02155ed2..6876f1ba 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -22,6 +22,14 @@ 0100644 0 0 /usr/share/openstack/keystone/keystone.conf 0100644 0 0 /usr/share/openstack/keystone/policy.json 0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini +0040755 0 0 /usr/share/openstack/nova +0100644 0 0 /usr/share/openstack/nova.yml +0100644 0 0 /usr/share/openstack/nova/logging.conf +0100644 0 0 /usr/share/openstack/nova/nova.conf +0100644 0 0 /usr/share/openstack/nova/nova-compute.conf +0100644 0 0 /usr/share/openstack/nova/policy.json +0100644 0 0 /usr/share/openstack/nova/cells.json +0100644 0 0 /usr/share/openstack/nova/api-paste.ini 0040755 0 0 /usr/share/openstack/postgres 0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf 0100644 0 0 /usr/share/openstack/postgres/postgresql.conf @@ -33,6 +41,15 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-scheduler.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-consoleauth.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-novncproxy.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-cert.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-serialproxy.service 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service diff --git a/openstack/usr/lib/systemd/system/openstack-nova-api.service b/openstack/usr/lib/systemd/system/openstack-nova-api.service new file mode 100644 index 00000000..8ee9cefa --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-api.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Compute Service (code-named Nova) API server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-api --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-cert.service b/openstack/usr/lib/systemd/system/openstack-nova-cert.service new file mode 100644 index 00000000..b2a2e1cc --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-cert.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova Cert +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-cert --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service new file mode 100644 index 00000000..95a3a872 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Compute Service (code-named Nova) compute server +After=syslog.target network-online.target libvirtd.service +Wants=network-online.target +Requires=libvirtd.service + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/nova-compute.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service new file mode 100644 index 00000000..1d2ece69 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service @@ -0,0 +1,13 @@ +[Unit] +Description=Database-access support for Compute nodes (nova-conductor) +After=syslog.target network-online.target libvirtd.service +Wants=network-online.target +Requires=libvirtd.service + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-conductor --config-file /etc/nova/nova.conf --logfile /var/log/nova/conductor.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service new file mode 100644 index 00000000..66442d11 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service @@ -0,0 +1,12 @@ +[Unit] +Description=Openstack Console Auth (nova-consoleauth) +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-consoleauth --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service new file mode 100644 index 00000000..597f357a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova NoVNC proxy +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-novncproxy --config-file /etc/nova/nova.conf --web /usr/share/novnc + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service new file mode 100644 index 00000000..d317b624 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova Scheduler +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-scheduler --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service new file mode 100644 index 00000000..2d95c1fa --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova Serial Proxy +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-serialproxy --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-setup.service new file mode 100644 index 00000000..a4ad6ae7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-setup.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run nova-setup Ansible scripts +After=local-fs.target libvirtd.service openstack-keystone-setup.service postgres-server.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova.yml new file mode 100644 index 00000000..c1122c60 --- /dev/null +++ b/openstack/usr/share/openstack/nova.yml @@ -0,0 +1,102 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/nova.conf" + tasks: + - name: Create the nova user. + user: + name: nova + comment: Openstack Nova Daemons + shell: /sbin/nologin + home: /var/lib/nova + groups: libvirt + append: yes + + - name: Create the /var folders for nova + file: + path: "{{ item }}" + state: directory + owner: nova + group: nova + with_items: + - /var/run/nova + - /var/lock/nova + - /var/log/nova + - /var/lib/nova + - /var/lib/nova/instances + + - file: path=/etc/nova state=directory + - name: Add the configuration needed for nova in /etc/nova using templates + template: + src: /usr/share/openstack/nova/{{ item }} + dest: /etc/nova/{{ item }} + with_lines: + - cd /usr/share/openstack/nova && find -type f + + - name: Create nova service user in service tenant + keystone_user: + user: "{{ NOVA_SERVICE_USER }}" + password: "{{ NOVA_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to nova service user in the service tenant + keystone_user: + role: admin + user: "{{ NOVA_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add nova endpoint + keystone_service: + name: nova + type: compute + description: Openstack Compute Service + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + region: 'regionOne' + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for nova + postgresql_user: + name: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ NOVA_DB_PASSWORD }}" + sudo: yes + sudo_user: nova + + - name: Create database for nova services + postgresql_db: + name: nova + owner: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: nova + + - name: Initiate nova database + nova_manage: + action: dbsync + sudo: yes + sudo_user: nova + + + +# [1] Never enable openstack-nova-conductor service in a node with +# openstack-nova-compute or the security benefits of removing +# database access from nova-compute will be negated +#systemctl start openstack-nova-conductor + - name: Enable and start openstack-nova services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-nova-api.service + - openstack-nova-cert.service + - openstack-nova-compute.service + - openstack-nova-consoleauth.service + - openstack-nova-novncproxy.service + - openstack-nova-scheduler.service + - openstack-nova-serialproxy.service +# - openstack-nova-conductor.service diff --git a/openstack/usr/share/openstack/nova/nova-compute.conf b/openstack/usr/share/openstack/nova/nova-compute.conf new file mode 100644 index 00000000..b19de1d3 --- /dev/null +++ b/openstack/usr/share/openstack/nova/nova-compute.conf @@ -0,0 +1,4 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +[libvirt] +virt_type={{ NOVA_VIRT_TYPE }} diff --git a/openstack/usr/share/openstack/nova/nova.conf b/openstack/usr/share/openstack/nova/nova.conf index abda2151..04cec1c6 100644 --- a/openstack/usr/share/openstack/nova/nova.conf +++ b/openstack/usr/share/openstack/nova/nova.conf @@ -76,23 +76,23 @@ # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ. (boolean value) -#rabbit_use_ssl=false +rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN @@ -177,7 +177,7 @@ # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -#rpc_backend=rabbit +rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the @@ -241,7 +241,7 @@ # # IP address of this host (string value) -#my_ip=10.0.0.1 +my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Name of this node. This can be an opaque identifier. It is # not necessarily a hostname, FQDN, or IP address. However, @@ -290,7 +290,7 @@ # Top-level directory for maintaining nova's state (string # value) -#state_path=$pybasedir +state_path=/var/lib/nova # @@ -376,7 +376,7 @@ #periodic_fuzzy_delay=60 # A list of APIs to enable by default (list value) -#enabled_apis=ec2,osapi_compute,metadata +enabled_apis=ec2,osapi_compute,metadata # A list of APIs with enabled SSL (list value) #enabled_ssl_apis= @@ -470,7 +470,7 @@ # Path to the rootwrap configuration file to use for running # commands as root (string value) -#rootwrap_config=/etc/nova/rootwrap.conf +rootwrap_config=/etc/nova/rootwrap.conf # Explicitly specify the temporary working directory (string # value) @@ -483,7 +483,7 @@ # File name for the paste.deploy config for nova-api (string # value) -#api_paste_config=api-paste.ini +api_paste_config=api-paste.ini # A python format string that is used as the template to # generate log lines. The following values can be formatted @@ -527,7 +527,7 @@ # The strategy to use for auth: noauth or keystone. (string # value) -#auth_strategy=keystone +auth_strategy=keystone # Treat X-Forwarded-For as the canonical remote address. Only # enable this if you have a sanitizing proxy. (boolean value) @@ -640,7 +640,7 @@ # osapi_compute_extension option with # nova.api.openstack.compute.contrib.select_extensions (list # value) -#osapi_compute_ext_list= +osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions # @@ -1078,11 +1078,11 @@ # Template string to be used to generate instance names # (string value) -#instance_name_template=instance-%08x +instance_name_template=instance-%08x # Template string to be used to generate snapshot names # (string value) -#snapshot_name_template=snapshot-%s +snapshot_name_template=snapshot-%s # @@ -1146,7 +1146,7 @@ # The full class name of the network API class to use (string # value) -#network_api_class=nova.network.api.API +network_api_class=nova.network.neutronv2.api.API # @@ -1264,7 +1264,7 @@ #dnsmasq_config_file= # Driver used to create ethernet devices. (string value) -#linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver +linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver # Name of Open vSwitch bridge used with linuxnet (string # value) @@ -1416,7 +1416,7 @@ # # The full class name of the security API class (string value) -#security_group_api=nova +security_group_api=neutron # @@ -1472,7 +1472,7 @@ #disable_process_locking=false # Directory to use for lock files. (string value) -#lock_path= +lock_path=/var/lock/nova # @@ -1556,7 +1556,7 @@ # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) -#use_syslog=false +use_syslog=True # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog @@ -1734,7 +1734,7 @@ # Which filter class names to use for filtering hosts when not # specified in the request. (list value) -#scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter +scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter # Which weight class names to use for weighing hosts (list # value) @@ -1759,7 +1759,7 @@ # # Default driver to use for the scheduler (string value) -#scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler +scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler # How often (in seconds) to run periodic tasks in the # scheduler driver of your choice. Please note this is likely @@ -1867,7 +1867,7 @@ # include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, # fake.FakeDriver, baremetal.BareMetalDriver, # vmwareapi.VMwareVCDriver, hyperv.HyperVDriver (string value) -#compute_driver= +compute_driver=libvirt.LibvirtDriver # The default format an ephemeral_volume will be formatted # with on creation. (string value) @@ -1898,7 +1898,7 @@ # Firewall driver (defaults to hypervisor specific iptables # driver) (string value) -#firewall_driver= +firewall_driver=nova.virt.firewall.NoopFirewallDriver # Whether to allow network traffic from same network (boolean # value) @@ -1959,7 +1959,7 @@ # Location of VNC console proxy, in the form # "http://127.0.0.1:6080/vnc_auto.html" (string value) -#novncproxy_base_url=http://127.0.0.1:6080/vnc_auto.html +novncproxy_base_url=http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:6080/vnc_auto.html # Location of nova xvp VNC console proxy, in the form # "http://127.0.0.1:6081/console" (string value) @@ -1967,17 +1967,17 @@ # IP address on which instance vncservers should listen # (string value) -#vncserver_listen=127.0.0.1 +vncserver_listen=0.0.0.0 # The address to which proxy clients (like nova-xvpvncproxy) # should connect (string value) -#vncserver_proxyclient_address=127.0.0.1 +vncserver_proxyclient_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Enable VNC related features (boolean value) -#vnc_enabled=true +vnc_enabled=true # Keymap for VNC (string value) -#vnc_keymap=en-us +vnc_keymap=en-us # @@ -2366,7 +2366,7 @@ # # Perform nova-conductor operations locally (boolean value) -#use_local=false +use_local=true # The topic on which conductor nodes listen (string value) #topic=conductor @@ -2409,22 +2409,22 @@ # Default glance hostname or IP address (string value) # Deprecated group/name - [DEFAULT]/glance_host -#host=$my_ip +host={{ CONTROLLER_HOST_ADDRESS }} # Default glance port (integer value) # Deprecated group/name - [DEFAULT]/glance_port -#port=9292 +port=9292 # Default protocol to use when connecting to glance. Set to # https for SSL. (string value) # Deprecated group/name - [DEFAULT]/glance_protocol -#protocol=http +protocol=http # A list of the glance api servers available to nova. Prefix # with https:// for ssl-based glance api servers. # ([hostname|ip]:port) (list value) # Deprecated group/name - [DEFAULT]/glance_api_servers -#api_servers= +api_servers=$host:$port # Allow to perform insecure SSL (https) requests to glance # (boolean value) @@ -2626,23 +2626,23 @@ # Port of the admin Identity API endpoint. Deprecated, use # identity_uri. (integer value) -#auth_port=35357 +auth_port=35357 # Protocol of the admin Identity API endpoint (http or https). # Deprecated, use identity_uri. (string value) -#auth_protocol=https +auth_protocol=http # Complete public Identity API endpoint (string value) -#auth_uri= +auth_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) -#identity_uri= +identity_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:35357 # API version of the admin Identity API endpoint (string # value) -#auth_version= +auth_version=v2.0 # Do not handle authorization requests within the middleware, # but delegate the authorization decision to downstream WSGI @@ -2666,14 +2666,14 @@ #admin_token= # Keystone account username (string value) -#admin_user= +admin_user={{ NOVA_SERVICE_USER }} # Keystone account password (string value) -#admin_password= +admin_password={{ NOVA_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) -#admin_tenant_name=admin +admin_tenant_name=service # Env key for the swift cache (string value) #cache= @@ -2809,7 +2809,7 @@ # Libvirt domain type (valid options are: kvm, lxc, qemu, uml, # xen) (string value) -#virt_type=kvm +virt_type={{ NOVA_VIRT_TYPE }} # Override the default libvirt URI (which is dependent on # virt_type) (string value) @@ -3126,12 +3126,12 @@ # Set flag to indicate Neutron will proxy metadata requests # and resolve instance ids. (boolean value) # Deprecated group/name - [DEFAULT]/service_neutron_metadata_proxy -#service_metadata_proxy=false +service_metadata_proxy=True # Shared secret to validate proxies Neutron metadata requests # (string value) # Deprecated group/name - [DEFAULT]/neutron_metadata_proxy_shared_secret -#metadata_proxy_shared_secret= +metadata_proxy_shared_secret={{ METADATA_PROXY_SHARED_SECRET }} # @@ -3140,7 +3140,7 @@ # URL for connecting to neutron (string value) # Deprecated group/name - [DEFAULT]/neutron_url -#url=http://127.0.0.1:9696 +url=http://{{ CONTROLLER_HOST_ADDRESS }}:9696 # Timeout value for connecting to neutron in seconds (integer # value) @@ -3154,12 +3154,12 @@ # Username for connecting to neutron in admin context (string # value) # Deprecated group/name - [DEFAULT]/neutron_admin_username -#admin_username= +admin_username={{ NEUTRON_SERVICE_USER }} # Password for connecting to neutron in admin context (string # value) # Deprecated group/name - [DEFAULT]/neutron_admin_password -#admin_password= +admin_password={{ NEUTRON_SERVICE_PASSWORD }} # Tenant id for connecting to neutron in admin context (string # value) @@ -3171,7 +3171,7 @@ # Note that with Keystone V3 tenant names are only unique # within a domain. (string value) # Deprecated group/name - [DEFAULT]/neutron_admin_tenant_name -#admin_tenant_name= +admin_tenant_name=service # Region name for connecting to neutron in admin context # (string value) @@ -3181,7 +3181,7 @@ # Authorization URL for connecting to neutron in admin context # (string value) # Deprecated group/name - [DEFAULT]/neutron_admin_auth_url -#admin_auth_url=http://localhost:5000/v2.0 +admin_auth_url=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 # If set, ignore any SSL validation issues (boolean value) # Deprecated group/name - [DEFAULT]/neutron_api_insecure @@ -3190,7 +3190,7 @@ # Authorization strategy for connecting to neutron in admin # context (string value) # Deprecated group/name - [DEFAULT]/neutron_auth_strategy -#auth_strategy=keystone +auth_strategy=keystone # Name of Integration Bridge used by Open vSwitch (string # value) @@ -3252,7 +3252,7 @@ # # Host on which to listen for incoming requests (string value) -#serialproxy_host=0.0.0.0 +serialproxy_host=127.0.0.1 # Port on which to listen for incoming requests (integer # value) @@ -3264,7 +3264,7 @@ # # Enable serial console related features (boolean value) -#enabled=false +enabled=false # Range of TCP ports to use for serial ports on compute hosts # (string value) @@ -3315,7 +3315,7 @@ #server_proxyclient_address=127.0.0.1 # Enable spice related features (boolean value) -#enabled=false +enabled=false # Enable spice guest agent support (boolean value) #agent_enabled=true @@ -3802,4 +3802,8 @@ # (integer value) #sg_retry_interval=5 +[database] +# The SQLAlchemy connection string to use to connect to the +# database. (string value) +connection=postgresql://{{ NOVA_DB_USER }}:{{ NOVA_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/nova diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 1b53df06..17c1bbff 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -66,3 +66,4 @@ configuration-extensions: - openstack-keystone - openstack-glance - openstack-cinder +- openstack-nova -- cgit v1.2.1 From 79a8c8e4215b5e666b618a1f61f79dc0a0131209 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 13:10:36 +0000 Subject: Openstack: Add support to configure the network of the node Change-Id: I8f8bfb231ab5ff4c2a825451a57a5b38a641c300 Signed-off-by: Pedro Alvarez Signed-off-by: Richard Maw --- openstack-network.configure | 37 ++++++++++++ openstack/manifest | 9 +++ .../systemd/system/openstack-network-setup.service | 11 ++++ .../systemd/system/openvswitch-db-server.service | 11 ++++ .../lib/systemd/system/openvswitch-setup.service | 10 ++++ .../usr/lib/systemd/system/openvswitch.service | 12 ++++ .../openstack/extras/00-disable-device.network | 2 + .../share/openstack/extras/60-device-dhcp.network | 5 ++ openstack/usr/share/openstack/network.yml | 67 ++++++++++++++++++++++ openstack/usr/share/openstack/openvswitch.yml | 38 ++++++++++++ systems/openstack-system-x86_64.morph | 1 + 11 files changed, 203 insertions(+) create mode 100644 openstack-network.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-network-setup.service create mode 100644 openstack/usr/lib/systemd/system/openvswitch-db-server.service create mode 100644 openstack/usr/lib/systemd/system/openvswitch-setup.service create mode 100644 openstack/usr/lib/systemd/system/openvswitch.service create mode 100644 openstack/usr/share/openstack/extras/00-disable-device.network create mode 100644 openstack/usr/share/openstack/extras/60-device-dhcp.network create mode 100644 openstack/usr/share/openstack/network.yml create mode 100644 openstack/usr/share/openstack/openvswitch.yml diff --git a/openstack-network.configure b/openstack-network.configure new file mode 100644 index 00000000..a4d43a6a --- /dev/null +++ b/openstack-network.configure @@ -0,0 +1,37 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +ln -sf "/usr/lib/systemd/system/openvswitch-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openvswitch-setup.service" + +ln -sf "/usr/lib/systemd/system/openstack-network-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-network-setup.service" + +python <<'EOF' >"$ROOT/etc/openstack/network.conf" +import os, sys, yaml + +network_configuration = {} + +optional_keys = ('EXTERNAL_INTERFACE',) + +network_configuration.update((k, os.environ[k]) for k in optional_keys if k in os.environ) + +yaml.dump(network_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 6876f1ba..052d3707 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -5,6 +5,9 @@ 0100644 0 0 /usr/share/openstack/cinder/cinder.conf 0100644 0 0 /usr/share/openstack/cinder/api-paste.ini 0100644 0 0 /usr/share/openstack/cinder/policy.json +0040755 0 0 /usr/share/openstack/extras +0100644 0 0 /usr/share/openstack/extras/00-disable-device.network +0100644 0 0 /usr/share/openstack/extras/60-device-dhcp.network 0100644 0 0 /usr/share/openstack/glance.yml 0040755 0 0 /usr/share/openstack/glance 0100644 0 0 /usr/share/openstack/glance/logging.conf @@ -22,6 +25,7 @@ 0100644 0 0 /usr/share/openstack/keystone/keystone.conf 0100644 0 0 /usr/share/openstack/keystone/policy.json 0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini +0100644 0 0 /usr/share/openstack/network.yml 0040755 0 0 /usr/share/openstack/nova 0100644 0 0 /usr/share/openstack/nova.yml 0100644 0 0 /usr/share/openstack/nova/logging.conf @@ -30,6 +34,7 @@ 0100644 0 0 /usr/share/openstack/nova/policy.json 0100644 0 0 /usr/share/openstack/nova/cells.json 0100644 0 0 /usr/share/openstack/nova/api-paste.ini +0100644 0 0 /usr/share/openstack/openvswitch.yml 0040755 0 0 /usr/share/openstack/postgres 0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf 0100644 0 0 /usr/share/openstack/postgres/postgresql.conf @@ -41,6 +46,7 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service +0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service @@ -56,4 +62,7 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-backup.service +0100644 0 0 /usr/lib/systemd/system/openvswitch-setup.service +0100644 0 0 /usr/lib/systemd/system/openvswitch-db-server.service +0100644 0 0 /usr/lib/systemd/system/openvswitch.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-network-setup.service b/openstack/usr/lib/systemd/system/openstack-network-setup.service new file mode 100644 index 00000000..90c9ecf7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-network-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run Ansible scripts to configure internal network for OpenStack +After=openvswitch.service openvswitch-setup.service +Before=systemd-networkd.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/network.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openvswitch-db-server.service b/openstack/usr/lib/systemd/system/openvswitch-db-server.service new file mode 100644 index 00000000..7ea7942a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openvswitch-db-server.service @@ -0,0 +1,11 @@ +[Unit] +Description=Open vSwitch Database Server Daemon +After=local-fs.target + +[Service] +Type=forking +ExecStart=/usr/sbin/ovsdb-server --remote=punix:/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --pidfile --detach + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/lib/systemd/system/openvswitch-setup.service b/openstack/usr/lib/systemd/system/openvswitch-setup.service new file mode 100644 index 00000000..6fdd7db6 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openvswitch-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run openvswitch-setup Ansible scripts +After=local-fs.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/openstack/hosts /usr/share/openstack/openvswitch.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openvswitch.service b/openstack/usr/lib/systemd/system/openvswitch.service new file mode 100644 index 00000000..6f1a93a8 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openvswitch.service @@ -0,0 +1,12 @@ +[Unit] +Description=Open vSwitch Daemon +Wants=network-pre.target +After=openvswitch-initialize-db.service +Before=network-pre.target + +[Service] +Type=forking +ExecStart=/usr/sbin/ovs-vswitchd --pidfile --detach + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/extras/00-disable-device.network b/openstack/usr/share/openstack/extras/00-disable-device.network new file mode 100644 index 00000000..8e2532d0 --- /dev/null +++ b/openstack/usr/share/openstack/extras/00-disable-device.network @@ -0,0 +1,2 @@ +[Match] +Name={{ item }} diff --git a/openstack/usr/share/openstack/extras/60-device-dhcp.network b/openstack/usr/share/openstack/extras/60-device-dhcp.network new file mode 100644 index 00000000..6fdbfd8d --- /dev/null +++ b/openstack/usr/share/openstack/extras/60-device-dhcp.network @@ -0,0 +1,5 @@ +[Match] +Name={{ item }} + +[Network] +DHCP=yes diff --git a/openstack/usr/share/openstack/network.yml b/openstack/usr/share/openstack/network.yml new file mode 100644 index 00000000..f99f7f1a --- /dev/null +++ b/openstack/usr/share/openstack/network.yml @@ -0,0 +1,67 @@ +--- +- hosts: localhost + vars_files: + - /etc/openstack/network.conf + tasks: +# Create the bridges to use the External network mapped + +# Count number of network interfaces (interfaces starting with 'e') + - shell: ls /sys/class/net | grep ^e.* | wc -l + register: number_interfaces + +# Abort if there number of interfaces != 1 + - fail: + msg: More than one, or none network interfaces found. + when: EXTERNAL_INTERFACE is not defined and number_interfaces.stdout != "1" + + - shell: ls /sys/class/net | grep ^e.* + register: interface_name + when: EXTERNAL_INTERFACE is not defined + + - set_fact: + ETH_INTERFACE: "{{ interface_name.stdout }}" + when: EXTERNAL_INTERFACE is not defined + + - set_fact: + ETH_INTERFACE: "{{ EXTERNAL_INTERFACE }}" + when: EXTERNAL_INTERFACE is defined + + - set_fact: + ETH_MAC_ADDRESS: "{{ hostvars['localhost']['ansible_' + ETH_INTERFACE]['macaddress'] }}" + + - name: Create the /run/systemd/network + file: + path: /run/systemd/network + state: directory + + - name: Disable dhcp on the bound physical interface + template: + src: /usr/share/openstack/extras/00-disable-device.network + dest: /run/systemd/network/00-disable-{{ item }}-config.network + with_items: + - "{{ ETH_INTERFACE }}" + + - name: Disable dhcp on all the internal interfaces + template: + src: /usr/share/openstack/extras/00-disable-device.network + dest: /run/systemd/network/00-disable-{{ item }}-config.network + with_items: + - ovs-system + + - openvswitch_bridge: + bridge: br-ex + state: present + + - openvswitch_port: + bridge: br-ex + port: "{{ ETH_INTERFACE }}" + state: present + + - shell: ovs-vsctl set bridge br-ex other-config:hwaddr={{ ETH_MAC_ADDRESS }} + + - name: Enable dhcp on the Open vSwitch device that replaces our external interface + template: + src: /usr/share/openstack/extras/60-device-dhcp.network + dest: /run/systemd/network/60-{{ item }}-dhcp.network + with_items: + - br-ex diff --git a/openstack/usr/share/openstack/openvswitch.yml b/openstack/usr/share/openstack/openvswitch.yml new file mode 100644 index 00000000..4393e3db --- /dev/null +++ b/openstack/usr/share/openstack/openvswitch.yml @@ -0,0 +1,38 @@ +--- +- hosts: localhost + tasks: + + - name: Create openvswitch directories + file: path={{ item }} state=directory + with_items: + - /etc/openvswitch + - /var/run/openvswitch + + - shell: > + ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema + creates=/etc/openvswitch/conf.db + + # We enable the openvswitch-db-server in a different task to identify + # the first time we run this script by identifying when we enable the + # unit. + # + # We need to identify this to initialise the database. + - name: Enable openvswitch database service + service: name={{ item }} enabled=yes + with_items: + - openvswitch-db-server.service + register: openvswitch_db_enable + + - name: Start openvswitch database service + service: name={{ item }} state=started + with_items: + - openvswitch-db-server.service + + - name: initialise openvswitch-db + shell: ovs-vsctl --no-wait init + when: openvswitch_db_enable|changed + + - name: Enable and start openstack-keystone service + service: name={{ item }} enabled=yes state=started + with_items: + - openvswitch.service diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 17c1bbff..64b5646b 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -67,3 +67,4 @@ configuration-extensions: - openstack-glance - openstack-cinder - openstack-nova +- openstack-network -- cgit v1.2.1 From 482f20609e68364c32c57bb8460698ef5099ccd8 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 12:01:49 +0000 Subject: Openstack: Make Neutron configurable Change-Id: I517142d6879f4cfce821a21a5fe2b661e184ce53 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Richard Maw --- openstack-neutron.configure | 104 ++++++++++++++++++++ openstack/manifest | 73 ++++++++++++++ .../system/openstack-neutron-dhcp-agent.service | 15 +++ .../system/openstack-neutron-l3-agent.service | 16 +++ .../openstack-neutron-metadata-agent.service | 15 +++ .../system/openstack-neutron-ovs-cleanup.service | 17 ++++ ...nstack-neutron-plugin-openvswitch-agent.service | 15 +++ .../system/openstack-neutron-server.service | 15 +++ .../systemd/system/openstack-neutron-setup.service | 10 ++ openstack/usr/share/openstack/neutron.yml | 109 +++++++++++++++++++++ .../usr/share/openstack/neutron/dhcp_agent.ini | 9 +- openstack/usr/share/openstack/neutron/l3_agent.ini | 7 +- .../usr/share/openstack/neutron/metadata_agent.ini | 15 +-- openstack/usr/share/openstack/neutron/neutron.conf | 57 ++++++----- .../openstack/neutron/plugins/ml2/ml2_conf.ini | 21 +++- systems/openstack-system-x86_64.morph | 1 + 16 files changed, 455 insertions(+), 44 deletions(-) create mode 100644 openstack-neutron.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-server.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-setup.service create mode 100644 openstack/usr/share/openstack/neutron.yml diff --git a/openstack-neutron.configure b/openstack-neutron.configure new file mode 100644 index 00000000..50a6d1e4 --- /dev/null +++ b/openstack-neutron.configure @@ -0,0 +1,104 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -sf "/usr/lib/systemd/system/openstack-neutron-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-neutron-setup.service" + +############################################# +# Ensure /var/run is an appropriate symlink # +############################################# + +if ! link="$(readlink "$ROOT/var/run")" || [ "$link" != ../run ]; then + rm -rf "$ROOT/var/run" + ln -s ../run "$ROOT/var/run" +fi + +########################################################################## +# Check variables +########################################################################## + + +if [ -z "$NEUTRON_SERVICE_USER" -a \ + -z "$NEUTRON_SERVICE_PASSWORD" -a \ + -z "$NEUTRON_DB_USER" -a \ + -z "$NEUTRON_DB_PASSWORD" -a \ + -z "$METADATA_PROXY_SHARED_SECRET" -a \ + -z "$NOVA_SERVICE_USER" -a \ + -z "$NOVA_SERVICE_PASSWORD" -a \ + -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$CONTROLLER_HOST_ADDRESS" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + # No NOVA options defined, do nothing. + exit 0 +fi + +if [ -z "$NEUTRON_SERVICE_USER" -o \ + -z "$NEUTRON_SERVICE_PASSWORD" -o \ + -z "$NEUTRON_DB_USER" -o \ + -z "$NEUTRON_DB_PASSWORD" -o \ + -z "$METADATA_PROXY_SHARED_SECRET" -o \ + -z "$NOVA_SERVICE_USER" -o \ + -z "$NOVA_SERVICE_PASSWORD" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + echo Some options required for Nova were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate config variable shell snippet +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/neutron.conf" +import os, sys, yaml + +nova_configuration={ + 'NEUTRON_SERVICE_USER': os.environ['NEUTRON_SERVICE_USER'], + 'NEUTRON_SERVICE_PASSWORD': os.environ['NEUTRON_SERVICE_PASSWORD'], + 'NEUTRON_DB_USER': os.environ['NEUTRON_DB_USER'], + 'NEUTRON_DB_PASSWORD': os.environ['NEUTRON_DB_PASSWORD'], + 'METADATA_PROXY_SHARED_SECRET': os.environ['METADATA_PROXY_SHARED_SECRET'], + 'NOVA_SERVICE_USER': os.environ['NOVA_SERVICE_USER'], + 'NOVA_SERVICE_PASSWORD': os.environ['NOVA_SERVICE_PASSWORD'], + 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], + 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'], + 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], +} + +yaml.dump(nova_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 052d3707..e6b9e053 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -26,6 +26,72 @@ 0100644 0 0 /usr/share/openstack/keystone/policy.json 0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini 0100644 0 0 /usr/share/openstack/network.yml +0040755 0 0 /usr/share/openstack/neutron +0100644 0 0 /usr/share/openstack/neutron.yml +0100644 0 0 /usr/share/openstack/neutron/neutron.conf +0100644 0 0 /usr/share/openstack/neutron/api-paste.ini +0100644 0 0 /usr/share/openstack/neutron/policy.json +0100644 0 0 /usr/share/openstack/neutron/l3_agent.ini +0100644 0 0 /usr/share/openstack/neutron/dhcp_agent.ini +0100644 0 0 /usr/share/openstack/neutron/lbaas_agent.ini +0100644 0 0 /usr/share/openstack/neutron/metadata_agent.ini +0100644 0 0 /usr/share/openstack/neutron/fwaas_driver.ini +0100644 0 0 /usr/share/openstack/neutron/metering_agent.ini +0100644 0 0 /usr/share/openstack/neutron/vpn_agent.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/ +0040755 0 0 /usr/share/openstack/neutron/plugins/bigswitch +0100644 0 0 /usr/share/openstack/neutron/plugins/bigswitch/restproxy.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/bigswitch/ssl +0040755 0 0 /usr/share/openstack/neutron/plugins/bigswitch/ssl/ca_certs +0040755 0 0 /usr/share/openstack/neutron/plugins/bigswitch/ssl/host_certs +0100644 0 0 /usr/share/openstack/neutron/plugins/bigswitch/ssl/ca_certs/README +0100644 0 0 /usr/share/openstack/neutron/plugins/bigswitch/ssl/host_certs/README +0040755 0 0 /usr/share/openstack/neutron/plugins/brocade +0100644 0 0 /usr/share/openstack/neutron/plugins/brocade/brocade.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/cisco +0100644 0 0 /usr/share/openstack/neutron/plugins/cisco/cisco_cfg_agent.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/cisco/cisco_plugins.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/cisco/cisco_router_plugin.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/cisco/cisco_vpn_agent.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/embrane +0100644 0 0 /usr/share/openstack/neutron/plugins/embrane/heleos_conf.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/hyperv +0100644 0 0 /usr/share/openstack/neutron/plugins/hyperv/hyperv_neutron_plugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/ibm +0100644 0 0 /usr/share/openstack/neutron/plugins/ibm/sdnve_neutron_plugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/linuxbridge +0100644 0 0 /usr/share/openstack/neutron/plugins/linuxbridge/linuxbridge_conf.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/metaplugin +0100644 0 0 /usr/share/openstack/neutron/plugins/metaplugin/metaplugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/midonet +0100644 0 0 /usr/share/openstack/neutron/plugins/midonet/midonet.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/ml2 +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_arista.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_brocade.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_cisco.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_fslsdn.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_mlnx.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_ncs.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_odl.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_ofa.ini +0100644 0 0 /usr/share/openstack/neutron/plugins/ml2/ml2_conf_sriov.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/mlnx +0100644 0 0 /usr/share/openstack/neutron/plugins/mlnx/mlnx_conf.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/nec +0100644 0 0 /usr/share/openstack/neutron/plugins/nec/nec.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/nuage +0100644 0 0 /usr/share/openstack/neutron/plugins/nuage/nuage_plugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/oneconvergence +0100644 0 0 /usr/share/openstack/neutron/plugins/oneconvergence/nvsdplugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/opencontrail +0100644 0 0 /usr/share/openstack/neutron/plugins/opencontrail/contrailplugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/openvswitch +0100644 0 0 /usr/share/openstack/neutron/plugins/openvswitch/ovs_neutron_plugin.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/plumgrid +0100644 0 0 /usr/share/openstack/neutron/plugins/plumgrid/plumgrid.ini +0040755 0 0 /usr/share/openstack/neutron/plugins/vmware +0100644 0 0 /usr/share/openstack/neutron/plugins/vmware/nsx.ini 0040755 0 0 /usr/share/openstack/nova 0100644 0 0 /usr/share/openstack/nova.yml 0100644 0 0 /usr/share/openstack/nova/logging.conf @@ -47,6 +113,13 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service 0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-server.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-metadata-agent.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-dhcp-agent.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-l3-agent.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service new file mode 100644 index 00000000..34a682b6 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service @@ -0,0 +1,15 @@ +[Unit] +Description=Neutron DHCP Agent +After=network-online.target openstack-neutron-ovs-cleanup.service +Wants=network-online.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-dhcp-agent \ + --config-file=/etc/neutron/neutron.conf \ + --config-file=/etc/neutron/dhcp_agent.ini \ + --log-file=/var/log/neutron/dhcp-agent.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service new file mode 100644 index 00000000..bd514aa1 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service @@ -0,0 +1,16 @@ +[Unit] +Description=Neutron Layer 3 Agent +After=network-online.target openstack-neutron-ovs-cleanup.service +Wants=network-online.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-l3-agent \ + --config-file=/etc/neutron/neutron.conf \ + --config-file=/etc/neutron/l3_agent.ini \ + --config-file=/etc/neutron/fwaas_driver.ini \ + --log-file=/var/log/neutron/l3-agent.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service new file mode 100644 index 00000000..22bbf675 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service @@ -0,0 +1,15 @@ +[Unit] +Description=Neutron Metadata Plugin Agent +After=network-online.target openstack-neutron-setup.service +Wants=network-online.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-metadata-agent \ + --config-file=/etc/neutron/neutron.conf \ + --config-file=/etc/neutron/metadata_agent.ini \ + --log-file=/var/log/neutron/metadata-agent.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service new file mode 100644 index 00000000..544531ed --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service @@ -0,0 +1,17 @@ +[Unit] +Description=Neutron OVS cleanup +After=network-online.target openstack-neutron-setup.service openvswitch.service +Wants=network-online.target +Before=openstack-neutron-plugin-openvswitch-agent.service +ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup + +[Service] +Type=oneshot +RemainAfterExit=yes +User=neutron +ExecStart=/usr/bin/neutron-ovs-cleanup \ + --log-file /var/log/neutron/ovs-cleanup.log \ + --config-file /etc/neutron/neutron.conf --verbose + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service new file mode 100644 index 00000000..894c3a45 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service @@ -0,0 +1,15 @@ +[Unit] +Description=Neutron OpenvSwitch Plugin Agent +After=network-online.target openstack-neutron-setup.service +Wants=network-online.target + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-openvswitch-agent \ + --config-file=/etc/neutron/neutron.conf \ + --config-file=/etc/neutron/plugins/ml2/ml2_conf.ini \ + --log-file=/var/log/neutron/openvswitch-agent.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-server.service b/openstack/usr/lib/systemd/system/openstack-neutron-server.service new file mode 100644 index 00000000..05dfb7aa --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-server.service @@ -0,0 +1,15 @@ +[Unit] +Description=Neutron Api Server +Wants=openstack-neutron-network-configuration-one-node.service network-online.target +After=network-online.target openstack-neutron-setup.service openstack-neutron-network-configuration-one-node.service + +[Service] +Type=simple +User=neutron +ExecStart=/usr/bin/neutron-server \ + --config-file=/etc/neutron/neutron.conf \ + --config-file=/etc/neutron/plugins/ml2/ml2_conf.ini \ + --log-file=/var/log/neutron/neutron-server.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-setup.service new file mode 100644 index 00000000..99213b6a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run neutron-setup Ansible scripts +After=network-online.target openstack-keystone-setup.service postgres-server.service +Wants=network-online.target + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/neutron.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/neutron.yml b/openstack/usr/share/openstack/neutron.yml new file mode 100644 index 00000000..7529a656 --- /dev/null +++ b/openstack/usr/share/openstack/neutron.yml @@ -0,0 +1,109 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/neutron.conf" + tasks: + + - name: Create the neutron user. + user: + name: neutron + comment: Openstack Neutron Daemons + shell: /sbin/nologin + home: /var/lib/neutron + + - name: Create the /var folders for neutron + file: + path: "{{ item }}" + state: directory + owner: neutron + group: neutron + with_items: + - /var/run/neutron + - /var/lock/neutron + - /var/log/neutron + + - name: Get service tenant id needed in neutron.conf + shell: | + keystone \ + --os-endpoint http://{{ CONTROLLER_HOST_ADDRESS|quote }}:35357/v2.0 \ + --os-token {{ KEYSTONE_TEMPORARY_ADMIN_TOKEN|quote }} \ + tenant-get service | grep id | tr -d " " | cut -d"|" -f3 + register: tenant_service_id + + - set_fact: + SERVICE_TENANT_ID: "{{ tenant_service_id.stdout }}" + + - name: Create the directories needed for Neutron configuration files. + file: + path: /etc/{{ item }} + state: directory + with_lines: + - cd /usr/share/openstack && find neutron -type d + + - name: Add configuration needed for neutron using templates + template: + src: /usr/share/openstack/{{ item }} + dest: /etc/{{ item }} + with_lines: + - cd /usr/share/openstack && find neutron -type f + + - name: Create neutron service user in service tenatnt + keystone_user: + user: "{{ NEUTRON_SERVICE_USER }}" + password: "{{ NEUTRON_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add admin role to neutron service user in service tenant + keystone_user: + role: admin + user: "{{ NEUTRON_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - keystone_service: + name: neutron + type: network + description: Openstack Compute Networking + publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 + internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 + adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for neutron + postgresql_user: + name: "{{ NEUTRON_DB_USER }}" + password: "{{ NEUTRON_DB_PASSWORD }}" + sudo: yes + sudo_user: neutron + + - name: Create database for neutron services + postgresql_db: + name: neutron + owner: "{{ NEUTRON_DB_USER }}" + sudo: yes + sudo_user: neutron + + - name: Initiate neutron database + shell: | + neutron-db-manage \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + upgrade juno + sudo: yes + sudo_user: neutron + + - name: Enable and start openstack-neutron services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-neutron-ovs-cleanup.service + - openstack-neutron-server.service + - openstack-neutron-dhcp-agent.service + - openstack-neutron-l3-agent.service + - openstack-neutron-metadata-agent.service + - openstack-neutron-plugin-openvswitch-agent.service + diff --git a/openstack/usr/share/openstack/neutron/dhcp_agent.ini b/openstack/usr/share/openstack/neutron/dhcp_agent.ini index 9836d350..c6c2b9a7 100644 --- a/openstack/usr/share/openstack/neutron/dhcp_agent.ini +++ b/openstack/usr/share/openstack/neutron/dhcp_agent.ini @@ -1,6 +1,7 @@ [DEFAULT] # Show debugging output in log (sets DEBUG log level output) # debug = False +use_syslog = True # The DHCP agent will resync its state with Neutron to recover from any # transient notification or rpc errors. The interval is number of @@ -13,7 +14,7 @@ # Example of interface_driver option for OVS based plugins(OVS, Ryu, NEC, NVP, # BigSwitch/Floodlight) -# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver +interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver # Name of Open vSwitch bridge to use # ovs_integration_bridge = br-int @@ -28,18 +29,18 @@ # The agent can use other DHCP drivers. Dnsmasq is the simplest and requires # no additional setup of the DHCP server. -# dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq +dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq # Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and # iproute2 package that supports namespaces). -# use_namespaces = True +use_namespaces = True # The DHCP server can assist with providing metadata support on isolated # networks. Setting this value to True will cause the DHCP server to append # specific host routes to the DHCP request. The metadata service will only # be activated when the subnet does not contain any router port. The guest # instance must be configured to request host routes via DHCP (Option 121). -# enable_isolated_metadata = False +enable_isolated_metadata = True # Allows for serving metadata requests coming from a dedicated metadata # access network whose cidr is 169.254.169.254/16 (or larger prefix), and diff --git a/openstack/usr/share/openstack/neutron/l3_agent.ini b/openstack/usr/share/openstack/neutron/l3_agent.ini index 94c97147..000cd997 100644 --- a/openstack/usr/share/openstack/neutron/l3_agent.ini +++ b/openstack/usr/share/openstack/neutron/l3_agent.ini @@ -1,6 +1,7 @@ [DEFAULT] # Show debugging output in log (sets DEBUG log level output) # debug = False +use_syslog = True # L3 requires that an interface driver be set. Choose the one that best # matches your plugin. @@ -8,7 +9,7 @@ # Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC) # that supports L3 agent -# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver +interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver # Use veth for an OVS interface or not. # Support kernels with limited namespace support @@ -20,7 +21,7 @@ # Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and # iproute2 package that supports namespaces). -# use_namespaces = True +use_namespaces = True # If use_namespaces is set as False then the agent can only configure one router. @@ -43,7 +44,7 @@ # Name of bridge used for external network traffic. This should be set to # empty value for the linux bridge. when this parameter is set, each L3 agent # can be associated with no more than one external network. -# external_network_bridge = br-ex +external_network_bridge = br-ex # TCP Port used by Neutron metadata server # metadata_port = 9697 diff --git a/openstack/usr/share/openstack/neutron/metadata_agent.ini b/openstack/usr/share/openstack/neutron/metadata_agent.ini index 84442ea1..ed238770 100644 --- a/openstack/usr/share/openstack/neutron/metadata_agent.ini +++ b/openstack/usr/share/openstack/neutron/metadata_agent.ini @@ -1,23 +1,24 @@ [DEFAULT] # Show debugging output in log (sets DEBUG log level output) # debug = True +use_syslog = True # The Neutron user information for accessing the Neutron API. -auth_url = http://localhost:5000/v2.0 -auth_region = RegionOne +auth_url = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 +auth_region = regionOne # Turn off verification of the certificate for ssl # auth_insecure = False # Certificate Authority public key (CA cert) file for ssl # auth_ca_cert = -admin_tenant_name = %SERVICE_TENANT_NAME% -admin_user = %SERVICE_USER% -admin_password = %SERVICE_PASSWORD% +admin_tenant_name = service +admin_user = {{ NEUTRON_SERVICE_USER }} +admin_password = {{ NEUTRON_SERVICE_PASSWORD }} # Network service endpoint type to pull from the keystone catalog # endpoint_type = adminURL # IP address used by Nova metadata server -# nova_metadata_ip = 127.0.0.1 +nova_metadata_ip = {{ CONTROLLER_HOST_ADDRESS }} # TCP Port used by Nova metadata server # nova_metadata_port = 8775 @@ -40,7 +41,7 @@ admin_password = %SERVICE_PASSWORD% # shared secret to prevent spoofing. You may select any string for a secret, # but it must match here and in the configuration used by the Nova Metadata # Server. NOTE: Nova uses a different key: neutron_metadata_proxy_shared_secret -# metadata_proxy_shared_secret = +metadata_proxy_shared_secret = {{ METADATA_PROXY_SHARED_SECRET }} # Location of Metadata Proxy UNIX domain socket # metadata_proxy_socket = $state_path/metadata_proxy diff --git a/openstack/usr/share/openstack/neutron/neutron.conf b/openstack/usr/share/openstack/neutron/neutron.conf index 08366264..51de7464 100644 --- a/openstack/usr/share/openstack/neutron/neutron.conf +++ b/openstack/usr/share/openstack/neutron/neutron.conf @@ -17,7 +17,7 @@ # Where to store Neutron state files. This directory must be writable by the # user executing the agent. -# state_path = /var/lib/neutron +state_path = /var/lib/neutron # Where to store lock files lock_path = $state_path/lock @@ -32,7 +32,8 @@ lock_path = $state_path/lock # (not user_stderr) and (not log_file) -> stdout # publish_errors -> notification system -# use_syslog = False +use_syslog = True + # syslog_log_facility = LOG_USER # use_stderr = True @@ -60,7 +61,7 @@ lock_path = $state_path/lock # previous versions, the class name of a plugin can be specified instead of its # entrypoint name. # -# core_plugin = +core_plugin = ml2 # Example: core_plugin = ml2 # (ListOpt) List of service plugin entrypoints to be loaded from the @@ -69,15 +70,15 @@ lock_path = $state_path/lock # with previous versions, the class name of a plugin can be specified instead # of its entrypoint name. # -# service_plugins = +service_plugins = router # Example: service_plugins = router,firewall,lbaas,vpnaas,metering # Paste configuration file -# api_paste_config = api-paste.ini +api_paste_config = api-paste.ini # The strategy to be used for auth. # Supported values are 'keystone'(default), 'noauth'. -# auth_strategy = keystone +auth_strategy = keystone # Base MAC address. The first 3 octets will remain unchanged. If the # 4h octet is not 00, it will also be used. The others will be @@ -114,7 +115,7 @@ lock_path = $state_path/lock # Enable or disable overlapping IPs for subnets # Attention: the following parameter MUST be set to False if Neutron is # being used in conjunction with nova security groups -# allow_overlapping_ips = False +allow_overlapping_ips = True # Ensure that configured gateway is on subnet. For IPv6, validate only if # gateway is not a link local address. Deprecated, to be removed during the # K release, at which point the check will be mandatory. @@ -233,29 +234,29 @@ lock_path = $state_path/lock # ======== neutron nova interactions ========== # Send notification to nova when port status is active. -# notify_nova_on_port_status_changes = True +notify_nova_on_port_status_changes = True # Send notifications to nova when port data (fixed_ips/floatingips) change # so nova can update it's cache. -# notify_nova_on_port_data_changes = True +notify_nova_on_port_data_changes = True # URL for connection to nova (Only supports one nova region currently). -# nova_url = http://127.0.0.1:8774/v2 +nova_url = http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2 # Name of nova region to use. Useful if keystone manages more than one region -# nova_region_name = +nova_region_name = regionOne # Username for connection to nova in admin context -# nova_admin_username = +nova_admin_username = {{ NOVA_SERVICE_USER }} # The uuid of the admin nova tenant -# nova_admin_tenant_id = +nova_admin_tenant_id = {{ SERVICE_TENANT_ID }} # Password for connection to nova in admin context. -# nova_admin_password = +nova_admin_password = {{ NOVA_SERVICE_PASSWORD }} # Authorization URL for connection to nova in admin context. -# nova_admin_auth_url = +nova_admin_auth_url = http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 # CA file for novaclient to verify server certificates # nova_ca_certificates_file = @@ -340,11 +341,11 @@ lock_path = $state_path/lock # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port @@ -353,10 +354,10 @@ lock_path = $state_path/lock #rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN @@ -425,7 +426,7 @@ lock_path = $state_path/lock # Driver or drivers to handle sending notifications. (multi # valued) -#notification_driver= +notification_driver=neutron.openstack.common.notifier.rpc_notifier # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics @@ -441,7 +442,7 @@ lock_path = $state_path/lock # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -#rpc_backend=rabbit +rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the @@ -544,6 +545,7 @@ lock_path = $state_path/lock # root filter facility. # Change to "sudo" to skip the filtering and just run the comand directly # root_helper = sudo +root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf # =========== items for agent management extension ============= # seconds between nodes reporting state to server; should be less than @@ -553,12 +555,11 @@ lock_path = $state_path/lock # =========== end of items for agent management extension ===== [keystone_authtoken] -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -admin_tenant_name = %SERVICE_TENANT_NAME% -admin_user = %SERVICE_USER% -admin_password = %SERVICE_PASSWORD% +auth_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 +admin_tenant_name = service +admin_user = {{ NEUTRON_SERVICE_USER }} +admin_password = {{ NEUTRON_SERVICE_PASSWORD }} [database] # This line MUST be changed to actually run the plugin. @@ -571,6 +572,8 @@ admin_password = %SERVICE_PASSWORD% # be set in the corresponding core plugin '.ini' file. However, it is suggested # to put the [database] section and its connection attribute in this # configuration file. +#connection=sqlite:////var/lib/neutron/neutron.sqlite +connection=postgresql://{{ NEUTRON_DB_USER }}:{{ NEUTRON_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/neutron # Database engine for which script will be generated when using offline # migration diff --git a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini index 4fb1a4a3..b8097ce2 100644 --- a/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini +++ b/openstack/usr/share/openstack/neutron/plugins/ml2/ml2_conf.ini @@ -4,6 +4,7 @@ # # type_drivers = local,flat,vlan,gre,vxlan # Example: type_drivers = flat,vlan,gre,vxlan +type_drivers = flat,gre # (ListOpt) Ordered list of network_types to allocate as tenant # networks. The default value 'local' is useful for single-box testing @@ -11,6 +12,7 @@ # # tenant_network_types = local # Example: tenant_network_types = vlan,gre,vxlan +tenant_network_types = gre # (ListOpt) Ordered list of networking mechanism driver entrypoints # to be loaded from the neutron.ml2.mechanism_drivers namespace. @@ -20,6 +22,7 @@ # Example: mechanism_drivers = cisco,logger # Example: mechanism_drivers = openvswitch,brocade # Example: mechanism_drivers = linuxbridge,brocade +mechanism_drivers = openvswitch # (ListOpt) Ordered list of extension driver entrypoints # to be loaded from the neutron.ml2.extension_drivers namespace. @@ -34,6 +37,7 @@ # flat_networks = # Example:flat_networks = physnet1,physnet2 # Example:flat_networks = * +flat_networks = External [ml2_type_vlan] # (ListOpt) List of [::] tuples @@ -43,10 +47,11 @@ # # network_vlan_ranges = # Example: network_vlan_ranges = physnet1:1000:2999,physnet2 +#network_vlan_ranges = Physnet1:100:200 [ml2_type_gre] # (ListOpt) Comma-separated list of : tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation -# tunnel_id_ranges = +tunnel_id_ranges = 1:1000 [ml2_type_vxlan] # (ListOpt) Comma-separated list of : tuples enumerating @@ -64,8 +69,18 @@ [securitygroup] # Controls if neutron security group is enabled or not. # It should be false when you use nova security group. -# enable_security_group = True +enable_security_group = True # Use ipset to speed-up the iptables security groups. Enabling ipset support # requires that ipset is installed on L2 agent node. -# enable_ipset = True +enable_ipset = True + +firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver + +[ovs] +local_ip = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} +enable_tunneling = True +bridge_mappings=External:br-ex + +[agent] +tunnel_types = gre diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 64b5646b..aa369f26 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -68,3 +68,4 @@ configuration-extensions: - openstack-cinder - openstack-nova - openstack-network +- openstack-neutron -- cgit v1.2.1 From 8434cbe8ee52df9f329992d05ac291aca6bcad30 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 14:25:14 +0000 Subject: Openstack: Make Horizon configurable Change-Id: I70745baea478dd9fd57d9e3d5ae66d40db3c1712 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Zara Zaimeche Signed-off-by: Mike Smith --- openstack/etc/horizon/apache-horizon.conf | 34 ++ .../horizon/openstack_dashboard/local_settings.py | 551 +++++++++++++++++++++ openstack/manifest | 7 + .../usr/lib/systemd/system/apache-httpd.service | 16 + .../systemd/system/openstack-horizon-setup.service | 10 + openstack/usr/share/openstack/horizon.yml | 47 ++ 6 files changed, 665 insertions(+) create mode 100644 openstack/etc/horizon/apache-horizon.conf create mode 100644 openstack/etc/horizon/openstack_dashboard/local_settings.py create mode 100644 openstack/usr/lib/systemd/system/apache-httpd.service create mode 100644 openstack/usr/lib/systemd/system/openstack-horizon-setup.service create mode 100644 openstack/usr/share/openstack/horizon.yml diff --git a/openstack/etc/horizon/apache-horizon.conf b/openstack/etc/horizon/apache-horizon.conf new file mode 100644 index 00000000..ea88897a --- /dev/null +++ b/openstack/etc/horizon/apache-horizon.conf @@ -0,0 +1,34 @@ + + WSGIScriptAlias /horizon /var/lib/horizon/openstack_dashboard/django.wsgi + WSGIDaemonProcess horizon user=horizon group=horizon processes=3 threads=10 home=/var/lib/horizon display-name=horizon + WSGIApplicationGroup %{GLOBAL} + + RedirectMatch ^/$ /horizon/ + + SetEnv APACHE_RUN_USER apache + SetEnv APACHE_RUN_GROUP apache + WSGIProcessGroup horizon + + DocumentRoot /var/lib/horizon/.blackhole + Alias /static /var/lib/horizon/openstack_dashboard/static + + + Options Indexes FollowSymLinks MultiViews + AllowOverride None + # Apache 2.4 uses mod_authz_host for access control now (instead of + # "Allow") + + Order allow,deny + Allow from all + + = 2.4> + Require all granted + + + + ErrorLog /var/log/httpd/horizon_error.log + LogLevel warn + CustomLog /var/log/httpd/horizon_access.log combined + + +WSGISocketPrefix /var/run/httpd diff --git a/openstack/etc/horizon/openstack_dashboard/local_settings.py b/openstack/etc/horizon/openstack_dashboard/local_settings.py new file mode 100644 index 00000000..febc3e70 --- /dev/null +++ b/openstack/etc/horizon/openstack_dashboard/local_settings.py @@ -0,0 +1,551 @@ +import os + +from django.utils.translation import ugettext_lazy as _ + +from openstack_dashboard import exceptions + +DEBUG = True +TEMPLATE_DEBUG = DEBUG + +STATIC_ROOT = "/var/lib/horizon/openstack_dashboard/static" + +# Required for Django 1.5. +# If horizon is running in production (DEBUG is False), set this +# with the list of host/domain names that the application can serve. +# For more information see: +# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts +#ALLOWED_HOSTS = ['horizon.example.com', ] +ALLOWED_HOSTS = ['*'] + +# Set SSL proxy settings: +# For Django 1.4+ pass this header from the proxy after terminating the SSL, +# and don't forget to strip it from the client's request. +# For more information see: +# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header +# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') + +# If Horizon is being served through SSL, then uncomment the following two +# settings to better secure the cookies from security exploits +#CSRF_COOKIE_SECURE = True +#SESSION_COOKIE_SECURE = True + +# Overrides for OpenStack API versions. Use this setting to force the +# OpenStack dashboard to use a specific API version for a given service API. +# NOTE: The version should be formatted as it appears in the URL for the +# service API. For example, The identity service APIs have inconsistent +# use of the decimal point, so valid options would be "2.0" or "3". +# OPENSTACK_API_VERSIONS = { +# "data_processing": 1.1, +# "identity": 3, +# "volume": 2 +# } + +# Set this to True if running on multi-domain model. When this is enabled, it +# will require user to enter the Domain name in addition to username for login. +# OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False + +# Overrides the default domain used when running on single-domain model +# with Keystone V3. All entities will be created in the default domain. +# OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default' + +# Set Console type: +# valid options would be "AUTO"(default), "VNC", "SPICE", "RDP" or None +# Set to None explicitly if you want to deactivate the console. +# CONSOLE_TYPE = "AUTO" + +# Default OpenStack Dashboard configuration. +HORIZON_CONFIG = { + 'user_home': 'openstack_dashboard.views.get_user_home', + 'ajax_queue_limit': 10, + 'auto_fade_alerts': { + 'delay': 3000, + 'fade_duration': 1500, + 'types': ['alert-success', 'alert-info'] + }, + 'help_url': "http://docs.openstack.org", + 'exceptions': {'recoverable': exceptions.RECOVERABLE, + 'not_found': exceptions.NOT_FOUND, + 'unauthorized': exceptions.UNAUTHORIZED}, + 'modal_backdrop': 'static', + 'angular_modules': [], + 'js_files': [], +} + +# Specify a regular expression to validate user passwords. +# HORIZON_CONFIG["password_validator"] = { +# "regex": '.*', +# "help_text": _("Your password does not meet the requirements.") +# } + +# Disable simplified floating IP address management for deployments with +# multiple floating IP pools or complex network requirements. +# HORIZON_CONFIG["simple_ip_management"] = False + +# Turn off browser autocompletion for forms including the login form and +# the database creation workflow if so desired. +# HORIZON_CONFIG["password_autocomplete"] = "off" + +# Setting this to True will disable the reveal button for password fields, +# including on the login form. +# HORIZON_CONFIG["disable_password_reveal"] = False + +#LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) + +LOCAL_PATH = "/var/lib/horizon" + +# Set custom secret key: +# You can either set it to a specific value or you can let horizon generate a +# default secret key that is unique on this machine, e.i. regardless of the +# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, there +# may be situations where you would want to set this explicitly, e.g. when +# multiple dashboard instances are distributed on different machines (usually +# behind a load-balancer). Either you have to make sure that a session gets all +# requests routed to the same dashboard instance or you set the same SECRET_KEY +# for all of them. +from horizon.utils import secret_key +SECRET_KEY = secret_key.generate_or_read_from_file( + os.path.join(LOCAL_PATH, '.secret_key_store')) + +# We recommend you use memcached for development; otherwise after every reload +# of the django development server, you will have to login again. To use +# memcached set CACHES to something like +CACHES = { + 'default': { + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '127.0.0.1:11211', + } +} + +#CACHES = { +# 'default': { +# 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache' +# } +#} + +# Send email to the console by default +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' +# Or send them to /dev/null +#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' + +# Configure these for your outgoing email host +# EMAIL_HOST = 'smtp.my-company.com' +# EMAIL_PORT = 25 +# EMAIL_HOST_USER = 'djangomail' +# EMAIL_HOST_PASSWORD = 'top-secret!' + +# For multiple regions uncomment this configuration, and add (endpoint, title). +# AVAILABLE_REGIONS = [ +# ('http://cluster1.example.com:5000/v2.0', 'cluster1'), +# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), +# ] + +OPENSTACK_HOST = "127.0.0.1" +OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST +OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" + +# Disable SSL certificate checks (useful for self-signed certificates): +# OPENSTACK_SSL_NO_VERIFY = True + +# The CA certificate to use to verify SSL connections +# OPENSTACK_SSL_CACERT = '/path/to/cacert.pem' + +# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the +# capabilities of the auth backend for Keystone. +# If Keystone has been configured to use LDAP as the auth backend then set +# can_edit_user to False and name to 'ldap'. +# +# TODO(tres): Remove these once Keystone has an API to identify auth backend. +OPENSTACK_KEYSTONE_BACKEND = { + 'name': 'native', + 'can_edit_user': True, + 'can_edit_group': True, + 'can_edit_project': True, + 'can_edit_domain': True, + 'can_edit_role': True +} + +#Setting this to True, will add a new "Retrieve Password" action on instance, +#allowing Admin session password retrieval/decryption. +#OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False + +# The Xen Hypervisor has the ability to set the mount point for volumes +# attached to instances (other Hypervisors currently do not). Setting +# can_set_mount_point to True will add the option to set the mount point +# from the UI. +OPENSTACK_HYPERVISOR_FEATURES = { + 'can_set_mount_point': False, + 'can_set_password': False, +} + +# The OPENSTACK_CINDER_FEATURES settings can be used to enable optional +# services provided by cinder that is not exposed by its extension API. +OPENSTACK_CINDER_FEATURES = { + 'enable_backup': False, +} + +# The OPENSTACK_NEUTRON_NETWORK settings can be used to enable optional +# services provided by neutron. Options currently available are load +# balancer service, security groups, quotas, VPN service. +OPENSTACK_NEUTRON_NETWORK = { + 'enable_router': True, + 'enable_quotas': True, + 'enable_ipv6': True, + 'enable_distributed_router': False, + 'enable_ha_router': False, + 'enable_lb': True, + 'enable_firewall': True, + 'enable_vpn': True, + # The profile_support option is used to detect if an external router can be + # configured via the dashboard. When using specific plugins the + # profile_support can be turned on if needed. + 'profile_support': None, + #'profile_support': 'cisco', + # Set which provider network types are supported. Only the network types + # in this list will be available to choose from when creating a network. + # Network types include local, flat, vlan, gre, and vxlan. + 'supported_provider_types': ['*'], +} + +# The OPENSTACK_IMAGE_BACKEND settings can be used to customize features +# in the OpenStack Dashboard related to the Image service, such as the list +# of supported image formats. +# OPENSTACK_IMAGE_BACKEND = { +# 'image_formats': [ +# ('', _('Select format')), +# ('aki', _('AKI - Amazon Kernel Image')), +# ('ami', _('AMI - Amazon Machine Image')), +# ('ari', _('ARI - Amazon Ramdisk Image')), +# ('iso', _('ISO - Optical Disk Image')), +# ('qcow2', _('QCOW2 - QEMU Emulator')), +# ('raw', _('Raw')), +# ('vdi', _('VDI')), +# ('vhd', _('VHD')), +# ('vmdk', _('VMDK')) +# ] +# } + +# The IMAGE_CUSTOM_PROPERTY_TITLES settings is used to customize the titles for +# image custom property attributes that appear on image detail pages. +IMAGE_CUSTOM_PROPERTY_TITLES = { + "architecture": _("Architecture"), + "kernel_id": _("Kernel ID"), + "ramdisk_id": _("Ramdisk ID"), + "image_state": _("Euca2ools state"), + "project_id": _("Project ID"), + "image_type": _("Image Type") +} + +# The IMAGE_RESERVED_CUSTOM_PROPERTIES setting is used to specify which image +# custom properties should not be displayed in the Image Custom Properties +# table. +IMAGE_RESERVED_CUSTOM_PROPERTIES = [] + +# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints +# in the Keystone service catalog. Use this setting when Horizon is running +# external to the OpenStack environment. The default is 'publicURL'. +#OPENSTACK_ENDPOINT_TYPE = "publicURL" + +# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the +# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints +# in the Keystone service catalog. Use this setting when Horizon is running +# external to the OpenStack environment. The default is None. This +# value should differ from OPENSTACK_ENDPOINT_TYPE if used. +#SECONDARY_ENDPOINT_TYPE = "publicURL" + +# The number of objects (Swift containers/objects or images) to display +# on a single page before providing a paging element (a "more" link) +# to paginate results. +API_RESULT_LIMIT = 1000 +API_RESULT_PAGE_SIZE = 20 + +# Specify a maximum number of items to display in a dropdown. +DROPDOWN_MAX_ITEMS = 30 + +# The timezone of the server. This should correspond with the timezone +# of your entire OpenStack installation, and hopefully be in UTC. +TIME_ZONE = "UTC" + +# When launching an instance, the menu of available flavors is +# sorted by RAM usage, ascending. If you would like a different sort order, +# you can provide another flavor attribute as sorting key. Alternatively, you +# can provide a custom callback method to use for sorting. You can also provide +# a flag for reverse sort. For more info, see +# http://docs.python.org/2/library/functions.html#sorted +# CREATE_INSTANCE_FLAVOR_SORT = { +# 'key': 'name', +# # or +# 'key': my_awesome_callback_method, +# 'reverse': False, +# } + +# The Horizon Policy Enforcement engine uses these values to load per service +# policy rule files. The content of these files should match the files the +# OpenStack services are using to determine role based access control in the +# target installation. + +# Path to directory containing policy.json files +#POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf") +# Map of local copy of service policy files +#POLICY_FILES = { +# 'identity': 'keystone_policy.json', +# 'compute': 'nova_policy.json', +# 'volume': 'cinder_policy.json', +# 'image': 'glance_policy.json', +# 'orchestration': 'heat_policy.json', +# 'network': 'neutron_policy.json', +#} + +# Trove user and database extension support. By default support for +# creating users and databases on database instances is turned on. +# To disable these extensions set the permission here to something +# unusable such as ["!"]. +# TROVE_ADD_USER_PERMS = [] +# TROVE_ADD_DATABASE_PERMS = [] + +LOGGING = { + 'version': 1, + # When set to True this will disable all logging except + # for loggers specified in this configuration dictionary. Note that + # if nothing is specified here and disable_existing_loggers is True, + # django.db.backends will still log unless it is disabled explicitly. + 'disable_existing_loggers': False, + 'handlers': { + 'null': { + 'level': 'DEBUG', + 'class': 'django.utils.log.NullHandler', + }, + 'console': { + # Set the level to "DEBUG" for verbose output logging. + 'level': 'INFO', + 'class': 'logging.StreamHandler', + }, + }, + 'loggers': { + # Logging from django.db.backends is VERY verbose, send to null + # by default. + 'django.db.backends': { + 'handlers': ['null'], + 'propagate': False, + }, + 'requests': { + 'handlers': ['null'], + 'propagate': False, + }, + 'horizon': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'openstack_dashboard': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'novaclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'cinderclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'keystoneclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'glanceclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'neutronclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'heatclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'ceilometerclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'troveclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'swiftclient': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'openstack_auth': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'nose.plugins.manager': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'django': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + 'iso8601': { + 'handlers': ['null'], + 'propagate': False, + }, + 'scss': { + 'handlers': ['null'], + 'propagate': False, + }, + } +} + +# 'direction' should not be specified for all_tcp/udp/icmp. +# It is specified in the form. +SECURITY_GROUP_RULES = { + 'all_tcp': { + 'name': _('All TCP'), + 'ip_protocol': 'tcp', + 'from_port': '1', + 'to_port': '65535', + }, + 'all_udp': { + 'name': _('All UDP'), + 'ip_protocol': 'udp', + 'from_port': '1', + 'to_port': '65535', + }, + 'all_icmp': { + 'name': _('All ICMP'), + 'ip_protocol': 'icmp', + 'from_port': '-1', + 'to_port': '-1', + }, + 'ssh': { + 'name': 'SSH', + 'ip_protocol': 'tcp', + 'from_port': '22', + 'to_port': '22', + }, + 'smtp': { + 'name': 'SMTP', + 'ip_protocol': 'tcp', + 'from_port': '25', + 'to_port': '25', + }, + 'dns': { + 'name': 'DNS', + 'ip_protocol': 'tcp', + 'from_port': '53', + 'to_port': '53', + }, + 'http': { + 'name': 'HTTP', + 'ip_protocol': 'tcp', + 'from_port': '80', + 'to_port': '80', + }, + 'pop3': { + 'name': 'POP3', + 'ip_protocol': 'tcp', + 'from_port': '110', + 'to_port': '110', + }, + 'imap': { + 'name': 'IMAP', + 'ip_protocol': 'tcp', + 'from_port': '143', + 'to_port': '143', + }, + 'ldap': { + 'name': 'LDAP', + 'ip_protocol': 'tcp', + 'from_port': '389', + 'to_port': '389', + }, + 'https': { + 'name': 'HTTPS', + 'ip_protocol': 'tcp', + 'from_port': '443', + 'to_port': '443', + }, + 'smtps': { + 'name': 'SMTPS', + 'ip_protocol': 'tcp', + 'from_port': '465', + 'to_port': '465', + }, + 'imaps': { + 'name': 'IMAPS', + 'ip_protocol': 'tcp', + 'from_port': '993', + 'to_port': '993', + }, + 'pop3s': { + 'name': 'POP3S', + 'ip_protocol': 'tcp', + 'from_port': '995', + 'to_port': '995', + }, + 'ms_sql': { + 'name': 'MS SQL', + 'ip_protocol': 'tcp', + 'from_port': '1433', + 'to_port': '1433', + }, + 'mysql': { + 'name': 'MYSQL', + 'ip_protocol': 'tcp', + 'from_port': '3306', + 'to_port': '3306', + }, + 'rdp': { + 'name': 'RDP', + 'ip_protocol': 'tcp', + 'from_port': '3389', + 'to_port': '3389', + }, +} + +# Deprecation Notice: +# +# The setting FLAVOR_EXTRA_KEYS has been deprecated. +# Please load extra spec metadata into the Glance Metadata Definition Catalog. +# +# The sample quota definitions can be found in: +# /etc/metadefs/compute-quota.json +# +# The metadata definition catalog supports CLI and API: +# $glance --os-image-api-version 2 help md-namespace-import +# $glance-manage db_load_metadefs +# +# See Metadata Definitions on: http://docs.openstack.org/developer/glance/ + +# Indicate to the Sahara data processing service whether or not +# automatic floating IP allocation is in effect. If it is not +# in effect, the user will be prompted to choose a floating IP +# pool for use in their cluster. False by default. You would want +# to set this to True if you were running Nova Networking with +# auto_assign_floating_ip = True. +# SAHARA_AUTO_IP_ALLOCATION_ENABLED = False + +# The hash algorithm to use for authentication tokens. This must +# match the hash algorithm that the identity server and the +# auth_token middleware are using. Allowed values are the +# algorithms supported by Python's hashlib library. +# OPENSTACK_TOKEN_HASH_ALGORITHM = 'md5' +LOGIN_URL='/horizon/auth/login/' +LOGOUT_URL='/horizon/auth/logout/' +LOGIN_REDIRECT_URL='/horizon/' diff --git a/openstack/manifest b/openstack/manifest index e6b9e053..416e4531 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -1,3 +1,7 @@ +0040755 0 0 /etc/horizon +0100644 0 0 /etc/horizon/apache-horizon.conf +0040755 0 0 /etc/horizon/openstack_dashboard +0100644 0 0 /etc/horizon/openstack_dashboard/local_settings.py 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts 0040755 0 0 /usr/share/openstack/cinder @@ -19,6 +23,7 @@ 0100644 0 0 /usr/share/openstack/glance/policy.json 0100644 0 0 /usr/share/openstack/glance/glance-api-paste.ini 0100644 0 0 /usr/share/openstack/glance/glance-registry-paste.ini +0100755 0 0 /usr/share/openstack/horizon.yml 0100644 0 0 /usr/share/openstack/keystone.yml 0040755 0 0 /usr/share/openstack/keystone 0100644 0 0 /usr/share/openstack/keystone/logging.conf @@ -107,11 +112,13 @@ 0040755 0 0 /usr/share/openstack/rabbitmq 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq-env.conf 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq.config +0100644 0 0 /usr/lib/systemd/system/apache-httpd.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service +0100644 0 0 /usr/lib/systemd/system/openstack-horizon-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-server.service diff --git a/openstack/usr/lib/systemd/system/apache-httpd.service b/openstack/usr/lib/systemd/system/apache-httpd.service new file mode 100644 index 00000000..e2a840c6 --- /dev/null +++ b/openstack/usr/lib/systemd/system/apache-httpd.service @@ -0,0 +1,16 @@ +[Unit] +Description=Apache Web Server +After=network.target remote-fs.target nss-lookup.target +Wants=network.target + +[Service] +Type=forking +PIDFile=/var/run/httpd.pid +ExecStart=/usr/sbin/apachectl start +ExecStop=/usr/sbin/apachectl graceful-stop +ExecReload=/usr/sbin/apachectl graceful +PrivateTmp=true +LimitNOFILE=infinity + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-horizon-setup.service b/openstack/usr/lib/systemd/system/openstack-horizon-setup.service new file mode 100644 index 00000000..9ec3197a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-horizon-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run horizon-setup Ansible scripts +After=local-fs.target +Before=apache-httpd.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/horizon.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/horizon.yml b/openstack/usr/share/openstack/horizon.yml new file mode 100644 index 00000000..14cea5c5 --- /dev/null +++ b/openstack/usr/share/openstack/horizon.yml @@ -0,0 +1,47 @@ +--- +- hosts: localhost + tasks: + +# Setup apache, this may end up in apache.yml + - name: Create the apache user. + user: + name: apache + comment: Apache Server + shell: /sbin/nologin + home: /var/www + + - file: + path: /usr/sbin/suexec + group: apache + mode: 4750 + +# Setup horizon + - name: Create the horizon user. + user: + name: horizon + comment: Openstack Horizon User + shell: /sbin/nologin + home: /var/lib/horizon + + - name: Create the /var folders for horizon + file: + path: "{{ item }}" + state: directory + owner: horizon + group: horizon + with_items: + - /var/lib/horizon + + - name: Link horizon apache configuration + file: + src: /etc/horizon/apache-horizon.conf + dest: /etc/httpd/conf.d/apache-horizon.conf + state: link + + - name: Enable and start apache services needed by horizon + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - apache-httpd.service -- cgit v1.2.1 From 6443ff30bc3cab2c1b19331efef7b9e806056623 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 16:04:49 +0000 Subject: Add cluster to deploy a Openstack system in one node Change-Id: I8784857c1531cac0e1048da1bc83bdfda25258c2 --- clusters/openstack-one-node.morph | 88 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 clusters/openstack-one-node.morph diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph new file mode 100644 index 00000000..4c8e9851 --- /dev/null +++ b/clusters/openstack-one-node.morph @@ -0,0 +1,88 @@ +name: openstack-one-node +kind: cluster +description: | + This is a cluster morphology for deploying a x86_64 OpenStack system + all-in-one-node. + + Requirements to be able to run and test the system: + + - DISK_SIZE should be bigger than 5G + - The system has to have available at least 4G of RAM, but once + you start instantiating VMs you will need more. + - The IP of the system can't change, and you need to know it beforehand, + that is, the system needs a static IP address. + + This cluster is configurable, but with the following constraints: + + - The hostname in RABBITMQ_HOST has to match CONTROLLER_HOST_ADDRESS, + and HOST_CONTROLLER. + - HOSTS_CONTROLLER is only needed if the hostname (see previous point) + is not a FQDN. + - The IP listed in MANAGEMENT_INTERFACE_IP_ADDRESS has to match the one + used in HOSTS_CONTROLLER. + - CINDER_DEVICE should be a path to a storage device ready to be + used/formated for cinder data. + - EXTERNAL_INTERFACE is required when the system has more than one network + interface. + + You can also have a look at the following suggestions: + + - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the + system is being deployed to. + - We recommend changing all the PASSWORDs variables, also the + KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + +systems: +- morph: systems/openstack-system-x86_64.morph + deploy: + release: + type: rawdisk + location: baserock-openstack-system-x86_64.img + DISK_SIZE: 10G + INSTALL_FILES: openstack/manifest + + HOSTNAME: onenode + + RABBITMQ_HOST: onenode + RABBITMQ_PORT: 5672 + RABBITMQ_USER: rabbitmq + RABBITMQ_PASSWORD: veryinsecure + + CONTROLLER_HOST_ADDRESS: onenode + MANAGEMENT_INTERFACE_IP_ADDRESS: + + + KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 + KEYSTONE_ADMIN_PASSWORD: veryinsecure + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure + + GLANCE_SERVICE_USER: glance + GLANCE_SERVICE_PASSWORD: veryinsecure + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure + + NOVA_SERVICE_USER: nova + NOVA_SERVICE_PASSWORD: veryinsecure + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure + NOVA_VIRT_TYPE: qemu + + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + # Storage device to be used by Cinder + CINDER_DEVICE: /dev/sdb + + NEUTRON_SERVICE_USER: neutron + NEUTRON_SERVICE_PASSWORD: veryinsecure + NEUTRON_DB_USER: neutronDB + NEUTRON_DB_PASSWORD: veryinsecure + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + HOSTS_CONTROLLER: onenode + + # Network interface to be used, only needed if there are more + # than one available. + # EXTERNAL_INTERFACE: eno1 -- cgit v1.2.1 From 587347682de1b858e272255e6b3cce215dc4f9c8 Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 14 Apr 2015 13:14:18 +0000 Subject: OpenStack: stop horizon.yml being executable Change-Id: I17222d8ca6fa669ef3e0046bb91a1f5af8d1c00d --- openstack/manifest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openstack/manifest b/openstack/manifest index 416e4531..3b32f813 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -23,7 +23,7 @@ 0100644 0 0 /usr/share/openstack/glance/policy.json 0100644 0 0 /usr/share/openstack/glance/glance-api-paste.ini 0100644 0 0 /usr/share/openstack/glance/glance-registry-paste.ini -0100755 0 0 /usr/share/openstack/horizon.yml +0100644 0 0 /usr/share/openstack/horizon.yml 0100644 0 0 /usr/share/openstack/keystone.yml 0040755 0 0 /usr/share/openstack/keystone 0100644 0 0 /usr/share/openstack/keystone/logging.conf -- cgit v1.2.1 From 3b2354f8d8aad716f2c456e0dd33cdec8317e037 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Tue, 17 Mar 2015 08:12:00 +0000 Subject: Add configuration for swift controller node This adds configuration needed to deploy a swift proxy-server that uses keystone for authentication. Change-Id: I038180e2d1e16f1f612986ca9db241ce05afa84c --- openstack-swift-controller.configure | 49 ++ openstack/manifest | 7 + .../systemd/system/swift-controller-setup.service | 11 + .../usr/lib/systemd/system/swift-proxy.service | 13 + openstack/usr/share/openstack/swift-controller.yml | 52 ++ openstack/usr/share/swift/etc/rsyncd.j2 | 23 + .../usr/share/swift/etc/swift/proxy-server.j2 | 630 +++++++++++++++++++++ systems/openstack-system-x86_64.morph | 3 + 8 files changed, 788 insertions(+) create mode 100644 openstack-swift-controller.configure create mode 100644 openstack/usr/lib/systemd/system/swift-controller-setup.service create mode 100644 openstack/usr/lib/systemd/system/swift-proxy.service create mode 100644 openstack/usr/share/openstack/swift-controller.yml create mode 100644 openstack/usr/share/swift/etc/rsyncd.j2 create mode 100644 openstack/usr/share/swift/etc/swift/proxy-server.j2 diff --git a/openstack-swift-controller.configure b/openstack-swift-controller.configure new file mode 100644 index 00000000..424ab57b --- /dev/null +++ b/openstack-swift-controller.configure @@ -0,0 +1,49 @@ +#!/bin/bash +# +# Copyright © 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + + +set -e + +export ROOT="$1" + +MANDATORY_OPTIONS="SWIFT_ADMIN_PASSWORD KEYSTONE_TEMPORARY_ADMIN_TOKEN" + +for option in $MANDATORY_OPTIONS +do + if ! [[ -v $option ]] + then + missing_option=True + echo "Required option $option isn't set!" >&2 + fi +done + +if [[ $missing_option = True ]]; then exit 1; fi + +mkdir -p "$ROOT/usr/lib/systemd/system/multi-user.target.wants" # ensure this exists before we make symlinks + +ln -s "/usr/lib/systemd/system/swift-controller-setup.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/swift-controller-setup.service" +ln -s "/usr/lib/systemd/system/memcached.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/memcached.service" +ln -s "/usr/lib/systemd/system/openstack-swift-proxy.service" \ + "$ROOT/usr/lib/systemd/system/multi-user.target.wants/swift-proxy.service" + +cat << EOF > "$ROOT"/usr/share/openstack/swift-controller-vars.yml +--- +SWIFT_ADMIN_PASSWORD: $SWIFT_ADMIN_PASSWORD +MANAGEMENT_INTERFACE_IP_ADDRESS: $MANAGEMENT_INTERFACE_IP_ADDRESS +KEYSTONE_TEMPORARY_ADMIN_TOKEN: $KEYSTONE_TEMPORARY_ADMIN_TOKEN +EOF diff --git a/openstack/manifest b/openstack/manifest index 3b32f813..4fa106ae 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -146,3 +146,10 @@ 0100644 0 0 /usr/lib/systemd/system/openvswitch-db-server.service 0100644 0 0 /usr/lib/systemd/system/openvswitch.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service +0100644 0 0 /usr/share/openstack/swift-controller.yml +0100644 0 0 /usr/lib/systemd/system/swift-controller-setup.service +0100644 0 0 /usr/lib/systemd/system/swift-proxy.service +0040755 0 0 /usr/share/swift +0040755 0 0 /usr/share/swift/etc +0040755 0 0 /usr/share/swift/etc/swift +0100644 0 0 /usr/share/swift/etc/swift/proxy-server.j2 diff --git a/openstack/usr/lib/systemd/system/swift-controller-setup.service b/openstack/usr/lib/systemd/system/swift-controller-setup.service new file mode 100644 index 00000000..3e0ddaf7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/swift-controller-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run swift-controller-setup (once) +After=local-fs.target postgres-server.service openstack-keystone-setup.service openstack-keystone.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/swift-controller.yml +Restart=no + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/swift-proxy.service b/openstack/usr/lib/systemd/system/swift-proxy.service new file mode 100644 index 00000000..bb51d594 --- /dev/null +++ b/openstack/usr/lib/systemd/system/swift-proxy.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Swift Proxy Server +After=syslog.target network.target memcached.service openstack-keystone.service swift-controller-setup.service + +[Service] +Type=forking +PIDFile=/var/run/swift/proxy-server.pid +Restart=on-failure +ExecStart=/usr/bin/swift-init proxy-server start +ExecStop=/usr/bin/swift-init proxy-server stop + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/swift-controller.yml b/openstack/usr/share/openstack/swift-controller.yml new file mode 100644 index 00000000..690de087 --- /dev/null +++ b/openstack/usr/share/openstack/swift-controller.yml @@ -0,0 +1,52 @@ +--- +- hosts: localhost + vars_files: + - swift-controller-vars.yml + vars: + - ring_name_port_map: + account: + port: 6002 + container: + port: 6001 + object: + port: 6000 + remote_user: root + tasks: + - user: + name: swift + comment: Swift user + + - file: + path: /etc/swift + owner: swift + group: swift + state: directory + + - template: + src: /usr/share/swift/etc/swift/proxy-server.j2 + dest: /etc/swift/proxy-server.conf + mode: 0644 + owner: swift + group: swift + + - keystone_user: + user: swift + password: "{{ SWIFT_ADMIN_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - keystone_user: + role: admin + user: swift + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - keystone_service: + name: swift + type: object-store + description: OpenStack Object Storage + publicurl: http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:8080/v1/AUTH_%(tenant_id)s + internalurl: http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:8080/v1/AUTH_%(tenant_id)s + adminurl: http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:8080 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" diff --git a/openstack/usr/share/swift/etc/rsyncd.j2 b/openstack/usr/share/swift/etc/rsyncd.j2 new file mode 100644 index 00000000..c0657665 --- /dev/null +++ b/openstack/usr/share/swift/etc/rsyncd.j2 @@ -0,0 +1,23 @@ +uid = swift +gid = swift +log file = /var/log/rsyncd.log +pid file = /var/run/rsyncd.pid +address = {{ MANAGEMENT_INTERFACE_IP_ADDRESS }} + +[account] +max connections = 2 +path = /srv/node/ +read only = false +lock file = /var/lock/account.lock + +[container] +max connections = 2 +path = /srv/node/ +read only = false +lock file = /var/lock/container.lock + +[object] +max connections = 2 +path = /srv/node/ +read only = false +lock file = /var/lock/object.lock diff --git a/openstack/usr/share/swift/etc/swift/proxy-server.j2 b/openstack/usr/share/swift/etc/swift/proxy-server.j2 new file mode 100644 index 00000000..dda82d5a --- /dev/null +++ b/openstack/usr/share/swift/etc/swift/proxy-server.j2 @@ -0,0 +1,630 @@ +[DEFAULT] +# bind_ip = 0.0.0.0 +bind_port = 8080 +# bind_timeout = 30 +# backlog = 4096 +swift_dir = /etc/swift +user = swift + +# Enables exposing configuration settings via HTTP GET /info. +# expose_info = true + +# Key to use for admin calls that are HMAC signed. Default is empty, +# which will disable admin calls to /info. +# admin_key = secret_admin_key +# +# Allows the ability to withhold sections from showing up in the public calls +# to /info. You can withhold subsections by separating the dict level with a +# ".". The following would cause the sections 'container_quotas' and 'tempurl' +# to not be listed, and the key max_failed_deletes would be removed from +# bulk_delete. Default is empty, allowing all registered fetures to be listed +# via HTTP GET /info. +# disallowed_sections = container_quotas, tempurl, bulk_delete.max_failed_deletes + +# Use an integer to override the number of pre-forked processes that will +# accept connections. Should default to the number of effective cpu +# cores in the system. It's worth noting that individual workers will +# use many eventlet co-routines to service multiple concurrent requests. +# workers = auto +# +# Maximum concurrent requests per worker +# max_clients = 1024 +# +# Set the following two lines to enable SSL. This is for testing only. +# cert_file = /etc/swift/proxy.crt +# key_file = /etc/swift/proxy.key +# +# expiring_objects_container_divisor = 86400 +# expiring_objects_account_name = expiring_objects +# +# You can specify default log routing here if you want: +# log_name = swift +# log_facility = LOG_LOCAL0 +# log_level = INFO +# log_headers = false +# log_address = /dev/log +# The following caps the length of log lines to the value given; no limit if +# set to 0, the default. +# log_max_line_length = 0 +# +# This optional suffix (default is empty) that would be appended to the swift transaction +# id allows one to easily figure out from which cluster that X-Trans-Id belongs to. +# This is very useful when one is managing more than one swift cluster. +# trans_id_suffix = +# +# comma separated list of functions to call to setup custom log handlers. +# functions get passed: conf, name, log_to_console, log_route, fmt, logger, +# adapted_logger +# log_custom_handlers = +# +# If set, log_udp_host will override log_address +# log_udp_host = +# log_udp_port = 514 +# +# You can enable StatsD logging here: +# log_statsd_host = localhost +# log_statsd_port = 8125 +# log_statsd_default_sample_rate = 1.0 +# log_statsd_sample_rate_factor = 1.0 +# log_statsd_metric_prefix = +# +# Use a comma separated list of full url (http://foo.bar:1234,https://foo.bar) +# cors_allow_origin = +# strict_cors_mode = True +# +# client_timeout = 60 +# eventlet_debug = false + +[pipeline:main] +#pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit tempauth container-quotas account-quotas slo dlo proxy-logging proxy-server +pipeline = authtoken cache healthcheck keystoneauth proxy-logging proxy-server + +[app:proxy-server] +use = egg:swift#proxy +# You can override the default log routing for this app here: +# set log_name = proxy-server +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_address = /dev/log +# +# log_handoffs = true +# recheck_account_existence = 60 +# recheck_container_existence = 60 +# object_chunk_size = 65536 +# client_chunk_size = 65536 +# +# How long the proxy server will wait on responses from the a/c/o servers. +# node_timeout = 10 +# +# How long the proxy server will wait for an initial response and to read a +# chunk of data from the object servers while serving GET / HEAD requests. +# Timeouts from these requests can be recovered from so setting this to +# something lower than node_timeout would provide quicker error recovery +# while allowing for a longer timeout for non-recoverable requests (PUTs). +# Defaults to node_timeout, should be overriden if node_timeout is set to a +# high number to prevent client timeouts from firing before the proxy server +# has a chance to retry. +# recoverable_node_timeout = node_timeout +# +# conn_timeout = 0.5 +# +# How long to wait for requests to finish after a quorum has been established. +# post_quorum_timeout = 0.5 +# +# How long without an error before a node's error count is reset. This will +# also be how long before a node is reenabled after suppression is triggered. +# error_suppression_interval = 60 +# +# How many errors can accumulate before a node is temporarily ignored. +# error_suppression_limit = 10 +# +# If set to 'true' any authorized user may create and delete accounts; if +# 'false' no one, even authorized, can. +allow_account_management = true +# +# Set object_post_as_copy = false to turn on fast posts where only the metadata +# changes are stored anew and the original data file is kept in place. This +# makes for quicker posts; but since the container metadata isn't updated in +# this mode, features like container sync won't be able to sync posts. +# object_post_as_copy = true +# +# If set to 'true' authorized accounts that do not yet exist within the Swift +# cluster will be automatically created. +account_autocreate = true +# +# If set to a positive value, trying to create a container when the account +# already has at least this maximum containers will result in a 403 Forbidden. +# Note: This is a soft limit, meaning a user might exceed the cap for +# recheck_account_existence before the 403s kick in. +# max_containers_per_account = 0 +# +# This is a comma separated list of account hashes that ignore the +# max_containers_per_account cap. +# max_containers_whitelist = +# +# Comma separated list of Host headers to which the proxy will deny requests. +# deny_host_headers = +# +# Prefix used when automatically creating accounts. +# auto_create_account_prefix = . +# +# Depth of the proxy put queue. +# put_queue_depth = 10 +# +# Storage nodes can be chosen at random (shuffle), by using timing +# measurements (timing), or by using an explicit match (affinity). +# Using timing measurements may allow for lower overall latency, while +# using affinity allows for finer control. In both the timing and +# affinity cases, equally-sorting nodes are still randomly chosen to +# spread load. +# The valid values for sorting_method are "affinity", "shuffle", and "timing". +# sorting_method = shuffle +# +# If the "timing" sorting_method is used, the timings will only be valid for +# the number of seconds configured by timing_expiry. +# timing_expiry = 300 +# +# The maximum time (seconds) that a large object connection is allowed to last. +# max_large_object_get_time = 86400 +# +# Set to the number of nodes to contact for a normal request. You can use +# '* replicas' at the end to have it use the number given times the number of +# replicas for the ring being used for the request. +# request_node_count = 2 * replicas +# +# Which backend servers to prefer on reads. Format is r for region +# N or rz for region N, zone M. The value after the equals is +# the priority; lower numbers are higher priority. +# +# Example: first read from region 1 zone 1, then region 1 zone 2, then +# anything in region 2, then everything else: +# read_affinity = r1z1=100, r1z2=200, r2=300 +# Default is empty, meaning no preference. +# read_affinity = +# +# Which backend servers to prefer on writes. Format is r for region +# N or rz for region N, zone M. If this is set, then when +# handling an object PUT request, some number (see setting +# write_affinity_node_count) of local backend servers will be tried +# before any nonlocal ones. +# +# Example: try to write to regions 1 and 2 before writing to any other +# nodes: +# write_affinity = r1, r2 +# Default is empty, meaning no preference. +# write_affinity = +# +# The number of local (as governed by the write_affinity setting) +# nodes to attempt to contact first, before any non-local ones. You +# can use '* replicas' at the end to have it use the number given +# times the number of replicas for the ring being used for the +# request. +# write_affinity_node_count = 2 * replicas +# +# These are the headers whose values will only be shown to swift_owners. The +# exact definition of a swift_owner is up to the auth system in use, but +# usually indicates administrative responsibilities. +# swift_owner_headers = x-container-read, x-container-write, x-container-sync-key, x-container-sync-to, x-account-meta-temp-url-key, x-account-meta-temp-url-key-2, x-account-access-control + +[filter:tempauth] +use = egg:swift#tempauth +# You can override the default log routing for this filter here: +# set log_name = tempauth +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log +# +# The reseller prefix will verify a token begins with this prefix before even +# attempting to validate it. Also, with authorization, only Swift storage +# accounts with this prefix will be authorized by this middleware. Useful if +# multiple auth systems are in use for one Swift cluster. +# reseller_prefix = AUTH +# +# The auth prefix will cause requests beginning with this prefix to be routed +# to the auth subsystem, for granting tokens, etc. +# auth_prefix = /auth/ +# token_life = 86400 +# +# This allows middleware higher in the WSGI pipeline to override auth +# processing, useful for middleware such as tempurl and formpost. If you know +# you're not going to use such middleware and you want a bit of extra security, +# you can set this to false. +# allow_overrides = true +# +# This specifies what scheme to return with storage urls: +# http, https, or default (chooses based on what the server is running as) +# This can be useful with an SSL load balancer in front of a non-SSL server. +# storage_url_scheme = default +# +# Lastly, you need to list all the accounts/users you want here. The format is: +# user__ = [group] [group] [...] [storage_url] +# or if you want underscores in or , you can base64 encode them +# (with no equal signs) and use this format: +# user64__ = [group] [group] [...] [storage_url] +# There are special groups of: +# .reseller_admin = can do anything to any account for this auth +# .admin = can do anything within the account +# If neither of these groups are specified, the user can only access containers +# that have been explicitly allowed for them by a .admin or .reseller_admin. +# The trailing optional storage_url allows you to specify an alternate url to +# hand back to the user upon authentication. If not specified, this defaults to +# $HOST/v1/_ where $HOST will do its best to resolve +# to what the requester would need to use to reach this host. +# Here are example entries, required for running the tests: +user_admin_admin = admin .admin .reseller_admin +user_test_tester = testing .admin +user_test2_tester2 = testing2 .admin +user_test_tester3 = testing3 + +# To enable Keystone authentication you need to have the auth token +# middleware first to be configured. Here is an example below, please +# refer to the keystone's documentation for details about the +# different settings. +# +# You'll need to have as well the keystoneauth middleware enabled +# and have it in your main pipeline so instead of having tempauth in +# there you can change it to: authtoken keystoneauth +# +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory +# auth_host = keystonehost +# auth_port = 35357 +# auth_protocol = http +# auth_uri = http://keystonehost:5000/ +#auth_uri = http://controller:5000/v2.0 +auth_uri = http://127.0.0.1:5000/v2.0 +identity_uri = http://127.0.0.1:35357 +admin_tenant_name = service +admin_user = swift +admin_password = {{ SWIFT_ADMIN_PASSWORD }} +delay_auth_decision = 1 +# cache = swift.cache +# include_service_catalog = False +# +[filter:keystoneauth] +use = egg:swift#keystoneauth +# Operator roles is the role which user would be allowed to manage a +# tenant and be able to create container or give ACL to others. +# operator_roles = admin, swiftoperator +operator_roles = admin, _member_ +# The reseller admin role has the ability to create and delete accounts +# reseller_admin_role = ResellerAdmin +# For backwards compatibility, keystoneauth will match names in cross-tenant +# access control lists (ACLs) when both the requesting user and the tenant +# are in the default domain i.e the domain to which existing tenants are +# migrated. The default_domain_id value configured here should be the same as +# the value used during migration of tenants to keystone domains. +# default_domain_id = default +# For a new installation, or an installation in which keystone projects may +# move between domains, you should disable backwards compatible name matching +# in ACLs by setting allow_names_in_acls to false: +# allow_names_in_acls = true + +[filter:healthcheck] +use = egg:swift#healthcheck +# An optional filesystem path, which if present, will cause the healthcheck +# URL to return "503 Service Unavailable" with a body of "DISABLED BY FILE". +# This facility may be used to temporarily remove a Swift node from a load +# balancer pool during maintenance or upgrade (remove the file to allow the +# node back into the load balancer pool). +# disable_path = + +[filter:cache] +use = egg:swift#memcache +# You can override the default log routing for this filter here: +# set log_name = cache +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log +# +# If not set here, the value for memcache_servers will be read from +# memcache.conf (see memcache.conf-sample) or lacking that file, it will +# default to the value below. You can specify multiple servers separated with +# commas, as in: 10.1.2.3:11211,10.1.2.4:11211 +memcache_servers = 127.0.0.1:11211 +# +# Sets how memcache values are serialized and deserialized: +# 0 = older, insecure pickle serialization +# 1 = json serialization but pickles can still be read (still insecure) +# 2 = json serialization only (secure and the default) +# If not set here, the value for memcache_serialization_support will be read +# from /etc/swift/memcache.conf (see memcache.conf-sample). +# To avoid an instant full cache flush, existing installations should +# upgrade with 0, then set to 1 and reload, then after some time (24 hours) +# set to 2 and reload. +# In the future, the ability to use pickle serialization will be removed. +# memcache_serialization_support = 2 +# +# Sets the maximum number of connections to each memcached server per worker +# memcache_max_connections = 2 + +[filter:ratelimit] +use = egg:swift#ratelimit +# You can override the default log routing for this filter here: +# set log_name = ratelimit +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log +# +# clock_accuracy should represent how accurate the proxy servers' system clocks +# are with each other. 1000 means that all the proxies' clock are accurate to +# each other within 1 millisecond. No ratelimit should be higher than the +# clock accuracy. +# clock_accuracy = 1000 +# +# max_sleep_time_seconds = 60 +# +# log_sleep_time_seconds of 0 means disabled +# log_sleep_time_seconds = 0 +# +# allows for slow rates (e.g. running up to 5 sec's behind) to catch up. +# rate_buffer_seconds = 5 +# +# account_ratelimit of 0 means disabled +# account_ratelimit = 0 + +# these are comma separated lists of account names +# account_whitelist = a,b +# account_blacklist = c,d + +# with container_limit_x = r +# for containers of size x limit write requests per second to r. The container +# rate will be linearly interpolated from the values given. With the values +# below, a container of size 5 will get a rate of 75. +# container_ratelimit_0 = 100 +# container_ratelimit_10 = 50 +# container_ratelimit_50 = 20 + +# Similarly to the above container-level write limits, the following will limit +# container GET (listing) requests. +# container_listing_ratelimit_0 = 100 +# container_listing_ratelimit_10 = 50 +# container_listing_ratelimit_50 = 20 + +[filter:domain_remap] +use = egg:swift#domain_remap +# You can override the default log routing for this filter here: +# set log_name = domain_remap +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log +# +# storage_domain = example.com +# path_root = v1 +# reseller_prefixes = AUTH + +[filter:catch_errors] +use = egg:swift#catch_errors +# You can override the default log routing for this filter here: +# set log_name = catch_errors +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log + +[filter:cname_lookup] +# Note: this middleware requires python-dnspython +use = egg:swift#cname_lookup +# You can override the default log routing for this filter here: +# set log_name = cname_lookup +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log +# +# Specify the storage_domain that match your cloud, multiple domains +# can be specified separated by a comma +# storage_domain = example.com +# +# lookup_depth = 1 + +# Note: Put staticweb just after your auth filter(s) in the pipeline +[filter:staticweb] +use = egg:swift#staticweb + +# Note: Put tempurl before dlo, slo and your auth filter(s) in the pipeline +[filter:tempurl] +use = egg:swift#tempurl +# The methods allowed with Temp URLs. +# methods = GET HEAD PUT POST DELETE +# +# The headers to remove from incoming requests. Simply a whitespace delimited +# list of header names and names can optionally end with '*' to indicate a +# prefix match. incoming_allow_headers is a list of exceptions to these +# removals. +# incoming_remove_headers = x-timestamp +# +# The headers allowed as exceptions to incoming_remove_headers. Simply a +# whitespace delimited list of header names and names can optionally end with +# '*' to indicate a prefix match. +# incoming_allow_headers = +# +# The headers to remove from outgoing responses. Simply a whitespace delimited +# list of header names and names can optionally end with '*' to indicate a +# prefix match. outgoing_allow_headers is a list of exceptions to these +# removals. +# outgoing_remove_headers = x-object-meta-* +# +# The headers allowed as exceptions to outgoing_remove_headers. Simply a +# whitespace delimited list of header names and names can optionally end with +# '*' to indicate a prefix match. +# outgoing_allow_headers = x-object-meta-public-* + +# Note: Put formpost just before your auth filter(s) in the pipeline +[filter:formpost] +use = egg:swift#formpost + +# Note: Just needs to be placed before the proxy-server in the pipeline. +[filter:name_check] +use = egg:swift#name_check +# forbidden_chars = '"`<> +# maximum_length = 255 +# forbidden_regexp = /\./|/\.\./|/\.$|/\.\.$ + +[filter:list-endpoints] +use = egg:swift#list_endpoints +# list_endpoints_path = /endpoints/ + +[filter:proxy-logging] +use = egg:swift#proxy_logging +# If not set, logging directives from [DEFAULT] without "access_" will be used +# access_log_name = swift +# access_log_facility = LOG_LOCAL0 +# access_log_level = INFO +# access_log_address = /dev/log +# +# If set, access_log_udp_host will override access_log_address +# access_log_udp_host = +# access_log_udp_port = 514 +# +# You can use log_statsd_* from [DEFAULT] or override them here: +# access_log_statsd_host = localhost +# access_log_statsd_port = 8125 +# access_log_statsd_default_sample_rate = 1.0 +# access_log_statsd_sample_rate_factor = 1.0 +# access_log_statsd_metric_prefix = +# access_log_headers = false +# +# If access_log_headers is True and access_log_headers_only is set only +# these headers are logged. Multiple headers can be defined as comma separated +# list like this: access_log_headers_only = Host, X-Object-Meta-Mtime +# access_log_headers_only = +# +# By default, the X-Auth-Token is logged. To obscure the value, +# set reveal_sensitive_prefix to the number of characters to log. +# For example, if set to 12, only the first 12 characters of the +# token appear in the log. An unauthorized access of the log file +# won't allow unauthorized usage of the token. However, the first +# 12 or so characters is unique enough that you can trace/debug +# token usage. Set to 0 to suppress the token completely (replaced +# by '...' in the log). +# Note: reveal_sensitive_prefix will not affect the value +# logged with access_log_headers=True. +# reveal_sensitive_prefix = 16 +# +# What HTTP methods are allowed for StatsD logging (comma-sep); request methods +# not in this list will have "BAD_METHOD" for the portion of the metric. +# log_statsd_valid_http_methods = GET,HEAD,POST,PUT,DELETE,COPY,OPTIONS +# +# Note: The double proxy-logging in the pipeline is not a mistake. The +# left-most proxy-logging is there to log requests that were handled in +# middleware and never made it through to the right-most middleware (and +# proxy server). Double logging is prevented for normal requests. See +# proxy-logging docs. + +# Note: Put before both ratelimit and auth in the pipeline. +[filter:bulk] +use = egg:swift#bulk +# max_containers_per_extraction = 10000 +# max_failed_extractions = 1000 +# max_deletes_per_request = 10000 +# max_failed_deletes = 1000 + +# In order to keep a connection active during a potentially long bulk request, +# Swift may return whitespace prepended to the actual response body. This +# whitespace will be yielded no more than every yield_frequency seconds. +# yield_frequency = 10 + +# Note: The following parameter is used during a bulk delete of objects and +# their container. This would frequently fail because it is very likely +# that all replicated objects have not been deleted by the time the middleware got a +# successful response. It can be configured the number of retries. And the +# number of seconds to wait between each retry will be 1.5**retry + +# delete_container_retry_count = 0 + +# Note: Put after auth in the pipeline. +[filter:container-quotas] +use = egg:swift#container_quotas + +# Note: Put after auth and staticweb in the pipeline. +[filter:slo] +use = egg:swift#slo +# max_manifest_segments = 1000 +# max_manifest_size = 2097152 +# min_segment_size = 1048576 +# Start rate-limiting SLO segment serving after the Nth segment of a +# segmented object. +# rate_limit_after_segment = 10 +# +# Once segment rate-limiting kicks in for an object, limit segments served +# to N per second. 0 means no rate-limiting. +# rate_limit_segments_per_sec = 0 +# +# Time limit on GET requests (seconds) +# max_get_time = 86400 + +# Note: Put after auth and staticweb in the pipeline. +# If you don't put it in the pipeline, it will be inserted for you. +[filter:dlo] +use = egg:swift#dlo +# Start rate-limiting DLO segment serving after the Nth segment of a +# segmented object. +# rate_limit_after_segment = 10 +# +# Once segment rate-limiting kicks in for an object, limit segments served +# to N per second. 0 means no rate-limiting. +# rate_limit_segments_per_sec = 1 +# +# Time limit on GET requests (seconds) +# max_get_time = 86400 + +[filter:account-quotas] +use = egg:swift#account_quotas + +[filter:gatekeeper] +use = egg:swift#gatekeeper +# You can override the default log routing for this filter here: +# set log_name = gatekeeper +# set log_facility = LOG_LOCAL0 +# set log_level = INFO +# set log_headers = false +# set log_address = /dev/log + +[filter:container_sync] +use = egg:swift#container_sync +# Set this to false if you want to disallow any full url values to be set for +# any new X-Container-Sync-To headers. This will keep any new full urls from +# coming in, but won't change any existing values already in the cluster. +# Updating those will have to be done manually, as knowing what the true realm +# endpoint should be cannot always be guessed. +# allow_full_urls = true +# Set this to specify this clusters //realm/cluster as "current" in /info +# current = //REALM/CLUSTER + +# Note: Put it at the beginning of the pipleline to profile all middleware. But +# it is safer to put this after catch_errors, gatekeeper and healthcheck. +[filter:xprofile] +use = egg:swift#xprofile +# This option enable you to switch profilers which should inherit from python +# standard profiler. Currently the supported value can be 'cProfile', +# 'eventlet.green.profile' etc. +# profile_module = eventlet.green.profile +# +# This prefix will be used to combine process ID and timestamp to name the +# profile data file. Make sure the executing user has permission to write +# into this path (missing path segments will be created, if necessary). +# If you enable profiling in more than one type of daemon, you must override +# it with an unique value like: /var/log/swift/profile/proxy.profile +# log_filename_prefix = /tmp/log/swift/profile/default.profile +# +# the profile data will be dumped to local disk based on above naming rule +# in this interval. +# dump_interval = 5.0 +# +# Be careful, this option will enable profiler to dump data into the file with +# time stamp which means there will be lots of files piled up in the directory. +# dump_timestamp = false +# +# This is the path of the URL to access the mini web UI. +# path = /__profile__ +# +# Clear the data when the wsgi server shutdown. +# flush_at_shutdown = false +# +# unwind the iterator of applications +# unwind = false diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index aa369f26..0d706f34 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -69,3 +69,6 @@ configuration-extensions: - openstack-nova - openstack-network - openstack-neutron +- fstab +- swift-storage +- openstack-swift-controller -- cgit v1.2.1 From 8eed3aa15677888b2c109d02937909d4d67610ea Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Thu, 16 Apr 2015 10:53:37 +0000 Subject: Add openstack-one-node with swift cluster Change-Id: I03aa39e33a2a8326c3d8a779dde9bc3bf0801266 --- clusters/openstack-one-node-swift.morph | 124 ++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 clusters/openstack-one-node-swift.morph diff --git a/clusters/openstack-one-node-swift.morph b/clusters/openstack-one-node-swift.morph new file mode 100644 index 00000000..574b7d61 --- /dev/null +++ b/clusters/openstack-one-node-swift.morph @@ -0,0 +1,124 @@ +name: openstack-one-node-swift +kind: cluster +description: | + This is a cluster morphology for deploying a x86_64 OpenStack system + all-in-one-node. + + Requirements to be able to run and test the system: + + - DISK_SIZE should be bigger than 5G + - The system has to have available at least 4G of RAM, but once + you start instantiating VMs you will need more. + - The IP of the system can't change, and you need to know it beforehand, + that is, the system needs a static IP address. + + This cluster is configurable, but with the following constraints: + + - The hostname in RABBITMQ_HOST has to match CONTROLLER_HOST_ADDRESS, + and HOST_CONTROLLER. + - HOSTS_CONTROLLER is only needed if the hostname (see previous point) + is not a FQDN. + - The IP listed in MANAGEMENT_INTERFACE_IP_ADDRESS has to match the one + used in HOSTS_CONTROLLER. + - CINDER_DEVICE should be a path to a storage device ready to be + used/formated for cinder data. + - EXTERNAL_INTERFACE is required when the system has more than one network + interface. + + You can also have a look at the following suggestions: + + - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the + system is being deployed to. + - We recommend changing all the PASSWORDs variables, also the + KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + +systems: +- morph: systems/openstack-system-x86_64.morph + deploy: + release: + type: rawdisk + location: baserock-openstack-system-x86_64.img + DISK_SIZE: 10G + INSTALL_FILES: openstack/manifest swift/manifest + + HOSTNAME: onenode + + ######################################################################### + ## Swift config options + ######################################################################### + + SWIFT_CONTROLLER: True + + SWIFT_ADMIN_PASSWORD: insecure + + SWIFT_PART_POWER: 10 + SWIFT_REPLICAS: 3 + SWIFT_MIN_PART_HOURS: 1 + + SWIFT_STORAGE_DEVICES: [{ ip: , device: sdb, weight: 100 }, + { ip: , device: sdc, weight: 100 }, + { ip: , device: sdd, weight: 100 }, + + { ip: , device: sdb, weight: 100 }, + { ip: , device: sdc, weight: 100 }, + { ip: , device: sdd, weight: 100 }] + + # This value can be any random string or number + # but each node in your swift cluster must have the same values + SWIFT_REBALANCE_SEED: 3828 + + # NOTE: Replace SWIFT_HASH_PATH_PREFIX and SWIFT_HASH_PATH_SUFFIX + # with your own unique values, + # + # `openssl rand -hex 10' can be used to generate unique values + # + # These values should be kept secret, do not lose them. + # + SWIFT_HASH_PATH_PREFIX: 041fc210e4e1d333ce1d + SWIFT_HASH_PATH_SUFFIX: 4d6f5362a356dda7fb7d + + ######################################################################### + + RABBITMQ_HOST: onenode + RABBITMQ_PORT: 5672 + RABBITMQ_USER: rabbitmq + RABBITMQ_PASSWORD: veryinsecure + + CONTROLLER_HOST_ADDRESS: onenode + MANAGEMENT_INTERFACE_IP_ADDRESS: + + + KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 + KEYSTONE_ADMIN_PASSWORD: veryinsecure + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure + + GLANCE_SERVICE_USER: glance + GLANCE_SERVICE_PASSWORD: veryinsecure + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure + + NOVA_SERVICE_USER: nova + NOVA_SERVICE_PASSWORD: veryinsecure + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure + NOVA_VIRT_TYPE: qemu + + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + # Storage device to be used by Cinder + CINDER_DEVICE: /dev/sdb + + NEUTRON_SERVICE_USER: neutron + NEUTRON_SERVICE_PASSWORD: veryinsecure + NEUTRON_DB_USER: neutronDB + NEUTRON_DB_PASSWORD: veryinsecure + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + HOSTS_CONTROLLER: onenode + + # Network interface to be used, only needed if there are more + # than one available. + # EXTERNAL_INTERFACE: eno1 -- cgit v1.2.1 From 7838a8a9f2e4618e9f792f41766513a6b18754c2 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 17 Apr 2015 09:25:35 +0000 Subject: Upgrade Morph to latest version in master Change-Id: Ic5dfaa2eafeb3045538500c1a607c4ecab924a11 --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 6aeafb1b..99a0562f 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -38,7 +38,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: 60aedc8d97679159678e7ebad2f2d81768e9736a + ref: ab92ce0343b838b336313f604ea035a60dfcb960 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From e495bf993d2a34b25208e8694eb437bc545f0d55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 15 Apr 2015 17:03:17 +0100 Subject: Move gnome-common to core and upgrade to latest (3.14) Even it can be see as a GNOME dependency, this is only a group of autoconf macros (in the process of being upstreamed in autoconf-archive, but we need this here as is still being used by several projects) Change-Id: Ia1e510283110c522eebd8f72597f4e505de7a021 --- strata/core.morph | 7 +++++++ strata/virtualization.morph | 8 -------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index 150e68e0..cfdc52eb 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -280,3 +280,10 @@ chunks: - libtool-tarball - automake - libxml2 +- name: gnome-common + repo: upstream:gnome-common + ref: 5d61b55e8bea32fe2b52e21682ee4b3719b290c5 + unpetrify-ref: 3.14.0 + build-depends: + - autoconf-tarball + - automake diff --git a/strata/virtualization.morph b/strata/virtualization.morph index 203cfae3..665650b6 100644 --- a/strata/virtualization.morph +++ b/strata/virtualization.morph @@ -80,24 +80,16 @@ chunks: build-depends: - libvirt - urlgrabber -- name: gnome-common - repo: upstream:gnome-common - ref: d213283fcb5228d05eb2c796579f18240e8467e8 - unpetrify-ref: 3.12.0 - name: pygobject morph: strata/virtualization/pygobject.morph repo: upstream:pygobject ref: 276341d7ddab180020c31e6837bd28fd25784de0 unpetrify-ref: baserock/morph - build-depends: - - gnome-common - name: libsoup morph: strata/virtualization/libsoup.morph repo: upstream:libsoup ref: ce764489e358bad6b49418f5c8bc7b25a4b1815e unpetrify-ref: baserock/morph - build-depends: - - gnome-common - name: libosinfo morph: strata/virtualization/libosinfo.morph repo: upstream:libosinfo -- cgit v1.2.1 From ea5f808b8b5c2d037e51fdf64040cfe4a2e5ca3a Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Thu, 9 Apr 2015 15:08:08 +0000 Subject: Add tftp-hpa to OpenStack services The existing Busybox's TFTP server implementation is not up to the job for the OpenStack baremetal service, as it doesn't support filename remapping. Change-Id: I0a12f5807ac2f52aa025587a08a6ebfae403eff1 --- strata/openstack-services.morph | 5 +++++ strata/openstack-services/tftp-hpa.morph | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 strata/openstack-services/tftp-hpa.morph diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 3288350b..2db1adf9 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -835,3 +835,8 @@ chunks: repo: upstream:openstack/tempest.git ref: acba5510785258949679304f3e1a55e53b851962 unpetrify-ref: "2" +- name: tftp-hpa + morph: strata/openstack-services/tftp-hpa.morph + repo: upstream:tftp-hpa + ref: 4faf178a509d8091b7ba1e1fa3d13bc68c5ff55f + unpetrify-ref: tftp-hpa-5.2 diff --git a/strata/openstack-services/tftp-hpa.morph b/strata/openstack-services/tftp-hpa.morph new file mode 100644 index 00000000..d466d2d4 --- /dev/null +++ b/strata/openstack-services/tftp-hpa.morph @@ -0,0 +1,5 @@ +name: tftp-hpa +build-system: autotools +kind: chunk +install-commands: +- make INSTALLROOT="$DESTDIR" install -- cgit v1.2.1 From fa01dc6fc0675f387574af57425564e98f43130d Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 25 Mar 2015 11:22:36 +0000 Subject: Add the Ironic baremetal service to Openstack Add their dependencies as well. The service will be configured in another commit. Change-Id: Icb23890fd3d002cb93fd32b0cdc9076518e77475 --- strata/openstack-clients.morph | 5 +++++ strata/openstack-clients/python-ironicclient.morph | 3 +++ strata/openstack-services.morph | 15 +++++++++++++++ strata/openstack-services/ironic.morph | 17 +++++++++++++++++ strata/openstack-services/pysendfile.morph | 3 +++ strata/openstack-services/singledispatch.morph | 3 +++ 6 files changed, 46 insertions(+) create mode 100644 strata/openstack-clients/python-ironicclient.morph create mode 100644 strata/openstack-services/ironic.morph create mode 100644 strata/openstack-services/pysendfile.morph create mode 100644 strata/openstack-services/singledispatch.morph diff --git a/strata/openstack-clients.morph b/strata/openstack-clients.morph index 91559113..32e0f356 100644 --- a/strata/openstack-clients.morph +++ b/strata/openstack-clients.morph @@ -96,3 +96,8 @@ chunks: unpetrify-ref: 0.7.6 build-depends: - python-keystoneclient +- name: python-ironicclient + morph: strata/openstack-clients/python-ironicclient.morph + repo: upstream:openstack/python-ironicclient + ref: 4390a21663de3123fac306e9860624ba7deda0e6 + unpetrify-ref: 0.4.1 diff --git a/strata/openstack-clients/python-ironicclient.morph b/strata/openstack-clients/python-ironicclient.morph new file mode 100644 index 00000000..95be0bd8 --- /dev/null +++ b/strata/openstack-clients/python-ironicclient.morph @@ -0,0 +1,3 @@ +name: python-ironicclient +kind: chunk +build-system: python-distutils diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 2db1adf9..45639aad 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -840,3 +840,18 @@ chunks: repo: upstream:tftp-hpa ref: 4faf178a509d8091b7ba1e1fa3d13bc68c5ff55f unpetrify-ref: tftp-hpa-5.2 +- name: singledispatch + morph: strata/openstack-services/singledispatch.morph + repo: upstream:python-packages/singledispatch + ref: 92175ba65602a03086d2b1f770f45d88af93fc3e + unpetrify-ref: 3.4.0.3 +- name: pysinglefile + morph: strata/openstack-services/pysendfile.morph + repo: upstream:python-packages/pysendfile + ref: 6775b2938ef74255239c8e08458369921297b311 + unpetrify-ref: release-2.0.0 +- name: ironic + morph: strata/openstack-services/ironic.morph + repo: upstream:openstack/ironic + ref: 0f4d454bf2093d3d62460f88aa9288bee3286b38 + unpetrify-ref: stable/juno diff --git a/strata/openstack-services/ironic.morph b/strata/openstack-services/ironic.morph new file mode 100644 index 00000000..850399b4 --- /dev/null +++ b/strata/openstack-services/ironic.morph @@ -0,0 +1,17 @@ +name: ironic +kind: chunk +build-system: python-distutils +post-install-commands: +# Install rootwrap.conf +- install -D -m 640 etc/ironic/rootwrap.conf "$DESTDIR"/etc/ironic/rootwrap.conf +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/ironic/rootwrap.d +- install -m 644 etc/ironic/rootwrap.d/* "$DESTDIR"/etc/ironic/rootwrap.d/ +# Add ironic to sudoers controlling which commands will run as a root +# using the openstack rootwrap. +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/ironic-rootwrap + Defaults:ironic !requiretty + + ironic ALL=(root) NOPASSWD: /usr/bin/ironic-rootwrap /etc/ironic/rootwrap.conf * + EOF diff --git a/strata/openstack-services/pysendfile.morph b/strata/openstack-services/pysendfile.morph new file mode 100644 index 00000000..2e2f809b --- /dev/null +++ b/strata/openstack-services/pysendfile.morph @@ -0,0 +1,3 @@ +name: pysendfile +kind: chunk +build-system: python-distutils diff --git a/strata/openstack-services/singledispatch.morph b/strata/openstack-services/singledispatch.morph new file mode 100644 index 00000000..919c7096 --- /dev/null +++ b/strata/openstack-services/singledispatch.morph @@ -0,0 +1,3 @@ +name: singledispatch +kind: chunk +build-system: python-distutils -- cgit v1.2.1 From dd3947540d0cf4f5a6a93ce32e24e22f3147f0ae Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Mon, 13 Apr 2015 13:24:50 +0000 Subject: Add default configuration files for Ironic Those were copied from an Ironic git checkout. Those files will be modified and installed on '/etc' on a posterior commit to integrate Ironic with the rest of the OpenStack components. Change-Id: If0e9d9b0b6ff8dc99fe20cfbf2a8c5ed0b0c3cd2 --- openstack/usr/share/openstack/ironic/ironic.conf | 1247 ++++++++++++++++++++++ openstack/usr/share/openstack/ironic/policy.json | 5 + 2 files changed, 1252 insertions(+) create mode 100644 openstack/usr/share/openstack/ironic/ironic.conf create mode 100644 openstack/usr/share/openstack/ironic/policy.json diff --git a/openstack/usr/share/openstack/ironic/ironic.conf b/openstack/usr/share/openstack/ironic/ironic.conf new file mode 100644 index 00000000..9aaae0e6 --- /dev/null +++ b/openstack/usr/share/openstack/ironic/ironic.conf @@ -0,0 +1,1247 @@ +[DEFAULT] + +# +# Options defined in oslo.messaging +# + +# Use durable queues in amqp. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in amqp. (boolean value) +#amqp_auto_delete=false + +# Size of RPC connection pool. (integer value) +#rpc_conn_pool_size=30 + +# Qpid broker hostname. (string value) +#qpid_hostname=localhost + +# Qpid broker port. (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs. (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for Qpid connection. (string value) +#qpid_username= + +# Password for Qpid connection. (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth. +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats. (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl'. (string value) +#qpid_protocol=tcp + +# Whether to disable the Nagle algorithm. (boolean value) +#qpid_tcp_nodelay=true + +# The number of prefetched messages held by receiver. (integer +# value) +#qpid_receiver_capacity=1 + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + +# SSL version to use (valid only if SSL enabled). valid values +# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some +# distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled). (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled). (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL +# enabled). (string value) +#kombu_ssl_ca_certs= + +# How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. (floating point value) +#kombu_reconnect_delay=1.0 + +# The RabbitMQ broker address where a single node is used. +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used. +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs. (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ. (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid. (string value) +#rabbit_userid=guest + +# The RabbitMQ password. (string value) +#rabbit_password=guest + +# the RabbitMQ login method (string value) +#rabbit_login_method=AMQPLAIN + +# The RabbitMQ virtual host. (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ. (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ. (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count). (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + +# If passed, use a fake RabbitMQ provider. (boolean value) +#fake_rabbit=false + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve +# to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver. (string value) +#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost + +# ZeroMQ receiver listening port. (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1. (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per +# topic. Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets. (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP +# address. Must match "host" option, if running Nova. (string +# value) +#rpc_zmq_host=ironic + +# Seconds to wait before a cast expires (TTL). Only supported +# by impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Heartbeat frequency. (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + +# Size of RPC greenthread pool. (integer value) +#rpc_thread_pool_size=64 + +# Driver or drivers to handle sending notifications. (multi +# valued) +#notification_driver= + +# AMQP topic used for OpenStack notifications. (list value) +# Deprecated group/name - [rpc_notifier2]/topics +#notification_topics=notifications + +# Seconds to wait for a response from a call. (integer value) +#rpc_response_timeout=60 + +# A URL representing the messaging driver to use and its full +# configuration. If not set, we fall back to the rpc_backend +# option and driver specific configuration. (string value) +#transport_url= + +# The messaging driver to use, defaults to rabbit. Other +# drivers include qpid and zmq. (string value) +#rpc_backend=rabbit + +# The default exchange under which topics are scoped. May be +# overridden by an exchange name specified in the +# transport_url option. (string value) +#control_exchange=openstack + + +# +# Options defined in ironic.netconf +# + +# IP address of this host. (string value) +#my_ip=10.0.0.1 + +# Use IPv6. (boolean value) +#use_ipv6=false + + +# +# Options defined in ironic.api.app +# + +# Method to use for authentication: noauth or keystone. +# (string value) +#auth_strategy=keystone + + +# +# Options defined in ironic.common.driver_factory +# + +# Specify the list of drivers to load during service +# initialization. Missing drivers, or drivers which fail to +# initialize, will prevent the conductor service from +# starting. The option default is a recommended set of +# production-oriented drivers. A complete list of drivers +# present on your system may be found by enumerating the +# "ironic.drivers" entrypoint. An example may be found in the +# developer documentation online. (list value) +#enabled_drivers=pxe_ipmitool + + +# +# Options defined in ironic.common.exception +# + +# Make exception message format errors fatal. (boolean value) +#fatal_exception_format_errors=false + + +# +# Options defined in ironic.common.hash_ring +# + +# Exponent to determine number of hash partitions to use when +# distributing load across conductors. Larger values will +# result in more even distribution of load and less load when +# rebalancing the ring, but more memory usage. Number of +# partitions per conductor is (2^hash_partition_exponent). +# This determines the granularity of rebalancing: given 10 +# hosts, and an exponent of the 2, there are 40 partitions in +# the ring.A few thousand partitions should make rebalancing +# smooth in most cases. The default is suitable for up to a +# few hundred conductors. Too many partitions has a CPU +# impact. (integer value) +#hash_partition_exponent=5 + +# [Experimental Feature] Number of hosts to map onto each hash +# partition. Setting this to more than one will cause +# additional conductor services to prepare deployment +# environments and potentially allow the Ironic cluster to +# recover more quickly if a conductor instance is terminated. +# (integer value) +#hash_distribution_replicas=1 + + +# +# Options defined in ironic.common.images +# + +# Force backing images to raw format. (boolean value) +#force_raw_images=true + +# Path to isolinux binary file. (string value) +#isolinux_bin=/usr/lib/syslinux/isolinux.bin + +# Template file for isolinux configuration file. (string +# value) +#isolinux_config_template=$pybasedir/common/isolinux_config.template + + +# +# Options defined in ironic.common.paths +# + +# Directory where the ironic python module is installed. +# (string value) +#pybasedir=/usr/lib/python/site-packages/ironic + +# Directory where ironic binaries are installed. (string +# value) +#bindir=$pybasedir/bin + +# Top-level directory for maintaining ironic's state. (string +# value) +#state_path=$pybasedir + + +# +# Options defined in ironic.common.policy +# + +# JSON file representing policy. (string value) +#policy_file=policy.json + +# Rule checked when requested rule is not found. (string +# value) +#policy_default_rule=default + + +# +# Options defined in ironic.common.service +# + +# Seconds between running periodic tasks. (integer value) +#periodic_interval=60 + +# Name of this node. This can be an opaque identifier. It is +# not necessarily a hostname, FQDN, or IP address. However, +# the node name must be valid within an AMQP key, and if using +# ZeroMQ, a valid hostname, FQDN, or IP address. (string +# value) +#host=ironic + + +# +# Options defined in ironic.common.utils +# + +# Path to the rootwrap configuration file to use for running +# commands as root. (string value) +#rootwrap_config=/etc/ironic/rootwrap.conf + +# Explicitly specify the temporary working directory. (string +# value) +#tempdir= + + +# +# Options defined in ironic.drivers.modules.image_cache +# + +# Run image downloads and raw format conversions in parallel. +# (boolean value) +#parallel_image_downloads=false + + +# +# Options defined in ironic.openstack.common.eventlet_backdoor +# + +# Enable eventlet backdoor. Acceptable values are 0, , +# and :, where 0 results in listening on a random +# tcp port number; results in listening on the +# specified port number (and not enabling backdoor if that +# port is in use); and : results in listening on +# the smallest unused port number within the specified range +# of port numbers. The chosen port is displayed in the +# service's log file. (string value) +#backdoor_port= + + +# +# Options defined in ironic.openstack.common.lockutils +# + +# Enables or disables inter-process locks. (boolean value) +#disable_process_locking=false + +# Directory to use for lock files. (string value) +#lock_path= + + +# +# Options defined in ironic.openstack.common.log +# + +# Print debugging output (set logging level to DEBUG instead +# of default WARNING level). (boolean value) +#debug=false + +# Print more verbose output (set logging level to INFO instead +# of default WARNING level). (boolean value) +#verbose=false + +# Log output to standard error. (boolean value) +#use_stderr=true + +# Format string to use for log messages with context. (string +# value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context. +# (string value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string +# value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format. +# (string value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s + +# List of logger=LEVEL pairs. (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN + +# Enables or disables publication of error events. (boolean +# value) +#publish_errors=false + +# Enables or disables fatal status of deprecations. (boolean +# value) +#fatal_deprecations=false + +# The format for an instance that is passed with the log +# message. (string value) +#instance_format="[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log +# message. (string value) +#instance_uuid_format="[instance: %(uuid)s] " + +# The name of a logging configuration file. This file is +# appended to any existing logging configuration files. For +# details about logging configuration files, see the Python +# logging module documentation. (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string +# which may use any of the available logging.LogRecord +# attributes. This option is deprecated. Please use +# logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: +# %(default)s . (string value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is +# set, logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file= + +# (Optional) The base directory used for relative --log-file +# paths. (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir= + +# Use syslog for logging. Existing syslog format is DEPRECATED +# during I, and will change in J to honor RFC5424. (boolean +# value) +#use_syslog=false + +# (Optional) Enables or disables syslog rfc5424 format for +# logging. If enabled, prefixes the MSG part of the syslog +# message with APP-NAME (RFC5424). The format without the APP- +# NAME is deprecated in I, and will be removed in J. (boolean +# value) +#use_syslog_rfc_format=false + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility=LOG_USER + + +# +# Options defined in ironic.openstack.common.periodic_task +# + +# Some periodic tasks can be run in a separate process. Should +# we run them here? (boolean value) +#run_external_periodic_tasks=true + + +[agent] + +# +# Options defined in ironic.drivers.modules.agent +# + +# Additional append parameters for baremetal PXE boot. (string +# value) +#agent_pxe_append_params=nofb nomodeset vga=normal + +# Template file for PXE configuration. (string value) +#agent_pxe_config_template=$pybasedir/drivers/modules/agent_config.template + +# Neutron bootfile DHCP parameter. (string value) +#agent_pxe_bootfile_name=pxelinux.0 + +# Maximum interval (in seconds) for agent heartbeats. (integer +# value) +#heartbeat_timeout=300 + + +# +# Options defined in ironic.drivers.modules.agent_client +# + +# API version to use for communicating with the ramdisk agent. +# (string value) +#agent_api_version=v1 + + +[api] + +# +# Options defined in ironic.api +# + +# The listen IP for the Ironic API server. (string value) +#host_ip=0.0.0.0 + +# The port for the Ironic API server. (integer value) +#port=6385 + +# The maximum number of items returned in a single response +# from a collection resource. (integer value) +#max_limit=1000 + + +[conductor] + +# +# Options defined in ironic.conductor.manager +# + +# URL of Ironic API service. If not set ironic can get the +# current value from the keystone service catalog. (string +# value) +#api_url= + +# Seconds between conductor heart beats. (integer value) +#heartbeat_interval=10 + +# Maximum time (in seconds) since the last check-in of a +# conductor. (integer value) +#heartbeat_timeout=60 + +# Interval between syncing the node power state to the +# database, in seconds. (integer value) +#sync_power_state_interval=60 + +# Interval between checks of provision timeouts, in seconds. +# (integer value) +#check_provision_state_interval=60 + +# Timeout (seconds) for waiting callback from deploy ramdisk. +# 0 - unlimited. (integer value) +#deploy_callback_timeout=1800 + +# During sync_power_state, should the hardware power state be +# set to the state recorded in the database (True) or should +# the database be updated based on the hardware state (False). +# (boolean value) +#force_power_state_during_sync=true + +# During sync_power_state failures, limit the number of times +# Ironic should try syncing the hardware node power state with +# the node power state in DB (integer value) +#power_state_sync_max_retries=3 + +# Maximum number of worker threads that can be started +# simultaneously by a periodic task. Should be less than RPC +# thread pool size. (integer value) +#periodic_max_workers=8 + +# The size of the workers greenthread pool. (integer value) +#workers_pool_size=100 + +# Number of attempts to grab a node lock. (integer value) +#node_locked_retry_attempts=3 + +# Seconds to sleep between node lock attempts. (integer value) +#node_locked_retry_interval=1 + +# Enable sending sensor data message via the notification bus +# (boolean value) +#send_sensor_data=false + +# Seconds between conductor sending sensor data message to +# ceilometer via the notification bus. (integer value) +#send_sensor_data_interval=600 + +# List of comma separated metric types which need to be sent +# to Ceilometer. The default value, "ALL", is a special value +# meaning send all the sensor data. (list value) +#send_sensor_data_types=ALL + +# When conductors join or leave the cluster, existing +# conductors may need to update any persistent local state as +# nodes are moved around the cluster. This option controls how +# often, in seconds, each conductor will check for nodes that +# it should "take over". Set it to a negative value to disable +# the check entirely. (integer value) +#sync_local_state_interval=180 + + +[console] + +# +# Options defined in ironic.drivers.modules.console_utils +# + +# Path to serial console terminal program (string value) +#terminal=shellinaboxd + +# Directory containing the terminal SSL cert(PEM) for serial +# console access (string value) +#terminal_cert_dir= + +# Directory for holding terminal pid files. If not specified, +# the temporary directory will be used. (string value) +#terminal_pid_dir= + +# Time interval (in seconds) for checking the status of +# console subprocess. (integer value) +#subprocess_checking_interval=1 + +# Time (in seconds) to wait for the console subprocess to +# start. (integer value) +#subprocess_timeout=10 + + +[database] + +# +# Options defined in oslo.db +# + +# The file name to use with SQLite. (string value) +#sqlite_db=oslo.sqlite + +# If True, SQLite uses synchronous mode. (boolean value) +#sqlite_synchronous=true + +# The back end to use for the database. (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend=sqlalchemy + +# The SQLAlchemy connection string to use to connect to the +# database. (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection= + +# The SQLAlchemy connection string to use to connect to the +# slave database. (string value) +#slave_connection= + +# The SQL mode to be used for MySQL sessions. This option, +# including the default, overrides any server-set SQL mode. To +# use whatever SQL mode is set by the server configuration, +# set this to no value. Example: mysql_sql_mode= (string +# value) +#mysql_sql_mode=TRADITIONAL + +# Timeout before idle SQL connections are reaped. (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum db connection retries during startup. Set to -1 to +# specify an infinite retry count. (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a SQL connection. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with SQLAlchemy. +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information: 0=None, +# 100=Everything. (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug=0 + +# Add Python stack traces to SQL as comment strings. (boolean +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with SQLAlchemy. +# (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + +# Enable the experimental use of database reconnect on +# connection lost. (boolean value) +#use_db_reconnect=false + +# Seconds between database connection retries. (integer value) +#db_retry_interval=1 + +# If True, increases the interval between database connection +# retries up to db_max_retry_interval. (boolean value) +#db_inc_retry_interval=true + +# If db_inc_retry_interval is set, the maximum seconds between +# database connection retries. (integer value) +#db_max_retry_interval=10 + +# Maximum database connection retries before error is raised. +# Set to -1 to specify an infinite retry count. (integer +# value) +#db_max_retries=20 + + +# +# Options defined in ironic.db.sqlalchemy.models +# + +# MySQL engine to use. (string value) +#mysql_engine=InnoDB + + +[dhcp] + +# +# Options defined in ironic.common.dhcp_factory +# + +# DHCP provider to use. "neutron" uses Neutron, and "none" +# uses a no-op provider. (string value) +#dhcp_provider=neutron + + +[disk_partitioner] + +# +# Options defined in ironic.common.disk_partitioner +# + +# After Ironic has completed creating the partition table, it +# continues to check for activity on the attached iSCSI device +# status at this interval prior to copying the image to the +# node, in seconds (integer value) +#check_device_interval=1 + +# The maximum number of times to check that the device is not +# accessed by another process. If the device is still busy +# after that, the disk partitioning will be treated as having +# failed. (integer value) +#check_device_max_retries=20 + + +[glance] + +# +# Options defined in ironic.common.glance_service.v2.image_service +# + +# A list of URL schemes that can be downloaded directly via +# the direct_url. Currently supported schemes: [file]. (list +# value) +#allowed_direct_url_schemes= + +# The secret token given to Swift to allow temporary URL +# downloads. Required for temporary URLs. (string value) +#swift_temp_url_key= + +# The length of time in seconds that the temporary URL will be +# valid for. Defaults to 20 minutes. If some deploys get a 401 +# response code when trying to download from the temporary +# URL, try raising this duration. (integer value) +#swift_temp_url_duration=1200 + +# The "endpoint" (scheme, hostname, optional port) for the +# Swift URL of the form +# "endpoint_url/api_version/account/container/object_id". Do +# not include trailing "/". For example, use +# "https://swift.example.com". Required for temporary URLs. +# (string value) +#swift_endpoint_url= + +# The Swift API version to create a temporary URL for. +# Defaults to "v1". Swift temporary URL format: +# "endpoint_url/api_version/account/container/object_id" +# (string value) +#swift_api_version=v1 + +# The account that Glance uses to communicate with Swift. The +# format is "AUTH_uuid". "uuid" is the UUID for the account +# configured in the glance-api.conf. Required for temporary +# URLs. For example: +# "AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30". Swift temporary +# URL format: +# "endpoint_url/api_version/account/container/object_id" +# (string value) +#swift_account= + +# The Swift container Glance is configured to store its images +# in. Defaults to "glance", which is the default in glance- +# api.conf. Swift temporary URL format: +# "endpoint_url/api_version/account/container/object_id" +# (string value) +#swift_container=glance + + +# +# Options defined in ironic.common.image_service +# + +# Default glance hostname or IP address. (string value) +#glance_host=$my_ip + +# Default glance port. (integer value) +#glance_port=9292 + +# Default protocol to use when connecting to glance. Set to +# https for SSL. (string value) +#glance_protocol=http + +# A list of the glance api servers available to ironic. Prefix +# with https:// for SSL-based glance API servers. Format is +# [hostname|IP]:port. (string value) +#glance_api_servers= + +# Allow to perform insecure SSL (https) requests to glance. +# (boolean value) +#glance_api_insecure=false + +# Number of retries when downloading an image from glance. +# (integer value) +#glance_num_retries=0 + +# Default protocol to use when connecting to glance. Set to +# https for SSL. (string value) +#auth_strategy=keystone + + +[ilo] + +# +# Options defined in ironic.drivers.modules.ilo.common +# + +# Timeout (in seconds) for iLO operations (integer value) +#client_timeout=60 + +# Port to be used for iLO operations (integer value) +#client_port=443 + +# The Swift iLO container to store data. (string value) +#swift_ilo_container=ironic_ilo_container + +# Amount of time in seconds for Swift objects to auto-expire. +# (integer value) +#swift_object_expiry_timeout=900 + + +# +# Options defined in ironic.drivers.modules.ilo.power +# + +# Number of times a power operation needs to be retried +# (integer value) +#power_retry=6 + +# Amount of time in seconds to wait in between power +# operations (integer value) +#power_wait=2 + + +[ipmi] + +# +# Options defined in ironic.drivers.modules.ipminative +# + +# Maximum time in seconds to retry IPMI operations. (integer +# value) +#retry_timeout=60 + +# Minimum time, in seconds, between IPMI operations sent to a +# server. There is a risk with some hardware that setting this +# too low may cause the BMC to crash. Recommended setting is 5 +# seconds. (integer value) +#min_command_interval=5 + + +[keystone_authtoken] + +# +# Options defined in keystonemiddleware.auth_token +# + +# Prefix to prepend at the beginning of the path. Deprecated, +# use identity_uri. (string value) +#auth_admin_prefix= + +# Host providing the admin Identity API endpoint. Deprecated, +# use identity_uri. (string value) +#auth_host=127.0.0.1 + +# Port of the admin Identity API endpoint. Deprecated, use +# identity_uri. (integer value) +#auth_port=35357 + +# Protocol of the admin Identity API endpoint (http or https). +# Deprecated, use identity_uri. (string value) +#auth_protocol=https + +# Complete public Identity API endpoint (string value) +#auth_uri= + +# Complete admin Identity API endpoint. This should specify +# the unversioned root endpoint e.g. https://localhost:35357/ +# (string value) +#identity_uri= + +# API version of the admin Identity API endpoint (string +# value) +#auth_version= + +# Do not handle authorization requests within the middleware, +# but delegate the authorization decision to downstream WSGI +# components (boolean value) +#delay_auth_decision=false + +# Request timeout value for communicating with Identity API +# server. (boolean value) +#http_connect_timeout= + +# How many times are we trying to reconnect when communicating +# with Identity API Server. (integer value) +#http_request_max_retries=3 + +# This option is deprecated and may be removed in a future +# release. Single shared secret with the Keystone +# configuration used for bootstrapping a Keystone +# installation, or otherwise bypassing the normal +# authentication process. This option should not be used, use +# `admin_user` and `admin_password` instead. (string value) +#admin_token= + +# Keystone account username (string value) +#admin_user= + +# Keystone account password (string value) +#admin_password= + +# Keystone service account tenant name to validate user tokens +# (string value) +#admin_tenant_name=admin + +# Env key for the swift cache (string value) +#cache= + +# Required if Keystone server requires client certificate +# (string value) +#certfile= + +# Required if Keystone server requires client certificate +# (string value) +#keyfile= + +# A PEM encoded Certificate Authority to use when verifying +# HTTPs connections. Defaults to system CAs. (string value) +#cafile= + +# Verify HTTPS connections. (boolean value) +#insecure=false + +# Directory used to cache files related to PKI tokens (string +# value) +#signing_dir= + +# Optionally specify a list of memcached server(s) to use for +# caching. If left undefined, tokens will instead be cached +# in-process. (list value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers= + +# In order to prevent excessive effort spent validating +# tokens, the middleware caches previously-seen tokens for a +# configurable duration (in seconds). Set to -1 to disable +# caching completely. (integer value) +#token_cache_time=300 + +# Determines the frequency at which the list of revoked tokens +# is retrieved from the Identity service (in seconds). A high +# number of revocation events combined with a low cache +# duration may significantly reduce performance. (integer +# value) +#revocation_cache_time=10 + +# (optional) if defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable +# values are MAC or ENCRYPT. If MAC, token data is +# authenticated (with HMAC) in the cache. If ENCRYPT, token +# data is encrypted and authenticated in the cache. If the +# value is not one of these options or empty, auth_token will +# raise an exception on initialization. (string value) +#memcache_security_strategy= + +# (optional, mandatory if memcache_security_strategy is +# defined) this string is used for key derivation. (string +# value) +#memcache_secret_key= + +# (optional) number of seconds memcached server is considered +# dead before it is tried again. (integer value) +#memcache_pool_dead_retry=300 + +# (optional) max total number of open connections to every +# memcached server. (integer value) +#memcache_pool_maxsize=10 + +# (optional) socket timeout in seconds for communicating with +# a memcache server. (integer value) +#memcache_pool_socket_timeout=3 + +# (optional) number of seconds a connection to memcached is +# held unused in the pool before it is closed. (integer value) +#memcache_pool_unused_timeout=60 + +# (optional) number of seconds that an operation will wait to +# get a memcache client connection from the pool. (integer +# value) +#memcache_pool_conn_get_timeout=10 + +# (optional) use the advanced (eventlet safe) memcache client +# pool. The advanced pool will only work under python 2.x. +# (boolean value) +#memcache_use_advanced_pool=false + +# (optional) indicate whether to set the X-Service-Catalog +# header. If False, middleware will not ask for service +# catalog on token validation and will not set the X-Service- +# Catalog header. (boolean value) +#include_service_catalog=true + +# Used to control the use and type of token binding. Can be +# set to: "disabled" to not check token binding. "permissive" +# (default) to validate binding information if the bind type +# is of a form known to the server and ignore it if not. +# "strict" like "permissive" but if the bind type is unknown +# the token will be rejected. "required" any form of token +# binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string +# value) +#enforce_token_bind=permissive + +# If true, the revocation list will be checked for cached +# tokens. This requires that PKI tokens are configured on the +# Keystone server. (boolean value) +#check_revocations_for_cached=false + +# Hash algorithms to use for hashing PKI tokens. This may be a +# single algorithm or multiple. The algorithms are those +# supported by Python standard hashlib.new(). The hashes will +# be tried in the order given, so put the preferred one first +# for performance. The result of the first hash will be stored +# in the cache. This will typically be set to multiple values +# only while migrating from a less secure algorithm to a more +# secure one. Once all the old tokens are expired this option +# should be set to a single value for better performance. +# (list value) +#hash_algorithms=md5 + + +[matchmaker_redis] + +# +# Options defined in oslo.messaging +# + +# Host to locate redis. (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server (optional). (string value) +#password= + + +[matchmaker_ring] + +# +# Options defined in oslo.messaging +# + +# Matchmaker ring file (JSON). (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[neutron] + +# +# Options defined in ironic.dhcp.neutron +# + +# URL for connecting to neutron. (string value) +#url=http://$my_ip:9696 + +# Timeout value for connecting to neutron in seconds. (integer +# value) +#url_timeout=30 + +# Default authentication strategy to use when connecting to +# neutron. Can be either "keystone" or "noauth". Running +# neutron in noauth mode (related to but not affected by this +# setting) is insecure and should only be used for testing. +# (string value) +#auth_strategy=keystone + + +[pxe] + +# +# Options defined in ironic.drivers.modules.iscsi_deploy +# + +# Additional append parameters for baremetal PXE boot. (string +# value) +#pxe_append_params=nofb nomodeset vga=normal + +# Default file system format for ephemeral partition, if one +# is created. (string value) +#default_ephemeral_format=ext4 + +# Directory where images are stored on disk. (string value) +#images_path=/var/lib/ironic/images/ + +# Directory where master instance images are stored on disk. +# (string value) +#instance_master_path=/var/lib/ironic/master_images + +# Maximum size (in MiB) of cache for master images, including +# those in use. (integer value) +#image_cache_size=20480 + +# Maximum TTL (in minutes) for old master images in cache. +# (integer value) +#image_cache_ttl=10080 + +# The disk devices to scan while doing the deploy. (string +# value) +#disk_devices=cciss/c0d0,sda,hda,vda + + +# +# Options defined in ironic.drivers.modules.pxe +# + +# Template file for PXE configuration. (string value) +#pxe_config_template=$pybasedir/drivers/modules/pxe_config.template + +# Template file for PXE configuration for UEFI boot loader. +# (string value) +#uefi_pxe_config_template=$pybasedir/drivers/modules/elilo_efi_pxe_config.template + +# IP address of Ironic compute node's tftp server. (string +# value) +#tftp_server=$my_ip + +# Ironic compute node's tftp root path. (string value) +#tftp_root=/tftpboot + +# Directory where master tftp images are stored on disk. +# (string value) +#tftp_master_path=/tftpboot/master_images + +# Bootfile DHCP parameter. (string value) +#pxe_bootfile_name=pxelinux.0 + +# Bootfile DHCP parameter for UEFI boot mode. (string value) +#uefi_pxe_bootfile_name=elilo.efi + +# Ironic compute node's HTTP server URL. Example: +# http://192.1.2.3:8080 (string value) +#http_url= + +# Ironic compute node's HTTP root path. (string value) +#http_root=/httpboot + +# Enable iPXE boot. (boolean value) +#ipxe_enabled=false + +# The path to the main iPXE script file. (string value) +#ipxe_boot_script=$pybasedir/drivers/modules/boot.ipxe + + +[seamicro] + +# +# Options defined in ironic.drivers.modules.seamicro +# + +# Maximum retries for SeaMicro operations (integer value) +#max_retry=3 + +# Seconds to wait for power action to be completed (integer +# value) +#action_timeout=10 + + +[snmp] + +# +# Options defined in ironic.drivers.modules.snmp +# + +# Seconds to wait for power action to be completed (integer +# value) +#power_timeout=10 + + +[ssh] + +# +# Options defined in ironic.drivers.modules.ssh +# + +# libvirt uri (string value) +#libvirt_uri=qemu:///system + + +[swift] + +# +# Options defined in ironic.common.swift +# + +# Maximum number of times to retry a Swift request, before +# failing. (integer value) +#swift_max_retries=2 + + diff --git a/openstack/usr/share/openstack/ironic/policy.json b/openstack/usr/share/openstack/ironic/policy.json new file mode 100644 index 00000000..94ac3a5b --- /dev/null +++ b/openstack/usr/share/openstack/ironic/policy.json @@ -0,0 +1,5 @@ +{ + "admin": "role:admin or role:administrator", + "admin_api": "is_admin:True", + "default": "rule:admin_api" +} -- cgit v1.2.1 From 7a305c418ca7766eb872d18f186eb1f0ba0c86bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Thu, 16 Apr 2015 16:19:24 +0100 Subject: strata/virtualization: Depend on xorg-util-macros-common stratum ... instead duplicate xorg-util-macros chunk Change-Id: I61db6a9f81272525e97460ebaaa559b1c1ab3251 --- strata/virtualization.morph | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/strata/virtualization.morph b/strata/virtualization.morph index 665650b6..0065e087 100644 --- a/strata/virtualization.morph +++ b/strata/virtualization.morph @@ -9,6 +9,7 @@ build-depends: - morph: strata/python-core.morph - morph: strata/connman-common.morph - morph: strata/lvm.morph +- morph: strata/xorg-util-macros-common.morph chunks: - name: yajl morph: strata/virtualization/yajl.morph @@ -30,16 +31,10 @@ chunks: repo: upstream:qemu ref: c5691f7ecb32cbe7a95b491314ce070e211fd97d unpetrify-ref: baserock/v2.2.0 -- name: xorg-util-macros - repo: upstream:xorg-util-macros - ref: c98b41de5596c675c603ef43ae9570133f1a9921 - unpetrify-ref: baserock/morph - name: libpciaccess repo: upstream:libpciaccess ref: b9c068896914b4132a24839c9ef7f9fcd6282d88 unpetrify-ref: master - build-depends: - - xorg-util-macros - name: dmidecode morph: strata/virtualization/dmidecode.morph repo: upstream:dmidecode -- cgit v1.2.1 From 87dfef316f63446cc1ebe91a1402eaa00eb33ead Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Mon, 13 Apr 2015 19:24:16 +0000 Subject: Add ntpd server settings to swift ntp conf This configures ntpd to run as a server if the SWIFT_CONTROLLER variable is not set to False and is not unset. Change-Id: I191acb895418b970aee3bcd371fadc2da5c503a9 --- swift/etc/ntp.conf | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/swift/etc/ntp.conf b/swift/etc/ntp.conf index 617a41c9..b50886a4 100644 --- a/swift/etc/ntp.conf +++ b/swift/etc/ntp.conf @@ -1 +1,21 @@ +{% if SWIFT_CONTROLLER is undefined or SWIFT_CONTROLLER == "False" %} server {{ CONTROLLER_HOST_ADDRESS }} iburst +{% else %} +# We use iburst here to reduce the potential initial delay to set the clock +server 0.pool.ntp.org iburst +server 1.pool.ntp.org iburst +server 2.pool.ntp.org iburst +server 3.pool.ntp.org iburst + +# kod - notify client when packets are denied service, +# rather than just dropping the packets +# +# nomodify - deny queries which attempt to modify the state of the server +# +# notrap - decline to provide mode 6 control message trap service to +# matching hosts +# +# see ntp.conf(5) for more details +restrict -4 default kod notrap nomodify +restrict -6 default kod notrap nomodify +{% endif %} -- cgit v1.2.1 From 7f138d531f5d30dddef1a5b828b91bf26b71ea06 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 1 Apr 2015 09:04:02 +0000 Subject: Openstack: Make Ironic configurable This commit configures Ironic to integrate with Keystone, Neutron and Glance. Nova integration will be added in a following commit. Change-Id: Id557e8e048b6051d764b4915192cfd55bfe68d32 --- clusters/openstack-one-node.morph | 5 + openstack-ironic.configure | 136 +++++++++++++++++++++ openstack/manifest | 7 ++ .../systemd/system/openstack-ironic-api.service | 13 ++ .../system/openstack-ironic-conductor.service | 13 ++ .../systemd/system/openstack-ironic-setup.service | 10 ++ openstack/usr/share/openstack/ironic.yml | 104 ++++++++++++++++ openstack/usr/share/openstack/ironic/ironic.conf | 34 +++--- systems/openstack-system-x86_64.morph | 1 + 9 files changed, 306 insertions(+), 17 deletions(-) create mode 100644 openstack-ironic.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-ironic-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ironic-conductor.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ironic-setup.service create mode 100644 openstack/usr/share/openstack/ironic.yml diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index 4c8e9851..3c659598 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -81,6 +81,11 @@ systems: NEUTRON_DB_PASSWORD: veryinsecure METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_SERVICE_USER: ironic + IRONIC_SERVICE_PASSWORD: veryinsecure + IRONIC_DB_USER: ironicDB + IRONIC_DB_PASSWORD: veryinsecure + HOSTS_CONTROLLER: onenode # Network interface to be used, only needed if there are more diff --git a/openstack-ironic.configure b/openstack-ironic.configure new file mode 100644 index 00000000..50d8e5c6 --- /dev/null +++ b/openstack-ironic.configure @@ -0,0 +1,136 @@ +#!/bin/sh + +# Copyright (C) 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -e + +ROOT="$1" + +########################################################################## + +ln -sf "/usr/lib/systemd/system/openstack-ironic-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-ironic-setup.service" + +########################################################################## +# Check variables +########################################################################## + +if [ -z "$IRONIC_SERVICE_USER" -a \ + -z "$IRONIC_SERVICE_PASSWORD" -a \ + -z "$IRONIC_DB_USER" -a \ + -z "$IRONIC_DB_PASSWORD" -a \ + -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$CONTROLLER_HOST_ADDRESS" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + # No Ironic options defined, do nothing. + exit 0 +fi + +if [ -z "$IRONIC_SERVICE_USER" -o \ + -z "$IRONIC_SERVICE_PASSWORD" -o \ + -z "$IRONIC_DB_USER" -o \ + -z "$IRONIC_DB_PASSWORD" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + echo Some options required for Ironic were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/ironic.conf" +import os, sys, yaml + +ironic_configuration={ + 'IRONIC_SERVICE_USER': os.environ['IRONIC_SERVICE_USER'], + 'IRONIC_SERVICE_PASSWORD': os.environ['IRONIC_SERVICE_PASSWORD'], + 'IRONIC_DB_USER': os.environ['IRONIC_DB_USER'], + 'IRONIC_DB_PASSWORD': os.environ['IRONIC_DB_PASSWORD'], + 'RABBITMQ_HOST':os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT':os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER':os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD':os.environ['RABBITMQ_PASSWORD'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + +} + +yaml.dump(ironic_configuration, sys.stdout, default_flow_style=False) +EOF + +########################################################################## +# Configure the TFTP service # +########################################################################## + +tftp_root="/srv/tftp_root/" # trailing slash is essential +mkdir -p "$ROOT/$tftp_root" + +install -D /dev/stdin -m 644 "$ROOT/usr/lib/systemd/system/tftp-hpa.service" << 'EOF' +[Unit] +Description=tftp service for booting kernels +After=network-online.target +Wants=network-online.target + +[Service] +Type=simple +EnvironmentFile=/etc/tftp-hpa.conf +ExecStart=/usr/sbin/in.tftpd $TFTP_OPTIONS ${TFTP_ROOT} +StandardInput=socket +StandardOutput=inherit +StandardError=journal + +[Install] +WantedBy=multi-user.target +EOF + +install -D /dev/stdin -m 644 "$ROOT/usr/lib/systemd/system/tftp-hpa.socket" << EOF +[Unit] +Description=Tftp server activation socket + +[Socket] +ListenDatagram=$MANAGEMENT_INTERFACE_IP_ADDRESS:69 +FreeBind=yes + +[Install] +WantedBy=sockets.target +EOF + +install -D -m 644 /dev/stdin "$ROOT"/etc/tftp-hpa.conf << EOF +TFTP_ROOT=$tftp_root +TFTP_OPTIONS="-v -v -v -v -v --map-file $tftp_root/map-file" +EOF + +install -D /dev/stdin -m 644 "$ROOT/$tftp_root"/map-file << EOF +r ^([^/]) $tftp_root\1 +r ^/tftpboot/ $tftp_root\2 +EOF + +cp "$ROOT"/usr/share/syslinux/pxelinux.0 "$ROOT/$tftp_root" diff --git a/openstack/manifest b/openstack/manifest index 4fa106ae..ad2841d8 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -24,6 +24,10 @@ 0100644 0 0 /usr/share/openstack/glance/glance-api-paste.ini 0100644 0 0 /usr/share/openstack/glance/glance-registry-paste.ini 0100644 0 0 /usr/share/openstack/horizon.yml +0040755 0 0 /usr/share/openstack/ironic +0100644 0 0 /usr/share/openstack/ironic.yml +0100644 0 0 /usr/share/openstack/ironic/ironic.conf +0100644 0 0 /usr/share/openstack/ironic/policy.json 0100644 0 0 /usr/share/openstack/keystone.yml 0040755 0 0 /usr/share/openstack/keystone 0100644 0 0 /usr/share/openstack/keystone/logging.conf @@ -119,6 +123,9 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service 0100644 0 0 /usr/lib/systemd/system/openstack-horizon-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-ironic-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-ironic-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-ironic-conductor.service 0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-api.service b/openstack/usr/lib/systemd/system/openstack-ironic-api.service new file mode 100644 index 00000000..83d56787 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ironic-api.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) API server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=ironic +ExecStart=/usr/bin/ironic-api --config-file /etc/ironic/ironic.conf + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service new file mode 100644 index 00000000..f276f6f0 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) Conductor server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=ironic +ExecStart=/usr/bin/ironic-conductor --config-file /etc/ironic/ironic.conf + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service new file mode 100644 index 00000000..443d2829 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run ironic-setup Ansible scripts +After=local-fs.target openstack-keystone-setup.service postgres-server.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ironic.yml + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/share/openstack/ironic.yml b/openstack/usr/share/openstack/ironic.yml new file mode 100644 index 00000000..db0a8aa8 --- /dev/null +++ b/openstack/usr/share/openstack/ironic.yml @@ -0,0 +1,104 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/ironic.conf" + tasks: + - name: Create the ironic user + user: + name: ironic + comment: Openstack Ironic Daemons + shell: /sbin/nologin + home: /var/lib/ironic + + - name: Create the /var folders for Ironic + file: + path: "{{ item }}" + state: directory + owner: ironic + group: ironic + with_items: + - /var/run/ironic + - /var/lock/ironic + - /var/log/ironic + - /var/lib/ironic + + - file: path=/etc/ironic state=directory + - name: Add the configuration needed for ironic in /etc/ironic using templates + template: + src: /usr/share/openstack/ironic/{{ item }} + dest: /etc/ironic/{{ item }} + with_lines: + - cd /usr/share/openstack/ironic && find -type f + + - name: Create Ironic service user in service tenant + keystone_user: + user: "{{ IRONIC_SERVICE_USER }}" + password: "{{ IRONIC_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to Ironic service user in the service tenant + keystone_user: + role: admin + user: "{{ IRONIC_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add Ironic endpoint + keystone_service: + name: ironic + type: baremetal + description: Openstack Ironic Service + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:6385' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:6385' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:6385' + region: 'regionOne' + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for Ironic + postgresql_user: + name: "{{ IRONIC_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ IRONIC_DB_PASSWORD }}" + sudo: yes + sudo_user: ironic + + - name: Create database for Ironic services + postgresql_db: + name: ironic + owner: "{{ IRONIC_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: ironic + + - name: Initiate Ironic database + # Use 'upgrade' instead of 'create_schema' to make the operation + # idempotent + shell: | + ironic-dbsync \ + --config-file /etc/ironic/ironic.conf upgrade + sudo: yes + sudo_user: ironic + + - name: Enable and start openstack-ironic services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-ironic-conductor.service + - openstack-ironic-api.service + + - name: Set owner and group for the tftp root directory + file: + path: "/srv/tftp_root/" + state: directory + owner: ironic + group: ironic + recurse: yes + + - name: Enable and start tftp-hpa + service: + name: tftp-hpa.socket + enabled: yes + state: started diff --git a/openstack/usr/share/openstack/ironic/ironic.conf b/openstack/usr/share/openstack/ironic/ironic.conf index 9aaae0e6..6888ede6 100644 --- a/openstack/usr/share/openstack/ironic/ironic.conf +++ b/openstack/usr/share/openstack/ironic/ironic.conf @@ -76,11 +76,11 @@ # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port @@ -89,10 +89,10 @@ #rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN @@ -190,7 +190,7 @@ # # IP address of this host. (string value) -#my_ip=10.0.0.1 +my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Use IPv6. (boolean value) #use_ipv6=false @@ -217,7 +217,7 @@ # present on your system may be found by enumerating the # "ironic.drivers" entrypoint. An example may be found in the # developer documentation online. (list value) -#enabled_drivers=pxe_ipmitool +enabled_drivers=pxe_ipmitool,pxe_ssh # @@ -520,7 +520,7 @@ # URL of Ironic API service. If not set ironic can get the # current value from the keystone service catalog. (string # value) -#api_url= +api_url=http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:6385 # Seconds between conductor heart beats. (integer value) #heartbeat_interval=10 @@ -635,7 +635,7 @@ # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection -#connection= +connection=postgresql://{{ IRONIC_DB_USER}}:{{ IRONIC_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/ironic # The SQLAlchemy connection string to use to connect to the # slave database. (string value) @@ -817,7 +817,7 @@ # # Default glance hostname or IP address. (string value) -#glance_host=$my_ip +glance_host={{ CONTROLLER_HOST_ADDRESS }} # Default glance port. (integer value) #glance_port=9292 @@ -917,12 +917,12 @@ #auth_protocol=https # Complete public Identity API endpoint (string value) -#auth_uri= +auth_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) -#identity_uri= +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 # API version of the admin Identity API endpoint (string # value) @@ -950,14 +950,14 @@ #admin_token= # Keystone account username (string value) -#admin_user= +admin_user={{ IRONIC_SERVICE_USER }} # Keystone account password (string value) -#admin_password= +admin_password={{ IRONIC_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) -#admin_tenant_name=admin +admin_tenant_name=service # Env key for the swift cache (string value) #cache= @@ -1109,7 +1109,7 @@ # # URL for connecting to neutron. (string value) -#url=http://$my_ip:9696 +url=http://{{ CONTROLLER_HOST_ADDRESS }}:9696 # Timeout value for connecting to neutron in seconds. (integer # value) @@ -1173,11 +1173,11 @@ #tftp_server=$my_ip # Ironic compute node's tftp root path. (string value) -#tftp_root=/tftpboot +tftp_root=/srv/tftp_root/ # Directory where master tftp images are stored on disk. # (string value) -#tftp_master_path=/tftpboot/master_images +tftp_master_path=/srv/tftp_root/master_images # Bootfile DHCP parameter. (string value) #pxe_bootfile_name=pxelinux.0 diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 0d706f34..ac784730 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -72,3 +72,4 @@ configuration-extensions: - fstab - swift-storage - openstack-swift-controller +- openstack-ironic -- cgit v1.2.1 From b2d0191973a757559115b6f1a65a73507e47b57b Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 14 Apr 2015 16:36:31 +0000 Subject: Integrate Nova with Ironic Change-Id: I2eee55408b174dc820ce713e6821f200a1532a48 --- clusters/openstack-one-node.morph | 4 +++ openstack-nova.configure | 29 +++++++++++++++++++++- .../usr/share/openstack/nova/nova-compute.conf | 2 +- openstack/usr/share/openstack/nova/nova.conf | 20 +++++++-------- 4 files changed, 43 insertions(+), 12 deletions(-) diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index 3c659598..0702ed28 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -31,6 +31,9 @@ description: | system is being deployed to. - We recommend changing all the PASSWORDs variables, also the KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + - Setting NOVA_BAREMETAL_SCHEDULING with an YAML truth value will configure + Nova to schedule baremetal machines through the Ironic driver, instead of + sheduling virtual machines. systems: - morph: systems/openstack-system-x86_64.morph @@ -67,6 +70,7 @@ systems: NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: qemu + NOVA_BAREMETAL_SCHEDULING: yes CINDER_SERVICE_USER: cinder CINDER_SERVICE_PASSWORD: veryinsecure diff --git a/openstack-nova.configure b/openstack-nova.configure index 3605f8b9..d2f790f0 100644 --- a/openstack-nova.configure +++ b/openstack-nova.configure @@ -44,7 +44,6 @@ sed -i "s/192\.168\.122\./192\.168\.1\./g" \ # Check variables ########################################################################## - if [ -z "$NOVA_SERVICE_USER" -a \ -z "$NOVA_SERVICE_PASSWORD" -a \ -z "$NOVA_DB_USER" -a \ @@ -52,6 +51,8 @@ if [ -z "$NOVA_SERVICE_USER" -a \ -z "$NOVA_VIRT_TYPE" -a \ -z "$NEUTRON_SERVICE_USER" -a \ -z "$NEUTRON_SERVICE_PASSWORD" -a \ + -z "$IRONIC_SERVICE_USER" -a \ + -z "$IRONIC_SERVICE_PASSWORD" -a \ -z "$METADATA_PROXY_SHARED_SECRET" -a \ -z "$RABBITMQ_HOST" -a \ -z "$RABBITMQ_USER" -a \ @@ -71,6 +72,8 @@ if [ -z "$NOVA_SERVICE_USER" -o \ -z "$NOVA_VIRT_TYPE" -o \ -z "$NEUTRON_SERVICE_USER" -o \ -z "$NEUTRON_SERVICE_PASSWORD" -o \ + -z "$IRONIC_SERVICE_USER" -a \ + -z "$IRONIC_SERVICE_PASSWORD" -a \ -z "$METADATA_PROXY_SHARED_SECRET" -o \ -z "$RABBITMQ_HOST" -o \ -z "$RABBITMQ_USER" -o \ @@ -87,6 +90,23 @@ fi # Generate configuration file ########################################################################## +case "$NOVA_BAREMETAL_SCHEDULING" in + True|true|yes) + export COMPUTE_MANAGER=ironic.nova.compute.manager.ClusteredComputeManager + export RESERVED_HOST_MEMORY_MB=0 + export SCHEDULER_HOST_MANAGER=nova.scheduler.ironic_host_manager.IronicHostManager + export RAM_ALLOCATION_RATIO=1.0 + export COMPUTE_DRIVER=nova.virt.ironic.IronicDriver + ;; + *) + export COMPUTE_MANAGER=nova.compute.manager.ComputeManager + export RESERVED_HOST_MEMORY_MB=512 + export SCHEDULER_HOST_MANAGER=nova.scheduler.host_manager.HostManager + export RAM_ALLOCATION_RATIO=1.5 + export COMPUTE_DRIVER=libvirt.LibvirtDriver + ;; +esac + OPENSTACK_DATA="$ROOT/etc/openstack" mkdir -p "$OPENSTACK_DATA" @@ -99,8 +119,15 @@ nova_configuration={ 'NOVA_DB_USER': os.environ['NOVA_DB_USER'], 'NOVA_DB_PASSWORD': os.environ['NOVA_DB_PASSWORD'], 'NOVA_VIRT_TYPE': os.environ['NOVA_VIRT_TYPE'], + 'COMPUTE_MANAGER': os.environ['COMPUTE_MANAGER'], + 'RESERVED_HOST_MEMORY_MB': os.environ['RESERVED_HOST_MEMORY_MB'], + 'SCHEDULER_HOST_MANAGER': os.environ['SCHEDULER_HOST_MANAGER'], + 'RAM_ALLOCATION_RATIO': os.environ['RAM_ALLOCATION_RATIO'], + 'COMPUTE_DRIVER': os.environ['COMPUTE_DRIVER'], 'NEUTRON_SERVICE_USER': os.environ['NEUTRON_SERVICE_USER'], 'NEUTRON_SERVICE_PASSWORD': os.environ['NEUTRON_SERVICE_PASSWORD'], + 'IRONIC_SERVICE_USER': os.environ['IRONIC_SERVICE_USER'], + 'IRONIC_SERVICE_PASSWORD': os.environ['IRONIC_SERVICE_PASSWORD'], 'METADATA_PROXY_SHARED_SECRET': os.environ['METADATA_PROXY_SHARED_SECRET'], 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], diff --git a/openstack/usr/share/openstack/nova/nova-compute.conf b/openstack/usr/share/openstack/nova/nova-compute.conf index b19de1d3..8d186211 100644 --- a/openstack/usr/share/openstack/nova/nova-compute.conf +++ b/openstack/usr/share/openstack/nova/nova-compute.conf @@ -1,4 +1,4 @@ [DEFAULT] -compute_driver=libvirt.LibvirtDriver +compute_driver={{ COMPUTE_DRIVER }} [libvirt] virt_type={{ NOVA_VIRT_TYPE }} diff --git a/openstack/usr/share/openstack/nova/nova.conf b/openstack/usr/share/openstack/nova/nova.conf index 04cec1c6..6e49b4cc 100644 --- a/openstack/usr/share/openstack/nova/nova.conf +++ b/openstack/usr/share/openstack/nova/nova.conf @@ -420,7 +420,7 @@ enabled_apis=ec2,osapi_compute,metadata #metadata_workers= # Full class name for the Manager for compute (string value) -#compute_manager=nova.compute.manager.ComputeManager +compute_manager={{ COMPUTE_MANAGER }} # Full class name for the Manager for console proxy (string # value) @@ -970,7 +970,7 @@ osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions # Amount of memory in MB to reserve for the host (integer # value) -#reserved_host_memory_mb=512 +reserved_host_memory_mb={{ RESERVED_HOST_MEMORY_MB }} # Class that will manage stats for the local compute host # (string value) @@ -1627,7 +1627,7 @@ use_syslog=True # # The scheduler host manager class to use (string value) -#scheduler_host_manager=nova.scheduler.host_manager.HostManager +scheduler_host_manager={{ SCHEDULER_HOST_MANAGER }} # @@ -1719,7 +1719,7 @@ use_syslog=True # for RamFilter. For AggregateRamFilter, it will fall back to # this configuration value if no per-aggregate setting found. # (floating point value) -#ram_allocation_ratio=1.5 +ram_allocation_ratio={{ RAM_ALLOCATION_RATIO }} # @@ -1867,7 +1867,7 @@ scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler # include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, # fake.FakeDriver, baremetal.BareMetalDriver, # vmwareapi.VMwareVCDriver, hyperv.HyperVDriver (string value) -compute_driver=libvirt.LibvirtDriver +compute_driver={{ COMPUTE_DRIVER }} # The default format an ephemeral_volume will be formatted # with on creation. (string value) @@ -2559,19 +2559,19 @@ api_servers=$host:$port #api_version=1 # URL for Ironic API endpoint. (string value) -#api_endpoint= +api_endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:6385/v1 # Ironic keystone admin name (string value) -#admin_username= +admin_username={{ IRONIC_SERVICE_USER }} # Ironic keystone admin password. (string value) -#admin_password= +admin_password={{ IRONIC_SERVICE_PASSWORD }} # Ironic keystone auth token. (string value) #admin_auth_token= # Keystone public API endpoint. (string value) -#admin_url= +admin_url=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 # Log level override for ironicclient. Set this in order to # override the global "default_log_levels", "verbose", and @@ -2579,7 +2579,7 @@ api_servers=$host:$port #client_log_level= # Ironic keystone tenant name. (string value) -#admin_tenant_name= +admin_tenant_name=service # How many retries when a request does conflict. (integer # value) -- cgit v1.2.1 From 62f37b112863a009d55f06e92c4dc2d8969e7644 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Fri, 17 Apr 2015 10:49:24 +0000 Subject: Add custom rsync unit for swift Our rsync config is created at first-boot, swift-storage-setup creates the rsync config, so rsync needs to be started after it. This unit is based on upstream's unit, the only difference is we wait for swift-storage-setup and we set Restart=on-failure Change-Id: Idc468fc7886d3491ff49b5f30f1f16f9894255a6 --- swift/manifest | 1 + swift/usr/lib/systemd/system/rsync.service | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 swift/usr/lib/systemd/system/rsync.service diff --git a/swift/manifest b/swift/manifest index 171b04fc..63ea2c2c 100644 --- a/swift/manifest +++ b/swift/manifest @@ -12,3 +12,4 @@ 0100644 0 0 /usr/lib/systemd/system/swift-storage-setup.service 0100644 0 0 /usr/lib/systemd/system/swift-storage.service template 0100644 0 0 /etc/ntp.conf +overwrite 0100644 0 0 /usr/lib/systemd/system/rsync.service diff --git a/swift/usr/lib/systemd/system/rsync.service b/swift/usr/lib/systemd/system/rsync.service new file mode 100644 index 00000000..babcfb46 --- /dev/null +++ b/swift/usr/lib/systemd/system/rsync.service @@ -0,0 +1,11 @@ +[Unit] +Description=fast remote file copy program daemon +After=swift-storage-setup.service +ConditionPathExists=/etc/rsyncd.conf + +[Service] +ExecStart=/usr/bin/rsync --daemon --no-detach +Restart=on-failure + +[Install] +WantedBy=multi-user.target -- cgit v1.2.1 From 660fc606147a0d0d86d47039e8efff13c41bf482 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Thu, 16 Apr 2015 15:18:54 +0000 Subject: Add default configuration file for Tempest This configuration file is from: http://git.baserock.org/cgi-bin/cgit.cgi/delta/openstack/tempest.git/tree/etc/tempest.conf.sample?id=2 Signed-off-by: Zara Zaimeche Signed-off-by: Mike Smith Change-Id: Ic3550f26062203edc5509764fd93e271a67c3166 --- openstack/etc/tempest/tempest.conf | 1114 ++++++++++++++++++++++++++++++++++++ 1 file changed, 1114 insertions(+) create mode 100644 openstack/etc/tempest/tempest.conf diff --git a/openstack/etc/tempest/tempest.conf b/openstack/etc/tempest/tempest.conf new file mode 100644 index 00000000..1cccaccc --- /dev/null +++ b/openstack/etc/tempest/tempest.conf @@ -0,0 +1,1114 @@ +[DEFAULT] + +# +# From tempest.config +# + +# Whether to disable inter-process locks (boolean value) +#disable_process_locking = false + +# Directory to use for lock files. (string value) +#lock_path = + +# +# From tempest.config +# + +# Print debugging output (set logging level to DEBUG instead of +# default WARNING level). (boolean value) +#debug = false + +# Print more verbose output (set logging level to INFO instead of +# default WARNING level). (boolean value) +#verbose = false + +# +# From tempest.config +# + +# The name of a logging configuration file. This file is appended to +# any existing logging configuration files. For details about logging +# configuration files, see the Python logging module documentation. +# (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append = + +# Format string for %%(asctime)s in log records. Default: %(default)s +# . (string value) +#log_date_format = %Y-%m-%d %H:%M:%S + +# (Optional) The base directory used for relative --log-file paths. +# (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir = + +# (Optional) Name of log file to output to. If no default is set, +# logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file = + +# DEPRECATED. A logging.Formatter log message format string which may +# use any of the available logging.LogRecord attributes. This option +# is deprecated. Please use logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format = + +# Syslog facility to receive log lines. (string value) +#syslog_log_facility = LOG_USER + +# Use syslog for logging. Existing syslog format is DEPRECATED during +# I, and will change in J to honor RFC5424. (boolean value) +#use_syslog = false + +# (Optional) Enables or disables syslog rfc5424 format for logging. If +# enabled, prefixes the MSG part of the syslog message with APP-NAME +# (RFC5424). The format without the APP-NAME is deprecated in I, and +# will be removed in J. (boolean value) +#use_syslog_rfc_format = false + +# +# From tempest.config +# + +# Log output to standard error. (boolean value) +#use_stderr = true + +# +# From tempest.config +# + +# List of logger=LEVEL pairs. (list value) +#default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN + +# Enables or disables fatal status of deprecations. (boolean value) +#fatal_deprecations = false + +# The format for an instance that is passed with the log message. +# (string value) +#instance_format = "[instance: %(uuid)s] " + +# The format for an instance UUID that is passed with the log message. +# (string value) +#instance_uuid_format = "[instance: %(uuid)s] " + +# Format string to use for log messages with context. (string value) +#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG. (string value) +#logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d + +# Format string to use for log messages without context. (string +# value) +#logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Prefix each line of exception output with this format. (string +# value) +#logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s + +# Enables or disables publication of error events. (boolean value) +#publish_errors = false + + +[auth] + +# +# From tempest.config +# + +# Allows test cases to create/destroy tenants and users. This option +# requires that OpenStack Identity API admin credentials are known. If +# false, isolated test cases and parallel execution, can still be +# achieved configuring a list of test accounts (boolean value) +# Deprecated group/name - [compute]/allow_tenant_isolation +# Deprecated group/name - [orchestration]/allow_tenant_isolation +#allow_tenant_isolation = false + +# If set to True it enables the Accounts provider, which locks +# credentials to allow for parallel execution with pre-provisioned +# accounts. It can only be used to run tests that ensure credentials +# cleanup happens. It requires at least `2 * CONC` distinct accounts +# configured in `test_accounts_file`, with CONC == the number of +# concurrent test processes. (boolean value) +#locking_credentials_provider = false + +# Path to the yaml file that contains the list of credentials to use +# for running tests (string value) +#test_accounts_file = etc/accounts.yaml + + +[baremetal] + +# +# From tempest.config +# + +# Timeout for Ironic node to completely provision (integer value) +#active_timeout = 300 + +# Timeout for association of Nova instance and Ironic node (integer +# value) +#association_timeout = 30 + +# Catalog type of the baremetal provisioning service (string value) +#catalog_type = baremetal + +# Driver name which Ironic uses (string value) +#driver = fake + +# Whether the Ironic nova-compute driver is enabled (boolean value) +#driver_enabled = false + +# The endpoint type to use for the baremetal provisioning service +# (string value) +#endpoint_type = publicURL + +# Timeout for Ironic power transitions. (integer value) +#power_timeout = 60 + +# Timeout for unprovisioning an Ironic node. (integer value) +#unprovision_timeout = 60 + + +[boto] + +# +# From tempest.config +# + +# AKI Kernel Image manifest (string value) +#aki_manifest = cirros-0.3.0-x86_64-vmlinuz.manifest.xml + +# AMI Machine Image manifest (string value) +#ami_manifest = cirros-0.3.0-x86_64-blank.img.manifest.xml + +# ARI Ramdisk Image manifest (string value) +#ari_manifest = cirros-0.3.0-x86_64-initrd.manifest.xml + +# AWS Access Key (string value) +#aws_access = + +# AWS Secret Key (string value) +#aws_secret = + +# AWS Zone for EC2 tests (string value) +#aws_zone = nova + +# Status Change Test Interval (integer value) +#build_interval = 1 + +# Status Change Timeout (integer value) +#build_timeout = 60 + +# EC2 URL (string value) +#ec2_url = http://localhost:8773/services/Cloud + +# boto Http socket timeout (integer value) +#http_socket_timeout = 3 + +# Instance type (string value) +#instance_type = m1.tiny + +# boto num_retries on error (integer value) +#num_retries = 1 + +# S3 Materials Path (string value) +#s3_materials_path = /opt/stack/devstack/files/images/s3-materials/cirros-0.3.0 + +# S3 URL (string value) +#s3_url = http://localhost:8080 + + +[cli] + +# +# From tempest.config +# + +# directory where python client binaries are located (string value) +#cli_dir = /usr/local/bin + +# enable cli tests (boolean value) +#enabled = true + +# Whether the tempest run location has access to the *-manage +# commands. In a pure blackbox environment it will not. (boolean +# value) +#has_manage = true + +# Number of seconds to wait on a CLI timeout (integer value) +#timeout = 15 + + +[compute] + +# +# From tempest.config +# + +# Time in seconds between build status checks. (integer value) +#build_interval = 1 + +# Timeout in seconds to wait for an instance to build. (integer value) +#build_timeout = 300 + +# Catalog type of the Compute service. (string value) +#catalog_type = compute + +# Catalog type of the Compute v3 service. (string value) +#catalog_v3_type = computev3 + +# The endpoint type to use for the compute service. (string value) +#endpoint_type = publicURL + +# Visible fixed network name (string value) +#fixed_network_name = private + +# Valid primary flavor to use in tests. (string value) +#flavor_ref = 1 + +# Valid secondary flavor to be used in tests. (string value) +#flavor_ref_alt = 2 + +# Unallocated floating IP range, which will be used to test the +# floating IP bulk feature for CRUD operation. (string value) +#floating_ip_range = 10.0.0.0/29 + +# Password used to authenticate to an instance using the alternate +# image. (string value) +#image_alt_ssh_password = password + +# User name used to authenticate to an instance using the alternate +# image. (string value) +#image_alt_ssh_user = root + +# Valid primary image reference to be used in tests. This is a +# required option (string value) +#image_ref = + +# Valid secondary image reference to be used in tests. This is a +# required option, but if only one image is available duplicate the +# value of image_ref above (string value) +#image_ref_alt = + +# Password used to authenticate to an instance. (string value) +#image_ssh_password = password + +# User name used to authenticate to an instance. (string value) +#image_ssh_user = root + +# IP version used for SSH connections. (integer value) +#ip_version_for_ssh = 4 + +# Network used for SSH connections. (string value) +#network_for_ssh = public + +# Path to a private key file for SSH access to remote hosts (string +# value) +#path_to_private_key = + +# Timeout in seconds to wait for ping to succeed. (integer value) +#ping_timeout = 120 + +# Additional wait time for clean state, when there is no OS-EXT-STS +# extension available (integer value) +#ready_wait = 0 + +# The compute region name to use. If empty, the value of +# identity.region is used instead. If no such region is found in the +# service catalog, the first found one is used. (string value) +#region = + +# Should the tests ssh to instances? (boolean value) +#run_ssh = false + +# Time in seconds before a shelved instance is eligible for removing +# from a host. -1 never offload, 0 offload when shelved. This time +# should be the same as the time of nova.conf, and some tests will run +# for as long as the time. (integer value) +#shelved_offload_time = 0 + +# Auth method used for authenticate to the instance. Valid choices +# are: keypair, configured, adminpass. keypair: start the servers with +# an ssh keypair. configured: use the configured user and password. +# adminpass: use the injected adminPass. disabled: avoid using ssh +# when it is an option. (string value) +#ssh_auth_method = keypair + +# Timeout in seconds to wait for output from ssh channel. (integer +# value) +#ssh_channel_timeout = 60 + +# How to connect to the instance? fixed: using the first ip belongs +# the fixed network floating: creating and using a floating ip (string +# value) +#ssh_connect_method = fixed + +# Timeout in seconds to wait for authentication to succeed. (integer +# value) +#ssh_timeout = 300 + +# User name used to authenticate to an instance. (string value) +#ssh_user = root + +# Does SSH use Floating IPs? (boolean value) +#use_floatingip_for_ssh = true + +# Expected device name when a volume is attached to an instance +# (string value) +#volume_device_name = vdb + + +[compute-admin] + +# +# From tempest.config +# + +# Domain name for authentication as admin (Keystone V3).The same +# domain applies to user and project (string value) +#domain_name = + +# API key to use when authenticating as admin. (string value) +#password = + +# Administrative Tenant name to use for Nova API requests. (string +# value) +#tenant_name = + +# Administrative Username to use for Nova API requests. (string value) +#username = + + +[compute-feature-enabled] + +# +# From tempest.config +# + +# A list of enabled compute extensions with a special entry all which +# indicates every extension is enabled. Each extension should be +# specified with alias name. Empty list indicates all extensions are +# disabled (list value) +#api_extensions = all + +# If false, skip all nova v3 tests. (boolean value) +#api_v3 = false + +# A list of enabled v3 extensions with a special entry all which +# indicates every extension is enabled. Each extension should be +# specified with alias name. Empty list indicates all extensions are +# disabled (list value) +#api_v3_extensions = all + +# Does the test environment block migration support cinder iSCSI +# volumes (boolean value) +#block_migrate_cinder_iscsi = false + +# Does the test environment use block devices for live migration +# (boolean value) +#block_migration_for_live_migration = false + +# Does the test environment support changing the admin password? +# (boolean value) +#change_password = false + +# Does the test environment support obtaining instance serial console +# output? (boolean value) +#console_output = true + +# If false, skip disk config tests (boolean value) +#disk_config = true + +# Enables returning of the instance password by the relevant server +# API calls such as create, rebuild or rescue. (boolean value) +#enable_instance_password = true + +# Does the test environment support dynamic network interface +# attachment? (boolean value) +#interface_attach = true + +# Does the test environment support live migration available? (boolean +# value) +#live_migration = false + +# Does the test environment support pausing? (boolean value) +#pause = true + +# Enable RDP console. This configuration value should be same as +# [nova.rdp]->enabled in nova.conf (boolean value) +#rdp_console = false + +# Does the test environment support instance rescue mode? (boolean +# value) +#rescue = true + +# Does the test environment support resizing? (boolean value) +#resize = false + +# Does the test environment support shelving/unshelving? (boolean +# value) +#shelve = true + +# Does the test environment support creating snapshot images of +# running instances? (boolean value) +#snapshot = true + +# Enable Spice console. This configuration value should be same as +# [nova.spice]->enabled in nova.conf (boolean value) +#spice_console = false + +# Does the test environment support suspend/resume? (boolean value) +#suspend = true + +# Enable VNC console. This configuration value should be same as +# [nova.vnc]->vnc_enabled in nova.conf (boolean value) +#vnc_console = false + +# If false skip all v2 api tests with xml (boolean value) +#xml_api_v2 = true + + +[dashboard] + +# +# From tempest.config +# + +# Where the dashboard can be found (string value) +#dashboard_url = http://localhost/ + +# Login page for the dashboard (string value) +#login_url = http://localhost/auth/login/ + + +[data_processing] + +# +# From tempest.config +# + +# Catalog type of the data processing service. (string value) +#catalog_type = data_processing + +# The endpoint type to use for the data processing service. (string +# value) +#endpoint_type = publicURL + + +[database] + +# +# From tempest.config +# + +# Catalog type of the Database service. (string value) +#catalog_type = database + +# Current database version to use in database tests. (string value) +#db_current_version = v1.0 + +# Valid primary flavor to use in database tests. (string value) +#db_flavor_ref = 1 + + +[debug] + +# +# From tempest.config +# + +# Enable diagnostic commands (boolean value) +#enable = true + +# A regex to determine which requests should be traced. This is a +# regex to match the caller for rest client requests to be able to +# selectively trace calls out of specific classes and methods. It +# largely exists for test development, and is not expected to be used +# in a real deploy of tempest. This will be matched against the +# discovered ClassName:method in the test environment. Expected +# values for this field are: * ClassName:test_method_name - traces +# one test_method * ClassName:setUp(Class) - traces specific setup +# functions * ClassName:tearDown(Class) - traces specific teardown +# functions * ClassName:_run_cleanups - traces the cleanup functions +# If nothing is specified, this feature is not enabled. To trace +# everything specify .* as the regex. (string value) +#trace_requests = + + +[identity] + +# +# From tempest.config +# + +# Admin domain name for authentication (Keystone V3).The same domain +# applies to user and project (string value) +#admin_domain_name = + +# API key to use when authenticating as admin. (string value) +#admin_password = + +# Role required to administrate keystone. (string value) +#admin_role = admin + +# Administrative Tenant name to use for Keystone API requests. (string +# value) +#admin_tenant_name = + +# Administrative Username to use for Keystone API requests. (string +# value) +#admin_username = + +# Alternate domain name for authentication (Keystone V3).The same +# domain applies to user and project (string value) +#alt_domain_name = + +# API key to use when authenticating as alternate user. (string value) +#alt_password = + +# Alternate user's Tenant name to use for Nova API requests. (string +# value) +#alt_tenant_name = + +# Username of alternate user to use for Nova API requests. (string +# value) +#alt_username = + +# Identity API version to be used for authentication for API tests. +# (string value) +#auth_version = v2 + +# Catalog type of the Identity service. (string value) +#catalog_type = identity + +# Set to True if using self-signed SSL certificates. (boolean value) +#disable_ssl_certificate_validation = false + +# Domain name for authentication (Keystone V3).The same domain applies +# to user and project (string value) +#domain_name = + +# The endpoint type to use for the identity service. (string value) +#endpoint_type = publicURL + +# API key to use when authenticating. (string value) +#password = + +# The identity region name to use. Also used as the other services' +# region name unless they are set explicitly. If no such region is +# found in the service catalog, the first found one is used. (string +# value) +#region = RegionOne + +# Tenant name to use for Nova API requests. (string value) +#tenant_name = + +# Full URI of the OpenStack Identity API (Keystone), v2 (string value) +#uri = + +# Full URI of the OpenStack Identity API (Keystone), v3 (string value) +#uri_v3 = + +# Username to use for Nova API requests. (string value) +#username = + + +[identity-feature-enabled] + +# +# From tempest.config +# + +# Is the v2 identity API enabled (boolean value) +#api_v2 = true + +# Is the v3 identity API enabled (boolean value) +#api_v3 = true + +# Does the identity service have delegation and impersonation enabled +# (boolean value) +#trust = true + + +[image] + +# +# From tempest.config +# + +# Catalog type of the Image service. (string value) +#catalog_type = image + +# The endpoint type to use for the image service. (string value) +#endpoint_type = publicURL + +# http accessible image (string value) +#http_image = http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-uec.tar.gz + +# The image region name to use. If empty, the value of identity.region +# is used instead. If no such region is found in the service catalog, +# the first found one is used. (string value) +#region = + + +[image-feature-enabled] + +# +# From tempest.config +# + +# Is the v1 image API enabled (boolean value) +#api_v1 = true + +# Is the v2 image API enabled (boolean value) +#api_v2 = true + + +[input-scenario] + +# +# From tempest.config +# + +# Matching flavors become parameters for scenario tests (string value) +#flavor_regex = ^m1.nano$ + +# Matching images become parameters for scenario tests (string value) +#image_regex = ^cirros-0.3.1-x86_64-uec$ + +# SSH verification in tests is skippedfor matching images (string +# value) +#non_ssh_image_regex = ^.*[Ww]in.*$ + +# List of user mapped to regex to matching image names. (string value) +#ssh_user_regex = [["^.*[Cc]irros.*$", "root"]] + + +[messaging] + +# +# From tempest.config +# + +# Catalog type of the Messaging service. (string value) +#catalog_type = messaging + +# The maximum grace period for a claim (integer value) +#max_claim_grace = 43200 + +# The maximum ttl for a claim (integer value) +#max_claim_ttl = 43200 + +# The maximum size of a message body (integer value) +#max_message_size = 262144 + +# The maximum ttl for a message (integer value) +#max_message_ttl = 1209600 + +# The maximum number of messages per claim (integer value) +#max_messages_per_claim = 20 + +# The maximum number of queue message per page when listing (or) +# posting messages (integer value) +#max_messages_per_page = 20 + +# The maximum metadata size for a queue (integer value) +#max_queue_metadata = 65536 + +# The maximum number of queue records per page when listing queues +# (integer value) +#max_queues_per_page = 20 + + +[negative] + +# +# From tempest.config +# + +# Test generator class for all negative tests (string value) +#test_generator = tempest.common.generator.negative_generator.NegativeTestGenerator + + +[network] + +# +# From tempest.config +# + +# Time in seconds between network operation status checks. (integer +# value) +#build_interval = 1 + +# Timeout in seconds to wait for network operation to complete. +# (integer value) +#build_timeout = 300 + +# Catalog type of the Neutron service. (string value) +#catalog_type = network + +# List of dns servers whichs hould be used for subnet creation (list +# value) +#dns_servers = 8.8.8.8,8.8.4.4 + +# The endpoint type to use for the network service. (string value) +#endpoint_type = publicURL + +# Id of the public network that provides external connectivity (string +# value) +#public_network_id = + +# Id of the public router that provides external connectivity (string +# value) +#public_router_id = + +# The network region name to use. If empty, the value of +# identity.region is used instead. If no such region is found in the +# service catalog, the first found one is used. (string value) +#region = + +# The cidr block to allocate tenant ipv4 subnets from (string value) +#tenant_network_cidr = 10.100.0.0/16 + +# The mask bits for tenant ipv4 subnets (integer value) +#tenant_network_mask_bits = 28 + +# The cidr block to allocate tenant ipv6 subnets from (string value) +#tenant_network_v6_cidr = 2003::/48 + +# The mask bits for tenant ipv6 subnets (integer value) +#tenant_network_v6_mask_bits = 64 + +# Whether tenant network connectivity should be evaluated directly +# (boolean value) +#tenant_networks_reachable = false + + +[network-feature-enabled] + +# +# From tempest.config +# + +# A list of enabled network extensions with a special entry all which +# indicates every extension is enabled. Empty list indicates all +# extensions are disabled (list value) +#api_extensions = all + +# Allow the execution of IPv6 tests (boolean value) +#ipv6 = true + +# Allow the execution of IPv6 subnet tests that use the extended IPv6 +# attributes ipv6_ra_mode and ipv6_address_mode (boolean value) +#ipv6_subnet_attributes = false + + +[object-storage] + +# +# From tempest.config +# + +# Catalog type of the Object-Storage service. (string value) +#catalog_type = object-store + +# Number of seconds to wait while looping to check the status of a +# container to container synchronization (integer value) +#container_sync_interval = 5 + +# Number of seconds to time on waiting for a container to container +# synchronization complete. (integer value) +#container_sync_timeout = 120 + +# The endpoint type to use for the object-store service. (string +# value) +#endpoint_type = publicURL + +# Role to add to users created for swift tests to enable creating +# containers (string value) +#operator_role = Member + +# The object-storage region name to use. If empty, the value of +# identity.region is used instead. If no such region is found in the +# service catalog, the first found one is used. (string value) +#region = + +# User role that has reseller admin (string value) +#reseller_admin_role = ResellerAdmin + + +[object-storage-feature-enabled] + +# +# From tempest.config +# + +# Execute (old style) container-sync tests (boolean value) +#container_sync = true + +# Execute discoverability tests (boolean value) +#discoverability = true + +# A list of the enabled optional discoverable apis. A single entry, +# all, indicates that all of these features are expected to be enabled +# (list value) +#discoverable_apis = all + +# Execute object-versioning tests (boolean value) +#object_versioning = true + + +[orchestration] + +# +# From tempest.config +# + +# Time in seconds between build status checks. (integer value) +#build_interval = 1 + +# Timeout in seconds to wait for a stack to build. (integer value) +#build_timeout = 1200 + +# Catalog type of the Orchestration service. (string value) +#catalog_type = orchestration + +# The endpoint type to use for the orchestration service. (string +# value) +#endpoint_type = publicURL + +# Name of heat-cfntools enabled image to use when launching test +# instances. (string value) +#image_ref = + +# Instance type for tests. Needs to be big enough for a full OS plus +# the test workload (string value) +#instance_type = m1.micro + +# Name of existing keypair to launch servers with. (string value) +#keypair_name = + +# Value must match heat configuration of the same name. (integer +# value) +#max_resources_per_stack = 1000 + +# Value must match heat configuration of the same name. (integer +# value) +#max_template_size = 524288 + +# The orchestration region name to use. If empty, the value of +# identity.region is used instead. If no such region is found in the +# service catalog, the first found one is used. (string value) +#region = + + +[scenario] + +# +# From tempest.config +# + +# AKI image file name (string value) +#aki_img_file = cirros-0.3.1-x86_64-vmlinuz + +# AMI image file name (string value) +#ami_img_file = cirros-0.3.1-x86_64-blank.img + +# ARI image file name (string value) +#ari_img_file = cirros-0.3.1-x86_64-initrd + +# Image container format (string value) +#img_container_format = bare + +# Directory containing image files (string value) +#img_dir = /opt/stack/new/devstack/files/images/cirros-0.3.1-x86_64-uec + +# Image disk format (string value) +#img_disk_format = qcow2 + +# Image file name (string value) +# Deprecated group/name - [DEFAULT]/qcow2_img_file +#img_file = cirros-0.3.1-x86_64-disk.img + +# specifies how many resources to request at once. Used for large +# operations testing. (integer value) +#large_ops_number = 0 + +# ssh username for the image file (string value) +#ssh_user = cirros + + +[service_available] + +# +# From tempest.config +# + +# Whether or not Ceilometer is expected to be available (boolean +# value) +#ceilometer = true + +# Whether or not cinder is expected to be available (boolean value) +#cinder = true + +# Whether or not glance is expected to be available (boolean value) +#glance = true + +# Whether or not Heat is expected to be available (boolean value) +#heat = false + +# Whether or not Horizon is expected to be available (boolean value) +#horizon = true + +# Whether or not Ironic is expected to be available (boolean value) +#ironic = false + +# Whether or not neutron is expected to be available (boolean value) +#neutron = false + +# Whether or not nova is expected to be available (boolean value) +#nova = true + +# Whether or not Sahara is expected to be available (boolean value) +#sahara = false + +# Whether or not swift is expected to be available (boolean value) +#swift = true + +# Whether or not Trove is expected to be available (boolean value) +#trove = false + +# Whether or not Zaqar is expected to be available (boolean value) +#zaqar = false + + +[stress] + +# +# From tempest.config +# + +# Controller host. (string value) +#controller = + +# The number of threads created while stress test. (integer value) +#default_thread_number_per_action = 4 + +# Allows a full cleaning process after a stress test. Caution : this +# cleanup will remove every objects of every tenant. (boolean value) +#full_clean_stack = false + +# Prevent the cleaning (tearDownClass()) between each stress test run +# if an exception occurs during this run. (boolean value) +#leave_dirty_stack = false + +# time (in seconds) between log file error checks. (integer value) +#log_check_interval = 60 + +# Maximum number of instances to create during test. (integer value) +#max_instances = 16 + +# Directory containing log files on the compute nodes (string value) +#nova_logdir = + +# Controller host. (string value) +#target_controller = + +# regexp for list of log files. (string value) +#target_logfiles = + +# Path to private key. (string value) +#target_private_key_path = + +# ssh user. (string value) +#target_ssh_user = + + +[telemetry] + +# +# From tempest.config +# + +# Catalog type of the Telemetry service. (string value) +#catalog_type = metering + +# The endpoint type to use for the telemetry service. (string value) +#endpoint_type = publicURL + +# This variable is used as flag to enable notification tests (boolean +# value) +#too_slow_to_test = true + + +[volume] + +# +# From tempest.config +# + +# Name of the backend1 (must be declared in cinder.conf) (string +# value) +#backend1_name = BACKEND_1 + +# Name of the backend2 (must be declared in cinder.conf) (string +# value) +#backend2_name = BACKEND_2 + +# Time in seconds between volume availability checks. (integer value) +#build_interval = 1 + +# Timeout in seconds to wait for a volume to become available. +# (integer value) +#build_timeout = 300 + +# Catalog type of the Volume Service (string value) +#catalog_type = volume + +# Disk format to use when copying a volume to image (string value) +#disk_format = raw + +# The endpoint type to use for the volume service. (string value) +#endpoint_type = publicURL + +# The volume region name to use. If empty, the value of +# identity.region is used instead. If no such region is found in the +# service catalog, the first found one is used. (string value) +#region = + +# Backend protocol to target when creating volume types (string value) +#storage_protocol = iSCSI + +# Backend vendor to target when creating volume types (string value) +#vendor_name = Open Source + +# Default size in GB for volumes created by volumes tests (integer +# value) +#volume_size = 1 + + +[volume-feature-enabled] + +# +# From tempest.config +# + +# A list of enabled volume extensions with a special entry all which +# indicates every extension is enabled. Empty list indicates all +# extensions are disabled (list value) +#api_extensions = all + +# Is the v1 volume API enabled (boolean value) +#api_v1 = true + +# Is the v2 volume API enabled (boolean value) +#api_v2 = true + +# Runs Cinder volumes backup test (boolean value) +#backup = true + +# Runs Cinder multi-backend test (requires 2 backends) (boolean value) +#multi_backend = false + +# Runs Cinder volume snapshot test (boolean value) +#snapshot = true -- cgit v1.2.1 From c55a9e4fa4052adbe7e11f6cedc25213dfcb8ef5 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Thu, 16 Apr 2015 15:43:04 +0000 Subject: OpenStack: Configure Tempest at deployment time. This is being done using the 'template' option from the install-files extension. Signed-off-by: Zara Zaimeche Signed-off-by: Mike Smith Change-Id: Id3671d34692823e3f34f6565f40732b889cb8486 --- openstack/etc/tempest/tempest.conf | 108 +++++++++++++++++++------------------ openstack/manifest | 1 + 2 files changed, 56 insertions(+), 53 deletions(-) diff --git a/openstack/etc/tempest/tempest.conf b/openstack/etc/tempest/tempest.conf index 1cccaccc..05f0eca1 100644 --- a/openstack/etc/tempest/tempest.conf +++ b/openstack/etc/tempest/tempest.conf @@ -8,7 +8,7 @@ #disable_process_locking = false # Directory to use for lock files. (string value) -#lock_path = +lock_path = /run/lock # # From tempest.config @@ -58,7 +58,7 @@ # Use syslog for logging. Existing syslog format is DEPRECATED during # I, and will change in J to honor RFC5424. (boolean value) -#use_syslog = false +use_syslog = true # (Optional) Enables or disables syslog rfc5424 format for logging. If # enabled, prefixes the MSG part of the syslog message with APP-NAME @@ -121,7 +121,7 @@ # achieved configuring a list of test accounts (boolean value) # Deprecated group/name - [compute]/allow_tenant_isolation # Deprecated group/name - [orchestration]/allow_tenant_isolation -#allow_tenant_isolation = false +allow_tenant_isolation = true # If set to True it enables the Accounts provider, which locks # credentials to allow for parallel execution with pre-provisioned @@ -225,7 +225,7 @@ # # directory where python client binaries are located (string value) -#cli_dir = /usr/local/bin +cli_dir = /usr/bin # enable cli tests (boolean value) #enabled = true @@ -369,14 +369,14 @@ #domain_name = # API key to use when authenticating as admin. (string value) -#password = +password = {{ NOVA_SERVICE_PASSWORD }} # Administrative Tenant name to use for Nova API requests. (string # value) -#tenant_name = +tenant_name = service # Administrative Username to use for Nova API requests. (string value) -#username = +username = {{ NOVA_SERVICE_USER }} [compute-feature-enabled] @@ -392,7 +392,7 @@ #api_extensions = all # If false, skip all nova v3 tests. (boolean value) -#api_v3 = false +api_v3 = false # A list of enabled v3 extensions with a special entry all which # indicates every extension is enabled. Each extension should be @@ -451,18 +451,18 @@ # Does the test environment support creating snapshot images of # running instances? (boolean value) -#snapshot = true +snapshot = true # Enable Spice console. This configuration value should be same as # [nova.spice]->enabled in nova.conf (boolean value) -#spice_console = false +spice_console = false # Does the test environment support suspend/resume? (boolean value) #suspend = true # Enable VNC console. This configuration value should be same as # [nova.vnc]->vnc_enabled in nova.conf (boolean value) -#vnc_console = false +vnc_console = true # If false skip all v2 api tests with xml (boolean value) #xml_api_v2 = true @@ -475,10 +475,10 @@ # # Where the dashboard can be found (string value) -#dashboard_url = http://localhost/ +dashboard_url = http://{{ CONTROLLER_HOST_ADDRESS }}/horizon # Login page for the dashboard (string value) -#login_url = http://localhost/auth/login/ +login_url = http://{{ CONTROLLER_HOST_ADDRESS }}/horizon/auth/login/ [data_processing] @@ -546,18 +546,18 @@ #admin_domain_name = # API key to use when authenticating as admin. (string value) -#admin_password = +admin_password = {{ KEYSTONE_ADMIN_PASSWORD }} # Role required to administrate keystone. (string value) -#admin_role = admin +admin_role = admin # Administrative Tenant name to use for Keystone API requests. (string # value) -#admin_tenant_name = +admin_tenant_name = admin # Administrative Username to use for Keystone API requests. (string # value) -#admin_username = +admin_username = admin # Alternate domain name for authentication (Keystone V3).The same # domain applies to user and project (string value) @@ -576,10 +576,10 @@ # Identity API version to be used for authentication for API tests. # (string value) -#auth_version = v2 +auth_version = v2 # Catalog type of the Identity service. (string value) -#catalog_type = identity +catalog_type = identity # Set to True if using self-signed SSL certificates. (boolean value) #disable_ssl_certificate_validation = false @@ -592,7 +592,7 @@ #endpoint_type = publicURL # API key to use when authenticating. (string value) -#password = +password = {{ NOVA_SERVICE_PASSWORD }} # The identity region name to use. Also used as the other services' # region name unless they are set explicitly. If no such region is @@ -601,16 +601,18 @@ #region = RegionOne # Tenant name to use for Nova API requests. (string value) -#tenant_name = +tenant_name = service # Full URI of the OpenStack Identity API (Keystone), v2 (string value) -#uri = +uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0/ # Full URI of the OpenStack Identity API (Keystone), v3 (string value) -#uri_v3 = +# +# Tempest complains if we don't set any uri_v3, even if it's disabled. +uri_v3 = # Username to use for Nova API requests. (string value) -#username = +username = {{ NOVA_SERVICE_USER }} [identity-feature-enabled] @@ -620,10 +622,10 @@ # # Is the v2 identity API enabled (boolean value) -#api_v2 = true +api_v2 = true # Is the v3 identity API enabled (boolean value) -#api_v3 = true +api_v3 = false # Does the identity service have delegation and impersonation enabled # (boolean value) @@ -637,13 +639,13 @@ # # Catalog type of the Image service. (string value) -#catalog_type = image +catalog_type = image # The endpoint type to use for the image service. (string value) -#endpoint_type = publicURL +endpoint_type = publicURL # http accessible image (string value) -#http_image = http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-uec.tar.gz +http_image = http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-uec.tar.gz # The image region name to use. If empty, the value of identity.region # is used instead. If no such region is found in the service catalog, @@ -661,7 +663,7 @@ #api_v1 = true # Is the v2 image API enabled (boolean value) -#api_v2 = true +api_v2 = true [input-scenario] @@ -946,40 +948,40 @@ # Whether or not Ceilometer is expected to be available (boolean # value) -#ceilometer = true +ceilometer = false # Whether or not cinder is expected to be available (boolean value) -#cinder = true +cinder = true # Whether or not glance is expected to be available (boolean value) -#glance = true +glance = true # Whether or not Heat is expected to be available (boolean value) -#heat = false +heat = false # Whether or not Horizon is expected to be available (boolean value) -#horizon = true +horizon = true # Whether or not Ironic is expected to be available (boolean value) -#ironic = false +ironic = false # Whether or not neutron is expected to be available (boolean value) -#neutron = false +neutron = true # Whether or not nova is expected to be available (boolean value) -#nova = true +nova = true # Whether or not Sahara is expected to be available (boolean value) -#sahara = false +sahara = false # Whether or not swift is expected to be available (boolean value) -#swift = true +swift = false # Whether or not Trove is expected to be available (boolean value) -#trove = false +trove = false # Whether or not Zaqar is expected to be available (boolean value) -#zaqar = false +zaqar = false [stress] @@ -1049,7 +1051,7 @@ # Name of the backend1 (must be declared in cinder.conf) (string # value) -#backend1_name = BACKEND_1 +backend1_name = LVM_iSCSI # Name of the backend2 (must be declared in cinder.conf) (string # value) @@ -1063,13 +1065,13 @@ #build_timeout = 300 # Catalog type of the Volume Service (string value) -#catalog_type = volume +catalog_type = volume # Disk format to use when copying a volume to image (string value) -#disk_format = raw +disk_format = raw # The endpoint type to use for the volume service. (string value) -#endpoint_type = publicURL +endpoint_type = publicURL # The volume region name to use. If empty, the value of # identity.region is used instead. If no such region is found in the @@ -1077,14 +1079,14 @@ #region = # Backend protocol to target when creating volume types (string value) -#storage_protocol = iSCSI +storage_protocol = iSCSI # Backend vendor to target when creating volume types (string value) #vendor_name = Open Source # Default size in GB for volumes created by volumes tests (integer # value) -#volume_size = 1 +volume_size = 1 [volume-feature-enabled] @@ -1099,16 +1101,16 @@ #api_extensions = all # Is the v1 volume API enabled (boolean value) -#api_v1 = true +api_v1 = true # Is the v2 volume API enabled (boolean value) -#api_v2 = true +api_v2 = true # Runs Cinder volumes backup test (boolean value) -#backup = true +backup = true # Runs Cinder multi-backend test (requires 2 backends) (boolean value) -#multi_backend = false +multi_backend = false # Runs Cinder volume snapshot test (boolean value) -#snapshot = true +snapshot = true diff --git a/openstack/manifest b/openstack/manifest index ad2841d8..f3cc0f2d 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -2,6 +2,7 @@ 0100644 0 0 /etc/horizon/apache-horizon.conf 0040755 0 0 /etc/horizon/openstack_dashboard 0100644 0 0 /etc/horizon/openstack_dashboard/local_settings.py +template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts 0040755 0 0 /usr/share/openstack/cinder -- cgit v1.2.1 From 2514cc238778ec5679db481cce7517f453351869 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Fri, 17 Apr 2015 15:48:56 +0100 Subject: Drop swift conf exts from openstack-system Swift configuration is not simple, also it's likely a user will want to deploy openstack without swift, so we don't want to include the swift conf exts by default. Dropping these allows us to have a much simpler default cluster morph. Change-Id: I99de08c94e7f10912c158c0dfd5342ff76ca604e --- systems/openstack-system-x86_64.morph | 2 -- 1 file changed, 2 deletions(-) diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index ac784730..61b81674 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -70,6 +70,4 @@ configuration-extensions: - openstack-network - openstack-neutron - fstab -- swift-storage -- openstack-swift-controller - openstack-ironic -- cgit v1.2.1 From 0b3d2ffad59e0660add775765696bb0b43b9d5cc Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Wed, 15 Apr 2015 05:02:24 +0000 Subject: OpenStack: Disable rp filtering This drop-in file will be processed by systemd on boot. Change-Id: I055d22dd481cc5084f6dbacbb787c3015d75461e --- openstack/manifest | 2 ++ openstack/usr/lib/sysctl.d/neutron.conf | 3 +++ 2 files changed, 5 insertions(+) create mode 100644 openstack/usr/lib/sysctl.d/neutron.conf diff --git a/openstack/manifest b/openstack/manifest index f3cc0f2d..7911827d 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -117,6 +117,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack/rabbitmq 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq-env.conf 0100644 0 0 /usr/share/openstack/rabbitmq/rabbitmq.config +0040755 0 0 /usr/lib/sysctl.d +0100644 0 0 /usr/lib/sysctl.d/neutron.conf 0100644 0 0 /usr/lib/systemd/system/apache-httpd.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service diff --git a/openstack/usr/lib/sysctl.d/neutron.conf b/openstack/usr/lib/sysctl.d/neutron.conf new file mode 100644 index 00000000..644ca116 --- /dev/null +++ b/openstack/usr/lib/sysctl.d/neutron.conf @@ -0,0 +1,3 @@ +# Disable rp filtering, enabling forwarding is handled by networkd +net.ipv4.conf.all.rp_filter=0 +net.ipv4.conf.default.rp_filter=0 -- cgit v1.2.1 From f7e2dec75d837aaeefa3c822843126b13e086864 Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 14 Apr 2015 20:37:37 +0000 Subject: OpenStack: Enable passworded access to postgresql database Change-Id: Ie39ce4c3e6c47d44ce07fe1b353f72d23999d0e8 --- openstack/usr/share/openstack/postgres/pg_hba.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/openstack/usr/share/openstack/postgres/pg_hba.conf b/openstack/usr/share/openstack/postgres/pg_hba.conf index 0968fc44..78186924 100644 --- a/openstack/usr/share/openstack/postgres/pg_hba.conf +++ b/openstack/usr/share/openstack/postgres/pg_hba.conf @@ -2,3 +2,4 @@ local all all trust host all all 127.0.0.0/8 trust host all all ::1/128 trust host all all {{ MANAGEMENT_INTERFACE_IP_ADDRESS }}/32 trust +host all all 0.0.0.0/0 md5 -- cgit v1.2.1 From da6201b2e28b41a55547941ed181f2a6b413e61d Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Mon, 13 Apr 2015 09:58:41 +0000 Subject: OpenStack: Add threenode installer This will be fully functional after service configuration is better partitioned between the nodes. Change-Id: I7822c42b9087bc52111e8b7181b67f55d8393643 --- clusters/openstack-installer.morph | 146 +++++++++++++++++++++++++++++++++++++ 1 file changed, 146 insertions(+) create mode 100644 clusters/openstack-installer.morph diff --git a/clusters/openstack-installer.morph b/clusters/openstack-installer.morph new file mode 100644 index 00000000..4103ea07 --- /dev/null +++ b/clusters/openstack-installer.morph @@ -0,0 +1,146 @@ +name: openstack-installer +kind: cluster +description: | + + This cluster creates disk images that may be `dd`'d onto install media to + produce an OpenStack cluster when instanciated. + + Alternatively it may be used to install directly onto a physical disk by + running: + + morph deploy clusters/openstack-installer.morph \ + network-installer network-installer.location=/dev/vdb + + Substituting network-installer for either compute-installer or + controller-installer will produce different configurations, and it is possible + to substitue /dev/vdb for a different path to a disk image to install to a + different disk image. + + Substitute the values of HOSTNAME, NETWORK_CONFIG, EXTERNAL_INTERFACE, + MANAGEMENT_IP_ADDRESS, CONTROLLER_HOST_ADDRESS, RABBITMQ_HOST and HOSTS_* to + match your hardware ane networking configuration. + +systems: +- morph: systems/installer-system-x86_64.morph + deploy: + network-installer: &installer + type: rawdisk + location: installer-openstack-network-x86_64.img + KERNEL_ARGS: init=/usr/lib/baserock-installer/installer + DISK_SIZE: 6G + HOSTNAME: installer-x86_64 + INSTALLER_TARGET_STORAGE_DEVICE: /dev/sda + INSTALLER_ROOTFS_TO_INSTALL: /rootfs + INSTALLER_POST_INSTALL_COMMAND: 'sync; poweroff -f' + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + network-initramfs: &initramfs + type: initramfs + location: boot/initramfs.gz + - morph: systems/openstack-system-x86_64.morph + deploy: + network-to-install: &stack-node + type: sysroot + location: rootfs + INSTALL_FILES: openstack/manifest + HOSTNAME: threenode-network + RABBITMQ_HOST: threenode-controller.os-mgmt + RABBITMQ_PORT: 5672 + RABBITMQ_USER: rabbitmq + RABBITMQ_PASSWORD: veryinsecure + KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 + KEYSTONE_ADMIN_PASSWORD: veryinsecure + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure + CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 + GLANCE_SERVICE_USER: glance + GLANCE_SERVICE_PASSWORD: veryinsecure + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure + NOVA_SERVICE_USER: nova + NOVA_SERVICE_PASSWORD: veryinsecure + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure + NOVA_VIRT_TYPE: kvm + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + NEUTRON_SERVICE_USER: neutron + NEUTRON_SERVICE_PASSWORD: veryinsecure + NEUTRON_DB_USER: neutronDB + NEUTRON_DB_PASSWORD: veryinsecure + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + HOSTS_SELF: 10.24.1.83 threenode-network + HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt + HOSTS_CONTROL: 10.0.0.2 threenode-controller.os-mgmt + HOSTS_COMPUTE: 10.0.0.3 threenode-compute.os-mgmt + EXTERNAL_INTERFACE: enp3s0 + NETWORK_CONFIG: enp3s0:dhcp;enp2s0:static,address=10.0.0.1,netmask=255.255.255.0 + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + network-to-install-initramfs: *initramfs +- morph: systems/installer-system-x86_64.morph + deploy: + controller-installer: + <<: *installer + location: installer-openstack-controller-x86_64.img + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + controller-initramfs: *initramfs + - morph: systems/openstack-system-x86_64.morph + deploy: + controller-to-install: + <<: *stack-node + HOSTNAME: threenode-controller + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 + NOVA_VIRT_TYPE: kvm + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + HOSTS_SELF: 10.0.0.2 threenode-controller + EXTERNAL_INTERFACE: enp2s0 + NETWORK_CONFIG: enp2s0:dhcp;enp0s26u1u2:static,address=10.0.0.2,netmask=255.255.255.0 + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + controller-to-install-initramfs: *initramfs +- morph: systems/installer-system-x86_64.morph + deploy: + compute-installer: + <<: *installer + location: installer-openstack-compute-x86_64.img + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + compute-initramfs: *initramfs + - morph: systems/openstack-system-x86_64.morph + deploy: + compute-to-install: + <<: *stack-node + HOSTNAME: threenode-compute + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 + NOVA_VIRT_TYPE: kvm + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + HOSTS_SELF: 10.0.0.3 threenode-compute + EXTERNAL_INTERFACE: eno1 + NETWORK_CONFIG: eno1:dhcp;enp0s29u1u3:static,address=10.0.0.3,netmask=255.255.255.0 + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + compute-to-install-initramfs: *initramfs -- cgit v1.2.1 From f1baa4ade17fcd1eaa2fed4aecf3901c414acc9a Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 14 Apr 2015 13:00:50 +0000 Subject: OpenStack: Split neutron config up into MANAGER, CONTROLLER and AGENT This adds NEUTRON_ENABLE_{MANAGER,CONTROLLER,AGENT} to determine which parts should be run on a node, so a network node has MANAGER enabled, but doesn't need CONTROLLER or AGENT, since those will be run on the controller and compute nodes respectively. This works by the configuration extension selectively enabling systemd units, with config-setup always being run, and db-setup run on the controller node. Rather than having the enable logic in 3 distinct setup services, their dependencies have been augmented to run after appropriate setup services if they are enabled, and to not run if their configuration hasn't been created. Change-Id: I7625074c94acfb49fc68660440609b0fe9c0052d --- clusters/openstack-installer.morph | 9 ++ openstack-neutron.configure | 83 +++++++++++++--- openstack/manifest | 6 +- .../system/openstack-neutron-config-setup.service | 13 +++ .../system/openstack-neutron-db-setup.service | 13 +++ .../system/openstack-neutron-dhcp-agent.service | 5 +- .../system/openstack-neutron-l3-agent.service | 5 +- .../openstack-neutron-metadata-agent.service | 5 +- .../system/openstack-neutron-ovs-cleanup.service | 5 +- ...nstack-neutron-plugin-openvswitch-agent.service | 5 +- .../system/openstack-neutron-server.service | 5 +- .../systemd/system/openstack-neutron-setup.service | 10 -- openstack/usr/share/openstack/neutron-config.yml | 48 +++++++++ openstack/usr/share/openstack/neutron-db.yml | 51 ++++++++++ openstack/usr/share/openstack/neutron.yml | 109 --------------------- 15 files changed, 226 insertions(+), 146 deletions(-) create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service delete mode 100644 openstack/usr/lib/systemd/system/openstack-neutron-setup.service create mode 100644 openstack/usr/share/openstack/neutron-config.yml create mode 100644 openstack/usr/share/openstack/neutron-db.yml delete mode 100644 openstack/usr/share/openstack/neutron.yml diff --git a/clusters/openstack-installer.morph b/clusters/openstack-installer.morph index 4103ea07..5cc7c5d1 100644 --- a/clusters/openstack-installer.morph +++ b/clusters/openstack-installer.morph @@ -74,6 +74,9 @@ systems: NEUTRON_SERVICE_PASSWORD: veryinsecure NEUTRON_DB_USER: neutronDB NEUTRON_DB_PASSWORD: veryinsecure + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: True + NEUTRON_ENABLE_CONTROLLER: False METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret HOSTS_SELF: 10.24.1.83 threenode-network HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt @@ -107,6 +110,9 @@ systems: CINDER_DB_USER: cinderDB CINDER_DB_PASSWORD: veryinsecure CINDER_DEVICE: /dev/sdb + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: False + NEUTRON_ENABLE_CONTROLLER: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret HOSTS_SELF: 10.0.0.2 threenode-controller EXTERNAL_INTERFACE: enp2s0 @@ -136,6 +142,9 @@ systems: CINDER_DB_USER: cinderDB CINDER_DB_PASSWORD: veryinsecure CINDER_DEVICE: /dev/sdb + NEUTRON_ENABLE_AGENT: True + NEUTRON_ENABLE_MANAGER: False + NEUTRON_ENABLE_CONTROLLER: False METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret HOSTS_SELF: 10.0.0.3 threenode-compute EXTERNAL_INTERFACE: eno1 diff --git a/openstack-neutron.configure b/openstack-neutron.configure index 50a6d1e4..a0ab6b5f 100644 --- a/openstack-neutron.configure +++ b/openstack-neutron.configure @@ -18,19 +18,16 @@ set -e ROOT="$1" -########################################################################## - -ln -sf "/usr/lib/systemd/system/openstack-neutron-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-neutron-setup.service" +enable(){ + ln -sf "/usr/lib/systemd/system/openstack-neutron-$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-neutron-$1.service" +} -############################################# -# Ensure /var/run is an appropriate symlink # -############################################# +unrecognised_value(){ + eval echo Unrecognised value \$$1 for $1 >&2 + exit 1 +} -if ! link="$(readlink "$ROOT/var/run")" || [ "$link" != ../run ]; then - rm -rf "$ROOT/var/run" - ln -s ../run "$ROOT/var/run" -fi ########################################################################## # Check variables @@ -51,7 +48,7 @@ if [ -z "$NEUTRON_SERVICE_USER" -a \ -z "$CONTROLLER_HOST_ADDRESS" -a \ -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then - # No NOVA options defined, do nothing. + # No Neutron options defined, do nothing. exit 0 fi @@ -69,10 +66,70 @@ if [ -z "$NEUTRON_SERVICE_USER" -o \ -z "$CONTROLLER_HOST_ADDRESS" -o \ -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then - echo Some options required for Nova were defined, but not all. + echo Some options required for Neutron were defined, but not all. exit 1 fi +############################################# +# Ensure /var/run is an appropriate symlink # +############################################# + +if ! link="$(readlink "$ROOT/var/run")" || [ "$link" != ../run ]; then + rm -rf "$ROOT/var/run" + ln -s ../run "$ROOT/var/run" +fi + +################### +# Enable services # +################### + +if [ x"${NEUTRON_ENABLE_CONTROLLER=True}" = xTrue -o \ + x"${NEUTRON_ENABLE_MANAGER=True}" = xTrue -o \ + x"${NEUTRON_ENABLE_AGENT=True}" = xTrue ]; then + enable config-setup +fi + +case "${NEUTRON_ENABLE_CONTROLLER}" in +True|yes|y) + enable config-setup + enable db-setup + enable server + ;; +False|no|n|'') + ;; +*) + unrecognised_value NEUTRON_ENABLE_CONTROLLER + ;; +esac + +case "${NEUTRON_ENABLE_MANAGER}" in +True|yes|y) + enable config-setup + enable ovs-cleanup + enable dhcp-agent + enable l3-agent + enable plugin-openvswitch-agent + enable metadata-agent + ;; +False|no|n|'') + ;; +*) + unrecognised_value NEUTRON_ENABLE_MANAGER + ;; +esac + +case "${NEUTRON_ENABLE_AGENT}" in +True|yes|y) + enable config-setup + enable plugin-openvswitch-agent + ;; +False|no|n|'') + ;; +*) + unrecognised_value NEUTRON_ENABLE_AGENT + ;; +esac + ########################################################################## # Generate config variable shell snippet ########################################################################## diff --git a/openstack/manifest b/openstack/manifest index 7911827d..6b7e27d7 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -37,7 +37,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini 0100644 0 0 /usr/share/openstack/network.yml 0040755 0 0 /usr/share/openstack/neutron -0100644 0 0 /usr/share/openstack/neutron.yml +0100644 0 0 /usr/share/openstack/neutron-config.yml +0100644 0 0 /usr/share/openstack/neutron-db.yml 0100644 0 0 /usr/share/openstack/neutron/neutron.conf 0100644 0 0 /usr/share/openstack/neutron/api-paste.ini 0100644 0 0 /usr/share/openstack/neutron/policy.json @@ -130,7 +131,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/openstack-ironic-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-ironic-conductor.service 0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service -0100644 0 0 /usr/lib/systemd/system/openstack-neutron-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-config-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-neutron-db-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-server.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-metadata-agent.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service new file mode 100644 index 00000000..46e1b585 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service @@ -0,0 +1,13 @@ +[Unit] +Description=Run neutron-config-setup Ansible scripts +ConditionPathExists=/etc/openstack/neutron.conf +After=openstack-keystone.service openstack-keystone-setup.service +Wants=openstack-keystone.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/neutron-config.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service new file mode 100644 index 00000000..4b30e78a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service @@ -0,0 +1,13 @@ +[Unit] +Description=Run neutron-db-setup Ansible scripts +ConditionPathExists=/etc/openstack/neutron.conf +After=network-online.target openstack-keystone.service postgres-server.service openstack-keystone-setup.service +Wants=network-online.target openstack-keystone.service postgres-server.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/neutron-db.yml +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service index 34a682b6..cd9ed9fe 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service @@ -1,7 +1,8 @@ [Unit] Description=Neutron DHCP Agent -After=network-online.target openstack-neutron-ovs-cleanup.service -Wants=network-online.target +ConditionPathExists=/etc/neutron/neutron.conf +After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openstack-neutron-ovs-cleanup.service +Wants=network-online.target openstack-neutron-config-setup.service [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service index bd514aa1..1a6b5928 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service @@ -1,7 +1,8 @@ [Unit] Description=Neutron Layer 3 Agent -After=network-online.target openstack-neutron-ovs-cleanup.service -Wants=network-online.target +ConditionPathExists=/etc/neutron/neutron.conf +After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openstack-neutron-ovs-cleanup.service +Wants=network-online.target openstack-neutron-config-setup.service [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service index 22bbf675..c96fa3a2 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service @@ -1,7 +1,8 @@ [Unit] Description=Neutron Metadata Plugin Agent -After=network-online.target openstack-neutron-setup.service -Wants=network-online.target +ConditionPathExists=/etc/neutron/neutron.conf +After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service +Wants=network-online.target openstack-neutron-config-setup.service [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service index 544531ed..386f50dd 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service @@ -1,7 +1,8 @@ [Unit] Description=Neutron OVS cleanup -After=network-online.target openstack-neutron-setup.service openvswitch.service -Wants=network-online.target +ConditionPathExists=/etc/neutron/neutron.conf +After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openvswitch.service +Wants=network-online.target openstack-neutron-config-setup.service Before=openstack-neutron-plugin-openvswitch-agent.service ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service index 894c3a45..ade14733 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service @@ -1,7 +1,8 @@ [Unit] Description=Neutron OpenvSwitch Plugin Agent -After=network-online.target openstack-neutron-setup.service -Wants=network-online.target +ConditionPathExists=/etc/neutron/neutron.conf +After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service +Wants=network-online.target openstack-neutron-config-setup.service [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-server.service b/openstack/usr/lib/systemd/system/openstack-neutron-server.service index 05dfb7aa..3c0e1bda 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-server.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-server.service @@ -1,7 +1,8 @@ [Unit] Description=Neutron Api Server -Wants=openstack-neutron-network-configuration-one-node.service network-online.target -After=network-online.target openstack-neutron-setup.service openstack-neutron-network-configuration-one-node.service +ConditionPathExists=/etc/neutron/neutron.conf +Wants=openstack-neutron-network-configuration-one-node.service network-online.target openstack-neutron-config-setup.service +After=openstack-neutron-network-configuration-one-node.service network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-setup.service deleted file mode 100644 index 99213b6a..00000000 --- a/openstack/usr/lib/systemd/system/openstack-neutron-setup.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Run neutron-setup Ansible scripts -After=network-online.target openstack-keystone-setup.service postgres-server.service -Wants=network-online.target - -[Service] -ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/neutron.yml - -[Install] -WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/neutron-config.yml b/openstack/usr/share/openstack/neutron-config.yml new file mode 100644 index 00000000..97f4c76e --- /dev/null +++ b/openstack/usr/share/openstack/neutron-config.yml @@ -0,0 +1,48 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/neutron.conf" + tasks: + + - name: Create the neutron user. + user: + name: neutron + comment: Openstack Neutron Daemons + shell: /sbin/nologin + home: /var/lib/neutron + + - name: Create the /var folders for neutron + file: + path: "{{ item }}" + state: directory + owner: neutron + group: neutron + with_items: + - /var/run/neutron + - /var/lock/neutron + - /var/log/neutron + + - name: Get service tenant id needed in neutron.conf + shell: | + keystone \ + --os-endpoint http://{{ CONTROLLER_HOST_ADDRESS|quote }}:35357/v2.0 \ + --os-token {{ KEYSTONE_TEMPORARY_ADMIN_TOKEN|quote }} \ + tenant-get service | grep id | tr -d " " | cut -d"|" -f3 + register: tenant_service_id + + - set_fact: + SERVICE_TENANT_ID: "{{ tenant_service_id.stdout }}" + + - name: Create the directories needed for Neutron configuration files. + file: + path: /etc/{{ item }} + state: directory + with_lines: + - cd /usr/share/openstack && find neutron -type d + + - name: Add configuration needed for neutron using templates + template: + src: /usr/share/openstack/{{ item }} + dest: /etc/{{ item }} + with_lines: + - cd /usr/share/openstack && find neutron -type f diff --git a/openstack/usr/share/openstack/neutron-db.yml b/openstack/usr/share/openstack/neutron-db.yml new file mode 100644 index 00000000..62340477 --- /dev/null +++ b/openstack/usr/share/openstack/neutron-db.yml @@ -0,0 +1,51 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/neutron.conf" + tasks: + - name: Create neutron service user in service tenatnt + keystone_user: + user: "{{ NEUTRON_SERVICE_USER }}" + password: "{{ NEUTRON_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add admin role to neutron service user in service tenant + keystone_user: + role: admin + user: "{{ NEUTRON_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - keystone_service: + name: neutron + type: network + description: Openstack Compute Networking + publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 + internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 + adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for neutron + postgresql_user: + name: "{{ NEUTRON_DB_USER }}" + password: "{{ NEUTRON_DB_PASSWORD }}" + sudo: yes + sudo_user: neutron + + - name: Create database for neutron services + postgresql_db: + name: neutron + owner: "{{ NEUTRON_DB_USER }}" + sudo: yes + sudo_user: neutron + + - name: Initiate neutron database + shell: | + neutron-db-manage \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + upgrade juno + sudo: yes + sudo_user: neutron diff --git a/openstack/usr/share/openstack/neutron.yml b/openstack/usr/share/openstack/neutron.yml deleted file mode 100644 index 7529a656..00000000 --- a/openstack/usr/share/openstack/neutron.yml +++ /dev/null @@ -1,109 +0,0 @@ ---- -- hosts: localhost - vars_files: - - "/etc/openstack/neutron.conf" - tasks: - - - name: Create the neutron user. - user: - name: neutron - comment: Openstack Neutron Daemons - shell: /sbin/nologin - home: /var/lib/neutron - - - name: Create the /var folders for neutron - file: - path: "{{ item }}" - state: directory - owner: neutron - group: neutron - with_items: - - /var/run/neutron - - /var/lock/neutron - - /var/log/neutron - - - name: Get service tenant id needed in neutron.conf - shell: | - keystone \ - --os-endpoint http://{{ CONTROLLER_HOST_ADDRESS|quote }}:35357/v2.0 \ - --os-token {{ KEYSTONE_TEMPORARY_ADMIN_TOKEN|quote }} \ - tenant-get service | grep id | tr -d " " | cut -d"|" -f3 - register: tenant_service_id - - - set_fact: - SERVICE_TENANT_ID: "{{ tenant_service_id.stdout }}" - - - name: Create the directories needed for Neutron configuration files. - file: - path: /etc/{{ item }} - state: directory - with_lines: - - cd /usr/share/openstack && find neutron -type d - - - name: Add configuration needed for neutron using templates - template: - src: /usr/share/openstack/{{ item }} - dest: /etc/{{ item }} - with_lines: - - cd /usr/share/openstack && find neutron -type f - - - name: Create neutron service user in service tenatnt - keystone_user: - user: "{{ NEUTRON_SERVICE_USER }}" - password: "{{ NEUTRON_SERVICE_PASSWORD }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Add admin role to neutron service user in service tenant - keystone_user: - role: admin - user: "{{ NEUTRON_SERVICE_USER }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - keystone_service: - name: neutron - type: network - description: Openstack Compute Networking - publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 - internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 - adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696 - region: regionOne - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Create postgresql user for neutron - postgresql_user: - name: "{{ NEUTRON_DB_USER }}" - password: "{{ NEUTRON_DB_PASSWORD }}" - sudo: yes - sudo_user: neutron - - - name: Create database for neutron services - postgresql_db: - name: neutron - owner: "{{ NEUTRON_DB_USER }}" - sudo: yes - sudo_user: neutron - - - name: Initiate neutron database - shell: | - neutron-db-manage \ - --config-file /etc/neutron/neutron.conf \ - --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ - upgrade juno - sudo: yes - sudo_user: neutron - - - name: Enable and start openstack-neutron services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - openstack-neutron-ovs-cleanup.service - - openstack-neutron-server.service - - openstack-neutron-dhcp-agent.service - - openstack-neutron-l3-agent.service - - openstack-neutron-metadata-agent.service - - openstack-neutron-plugin-openvswitch-agent.service - -- cgit v1.2.1 From 16ec568ee57045464cd2435358a28c25820a6a61 Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 14 Apr 2015 18:54:57 +0000 Subject: OpenStack: Split nova into control and compute This adds NOVA_ENABLE_{CONTROLLER,COMPUTE}. Both are enabled by deafult, but if CONTROLLER is enabled but COMPUTE isn't, then the conductor service is enabled. Change-Id: I523a7270d4afdcd1e2a30eaac42ea499581fe971 --- clusters/openstack-installer.morph | 4 + openstack-nova.configure | 86 ++++++++++++----- openstack/manifest | 6 +- .../lib/systemd/system/openstack-nova-api.service | 3 +- .../lib/systemd/system/openstack-nova-cert.service | 3 +- .../systemd/system/openstack-nova-compute.service | 3 +- .../system/openstack-nova-conductor.service | 3 +- .../system/openstack-nova-config-setup.service | 11 +++ .../system/openstack-nova-consoleauth.service | 3 +- .../systemd/system/openstack-nova-db-setup.service | 12 +++ .../system/openstack-nova-novncproxy.service | 3 +- .../system/openstack-nova-scheduler.service | 3 +- .../system/openstack-nova-serialproxy.service | 3 +- .../systemd/system/openstack-nova-setup.service | 9 -- openstack/usr/share/openstack/nova-config.yml | 34 +++++++ openstack/usr/share/openstack/nova-db.yml | 51 +++++++++++ openstack/usr/share/openstack/nova.yml | 102 --------------------- 17 files changed, 197 insertions(+), 142 deletions(-) create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-config-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-db-setup.service delete mode 100644 openstack/usr/lib/systemd/system/openstack-nova-setup.service create mode 100644 openstack/usr/share/openstack/nova-config.yml create mode 100644 openstack/usr/share/openstack/nova-db.yml delete mode 100644 openstack/usr/share/openstack/nova.yml diff --git a/clusters/openstack-installer.morph b/clusters/openstack-installer.morph index 5cc7c5d1..2f2cbd02 100644 --- a/clusters/openstack-installer.morph +++ b/clusters/openstack-installer.morph @@ -77,6 +77,8 @@ systems: NEUTRON_ENABLE_AGENT: False NEUTRON_ENABLE_MANAGER: True NEUTRON_ENABLE_CONTROLLER: False + NOVA_ENABLE_CONTROLLER: False + NOVA_ENABLE_COMPUTE: False METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret HOSTS_SELF: 10.24.1.83 threenode-network HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt @@ -113,6 +115,7 @@ systems: NEUTRON_ENABLE_AGENT: False NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: True + NOVA_ENABLE_CONTROLLER: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret HOSTS_SELF: 10.0.0.2 threenode-controller EXTERNAL_INTERFACE: enp2s0 @@ -145,6 +148,7 @@ systems: NEUTRON_ENABLE_AGENT: True NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: False + NOVA_ENABLE_COMPUTE: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret HOSTS_SELF: 10.0.0.3 threenode-compute EXTERNAL_INTERFACE: eno1 diff --git a/openstack-nova.configure b/openstack-nova.configure index d2f790f0..4e30d93a 100644 --- a/openstack-nova.configure +++ b/openstack-nova.configure @@ -18,27 +18,10 @@ set -e ROOT="$1" -########################################################################## - -ln -sf "/usr/lib/systemd/system/openstack-nova-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service" - -########################################################################## -# Enable libvirtd and libvirt-guests services -########################################################################## - -wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants -mkdir -p "$wants_dir" -mkdir -p "$ROOT"/var/lock/subsys -ln -sf ../libvirtd.service "$wants_dir/libvirtd.service" - -########################################################################## -# Change iprange for the interal libvirt to avoid clashes -# with eth0 ip range -########################################################################## - -sed -i "s/192\.168\.122\./192\.168\.1\./g" \ - "$ROOT"/etc/libvirt/qemu/networks/default.xml +enable(){ + ln -sf "/usr/lib/systemd/system/openstack-nova-$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-$1.service" +} ########################################################################## # Check variables @@ -86,6 +69,67 @@ if [ -z "$NOVA_SERVICE_USER" -o \ exit 1 fi +# Check optional variables + +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} + +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} + +check_bool NOVA_ENABLE_CONTROLLER +check_bool NOVA_ENABLE_COMPUTE + +############################################### +# Enable libvirtd and libvirt-guests services # +############################################### + +wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants +mkdir -p "$wants_dir" +mkdir -p "$ROOT"/var/lock/subsys +ln -sf ../libvirtd.service "$wants_dir/libvirtd.service" + +###################################### +# Enable relevant openstack services # +###################################### + +if "$NOVA_ENABLE_CONTROLLER" || "$NOVA_ENABLE_COMPUTE"; then + enable config-setup +fi +if "$NOVA_ENABLE_CONTROLLER" && ! "$NOVA_ENABLE_COMPUTE"; then + enable conductor +fi +if "$NOVA_ENABLE_COMPUTE"; then + enable compute +fi +if "$NOVA_ENABLE_CONTROLLER"; then + for service in db-setup api cert consoleauth novncproxy scheduler serialproxy; do + enable "$service" + done +fi + +########################################################################## +# Change iprange for the interal libvirt to avoid clashes +# with eth0 ip range +########################################################################## + +sed -i "s/192\.168\.122\./192\.168\.1\./g" \ + "$ROOT"/etc/libvirt/qemu/networks/default.xml + + ########################################################################## # Generate configuration file ########################################################################## diff --git a/openstack/manifest b/openstack/manifest index 6b7e27d7..3968630c 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -104,7 +104,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack/neutron/plugins/vmware 0100644 0 0 /usr/share/openstack/neutron/plugins/vmware/nsx.ini 0040755 0 0 /usr/share/openstack/nova -0100644 0 0 /usr/share/openstack/nova.yml +0100644 0 0 /usr/share/openstack/nova-config.yml +0100644 0 0 /usr/share/openstack/nova-db.yml 0100644 0 0 /usr/share/openstack/nova/logging.conf 0100644 0 0 /usr/share/openstack/nova/nova.conf 0100644 0 0 /usr/share/openstack/nova/nova-compute.conf @@ -139,7 +140,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-dhcp-agent.service 0100644 0 0 /usr/lib/systemd/system/openstack-neutron-l3-agent.service -0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-config-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-db-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-api.service diff --git a/openstack/usr/lib/systemd/system/openstack-nova-api.service b/openstack/usr/lib/systemd/system/openstack-nova-api.service index 8ee9cefa..d06afcaa 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-api.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-api.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Compute Service (code-named Nova) API server -After=syslog.target network-online.target +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-cert.service b/openstack/usr/lib/systemd/system/openstack-nova-cert.service index b2a2e1cc..418b060c 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-cert.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-cert.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Nova Cert -After=syslog.target network-online.target +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service index 95a3a872..c9c6924c 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Compute Service (code-named Nova) compute server -After=syslog.target network-online.target libvirtd.service +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target libvirtd.service openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target Requires=libvirtd.service diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service index 1d2ece69..bf8e0631 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service @@ -1,6 +1,7 @@ [Unit] Description=Database-access support for Compute nodes (nova-conductor) -After=syslog.target network-online.target libvirtd.service +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target libvirtd.service openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target Requires=libvirtd.service diff --git a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service new file mode 100644 index 00000000..55416cec --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run nova-config-setup Ansible scripts +ConditionPathExists=/etc/openstack/neutron.conf +After=openstack-keystone.service openstack-keystone-setup.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova-config.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service index 66442d11..68607354 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service @@ -1,6 +1,7 @@ [Unit] Description=Openstack Console Auth (nova-consoleauth) -After=syslog.target network-online.target +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service new file mode 100644 index 00000000..80db0be5 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Run nova-db-setup Ansible scripts +ConditionPathExists=/etc/openstack/neutron.conf +After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service +Wants=postgres-server.service openstack-keystone.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova-db.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service index 597f357a..ecdadde2 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Nova NoVNC proxy -After=syslog.target network-online.target +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service index d317b624..9009d49a 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Nova Scheduler -After=syslog.target network-online.target +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service index 2d95c1fa..5f5a5b41 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Nova Serial Proxy -After=syslog.target network-online.target +ConditionPathExists=/etc/nova/nova.conf +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-setup.service deleted file mode 100644 index a4ad6ae7..00000000 --- a/openstack/usr/lib/systemd/system/openstack-nova-setup.service +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Run nova-setup Ansible scripts -After=local-fs.target libvirtd.service openstack-keystone-setup.service postgres-server.service - -[Service] -ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova.yml - -[Install] -WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/nova-config.yml b/openstack/usr/share/openstack/nova-config.yml new file mode 100644 index 00000000..4f43db39 --- /dev/null +++ b/openstack/usr/share/openstack/nova-config.yml @@ -0,0 +1,34 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/nova.conf" + tasks: + - name: Create the nova user. + user: + name: nova + comment: Openstack Nova Daemons + shell: /sbin/nologin + home: /var/lib/nova + groups: libvirt + append: yes + + - name: Create the /var folders for nova + file: + path: "{{ item }}" + state: directory + owner: nova + group: nova + with_items: + - /var/run/nova + - /var/lock/nova + - /var/log/nova + - /var/lib/nova + - /var/lib/nova/instances + + - file: path=/etc/nova state=directory + - name: Add the configuration needed for nova in /etc/nova using templates + template: + src: /usr/share/openstack/nova/{{ item }} + dest: /etc/nova/{{ item }} + with_lines: + - cd /usr/share/openstack/nova && find -type f diff --git a/openstack/usr/share/openstack/nova-db.yml b/openstack/usr/share/openstack/nova-db.yml new file mode 100644 index 00000000..e7dc5b10 --- /dev/null +++ b/openstack/usr/share/openstack/nova-db.yml @@ -0,0 +1,51 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/nova.conf" + tasks: + - name: Create nova service user in service tenant + keystone_user: + user: "{{ NOVA_SERVICE_USER }}" + password: "{{ NOVA_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to nova service user in the service tenant + keystone_user: + role: admin + user: "{{ NOVA_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add nova endpoint + keystone_service: + name: nova + type: compute + description: Openstack Compute Service + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + region: 'regionOne' + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for nova + postgresql_user: + name: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ NOVA_DB_PASSWORD }}" + sudo: yes + sudo_user: nova + + - name: Create database for nova services + postgresql_db: + name: nova + owner: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: nova + + - name: Initiate nova database + nova_manage: + action: dbsync + sudo: yes + sudo_user: nova diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova.yml deleted file mode 100644 index c1122c60..00000000 --- a/openstack/usr/share/openstack/nova.yml +++ /dev/null @@ -1,102 +0,0 @@ ---- -- hosts: localhost - vars_files: - - "/etc/openstack/nova.conf" - tasks: - - name: Create the nova user. - user: - name: nova - comment: Openstack Nova Daemons - shell: /sbin/nologin - home: /var/lib/nova - groups: libvirt - append: yes - - - name: Create the /var folders for nova - file: - path: "{{ item }}" - state: directory - owner: nova - group: nova - with_items: - - /var/run/nova - - /var/lock/nova - - /var/log/nova - - /var/lib/nova - - /var/lib/nova/instances - - - file: path=/etc/nova state=directory - - name: Add the configuration needed for nova in /etc/nova using templates - template: - src: /usr/share/openstack/nova/{{ item }} - dest: /etc/nova/{{ item }} - with_lines: - - cd /usr/share/openstack/nova && find -type f - - - name: Create nova service user in service tenant - keystone_user: - user: "{{ NOVA_SERVICE_USER }}" - password: "{{ NOVA_SERVICE_PASSWORD }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Assign admin role to nova service user in the service tenant - keystone_user: - role: admin - user: "{{ NOVA_SERVICE_USER }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Add nova endpoint - keystone_service: - name: nova - type: compute - description: Openstack Compute Service - publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' - internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' - adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' - region: 'regionOne' - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Create postgresql user for nova - postgresql_user: - name: "{{ NOVA_DB_USER }}" - login_host: "{{ CONTROLLER_HOST_ADDRESS }}" - password: "{{ NOVA_DB_PASSWORD }}" - sudo: yes - sudo_user: nova - - - name: Create database for nova services - postgresql_db: - name: nova - owner: "{{ NOVA_DB_USER }}" - login_host: "{{ CONTROLLER_HOST_ADDRESS }}" - sudo: yes - sudo_user: nova - - - name: Initiate nova database - nova_manage: - action: dbsync - sudo: yes - sudo_user: nova - - - -# [1] Never enable openstack-nova-conductor service in a node with -# openstack-nova-compute or the security benefits of removing -# database access from nova-compute will be negated -#systemctl start openstack-nova-conductor - - name: Enable and start openstack-nova services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - openstack-nova-api.service - - openstack-nova-cert.service - - openstack-nova-compute.service - - openstack-nova-consoleauth.service - - openstack-nova-novncproxy.service - - openstack-nova-scheduler.service - - openstack-nova-serialproxy.service -# - openstack-nova-conductor.service -- cgit v1.2.1 From 4d37f04a808298da53d720b85ca1bfb0f866e3bc Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Wed, 15 Apr 2015 07:16:42 +0000 Subject: OpenStack: Split Cinder into config, db and lv setup Change-Id: Iae387e39c4a62ef608496d31c748493fa88ce3e1 --- clusters/openstack-installer.morph | 9 ++ openstack-cinder.configure | 57 +++++++- openstack/manifest | 10 +- .../systemd/system/openstack-cinder-api.service | 5 +- .../systemd/system/openstack-cinder-backup.service | 3 +- .../system/openstack-cinder-config-setup.service | 11 ++ .../system/openstack-cinder-db-setup.service | 13 ++ .../system/openstack-cinder-iscsi-setup.service | 12 ++ .../system/openstack-cinder-lv-setup.service | 12 ++ .../system/openstack-cinder-scheduler.service | 3 +- .../systemd/system/openstack-cinder-volume.service | 3 +- openstack/usr/share/openstack/cinder-config.yml | 37 +++++ openstack/usr/share/openstack/cinder-db.yml | 60 ++++++++ openstack/usr/share/openstack/cinder-iscsi.yml | 15 ++ openstack/usr/share/openstack/cinder-lvs.yml | 21 +++ openstack/usr/share/openstack/cinder.yml | 153 --------------------- 16 files changed, 260 insertions(+), 164 deletions(-) create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-config-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-lv-setup.service create mode 100644 openstack/usr/share/openstack/cinder-config.yml create mode 100644 openstack/usr/share/openstack/cinder-db.yml create mode 100644 openstack/usr/share/openstack/cinder-iscsi.yml create mode 100644 openstack/usr/share/openstack/cinder-lvs.yml delete mode 100644 openstack/usr/share/openstack/cinder.yml diff --git a/clusters/openstack-installer.morph b/clusters/openstack-installer.morph index 2f2cbd02..6020b502 100644 --- a/clusters/openstack-installer.morph +++ b/clusters/openstack-installer.morph @@ -65,6 +65,9 @@ systems: NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: False + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False CINDER_SERVICE_USER: cinder CINDER_SERVICE_PASSWORD: veryinsecure CINDER_DB_USER: cinderDB @@ -107,6 +110,9 @@ systems: HOSTNAME: threenode-controller MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: True + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False CINDER_SERVICE_USER: cinder CINDER_SERVICE_PASSWORD: veryinsecure CINDER_DB_USER: cinderDB @@ -140,6 +146,9 @@ systems: HOSTNAME: threenode-compute MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: False + CINDER_ENABLE_COMPUTE: True + CINDER_ENABLE_STORAGE: True CINDER_SERVICE_USER: cinder CINDER_SERVICE_PASSWORD: veryinsecure CINDER_DB_USER: cinderDB diff --git a/openstack-cinder.configure b/openstack-cinder.configure index 0c15bd23..a971dc4c 100644 --- a/openstack-cinder.configure +++ b/openstack-cinder.configure @@ -18,10 +18,10 @@ set -e ROOT="$1" -########################################################################## - -ln -sf "/usr/lib/systemd/system/openstack-cinder-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-cinder-setup.service" +enable(){ + ln -sf "/usr/lib/systemd/system/$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" +} ########################################################################## # Check variables @@ -59,6 +59,55 @@ if [ -z "$RABBITMQ_HOST" -o \ exit 1 fi +# Check optional variables + +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} + +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} + +check_bool CINDER_ENABLE_CONTROLLER +check_bool CINDER_ENABLE_COMPUTE +check_bool CINDER_ENABLE_STORAGE + +###################################### +# Enable relevant openstack services # +###################################### + +if "$CINDER_ENABLE_COMPUTE" || "$CINDER_ENABLE_STORAGE"; then + enable openstack-cinder-iscsi-setup + enable target #target.service! + enable iscsid +fi +if "$CINDER_ENABLE_COMPUTE" || "$CINDER_ENABLE_CONTROLLER"; then + enable openstack-cinder-config-setup +fi +if "$CINDER_ENABLE_STORAGE"; then + enable openstack-cinder-lv-setup + enable lvm2-lvmetad + enable openstack-cinder-volume + enable openstack-cinder-backup + enable openstack-cinder-scheduler +fi +if "$CINDER_ENABLE_CONTROLLER"; then + enable openstack-cinder-db-setup + enable openstack-cinder-api +fi + ########################################################################## # Generate configuration file ########################################################################## diff --git a/openstack/manifest b/openstack/manifest index 3968630c..4dc44b34 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -6,7 +6,10 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts 0040755 0 0 /usr/share/openstack/cinder -0100644 0 0 /usr/share/openstack/cinder.yml +0100644 0 0 /usr/share/openstack/cinder-config.yml +0100644 0 0 /usr/share/openstack/cinder-db.yml +0100644 0 0 /usr/share/openstack/cinder-iscsi.yml +0100644 0 0 /usr/share/openstack/cinder-lvs.yml 0100644 0 0 /usr/share/openstack/cinder/cinder.conf 0100644 0 0 /usr/share/openstack/cinder/api-paste.ini 0100644 0 0 /usr/share/openstack/cinder/policy.json @@ -151,7 +154,10 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/openstack-nova-cert.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-serialproxy.service 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service -0100644 0 0 /usr/lib/systemd/system/openstack-cinder-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-config-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-db-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-iscsi-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-cinder-lv-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service index c863f3f5..d1aaf136 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-api.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -1,7 +1,8 @@ [Unit] Description=OpenStack Volume Service (code-named Cinder) API server -After=syslog.target network-online.target -Wants=network-online.target +ConditionPathExists=/etc/cinder/cinder.conf +After=postgres-server.service network-online.target openstack-cinder-db-setup.service openstack-cinder-config-setup.service +Wants=postgres-server.service network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service index 2f489228..3293f222 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Cinder backup server -After=syslog.target network-online.target +ConditionPathExists=/etc/cinder/cinder.conf +After=network-online.target openstack-cinder-volume.service openstack-cinder-db-setup.service openstack-cinder-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-config-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-config-setup.service new file mode 100644 index 00000000..1c966933 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-config-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run cinder-config-setup Ansible scripts +ConditionPathExists=/etc/openstack/cinder.conf + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder-config.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service new file mode 100644 index 00000000..01a352e4 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -0,0 +1,13 @@ +[Unit] +Description=Run cinder-db-setup Ansible scripts +ConditionPathExists=/etc/cinder/cinder.conf +After=postgres-server.service openstack-cinder-config-setup.service openstack-keystone.service openstack-keystone-setup.service +Wants=postgres-server.service openstack-cinder-config-setup.service openstack-keystone.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder-db.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service new file mode 100644 index 00000000..157f30fc --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Run cinder-iscsi-setup Ansible scripts +Before=iscsid.service target.service +Wants= iscsid.service target.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder-iscsi.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-lv-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-lv-setup.service new file mode 100644 index 00000000..82e9b08d --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-cinder-lv-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Run cinder-lvs-setup Ansible scripts +ConditionPathExists=/etc/openstack/cinder.conf +Wants=lvm2-lvmetad.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder-lvs.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service index 025f1f3c..4de59c10 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Cinder scheduler server -After=syslog.target network-online.target +ConditionPathExists=/etc/cinder/cinder.conf +After=network-online.target openstack-cinder-volume.service openstack-cinder-db-setup.service openstack-cinder-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service index 4a8da9c3..58afd992 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Cinder volume server -After=syslog.target network-online.target +ConditionPathExists=/etc/cinder/cinder.conf +After=network-online.target openstack-cinder-lv-setup.service openstack-cinder-config-setup.service openstack-cinder-db-setup.service lvm2-lvmetad.service iscsid.service target.service Wants=network-online.target [Service] diff --git a/openstack/usr/share/openstack/cinder-config.yml b/openstack/usr/share/openstack/cinder-config.yml new file mode 100644 index 00000000..fd3e2cd0 --- /dev/null +++ b/openstack/usr/share/openstack/cinder-config.yml @@ -0,0 +1,37 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/cinder.conf" + tasks: +# Configure cinder + - name: Create the cinder user. + user: + name: cinder + comment: Openstack Cinder Daemons + shell: /sbin/nologin + home: /var/lib/cinder + + - name: Create the /var folders for cinder + file: + path: "{{ item }}" + state: directory + owner: cinder + group: cinder + with_items: + - /var/run/cinder + - /var/lock/cinder + - /var/log/cinder + - /var/lib/cinder + - /var/lib/cinder/volumes + + - name: Create /etc/cinder directory + file: + path: /etc/cinder + state: directory + + - name: Add the configuration needed for cinder in /etc/cinder using templates + template: + src: /usr/share/openstack/cinder/{{ item }} + dest: /etc/cinder/{{ item }} + with_lines: + - cd /usr/share/openstack/cinder && find -type f diff --git a/openstack/usr/share/openstack/cinder-db.yml b/openstack/usr/share/openstack/cinder-db.yml new file mode 100644 index 00000000..2a211720 --- /dev/null +++ b/openstack/usr/share/openstack/cinder-db.yml @@ -0,0 +1,60 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/cinder.conf" + tasks: + - name: Create cinder service user in service tenant + keystone_user: + user: "{{ CINDER_SERVICE_USER }}" + password: "{{ CINDER_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to cinder service user in the service tenant + keystone_user: + role: admin + user: "{{ CINDER_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add cinder endpoint + keystone_service: + name: cinder + type: volume + description: Openstack Block Storage + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add cinderv2 endpoint + keystone_service: + name: cinderv2 + type: volumev2 + description: Openstack Block Storage + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for cinder + postgresql_user: + name: "{{ CINDER_DB_USER }}" + password: "{{ CINDER_DB_PASSWORD }}" + sudo: yes + sudo_user: cinder + + - name: Create database for cinder services + postgresql_db: + name: cinder + owner: "{{ CINDER_DB_USER }}" + sudo: yes + sudo_user: cinder + + - name: Initiate cinder database + cinder_manage: + action: dbsync + sudo: yes + sudo_user: cinder diff --git a/openstack/usr/share/openstack/cinder-iscsi.yml b/openstack/usr/share/openstack/cinder-iscsi.yml new file mode 100644 index 00000000..b80377ae --- /dev/null +++ b/openstack/usr/share/openstack/cinder-iscsi.yml @@ -0,0 +1,15 @@ +--- +- hosts: localhost + tasks: + - name: Update kernel module dependencies + command: depmod -a + + - name: generate InitiatorName for iscsi + shell: iscsi-iname + register: initiator_name + + - lineinfile: + dest: /etc/iscsi/initiatorname.iscsi + regexp: '^InitiatorName=$' + line: 'InitiatorName={{ initiator_name.stdout }}' + backrefs: yes diff --git a/openstack/usr/share/openstack/cinder-lvs.yml b/openstack/usr/share/openstack/cinder-lvs.yml new file mode 100644 index 00000000..7a91a306 --- /dev/null +++ b/openstack/usr/share/openstack/cinder-lvs.yml @@ -0,0 +1,21 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/cinder.conf" + tasks: + - name: Check that CINDER_DEVICE exists + stat: + path: "{{ CINDER_DEVICE }}" + register: cinder_device_stats + failed_when: cinder_device_stats.stat.exists == false + + - name: Configure LVM group for cinder + lvg: + vg: cinder-volumes + pvs: "{{ CINDER_DEVICE }}" + + - lineinfile: + dest: /etc/lvm/lvm.conf + regexp: '# filter = \[ \"a\/\.\*/\" \]' + line: ' filter = [ "a|{{ CINDER_DEVICE }}|", "r/.*/" ]' + backrefs: yes diff --git a/openstack/usr/share/openstack/cinder.yml b/openstack/usr/share/openstack/cinder.yml deleted file mode 100644 index 29490843..00000000 --- a/openstack/usr/share/openstack/cinder.yml +++ /dev/null @@ -1,153 +0,0 @@ ---- -- hosts: localhost - vars_files: - - "/etc/openstack/cinder.conf" - tasks: - -# Configure iscsid, this can go in a separate script - - name: Update kernel module dependencies - command: depmod -a - - - name: generate InitiatorName for iscsi - shell: iscsi-iname - register: initiator_name - - - lineinfile: - dest: /etc/iscsi/initiatorname.iscsi - regexp: '^InitiatorName=$' - line: 'InitiatorName={{ initiator_name.stdout }}' - backrefs: yes - - - name: Enable and start iscsid - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - iscsid - -# Configure LVM and target for Cinder - - name: Check that CINDER_DEVICE exists - stat: - path: "{{ CINDER_DEVICE }}" - register: cinder_device_stats - failed_when: cinder_device_stats.stat.exists == false - - - name: Configure LVM group for cinder - lvg: - vg: cinder-volumes - pvs: "{{ CINDER_DEVICE }}" - - - lineinfile: - dest: /etc/lvm/lvm.conf - regexp: '# filter = \[ \"a\/\.\*/\" \]' - line: ' filter = [ "a|{{ CINDER_DEVICE }}|", "r/.*/" ]' - backrefs: yes - - - name: Enable and start lvm2-lvmetad and target services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - lvm2-lvmetad - - target - -# Configure cinder - - name: Create the cinder user. - user: - name: cinder - comment: Openstack Cinder Daemons - shell: /sbin/nologin - home: /var/lib/cinder - - - name: Create the /var folders for cinder - file: - path: "{{ item }}" - state: directory - owner: cinder - group: cinder - with_items: - - /var/run/cinder - - /var/lock/cinder - - /var/log/cinder - - /var/lib/cinder - - /var/lib/cinder/volumer - - - name: Create /etc/cinder directory - file: - path: /etc/cinder - state: directory - - - name: Add the configuration needed for cinder in /etc/cinder using templates - template: - src: /usr/share/openstack/cinder/{{ item }} - dest: /etc/cinder/{{ item }} - with_lines: - - cd /usr/share/openstack/cinder && find -type f - - - name: Create cinder service user in service tenant - keystone_user: - user: "{{ CINDER_SERVICE_USER }}" - password: "{{ CINDER_SERVICE_PASSWORD }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Assign admin role to cinder service user in the service tenant - keystone_user: - role: admin - user: "{{ CINDER_SERVICE_USER }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Add cinder endpoint - keystone_service: - name: cinder - type: volume - description: Openstack Block Storage - publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' - internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' - adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v1/%(tenant_id)s' - region: regionOne - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Add cinderv2 endpoint - keystone_service: - name: cinderv2 - type: volumev2 - description: Openstack Block Storage - publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' - internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' - adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8776/v2/%(tenant_id)s' - region: regionOne - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Create postgresql user for cinder - postgresql_user: - name: "{{ CINDER_DB_USER }}" - sudo: yes - sudo_user: cinder - - - name: Create database for cinder services - postgresql_db: - name: cinder - owner: "{{ CINDER_DB_USER }}" - sudo: yes - sudo_user: cinder - - - name: Initiate cinder database - cinder_manage: - action: dbsync - sudo: yes - sudo_user: cinder - - - name: Enable and start openstack-cinder services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - openstack-cinder-api - - openstack-cinder-scheduler - - openstack-cinder-volume - - openstack-cinder-backup -- cgit v1.2.1 From b658fbb518d64d3ff66e1b0f5d6d28d1210dd348 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Fri, 17 Apr 2015 16:18:26 +0100 Subject: openstack-services: Remove cython from here: It's already in core Change-Id: I86415f16f1d03958fe916169b5a76ba066555487 --- strata/openstack-services.morph | 5 ----- 1 file changed, 5 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 45639aad..99e709bc 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -237,16 +237,11 @@ chunks: repo: upstream:python-packages/tempita ref: b2b67795a009e9f825cbd855d766b78a00273f10 unpetrify-ref: 0.5 -- name: cython - repo: upstream:cython - ref: f66e01ff743b6d010245a08b144a94e474f29967 - unpetrify-ref: 0.21.1 - name: numpy repo: upstream:python-packages/numpy.git ref: ac07f6d3e45090b224a7da81708e60a762a65f76 unpetrify-ref: baserock/v1.9.0 build-depends: - - cython - sphinx - name: websockify repo: upstream:python-packages/websockify -- cgit v1.2.1 From 1dfb2680c0025bf9b248adb3cb0a878b1119573b Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Thu, 16 Apr 2015 09:26:36 +0000 Subject: OpenStack: Add example cluster definition for a two node OpenStack Change-Id: Id2e76f31c12178a42488489e320af0ed99b4c7eb --- clusters/openstack-two-node-installer.morph | 185 ++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 clusters/openstack-two-node-installer.morph diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph new file mode 100644 index 00000000..7bec8fd7 --- /dev/null +++ b/clusters/openstack-two-node-installer.morph @@ -0,0 +1,185 @@ +name: openstack-two-node-installer +kind: cluster +description: | + + This is a cluster morphology for deploying an installer for an x86_64 + OpenStack system spread across three nodes. + + This cluster creates disk images that may be `dd`'d onto install media to + produce an OpenStack cluster when instanciated. + + Alternatively it may be used to install directly onto a physical disk by + running: + + morph deploy clusters/openstack-two-node-installer.morph \ + controller-installer controller-installer.location=/dev/vdb + + Substituting contrller-installer for compute-installer will produce + different configurations, and it is possible to substitue /dev/vdb for a + different path to a disk image to install to a different disk image. + + Substitute the values of HOSTNAME, NETWORK_CONFIG, EXTERNAL_INTERFACE, + MANAGEMENT_IP_ADDRESS, CONTROLLER_HOST_ADDRESS, RABBITMQ_HOST and HOSTS_* to + match your hardware and networking configuration. + + Requirements to be able to run and test the system: + + - DISK_SIZE should be bigger than 5G + - The system has to have available at least 4G of RAM, but once + you start instantiating VMs you will need more. + - The IP of the system can't change, and you need to know it beforehand, + that is, the system needs a static IP address. + + This cluster is configurable, but with the following constraints: + + - The hostname in RABBITMQ_HOST has to match CONTROLLER_HOST_ADDRESS, + and HOST_CONTROLLER. + - HOSTS_CONTROLLER is only needed if the hostname (see previous point) + is not a FQDN. + - The IP listed in MANAGEMENT_INTERFACE_IP_ADDRESS has to match the one + used in HOSTS_CONTROLLER. + - CINDER_DEVICE should be a path to a storage device ready to be + used/formated for cinder data. + - EXTERNAL_INTERFACE is required when the system has more than one network + interface. + + You can also have a look at the following suggestions: + + - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the + system is being deployed to. + - We recommend changing all the PASSWORDs variables, also the + KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + - Setting NOVA_BAREMETAL_SCHEDULING with an YAML truth value will configure + Nova to schedule baremetal machines through the Ironic driver, instead of + sheduling virtual machines. + +systems: +- morph: systems/installer-system-x86_64.morph + deploy: + controller-installer: &installer + type: rawdisk + location: installer-openstack-controller-x86_64.img + KERNEL_ARGS: init=/usr/lib/baserock-installer/installer + DISK_SIZE: 6G + HOSTNAME: installer-x86_64 + INSTALLER_TARGET_STORAGE_DEVICE: /dev/sda + INSTALLER_ROOTFS_TO_INSTALL: /rootfs + INSTALLER_POST_INSTALL_COMMAND: 'sync; poweroff -f' + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + controller-initramfs: &initramfs + type: initramfs + location: boot/initramfs.gz + - morph: systems/openstack-system-x86_64.morph + deploy: + controller-to-install: &stack-node + type: sysroot + location: rootfs + INSTALL_FILES: openstack/manifest + INITRAMFS_PATH: boot/initramfs.gz + + HOSTNAME: twonode-controller + + RABBITMQ_HOST: twonode-controller.os-mgmt + RABBITMQ_PORT: 5672 + RABBITMQ_USER: rabbitmq + RABBITMQ_PASSWORD: veryinsecure + + # This token needs to be unique and secret + KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 + KEYSTONE_ADMIN_PASSWORD: veryinsecure + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure + + GLANCE_SERVICE_USER: glance + GLANCE_SERVICE_PASSWORD: veryinsecure + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure + + NOVA_ENABLE_CONTROLLER: True + NOVA_ENABLE_COMPUTE: False + NOVA_SERVICE_USER: nova + NOVA_SERVICE_PASSWORD: veryinsecure + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure + NOVA_VIRT_TYPE: kvm + + CINDER_ENABLE_CONTROLLER: True + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + # Storage device to be used by Cinder + CINDER_DEVICE: /dev/sdb + + NEUTRON_SERVICE_USER: neutron + NEUTRON_SERVICE_PASSWORD: veryinsecure + NEUTRON_DB_USER: neutronDB + NEUTRON_DB_PASSWORD: veryinsecure + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: True + NEUTRON_ENABLE_CONTROLLER: True + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + IRONIC_SERVICE_USER: ironic + IRONIC_SERVICE_PASSWORD: veryinsecure + IRONIC_DB_USER: ironicDB + IRONIC_DB_PASSWORD: veryinsecure + + CONTROLLER_HOST_ADDRESS: twonode-controller.os-mgmt + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 + + HOSTS_SELF: 10.24.1.83 twonode-controller + HOSTS_CONTROL: 10.0.0.1 twonode-controller.os-mgmt + HOSTS_COMPUTE: 10.0.0.3 twonode-compute.os-mgmt + EXTERNAL_INTERFACE: enp3s0 + NETWORK_CONFIG: enp3s0:dhcp;enp2s0:static,address=10.0.0.1,netmask=255.255.255.0 + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + controller-to-install-initramfs: *initramfs +- morph: systems/installer-system-x86_64.morph + deploy: + compute-installer: + <<: *installer + location: installer-openstack-compute-x86_64.img + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + compute-initramfs: *initramfs + - morph: systems/openstack-system-x86_64.morph + deploy: + compute-to-install: + <<: *stack-node + HOSTNAME: twonode-compute + + NOVA_VIRT_TYPE: kvm + NOVA_ENABLE_COMPUTE: True + NOVA_ENABLE_CONTROLLER: False + + CINDER_ENABLE_CONTROLLER: False + CINDER_ENABLE_COMPUTE: True + CINDER_ENABLE_STORAGE: True + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + + NEUTRON_ENABLE_AGENT: True + NEUTRON_ENABLE_MANAGER: False + NEUTRON_ENABLE_CONTROLLER: False + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 + HOSTS_SELF: 10.0.0.3 twonode-compute + EXTERNAL_INTERFACE: eno1 + NETWORK_CONFIG: eno1:dhcp;enp0s29u1u3:static,address=10.0.0.3,netmask=255.255.255.0 + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + compute-to-install-initramfs: *initramfs -- cgit v1.2.1 From cd8260cc5d7537571f68ee5b47c5b0308268e853 Mon Sep 17 00:00:00 2001 From: Patrick Darley Date: Fri, 17 Apr 2015 14:02:25 +0000 Subject: Create chunk morphology for ceilometer Change-Id: Ia5c5afda139f57e1eedbf43c77a114f29f6c726b --- strata/openstack-services.morph | 1 + strata/openstack-services/ceilometer.morph | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 strata/openstack-services/ceilometer.morph diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 99e709bc..1e1f6fae 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -741,6 +741,7 @@ chunks: repo: upstream:openstack/ceilometer ref: 94579bfc81b820380d03703e4e2311b3bd25c022 unpetrify-ref: 2014.2 + morph: strata/openstack-services/ceilometer.morph build-depends: - alembic - anyjson diff --git a/strata/openstack-services/ceilometer.morph b/strata/openstack-services/ceilometer.morph new file mode 100644 index 00000000..7fe0b853 --- /dev/null +++ b/strata/openstack-services/ceilometer.morph @@ -0,0 +1,23 @@ +name: ceilometer +kind: chunk +build-system: python-distutils +post-install-commands: +# Install the configuration files required to +- mkdir -p "$DESTDIR"/etc/ceilometer +- install -D -m 644 etc/ceilometer/*.json "$DESTDIR"/etc/ceilometer +- install -D -m 644 etc/ceilometer/*.yaml "$DESTDIR"/etc/ceilometer +- install -D -m 644 etc/ceilometer/api_paste.ini "DESTDIR"/etc/ceilometer +# Install rootwrap.conf +- install -D -m 640 etc/ceilometer/rootwrap.conf "$DESTDIR"/etc/ceilometer/rootwrap.conf +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/ceilometer/rootwrap.d +- install -D -m 644 etc/ceilometer/rootwrap.d/* "$DESTDIR"/etc/ceilometer/rootwrap.d/ +# Add ceilometer to sudoers controlling which commands will run as a root +# using the openstack rootwrap. +- mkdir -p "$DESTDIR"/etc/sudoers.d +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/ceilometer-rootwrap + Defaults:ceilometer !requiretty + + ceilometer ALL=(root) NOPASSWD: /usr/bin/ceilometer-rootwrap /etc/ceilometer/rootwrap.conf * + EOF -- cgit v1.2.1 From 3505ba2dda17bbc5c2790db129ae7cc50db97f14 Mon Sep 17 00:00:00 2001 From: Patrick Darley Date: Fri, 17 Apr 2015 11:38:46 +0000 Subject: Add default configuration file for ceilometer Obtained from: http://docs.openstack.org/juno/config-reference/content/section_ceilometer.conf.html Change-Id: I0951205b069c07908d24130cc2fa7b3197ff38f4 --- .../usr/share/openstack/ceilometer/ceilometer.conf | 1019 ++++++++++++++++++++ 1 file changed, 1019 insertions(+) create mode 100644 openstack/usr/share/openstack/ceilometer/ceilometer.conf diff --git a/openstack/usr/share/openstack/ceilometer/ceilometer.conf b/openstack/usr/share/openstack/ceilometer/ceilometer.conf new file mode 100644 index 00000000..927379be --- /dev/null +++ b/openstack/usr/share/openstack/ceilometer/ceilometer.conf @@ -0,0 +1,1019 @@ +[DEFAULT] + +# +# Options defined in ceilometer.middleware +# + +# Exchanges name to listen for notifications. (multi valued) +#http_control_exchanges=nova +#http_control_exchanges=glance +#http_control_exchanges=neutron +#http_control_exchanges=cinder + + +# +# Options defined in ceilometer.pipeline +# + +# Configuration file for pipeline definition. (string value) +#pipeline_cfg_file=pipeline.yaml + + +# +# Options defined in ceilometer.sample +# + +# Source for samples emitted on this instance. (string value) +# Deprecated group/name - [DEFAULT]/counter_source +#sample_source=openstack + + +# +# Options defined in ceilometer.service +# + +# Name of this node, which must be valid in an AMQP key. Can +# be an opaque identifier. For ZeroMQ only, must be a valid +# host name, FQDN, or IP address. (string value) +#host=ceilometer + +# Dispatcher to process data. (multi valued) +#dispatcher=database + +# Number of workers for collector service. A single +# collector is enabled by default. (integer value) +#collector_workers=1 + +# Number of workers for notification service. A single +# notification agent is enabled by default. (integer value) +#notification_workers=1 + + +# +# Options defined in ceilometer.api.app +# + +# The strategy to use for auth: noauth or keystone. (string +# value) +#auth_strategy=keystone + +# Deploy the deprecated v1 API. (boolean value) +#enable_v1_api=true + + +# +# Options defined in ceilometer.compute.notifications +# + +# Exchange name for Nova notifications. (string value) +#nova_control_exchange=nova + + +# +# Options defined in ceilometer.compute.util +# + +# List of metadata prefixes reserved for metering use. (list +# value) +#reserved_metadata_namespace=metering. + +# Limit on length of reserved metadata values. (integer value) +#reserved_metadata_length=256 + + +# +# Options defined in ceilometer.compute.virt.inspector +# + +# Inspector to use for inspecting the hypervisor layer. +# (string value) +#hypervisor_inspector=libvirt + + +# +# Options defined in ceilometer.compute.virt.libvirt.inspector +# + +# Libvirt domain type (valid options are: kvm, lxc, qemu, uml, +# xen). (string value) +#libvirt_type=kvm + +# Override the default libvirt URI (which is dependent on +# libvirt_type). (string value) +#libvirt_uri= + + +# +# Options defined in ceilometer.image.notifications +# + +# Exchange name for Glance notifications. (string value) +#glance_control_exchange=glance + + +# +# Options defined in ceilometer.network.notifications +# + +# Exchange name for Neutron notifications. (string value) +# Deprecated group/name - [DEFAULT]/quantum_control_exchange +#neutron_control_exchange=neutron + + +# +# Options defined in ceilometer.objectstore.swift +# + +# Swift reseller prefix. Must be on par with reseller_prefix +# in proxy-server.conf. (string value) +#reseller_prefix=AUTH_ + + +# +# Options defined in ceilometer.openstack.common.db.sqlalchemy.session +# + +# The file name to use with SQLite (string value) +#sqlite_db=ceilometer.sqlite + +# If True, SQLite uses synchronous mode (boolean value) +#sqlite_synchronous=true + + +# +# Options defined in ceilometer.openstack.common.eventlet_backdoor +# + +# Enable eventlet backdoor. Acceptable values are 0, , +# and :, where 0 results in listening on a random +# tcp port number; results in listening on the +# specified port number (and not enabling backdoor if that +# port is in use); and : results in listening on +# the smallest unused port number within the specified range +# of port numbers. The chosen port is displayed in the +# service's log file. (string value) +#backdoor_port= + + +# +# Options defined in ceilometer.openstack.common.lockutils +# + +# Whether to disable inter-process locks. (boolean value) +#disable_process_locking=false + +# Directory to use for lock files. (string value) +#lock_path= + + +# +# Options defined in ceilometer.openstack.common.log +# + +# Print debugging output (set logging level to DEBUG instead +# of default WARNING level). (boolean value) +#debug=false + +# Print more verbose output (set logging level to INFO instead +# of default WARNING level). (boolean value) +#verbose=false + +# Log output to standard error (boolean value) +#use_stderr=true + +# Format string to use for log messages with context (string +# value) +#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s + +# Format string to use for log messages without context +# (string value) +#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s + +# Data to append to log format when level is DEBUG (string +# value) +#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d + +# Prefix each line of exception output with this format +# (string value) +#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s + +# List of logger=LEVEL pairs (list value) +#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN + +# Publish error events (boolean value) +#publish_errors=false + +# Make deprecations fatal (boolean value) +#fatal_deprecations=false + +# If an instance is passed with the log message, format it +# like this (string value) +#instance_format="[instance: %(uuid)s] " + +# If an instance UUID is passed with the log message, format +# it like this (string value) +#instance_uuid_format="[instance: %(uuid)s] " + +# The name of logging configuration file. It does not disable +# existing loggers, but just appends specified logging +# configuration to any other existing logging options. Please +# see the Python logging module documentation for details on +# logging configuration files. (string value) +# Deprecated group/name - [DEFAULT]/log_config +#log_config_append= + +# DEPRECATED. A logging.Formatter log message format string +# which may use any of the available logging.LogRecord +# attributes. This option is deprecated. Please use +# logging_context_format_string and +# logging_default_format_string instead. (string value) +#log_format= + +# Format string for %%(asctime)s in log records. Default: +# %(default)s (string value) +#log_date_format=%Y-%m-%d %H:%M:%S + +# (Optional) Name of log file to output to. If no default is +# set, logging will go to stdout. (string value) +# Deprecated group/name - [DEFAULT]/logfile +#log_file= + +# (Optional) The base directory used for relative --log-file +# paths (string value) +# Deprecated group/name - [DEFAULT]/logdir +#log_dir= + +# Use syslog for logging. Existing syslog format is DEPRECATED +# during I, and then will be changed in J to honor RFC5424 +# (boolean value) +#use_syslog=false + +# (Optional) Use syslog rfc5424 format for logging. If +# enabled, will add APP-NAME (RFC5424) before the MSG part of +# the syslog message. The old format without APP-NAME is +# deprecated in I, and will be removed in J. (boolean value) +#use_syslog_rfc_format=false + +# Syslog facility to receive log lines (string value) +#syslog_log_facility=LOG_USER + + +# +# Options defined in ceilometer.openstack.common.middleware.sizelimit +# + +# The maximum body size per request, in bytes (integer value) +# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size +#max_request_body_size=114688 + + +# +# Options defined in ceilometer.openstack.common.notifier.api +# + +# Driver or drivers to handle sending notifications (multi +# valued) +#notification_driver= + +# Default notification level for outgoing notifications +# (string value) +#default_notification_level=INFO + +# Default publisher_id for outgoing notifications (string +# value) +#default_publisher_id= + + +# +# Options defined in ceilometer.openstack.common.notifier.rpc_notifier +# + +# AMQP topic used for OpenStack notifications (list value) +#notification_topics=notifications + + +# +# Options defined in ceilometer.openstack.common.policy +# + +# JSON file containing policy (string value) +#policy_file=policy.json + +# Rule enforced when requested rule is not found (string +# value) +#policy_default_rule=default + + +# +# Options defined in ceilometer.openstack.common.rpc +# + +# The messaging module to use, defaults to kombu. (string +# value) +#rpc_backend=ceilometer.openstack.common.rpc.impl_kombu + +# Size of RPC thread pool (integer value) +#rpc_thread_pool_size=64 + +# Size of RPC connection pool (integer value) +#rpc_conn_pool_size=30 + +# Seconds to wait for a response from call or multicall +# (integer value) +#rpc_response_timeout=60 + +# Seconds to wait before a cast expires (TTL). Only supported +# by impl_zmq. (integer value) +#rpc_cast_timeout=30 + +# Modules of exceptions that are permitted to be recreated +# upon receiving exception data from an rpc call. (list value) +#allowed_rpc_exception_modules=nova.exception,cinder.exception,exceptions + +# If passed, use a fake RabbitMQ provider (boolean value) +#fake_rabbit=false + +# AMQP exchange to connect to if using RabbitMQ or Qpid +# (string value) +#control_exchange=openstack + + +# +# Options defined in ceilometer.openstack.common.rpc.amqp +# + +# Use durable queues in amqp. (boolean value) +# Deprecated group/name - [DEFAULT]/rabbit_durable_queues +#amqp_durable_queues=false + +# Auto-delete queues in amqp. (boolean value) +#amqp_auto_delete=false + + +# +# Options defined in ceilometer.openstack.common.rpc.impl_kombu +# + +# If SSL is enabled, the SSL version to use. Valid values are +# TLSv1, SSLv23 and SSLv3. SSLv2 might be available on some +# distributions. (string value) +#kombu_ssl_version= + +# SSL key file (valid only if SSL enabled) (string value) +#kombu_ssl_keyfile= + +# SSL cert file (valid only if SSL enabled) (string value) +#kombu_ssl_certfile= + +# SSL certification authority file (valid only if SSL enabled) +# (string value) +#kombu_ssl_ca_certs= + +# The RabbitMQ broker address where a single node is used +# (string value) +#rabbit_host=localhost + +# The RabbitMQ broker port where a single node is used +# (integer value) +#rabbit_port=5672 + +# RabbitMQ HA cluster host:port pairs (list value) +#rabbit_hosts=$rabbit_host:$rabbit_port + +# Connect over SSL for RabbitMQ (boolean value) +#rabbit_use_ssl=false + +# The RabbitMQ userid (string value) +#rabbit_userid=guest + +# The RabbitMQ password (string value) +#rabbit_password=guest + +# The RabbitMQ virtual host (string value) +#rabbit_virtual_host=/ + +# How frequently to retry connecting with RabbitMQ (integer +# value) +#rabbit_retry_interval=1 + +# How long to backoff for between retries when connecting to +# RabbitMQ (integer value) +#rabbit_retry_backoff=2 + +# Maximum number of RabbitMQ connection retries. Default is 0 +# (infinite retry count) (integer value) +#rabbit_max_retries=0 + +# Use HA queues in RabbitMQ (x-ha-policy: all). If you change +# this option, you must wipe the RabbitMQ database. (boolean +# value) +#rabbit_ha_queues=false + + +# +# Options defined in ceilometer.openstack.common.rpc.impl_qpid +# + +# Qpid broker hostname (string value) +#qpid_hostname=localhost + +# Qpid broker port (integer value) +#qpid_port=5672 + +# Qpid HA cluster host:port pairs (list value) +#qpid_hosts=$qpid_hostname:$qpid_port + +# Username for qpid connection (string value) +#qpid_username= + +# Password for qpid connection (string value) +#qpid_password= + +# Space separated list of SASL mechanisms to use for auth +# (string value) +#qpid_sasl_mechanisms= + +# Seconds between connection keepalive heartbeats (integer +# value) +#qpid_heartbeat=60 + +# Transport to use, either 'tcp' or 'ssl' (string value) +#qpid_protocol=tcp + +# Disable Nagle algorithm (boolean value) +#qpid_tcp_nodelay=true + +# The qpid topology version to use. Version 1 is what was +# originally used by impl_qpid. Version 2 includes some +# backwards-incompatible changes that allow broker federation +# to work. Users should update to version 2 when they are +# able to take everything down, as it requires a clean break. +# (integer value) +#qpid_topology_version=1 + + +# +# Options defined in ceilometer.openstack.common.rpc.impl_zmq +# + +# ZeroMQ bind address. Should be a wildcard (*), an ethernet +# interface, or IP. The "host" option should point or resolve +# to this address. (string value) +#rpc_zmq_bind_address=* + +# MatchMaker driver (string value) +#rpc_zmq_matchmaker=ceilometer.openstack.common.rpc.matchmaker.MatchMakerLocalhost + +# ZeroMQ receiver listening port (integer value) +#rpc_zmq_port=9501 + +# Number of ZeroMQ contexts, defaults to 1 (integer value) +#rpc_zmq_contexts=1 + +# Maximum number of ingress messages to locally buffer per +# topic. Default is unlimited. (integer value) +#rpc_zmq_topic_backlog= + +# Directory for holding IPC sockets (string value) +#rpc_zmq_ipc_dir=/var/run/openstack + +# Name of this node. Must be a valid hostname, FQDN, or IP +# address. Must match "host" option, if running Nova. (string +# value) +#rpc_zmq_host=ceilometer + + +# +# Options defined in ceilometer.openstack.common.rpc.matchmaker +# + +# Heartbeat frequency (integer value) +#matchmaker_heartbeat_freq=300 + +# Heartbeat time-to-live. (integer value) +#matchmaker_heartbeat_ttl=600 + + +# +# Options defined in ceilometer.orchestration.notifications +# + +# Exchange name for Heat notifications (string value) +#heat_control_exchange=heat + + +# +# Options defined in ceilometer.storage +# + +# DEPRECATED - Database connection string. (string value) +#database_connection= + + +# +# Options defined in ceilometer.storage.sqlalchemy.models +# + +# MySQL engine to use. (string value) +#mysql_engine=InnoDB + + +# +# Options defined in ceilometer.volume.notifications +# + +# Exchange name for Cinder notifications. (string value) +#cinder_control_exchange=cinder + + +[alarm] + +# +# Options defined in ceilometer.cli +# + +# Class to launch as alarm evaluation service. (string value) +#evaluation_service=ceilometer.alarm.service.SingletonAlarmService + + +# +# Options defined in ceilometer.alarm.notifier.rest +# + +# SSL Client certificate for REST notifier. (string value) +#rest_notifier_certificate_file= + +# SSL Client private key for REST notifier. (string value) +#rest_notifier_certificate_key= + +# Whether to verify the SSL Server certificate when calling +# alarm action. (boolean value) +#rest_notifier_ssl_verify=true + + +# +# Options defined in ceilometer.alarm.rpc +# + +# The topic that ceilometer uses for alarm notifier messages. +# (string value) +#notifier_rpc_topic=alarm_notifier + +# The topic that ceilometer uses for alarm partition +# coordination messages. (string value) +#partition_rpc_topic=alarm_partition_coordination + + +# +# Options defined in ceilometer.alarm.service +# + +# Period of evaluation cycle, should be >= than configured +# pipeline interval for collection of underlying metrics. +# (integer value) +# Deprecated group/name - [alarm]/threshold_evaluation_interval +#evaluation_interval=60 + + +# +# Options defined in ceilometer.api.controllers.v2 +# + +# Record alarm change events. (boolean value) +#record_history=true + + +[api] + +# +# Options defined in ceilometer.api +# + +# The port for the ceilometer API server. (integer value) +# Deprecated group/name - [DEFAULT]/metering_api_port +#port=8777 + +# The listen IP for the ceilometer API server. (string value) +#host=0.0.0.0 + + +[collector] + +# +# Options defined in ceilometer.collector +# + +# Address to which the UDP socket is bound. Set to an empty +# string to disable. (string value) +#udp_address=0.0.0.0 + +# Port to which the UDP socket is bound. (integer value) +#udp_port=4952 + + +[database] + +# +# Options defined in ceilometer.openstack.common.db.api +# + +# The backend to use for db (string value) +# Deprecated group/name - [DEFAULT]/db_backend +#backend=sqlalchemy + + +# +# Options defined in ceilometer.openstack.common.db.sqlalchemy.session +# + +# The SQLAlchemy connection string used to connect to the +# database (string value) +# Deprecated group/name - [DEFAULT]/sql_connection +# Deprecated group/name - [DATABASE]/sql_connection +# Deprecated group/name - [sql]/connection +#connection=sqlite:////ceilometer/openstack/common/db/$sqlite_db + +# The SQLAlchemy connection string used to connect to the +# slave database (string value) +#slave_connection= + +# Timeout before idle sql connections are reaped (integer +# value) +# Deprecated group/name - [DEFAULT]/sql_idle_timeout +# Deprecated group/name - [DATABASE]/sql_idle_timeout +# Deprecated group/name - [sql]/idle_timeout +#idle_timeout=3600 + +# Minimum number of SQL connections to keep open in a pool +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_min_pool_size +# Deprecated group/name - [DATABASE]/sql_min_pool_size +#min_pool_size=1 + +# Maximum number of SQL connections to keep open in a pool +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_pool_size +# Deprecated group/name - [DATABASE]/sql_max_pool_size +#max_pool_size= + +# Maximum db connection retries during startup. (setting -1 +# implies an infinite retry count) (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_retries +# Deprecated group/name - [DATABASE]/sql_max_retries +#max_retries=10 + +# Interval between retries of opening a sql connection +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_retry_interval +# Deprecated group/name - [DATABASE]/reconnect_interval +#retry_interval=10 + +# If set, use this value for max_overflow with sqlalchemy +# (integer value) +# Deprecated group/name - [DEFAULT]/sql_max_overflow +# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow +#max_overflow= + +# Verbosity of SQL debugging information. 0=None, +# 100=Everything (integer value) +# Deprecated group/name - [DEFAULT]/sql_connection_debug +#connection_debug=0 + +# Add python stack traces to SQL as comment strings (boolean +# value) +# Deprecated group/name - [DEFAULT]/sql_connection_trace +#connection_trace=false + +# If set, use this value for pool_timeout with sqlalchemy +# (integer value) +# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout +#pool_timeout= + + +# +# Options defined in ceilometer.storage +# + +# Number of seconds that samples are kept in the database for +# (<= 0 means forever). (integer value) +#time_to_live=-1 + + +[dispatcher_file] + +# +# Options defined in ceilometer.dispatcher.file +# + +# Name and the location of the file to record meters. (string +# value) +#file_path= + +# The max size of the file. (integer value) +#max_bytes=0 + +# The max number of the files to keep. (integer value) +#backup_count=0 + + +[event] + +# +# Options defined in ceilometer.event.converter +# + +# Configuration file for event definitions. (string value) +#definitions_cfg_file=event_definitions.yaml + +# Drop notifications if no event definition matches. +# (Otherwise, we convert them with just the default traits) +# (boolean value) +#drop_unmatched_notifications=false + + +[keystone_authtoken] + +# +# Options defined in keystoneclient.middleware.auth_token +# + +# Prefix to prepend at the beginning of the path (string +# value) +#auth_admin_prefix= + +# Host providing the admin Identity API endpoint (string +# value) +#auth_host=127.0.0.1 + +# Port of the admin Identity API endpoint (integer value) +#auth_port=35357 + +# Protocol of the admin Identity API endpoint(http or https) +# (string value) +#auth_protocol=https + +# Complete public Identity API endpoint (string value) +#auth_uri= + +# API version of the admin Identity API endpoint (string +# value) +#auth_version= + +# Do not handle authorization requests within the middleware, +# but delegate the authorization decision to downstream WSGI +# components (boolean value) +#delay_auth_decision=false + +# Request timeout value for communicating with Identity API +# server. (boolean value) +#http_connect_timeout= + +# How many times are we trying to reconnect when communicating +# with Identity API Server. (integer value) +#http_request_max_retries=3 + +# Allows to pass in the name of a fake http_handler callback +# function used instead of httplib.HTTPConnection or +# httplib.HTTPSConnection. Useful for unit testing where +# network is not available. (string value) +#http_handler= + +# Single shared secret with the Keystone configuration used +# for bootstrapping a Keystone installation, or otherwise +# bypassing the normal authentication process. (string value) +#admin_token= + +# Keystone account username (string value) +#admin_user= + +# Keystone account password (string value) +#admin_password= + +# Keystone service account tenant name to validate user tokens +# (string value) +#admin_tenant_name=admin + +# Env key for the swift cache (string value) +#cache= + +# Required if Keystone server requires client certificate +# (string value) +#certfile= + +# Required if Keystone server requires client certificate +# (string value) +#keyfile= + +# A PEM encoded Certificate Authority to use when verifying +# HTTPS connections. Defaults to system CAs. (string value) +#cafile= + +# Verify HTTPS connections. (boolean value) +#insecure=false + +# Directory used to cache files related to PKI tokens (string +# value) +#signing_dir= + +# If defined, the memcache server(s) to use for caching (list +# value) +# Deprecated group/name - [DEFAULT]/memcache_servers +#memcached_servers= + +# In order to prevent excessive requests and validations, the +# middleware uses an in-memory cache for the tokens the +# Keystone API returns. This is only valid if memcache_servers +# is defined. Set to -1 to disable caching completely. +# (integer value) +#token_cache_time=300 + +# Value only used for unit testing (integer value) +#revocation_cache_time=1 + +# (optional) if defined, indicate whether token data should be +# authenticated or authenticated and encrypted. Acceptable +# values are MAC or ENCRYPT. If MAC, token data is +# authenticated (with HMAC) in the cache. If ENCRYPT, token +# data is encrypted and authenticated in the cache. If the +# value is not one of these options or empty, auth_token will +# raise an exception on initialization. (string value) +#memcache_security_strategy= + +# (optional, mandatory if memcache_security_strategy is +# defined) this string is used for key derivation. (string +# value) +#memcache_secret_key= + +# (optional) indicate whether to set the X-Service-Catalog +# header. If False, middleware will not ask for service +# catalog on token validation and will not set the X-Service- +# Catalog header. (boolean value) +#include_service_catalog=true + +# Used to control the use and type of token binding. Can be +# set to: "disabled" to not check token binding. "permissive" +# (default) to validate binding information if the bind type +# is of a form known to the server and ignore it if not. +# "strict" like "permissive" but if the bind type is unknown +# the token will be rejected. "required" any form of token +# binding is needed to be allowed. Finally the name of a +# binding method that must be present in tokens. (string +# value) +#enforce_token_bind=permissive + + +[matchmaker_redis] + +# +# Options defined in ceilometer.openstack.common.rpc.matchmaker_redis +# + +# Host to locate redis (string value) +#host=127.0.0.1 + +# Use this port to connect to redis host. (integer value) +#port=6379 + +# Password for Redis server. (optional) (string value) +#password= + + +[matchmaker_ring] + +# +# Options defined in ceilometer.openstack.common.rpc.matchmaker_ring +# + +# Matchmaker ring file (JSON) (string value) +# Deprecated group/name - [DEFAULT]/matchmaker_ringfile +#ringfile=/etc/oslo/matchmaker_ring.json + + +[notification] + +# +# Options defined in ceilometer.notification +# + +# Acknowledge message when event persistence fails. (boolean +# value) +#ack_on_event_error=true + +# Save event details. (boolean value) +#store_events=false + + +[publisher] + +# +# Options defined in ceilometer.publisher.utils +# + +# Secret value for signing metering messages. (string value) +# Deprecated group/name - [DEFAULT]/metering_secret +# Deprecated group/name - [publisher_rpc]/metering_secret +#metering_secret=change this or be hacked + + +[publisher_rpc] + +# +# Options defined in ceilometer.publisher.rpc +# + +# The topic that ceilometer uses for metering messages. +# (string value) +#metering_topic=metering + + +[rpc_notifier2] + +# +# Options defined in ceilometer.openstack.common.notifier.rpc_notifier2 +# + +# AMQP topic(s) used for OpenStack notifications (list value) +#topics=notifications + + +[service_credentials] + +# +# Options defined in ceilometer.service +# + +# User name to use for OpenStack service access. (string +# value) +#os_username=ceilometer + +# Password to use for OpenStack service access. (string value) +#os_password=admin + +# Tenant ID to use for OpenStack service access. (string +# value) +#os_tenant_id= + +# Tenant name to use for OpenStack service access. (string +# value) +#os_tenant_name=admin + +# Certificate chain for SSL validation. (string value) +#os_cacert= + +# Auth URL to use for OpenStack service access. (string value) +#os_auth_url=http://localhost:5000/v2.0 + +# Region name to use for OpenStack service endpoints. (string +# value) +#os_region_name= + +# Type of endpoint in Identity service catalog to use for +# communication with OpenStack services. (string value) +#os_endpoint_type=publicURL + +# Disables X.509 certificate validation when an SSL connection +# to Identity Service is established. (boolean value) +#insecure=false + + +[ssl] + +# +# Options defined in ceilometer.openstack.common.sslutils +# + +# CA certificate file to use to verify connecting clients +# (string value) +#ca_file= + +# Certificate file to use when starting the server securely +# (string value) +#cert_file= + +# Private key file to use when starting the server securely +# (string value) +#key_file= + + +[vmware] + +# +# Options defined in ceilometer.compute.virt.vmware.inspector +# + +# IP address of the VMware Vsphere host (string value) +#host_ip= + +# Username of VMware Vsphere (string value) +#host_username= + +# Password of VMware Vsphere (string value) +#host_password= + +# Number of times a VMware Vsphere API must be retried +# (integer value) +#api_retry_count=10 + +# Sleep time in seconds for polling an ongoing async task +# (floating point value) +#task_poll_interval=0.5 -- cgit v1.2.1 From 63c135ee31fa870650039bc7657c54b028fa7f70 Mon Sep 17 00:00:00 2001 From: Patrick Darley Date: Fri, 17 Apr 2015 14:10:53 +0000 Subject: Openstack: Make Ceilometer configurable This commit configures ceilometer to integrate with Keystone, Glance, Cinder and Nova. Change-Id: I19e8580de87858033ce1c2caf86a828d6377bb91 --- clusters/openstack-one-node.morph | 6 ++ openstack-ceilometer.configure | 82 +++++++++++++++++++ openstack/manifest | 11 +++ .../openstack-ceilometer-alarm-evaluator.service | 12 +++ .../openstack-ceilometer-alarm-notifier.service | 12 +++ .../system/openstack-ceilometer-api.service | 12 +++ .../system/openstack-ceilometer-central.service | 12 +++ .../system/openstack-ceilometer-collector.service | 12 +++ .../system/openstack-ceilometer-compute.service | 12 +++ .../openstack-ceilometer-notification.service | 12 +++ .../system/openstack-ceilometer-setup.service | 10 +++ openstack/usr/share/openstack/ceilometer.yml | 95 ++++++++++++++++++++++ .../usr/share/openstack/ceilometer/ceilometer.conf | 56 +++++++------ openstack/usr/share/openstack/cinder/cinder.conf | 4 +- .../usr/share/openstack/glance/glance-api.conf | 2 +- .../share/openstack/glance/glance-registry.conf | 15 ++-- openstack/usr/share/openstack/nova/nova.conf | 8 +- systems/openstack-system-x86_64.morph | 1 + 18 files changed, 333 insertions(+), 41 deletions(-) create mode 100644 openstack-ceilometer.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-central.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service create mode 100644 openstack/usr/share/openstack/ceilometer.yml diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index 0702ed28..c18223db 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -90,6 +90,12 @@ systems: IRONIC_DB_USER: ironicDB IRONIC_DB_PASSWORD: veryinsecure + CEILOMETER_SERVICE_USER: ceilometer + CEILOMETER_SERVICE_PASSWORD: veryinsecure + CEILOMETER_DB_USER: ceilometerDB + CEILOMETER_DB_PASSWORD: veryinsecure + METERING_SECRET: insecureceilometersecret + HOSTS_CONTROLLER: onenode # Network interface to be used, only needed if there are more diff --git a/openstack-ceilometer.configure b/openstack-ceilometer.configure new file mode 100644 index 00000000..b8ed7eab --- /dev/null +++ b/openstack-ceilometer.configure @@ -0,0 +1,82 @@ +#!/bin/sh + +# Copyright (C) 2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -e + +ROOT="$1" + +########################################################################## + +ln -s "/usr/lib/systemd/system/openstack-ceilometer-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-ceilometer-setup.service" + +########################################################################## +# Check variables +########################################################################## + +if [ -z "$CEILOMETER_SERVICE_USER" -a \ + -z "$CEILOMETER_SERVICE_PASSWORD" -a \ + -z "$CEILOMETER_DB_USER" -a \ + -z "$CEILOMETER_DB_PASSWORD" -a \ + -z "$METERING_SECRET" ]; then + # No Ceilometer options defined, do nothing. + exit 0 +fi + +if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$CEILOMETER_SERVICE_USER" -o \ + -z "$CEILOMETER_SERVICE_PASSWORD" -o \ + -z "$CEILOMETER_DB_USER" -o \ + -z "$CEILOMETER_DB_PASSWORD" -o \ + -z "$METERING_SECRET" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$CONTROLLER_HOST_ADDRESS" ]; then + echo Some options required for Ceilometer were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/ceilometer.conf" +import os, sys, yaml + +ceilometer_configuration={ + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + 'CEILOMETER_SERVICE_PASSWORD': os.environ['CEILOMETER_SERVICE_PASSWORD'], + 'CEILOMETER_SERVICE_USER': os.environ['CEILOMETER_SERVICE_USER'], + 'CEILOMETER_DB_USER': os.environ['CEILOMETER_DB_USER'], + 'CEILOMETER_DB_PASSWORD': os.environ['CEILOMETER_DB_PASSWORD'], + 'METERING_SECRET': os.environ['METERING_SECRET'], + 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], +} + +yaml.dump(ceilometer_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 4dc44b34..78b030bb 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -5,6 +5,9 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts +0040755 0 0 /usr/share/openstack/ceilometer +0100644 0 0 /usr/share/openstack/ceilometer.yml +0100644 0 0 /usr/share/openstack/ceilometer/ceilometer.conf 0040755 0 0 /usr/share/openstack/cinder 0100644 0 0 /usr/share/openstack/cinder-config.yml 0100644 0 0 /usr/share/openstack/cinder-db.yml @@ -162,6 +165,14 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-backup.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-central.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-collector.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-compute.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-notification.service 0100644 0 0 /usr/lib/systemd/system/openvswitch-setup.service 0100644 0 0 /usr/lib/systemd/system/openvswitch-db-server.service 0100644 0 0 /usr/lib/systemd/system/openvswitch.service diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service new file mode 100644 index 00000000..1976417c --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer alarm evaluation service +After=syslog.target network-online.target openstack-ceilometer-setup.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-alarm-evaluator --logfile /var/log/ceilometer/alarm-evaluator.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service new file mode 100644 index 00000000..070d063d --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer alarm notification service +After=syslog.target network-online.target openstack-ceilometer-setup.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-alarm-notifier --logfile /var/log/ceilometer/alarm-notifier.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service new file mode 100644 index 00000000..3981553b --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer API service +After=syslog.target network-online.target openstack-ceilometer-setup.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-api --logfile /var/log/ceilometer/api.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service new file mode 100644 index 00000000..9defb885 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer central agent +After=syslog.target network-online.target openstack-ceilometer-collector.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-agent-central --logfile /var/log/ceilometer/central.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service new file mode 100644 index 00000000..c7171451 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer collection service +After=syslog.target network-online.target openstack-ceilometer-setup.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-collector --logfile /var/log/ceilometer/collector.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service new file mode 100644 index 00000000..b321c576 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer compute agent +After=syslog.target network-online.target openstack-ceilometer-collector.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-agent-compute --logfile /var/log/ceilometer/compute.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service new file mode 100644 index 00000000..db723923 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack ceilometer notification agent +After=syslog.target network-online.target openstack-ceilometer-collector.service +Wants=network-online.target + +[Service] +Type=simple +User=ceilometer +ExecStart=/usr/bin/ceilometer-agent-notification --logfile /var/log/ceilometer/agent-notification.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service new file mode 100644 index 00000000..9936c822 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run ceilometer-setup Ansible scripts +After=local-fs.target openstack-keystone-setup.service postgres-server.service openstack-cinder-setup.service openstack-nova-setup.service openstack-neutron-setup.service openstack-glance-setup.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ceilometer.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/ceilometer.yml b/openstack/usr/share/openstack/ceilometer.yml new file mode 100644 index 00000000..33a29a89 --- /dev/null +++ b/openstack/usr/share/openstack/ceilometer.yml @@ -0,0 +1,95 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/ceilometer.conf" + tasks: + - name: Create the ceilometer user. + user: + name: ceilometer + comment: Openstack Ceilometer Daemons + shell: /sbin/nologin + home: /var/lib/ceilometer + + - name: Create the /var folders for ceilometer + file: + path: "{{ item }}" + state: directory + owner: ceilometer + group: ceilometer + with_items: + - /var/run/ceilometer + - /var/lock/ceilometer + - /var/log/ceilometer + - /var/lib/ceilometer + + - name: Create /etc/ceilometer directory + file: + path: /etc/ceilometer + state: directory + + - name: Add the configuration needed for ceilometer in /etc/ceilometer using templates + template: + src: /usr/share/openstack/ceilometer/{{ item }} + dest: /etc/ceilometer/{{ item }} + with_lines: + - cd /usr/share/openstack/ceilometer && find -type f + + - name: Create ceilometer service user in service tenant + keystone_user: + user: "{{ CEILOMETER_SERVICE_USER }}" + password: "{{ CEILOMETER_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to ceilometers service user in the service tenant + keystone_user: + role: admin + user: "{{ CEILOMETER_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add ceilometer endpoint + keystone_service: + name: ceilometer + type: metering + description: Openstack Metering Service + publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 + internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 + adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for ceilometer + postgresql_user: + name: "{{ CEILOMETER_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ CEILOMETER_DB_PASSWORD }}" + sudo: yes + sudo_user: ceilometer + + - name: Create database for ceilometer services + postgresql_db: + name: ceilometer + owner: "{{ CEILOMETER_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: ceilometer + + - name: Initiate ceilometer database + command: ceilometer-dbsync + sudo: yes + sudo_user: ceilometer + + - name: Enable and start openstack-ceilometer services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-ceilometer-api.service + - openstack-ceilometer-alarm-evaluator.service + - openstack-ceilometer-alarm-notifier.service + - openstack-ceilometer-central.service + - openstack-ceilometer-collector.service + - openstack-ceilometer-compute.service + - openstack-ceilometer-notification.service diff --git a/openstack/usr/share/openstack/ceilometer/ceilometer.conf b/openstack/usr/share/openstack/ceilometer/ceilometer.conf index 927379be..b572d40f 100644 --- a/openstack/usr/share/openstack/ceilometer/ceilometer.conf +++ b/openstack/usr/share/openstack/ceilometer/ceilometer.conf @@ -55,7 +55,7 @@ # The strategy to use for auth: noauth or keystone. (string # value) -#auth_strategy=keystone +auth_strategy=keystone # Deploy the deprecated v1 API. (boolean value) #enable_v1_api=true @@ -202,7 +202,7 @@ # Publish error events (boolean value) #publish_errors=false - + # Make deprecations fatal (boolean value) #fatal_deprecations=false @@ -246,7 +246,7 @@ # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and then will be changed in J to honor RFC5424 # (boolean value) -#use_syslog=false +use_syslog=true # (Optional) Use syslog rfc5424 format for logging. If # enabled, will add APP-NAME (RFC5424) before the MSG part of @@ -310,7 +310,7 @@ # The messaging module to use, defaults to kombu. (string # value) -#rpc_backend=ceilometer.openstack.common.rpc.impl_kombu +rpc_backend=rabbit # Size of RPC thread pool (integer value) #rpc_thread_pool_size=64 @@ -371,26 +371,28 @@ # The RabbitMQ broker address where a single node is used # (string value) -#rabbit_host=localhost +rabbit_host = {{ RABBITMQ_HOST }} + # The RabbitMQ broker port where a single node is used # (integer value) -#rabbit_port=5672 +rabbit_port= {{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs (list value) #rabbit_hosts=$rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ (boolean value) -#rabbit_use_ssl=false +rabbit_use_ssl=false # The RabbitMQ userid (string value) -#rabbit_userid=guest +rabbit_userid= {{ RABBITMQ_USER }} # The RabbitMQ password (string value) -#rabbit_password=guest +rabbit_password = {{ RABBITMQ_PASSWORD }} + # The RabbitMQ virtual host (string value) -#rabbit_virtual_host=/ +rabbit_virtual_host=/ # How frequently to retry connecting with RabbitMQ (integer # value) @@ -523,7 +525,7 @@ # # Exchange name for Cinder notifications. (string value) -#cinder_control_exchange=cinder +cinder_control_exchange=cinder [alarm] @@ -631,8 +633,8 @@ # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection -#connection=sqlite:////ceilometer/openstack/common/db/$sqlite_db - +connection=postgresql://{{ CEILOMETER_DB_USER }}:{{ CEILOMETER_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/ceilometer + # The SQLAlchemy connection string used to connect to the # slave database (string value) #slave_connection= @@ -753,7 +755,9 @@ #auth_protocol=https # Complete public Identity API endpoint (string value) -#auth_uri= +auth_uri= http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 +identity_uri = http://{{ CONTROLLER_HOST_ADDRESS }}:35357 + # API version of the admin Identity API endpoint (string # value) @@ -784,14 +788,14 @@ #admin_token= # Keystone account username (string value) -#admin_user= +admin_user = {{ CEILOMETER_SERVICE_USER }} # Keystone account password (string value) -#admin_password= +admin_password = {{ CEILOMETER_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) -#admin_tenant_name=admin +admin_tenant_name = service # Env key for the swift cache (string value) #cache= @@ -912,8 +916,8 @@ # Secret value for signing metering messages. (string value) # Deprecated group/name - [DEFAULT]/metering_secret # Deprecated group/name - [publisher_rpc]/metering_secret -#metering_secret=change this or be hacked - +# It should be set to some random value +metering_secret = {{ METERING_SECRET }} [publisher_rpc] @@ -944,10 +948,10 @@ # User name to use for OpenStack service access. (string # value) -#os_username=ceilometer +os_username = {{ CEILOMETER_SERVICE_USER }} # Password to use for OpenStack service access. (string value) -#os_password=admin +os_password = {{ CEILOMETER_SERVICE_PASSWORD }} # Tenant ID to use for OpenStack service access. (string # value) @@ -955,21 +959,21 @@ # Tenant name to use for OpenStack service access. (string # value) -#os_tenant_name=admin +os_tenant_name = service # Certificate chain for SSL validation. (string value) #os_cacert= # Auth URL to use for OpenStack service access. (string value) -#os_auth_url=http://localhost:5000/v2.0 - +os_auth_url = http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 + # Region name to use for OpenStack service endpoints. (string # value) -#os_region_name= +os_region_name=regionOne # Type of endpoint in Identity service catalog to use for # communication with OpenStack services. (string value) -#os_endpoint_type=publicURL +os_endpoint_type=internalURL # Disables X.509 certificate validation when an SSL connection # to Identity Service is established. (boolean value) diff --git a/openstack/usr/share/openstack/cinder/cinder.conf b/openstack/usr/share/openstack/cinder/cinder.conf index 1ca21082..a58004b5 100644 --- a/openstack/usr/share/openstack/cinder/cinder.conf +++ b/openstack/usr/share/openstack/cinder/cinder.conf @@ -162,7 +162,7 @@ rabbit_password={{ RABBITMQ_PASSWORD }} # Driver or drivers to handle sending notifications. (multi # valued) -#notification_driver= +notification_driver=messagingv2 # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics @@ -183,7 +183,7 @@ rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the # transport_url option. (string value) -#control_exchange=openstack +control_exchange=cinder # diff --git a/openstack/usr/share/openstack/glance/glance-api.conf b/openstack/usr/share/openstack/glance/glance-api.conf index 675062a6..39257a6d 100644 --- a/openstack/usr/share/openstack/glance/glance-api.conf +++ b/openstack/usr/share/openstack/glance/glance-api.conf @@ -207,7 +207,7 @@ registry_client_protocol = http # Driver or drivers to handle sending notifications. Set to # 'messaging' to send notifications to a message queue. -# notification_driver = noop +notification_driver = messagingv2 # Default publisher_id for outgoing notifications. # default_publisher_id = image.localhost diff --git a/openstack/usr/share/openstack/glance/glance-registry.conf b/openstack/usr/share/openstack/glance/glance-registry.conf index e663148d..302f4138 100644 --- a/openstack/usr/share/openstack/glance/glance-registry.conf +++ b/openstack/usr/share/openstack/glance/glance-registry.conf @@ -82,21 +82,20 @@ use_syslog = True # Driver or drivers to handle sending notifications. Set to # 'messaging' to send notifications to a message queue. -# notification_driver = noop +notification_driver = messagingv2 # Default publisher_id for outgoing notifications. # default_publisher_id = image.localhost # Messaging driver used for 'messaging' notifications driver -# rpc_backend = 'rabbit' +rpc_backend=rabbit -# Configuration options if sending notifications via rabbitmq (these are -# the defaults) -rabbit_host = localhost -rabbit_port = 5672 +# Configuration options if sending notifications via rabbitmq +rabbit_host = {{ RABBITMQ_HOST }} +rabbit_port = {{ RABBITMQ_PORT }} rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = guest +rabbit_userid = {{ RABBITMQ_USER }} +rabbit_password = {{ RABBITMQ_PASSWORD }} rabbit_virtual_host = / rabbit_notification_exchange = glance rabbit_notification_topic = notifications diff --git a/openstack/usr/share/openstack/nova/nova.conf b/openstack/usr/share/openstack/nova/nova.conf index 6e49b4cc..43343cdd 100644 --- a/openstack/usr/share/openstack/nova/nova.conf +++ b/openstack/usr/share/openstack/nova/nova.conf @@ -161,7 +161,7 @@ rabbit_password={{ RABBITMQ_PASSWORD }} # Driver or drivers to handle sending notifications. (multi # valued) -#notification_driver= +notification_driver=messagingv2 # AMQP topic used for OpenStack notifications. (list value) # Deprecated group/name - [rpc_notifier2]/topics @@ -262,7 +262,7 @@ my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # notifications, "vm_state" for notifications on VM state # changes, or "vm_and_task_state" for notifications on VM and # task state changes. (string value) -#notify_on_state_change= +notify_on_state_change=vm_and_task_state # If set, send api.fault notifications on caught exceptions in # the API service. (boolean value) @@ -466,7 +466,7 @@ compute_manager={{ COMPUTE_MANAGER }} # Time period to generate instance usages for. Time period # must be hour, day, month or year (string value) -#instance_usage_audit_period=month +instance_usage_audit_period=hour # Path to the rootwrap configuration file to use for running # commands as root (string value) @@ -847,7 +847,7 @@ osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions # Generate periodic compute.instance.exists notifications # (boolean value) -#instance_usage_audit=false +instance_usage_audit=True # Number of 1 second retries needed in live_migration (integer # value) diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 61b81674..ecd99cc7 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -69,5 +69,6 @@ configuration-extensions: - openstack-nova - openstack-network - openstack-neutron +- openstack-ceilometer - fstab - openstack-ironic -- cgit v1.2.1 From 1dc8ee2a80e041968b20053fc629f9803afc2924 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 17 Apr 2015 16:38:29 +0000 Subject: OpenStack: Don't enable baremetal scheduling by default Change-Id: Ia100ffa9034fb96283cea6ee208bd1d29999c738 --- clusters/openstack-one-node.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index c18223db..673c5a42 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -70,7 +70,7 @@ systems: NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: qemu - NOVA_BAREMETAL_SCHEDULING: yes + #NOVA_BAREMETAL_SCHEDULING: no CINDER_SERVICE_USER: cinder CINDER_SERVICE_PASSWORD: veryinsecure -- cgit v1.2.1 From 3c433d81ef86c3a0195843ab8423ac3ae11e887b Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:04 +0100 Subject: kernel: Enable LVM snapshot capability commit 1206418de0dc0292566b9b27175a75539662f2f4 Author: Sam Thursfield Date: Wed Mar 18 17:51:12 2015 +0000 kernel: Enable LVM snapshot capability I want to use LVM snapshots for taking backups of data volumes in our infrastructure systems. Change-Id: I369d9ddb59c7c05a4d6a54fa22bf5b5103f8d20f --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 1 + 1 file changed, 1 insertion(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 40dd37ce..2a00e1d0 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -36,6 +36,7 @@ configure-commands: - scripts/config -d BLK_DEV_CRYPTOLOOP - scripts/config -e CEPH_FS - scripts/config --set-val BLK_DEV_LOOP_MIN_COUNT 8 +- scripts/config -e DM_SNAPSHOT - scripts/config -e VIRTIO - scripts/config -e VIRTIO_RING - scripts/config -e VIRTIO_PCI -- cgit v1.2.1 From 2aaf56c0a72f549c38d58376c77184098b3ec3bb Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:04 +0100 Subject: Rename NAT kernel configuration item commit 068b1b2d268faa963e851696bafde5abc653a2d2 Author: Francisco Redondo Marchena Date: Thu Feb 12 13:39:46 2015 +0000 Rename NAT kernel configuration item CONFIG_NF_NAT_IPV4 is known as CONFIG_IP_NF_NAT in 3.17 kernels onwards. Change-Id: Ie1c0ed80c56f92d49f3be271e4c017d0a8d3dc2e --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 2a00e1d0..3f366650 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -64,7 +64,7 @@ configure-commands: - scripts/config -e BRIDGE - scripts/config -e VHOST_NET - scripts/config -e NF_NAT -- scripts/config -e NF_NAT_IPV4 +- scripts/config -e IP_NF_NAT - scripts/config -e IP_NF_TARGET_MASQUERADE - scripts/config -e FB_VESA - scripts/config -e HOTPLUG_PCI -- cgit v1.2.1 From 3a9e61f890ecdc14f7c857af599a2f803c933462 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:04 +0100 Subject: Enable xfs support in kernels commit eb1f469cd1ddaab243c189f3b89493592f2a87b7 Author: Patrick Darley Date: Wed Feb 25 12:44:33 2015 +0000 Enable xfs support in kernels Change-Id: Ifb37ebb76df0f1fe8d5fa8df40767c6823d89414 --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 2 ++ 1 file changed, 2 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 3f366650..7a25ae3c 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -30,6 +30,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e XFS_FS +- scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP -- cgit v1.2.1 From 67b981f7d23c729169355c92426cc662836152a8 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable Network Block Device support in kernels commit 85a4cd8cad508a725b916c539bfff25e7d271954 Author: Francisco Redondo Marchena Date: Thu Feb 12 14:09:21 2015 +0000 Enable Network Block Device support in kernels Change-Id: I54b56741f78d98d35b7d54f8261dfe3bc0f936fe --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 1 + 1 file changed, 1 insertion(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 7a25ae3c..e0d0d24c 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -74,6 +74,7 @@ configure-commands: - scripts/config -e VLAN_8021Q - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e IPV6 +- scripts/config -e BLK_DEV_NBD # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 077cbe2ba2b4956058ac751fe332abbfc184c962 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable ebtables in kernels commit c0815dcce13b32390a7b63ad32010c1b76d59c1f Author: Francisco Redondo Marchena Date: Thu Feb 12 14:12:49 2015 +0000 Enable ebtables in kernels These modules are needed for ebtables and netfilter. Change-Id: I9dced77c5895a749f7df65b6991f63f1b7ad8047 --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index e0d0d24c..f16f196b 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -75,6 +75,10 @@ configure-commands: - scripts/config -e BRIDGE_VLAN_FILTERING - scripts/config -e IPV6 - scripts/config -e BLK_DEV_NBD +- scripts/config -e BRIDGE_NF_EBTABLES +- scripts/config -e NETFILTER +- scripts/config -e NETFILTER_ADVANCED +- scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 46acf5df51e61af0cefc640f24ba29f7eb726846 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable Open vSwitch kernel support commit a9b03973f1b02740e32deea80a67b87c6c0c3906 Author: Francisco Redondo Marchena Date: Thu Feb 12 14:20:48 2015 +0000 Enable Open vSwitch kernel support Change-Id: I2a815688993392c09929a5b8db5a548c3c890905 --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index f16f196b..a99eeed3 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -79,6 +79,16 @@ configure-commands: - scripts/config -e NETFILTER - scripts/config -e NETFILTER_ADVANCED - scripts/config -e NETFILTER_XT_MATCH_ADDRTYPE +- scripts/config -e OPENVSWITCH +- scripts/config -e OPENVSWITCH_VXLAN +- scripts/config -e CONFIG_OPENVSWITCH_GRE +- scripts/config -e NET_CLS_BASIC +- scripts/config -e NET_SCH_INGRESS +- scripts/config -e NET_ACT_POLICE +- scripts/config -e NET_IPGRE_DEMUX +- scripts/config -e NET_SCH_HTB +- scripts/config -e NET_SCH_HFSC +- scripts/config -e VXLAN # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 00c6935e9a5b29189d4abe8a9931322107ff5fb9 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable virtual ethernet support in kernels commit bd47359a20329e2fa45eaa0793457a56292f820c Author: Francisco Redondo Marchena Date: Thu Feb 12 14:24:29 2015 +0000 Enable virtual ethernet support in kernels Change-Id: Ie5a1a4ba8c0baad0ff399af22865e336e180142a --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 1 + 1 file changed, 1 insertion(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index a99eeed3..85224ae8 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -89,6 +89,7 @@ configure-commands: - scripts/config -e NET_SCH_HTB - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN +- scripts/config -e VETH # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 65c4279925ed8d062e98984ed7bd863368049367 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable all the IP_NF kernel support commit b82cda6e0c64717df961c0232d78f5362ecc69e5 Author: Francisco Redondo Marchena Date: Thu Feb 12 14:39:59 2015 +0000 Enable all the IP_NF kernel support Change-Id: I80d86ce8417ceed84275f85cbc22e1f7503e37d0 --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 85224ae8..5a4020d4 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -90,6 +90,19 @@ configure-commands: - scripts/config -e NET_SCH_HFSC - scripts/config -e VXLAN - scripts/config -e VETH +- scripts/config -e IP_NF_MATCH_AH +- scripts/config -e IP_NF_MATCH_ECN +- scripts/config -e IP_NF_MATCH_RPFILTER +- scripts/config -e IP_NF_MATCH_TTL +- scripts/config -e IP_NF_TARGET_SYNPROXY +- scripts/config -e IP_NF_TARGET_NETMAP +- scripts/config -e IP_NF_TARGET_REDIRECT +- scripts/config -e IP_NF_TARGET_CLUSTERIP +- scripts/config -e IP_NF_TARGET_ECN +- scripts/config -e IP_NF_TARGET_TTL +- scripts/config -e IP_NF_RAW +- scripts/config -e IP_NF_SECURITY +- scripts/config -e IP_NF_ARPTABLES # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From b4eaa55416586ab629e830eb57c353a4194439cc Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable iproute2 support to kernels commit f1b7745620d567436ab6bf14a9e6e51ff3a1a480 Author: Francisco Redondo Marchena Date: Thu Feb 12 14:43:44 2015 +0000 Enable iproute2 support to kernels Change-Id: I20e625fa545d34e7f4de33bdf78b746e8f29b0f5 --- strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 3 +++ 1 file changed, 3 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 5a4020d4..717e83a7 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -103,6 +103,9 @@ configure-commands: - scripts/config -e IP_NF_RAW - scripts/config -e IP_NF_SECURITY - scripts/config -e IP_NF_ARPTABLES +- scripts/config -e NETFILTER_NETLINK_QUEUE +- scripts/config -e SCSI_NETLINK +- scripts/config -e NETFILTER_XT_TARGET_MARK # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 87f8c4f3a0adbe842d882248f0fd8e97d3863746 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable ipset kernel configuration commit dd5f18f181b88a8d48a283778618e372d9c2be4d Author: Francisco Redondo Marchena Date: Thu Feb 12 14:46:09 2015 +0000 Enable ipset kernel configuration Change-Id: I6cfd9cb9e27f7e3f3db80788d3fbcb91286a682b --- .../bsp-armv8b64-generic/linux-armv8b64-generic.morph | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 717e83a7..5808703e 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -106,6 +106,23 @@ configure-commands: - scripts/config -e NETFILTER_NETLINK_QUEUE - scripts/config -e SCSI_NETLINK - scripts/config -e NETFILTER_XT_TARGET_MARK +- scripts/config -e NETFILTER_XT_SET +- scripts/config -e IP_SET +- scripts/config -e IP_SET_BITMAP_IP +- scripts/config -e IP_SET_BITMAP_IPMAC +- scripts/config -e IP_SET_BITMAP_PORT +- scripts/config -e IP_SET_HASH_IP +- scripts/config -e IP_SET_HASH_IPMARK +- scripts/config -e IP_SET_HASH_IPPORT +- scripts/config -e IP_SET_HASH_IPPORTIP +- scripts/config -e IP_SET_HASH_IPPORTNET +- scripts/config -e IP_SET_HASH_MAC +- scripts/config -e IP_SET_HASH_NETPORTNET +- scripts/config -e IP_SET_HASH_NET +- scripts/config -e IP_SET_HASH_NETNET +- scripts/config -e IP_SET_HASH_NETPORT +- scripts/config -e IP_SET_HASH_NETIFACE +- scripts/config -e IP_SET_LIST_SET # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From c136934a9551896d6417d1c1dd7b71f90c427ae5 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:05 +0100 Subject: Enable netfilter support in kernels commit ccf6177c64c31b413d368e5d072655e0a1952b71 Author: Francisco Redondo Marchena Date: Thu Feb 12 14:50:14 2015 +0000 Enable netfilter support in kernels Change-Id: Ic5773476188d1b1d9f5bcc9e4d81e8602378a172 --- .../linux-armv8b64-generic.morph | 98 ++++++++++++++++++++++ 1 file changed, 98 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 5808703e..a7ecbb5b 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -123,6 +123,104 @@ configure-commands: - scripts/config -e IP_SET_HASH_NETPORT - scripts/config -e IP_SET_HASH_NETIFACE - scripts/config -e IP_SET_LIST_SET +- scripts/config -e NF_CONNTRACK_TIMEOUT +- scripts/config -e NF_CONNTRACK_TIMESTAMP +- scripts/config -e NF_CONNTRACK_EVENTS +- scripts/config -e NF_CONNTRACK_LABELS +- scripts/config -e NETFILTER_NETLINK_ACCT +- scripts/config -e NETFILTER_NETLINK_QUEUE_CT +- scripts/config -e NF_CT_PROTO_DCCP +- scripts/config -e NF_CT_PROTO_GRE +- scripts/config -e NF_CT_PROTO_SCTP +- scripts/config -e NF_CT_PROTO_UDPLITE +- scripts/config -e NF_CT_NETLINK_TIMEOUT +- scripts/config -e NF_CT_NETLINK_HELPER +- scripts/config -e NF_CONNTRACK_AMANDA +- scripts/config -e NF_CONNTRACK_H323 +- scripts/config -e NF_CONNTRACK_BROADCAST +- scripts/config -e NF_CONNTRACK_NETBIOS_NS +- scripts/config -e NF_CONNTRACK_SNMP +- scripts/config -e NF_CONNTRACK_PPTP +- scripts/config -e NF_CONNTRACK_SANE +- scripts/config -e NF_CONNTRACK_TFTP +- scripts/config -e NF_LOG_COMMON +- scripts/config -e NF_NAT_PROTO_DCCP +- scripts/config -e NF_NAT_PROTO_UDPLITE +- scripts/config -e NF_NAT_PROTO_SCTP +- scripts/config -e NF_NAT_AMANDA +- scripts/config -e NF_NAT_TFTP +- scripts/config -e NF_TABLES +- scripts/config -e NF_TABLES_INET +- scripts/config -e NFT_COMPAT +- scripts/config -e NFT_EXTHDR +- scripts/config -e NFT_META +- scripts/config -e NFT_CT +- scripts/config -e NFT_LIMIT +- scripts/config -e NFT_NAT +- scripts/config -e NFT_QUEUE +- scripts/config -e NFT_REJECT +- scripts/config -e NFT_REJECT_INET +- scripts/config -e NFT_RBTREE +- scripts/config -e NFT_HASH +- scripts/config -e NFT_COUNTER +- scripts/config -e NFT_LOG +- scripts/config -e NFT_MASQ +- scripts/config -e NETFILTER_XT_CONNMARK +- scripts/config -e NETFILTER_XT_TARGET_AUDIT +- scripts/config -e NETFILTER_XT_TARGET_CHECKSUM +- scripts/config -e NETFILTER_XT_TARGET_CLASSIFY +- scripts/config -e NETFILTER_XT_TARGET_CT +- scripts/config -e NETFILTER_XT_TARGET_DSCP +- scripts/config -e NETFILTER_XT_TARGET_HMARK +- scripts/config -e NETFILTER_XT_TARGET_LED +- scripts/config -e NETFILTER_XT_TARGET_LOG +- scripts/config -e NETFILTER_XT_TARGET_NFQUEUE +- scripts/config -e NETFILTER_XT_TARGET_RATEEST +- scripts/config -e NETFILTER_XT_TARGET_TPROXY +- scripts/config -e NETFILTER_XT_TARGET_TCPOPTSTRIP +- scripts/config -e NETFILTER_XT_TARGET_TEE +- scripts/config -e NETFILTER_XT_TARGET_TRACE +- scripts/config -e NETFILTER_XT_TARGET_IDLETIMER +- scripts/config -e NETFILTER_XT_MATCH_BPF +- scripts/config -e NETFILTER_XT_MATCH_CLUSTER +- scripts/config -e NETFILTER_XT_MATCH_COMMENT +- scripts/config -e NETFILTER_XT_MATCH_CONNBYTES +- scripts/config -e NETFILTER_XT_MATCH_CONNLABEL +- scripts/config -e NETFILTER_XT_MATCH_CONNLIMIT +- scripts/config -e NETFILTER_XT_MATCH_CPU +- scripts/config -e NETFILTER_XT_MATCH_DCCP +- scripts/config -e NETFILTER_XT_MATCH_DEVGROUP +- scripts/config -e NETFILTER_XT_MATCH_DSCP +- scripts/config -e NETFILTER_XT_MATCH_ESP +- scripts/config -e NETFILTER_XT_MATCH_HASHLIMIT +- scripts/config -e NETFILTER_XT_MATCH_HELPER +- scripts/config -e NETFILTER_XT_MATCH_IPCOMP +- scripts/config -e NETFILTER_XT_MATCH_IPRANGE +- scripts/config -e NETFILTER_XT_MATCH_IPVS +- scripts/config -e NETFILTER_XT_MATCH_L2TP +- scripts/config -e NETFILTER_XT_MATCH_LENGTH +- scripts/config -e NETFILTER_XT_MATCH_LIMIT +- scripts/config -e NETFILTER_XT_MATCH_MAC +- scripts/config -e NETFILTER_XT_MATCH_MULTIPORT +- scripts/config -e NETFILTER_XT_MATCH_NFACCT +- scripts/config -e NETFILTER_XT_MATCH_OSF +- scripts/config -e NETFILTER_XT_MATCH_OWNER +- scripts/config -e NETFILTER_XT_MATCH_CGROUP +- scripts/config -e NETFILTER_XT_MATCH_PHYSDEV +- scripts/config -e NETFILTER_XT_MATCH_PKTTYPE +- scripts/config -e NETFILTER_XT_MATCH_QUOTA +- scripts/config -e NETFILTER_XT_MATCH_RATEEST +- scripts/config -e NETFILTER_XT_MATCH_REALM +- scripts/config -e NETFILTER_XT_MATCH_RECENT +- scripts/config -e NETFILTER_XT_MATCH_SCTP +- scripts/config -e NETFILTER_XT_MATCH_SOCKET +- scripts/config -e NETFILTER_XT_MATCH_STATISTIC +- scripts/config -e NETFILTER_XT_MATCH_STRING +- scripts/config -e NETFILTER_XT_MATCH_TCPMSS +- scripts/config -e NETFILTER_XT_MATCH_TIME +- scripts/config -e NETFILTER_XT_MATCH_U32 +- scripts/config -e IP_VS +- scripts/config -e BRIDGE_NETFILTER # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 8b0fe30b1bbfe9803a5541119daefbf567ea3483 Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Fri, 17 Apr 2015 14:55:44 +0100 Subject: Enable ISCSI kernel support commit 88e05d0f4291fc09e89a510c433fbf20ee6f1ae3 Author: Francisco Redondo Marchena Date: Tue Apr 7 17:09:59 2015 +0100 Enable ISCSI kernel support Change-Id: I07b807f017018f3ce30eee44fd284dee30036ab1 --- .../bsp-armv8b64-generic/linux-armv8b64-generic.morph | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index a7ecbb5b..5249990f 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -221,6 +221,23 @@ configure-commands: - scripts/config -e NETFILTER_XT_MATCH_U32 - scripts/config -e IP_VS - scripts/config -e BRIDGE_NETFILTER +- scripts/config -e CRYPTO_CRC32C +- scripts/config -e CONFIGFS_FS +- scripts/config -e EXPERT +- scripts/config -e TARGET_CORE +- scripts/config -e ISCSI_TARGET +- scripts/config -e TCM_IBLOCK +- scripts/config -e TCM_FILEIO +- scripts/config -e TCM_PSCSI +- scripts/config -e TCM_USER +- scripts/config -e CONFIG_UIO +- scripts/config -e LOOPBACK_TARGET +- scripts/config -e TCM_FC +- scripts/config -e LIBFC +- scripts/config -e SCSI_FC_ATTRS +- scripts/config -e SCSI_ISCSI_ATTRS +- scripts/config -e ISCSI_TCP +- scripts/config -e SCSI_LOWLEVEL # Required for M400 - scripts/config -e SATA_AHCI_PLATFORM - scripts/config -e AHCI_XGENE -- cgit v1.2.1 From 4d78cd3a84e31b17b4df643a6d0fc1d77b58446c Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 20 Apr 2015 13:07:35 +0000 Subject: Add OpenStack system to clusters/ci.morph Change-Id: Ib8fb7cddcbf744d6384b23e3f5ed00abffb6eadf --- clusters/ci.morph | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/clusters/ci.morph b/clusters/ci.morph index 48e978bc..84405464 100644 --- a/clusters/ci.morph +++ b/clusters/ci.morph @@ -47,3 +47,50 @@ systems: BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" KERNEL_ARGS: cma=256M console=tty0 console=ttyS0,115200n8 no_console_suspend=1 nouveau.pstate=1 +- morph: systems/openstack-system-x86_64.morph + deploy: + openstack-system-x86_64: + type: rawdisk + location: baserock-openstack-system-x86_64.img + DISK_SIZE: 5G + INSTALL_FILES: openstack/manifest + HOSTNAME: onenode + RABBITMQ_HOST: onenode + RABBITMQ_PORT: 5672 + RABBITMQ_USER: rabbitmq + RABBITMQ_PASSWORD: veryinsecure + CONTROLLER_HOST_ADDRESS: onenode + MANAGEMENT_INTERFACE_IP_ADDRESS: 127.0.0.1 + KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 + KEYSTONE_ADMIN_PASSWORD: veryinsecure + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure + GLANCE_SERVICE_USER: glance + GLANCE_SERVICE_PASSWORD: veryinsecure + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure + NOVA_SERVICE_USER: nova + NOVA_SERVICE_PASSWORD: veryinsecure + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure + NOVA_VIRT_TYPE: qemu + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + NEUTRON_SERVICE_USER: neutron + NEUTRON_SERVICE_PASSWORD: veryinsecure + NEUTRON_DB_USER: neutronDB + NEUTRON_DB_PASSWORD: veryinsecure + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_SERVICE_USER: ironic + IRONIC_SERVICE_PASSWORD: veryinsecure + IRONIC_DB_USER: ironicDB + IRONIC_DB_PASSWORD: veryinsecure + CEILOMETER_SERVICE_USER: ceilometer + CEILOMETER_SERVICE_PASSWORD: veryinsecure + CEILOMETER_DB_USER: ceilometerDB + CEILOMETER_DB_PASSWORD: veryinsecure + METERING_SECRET: insecureceilometersecret + HOSTS_CONTROLLER: 127.0.0.1 onenode -- cgit v1.2.1 From e436f553f488baaab3acf4cc924cf6887f3ea491 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Mon, 20 Apr 2015 15:25:29 +0000 Subject: cinder: Remove legacy setup service Change-Id: I8aa7c9ffba6b2315d133be77cf78f94360efa4c8 --- openstack/usr/lib/systemd/system/openstack-cinder-setup.service | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-setup.service diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-setup.service deleted file mode 100644 index bac80b6b..00000000 --- a/openstack/usr/lib/systemd/system/openstack-cinder-setup.service +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Run cinder-setup Ansible scripts -After=local-fs.target openstack-keystone-setup.service postgres-server.service - -[Service] -ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder.yml - -[Install] -WantedBy=multi-user.target -- cgit v1.2.1 From c750d7e80d525291d9458748bb0fe9f43462669b Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Mon, 20 Apr 2015 15:26:35 +0000 Subject: trove and heat: Remove non supported services Change-Id: I9350b33b1992417c9105f8379f4954924565a6c1 --- strata/openstack-services.morph | 37 ------------------------------------- 1 file changed, 37 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 1e1f6fae..d6927cc5 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -600,24 +600,6 @@ chunks: - netifaces - pastedeploy - python-xattr -- name: trove - repo: upstream:openstack/trove - ref: a4c38cc6ddbfba2301766eced939229cccc31953 - unpetrify-ref: 2014.2 - build-depends: - - sqlalchemy - - eventlet - - keystonemiddleware - - kombu - - routes - - webob - - pastedeploy - - paste - - sqlalchemy-migrate - - netifaces - - httplib2 - - passlib - - pexpect - name: wsgiref repo: upstream:python-packages/wsgiref.git ref: e8360785eef259394e13b2062407edc3c2cbc1e0 @@ -765,25 +747,6 @@ chunks: - tooz - webob - wsme -- name: heat - repo: upstream:openstack/heat - ref: c06772571a81383aa37336a78d72d455067b75e8 - unpetrify-ref: 2014.2 - build-depends: - - eventlet - - greenlet - - httplib2 - - keystonemiddleware - - kombu - - oslo-db - - oslo-messaging - - pastedeploy - - posix-ipc-tarball - - qpid-python - - routes - - sqlalchemy - - sqlalchemy-migrate - - webob - name: django-openstack-auth repo: upstream:openstack/django_openstack_auth ref: e676c88a329af57d6c4f13df54f6e1e06c1f8360 -- cgit v1.2.1 From 4cc964da547352a48ff7b4d718d6551e835ec3e6 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Mon, 20 Apr 2015 17:29:45 +0000 Subject: nova and neutron: Start db-setup services after config-setup services openstack-{nova,neutron}-db-setup.services need to run after openstack-{nova,neutron}-config-setup.services because the latter create the nova and neutron system users used in the formers. Change-Id: I4152b8dc16fe2181de83f5732b58d3f1072811e9 --- openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-nova-db-setup.service | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service index 4b30e78a..68874a6e 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run neutron-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=network-online.target openstack-keystone.service postgres-server.service openstack-keystone-setup.service +After=network-online.target openstack-keystone.service postgres-server.service openstack-keystone-setup.service openstack-neutron-config-setup.service Wants=network-online.target openstack-keystone.service postgres-server.service [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index 80db0be5..5a280917 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run nova-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service +After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service openstack-nova-config-setup.service Wants=postgres-server.service openstack-keystone.service [Service] -- cgit v1.2.1 From 33611dd53cbb91470d0f602fb2e9f797538bc1a4 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Mon, 20 Apr 2015 17:32:16 +0000 Subject: ceilometer: Fix ceilometer post-install-commands Fix missing `$` character before DESTDIR which makes api_paste.ini not get installed into the system. Change-Id: I8802fa01de9684cce26785181b7952aa13876f83 --- strata/openstack-services/ceilometer.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/openstack-services/ceilometer.morph b/strata/openstack-services/ceilometer.morph index 7fe0b853..f120ce9e 100644 --- a/strata/openstack-services/ceilometer.morph +++ b/strata/openstack-services/ceilometer.morph @@ -6,7 +6,7 @@ post-install-commands: - mkdir -p "$DESTDIR"/etc/ceilometer - install -D -m 644 etc/ceilometer/*.json "$DESTDIR"/etc/ceilometer - install -D -m 644 etc/ceilometer/*.yaml "$DESTDIR"/etc/ceilometer -- install -D -m 644 etc/ceilometer/api_paste.ini "DESTDIR"/etc/ceilometer +- install -D -m 644 etc/ceilometer/api_paste.ini "$DESTDIR"/etc/ceilometer/api_paste.ini # Install rootwrap.conf - install -D -m 640 etc/ceilometer/rootwrap.conf "$DESTDIR"/etc/ceilometer/rootwrap.conf # Move rootwrap files to a proper location -- cgit v1.2.1 From b8baf8e806154c8a1142acf853b16f58149d3f58 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Mon, 20 Apr 2015 17:35:27 +0000 Subject: ceilometer: Fix openstack-ceilometer-setup.service unit openstack-ceilometer-setup.service only requires keystone and postgres running for configuring ceilometer. Change-Id: I4665cc719675355856b0ab50bd1cb966cadb2e67 --- openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service index 9936c822..16eacb55 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service @@ -1,6 +1,7 @@ [Unit] Description=Run ceilometer-setup Ansible scripts -After=local-fs.target openstack-keystone-setup.service postgres-server.service openstack-cinder-setup.service openstack-nova-setup.service openstack-neutron-setup.service openstack-glance-setup.service +After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service +Wants=postgres-server.service openstack-keystone.service [Service] Type=oneshot -- cgit v1.2.1 From f882d095808697e5f10bc565ef957ea9e9c554f9 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Mon, 20 Apr 2015 17:37:04 +0000 Subject: ceilometer: Fix ceilometer services ceilometer services do not need to wait for openstack-ceilometer-setup.service to finish because is this one which enables and starts them. So removing this dependency we eliminate the systemd loop created. Change-Id: I4991eb9e50bb88270ce1fa31edb0600dab233148 --- .../usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service | 2 +- .../usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service index 1976417c..a6a2ce56 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer alarm evaluation service -After=syslog.target network-online.target openstack-ceilometer-setup.service +After=syslog.target network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service index 070d063d..1a4a0b04 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer alarm notification service -After=syslog.target network-online.target openstack-ceilometer-setup.service +After=syslog.target network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service index 3981553b..77d8836d 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer API service -After=syslog.target network-online.target openstack-ceilometer-setup.service +After=syslog.target network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service index c7171451..98eff608 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer collection service -After=syslog.target network-online.target openstack-ceilometer-setup.service +After=syslog.target network-online.target Wants=network-online.target [Service] -- cgit v1.2.1 From 02101b041b4e261a4b6e42ead1a565ae8a17b313 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 20 Apr 2015 18:40:59 +0100 Subject: cluster/ci.morph: Fix typo Change-Id: Ia9e446eceb9fc15be1c8cf86d91dda67b1dc4425 --- clusters/ci.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/ci.morph b/clusters/ci.morph index 84405464..e1bc3887 100644 --- a/clusters/ci.morph +++ b/clusters/ci.morph @@ -20,7 +20,7 @@ systems: DISK_SIZE: 4G - morph: systems/build-system-armv7lhf-jetson.morph deploy: - devel-system-armv7lhf-jetson: + build-system-armv7lhf-jetson: type: rawdisk location: build-system-armv7lhf-jetson.img DISK_SIZE: 2G -- cgit v1.2.1 From 70cf0464cf7ff98b7f6c843ffd076e21b5be75f9 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Tue, 21 Apr 2015 15:28:00 +0000 Subject: ceilometer: Update ceilometer to 2014.2.1 tag Update ceilometer to build from the same tag as the rest of the services. Change-Id: I35cc098179f1ccf3ad0a59edc5e28f03d6151107 --- strata/openstack-services.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index d6927cc5..db0e3561 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -721,9 +721,9 @@ chunks: - retrying - name: ceilometer repo: upstream:openstack/ceilometer - ref: 94579bfc81b820380d03703e4e2311b3bd25c022 - unpetrify-ref: 2014.2 morph: strata/openstack-services/ceilometer.morph + ref: 1129b7013359bf242a2ea53be9d4faeccfbfac5a + unpetrify-ref: 2014.2.1 build-depends: - alembic - anyjson -- cgit v1.2.1 From 30f14e212cb62026b17b43cdda24587c570aff72 Mon Sep 17 00:00:00 2001 From: Javier Jardon Date: Fri, 17 Apr 2015 15:49:26 +0100 Subject: ntpd: Set default .service and conf file in the morphology file So we can avoid an specific extension to introduce it in the system Change-Id: I57f446977e3e5fba5fe98be6fdd6a3f150623f14 --- ntpd.configure | 54 --------------------------------------- strata/ntpd/ntpd.morph | 41 +++++++++++++++++++++++++++++ swift/etc/ntp.conf | 4 +++ swift/manifest | 2 +- systems/swift-system-x86_64.morph | 1 - 5 files changed, 46 insertions(+), 56 deletions(-) delete mode 100644 ntpd.configure diff --git a/ntpd.configure b/ntpd.configure deleted file mode 100644 index fd39d9e9..00000000 --- a/ntpd.configure +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/bash -# -# Copyright © 2015 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program. If not, see . - - -set -e - -ROOT="$1" - -# NTP conflicts with systemd-timesyncd, -# so if we want to use NTP then we need to disable systemd-timesyncd -rm "$ROOT/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service" - -# On at least x86 64 the default rlimit -# ntp sets (32kB) isn't enough, so increase it -cat >> "$ROOT/etc/ntp.conf" << EOF - -# The default rlimit isn't enough in some cases -# so we set a higher limit here -rlimit memlock 256 -EOF - -NTPD_PIDFILE=/run/ntpd.pid -cat > "$ROOT/usr/lib/systemd/system/ntpd.service" << EOF -[Unit] -Description=Network Time Service -After=network.target nss-lookup.target -Conflicts=systemd-timesyncd.service - -[Service] -Type=forking -PIDFile=$NTPD_PIDFILE -ExecStart=/usr/bin/ntpd -u ntp:ntp -p $NTPD_PIDFILE -PrivateTmp=True -Restart=on-failure - -[Install] -WantedBy=multi-user.target -EOF - -ln -s "/usr/lib/systemd/system/ntpd.service" \ - "$ROOT/usr/lib/systemd/system/multi-user.target.wants/ntpd.service" diff --git a/strata/ntpd/ntpd.morph b/strata/ntpd/ntpd.morph index fd561de1..49316c14 100644 --- a/strata/ntpd/ntpd.morph +++ b/strata/ntpd/ntpd.morph @@ -3,6 +3,47 @@ kind: chunk build-system: autotools configure-commands: - ./configure --prefix="$PREFIX" --enable-linuxcaps +post-install-commands: +- | + cat > ntpd.service << EOF + [Unit] + Description=Network Time Service + After=network.target nss-lookup.target + Conflicts=systemd-timesyncd.service + + [Service] + Type=forking + ExecStart=/usr/bin/ntpd -u ntp:ntp + PrivateTmp=True + Restart=on-failure + + [Install] + WantedBy=multi-user.target + EOF +- install -D -m 644 ntpd.service "$DESTDIR"/lib/systemd/system/ntpd.service +- mkdir -p "$DESTDIR"/lib/systemd/system/multi-user.target.wants +- ln -s /lib/systemd/system/ntpd.service "$DESTDIR"/lib/systemd/system/multi-user.target.wants/ntpd.service +- | + cat > ntp.conf << EOF + # We use iburst here to reduce the potential initial delay to set the clock + server 0.pool.ntp.org iburst + server 1.pool.ntp.org iburst + server 2.pool.ntp.org iburst + server 3.pool.ntp.org iburst + + # kod - notify client when packets are denied service, + # rather than just dropping the packets + # + # nomodify - deny queries which attempt to modify the state of the server + # + # notrap - decline to provide mode 6 control message trap service to + # matching hosts + # + # see ntp.conf(5) for more details + restrict -4 default kod notrap nomodify + restrict -6 default kod notrap nomodify + EOF +- install -D -m 644 ntp.conf "$DESTDIR"/etc/ntp.conf system-integration: ntpd-misc: 00-add-ntpd-user: diff --git a/swift/etc/ntp.conf b/swift/etc/ntp.conf index b50886a4..54522871 100644 --- a/swift/etc/ntp.conf +++ b/swift/etc/ntp.conf @@ -19,3 +19,7 @@ server 3.pool.ntp.org iburst restrict -4 default kod notrap nomodify restrict -6 default kod notrap nomodify {% endif %} + +# The default rlimit isn't enough in some cases +# so we set a higher limit here +rlimit memlock 256 diff --git a/swift/manifest b/swift/manifest index 63ea2c2c..7fd76206 100644 --- a/swift/manifest +++ b/swift/manifest @@ -11,5 +11,5 @@ 0100644 0 0 /usr/share/swift/etc/rsyncd.j2 0100644 0 0 /usr/lib/systemd/system/swift-storage-setup.service 0100644 0 0 /usr/lib/systemd/system/swift-storage.service -template 0100644 0 0 /etc/ntp.conf +template overwrite 0100644 0 0 /etc/ntp.conf overwrite 0100644 0 0 /usr/lib/systemd/system/rsync.service diff --git a/systems/swift-system-x86_64.morph b/systems/swift-system-x86_64.morph index 385f9cd5..442c2609 100644 --- a/systems/swift-system-x86_64.morph +++ b/systems/swift-system-x86_64.morph @@ -31,4 +31,3 @@ configuration-extensions: - install-files - fstab - swift-storage -- ntpd -- cgit v1.2.1 From d23510244330f02de2bc02f6a561444b19900d73 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Wed, 22 Apr 2015 10:32:54 +0000 Subject: Upgrade systemd to latest master. This version fixes an error at boot time on the Jetson boards. Change-Id: I1f25cab25b949a468902e7bacf5b416e885f6c06 --- strata/foundation.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index cc58de5a..3de24fee 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -80,8 +80,8 @@ chunks: - name: systemd morph: strata/foundation/systemd.morph repo: upstream:systemd - ref: d736e4f3e76daca4ab1b1fc444737e5ee20a27cd - unpetrify-ref: baserock/v219-314-gd736e4f-network_fixes + ref: 163ab2961268232e1cb49e990a8ccefe24b7649f + unpetrify-ref: baserock/v219-729-g163ab29-jetson_btrfs_fixes build-depends: - dbus-pre - gobject-introspection -- cgit v1.2.1 From 71797241802b692f6be53b0aa4e5d61658c6792b Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Thu, 16 Apr 2015 12:49:23 +0000 Subject: OpenStack: Rename installer to three-node-installer Change-Id: I645d11af1d4cbe365190ae00a7e65cc3dd61dec1 --- clusters/openstack-installer.morph | 168 -------------------------- clusters/openstack-three-node-installer.morph | 168 ++++++++++++++++++++++++++ 2 files changed, 168 insertions(+), 168 deletions(-) delete mode 100644 clusters/openstack-installer.morph create mode 100644 clusters/openstack-three-node-installer.morph diff --git a/clusters/openstack-installer.morph b/clusters/openstack-installer.morph deleted file mode 100644 index 6020b502..00000000 --- a/clusters/openstack-installer.morph +++ /dev/null @@ -1,168 +0,0 @@ -name: openstack-installer -kind: cluster -description: | - - This cluster creates disk images that may be `dd`'d onto install media to - produce an OpenStack cluster when instanciated. - - Alternatively it may be used to install directly onto a physical disk by - running: - - morph deploy clusters/openstack-installer.morph \ - network-installer network-installer.location=/dev/vdb - - Substituting network-installer for either compute-installer or - controller-installer will produce different configurations, and it is possible - to substitue /dev/vdb for a different path to a disk image to install to a - different disk image. - - Substitute the values of HOSTNAME, NETWORK_CONFIG, EXTERNAL_INTERFACE, - MANAGEMENT_IP_ADDRESS, CONTROLLER_HOST_ADDRESS, RABBITMQ_HOST and HOSTS_* to - match your hardware ane networking configuration. - -systems: -- morph: systems/installer-system-x86_64.morph - deploy: - network-installer: &installer - type: rawdisk - location: installer-openstack-network-x86_64.img - KERNEL_ARGS: init=/usr/lib/baserock-installer/installer - DISK_SIZE: 6G - HOSTNAME: installer-x86_64 - INSTALLER_TARGET_STORAGE_DEVICE: /dev/sda - INSTALLER_ROOTFS_TO_INSTALL: /rootfs - INSTALLER_POST_INSTALL_COMMAND: 'sync; poweroff -f' - INITRAMFS_PATH: boot/initramfs.gz - subsystems: - - morph: systems/initramfs-x86_64.morph - deploy: - network-initramfs: &initramfs - type: initramfs - location: boot/initramfs.gz - - morph: systems/openstack-system-x86_64.morph - deploy: - network-to-install: &stack-node - type: sysroot - location: rootfs - INSTALL_FILES: openstack/manifest - HOSTNAME: threenode-network - RABBITMQ_HOST: threenode-controller.os-mgmt - RABBITMQ_PORT: 5672 - RABBITMQ_USER: rabbitmq - RABBITMQ_PASSWORD: veryinsecure - KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 - KEYSTONE_ADMIN_PASSWORD: veryinsecure - KEYSTONE_DB_USER: keystoneDB - KEYSTONE_DB_PASSWORD: veryinsecure - CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt - MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 - GLANCE_SERVICE_USER: glance - GLANCE_SERVICE_PASSWORD: veryinsecure - GLANCE_DB_USER: glanceDB - GLANCE_DB_PASSWORD: veryinsecure - NOVA_SERVICE_USER: nova - NOVA_SERVICE_PASSWORD: veryinsecure - NOVA_DB_USER: novaDB - NOVA_DB_PASSWORD: veryinsecure - NOVA_VIRT_TYPE: kvm - CINDER_ENABLE_CONTROLLER: False - CINDER_ENABLE_COMPUTE: False - CINDER_ENABLE_STORAGE: False - CINDER_SERVICE_USER: cinder - CINDER_SERVICE_PASSWORD: veryinsecure - CINDER_DB_USER: cinderDB - CINDER_DB_PASSWORD: veryinsecure - CINDER_DEVICE: /dev/sdb - NEUTRON_SERVICE_USER: neutron - NEUTRON_SERVICE_PASSWORD: veryinsecure - NEUTRON_DB_USER: neutronDB - NEUTRON_DB_PASSWORD: veryinsecure - NEUTRON_ENABLE_AGENT: False - NEUTRON_ENABLE_MANAGER: True - NEUTRON_ENABLE_CONTROLLER: False - NOVA_ENABLE_CONTROLLER: False - NOVA_ENABLE_COMPUTE: False - METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret - HOSTS_SELF: 10.24.1.83 threenode-network - HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt - HOSTS_CONTROL: 10.0.0.2 threenode-controller.os-mgmt - HOSTS_COMPUTE: 10.0.0.3 threenode-compute.os-mgmt - EXTERNAL_INTERFACE: enp3s0 - NETWORK_CONFIG: enp3s0:dhcp;enp2s0:static,address=10.0.0.1,netmask=255.255.255.0 - INITRAMFS_PATH: boot/initramfs.gz - subsystems: - - morph: systems/initramfs-x86_64.morph - deploy: - network-to-install-initramfs: *initramfs -- morph: systems/installer-system-x86_64.morph - deploy: - controller-installer: - <<: *installer - location: installer-openstack-controller-x86_64.img - subsystems: - - morph: systems/initramfs-x86_64.morph - deploy: - controller-initramfs: *initramfs - - morph: systems/openstack-system-x86_64.morph - deploy: - controller-to-install: - <<: *stack-node - HOSTNAME: threenode-controller - MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 - NOVA_VIRT_TYPE: kvm - CINDER_ENABLE_CONTROLLER: True - CINDER_ENABLE_COMPUTE: False - CINDER_ENABLE_STORAGE: False - CINDER_SERVICE_USER: cinder - CINDER_SERVICE_PASSWORD: veryinsecure - CINDER_DB_USER: cinderDB - CINDER_DB_PASSWORD: veryinsecure - CINDER_DEVICE: /dev/sdb - NEUTRON_ENABLE_AGENT: False - NEUTRON_ENABLE_MANAGER: False - NEUTRON_ENABLE_CONTROLLER: True - NOVA_ENABLE_CONTROLLER: True - METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret - HOSTS_SELF: 10.0.0.2 threenode-controller - EXTERNAL_INTERFACE: enp2s0 - NETWORK_CONFIG: enp2s0:dhcp;enp0s26u1u2:static,address=10.0.0.2,netmask=255.255.255.0 - subsystems: - - morph: systems/initramfs-x86_64.morph - deploy: - controller-to-install-initramfs: *initramfs -- morph: systems/installer-system-x86_64.morph - deploy: - compute-installer: - <<: *installer - location: installer-openstack-compute-x86_64.img - subsystems: - - morph: systems/initramfs-x86_64.morph - deploy: - compute-initramfs: *initramfs - - morph: systems/openstack-system-x86_64.morph - deploy: - compute-to-install: - <<: *stack-node - HOSTNAME: threenode-compute - MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 - NOVA_VIRT_TYPE: kvm - CINDER_ENABLE_CONTROLLER: False - CINDER_ENABLE_COMPUTE: True - CINDER_ENABLE_STORAGE: True - CINDER_SERVICE_USER: cinder - CINDER_SERVICE_PASSWORD: veryinsecure - CINDER_DB_USER: cinderDB - CINDER_DB_PASSWORD: veryinsecure - CINDER_DEVICE: /dev/sdb - NEUTRON_ENABLE_AGENT: True - NEUTRON_ENABLE_MANAGER: False - NEUTRON_ENABLE_CONTROLLER: False - NOVA_ENABLE_COMPUTE: True - METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret - HOSTS_SELF: 10.0.0.3 threenode-compute - EXTERNAL_INTERFACE: eno1 - NETWORK_CONFIG: eno1:dhcp;enp0s29u1u3:static,address=10.0.0.3,netmask=255.255.255.0 - subsystems: - - morph: systems/initramfs-x86_64.morph - deploy: - compute-to-install-initramfs: *initramfs diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph new file mode 100644 index 00000000..176439dc --- /dev/null +++ b/clusters/openstack-three-node-installer.morph @@ -0,0 +1,168 @@ +name: openstack-three-node-installer +kind: cluster +description: | + + This cluster creates disk images that may be `dd`'d onto install media to + produce an OpenStack cluster when instanciated. + + Alternatively it may be used to install directly onto a physical disk by + running: + + morph deploy clusters/openstack-installer.morph \ + network-installer network-installer.location=/dev/vdb + + Substituting network-installer for either compute-installer or + controller-installer will produce different configurations, and it is possible + to substitue /dev/vdb for a different path to a disk image to install to a + different disk image. + + Substitute the values of HOSTNAME, NETWORK_CONFIG, EXTERNAL_INTERFACE, + MANAGEMENT_IP_ADDRESS, CONTROLLER_HOST_ADDRESS, RABBITMQ_HOST and HOSTS_* to + match your hardware ane networking configuration. + +systems: +- morph: systems/installer-system-x86_64.morph + deploy: + network-installer: &installer + type: rawdisk + location: installer-openstack-network-x86_64.img + KERNEL_ARGS: init=/usr/lib/baserock-installer/installer + DISK_SIZE: 6G + HOSTNAME: installer-x86_64 + INSTALLER_TARGET_STORAGE_DEVICE: /dev/sda + INSTALLER_ROOTFS_TO_INSTALL: /rootfs + INSTALLER_POST_INSTALL_COMMAND: 'sync; poweroff -f' + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + network-initramfs: &initramfs + type: initramfs + location: boot/initramfs.gz + - morph: systems/openstack-system-x86_64.morph + deploy: + network-to-install: &stack-node + type: sysroot + location: rootfs + INSTALL_FILES: openstack/manifest + HOSTNAME: threenode-network + RABBITMQ_HOST: threenode-controller.os-mgmt + RABBITMQ_PORT: 5672 + RABBITMQ_USER: rabbitmq + RABBITMQ_PASSWORD: veryinsecure + KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 + KEYSTONE_ADMIN_PASSWORD: veryinsecure + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure + CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 + GLANCE_SERVICE_USER: glance + GLANCE_SERVICE_PASSWORD: veryinsecure + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure + NOVA_SERVICE_USER: nova + NOVA_SERVICE_PASSWORD: veryinsecure + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure + NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: False + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + NEUTRON_SERVICE_USER: neutron + NEUTRON_SERVICE_PASSWORD: veryinsecure + NEUTRON_DB_USER: neutronDB + NEUTRON_DB_PASSWORD: veryinsecure + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: True + NEUTRON_ENABLE_CONTROLLER: False + NOVA_ENABLE_CONTROLLER: False + NOVA_ENABLE_COMPUTE: False + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + HOSTS_SELF: 10.24.1.83 threenode-network + HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt + HOSTS_CONTROL: 10.0.0.2 threenode-controller.os-mgmt + HOSTS_COMPUTE: 10.0.0.3 threenode-compute.os-mgmt + EXTERNAL_INTERFACE: enp3s0 + NETWORK_CONFIG: enp3s0:dhcp;enp2s0:static,address=10.0.0.1,netmask=255.255.255.0 + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + network-to-install-initramfs: *initramfs +- morph: systems/installer-system-x86_64.morph + deploy: + controller-installer: + <<: *installer + location: installer-openstack-controller-x86_64.img + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + controller-initramfs: *initramfs + - morph: systems/openstack-system-x86_64.morph + deploy: + controller-to-install: + <<: *stack-node + HOSTNAME: threenode-controller + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 + NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: True + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: False + NEUTRON_ENABLE_CONTROLLER: True + NOVA_ENABLE_CONTROLLER: True + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + HOSTS_SELF: 10.0.0.2 threenode-controller + EXTERNAL_INTERFACE: enp2s0 + NETWORK_CONFIG: enp2s0:dhcp;enp0s26u1u2:static,address=10.0.0.2,netmask=255.255.255.0 + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + controller-to-install-initramfs: *initramfs +- morph: systems/installer-system-x86_64.morph + deploy: + compute-installer: + <<: *installer + location: installer-openstack-compute-x86_64.img + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + compute-initramfs: *initramfs + - morph: systems/openstack-system-x86_64.morph + deploy: + compute-to-install: + <<: *stack-node + HOSTNAME: threenode-compute + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 + NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: False + CINDER_ENABLE_COMPUTE: True + CINDER_ENABLE_STORAGE: True + CINDER_SERVICE_USER: cinder + CINDER_SERVICE_PASSWORD: veryinsecure + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure + CINDER_DEVICE: /dev/sdb + NEUTRON_ENABLE_AGENT: True + NEUTRON_ENABLE_MANAGER: False + NEUTRON_ENABLE_CONTROLLER: False + NOVA_ENABLE_COMPUTE: True + METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + HOSTS_SELF: 10.0.0.3 threenode-compute + EXTERNAL_INTERFACE: eno1 + NETWORK_CONFIG: eno1:dhcp;enp0s29u1u3:static,address=10.0.0.3,netmask=255.255.255.0 + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + compute-to-install-initramfs: *initramfs -- cgit v1.2.1 From 622a2d0a2416ca25c658a8391cd3456b8edd6d71 Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Thu, 16 Apr 2015 13:07:18 +0000 Subject: OpenStack: Tidy two node cluster and make three node match its style Change-Id: I2555a2ee2c6b3b7e4243b985343bc8afb2432c77 --- clusters/openstack-three-node-installer.morph | 93 ++++++++++++++++++++------- clusters/openstack-two-node-installer.morph | 18 +++--- 2 files changed, 80 insertions(+), 31 deletions(-) diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index 176439dc..87aa53fd 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -2,8 +2,11 @@ name: openstack-three-node-installer kind: cluster description: | + This is a cluster morphology for deploying an installer for an x86_64 + OpenStack system spread across three nodes. + This cluster creates disk images that may be `dd`'d onto install media to - produce an OpenStack cluster when instanciated. + produce an OpenStack cluster when instantiated. Alternatively it may be used to install directly onto a physical disk by running: @@ -20,6 +23,37 @@ description: | MANAGEMENT_IP_ADDRESS, CONTROLLER_HOST_ADDRESS, RABBITMQ_HOST and HOSTS_* to match your hardware ane networking configuration. + Requirements to be able to run and test the system: + + - DISK_SIZE should be bigger than 5G + - The system has to have available at least 4G of RAM, but once + you start instantiating VMs you will need more. + - The IP of the system can't change, and you need to know it beforehand, + that is, the system needs a static IP address. + + This cluster is configurable, but with the following constraints: + + - The hostname in RABBITMQ_HOST has to match CONTROLLER_HOST_ADDRESS, + and HOST_CONTROLLER. + - HOSTS_CONTROLLER is only needed if the hostname (see previous point) + is not a FQDN. + - The IP listed in MANAGEMENT_INTERFACE_IP_ADDRESS has to match the one + used in HOSTS_CONTROLLER. + - CINDER_DEVICE should be a path to a storage device ready to be + used/formated for cinder data. + - EXTERNAL_INTERFACE is required when the system has more than one network + interface. + + You can also have a look at the following suggestions: + + - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the + system is being deployed to. + - We recommend changing all the PASSWORDs variables, also the + KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + - Setting NOVA_BAREMETAL_SCHEDULING with an YAML truth value will configure + Nova to schedule baremetal machines through the Ironic driver, instead of + sheduling virtual machines. + systems: - morph: systems/installer-system-x86_64.morph deploy: @@ -45,26 +79,34 @@ systems: type: sysroot location: rootfs INSTALL_FILES: openstack/manifest + INITRAMFS_PATH: boot/initramfs.gz + HOSTNAME: threenode-network + RABBITMQ_HOST: threenode-controller.os-mgmt RABBITMQ_PORT: 5672 RABBITMQ_USER: rabbitmq RABBITMQ_PASSWORD: veryinsecure + + # This token needs to be unique and secret KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 KEYSTONE_ADMIN_PASSWORD: veryinsecure KEYSTONE_DB_USER: keystoneDB KEYSTONE_DB_PASSWORD: veryinsecure - CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt - MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 + GLANCE_SERVICE_USER: glance GLANCE_SERVICE_PASSWORD: veryinsecure GLANCE_DB_USER: glanceDB GLANCE_DB_PASSWORD: veryinsecure + + NOVA_ENABLE_CONTROLLER: False + NOVA_ENABLE_COMPUTE: False NOVA_SERVICE_USER: nova NOVA_SERVICE_PASSWORD: veryinsecure NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: False CINDER_ENABLE_COMPUTE: False CINDER_ENABLE_STORAGE: False @@ -72,24 +114,32 @@ systems: CINDER_SERVICE_PASSWORD: veryinsecure CINDER_DB_USER: cinderDB CINDER_DB_PASSWORD: veryinsecure + # Storage device to be used by Cinder CINDER_DEVICE: /dev/sdb + + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: True + NEUTRON_ENABLE_CONTROLLER: False NEUTRON_SERVICE_USER: neutron NEUTRON_SERVICE_PASSWORD: veryinsecure NEUTRON_DB_USER: neutronDB NEUTRON_DB_PASSWORD: veryinsecure - NEUTRON_ENABLE_AGENT: False - NEUTRON_ENABLE_MANAGER: True - NEUTRON_ENABLE_CONTROLLER: False - NOVA_ENABLE_CONTROLLER: False - NOVA_ENABLE_COMPUTE: False METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + IRONIC_SERVICE_USER: ironic + IRONIC_SERVICE_PASSWORD: veryinsecure + IRONIC_DB_USER: ironicDB + IRONIC_DB_PASSWORD: veryinsecure + + CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 + HOSTS_SELF: 10.24.1.83 threenode-network HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt HOSTS_CONTROL: 10.0.0.2 threenode-controller.os-mgmt HOSTS_COMPUTE: 10.0.0.3 threenode-compute.os-mgmt EXTERNAL_INTERFACE: enp3s0 NETWORK_CONFIG: enp3s0:dhcp;enp2s0:static,address=10.0.0.1,netmask=255.255.255.0 - INITRAMFS_PATH: boot/initramfs.gz subsystems: - morph: systems/initramfs-x86_64.morph deploy: @@ -108,21 +158,15 @@ systems: controller-to-install: <<: *stack-node HOSTNAME: threenode-controller - MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 - NOVA_VIRT_TYPE: kvm - CINDER_ENABLE_CONTROLLER: True - CINDER_ENABLE_COMPUTE: False - CINDER_ENABLE_STORAGE: False - CINDER_SERVICE_USER: cinder - CINDER_SERVICE_PASSWORD: veryinsecure - CINDER_DB_USER: cinderDB - CINDER_DB_PASSWORD: veryinsecure - CINDER_DEVICE: /dev/sdb + + NOVA_ENABLE_CONTROLLER: True + NEUTRON_ENABLE_AGENT: False NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: True - NOVA_ENABLE_CONTROLLER: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 HOSTS_SELF: 10.0.0.2 threenode-controller EXTERNAL_INTERFACE: enp2s0 NETWORK_CONFIG: enp2s0:dhcp;enp0s26u1u2:static,address=10.0.0.2,netmask=255.255.255.0 @@ -144,8 +188,9 @@ systems: compute-to-install: <<: *stack-node HOSTNAME: threenode-compute - MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 + NOVA_VIRT_TYPE: kvm + CINDER_ENABLE_CONTROLLER: False CINDER_ENABLE_COMPUTE: True CINDER_ENABLE_STORAGE: True @@ -154,11 +199,15 @@ systems: CINDER_DB_USER: cinderDB CINDER_DB_PASSWORD: veryinsecure CINDER_DEVICE: /dev/sdb + + NOVA_ENABLE_COMPUTE: True + NEUTRON_ENABLE_AGENT: True NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: False - NOVA_ENABLE_COMPUTE: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 HOSTS_SELF: 10.0.0.3 threenode-compute EXTERNAL_INTERFACE: eno1 NETWORK_CONFIG: eno1:dhcp;enp0s29u1u3:static,address=10.0.0.3,netmask=255.255.255.0 diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 7bec8fd7..00d23ecd 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -6,7 +6,7 @@ description: | OpenStack system spread across three nodes. This cluster creates disk images that may be `dd`'d onto install media to - produce an OpenStack cluster when instanciated. + produce an OpenStack cluster when instantiated. Alternatively it may be used to install directly onto a physical disk by running: @@ -23,15 +23,15 @@ description: | match your hardware and networking configuration. Requirements to be able to run and test the system: - + - DISK_SIZE should be bigger than 5G - The system has to have available at least 4G of RAM, but once you start instantiating VMs you will need more. - The IP of the system can't change, and you need to know it beforehand, that is, the system needs a static IP address. - + This cluster is configurable, but with the following constraints: - + - The hostname in RABBITMQ_HOST has to match CONTROLLER_HOST_ADDRESS, and HOST_CONTROLLER. - HOSTS_CONTROLLER is only needed if the hostname (see previous point) @@ -42,9 +42,9 @@ description: | used/formated for cinder data. - EXTERNAL_INTERFACE is required when the system has more than one network interface. - + You can also have a look at the following suggestions: - + - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the system is being deployed to. - We recommend changing all the PASSWORDs variables, also the @@ -116,13 +116,13 @@ systems: # Storage device to be used by Cinder CINDER_DEVICE: /dev/sdb + NEUTRON_ENABLE_AGENT: False + NEUTRON_ENABLE_MANAGER: True + NEUTRON_ENABLE_CONTROLLER: True NEUTRON_SERVICE_USER: neutron NEUTRON_SERVICE_PASSWORD: veryinsecure NEUTRON_DB_USER: neutronDB NEUTRON_DB_PASSWORD: veryinsecure - NEUTRON_ENABLE_AGENT: False - NEUTRON_ENABLE_MANAGER: True - NEUTRON_ENABLE_CONTROLLER: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret IRONIC_SERVICE_USER: ironic -- cgit v1.2.1 From 54c03de00b882b2f214f29837d00cea38d0ca685 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Wed, 22 Apr 2015 17:17:03 +0000 Subject: Add kernel modules for FUSE and overlayfs Change-Id: Iec8bb1d659b037b45b8733f46d3f4af2413631a7 --- strata/bsp-armv7-highbank/linux-armv7-highbank.morph | 2 ++ strata/bsp-armv7-versatile/linux-armv7-versatile.morph | 2 ++ strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph | 2 ++ strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph | 2 ++ strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph | 2 ++ strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph | 2 ++ strata/bsp-jetson/linux-jetson-tk1.morph | 2 ++ strata/bsp-ppc64-generic/linux-ppc64.morph | 2 ++ strata/bsp-wandboard/linux-armv7-wandboard.morph | 2 ++ strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 2 ++ strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 2 ++ 11 files changed, 22 insertions(+) diff --git a/strata/bsp-armv7-highbank/linux-armv7-highbank.morph b/strata/bsp-armv7-highbank/linux-armv7-highbank.morph index cf0907de..b03e17ad 100644 --- a/strata/bsp-armv7-highbank/linux-armv7-highbank.morph +++ b/strata/bsp-armv7-highbank/linux-armv7-highbank.morph @@ -8,6 +8,8 @@ configure-commands: - scripts/config -e CONFIG_POSIX_MQUEUE - scripts/config -e CPU_IDLE - scripts/config -e EXT4_FS +- scripts/config -e FUSE_FS +#- scripts/config -e OVERLAY_FS # Activate when we build Linux >= 3.18 - scripts/config -e EXT4_USE_FOR_EXT23 - scripts/config -e PACKET - scripts/config -e UNIX diff --git a/strata/bsp-armv7-versatile/linux-armv7-versatile.morph b/strata/bsp-armv7-versatile/linux-armv7-versatile.morph index 9125ee51..7e66ce73 100644 --- a/strata/bsp-armv7-versatile/linux-armv7-versatile.morph +++ b/strata/bsp-armv7-versatile/linux-armv7-versatile.morph @@ -7,6 +7,8 @@ configure-commands: - scripts/config -d BTRFS_FS_CHECK_INTEGRITY - scripts/config -e DEVTMPFS - scripts/config -e DEVTMPFS_MOUNT +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e CONFIG_FHANDLE - scripts/config -e CGROUPS - scripts/config -e AUTOFS4_FS diff --git a/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph b/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph index a4de8d6a..377aaa8d 100644 --- a/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph +++ b/strata/bsp-armv7b-highbank/linux-armv7b-highbank.morph @@ -21,6 +21,8 @@ configure-commands: - scripts/config -e BLK_DEV_LOOP - scripts/config -e BTRFS_FS - scripts/config -e TMPFS +- scripts/config -e FUSE_FS +#- scripts/config -e OVERLAY_FS # Activate when we build Linux >= 3.18 - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e CGROUPS diff --git a/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph b/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph index a6c0242d..c232c493 100644 --- a/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph +++ b/strata/bsp-armv7b-vexpress-tc2/linux-armv7b-vexpress-tc2.morph @@ -20,6 +20,8 @@ configure-commands: - scripts/config -e BLK_DEV_LOOP - scripts/config -e BTRFS_FS - scripts/config -e TMPFS +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e IKCONFIG - scripts/config -e IKCONFIG_PROC - scripts/config -e CGROUPS diff --git a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph index 5249990f..ecf383b0 100644 --- a/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph +++ b/strata/bsp-armv8b64-generic/linux-armv8b64-generic.morph @@ -32,6 +32,8 @@ configure-commands: - scripts/config -d EXT4_DEBUG - scripts/config -e XFS_FS - scripts/config -e LIBCRC32C +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph index f69f5d2a..018e5710 100644 --- a/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph +++ b/strata/bsp-armv8l64-generic/linux-armv8l64-generic.morph @@ -30,6 +30,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e XFS_FS - scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 4559f2ba..43972811 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -33,6 +33,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e XFS_FS - scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG diff --git a/strata/bsp-ppc64-generic/linux-ppc64.morph b/strata/bsp-ppc64-generic/linux-ppc64.morph index cd68c872..b8b189c7 100644 --- a/strata/bsp-ppc64-generic/linux-ppc64.morph +++ b/strata/bsp-ppc64-generic/linux-ppc64.morph @@ -31,6 +31,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e XFS_FS - scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG diff --git a/strata/bsp-wandboard/linux-armv7-wandboard.morph b/strata/bsp-wandboard/linux-armv7-wandboard.morph index a3a79254..bf337725 100644 --- a/strata/bsp-wandboard/linux-armv7-wandboard.morph +++ b/strata/bsp-wandboard/linux-armv7-wandboard.morph @@ -33,6 +33,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -d JBD_DEBUG - scripts/config -d JBD2_DEBUG - scripts/config -e BLK_DEV_LOOP diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index a8da9549..3d936150 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -40,6 +40,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e XFS_FS - scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index eb4204f6..31aec686 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -40,6 +40,8 @@ configure-commands: - scripts/config -e EXT4_FS_POSIX_ACL - scripts/config -e EXT4_FS_SECURITY - scripts/config -d EXT4_DEBUG +- scripts/config -e FUSE_FS +- scripts/config -e OVERLAY_FS - scripts/config -e XFS_FS - scripts/config -e LIBCRC32C - scripts/config -d JBD_DEBUG -- cgit v1.2.1 From 39b553e11c1636acb719746ecd6eb41f6eff8369 Mon Sep 17 00:00:00 2001 From: Adam Coldrick Date: Thu, 16 Apr 2015 14:42:45 +0000 Subject: Split PyGObject into its own stratum Also make morph depend on PyGObject, it will be needed for OSTree. Change-Id: Icfa9abb95f884ca9b1dd720648567bd704e74d85 --- strata/morph-utils.morph | 2 ++ strata/python-pygobject.morph | 14 ++++++++++++++ strata/python-pygobject/pygobject.morph | 5 +++++ strata/virtualization.morph | 7 +------ strata/virtualization/pygobject.morph | 5 ----- systems/build-system-armv7lhf-highbank.morph | 2 ++ systems/build-system-armv7lhf-jetson.morph | 2 ++ systems/build-system-armv8b64.morph | 2 ++ systems/build-system-armv8l64.morph | 2 ++ systems/build-system-ppc64.morph | 2 ++ systems/build-system-x86_32-chroot.morph | 2 ++ systems/build-system-x86_32.morph | 2 ++ systems/build-system-x86_64-chroot.morph | 2 ++ systems/build-system-x86_64.morph | 2 ++ systems/ceph-service-x86_64-generic.morph | 2 ++ systems/devel-system-armv7-chroot.morph | 2 ++ systems/devel-system-armv7-highbank.morph | 2 ++ systems/devel-system-armv7-versatile.morph | 2 ++ systems/devel-system-armv7-wandboard.morph | 2 ++ systems/devel-system-armv7b-chroot.morph | 2 ++ systems/devel-system-armv7b-highbank.morph | 2 ++ systems/devel-system-armv7lhf-chroot.morph | 2 ++ systems/devel-system-armv7lhf-highbank.morph | 2 ++ systems/devel-system-armv7lhf-jetson.morph | 2 ++ systems/devel-system-armv7lhf-wandboard.morph | 2 ++ systems/devel-system-armv8b64.morph | 2 ++ systems/devel-system-armv8l64.morph | 2 ++ systems/devel-system-ppc64-chroot.morph | 2 ++ systems/devel-system-ppc64-generic.morph | 2 ++ systems/devel-system-x86_32-chroot.morph | 2 ++ systems/devel-system-x86_32-generic.morph | 2 ++ systems/devel-system-x86_64-chroot.morph | 2 ++ systems/devel-system-x86_64-generic.morph | 2 ++ systems/devel-system-x86_64-vagrant.morph | 2 ++ systems/installer-system-armv8b64.morph | 2 ++ systems/installer-system-x86_64.morph | 2 ++ systems/openstack-system-x86_64.morph | 2 ++ systems/trove-system-x86_64.morph | 2 ++ systems/xfce-system.morph | 2 ++ 39 files changed, 90 insertions(+), 11 deletions(-) create mode 100644 strata/python-pygobject.morph create mode 100644 strata/python-pygobject/pygobject.morph delete mode 100644 strata/virtualization/pygobject.morph diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 99a0562f..77b7cb7a 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -3,6 +3,8 @@ kind: stratum build-depends: - morph: strata/core.morph - morph: strata/python-cliapp.morph +- morph: strata/python-core.morph +- morph: strata/python-pygobject.morph - morph: strata/python-wsgi.morph chunks: - name: python-ttystatus diff --git a/strata/python-pygobject.morph b/strata/python-pygobject.morph new file mode 100644 index 00000000..a371cccb --- /dev/null +++ b/strata/python-pygobject.morph @@ -0,0 +1,14 @@ +name: python-pygobject +kind: stratum +description: | + Python GObject bindings +build-depends: +- morph: strata/python-core.morph +# Depends on 'foundation' for GLib +- morph: strata/foundation.morph +chunks: +- name: pygobject + morph: strata/python-pygobject/pygobject.morph + repo: upstream:pygobject + ref: 276341d7ddab180020c31e6837bd28fd25784de0 + unpetrify-ref: baserock/morph diff --git a/strata/python-pygobject/pygobject.morph b/strata/python-pygobject/pygobject.morph new file mode 100644 index 00000000..a423537e --- /dev/null +++ b/strata/python-pygobject/pygobject.morph @@ -0,0 +1,5 @@ +name: pygobject +kind: chunk +build-system: autotools +configure-commands: +- ./autogen.sh --prefix="$PREFIX" --disable-cairo diff --git a/strata/virtualization.morph b/strata/virtualization.morph index 0065e087..9eb11f5e 100644 --- a/strata/virtualization.morph +++ b/strata/virtualization.morph @@ -7,6 +7,7 @@ description: | or ebtables, for example. build-depends: - morph: strata/python-core.morph +- morph: strata/python-pygobject.morph - morph: strata/connman-common.morph - morph: strata/lvm.morph - morph: strata/xorg-util-macros-common.morph @@ -75,11 +76,6 @@ chunks: build-depends: - libvirt - urlgrabber -- name: pygobject - morph: strata/virtualization/pygobject.morph - repo: upstream:pygobject - ref: 276341d7ddab180020c31e6837bd28fd25784de0 - unpetrify-ref: baserock/morph - name: libsoup morph: strata/virtualization/libsoup.morph repo: upstream:libsoup @@ -92,7 +88,6 @@ chunks: unpetrify-ref: baserock/morph build-depends: - libsoup - - pygobject - name: virt-manager repo: upstream:virt-manager ref: 8b7ebd4538ffbd2d246fdeee4f1bb1c452585575 diff --git a/strata/virtualization/pygobject.morph b/strata/virtualization/pygobject.morph deleted file mode 100644 index a423537e..00000000 --- a/strata/virtualization/pygobject.morph +++ /dev/null @@ -1,5 +0,0 @@ -name: pygobject -kind: chunk -build-system: autotools -configure-commands: -- ./autogen.sh --prefix="$PREFIX" --disable-cairo diff --git a/systems/build-system-armv7lhf-highbank.morph b/systems/build-system-armv7lhf-highbank.morph index b9ee8e79..017c08c6 100644 --- a/systems/build-system-armv7lhf-highbank.morph +++ b/systems/build-system-armv7lhf-highbank.morph @@ -19,6 +19,8 @@ strata: morph: strata/python-cliapp.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: morph-utils morph: strata/morph-utils.morph - name: nfs diff --git a/systems/build-system-armv7lhf-jetson.morph b/systems/build-system-armv7lhf-jetson.morph index 6c59cb28..8b2cdc97 100644 --- a/systems/build-system-armv7lhf-jetson.morph +++ b/systems/build-system-armv7lhf-jetson.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-armv8b64.morph b/systems/build-system-armv8b64.morph index b79487e5..242e9c93 100644 --- a/systems/build-system-armv8b64.morph +++ b/systems/build-system-armv8b64.morph @@ -20,6 +20,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-armv8l64.morph b/systems/build-system-armv8l64.morph index 63dcb432..b2b432f8 100644 --- a/systems/build-system-armv8l64.morph +++ b/systems/build-system-armv8l64.morph @@ -20,6 +20,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-ppc64.morph b/systems/build-system-ppc64.morph index 600eb683..c8471f40 100644 --- a/systems/build-system-ppc64.morph +++ b/systems/build-system-ppc64.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-x86_32-chroot.morph b/systems/build-system-x86_32-chroot.morph index 61bf4eaf..4aa33cc5 100644 --- a/systems/build-system-x86_32-chroot.morph +++ b/systems/build-system-x86_32-chroot.morph @@ -15,6 +15,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-x86_32.morph b/systems/build-system-x86_32.morph index f485287e..21d0b798 100644 --- a/systems/build-system-x86_32.morph +++ b/systems/build-system-x86_32.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-x86_64-chroot.morph b/systems/build-system-x86_64-chroot.morph index e8cd7b87..a9d8bd06 100644 --- a/systems/build-system-x86_64-chroot.morph +++ b/systems/build-system-x86_64-chroot.morph @@ -15,6 +15,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/build-system-x86_64.morph b/systems/build-system-x86_64.morph index b9433409..21d20f50 100644 --- a/systems/build-system-x86_64.morph +++ b/systems/build-system-x86_64.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/ceph-service-x86_64-generic.morph b/systems/ceph-service-x86_64-generic.morph index 95b17dc0..59423303 100644 --- a/systems/ceph-service-x86_64-generic.morph +++ b/systems/ceph-service-x86_64-generic.morph @@ -24,6 +24,8 @@ strata: morph: strata/ntpd.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7-chroot.morph b/systems/devel-system-armv7-chroot.morph index 18f82d3b..cb638601 100644 --- a/systems/devel-system-armv7-chroot.morph +++ b/systems/devel-system-armv7-chroot.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7-highbank.morph b/systems/devel-system-armv7-highbank.morph index 40303dce..0f3e87d9 100644 --- a/systems/devel-system-armv7-highbank.morph +++ b/systems/devel-system-armv7-highbank.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7-versatile.morph b/systems/devel-system-armv7-versatile.morph index 8f689705..57eec8c2 100644 --- a/systems/devel-system-armv7-versatile.morph +++ b/systems/devel-system-armv7-versatile.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7-wandboard.morph b/systems/devel-system-armv7-wandboard.morph index f139ebc4..7dceb691 100644 --- a/systems/devel-system-armv7-wandboard.morph +++ b/systems/devel-system-armv7-wandboard.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7b-chroot.morph b/systems/devel-system-armv7b-chroot.morph index 5ce8c9c7..5859a0f2 100644 --- a/systems/devel-system-armv7b-chroot.morph +++ b/systems/devel-system-armv7b-chroot.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7b-highbank.morph b/systems/devel-system-armv7b-highbank.morph index 51de3509..6ff4744d 100644 --- a/systems/devel-system-armv7b-highbank.morph +++ b/systems/devel-system-armv7b-highbank.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7lhf-chroot.morph b/systems/devel-system-armv7lhf-chroot.morph index e6db8b26..b1979389 100644 --- a/systems/devel-system-armv7lhf-chroot.morph +++ b/systems/devel-system-armv7lhf-chroot.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7lhf-highbank.morph b/systems/devel-system-armv7lhf-highbank.morph index 03ad8fd0..f910ad92 100644 --- a/systems/devel-system-armv7lhf-highbank.morph +++ b/systems/devel-system-armv7lhf-highbank.morph @@ -19,6 +19,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7lhf-jetson.morph b/systems/devel-system-armv7lhf-jetson.morph index a07a66d2..ebd4b07e 100644 --- a/systems/devel-system-armv7lhf-jetson.morph +++ b/systems/devel-system-armv7lhf-jetson.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv7lhf-wandboard.morph b/systems/devel-system-armv7lhf-wandboard.morph index b2191c8c..8ebe4a16 100644 --- a/systems/devel-system-armv7lhf-wandboard.morph +++ b/systems/devel-system-armv7lhf-wandboard.morph @@ -19,6 +19,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv8b64.morph b/systems/devel-system-armv8b64.morph index c5e32beb..d38fc13c 100644 --- a/systems/devel-system-armv8b64.morph +++ b/systems/devel-system-armv8b64.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-armv8l64.morph b/systems/devel-system-armv8l64.morph index 64df4716..d0492c73 100644 --- a/systems/devel-system-armv8l64.morph +++ b/systems/devel-system-armv8l64.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-ppc64-chroot.morph b/systems/devel-system-ppc64-chroot.morph index 0c4f3b46..d14fb125 100644 --- a/systems/devel-system-ppc64-chroot.morph +++ b/systems/devel-system-ppc64-chroot.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-ppc64-generic.morph b/systems/devel-system-ppc64-generic.morph index 6ad076ea..116de32c 100644 --- a/systems/devel-system-ppc64-generic.morph +++ b/systems/devel-system-ppc64-generic.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-x86_32-chroot.morph b/systems/devel-system-x86_32-chroot.morph index 5e2e11bf..0191be0b 100644 --- a/systems/devel-system-x86_32-chroot.morph +++ b/systems/devel-system-x86_32-chroot.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-x86_32-generic.morph b/systems/devel-system-x86_32-generic.morph index 2a6f8178..82fecd35 100644 --- a/systems/devel-system-x86_32-generic.morph +++ b/systems/devel-system-x86_32-generic.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-x86_64-chroot.morph b/systems/devel-system-x86_64-chroot.morph index e679cca3..eb7df420 100644 --- a/systems/devel-system-x86_64-chroot.morph +++ b/systems/devel-system-x86_64-chroot.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-x86_64-generic.morph b/systems/devel-system-x86_64-generic.morph index 82fc0cae..026c9964 100644 --- a/systems/devel-system-x86_64-generic.morph +++ b/systems/devel-system-x86_64-generic.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/devel-system-x86_64-vagrant.morph b/systems/devel-system-x86_64-vagrant.morph index 647e627c..bccfd111 100644 --- a/systems/devel-system-x86_64-vagrant.morph +++ b/systems/devel-system-x86_64-vagrant.morph @@ -18,6 +18,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/installer-system-armv8b64.morph b/systems/installer-system-armv8b64.morph index b2606aee..22596a64 100644 --- a/systems/installer-system-armv8b64.morph +++ b/systems/installer-system-armv8b64.morph @@ -15,6 +15,8 @@ strata: morph: strata/bsp-armv8b64-generic.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/installer-system-x86_64.morph b/systems/installer-system-x86_64.morph index cea09c09..0e464b9b 100644 --- a/systems/installer-system-x86_64.morph +++ b/systems/installer-system-x86_64.morph @@ -15,6 +15,8 @@ strata: morph: strata/bsp-x86_64-generic.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index ecd99cc7..1d7cab73 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -9,6 +9,8 @@ strata: morph: strata/core.morph - name: python-core morph: strata/python-core.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-common morph: strata/python-common.morph - name: foundation diff --git a/systems/trove-system-x86_64.morph b/systems/trove-system-x86_64.morph index ab50f7f6..680e5ded 100644 --- a/systems/trove-system-x86_64.morph +++ b/systems/trove-system-x86_64.morph @@ -17,6 +17,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils diff --git a/systems/xfce-system.morph b/systems/xfce-system.morph index dad3d3dc..6a33055f 100644 --- a/systems/xfce-system.morph +++ b/systems/xfce-system.morph @@ -35,6 +35,8 @@ strata: morph: strata/tools.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph - name: morph-utils -- cgit v1.2.1 From 71b0af69e6c0c150306c0d276fbc61fd518b8e04 Mon Sep 17 00:00:00 2001 From: Adam Coldrick Date: Thu, 16 Apr 2015 14:58:41 +0000 Subject: Split libsoup into its own stratum Change-Id: I14177e899e404fdc72728f694f8551d5f8518f4b --- strata/libsoup-common.morph | 11 +++++++++++ strata/libsoup-common/libsoup.morph | 6 ++++++ strata/virtualization.morph | 8 +------- strata/virtualization/libsoup.morph | 6 ------ systems/openstack-system-x86_64.morph | 2 ++ 5 files changed, 20 insertions(+), 13 deletions(-) create mode 100644 strata/libsoup-common.morph create mode 100644 strata/libsoup-common/libsoup.morph delete mode 100644 strata/virtualization/libsoup.morph diff --git a/strata/libsoup-common.morph b/strata/libsoup-common.morph new file mode 100644 index 00000000..b4fdaa87 --- /dev/null +++ b/strata/libsoup-common.morph @@ -0,0 +1,11 @@ +name: libsoup-common +kind: stratum +build-depends: +# libsoup depends on foundation for 'glib', and maybe other things. +- morph: strata/foundation.morph +chunks: +- name: libsoup + morph: strata/libsoup-common/libsoup.morph + repo: upstream:libsoup + ref: ce764489e358bad6b49418f5c8bc7b25a4b1815e + unpetrify-ref: baserock/morph diff --git a/strata/libsoup-common/libsoup.morph b/strata/libsoup-common/libsoup.morph new file mode 100644 index 00000000..0a5ebef6 --- /dev/null +++ b/strata/libsoup-common/libsoup.morph @@ -0,0 +1,6 @@ +name: libsoup +kind: chunk +build-system: autotools +configure-commands: +- NOCONFIGURE=1 ./autogen.sh +- ./configure --prefix="$PREFIX" --disable-tls-check diff --git a/strata/virtualization.morph b/strata/virtualization.morph index 9eb11f5e..548019aa 100644 --- a/strata/virtualization.morph +++ b/strata/virtualization.morph @@ -6,6 +6,7 @@ description: | kernel history to check which config are needed for openvswitch, libvirt, or ebtables, for example. build-depends: +- morph: strata/libsoup-common.morph - morph: strata/python-core.morph - morph: strata/python-pygobject.morph - morph: strata/connman-common.morph @@ -76,18 +77,11 @@ chunks: build-depends: - libvirt - urlgrabber -- name: libsoup - morph: strata/virtualization/libsoup.morph - repo: upstream:libsoup - ref: ce764489e358bad6b49418f5c8bc7b25a4b1815e - unpetrify-ref: baserock/morph - name: libosinfo morph: strata/virtualization/libosinfo.morph repo: upstream:libosinfo ref: a86c74c4d3f62bb0e315ab7fc78ec9f7746bdd12 unpetrify-ref: baserock/morph - build-depends: - - libsoup - name: virt-manager repo: upstream:virt-manager ref: 8b7ebd4538ffbd2d246fdeee4f1bb1c452585575 diff --git a/strata/virtualization/libsoup.morph b/strata/virtualization/libsoup.morph deleted file mode 100644 index 0a5ebef6..00000000 --- a/strata/virtualization/libsoup.morph +++ /dev/null @@ -1,6 +0,0 @@ -name: libsoup -kind: chunk -build-system: autotools -configure-commands: -- NOCONFIGURE=1 ./autogen.sh -- ./configure --prefix="$PREFIX" --disable-tls-check diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 1d7cab73..631fedb2 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -57,6 +57,8 @@ strata: morph: strata/ansible.morph - name: ntpd morph: strata/ntpd.morph +- name: libsoup-common + morph: strata/libsoup-common.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From 1d0b420e86100e156ac2270ae48ed7e4d964f16c Mon Sep 17 00:00:00 2001 From: Adam Coldrick Date: Fri, 27 Feb 2015 09:00:16 +0000 Subject: Add an ostree-core stratum This will be used by future versions of Morph. By adding OSTree to the cross-bootstrap systems we have significantly increased the size and complexity of them. Some of this can be reduced: OStree doesn't actually depend on all of 'foundation', just 'glib'. Change-Id: I89403bf4625178e6f887402b5817f6a727cfcf97 --- strata/morph-utils.morph | 1 + strata/ostree-core.morph | 17 +++++++++++++++++ systems/build-system-armv7lhf-highbank.morph | 4 ++++ systems/build-system-armv7lhf-jetson.morph | 4 ++++ systems/build-system-armv8b64.morph | 4 ++++ systems/build-system-armv8l64.morph | 4 ++++ systems/build-system-ppc64.morph | 4 ++++ systems/build-system-x86_32-chroot.morph | 4 ++++ systems/build-system-x86_32.morph | 4 ++++ systems/build-system-x86_64-chroot.morph | 4 ++++ systems/build-system-x86_64.morph | 4 ++++ systems/ceph-service-x86_64-generic.morph | 4 ++++ systems/cross-bootstrap-system-armv7lhf-generic.morph | 10 ++++++++++ systems/cross-bootstrap-system-armv8b64-generic.morph | 10 ++++++++++ systems/cross-bootstrap-system-armv8l64-generic.morph | 10 ++++++++++ systems/cross-bootstrap-system-ppc64-generic.morph | 10 ++++++++++ systems/cross-bootstrap-system-x86_64-generic.morph | 10 ++++++++++ systems/devel-system-armv7-chroot.morph | 4 ++++ systems/devel-system-armv7-highbank.morph | 4 ++++ systems/devel-system-armv7-versatile.morph | 4 ++++ systems/devel-system-armv7-wandboard.morph | 4 ++++ systems/devel-system-armv7b-chroot.morph | 4 ++++ systems/devel-system-armv7b-highbank.morph | 4 ++++ systems/devel-system-armv7lhf-chroot.morph | 4 ++++ systems/devel-system-armv7lhf-highbank.morph | 4 ++++ systems/devel-system-armv7lhf-jetson.morph | 4 ++++ systems/devel-system-armv7lhf-wandboard.morph | 4 ++++ systems/devel-system-armv8b64.morph | 4 ++++ systems/devel-system-armv8l64.morph | 4 ++++ systems/devel-system-ppc64-chroot.morph | 4 ++++ systems/devel-system-ppc64-generic.morph | 4 ++++ systems/devel-system-x86_32-chroot.morph | 4 ++++ systems/devel-system-x86_32-generic.morph | 4 ++++ systems/devel-system-x86_64-chroot.morph | 4 ++++ systems/devel-system-x86_64-generic.morph | 4 ++++ systems/devel-system-x86_64-vagrant.morph | 4 ++++ systems/installer-system-armv8b64.morph | 4 ++++ systems/installer-system-x86_64.morph | 4 ++++ systems/trove-system-x86_64.morph | 4 ++++ systems/xfce-system.morph | 4 ++++ 40 files changed, 200 insertions(+) create mode 100644 strata/ostree-core.morph diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 77b7cb7a..fc1001d8 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -2,6 +2,7 @@ name: morph-utils kind: stratum build-depends: - morph: strata/core.morph +- morph: strata/ostree-core.morph - morph: strata/python-cliapp.morph - morph: strata/python-core.morph - morph: strata/python-pygobject.morph diff --git a/strata/ostree-core.morph b/strata/ostree-core.morph new file mode 100644 index 00000000..5052bf4b --- /dev/null +++ b/strata/ostree-core.morph @@ -0,0 +1,17 @@ +name: ostree-core +kind: stratum +build-depends: +- morph: strata/foundation.morph +- morph: strata/core.morph +- morph: strata/libsoup-common.morph +chunks: +- name: libgsystem + repo: upstream:libgsystem + ref: 8231b8ad4a4ee35e4b11fae5f6e7cddabf1c51ae + unpetrify-ref: master +- name: ostree + repo: upstream:ostree + ref: c9704e9802dfeda9b5a138535c59e98df3dd7196 + unpetrify-ref: baserock/morph + build-depends: + - libgsystem diff --git a/systems/build-system-armv7lhf-highbank.morph b/systems/build-system-armv7lhf-highbank.morph index 017c08c6..1f075560 100644 --- a/systems/build-system-armv7lhf-highbank.morph +++ b/systems/build-system-armv7lhf-highbank.morph @@ -37,6 +37,10 @@ strata: morph: strata/openstack-clients.morph - name: devtools morph: strata/devtools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-armv7lhf-jetson.morph b/systems/build-system-armv7lhf-jetson.morph index 8b2cdc97..29e1ef24 100644 --- a/systems/build-system-armv7lhf-jetson.morph +++ b/systems/build-system-armv7lhf-jetson.morph @@ -37,6 +37,10 @@ strata: morph: strata/openstack-clients.morph - name: devtools morph: strata/devtools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-armv8b64.morph b/systems/build-system-armv8b64.morph index 242e9c93..53f78f16 100644 --- a/systems/build-system-armv8b64.morph +++ b/systems/build-system-armv8b64.morph @@ -24,6 +24,10 @@ strata: morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: nfs diff --git a/systems/build-system-armv8l64.morph b/systems/build-system-armv8l64.morph index b2b432f8..c6f18bb9 100644 --- a/systems/build-system-armv8l64.morph +++ b/systems/build-system-armv8l64.morph @@ -40,6 +40,10 @@ strata: morph: strata/openstack-clients.morph - name: devtools morph: strata/devtools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-ppc64.morph b/systems/build-system-ppc64.morph index c8471f40..bf99c769 100644 --- a/systems/build-system-ppc64.morph +++ b/systems/build-system-ppc64.morph @@ -37,6 +37,10 @@ strata: morph: strata/openstack-clients.morph - name: devtools morph: strata/devtools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-x86_32-chroot.morph b/systems/build-system-x86_32-chroot.morph index 4aa33cc5..1d94f3e4 100644 --- a/systems/build-system-x86_32-chroot.morph +++ b/systems/build-system-x86_32-chroot.morph @@ -37,6 +37,10 @@ strata: morph: strata/devtools.morph - name: bsp-x86_both-tools morph: strata/bsp-x86_both-tools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-x86_32.morph b/systems/build-system-x86_32.morph index 21d0b798..6a296819 100644 --- a/systems/build-system-x86_32.morph +++ b/systems/build-system-x86_32.morph @@ -39,6 +39,10 @@ strata: morph: strata/devtools.morph - name: bsp-x86_both-tools morph: strata/bsp-x86_both-tools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-x86_64-chroot.morph b/systems/build-system-x86_64-chroot.morph index a9d8bd06..f2be63cf 100644 --- a/systems/build-system-x86_64-chroot.morph +++ b/systems/build-system-x86_64-chroot.morph @@ -37,6 +37,10 @@ strata: morph: strata/devtools.morph - name: bsp-x86_both-tools morph: strata/bsp-x86_both-tools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/build-system-x86_64.morph b/systems/build-system-x86_64.morph index 21d20f50..922e26f7 100644 --- a/systems/build-system-x86_64.morph +++ b/systems/build-system-x86_64.morph @@ -39,6 +39,10 @@ strata: morph: strata/devtools.morph - name: bsp-x86_both-tools morph: strata/bsp-x86_both-tools.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/ceph-service-x86_64-generic.morph b/systems/ceph-service-x86_64-generic.morph index 59423303..e585c2d6 100644 --- a/systems/ceph-service-x86_64-generic.morph +++ b/systems/ceph-service-x86_64-generic.morph @@ -28,6 +28,10 @@ strata: morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: openstack-common diff --git a/systems/cross-bootstrap-system-armv7lhf-generic.morph b/systems/cross-bootstrap-system-armv7lhf-generic.morph index f0a2780b..755fef70 100644 --- a/systems/cross-bootstrap-system-armv7lhf-generic.morph +++ b/systems/cross-bootstrap-system-armv7lhf-generic.morph @@ -7,8 +7,18 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-core + morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: cross-bootstrap diff --git a/systems/cross-bootstrap-system-armv8b64-generic.morph b/systems/cross-bootstrap-system-armv8b64-generic.morph index ed2cbc89..a146a1f6 100644 --- a/systems/cross-bootstrap-system-armv8b64-generic.morph +++ b/systems/cross-bootstrap-system-armv8b64-generic.morph @@ -7,8 +7,18 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-core + morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: cross-bootstrap diff --git a/systems/cross-bootstrap-system-armv8l64-generic.morph b/systems/cross-bootstrap-system-armv8l64-generic.morph index 2bf192d3..8cc6ac0b 100644 --- a/systems/cross-bootstrap-system-armv8l64-generic.morph +++ b/systems/cross-bootstrap-system-armv8l64-generic.morph @@ -7,8 +7,18 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-core + morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: cross-bootstrap diff --git a/systems/cross-bootstrap-system-ppc64-generic.morph b/systems/cross-bootstrap-system-ppc64-generic.morph index 9d736f94..56ce889c 100644 --- a/systems/cross-bootstrap-system-ppc64-generic.morph +++ b/systems/cross-bootstrap-system-ppc64-generic.morph @@ -7,8 +7,18 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-core + morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: cross-bootstrap diff --git a/systems/cross-bootstrap-system-x86_64-generic.morph b/systems/cross-bootstrap-system-x86_64-generic.morph index ac919d66..b816a038 100644 --- a/systems/cross-bootstrap-system-x86_64-generic.morph +++ b/systems/cross-bootstrap-system-x86_64-generic.morph @@ -7,8 +7,18 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph +- name: python-core + morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: cross-bootstrap diff --git a/systems/devel-system-armv7-chroot.morph b/systems/devel-system-armv7-chroot.morph index cb638601..d6c78c13 100644 --- a/systems/devel-system-armv7-chroot.morph +++ b/systems/devel-system-armv7-chroot.morph @@ -47,6 +47,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-highbank.morph b/systems/devel-system-armv7-highbank.morph index 0f3e87d9..8e6905e0 100644 --- a/systems/devel-system-armv7-highbank.morph +++ b/systems/devel-system-armv7-highbank.morph @@ -48,6 +48,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-versatile.morph b/systems/devel-system-armv7-versatile.morph index 57eec8c2..b0eafe82 100644 --- a/systems/devel-system-armv7-versatile.morph +++ b/systems/devel-system-armv7-versatile.morph @@ -48,6 +48,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-wandboard.morph b/systems/devel-system-armv7-wandboard.morph index 7dceb691..df521772 100644 --- a/systems/devel-system-armv7-wandboard.morph +++ b/systems/devel-system-armv7-wandboard.morph @@ -48,6 +48,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7b-chroot.morph b/systems/devel-system-armv7b-chroot.morph index 5859a0f2..2982f422 100644 --- a/systems/devel-system-armv7b-chroot.morph +++ b/systems/devel-system-armv7b-chroot.morph @@ -39,6 +39,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7b-highbank.morph b/systems/devel-system-armv7b-highbank.morph index 6ff4744d..a4f57921 100644 --- a/systems/devel-system-armv7b-highbank.morph +++ b/systems/devel-system-armv7b-highbank.morph @@ -44,6 +44,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-chroot.morph b/systems/devel-system-armv7lhf-chroot.morph index b1979389..894686fe 100644 --- a/systems/devel-system-armv7lhf-chroot.morph +++ b/systems/devel-system-armv7lhf-chroot.morph @@ -47,6 +47,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-highbank.morph b/systems/devel-system-armv7lhf-highbank.morph index f910ad92..d793a122 100644 --- a/systems/devel-system-armv7lhf-highbank.morph +++ b/systems/devel-system-armv7lhf-highbank.morph @@ -51,6 +51,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-jetson.morph b/systems/devel-system-armv7lhf-jetson.morph index ebd4b07e..14a3f193 100644 --- a/systems/devel-system-armv7lhf-jetson.morph +++ b/systems/devel-system-armv7lhf-jetson.morph @@ -51,6 +51,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-wandboard.morph b/systems/devel-system-armv7lhf-wandboard.morph index 8ebe4a16..44c9e4e8 100644 --- a/systems/devel-system-armv7lhf-wandboard.morph +++ b/systems/devel-system-armv7lhf-wandboard.morph @@ -51,6 +51,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv8b64.morph b/systems/devel-system-armv8b64.morph index d38fc13c..488574ed 100644 --- a/systems/devel-system-armv8b64.morph +++ b/systems/devel-system-armv8b64.morph @@ -50,6 +50,10 @@ strata: morph: strata/devtools.morph - name: ansible morph: strata/ansible.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv8l64.morph b/systems/devel-system-armv8l64.morph index d0492c73..e84caa74 100644 --- a/systems/devel-system-armv8l64.morph +++ b/systems/devel-system-armv8l64.morph @@ -50,6 +50,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-ppc64-chroot.morph b/systems/devel-system-ppc64-chroot.morph index d14fb125..44df4803 100644 --- a/systems/devel-system-ppc64-chroot.morph +++ b/systems/devel-system-ppc64-chroot.morph @@ -45,6 +45,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-ppc64-generic.morph b/systems/devel-system-ppc64-generic.morph index 116de32c..a6bf2f0d 100644 --- a/systems/devel-system-ppc64-generic.morph +++ b/systems/devel-system-ppc64-generic.morph @@ -48,6 +48,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_32-chroot.morph b/systems/devel-system-x86_32-chroot.morph index 0191be0b..1cc2add1 100644 --- a/systems/devel-system-x86_32-chroot.morph +++ b/systems/devel-system-x86_32-chroot.morph @@ -47,6 +47,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_32-generic.morph b/systems/devel-system-x86_32-generic.morph index 82fecd35..8baf62aa 100644 --- a/systems/devel-system-x86_32-generic.morph +++ b/systems/devel-system-x86_32-generic.morph @@ -52,6 +52,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_64-chroot.morph b/systems/devel-system-x86_64-chroot.morph index eb7df420..8e8ff87a 100644 --- a/systems/devel-system-x86_64-chroot.morph +++ b/systems/devel-system-x86_64-chroot.morph @@ -49,6 +49,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_64-generic.morph b/systems/devel-system-x86_64-generic.morph index 026c9964..0f4bb371 100644 --- a/systems/devel-system-x86_64-generic.morph +++ b/systems/devel-system-x86_64-generic.morph @@ -52,6 +52,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-x86_64-vagrant.morph b/systems/devel-system-x86_64-vagrant.morph index bccfd111..4c3e0b33 100644 --- a/systems/devel-system-x86_64-vagrant.morph +++ b/systems/devel-system-x86_64-vagrant.morph @@ -50,6 +50,10 @@ strata: morph: strata/ansible.morph - name: swift morph: strata/swift.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/installer-system-armv8b64.morph b/systems/installer-system-armv8b64.morph index 22596a64..a5b7355d 100644 --- a/systems/installer-system-armv8b64.morph +++ b/systems/installer-system-armv8b64.morph @@ -19,6 +19,10 @@ strata: morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: installer-utils diff --git a/systems/installer-system-x86_64.morph b/systems/installer-system-x86_64.morph index 0e464b9b..00ed7c69 100644 --- a/systems/installer-system-x86_64.morph +++ b/systems/installer-system-x86_64.morph @@ -19,6 +19,10 @@ strata: morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: installer-utils diff --git a/systems/trove-system-x86_64.morph b/systems/trove-system-x86_64.morph index 680e5ded..5881cb51 100644 --- a/systems/trove-system-x86_64.morph +++ b/systems/trove-system-x86_64.morph @@ -21,6 +21,10 @@ strata: morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: pcre-utils diff --git a/systems/xfce-system.morph b/systems/xfce-system.morph index 6a33055f..9570c1f6 100644 --- a/systems/xfce-system.morph +++ b/systems/xfce-system.morph @@ -39,6 +39,10 @@ strata: morph: strata/python-pygobject.morph - name: python-wsgi morph: strata/python-wsgi.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph - name: morph-utils morph: strata/morph-utils.morph - name: xfce -- cgit v1.2.1 From eacdc2a50b1c4f519406f2c105e025f8f93bc0d1 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Thu, 23 Apr 2015 12:16:10 +0000 Subject: Fix mess created in previous commit Change-Id: I828aa856fc14b04d3e4d358f78deb0d8abc22229 --- systems/cross-bootstrap-system-armv7lhf-generic.morph | 2 +- systems/cross-bootstrap-system-armv8b64-generic.morph | 2 +- systems/cross-bootstrap-system-armv8l64-generic.morph | 2 +- systems/cross-bootstrap-system-ppc64-generic.morph | 2 +- systems/cross-bootstrap-system-x86_64-generic.morph | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/systems/cross-bootstrap-system-armv7lhf-generic.morph b/systems/cross-bootstrap-system-armv7lhf-generic.morph index 755fef70..e07faa38 100644 --- a/systems/cross-bootstrap-system-armv7lhf-generic.morph +++ b/systems/cross-bootstrap-system-armv7lhf-generic.morph @@ -12,7 +12,7 @@ strata: - name: python-cliapp morph: strata/python-cliapp.morph - name: python-core - morph: strata/python-cliapp.morph + morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-armv8b64-generic.morph b/systems/cross-bootstrap-system-armv8b64-generic.morph index a146a1f6..7084333a 100644 --- a/systems/cross-bootstrap-system-armv8b64-generic.morph +++ b/systems/cross-bootstrap-system-armv8b64-generic.morph @@ -12,7 +12,7 @@ strata: - name: python-cliapp morph: strata/python-cliapp.morph - name: python-core - morph: strata/python-cliapp.morph + morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-armv8l64-generic.morph b/systems/cross-bootstrap-system-armv8l64-generic.morph index 8cc6ac0b..b05357c9 100644 --- a/systems/cross-bootstrap-system-armv8l64-generic.morph +++ b/systems/cross-bootstrap-system-armv8l64-generic.morph @@ -12,7 +12,7 @@ strata: - name: python-cliapp morph: strata/python-cliapp.morph - name: python-core - morph: strata/python-cliapp.morph + morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-ppc64-generic.morph b/systems/cross-bootstrap-system-ppc64-generic.morph index 56ce889c..a7953aa0 100644 --- a/systems/cross-bootstrap-system-ppc64-generic.morph +++ b/systems/cross-bootstrap-system-ppc64-generic.morph @@ -12,7 +12,7 @@ strata: - name: python-cliapp morph: strata/python-cliapp.morph - name: python-core - morph: strata/python-cliapp.morph + morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-x86_64-generic.morph b/systems/cross-bootstrap-system-x86_64-generic.morph index b816a038..25397fe3 100644 --- a/systems/cross-bootstrap-system-x86_64-generic.morph +++ b/systems/cross-bootstrap-system-x86_64-generic.morph @@ -12,7 +12,7 @@ strata: - name: python-cliapp morph: strata/python-cliapp.morph - name: python-core - morph: strata/python-cliapp.morph + morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common -- cgit v1.2.1 From 6f9c7077041a59ee9f319c5fc7c59a212768b4fd Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Wed, 22 Apr 2015 17:30:02 +0000 Subject: Add unionfs-fuse to Highbank systems Other systems can use overlayfs, but we can't run Linux 3.18 on Highbank so must use unionfs-fuse for now instead. Change-Id: I26a4c1656298e071df31684bfe1dd616ecbf4558 --- strata/unionfs-fuse-group.morph | 21 +++++++++++++++++++++ strata/unionfs-fuse-group/unionfs-fuse.morph | 13 +++++++++++++ systems/build-system-armv7lhf-highbank.morph | 2 ++ systems/devel-system-armv7-highbank.morph | 2 ++ systems/devel-system-armv7b-highbank.morph | 2 ++ systems/devel-system-armv7lhf-highbank.morph | 2 ++ 6 files changed, 42 insertions(+) create mode 100644 strata/unionfs-fuse-group.morph create mode 100644 strata/unionfs-fuse-group/unionfs-fuse.morph diff --git a/strata/unionfs-fuse-group.morph b/strata/unionfs-fuse-group.morph new file mode 100644 index 00000000..914b18e0 --- /dev/null +++ b/strata/unionfs-fuse-group.morph @@ -0,0 +1,21 @@ +name: unionfs-fuse-group +kind: stratum + +description: + User-space union file system. + + This is used by Morph for systems which are unable to use 'overlayfs'. + It is slower than 'overlayfs', because it runs outside rather than + inside the kernel, but 'overlayfs' is only available in Linux 3.18 and + newer. + +build-depends: +# Depends on foundation for 'fuse', and maybe other stuff. +- morph: strata/foundation.morph + +chunks: + - name: unionfs.fuse + morph: strata/unionfs-fuse-group/unionfs-fuse.morph + repo: upstream:unionfs-fuse + ref: efac5b7aa91ec860f8f430a8d21060fe53a07002 + unpetrify-ref: v0.26 diff --git a/strata/unionfs-fuse-group/unionfs-fuse.morph b/strata/unionfs-fuse-group/unionfs-fuse.morph new file mode 100644 index 00000000..9b8ac2c7 --- /dev/null +++ b/strata/unionfs-fuse-group/unionfs-fuse.morph @@ -0,0 +1,13 @@ +name: unionfs-fuse +kind: chunk + +description: + User-space union file system. + +build-system: manual + +build-commands: +- make PREFIX="$PREFIX" + +install-commands: +- make PREFIX="$PREFIX" DESTDIR="$DESTDIR" install diff --git a/systems/build-system-armv7lhf-highbank.morph b/systems/build-system-armv7lhf-highbank.morph index 1f075560..08e76885 100644 --- a/systems/build-system-armv7lhf-highbank.morph +++ b/systems/build-system-armv7lhf-highbank.morph @@ -41,6 +41,8 @@ strata: morph: strata/libsoup-common.morph - name: ostree-core morph: strata/ostree-core.morph +- name: unionfs-fuse-group + morph: strata/unionfs-fuse-group.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7-highbank.morph b/systems/devel-system-armv7-highbank.morph index 8e6905e0..dae24fff 100644 --- a/systems/devel-system-armv7-highbank.morph +++ b/systems/devel-system-armv7-highbank.morph @@ -52,6 +52,8 @@ strata: morph: strata/libsoup-common.morph - name: ostree-core morph: strata/ostree-core.morph +- name: unionfs-fuse-group + morph: strata/unionfs-fuse-group.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7b-highbank.morph b/systems/devel-system-armv7b-highbank.morph index a4f57921..b1710b78 100644 --- a/systems/devel-system-armv7b-highbank.morph +++ b/systems/devel-system-armv7b-highbank.morph @@ -48,6 +48,8 @@ strata: morph: strata/libsoup-common.morph - name: ostree-core morph: strata/ostree-core.morph +- name: unionfs-fuse-group + morph: strata/unionfs-fuse-group.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/devel-system-armv7lhf-highbank.morph b/systems/devel-system-armv7lhf-highbank.morph index d793a122..928f9ce2 100644 --- a/systems/devel-system-armv7lhf-highbank.morph +++ b/systems/devel-system-armv7lhf-highbank.morph @@ -55,6 +55,8 @@ strata: morph: strata/libsoup-common.morph - name: ostree-core morph: strata/ostree-core.morph +- name: unionfs-fuse-group + morph: strata/unionfs-fuse-group.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From 9d4da905a6d93e63c74fdcc0974dcb9fbd0c3c3c Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Thu, 23 Apr 2015 06:15:40 +0000 Subject: nfs: Fix compilation issue with nfs-utils Connecting to the nfs server would fail because one of the services would segfault, because nfs-utils used a pointer before checking whether it was NULL, and gcc would later optimise away the null pointer check. Change-Id: Ia007fc9c33012daf56f65677ab138f706a7a0263 --- strata/nfs.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/nfs.morph b/strata/nfs.morph index 0d04812b..9b9aa248 100644 --- a/strata/nfs.morph +++ b/strata/nfs.morph @@ -23,7 +23,7 @@ chunks: - name: nfs-utils morph: strata/nfs/nfs-utils.morph repo: upstream:nfs-utils - ref: 08baf3bc2f66a1ca6401191e19380028d2fc2c6d + ref: 0da9f20a22bb32b2da6b587b4e85dafde087c0f7 unpetrify-ref: baserock/master build-depends: - libevent -- cgit v1.2.1 From 8895d7ace9f409dc18c9706d39d0521b131dd573 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Fri, 24 Apr 2015 11:51:40 +0100 Subject: Update Morph to include: fe15d7e Calculate the build graph in worker-build 3d87709 Make distbuild use an ArtifactReference not an Artifact internally when 5239f51 Don't serialise the entire build graph aa6dfcb Use --verbose/-v to show build output, --debug/-d for morph debug 124e2f1 distbuild: Add test suite for distbuild-helper 8103617 distbuild: Don't check if there is free disk space on the initiator 9d27007 Add distbuild-trove-nfsboot.write 006096c distbuild: Don't create a directory for build output until we get some 52ff3a3 distbuild: Kill the whole process tree when cancelling a build b2f13f7 deploy: Clean up `morph deploy` documentation a bit f163d9c deploy: Deploy and upgrade systems from the same 'cluster' definition 1c01f18 deploy: Factor out a bit of code into its own function f323af1 distbuild: Move SubprocessEventSource into its own module 40c9378 distbuild: Fix log message when listening for connections Change-Id: I97c38b65db62b0631745ac5d47d572d0218fb9ff --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index fc1001d8..5befde39 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -41,7 +41,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: ab92ce0343b838b336313f604ea035a60dfcb960 + ref: fe15d7e8386cf571fbce39b7c92c43fff8b8c667 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From 7460ff1c66e1c9870ab6e721ed7d0e9191e3a78e Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Fri, 24 Apr 2015 12:07:14 +0100 Subject: Update Morph to fix name of distbuild-trove-nfsboot.write.help --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 5befde39..6020954e 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -41,7 +41,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: fe15d7e8386cf571fbce39b7c92c43fff8b8c667 + ref: e62366ed8a32a44dbe034e8d43450338b1b66e12 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From 2c7dc4cd1531d97aaf3823d23eeba4e0bb6742be Mon Sep 17 00:00:00 2001 From: James Thomas Date: Fri, 24 Apr 2015 12:07:41 +0100 Subject: Update the jetson cluster to use BOOT_DEVICE Reviewed-By: Sam Thursfield --- clusters/ci.morph | 6 ++++-- clusters/jetson-upgrade.morph | 3 ++- clusters/release.morph | 6 ++++-- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/clusters/ci.morph b/clusters/ci.morph index e1bc3887..dd146eae 100644 --- a/clusters/ci.morph +++ b/clusters/ci.morph @@ -24,7 +24,8 @@ systems: type: rawdisk location: build-system-armv7lhf-jetson.img DISK_SIZE: 2G - ROOT_DEVICE: "/dev/mmcblk0p1" + BOOT_DEVICE: "/dev/mmcblk0p1" + ROOT_DEVICE: "/dev/mmcblk0p2" DTB_PATH: "boot/tegra124-jetson-tk1.dtb" BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" @@ -42,7 +43,8 @@ systems: type: rawdisk location: weston-system-armv7lhf-jetson.img DISK_SIZE: 4G - ROOT_DEVICE: "/dev/mmcblk0p1" + BOOT_DEVICE: "/dev/mmcblk0p1" + ROOT_DEVICE: "/dev/mmcblk0p2" DTB_PATH: "boot/tegra124-jetson-tk1.dtb" BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" diff --git a/clusters/jetson-upgrade.morph b/clusters/jetson-upgrade.morph index a73507aa..9fd5155b 100644 --- a/clusters/jetson-upgrade.morph +++ b/clusters/jetson-upgrade.morph @@ -5,7 +5,8 @@ systems: deploy-defaults: TROVE_HOST: TROVE_HOST TROVE_ID: TROVE_ID - ROOT_DEVICE: "/dev/mmcblk0p1" + BOOT_DEVICE: "/dev/mmcblk0p1" + ROOT_DEVICE: "/dev/mmcblk0p2" DTB_PATH: "boot/tegra124-jetson-tk1.dtb" BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" diff --git a/clusters/release.morph b/clusters/release.morph index 8daf90b8..57858f52 100644 --- a/clusters/release.morph +++ b/clusters/release.morph @@ -35,7 +35,8 @@ systems: type: rawdisk location: build-system-armv7lhf-jetson.img DISK_SIZE: 2G - ROOT_DEVICE: "/dev/mmcblk0p1" + BOOT_DEVICE: "/dev/mmcblk0p1" + ROOT_DEVICE: "/dev/mmcblk0p2" DTB_PATH: "boot/tegra124-jetson-tk1.dtb" BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" @@ -53,7 +54,8 @@ systems: type: rawdisk location: genivi-baseline-system-armv7lhf-jetson.img DISK_SIZE: 4G - ROOT_DEVICE: "/dev/mmcblk0p1" + BOOT_DEVICE: "/dev/mmcblk0p1" + ROOT_DEVICE: "/dev/mmcblk0p2" DTB_PATH: "boot/tegra124-jetson-tk1.dtb" BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" -- cgit v1.2.1 From 21d36746dfd3eb8bbaee8ce81f9e729a29d1ab78 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Fri, 24 Apr 2015 13:03:04 +0100 Subject: Update trove-setup to fix idempotency bug --- strata/trove.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/trove.morph b/strata/trove.morph index 40588c05..984050b7 100644 --- a/strata/trove.morph +++ b/strata/trove.morph @@ -71,7 +71,7 @@ chunks: - name: trove-setup morph: strata/trove/trove-setup.morph repo: baserock:baserock/trove-setup - ref: 1b89b00ccfed5adf796c2a5180a8cf6b2e2badf2 + ref: 16de74536e0846ba1d2e5101618df9146c785a41 unpetrify-ref: master - name: lua-scrypt morph: strata/trove/lua-scrypt.morph -- cgit v1.2.1 From 81b6779dddcf977daf26db193c8bcd016066e044 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Thu, 23 Apr 2015 10:00:16 +0100 Subject: openstack-three-node-installer: amend IP address Change-Id: I3ab72d36b6b164088e8d31ac4e2359377714a9fd --- clusters/openstack-three-node-installer.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index 87aa53fd..b496d8ed 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -134,7 +134,7 @@ systems: CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 - HOSTS_SELF: 10.24.1.83 threenode-network + HOSTS_SELF: 10.0.0.1 threenode-network HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt HOSTS_CONTROL: 10.0.0.2 threenode-controller.os-mgmt HOSTS_COMPUTE: 10.0.0.3 threenode-compute.os-mgmt -- cgit v1.2.1 From dcb95e689f2f61a61ef50822f8cb0e9543c8005d Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 21 Apr 2015 10:09:22 +0000 Subject: Enable Ironic on the three-node OpenStack system Also avoid running it on the compute machine on a two-node OpenStack system. Change-Id: I091bb4641291aaf1d699be2bd433cbda1f87d743 --- clusters/openstack-one-node.morph | 1 + clusters/openstack-three-node-installer.morph | 4 +++ clusters/openstack-two-node-installer.morph | 3 ++ openstack-ironic.configure | 48 ++++++++++++++++++--------- 4 files changed, 40 insertions(+), 16 deletions(-) diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index 673c5a42..d57b1bc6 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -85,6 +85,7 @@ systems: NEUTRON_DB_PASSWORD: veryinsecure METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_ENABLE_SERVICE: True IRONIC_SERVICE_USER: ironic IRONIC_SERVICE_PASSWORD: veryinsecure IRONIC_DB_USER: ironicDB diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index b496d8ed..144033cb 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -126,6 +126,7 @@ systems: NEUTRON_DB_PASSWORD: veryinsecure METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_ENABLE_SERVICE: False IRONIC_SERVICE_USER: ironic IRONIC_SERVICE_PASSWORD: veryinsecure IRONIC_DB_USER: ironicDB @@ -138,6 +139,7 @@ systems: HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt HOSTS_CONTROL: 10.0.0.2 threenode-controller.os-mgmt HOSTS_COMPUTE: 10.0.0.3 threenode-compute.os-mgmt + EXTERNAL_INTERFACE: enp3s0 NETWORK_CONFIG: enp3s0:dhcp;enp2s0:static,address=10.0.0.1,netmask=255.255.255.0 subsystems: @@ -166,6 +168,8 @@ systems: NEUTRON_ENABLE_CONTROLLER: True METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_ENABLE_SERVICE: True + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 HOSTS_SELF: 10.0.0.2 threenode-controller EXTERNAL_INTERFACE: enp2s0 diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 00d23ecd..0541e784 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -125,6 +125,7 @@ systems: NEUTRON_DB_PASSWORD: veryinsecure METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_ENABLE_SERVICE: True IRONIC_SERVICE_USER: ironic IRONIC_SERVICE_PASSWORD: veryinsecure IRONIC_DB_USER: ironicDB @@ -175,6 +176,8 @@ systems: NEUTRON_ENABLE_CONTROLLER: False METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + IRONIC_ENABLE_SERVICE: False + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 HOSTS_SELF: 10.0.0.3 twonode-compute EXTERNAL_INTERFACE: eno1 diff --git a/openstack-ironic.configure b/openstack-ironic.configure index 50d8e5c6..7c9c0ffd 100644 --- a/openstack-ironic.configure +++ b/openstack-ironic.configure @@ -19,28 +19,38 @@ set -e ROOT="$1" -########################################################################## +enable(){ + ln -sf "/usr/lib/systemd/system/$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" +} + +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} -ln -sf "/usr/lib/systemd/system/openstack-ironic-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-ironic-setup.service" +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} ########################################################################## # Check variables ########################################################################## -if [ -z "$IRONIC_SERVICE_USER" -a \ - -z "$IRONIC_SERVICE_PASSWORD" -a \ - -z "$IRONIC_DB_USER" -a \ - -z "$IRONIC_DB_PASSWORD" -a \ - -z "$RABBITMQ_HOST" -a \ - -z "$RABBITMQ_USER" -a \ - -z "$RABBITMQ_PASSWORD" -a \ - -z "$RABBITMQ_PORT" -a \ - -z "$CONTROLLER_HOST_ADDRESS" -a \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ - -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then - # No Ironic options defined, do nothing. - exit 0 +check_bool IRONIC_ENABLE_SERVICE + +if ! "$IRONIC_ENABLE_SERVICE"; then + exit 0 fi if [ -z "$IRONIC_SERVICE_USER" -o \ @@ -58,6 +68,12 @@ if [ -z "$IRONIC_SERVICE_USER" -o \ exit 1 fi +###################################### +# Enable relevant openstack services # +###################################### + +enable openstack-ironic-setup + ########################################################################## # Generate configuration file ########################################################################## -- cgit v1.2.1 From 9e7b9c4d0cc17e31f3c84c2d6ae9a95a5f97527c Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 22 Apr 2015 14:14:35 +0000 Subject: Configure and start an iSCSI initiator on all required machines The OpenStack Ironic Conductor service requires that an iSCSI initiator is running on the same local machine. This commit configures and sets an iSCSI initiator to run on the controller node on a two-node and three-node OpenStack system. For a one-node system, this service was already configured as it is required by OpenStack Cinder. Change-Id: I46291d9cd1a31e3ff91888401d45ab0dc67e3677 --- openstack-cinder.configure | 2 +- openstack-ironic.configure | 3 +++ openstack/manifest | 4 ++-- openstack/usr/lib/systemd/system/iscsi-setup.service | 12 ++++++++++++ .../systemd/system/openstack-cinder-iscsi-setup.service | 12 ------------ openstack/usr/share/openstack/cinder-iscsi.yml | 15 --------------- openstack/usr/share/openstack/iscsi.yml | 15 +++++++++++++++ 7 files changed, 33 insertions(+), 30 deletions(-) create mode 100644 openstack/usr/lib/systemd/system/iscsi-setup.service delete mode 100644 openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service delete mode 100644 openstack/usr/share/openstack/cinder-iscsi.yml create mode 100644 openstack/usr/share/openstack/iscsi.yml diff --git a/openstack-cinder.configure b/openstack-cinder.configure index a971dc4c..587a0f83 100644 --- a/openstack-cinder.configure +++ b/openstack-cinder.configure @@ -89,7 +89,7 @@ check_bool CINDER_ENABLE_STORAGE ###################################### if "$CINDER_ENABLE_COMPUTE" || "$CINDER_ENABLE_STORAGE"; then - enable openstack-cinder-iscsi-setup + enable iscsi-setup enable target #target.service! enable iscsid fi diff --git a/openstack-ironic.configure b/openstack-ironic.configure index 7c9c0ffd..962bbcd1 100644 --- a/openstack-ironic.configure +++ b/openstack-ironic.configure @@ -73,6 +73,9 @@ fi ###################################### enable openstack-ironic-setup +enable iscsi-setup +enable target #target.service! +enable iscsid ########################################################################## # Generate configuration file diff --git a/openstack/manifest b/openstack/manifest index 78b030bb..4812c6c3 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -11,7 +11,6 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack/cinder 0100644 0 0 /usr/share/openstack/cinder-config.yml 0100644 0 0 /usr/share/openstack/cinder-db.yml -0100644 0 0 /usr/share/openstack/cinder-iscsi.yml 0100644 0 0 /usr/share/openstack/cinder-lvs.yml 0100644 0 0 /usr/share/openstack/cinder/cinder.conf 0100644 0 0 /usr/share/openstack/cinder/api-paste.ini @@ -35,6 +34,7 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/share/openstack/ironic.yml 0100644 0 0 /usr/share/openstack/ironic/ironic.conf 0100644 0 0 /usr/share/openstack/ironic/policy.json +0100644 0 0 /usr/share/openstack/iscsi.yml 0100644 0 0 /usr/share/openstack/keystone.yml 0040755 0 0 /usr/share/openstack/keystone 0100644 0 0 /usr/share/openstack/keystone/logging.conf @@ -128,6 +128,7 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/lib/sysctl.d 0100644 0 0 /usr/lib/sysctl.d/neutron.conf 0100644 0 0 /usr/lib/systemd/system/apache-httpd.service +0100644 0 0 /usr/lib/systemd/system/iscsi-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone.service 0100644 0 0 /usr/lib/systemd/system/openstack-keystone-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service @@ -159,7 +160,6 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-config-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-db-setup.service -0100644 0 0 /usr/lib/systemd/system/openstack-cinder-iscsi-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-lv-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service diff --git a/openstack/usr/lib/systemd/system/iscsi-setup.service b/openstack/usr/lib/systemd/system/iscsi-setup.service new file mode 100644 index 00000000..c9e5ee59 --- /dev/null +++ b/openstack/usr/lib/systemd/system/iscsi-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Run iscsi-setup Ansible scripts +Before=iscsid.service target.service +Wants= iscsid.service target.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/iscsi.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service deleted file mode 100644 index 157f30fc..00000000 --- a/openstack/usr/lib/systemd/system/openstack-cinder-iscsi-setup.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Run cinder-iscsi-setup Ansible scripts -Before=iscsid.service target.service -Wants= iscsid.service target.service - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder-iscsi.yml - -[Install] -WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/cinder-iscsi.yml b/openstack/usr/share/openstack/cinder-iscsi.yml deleted file mode 100644 index b80377ae..00000000 --- a/openstack/usr/share/openstack/cinder-iscsi.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- hosts: localhost - tasks: - - name: Update kernel module dependencies - command: depmod -a - - - name: generate InitiatorName for iscsi - shell: iscsi-iname - register: initiator_name - - - lineinfile: - dest: /etc/iscsi/initiatorname.iscsi - regexp: '^InitiatorName=$' - line: 'InitiatorName={{ initiator_name.stdout }}' - backrefs: yes diff --git a/openstack/usr/share/openstack/iscsi.yml b/openstack/usr/share/openstack/iscsi.yml new file mode 100644 index 00000000..b80377ae --- /dev/null +++ b/openstack/usr/share/openstack/iscsi.yml @@ -0,0 +1,15 @@ +--- +- hosts: localhost + tasks: + - name: Update kernel module dependencies + command: depmod -a + + - name: generate InitiatorName for iscsi + shell: iscsi-iname + register: initiator_name + + - lineinfile: + dest: /etc/iscsi/initiatorname.iscsi + regexp: '^InitiatorName=$' + line: 'InitiatorName={{ initiator_name.stdout }}' + backrefs: yes -- cgit v1.2.1 From 0f89f20d72ee11de35ad6c4471a1ce3071c57ad4 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Fri, 24 Apr 2015 13:37:15 +0000 Subject: Fix some typos on OpenStack's Ansible scripts Change-Id: I27f2e61a411174541bf2e20a1fd5c30ca8f8ff4e --- openstack/usr/share/openstack/keystone.yml | 4 ++-- openstack/usr/share/openstack/openvswitch.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/openstack/usr/share/openstack/keystone.yml b/openstack/usr/share/openstack/keystone.yml index 20753a9c..64a78ccd 100644 --- a/openstack/usr/share/openstack/keystone.yml +++ b/openstack/usr/share/openstack/keystone.yml @@ -112,7 +112,7 @@ path: /etc/keystone state: directory - - name: Add the configuration needed for lorry in /etc using templates + - name: Add the configuration needed for keystone in /etc using templates template: src: /usr/share/openstack/keystone/{{ item }} dest: /etc/keystone/{{ item }} @@ -175,7 +175,7 @@ token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" endpoint: http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 - - name: Add kestone endpoint + - name: Add keystone endpoint keystone_service: name: keystone type: identity diff --git a/openstack/usr/share/openstack/openvswitch.yml b/openstack/usr/share/openstack/openvswitch.yml index 4393e3db..47257f7f 100644 --- a/openstack/usr/share/openstack/openvswitch.yml +++ b/openstack/usr/share/openstack/openvswitch.yml @@ -32,7 +32,7 @@ shell: ovs-vsctl --no-wait init when: openvswitch_db_enable|changed - - name: Enable and start openstack-keystone service + - name: Enable and start Open vSwitch service service: name={{ item }} enabled=yes state=started with_items: - openvswitch.service -- cgit v1.2.1 From ed3db26045041c2e5f25f7a60154740bd93cbd48 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Fri, 24 Apr 2015 15:29:41 +0000 Subject: Move postgres-server configuration out of keystone-setup Otherwise postgres-server and keystone-setup services will initially fail, as keystone-setup needs a postgres-server running to succeed, but the postgres-server can only run after some configuration, which was previously being done by keystone-setup. Change-Id: I2d649d494cb54119e3b9bd3d9f6deb46bfb2dd12 --- openstack-keystone.configure | 3 ++ openstack/manifest | 2 + .../system/openstack-ceilometer-setup.service | 4 +- .../systemd/system/openstack-cinder-api.service | 4 +- .../system/openstack-cinder-db-setup.service | 4 +- .../systemd/system/openstack-glance-setup.service | 2 +- .../systemd/system/openstack-ironic-setup.service | 2 +- .../system/openstack-keystone-setup.service | 2 +- .../system/openstack-neutron-db-setup.service | 4 +- .../systemd/system/openstack-nova-db-setup.service | 4 +- .../systemd/system/postgres-server-setup.service | 10 +++++ .../usr/lib/systemd/system/postgres-server.service | 4 +- .../systemd/system/swift-controller-setup.service | 2 +- openstack/usr/share/openstack/keystone.yml | 45 -------------------- openstack/usr/share/openstack/postgres.yml | 48 ++++++++++++++++++++++ .../lib/systemd/system/swift-storage-setup.service | 2 +- 16 files changed, 80 insertions(+), 62 deletions(-) create mode 100644 openstack/usr/lib/systemd/system/postgres-server-setup.service create mode 100644 openstack/usr/share/openstack/postgres.yml diff --git a/openstack-keystone.configure b/openstack-keystone.configure index 7c8631ce..484a37b5 100644 --- a/openstack-keystone.configure +++ b/openstack-keystone.configure @@ -26,6 +26,9 @@ ln -s "/usr/lib/systemd/system/openstack-keystone-setup.service" \ ln -s "/usr/lib/systemd/system/openstack-horizon-setup.service" \ "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-horizon-setup.service" +ln -s "/usr/lib/systemd/system/postgres-server-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/postgres-server-setup.service" + ########################################################################## # Check variables ########################################################################## diff --git a/openstack/manifest b/openstack/manifest index 4812c6c3..f4620f8e 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -120,6 +120,7 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/share/openstack/nova/api-paste.ini 0100644 0 0 /usr/share/openstack/openvswitch.yml 0040755 0 0 /usr/share/openstack/postgres +0100644 0 0 /usr/share/openstack/postgres.yml 0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf 0100644 0 0 /usr/share/openstack/postgres/postgresql.conf 0040755 0 0 /usr/share/openstack/rabbitmq @@ -177,6 +178,7 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/openvswitch-db-server.service 0100644 0 0 /usr/lib/systemd/system/openvswitch.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service +0100644 0 0 /usr/lib/systemd/system/postgres-server-setup.service 0100644 0 0 /usr/share/openstack/swift-controller.yml 0100644 0 0 /usr/lib/systemd/system/swift-controller-setup.service 0100644 0 0 /usr/lib/systemd/system/swift-proxy.service diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service index 16eacb55..5d2f7ea5 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run ceilometer-setup Ansible scripts -After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service -Wants=postgres-server.service openstack-keystone.service +After=postgres-server-setup.service openstack-keystone.service openstack-keystone-setup.service +Wants=postgres-server-setup.service openstack-keystone.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service index d1aaf136..2afb2d6e 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-api.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -1,8 +1,8 @@ [Unit] Description=OpenStack Volume Service (code-named Cinder) API server ConditionPathExists=/etc/cinder/cinder.conf -After=postgres-server.service network-online.target openstack-cinder-db-setup.service openstack-cinder-config-setup.service -Wants=postgres-server.service network-online.target +After=postgres-server-setup.service network-online.target openstack-cinder-db-setup.service openstack-cinder-config-setup.service +Wants=postgres-server-setup.service network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service index 01a352e4..bf4a0ad2 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run cinder-db-setup Ansible scripts ConditionPathExists=/etc/cinder/cinder.conf -After=postgres-server.service openstack-cinder-config-setup.service openstack-keystone.service openstack-keystone-setup.service -Wants=postgres-server.service openstack-cinder-config-setup.service openstack-keystone.service +After=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone.service openstack-keystone-setup.service +Wants=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-glance-setup.service b/openstack/usr/lib/systemd/system/openstack-glance-setup.service index c00c520c..8fec1cfb 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run glance-setup Ansible scripts -After=local-fs.target openstack-keystone-setup.service postgres-server.service +After=local-fs.target openstack-keystone-setup.service postgres-server-setup.service [Service] ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/glance.yml diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service index 443d2829..5560b881 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run ironic-setup Ansible scripts -After=local-fs.target openstack-keystone-setup.service postgres-server.service +After=local-fs.target openstack-keystone-setup.service postgres-server-setup.service [Service] ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ironic.yml diff --git a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service index 9ea04c1d..b5348735 100644 --- a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run keystone-setup Ansible scripts -After=local-fs.target postgres-server.service +After=local-fs.target postgres-server-setup.service ConditionPathExists=/etc/openstack/keystone.conf [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service index 68874a6e..9e4c0bdb 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run neutron-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=network-online.target openstack-keystone.service postgres-server.service openstack-keystone-setup.service openstack-neutron-config-setup.service -Wants=network-online.target openstack-keystone.service postgres-server.service +After=network-online.target openstack-keystone.service postgres-server-setup.service openstack-keystone-setup.service openstack-neutron-config-setup.service +Wants=network-online.target openstack-keystone.service postgres-server-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index 5a280917..55f1a8ca 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run nova-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service openstack-nova-config-setup.service -Wants=postgres-server.service openstack-keystone.service +After=postgres-server-setup.service openstack-keystone.service openstack-keystone-setup.service openstack-nova-config-setup.service +Wants=postgres-server-setup.service openstack-keystone.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/postgres-server-setup.service b/openstack/usr/lib/systemd/system/postgres-server-setup.service new file mode 100644 index 00000000..5bb70eb7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/postgres-server-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run postgres-setup Ansible scripts +After=local-fs.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/openstack/hosts /usr/share/openstack/postgres.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/postgres-server.service b/openstack/usr/lib/systemd/system/postgres-server.service index 70b2fd09..cd559fa0 100644 --- a/openstack/usr/lib/systemd/system/postgres-server.service +++ b/openstack/usr/lib/systemd/system/postgres-server.service @@ -13,9 +13,9 @@ Environment=PGROOT=/var/lib/pgsql SyslogIdentifier=postgres PIDFile=/var/lib/pgsql/data/postmaster.pid -ExecStart= /usr/bin/pg_ctl -s -D ${PGROOT}/data start -w -t 120 +ExecStart=/usr/bin/pg_ctl -s -D ${PGROOT}/data start -w -t 120 ExecReload=/usr/bin/pg_ctl -s -D ${PGROOT}/data reload -ExecStop= /usr/bin/pg_ctl -s -D ${PGROOT}/data stop -m fast +ExecStop=/usr/bin/pg_ctl -s -D ${PGROOT}/data stop -m fast # Due to PostgreSQL's use of shared memory, OOM killer is often overzealous in # killing Postgres, so adjust it downward diff --git a/openstack/usr/lib/systemd/system/swift-controller-setup.service b/openstack/usr/lib/systemd/system/swift-controller-setup.service index 3e0ddaf7..3da73e7e 100644 --- a/openstack/usr/lib/systemd/system/swift-controller-setup.service +++ b/openstack/usr/lib/systemd/system/swift-controller-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run swift-controller-setup (once) -After=local-fs.target postgres-server.service openstack-keystone-setup.service openstack-keystone.service +After=local-fs.target postgres-server-setup.service openstack-keystone-setup.service openstack-keystone.service [Service] Type=oneshot diff --git a/openstack/usr/share/openstack/keystone.yml b/openstack/usr/share/openstack/keystone.yml index 64a78ccd..330d74d0 100644 --- a/openstack/usr/share/openstack/keystone.yml +++ b/openstack/usr/share/openstack/keystone.yml @@ -42,51 +42,6 @@ with_items: - rabbitmq-server - # Postgres configuration, this may end up in a different playbook - - name: Create postgres user - user: - name: postgres - comment: PostgreSQL Server - shell: /sbin/nologin - home: /var/lib/pgsql - - - name: Create the postgres directories - file: - path: "{{ item }}" - state: directory - owner: postgres - group: postgres - with_items: - - /var/run/postgresql - - /var/lib/pgsql/data - - - name: Initialise postgres database - command: pg_ctl -D /var/lib/pgsql/data initdb - args: - creates: /var/lib/pgsql/data/base - sudo: yes - sudo_user: postgres - - - name: Add the configuration needed for postgres for Openstack - template: - src: /usr/share/openstack/postgres/{{ item }} - dest: /var/lib/pgsql/data/{{ item }} - owner: postgres - group: postgres - mode: 0600 - with_items: - - postgresql.conf - - pg_hba.conf - - - name: Enable and start postgres services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - postgres-server - - # Keystone configuration - name: Create the keystone user. user: diff --git a/openstack/usr/share/openstack/postgres.yml b/openstack/usr/share/openstack/postgres.yml new file mode 100644 index 00000000..3cf23704 --- /dev/null +++ b/openstack/usr/share/openstack/postgres.yml @@ -0,0 +1,48 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/keystone.conf" + tasks: + + - name: Create postgres user + user: + name: postgres + comment: PostgreSQL Server + shell: /sbin/nologin + home: /var/lib/pgsql + + - name: Create the postgres directories + file: + path: "{{ item }}" + state: directory + owner: postgres + group: postgres + with_items: + - /var/run/postgresql + - /var/lib/pgsql/data + + - name: Initialise postgres database + command: pg_ctl -D /var/lib/pgsql/data initdb + args: + creates: /var/lib/pgsql/data/base + sudo: yes + sudo_user: postgres + + - name: Add the configuration needed for postgres for Openstack + template: + src: /usr/share/openstack/postgres/{{ item }} + dest: /var/lib/pgsql/data/{{ item }} + owner: postgres + group: postgres + mode: 0600 + with_items: + - postgresql.conf + - pg_hba.conf + + - name: Enable and start postgres services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - postgres-server diff --git a/swift/usr/lib/systemd/system/swift-storage-setup.service b/swift/usr/lib/systemd/system/swift-storage-setup.service index e284fbed..dcba1017 100644 --- a/swift/usr/lib/systemd/system/swift-storage-setup.service +++ b/swift/usr/lib/systemd/system/swift-storage-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run openstack-swift-storage-setup (once) -After=local-fs.target postgres-server.service +After=local-fs.target postgres-server-setup.service [Service] Type=oneshot -- cgit v1.2.1 From 6f8770fbfaf7f297217f69f484193e5a1fcbe986 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Fri, 24 Apr 2015 15:48:19 +0000 Subject: Depend on openstack-keystone-setup Depending on openstack-keystone is wrong, as the admin user, admin tenant, admin role, service tenant and endpoint, are only created after starting and enabling the openstack-keystone service. Not having those created will cause keystone commands executed by some Ansible scripts to fail. Change-Id: I54288f3de2814dbb6639a894d55d7395f052a428 --- openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service | 4 ++-- openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service | 4 ++-- .../usr/lib/systemd/system/openstack-neutron-config-setup.service | 4 ++-- openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service | 4 ++-- openstack/usr/lib/systemd/system/openstack-nova-config-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-nova-db-setup.service | 4 ++-- openstack/usr/lib/systemd/system/swift-controller-setup.service | 2 +- openstack/usr/lib/systemd/system/swift-proxy.service | 2 +- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service index 5d2f7ea5..5d61fddb 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run ceilometer-setup Ansible scripts -After=postgres-server-setup.service openstack-keystone.service openstack-keystone-setup.service -Wants=postgres-server-setup.service openstack-keystone.service +After=postgres-server-setup.service openstack-keystone-setup.service +Wants=postgres-server-setup.service openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service index bf4a0ad2..1b9d43e0 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run cinder-db-setup Ansible scripts ConditionPathExists=/etc/cinder/cinder.conf -After=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone.service openstack-keystone-setup.service -Wants=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone.service +After=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service +Wants=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service index 46e1b585..c7b3b5e0 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run neutron-config-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=openstack-keystone.service openstack-keystone-setup.service -Wants=openstack-keystone.service +After=openstack-keystone-setup.service +Wants=openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service index 9e4c0bdb..840d0bee 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run neutron-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=network-online.target openstack-keystone.service postgres-server-setup.service openstack-keystone-setup.service openstack-neutron-config-setup.service -Wants=network-online.target openstack-keystone.service postgres-server-setup.service +After=network-online.target postgres-server-setup.service openstack-keystone-setup.service openstack-neutron-config-setup.service +Wants=network-online.target postgres-server-setup.service openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service index 55416cec..eeb43899 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run nova-config-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=openstack-keystone.service openstack-keystone-setup.service +After=openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index 55f1a8ca..a5bd1969 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -1,8 +1,8 @@ [Unit] Description=Run nova-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=postgres-server-setup.service openstack-keystone.service openstack-keystone-setup.service openstack-nova-config-setup.service -Wants=postgres-server-setup.service openstack-keystone.service +After=postgres-server-setup.service openstack-keystone-setup.service openstack-nova-config-setup.service +Wants=postgres-server-setup.service openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/swift-controller-setup.service b/openstack/usr/lib/systemd/system/swift-controller-setup.service index 3da73e7e..558ab13d 100644 --- a/openstack/usr/lib/systemd/system/swift-controller-setup.service +++ b/openstack/usr/lib/systemd/system/swift-controller-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run swift-controller-setup (once) -After=local-fs.target postgres-server-setup.service openstack-keystone-setup.service openstack-keystone.service +After=local-fs.target postgres-server-setup.service openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/swift-proxy.service b/openstack/usr/lib/systemd/system/swift-proxy.service index bb51d594..0b98634a 100644 --- a/openstack/usr/lib/systemd/system/swift-proxy.service +++ b/openstack/usr/lib/systemd/system/swift-proxy.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack Swift Proxy Server -After=syslog.target network.target memcached.service openstack-keystone.service swift-controller-setup.service +After=syslog.target network.target memcached.service openstack-keystone-setup.service swift-controller-setup.service [Service] Type=forking -- cgit v1.2.1 From f2d78e9b7221bca65cba53af3f3b50d50d90628f Mon Sep 17 00:00:00 2001 From: Richard Dale Date: Thu, 23 Apr 2015 11:49:35 +0100 Subject: Build the nginx server with the '--with-http_ssl_module' option, as it isn't built with SSL/https support by default Change-Id: I5c124da046aea2802193790a51d94bf1f75e490b --- strata/webtools/nginx.morph | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/strata/webtools/nginx.morph b/strata/webtools/nginx.morph index 08949ec9..6f7f04ae 100644 --- a/strata/webtools/nginx.morph +++ b/strata/webtools/nginx.morph @@ -6,7 +6,8 @@ configure-commands: --conf-path=/etc/nginx/nginx.conf \ --pid-path=/etc/nginx/nginx.pid \ --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log + --http-log-path=/var/log/nginx/access.log \ + --with-http_ssl_module build-commands: - make install-commands: -- cgit v1.2.1 From 3bb8687e8fb755e7e18d5a3f26b64dc71fedcea2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 25 Mar 2015 18:04:10 +0000 Subject: strata/graphics-common: Upgrade libpng to latest stable (1.4.16): This includes a fix for vulnerability CVE-2014-9495 Change-Id: Ia62f889ad532b8614c4ec4536f517c5eb303416d --- strata/graphics-common.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/graphics-common.morph b/strata/graphics-common.morph index d885ff72..c23ec829 100644 --- a/strata/graphics-common.morph +++ b/strata/graphics-common.morph @@ -26,8 +26,8 @@ chunks: unpetrify-ref: baserock/morph - name: libpng repo: upstream:libpng - ref: 259fb7761d747655c607efcec7a12ff1f3c24561 - unpetrify-ref: libpng-1.6.13-signed + ref: 88dd30b232362b65cca374dda39096888163dd6b + unpetrify-ref: libpng-1.6.16-signed - name: libjpeg repo: upstream:libjpeg ref: f57ac58ac664ede6bc6e8cd9d88e0edaa366e21a -- cgit v1.2.1 From eb2c33af1b56b322524d058dd6f560cb21d98a0d Mon Sep 17 00:00:00 2001 From: Javier Jardon Date: Mon, 30 Mar 2015 13:32:22 +0000 Subject: Move XCB libraries to x-common and update to latest stable (0.4.x) So we have all the xcb libraries together Change-Id: I31712c4a68d1b75a104bcf758989f63b3aca39a0 --- strata/x-common.morph | 26 ++++++++++++++++++++++++++ strata/x-generic.morph | 19 ------------------- strata/x-generic/util-keysyms.morph | 9 --------- 3 files changed, 26 insertions(+), 28 deletions(-) delete mode 100644 strata/x-generic/util-keysyms.morph diff --git a/strata/x-common.morph b/strata/x-common.morph index 9836961f..c98a9e4a 100644 --- a/strata/x-common.morph +++ b/strata/x-common.morph @@ -119,6 +119,32 @@ chunks: build-depends: - xcb-proto - xorg-lib-libXau +- name: xcb-util + repo: upstream:xcb-util + ref: 4de010f122da40e17b52866d07d1d501a66bf007 + unpetrify-ref: baserock/0.4.0 + build-depends: + - xcb-libxcb +- name: util-wm + repo: upstream:util-wm + ref: fb7afc3f291c8cc072d327cd8d97ab1db3283c21 + unpetrify-ref: baserock/0.4.1 + build-depends: + - xcb-libxcb +- name: util-keysyms + morph: strata/x-common/util-keysyms.morph + repo: upstream:util-keysyms + ref: edb763a8837d3932690b9d6d77cb7e20a9ab8013 + unpetrify-ref: baserock/0.4.0 + build-depends: + - xcb-libxcb +- name: util-image + repo: upstream:util-image + ref: f20f25a1c017c58d5d7dfffc6e9adc8d31879152 + unpetrify-ref: baserock/0.4.0 + build-depends: + - xcb-libxcb + - xcb-util - name: xorg-lib-libxtrans repo: upstream:xorg-lib-libxtrans ref: 7cbad9fe2e61cd9d5caeaf361826a6f4bd320f03 diff --git a/strata/x-generic.morph b/strata/x-generic.morph index a8a0660a..27a7c7b6 100644 --- a/strata/x-generic.morph +++ b/strata/x-generic.morph @@ -47,22 +47,3 @@ chunks: unpetrify-ref: baserock/morph build-depends: - xorg-lib-libxkbfile -- name: xcb-util - repo: upstream:xcb-util - ref: 45215e6f56bf57efdf5469567c00eba7a991d3a3 - unpetrify-ref: baserock/morph -- name: util-wm - repo: upstream:util-wm - ref: 18bde07dc7cb44617c0d159ccd9ef640804296e3 - unpetrify-ref: baserock/morph -- name: util-keysyms - morph: strata/x-generic/util-keysyms.morph - repo: upstream:util-keysyms - ref: 0be179eff4eadb99ee303891d1c29c4e4dd6fbab - unpetrify-ref: baserock/morph -- name: util-image - repo: upstream:util-image - ref: 66b0caa72eb5011d89d0346424ea40b9e8e93816 - unpetrify-ref: baserock/morph - build-depends: - - xcb-util diff --git a/strata/x-generic/util-keysyms.morph b/strata/x-generic/util-keysyms.morph deleted file mode 100644 index ddae3707..00000000 --- a/strata/x-generic/util-keysyms.morph +++ /dev/null @@ -1,9 +0,0 @@ -name: util-keysyms -kind: chunk -configure-commands: -- git submodule update --init -- ./autogen.sh --prefix=/usr -build-commands: -- make -install-commands: -- make DESTDIR="$DESTDIR" install -- cgit v1.2.1 From 717aef60fccc3c6932f21adf3d9852e710817800 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 22 Apr 2015 16:39:13 +0000 Subject: ceilometer: Configure ceilometer for multinode deployment Change-Id: I065dcd8926775c5469830af25c3fc6a49d89e432 --- clusters/openstack-one-node.morph | 3 +- clusters/openstack-three-node-installer.morph | 19 ++++- clusters/openstack-two-node-installer.morph | 16 +++- openstack-ceilometer.configure | 50 +++++++++++- openstack/manifest | 6 +- .../openstack-ceilometer-alarm-evaluator.service | 2 +- .../openstack-ceilometer-alarm-notifier.service | 2 +- .../system/openstack-ceilometer-api.service | 2 +- .../system/openstack-ceilometer-collector.service | 2 +- .../system/openstack-ceilometer-compute.service | 2 +- .../openstack-ceilometer-config-setup.service | 11 +++ .../system/openstack-ceilometer-db-setup.service | 12 +++ .../system/openstack-ceilometer-setup.service | 11 --- .../usr/share/openstack/ceilometer-config.yml | 36 ++++++++ openstack/usr/share/openstack/ceilometer-db.yml | 50 ++++++++++++ openstack/usr/share/openstack/ceilometer.yml | 95 ---------------------- 16 files changed, 199 insertions(+), 120 deletions(-) create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-config-setup.service create mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service delete mode 100644 openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service create mode 100644 openstack/usr/share/openstack/ceilometer-config.yml create mode 100644 openstack/usr/share/openstack/ceilometer-db.yml delete mode 100644 openstack/usr/share/openstack/ceilometer.yml diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index d57b1bc6..be229084 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -30,7 +30,8 @@ description: | - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the system is being deployed to. - We recommend changing all the PASSWORDs variables, also the - KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + KEYSTONE_TEMPORARY_ADMIN_TOKEN, METADATA_PROXY_SHARED_SECRET and + METERING_SECRET - Setting NOVA_BAREMETAL_SCHEDULING with an YAML truth value will configure Nova to schedule baremetal machines through the Ironic driver, instead of sheduling virtual machines. diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index 144033cb..91dfd9b1 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -21,7 +21,7 @@ description: | Substitute the values of HOSTNAME, NETWORK_CONFIG, EXTERNAL_INTERFACE, MANAGEMENT_IP_ADDRESS, CONTROLLER_HOST_ADDRESS, RABBITMQ_HOST and HOSTS_* to - match your hardware ane networking configuration. + match your hardware and networking configuration. Requirements to be able to run and test the system: @@ -49,7 +49,8 @@ description: | - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the system is being deployed to. - We recommend changing all the PASSWORDs variables, also the - KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. + KEYSTONE_TEMPORARY_ADMIN_TOKEN, METADATA_PROXY_SHARED_SECRET and + METERING_SECRET. - Setting NOVA_BAREMETAL_SCHEDULING with an YAML truth value will configure Nova to schedule baremetal machines through the Ironic driver, instead of sheduling virtual machines. @@ -132,6 +133,14 @@ systems: IRONIC_DB_USER: ironicDB IRONIC_DB_PASSWORD: veryinsecure + CEILOMETER_SERVICE_USER: ceilometer + CEILOMETER_SERVICE_PASSWORD: veryinsecure + CEILOMETER_DB_USER: ceilometerDB + CEILOMETER_DB_PASSWORD: veryinsecure + CEILOMETER_ENABLE_CONTROLLER: False + CEILOMETER_ENABLE_COMPUTE: False + METERING_SECRET: insecureceilometersecret + CONTROLLER_HOST_ADDRESS: threenode-controller.os-mgmt MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 @@ -170,6 +179,9 @@ systems: IRONIC_ENABLE_SERVICE: True + CEILOMETER_ENABLE_CONTROLLER: True + CEILOMETER_ENABLE_COMPUTE: False + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.2 HOSTS_SELF: 10.0.0.2 threenode-controller EXTERNAL_INTERFACE: enp2s0 @@ -211,6 +223,9 @@ systems: NEUTRON_ENABLE_CONTROLLER: False METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret + CEILOMETER_ENABLE_CONTROLLER: False + CEILOMETER_ENABLE_COMPUTE: True + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 HOSTS_SELF: 10.0.0.3 threenode-compute EXTERNAL_INTERFACE: eno1 diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 0541e784..2a278550 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -48,8 +48,9 @@ description: | - NOVA_VIRT_TYPE can be either 'kvm' or 'qemu', depending on where the system is being deployed to. - We recommend changing all the PASSWORDs variables, also the - KEYSTONE_TEMPORARY_ADMIN_TOKEN and METADATA_PROXY_SHARED_SECRET. - - Setting NOVA_BAREMETAL_SCHEDULING with an YAML truth value will configure + KEYSTONE_TEMPORARY_ADMIN_TOKEN, METADATA_PROXY_SHARED_SECRET and + METERING_SECRET. + - Setting NOVA_BAREMETAL_SCHEDULING with a YAML truth value will configure Nova to schedule baremetal machines through the Ironic driver, instead of sheduling virtual machines. @@ -131,6 +132,14 @@ systems: IRONIC_DB_USER: ironicDB IRONIC_DB_PASSWORD: veryinsecure + CEILOMETER_SERVICE_USER: ceilometer + CEILOMETER_SERVICE_PASSWORD: veryinsecure + CEILOMETER_DB_USER: ceilometerDB + CEILOMETER_DB_PASSWORD: veryinsecure + CEILOMETER_ENABLE_CONTROLLER: True + CEILOMETER_ENABLE_COMPUTE: False + METERING_SECRET: insecureceilometersecret + CONTROLLER_HOST_ADDRESS: twonode-controller.os-mgmt MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 @@ -178,6 +187,9 @@ systems: IRONIC_ENABLE_SERVICE: False + CEILOMETER_ENABLE_CONTROLLER: False + CEILOMETER_ENABLE_COMPUTE: True + MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.3 HOSTS_SELF: 10.0.0.3 twonode-compute EXTERNAL_INTERFACE: eno1 diff --git a/openstack-ceilometer.configure b/openstack-ceilometer.configure index b8ed7eab..0f51667e 100644 --- a/openstack-ceilometer.configure +++ b/openstack-ceilometer.configure @@ -21,8 +21,10 @@ ROOT="$1" ########################################################################## -ln -s "/usr/lib/systemd/system/openstack-ceilometer-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-ceilometer-setup.service" +enable(){ + ln -sf "/usr/lib/systemd/system/$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" +} ########################################################################## # Check variables @@ -53,6 +55,50 @@ if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ exit 1 fi +# Check optional variables + +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} + +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} + +check_bool CEILOMETER_ENABLE_CONTROLLER +check_bool CEILOMETER_ENABLE_COMPUTE + +###################################### +# Enable relevant openstack services # +###################################### + +if "$CEILOMETER_ENABLE_COMPUTE" || "$CEILOMETER_ENABLE_CONTROLLER"; then + enable openstack-ceilometer-config-setup +fi +if "$CEILOMETER_ENABLE_COMPUTE"; then + enable openstack-ceilometer-compute +fi +if "$CEILOMETER_ENABLE_CONTROLLER"; then + enable openstack-ceilometer-db-setup + enable openstack-ceilometer-api + enable openstack-ceilometer-collector + enable openstack-ceilometer-notification + enable openstack-ceilometer-central + enable openstack-ceilometer-alarm-evaluator + enable openstack-ceilometer-alarm-notifier +fi + ########################################################################## # Generate configuration file ########################################################################## diff --git a/openstack/manifest b/openstack/manifest index f4620f8e..aa4d5430 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -6,7 +6,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts 0040755 0 0 /usr/share/openstack/ceilometer -0100644 0 0 /usr/share/openstack/ceilometer.yml +0100644 0 0 /usr/share/openstack/ceilometer-config.yml +0100644 0 0 /usr/share/openstack/ceilometer-db.yml 0100644 0 0 /usr/share/openstack/ceilometer/ceilometer.conf 0040755 0 0 /usr/share/openstack/cinder 0100644 0 0 /usr/share/openstack/cinder-config.yml @@ -166,7 +167,8 @@ template 0100644 0 0 /etc/tempest/tempest.conf 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-backup.service -0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-config-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-db-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service 0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service 0100644 0 0 /usr/lib/systemd/system/openstack-ceilometer-api.service diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service index a6a2ce56..6f9e2adf 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer alarm evaluation service -After=syslog.target network-online.target +After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service index 1a4a0b04..6452f737 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer alarm notification service -After=syslog.target network-online.target +After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service index 77d8836d..e0a8d00d 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer API service -After=syslog.target network-online.target +After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service index 98eff608..bb530360 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer collection service -After=syslog.target network-online.target +After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service index b321c576..53e36e18 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack ceilometer compute agent -After=syslog.target network-online.target openstack-ceilometer-collector.service +After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-config-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-config-setup.service new file mode 100644 index 00000000..c3e809d7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-config-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run ceilometer-config-setup Ansible scripts +ConditionPathExists=/etc/openstack/ceilometer.conf + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ceilometer-config.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service new file mode 100644 index 00000000..865b4b2c --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service @@ -0,0 +1,12 @@ +[Unit] +Description=Run ceilometer-db-setup Ansible scripts +ConditionPathExists=/etc/openstack/ceilometer.conf +After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service openstack-ceilometer-config-setup.service +Wants=postgres-server.service openstack-keystone.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ceilometer-db.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service deleted file mode 100644 index 5d61fddb..00000000 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-setup.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Run ceilometer-setup Ansible scripts -After=postgres-server-setup.service openstack-keystone-setup.service -Wants=postgres-server-setup.service openstack-keystone-setup.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ceilometer.yml - -[Install] -WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/ceilometer-config.yml b/openstack/usr/share/openstack/ceilometer-config.yml new file mode 100644 index 00000000..9850d84d --- /dev/null +++ b/openstack/usr/share/openstack/ceilometer-config.yml @@ -0,0 +1,36 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/ceilometer.conf" + tasks: +# Configure ceilometer + - name: Create the ceilometer user. + user: + name: ceilometer + comment: Openstack Ceilometer Daemons + shell: /sbin/nologin + home: /var/lib/ceilometer + + - name: Create the /var folders for ceilometer + file: + path: "{{ item }}" + state: directory + owner: ceilometer + group: ceilometer + with_items: + - /var/run/ceilometer + - /var/lock/ceilometer + - /var/log/ceilometer + - /var/lib/ceilometer + + - name: Create /etc/ceilometer directory + file: + path: /etc/ceilometer + state: directory + + - name: Add the configuration needed for ceilometer in /etc/ceilometer using templates + template: + src: /usr/share/openstack/ceilometer/{{ item }} + dest: /etc/ceilometer/{{ item }} + with_lines: + - cd /usr/share/openstack/ceilometer && find -type f diff --git a/openstack/usr/share/openstack/ceilometer-db.yml b/openstack/usr/share/openstack/ceilometer-db.yml new file mode 100644 index 00000000..717c7d7d --- /dev/null +++ b/openstack/usr/share/openstack/ceilometer-db.yml @@ -0,0 +1,50 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/ceilometer.conf" + tasks: + - name: Create ceilometer service user in service tenant + keystone_user: + user: "{{ CEILOMETER_SERVICE_USER }}" + password: "{{ CEILOMETER_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to ceilometers service user in the service tenant + keystone_user: + role: admin + user: "{{ CEILOMETER_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add ceilometer endpoint + keystone_service: + name: ceilometer + type: metering + description: Openstack Metering Service + publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 + internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 + adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 + region: regionOne + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for ceilometer + postgresql_user: + name: "{{ CEILOMETER_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ CEILOMETER_DB_PASSWORD }}" + sudo: yes + sudo_user: ceilometer + + - name: Create database for ceilometer services + postgresql_db: + name: ceilometer + owner: "{{ CEILOMETER_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: ceilometer + + - name: Initiate ceilometer database + command: ceilometer-dbsync + sudo: yes + sudo_user: ceilometer diff --git a/openstack/usr/share/openstack/ceilometer.yml b/openstack/usr/share/openstack/ceilometer.yml deleted file mode 100644 index 33a29a89..00000000 --- a/openstack/usr/share/openstack/ceilometer.yml +++ /dev/null @@ -1,95 +0,0 @@ ---- -- hosts: localhost - vars_files: - - "/etc/openstack/ceilometer.conf" - tasks: - - name: Create the ceilometer user. - user: - name: ceilometer - comment: Openstack Ceilometer Daemons - shell: /sbin/nologin - home: /var/lib/ceilometer - - - name: Create the /var folders for ceilometer - file: - path: "{{ item }}" - state: directory - owner: ceilometer - group: ceilometer - with_items: - - /var/run/ceilometer - - /var/lock/ceilometer - - /var/log/ceilometer - - /var/lib/ceilometer - - - name: Create /etc/ceilometer directory - file: - path: /etc/ceilometer - state: directory - - - name: Add the configuration needed for ceilometer in /etc/ceilometer using templates - template: - src: /usr/share/openstack/ceilometer/{{ item }} - dest: /etc/ceilometer/{{ item }} - with_lines: - - cd /usr/share/openstack/ceilometer && find -type f - - - name: Create ceilometer service user in service tenant - keystone_user: - user: "{{ CEILOMETER_SERVICE_USER }}" - password: "{{ CEILOMETER_SERVICE_PASSWORD }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Assign admin role to ceilometers service user in the service tenant - keystone_user: - role: admin - user: "{{ CEILOMETER_SERVICE_USER }}" - tenant: service - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Add ceilometer endpoint - keystone_service: - name: ceilometer - type: metering - description: Openstack Metering Service - publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 - internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 - adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:8777 - region: regionOne - token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" - - - name: Create postgresql user for ceilometer - postgresql_user: - name: "{{ CEILOMETER_DB_USER }}" - login_host: "{{ CONTROLLER_HOST_ADDRESS }}" - password: "{{ CEILOMETER_DB_PASSWORD }}" - sudo: yes - sudo_user: ceilometer - - - name: Create database for ceilometer services - postgresql_db: - name: ceilometer - owner: "{{ CEILOMETER_DB_USER }}" - login_host: "{{ CONTROLLER_HOST_ADDRESS }}" - sudo: yes - sudo_user: ceilometer - - - name: Initiate ceilometer database - command: ceilometer-dbsync - sudo: yes - sudo_user: ceilometer - - - name: Enable and start openstack-ceilometer services - service: - name: "{{ item }}" - enabled: yes - state: started - with_items: - - openstack-ceilometer-api.service - - openstack-ceilometer-alarm-evaluator.service - - openstack-ceilometer-alarm-notifier.service - - openstack-ceilometer-central.service - - openstack-ceilometer-collector.service - - openstack-ceilometer-compute.service - - openstack-ceilometer-notification.service -- cgit v1.2.1 From c433aa516172417822227e5732c8be28710512cf Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Fri, 24 Apr 2015 15:30:10 +0000 Subject: cinder: Enable cinder in the controller node Cinder needs to have enabled the api service in the controller node in order to work. This means also run the config-setup and the db-setup services for it. Change-Id: I5e79ebf8ce75ef7320b3177b953966095a0884ae --- clusters/openstack-three-node-installer.morph | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index 91dfd9b1..19e51aa1 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -179,6 +179,10 @@ systems: IRONIC_ENABLE_SERVICE: True + CINDER_ENABLE_CONTROLLER: True + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False + CEILOMETER_ENABLE_CONTROLLER: True CEILOMETER_ENABLE_COMPUTE: False -- cgit v1.2.1 From 57c14997d702d96884c2013884c957ede9cecaba Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Fri, 24 Apr 2015 15:34:56 +0000 Subject: cinder: Run configure setup in the storage node Change-Id: Ibc954e855452d83fe364083455bc2d5616457cbb --- openstack-cinder.configure | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openstack-cinder.configure b/openstack-cinder.configure index 587a0f83..1eeb25bd 100644 --- a/openstack-cinder.configure +++ b/openstack-cinder.configure @@ -93,7 +93,7 @@ if "$CINDER_ENABLE_COMPUTE" || "$CINDER_ENABLE_STORAGE"; then enable target #target.service! enable iscsid fi -if "$CINDER_ENABLE_COMPUTE" || "$CINDER_ENABLE_CONTROLLER"; then +if "$CINDER_ENABLE_COMPUTE" || "$CINDER_ENABLE_CONTROLLER" || "$CINDER_ENABLE_STORAGE"; then enable openstack-cinder-config-setup fi if "$CINDER_ENABLE_STORAGE"; then -- cgit v1.2.1 From 5b6c916b5431878b4f309bfd304ab7478c01bc93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 20 Apr 2015 17:45:12 +0100 Subject: strata/core: Update util-linux to 2.16.1 Some interesting changes: - The command hwclock(8) uses the drift correction for all relevant operations and it is unnecessary yo specify --adjust on the hwclock command line now - zramctl(8): this NEW COMMAND allows to control /dev/zramN devices Change-Id: I196d3a9a0f38bcb10c2adf10a200acc4d4218a9b --- strata/core.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index cfdc52eb..9c343b7e 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -237,8 +237,8 @@ chunks: - name: util-linux morph: strata/core/util-linux.morph repo: upstream:util-linux - ref: b567c9cbc854a36da0a198e4dcc463e134d26a25 - unpetrify-ref: v2.25.2 + ref: 34760e62e0d5a25262a6aa801b2f1df61216363f + unpetrify-ref: v2.26.1 build-depends: - autoconf-tarball - automake -- cgit v1.2.1 From d4934769e522137f872cece4e86002cfbb45f62d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Mon, 27 Apr 2015 17:03:05 +0100 Subject: strata/x-common.morph: Remove reference to util-keysyms.morph Its not needed anymore. This completes commit eb2c33af1b56b322524d058dd6f560cb21d98a0d Change-Id: Icfc73bb2fd3cf3140561b2192a59ab6ec13e266b --- strata/x-common.morph | 1 - 1 file changed, 1 deletion(-) diff --git a/strata/x-common.morph b/strata/x-common.morph index c98a9e4a..69ffdba3 100644 --- a/strata/x-common.morph +++ b/strata/x-common.morph @@ -132,7 +132,6 @@ chunks: build-depends: - xcb-libxcb - name: util-keysyms - morph: strata/x-common/util-keysyms.morph repo: upstream:util-keysyms ref: edb763a8837d3932690b9d6d77cb7e20a9ab8013 unpetrify-ref: baserock/0.4.0 -- cgit v1.2.1 From be356624449876fcb6e7051fd04f3b3182e59000 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Mon, 27 Apr 2015 17:06:16 +0000 Subject: postgresql: Make the service depend on network-online.target When the server is configured to listen connections only from some IP addresses, the unit fails if the network is not configured and there aren't interfaces with this IP. Change-Id: Ibc4a00f5cc8efbbd8edd2df227272b9420438c6c --- openstack/usr/lib/systemd/system/postgres-server.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openstack/usr/lib/systemd/system/postgres-server.service b/openstack/usr/lib/systemd/system/postgres-server.service index cd559fa0..af0e9621 100644 --- a/openstack/usr/lib/systemd/system/postgres-server.service +++ b/openstack/usr/lib/systemd/system/postgres-server.service @@ -1,6 +1,6 @@ [Unit] Description=PostgreSQL database server -After=network.target +After=network-online.target [Service] Type=forking -- cgit v1.2.1 From 6b04e0983cd98d34ccb33ca09f92dcffce9bd813 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 28 Apr 2015 11:41:31 +0100 Subject: Move mako to python-core: modern versions of mesa hard depend on it Change-Id: I5000f08e91b19f26ce3d4265cd7c08be9098bcfc --- strata/openstack-services.morph | 6 ------ strata/python-core.morph | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index db0e3561..aa73fa33 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -72,17 +72,12 @@ chunks: repo: upstream:python-packages/sqlalchemy ref: ff34c480dfd2b8b7c72339d196f5477980a5124c unpetrify-ref: rel_0_9_8 -- name: mako - repo: upstream:python-packages/mako.git - ref: 285bc818a50ccc0f9549630f7c4f4c250585c3e7 - unpetrify-ref: rel_1_0_0 - name: alembic repo: upstream:python-packages/alembic ref: 5f952f25caa688d89204d134ee867de7dbad917c unpetrify-ref: rel_0_7_1 build-depends: - sqlalchemy - - mako - name: lockfile repo: upstream:python-packages/lockfile ref: 777758cdf4520271370b3338b86b5c66f9b104f0 @@ -368,7 +363,6 @@ chunks: unpetrify-ref: 0.8.0 build-depends: - webob - - mako - webtest - logutils - name: croniter diff --git a/strata/python-core.morph b/strata/python-core.morph index f7ba06c1..dbd0891d 100644 --- a/strata/python-core.morph +++ b/strata/python-core.morph @@ -9,6 +9,12 @@ chunks: repo: upstream:python-setuptools-bitbucket ref: 0aa6a4de5931d02876428388678802db2371fd37 unpetrify-ref: baserock/master +- name: mako + repo: upstream:python-packages/mako.git + ref: 285bc818a50ccc0f9549630f7c4f4c250585c3e7 + unpetrify-ref: rel_1_0_0 + build-depends: + - python-setuptools - name: pip repo: upstream:pip ref: ea680f204fb0e48789710c22c8f597a9bf01bc16 -- cgit v1.2.1 From 68009f226fa25c6f158005680f4abcd19481dab4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 14 Apr 2015 16:02:09 +0100 Subject: Support installing the Linux headers for armv5l systems Change-Id: Ie917edd78e0c7640b86396ed5a5d968a0baaad9b --- strata/build-essential/linux-api-headers.morph | 2 ++ strata/build-essential/stage2-linux-api-headers.morph | 2 ++ 2 files changed, 4 insertions(+) diff --git a/strata/build-essential/linux-api-headers.morph b/strata/build-essential/linux-api-headers.morph index 0cd61ce1..62aa22b8 100644 --- a/strata/build-essential/linux-api-headers.morph +++ b/strata/build-essential/linux-api-headers.morph @@ -3,6 +3,8 @@ kind: chunk install-commands: - | case "$MORPH_ARCH" in + armv5l) + ARCH="arm" ;; armv7b|armv7l|armv7lhf) ARCH="arm" ;; armv8l64|armv8b64) diff --git a/strata/build-essential/stage2-linux-api-headers.morph b/strata/build-essential/stage2-linux-api-headers.morph index b296408f..1da94ee9 100644 --- a/strata/build-essential/stage2-linux-api-headers.morph +++ b/strata/build-essential/stage2-linux-api-headers.morph @@ -3,6 +3,8 @@ kind: chunk install-commands: - | case "$MORPH_ARCH" in + armv5l) + ARCH="arm" ;; armv7b|armv7l|armv7lhf) ARCH="arm" ;; armv8l64|armv8b64) -- cgit v1.2.1 From 52f34116e4517bdbdc3d6c480235fe31ca88ed3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 15 Apr 2015 00:22:43 +0100 Subject: stage2-gcc: set correct host/target for GMP for armv5 Change-Id: Icb223438e2ed7bc54e8d1ea7573594418ebe0445 --- strata/build-essential/stage2-gcc.morph | 2 ++ 1 file changed, 2 insertions(+) diff --git a/strata/build-essential/stage2-gcc.morph b/strata/build-essential/stage2-gcc.morph index 98f9cfe7..cd600e18 100644 --- a/strata/build-essential/stage2-gcc.morph +++ b/strata/build-essential/stage2-gcc.morph @@ -52,6 +52,8 @@ configure-commands: build-commands: - | case "$MORPH_ARCH" in + armv5*) sed -i "s/--host=none/--host=armv5/" o/Makefile + sed -i "s/--target=none/--target=armv5/" o/Makefile ;; armv7*) sed -i "s/--host=none/--host=armv7a/" o/Makefile sed -i "s/--target=none/--target=armv7a/" o/Makefile ;; esac -- cgit v1.2.1 From 1d5156078cd8475cd777f1f90127e22f6d340a29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 21 Apr 2015 17:25:44 +0100 Subject: gcc: set correct host/target for GMP for armv5 Change-Id: I8220cd76e947de26335066357d69d2c5c204257c --- strata/build-essential/gcc.morph | 2 ++ 1 file changed, 2 insertions(+) diff --git a/strata/build-essential/gcc.morph b/strata/build-essential/gcc.morph index 345d3b00..a9d25ac1 100644 --- a/strata/build-essential/gcc.morph +++ b/strata/build-essential/gcc.morph @@ -48,6 +48,8 @@ configure-commands: build-commands: - | case "$MORPH_ARCH" in + armv5*) sed -i "s/--host=none/--host=armv5/" o/Makefile + sed -i "s/--target=none/--target=armv5/" o/Makefile ;; armv7*) sed -i "s/--host=none/--host=armv7a/" o/Makefile sed -i "s/--target=none/--target=armv7a/" o/Makefile ;; esac -- cgit v1.2.1 From 610d5fa11f9c62f10cdbd0e555468976ab5e3ebd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 28 Apr 2015 14:29:20 +0100 Subject: Move GLib and gobject-introspection to -core Morph now depend on pygobject (to access ostree features). Also ostree depends on libsoup. Both libsoup and pygobject depends on GLib. morph is in cross-* systems, so we move GLib to the core stratum to not have to build the entire foundation stratum in the cross-* systems. Also the change makes sense as GLib is a dependency of strata that not necessarily depend on foundation (like multimedia-gstreamer) Change-Id: I9d1527b5057c71704ef5a0fe3d3e5f348f2908e5 --- strata/core.morph | 32 ++++++++++++++++++++++++++++++++ strata/foundation.morph | 22 ---------------------- 2 files changed, 32 insertions(+), 22 deletions(-) diff --git a/strata/core.morph b/strata/core.morph index 9c343b7e..56cdd925 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -287,3 +287,35 @@ chunks: build-depends: - autoconf-tarball - automake +- name: libffi + morph: strata/foundation/libffi.morph + repo: upstream:libffi + ref: 77d4586cc47e8f4c02278afbc220145bba0d442b + unpetrify-ref: baserock/morph + build-depends: + - autoconf-tarball + - automake +- name: glib + repo: upstream:glib + ref: 966ffb16f6bd54cb3d928a55d00d0eda73592094 + unpetrify-ref: 2.44.0 + build-depends: + - autoconf-tarball + - automake + - cpython + - gettext-tarball + - libffi + - pkg-config +- name: gobject-introspection + repo: upstream:gobject-introspection + ref: c0243e116c5e261c262dded9f4d7726a770c5a19 + unpetrify-ref: GOBJECT_INTROSPECTION_1_44_0 + build-depends: + - autoconf-tarball + - automake + - bison + - cpython + - flex + - glib + - libffi + - pkg-config diff --git a/strata/foundation.morph b/strata/foundation.morph index 3de24fee..c352ef1e 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -35,35 +35,16 @@ chunks: unpetrify-ref: baserock/morph build-depends: - attr -- name: libffi - morph: strata/foundation/libffi.morph - repo: upstream:libffi - ref: 77d4586cc47e8f4c02278afbc220145bba0d442b - unpetrify-ref: baserock/morph - name: pciutils morph: strata/foundation/pciutils.morph repo: upstream:pciutils ref: bae04bd0473c68a2f21b7712a627abb08fd84b29 unpetrify-ref: baserock/morph -- name: glib - repo: upstream:glib - ref: 966ffb16f6bd54cb3d928a55d00d0eda73592094 - unpetrify-ref: 2.44.0 - build-depends: - - libffi -- name: gobject-introspection - repo: upstream:gobject-introspection - ref: c0243e116c5e261c262dded9f4d7726a770c5a19 - unpetrify-ref: GOBJECT_INTROSPECTION_1_44_0 - build-depends: - - glib - name: dbus-pre morph: strata/foundation/dbus-pre.morph repo: upstream:dbus ref: 3c055572ced8f63eb9756caa4b1a19225f22e6ff unpetrify-ref: baserock/dbus-1.8.16-1-g3c05557/genivi/J-1.0 - build-depends: - - glib - name: libgpg-error repo: upstream:libgpg-error ref: a498812d767c59ae2b75b0c985f5280b139e7dc4 @@ -84,7 +65,6 @@ chunks: unpetrify-ref: baserock/v219-729-g163ab29-jetson_btrfs_fixes build-depends: - dbus-pre - - gobject-introspection - kmod - libcap2 - libgcrypt @@ -139,7 +119,6 @@ chunks: ref: 3c055572ced8f63eb9756caa4b1a19225f22e6ff unpetrify-ref: baserock/dbus-1.8.16-1-g3c05557/genivi/J-1.0 build-depends: - - glib - systemd - name: openssh morph: strata/foundation/openssh.morph @@ -161,7 +140,6 @@ chunks: unpetrify-ref: dbus-glib_0.102 build-depends: - dbus - - glib - name: rsync morph: strata/foundation/rsync.morph repo: upstream:rsync -- cgit v1.2.1 From 4e46e6e140afd282ddb32fdcb9b2be295bcab07a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 28 Apr 2015 14:38:35 +0100 Subject: libsoup-common and python-pygobject depends now in core Remove as well now unneeded dependecies in our cross-* systems Change-Id: Ic3ab43cc4c3c2ae5e2548a848b0c0e4d48acdf68 --- strata/libsoup-common.morph | 3 +-- strata/python-pygobject.morph | 4 +--- systems/cross-bootstrap-system-armv7lhf-generic.morph | 4 ---- systems/cross-bootstrap-system-armv8b64-generic.morph | 4 ---- systems/cross-bootstrap-system-armv8l64-generic.morph | 4 ---- systems/cross-bootstrap-system-ppc64-generic.morph | 4 ---- systems/cross-bootstrap-system-x86_64-generic.morph | 4 ---- 7 files changed, 2 insertions(+), 25 deletions(-) diff --git a/strata/libsoup-common.morph b/strata/libsoup-common.morph index b4fdaa87..ca81b6e0 100644 --- a/strata/libsoup-common.morph +++ b/strata/libsoup-common.morph @@ -1,8 +1,7 @@ name: libsoup-common kind: stratum build-depends: -# libsoup depends on foundation for 'glib', and maybe other things. -- morph: strata/foundation.morph +- morph: strata/core.morph chunks: - name: libsoup morph: strata/libsoup-common/libsoup.morph diff --git a/strata/python-pygobject.morph b/strata/python-pygobject.morph index a371cccb..39f74f6d 100644 --- a/strata/python-pygobject.morph +++ b/strata/python-pygobject.morph @@ -3,9 +3,7 @@ kind: stratum description: | Python GObject bindings build-depends: -- morph: strata/python-core.morph -# Depends on 'foundation' for GLib -- morph: strata/foundation.morph +- morph: strata/core.morph chunks: - name: pygobject morph: strata/python-pygobject/pygobject.morph diff --git a/systems/cross-bootstrap-system-armv7lhf-generic.morph b/systems/cross-bootstrap-system-armv7lhf-generic.morph index e07faa38..e52a0375 100644 --- a/systems/cross-bootstrap-system-armv7lhf-generic.morph +++ b/systems/cross-bootstrap-system-armv7lhf-generic.morph @@ -7,12 +7,8 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph -- name: foundation - morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph -- name: python-core - morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-armv8b64-generic.morph b/systems/cross-bootstrap-system-armv8b64-generic.morph index 7084333a..adfbd412 100644 --- a/systems/cross-bootstrap-system-armv8b64-generic.morph +++ b/systems/cross-bootstrap-system-armv8b64-generic.morph @@ -7,12 +7,8 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph -- name: foundation - morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph -- name: python-core - morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-armv8l64-generic.morph b/systems/cross-bootstrap-system-armv8l64-generic.morph index b05357c9..5cc2f83b 100644 --- a/systems/cross-bootstrap-system-armv8l64-generic.morph +++ b/systems/cross-bootstrap-system-armv8l64-generic.morph @@ -7,12 +7,8 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph -- name: foundation - morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph -- name: python-core - morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-ppc64-generic.morph b/systems/cross-bootstrap-system-ppc64-generic.morph index a7953aa0..35b3f626 100644 --- a/systems/cross-bootstrap-system-ppc64-generic.morph +++ b/systems/cross-bootstrap-system-ppc64-generic.morph @@ -7,12 +7,8 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph -- name: foundation - morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph -- name: python-core - morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common diff --git a/systems/cross-bootstrap-system-x86_64-generic.morph b/systems/cross-bootstrap-system-x86_64-generic.morph index 25397fe3..471bd40d 100644 --- a/systems/cross-bootstrap-system-x86_64-generic.morph +++ b/systems/cross-bootstrap-system-x86_64-generic.morph @@ -7,12 +7,8 @@ strata: morph: strata/build-essential.morph - name: core morph: strata/core.morph -- name: foundation - morph: strata/foundation.morph - name: python-cliapp morph: strata/python-cliapp.morph -- name: python-core - morph: strata/python-core.morph - name: python-pygobject morph: strata/python-pygobject.morph - name: libsoup-common -- cgit v1.2.1 From 04b9bb1a49c95c42490d9f23ab210c2497ae8412 Mon Sep 17 00:00:00 2001 From: Adam Coldrick Date: Sat, 11 Apr 2015 17:44:16 +0000 Subject: Install Pango modules file This commit adds system-integration-commands for Pango to correctly install /usr/etc/pango/pango.modules. Change-Id: Ic4f3f936e1cf70c6e6a3984f3f182965aa7361b5 --- strata/gtk-deps.morph | 1 + strata/gtk-deps/pango.morph | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 100644 strata/gtk-deps/pango.morph diff --git a/strata/gtk-deps.morph b/strata/gtk-deps.morph index 06110cdc..750ad8c2 100644 --- a/strata/gtk-deps.morph +++ b/strata/gtk-deps.morph @@ -7,6 +7,7 @@ build-depends: - morph: strata/x-common.morph chunks: - name: pango + morph: strata/gtk-deps/pango.morph repo: upstream:pango ref: e0a21abf52a0b7588b1aa3357818948816ed9103 unpetrify-ref: 1.36.8 diff --git a/strata/gtk-deps/pango.morph b/strata/gtk-deps/pango.morph new file mode 100644 index 00000000..82b00ee3 --- /dev/null +++ b/strata/gtk-deps/pango.morph @@ -0,0 +1,8 @@ +name: pango +kind: chunk +build-system: autotools +system-integration: + pango-misc: + 01-setup-modules: + - mkdir -p /usr/etc/pango/ + - /usr/bin/pango-querymodules > /usr/etc/pango/pango.modules -- cgit v1.2.1 From 92402354b7ae3f039cd3acd21ea665d77eec5c97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 28 Apr 2015 16:14:03 +0100 Subject: strata/morph-utils.morph: Use latest morph This adds: 2594f6d get-repo: Delete partially cloned repo on errors 154a760 Add armv5l to list of valid architectures fa5c470 Add a test for `morph get-repo` cc7be86 Add a `morph get-repo` command to clone repositories from the cache b0301d6 Fix regression that caused original_ref to be lost in some builds 1fd7d64 morphlib: Add example use to morph certify and fix spelling error Change-Id: I75fed399fde43a47b39f7e395aeebec656ec5333 --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 6020954e..9fdc55e4 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -41,7 +41,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: e62366ed8a32a44dbe034e8d43450338b1b66e12 + ref: 2594f6d52878ef78d9809c52c7aebbe52434dba9 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From 8ace3d897295e26d83c680db983093bd43a11b96 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Thu, 23 Apr 2015 17:07:28 +0000 Subject: pxeboot: Add symlink to pxeboot config file also for local deployments This functionality was added for remote deployments in a6d7d3a8. Some bootloaders look for a pxelinux configuration file on the TFTP server whose name is the normalized MAC address of the NIC prefixed with '01-' Change-Id: I6a5dc0cd71f72bf6cea6bbed05ebbeda765af805 --- pxeboot.write | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/pxeboot.write b/pxeboot.write index 399914f5..7e4a995a 100755 --- a/pxeboot.write +++ b/pxeboot.write @@ -313,6 +313,14 @@ class PXEBoot(morphlib.writeexts.WriteExtension): self.status(msg='Removing %(dst)s', dst=dst) os.unlink(dst) + @contextlib.contextmanager + def _local_symlink(self, src, dst): + os.symlink(src, dst) + try: + yield + finally: + os.unlink(dst) + def local_pxelinux(self, tftproot): return self._local_copy('/usr/share/syslinux/pxelinux.0', os.path.join(tftproot, 'pxelinux.0')) @@ -431,8 +439,14 @@ class PXEBoot(morphlib.writeexts.WriteExtension): self._write_pxe_config(fh=f, kernel_tftp_url=kernel_tftp_url, rootfs_nfs_url=rootfs_nfs_url, extra_args=os.environ.get('KERNEL_ARGS','')) + try: - yield + with self._local_symlink( + src=pxe_cfg_filename, + dst=os.path.join(tftproot, + 'pxelinux.cfg', + '01-' + pxe_cfg_filename)): + yield finally: os.unlink(pxe_cfg_path) -- cgit v1.2.1 From e441ea4d3956840b5181c104c785a4d44f4a3c2f Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 24 Apr 2015 17:09:32 +0000 Subject: pxeboot: add support for PXEBOOT_TARGET_INTERFACE This is to set the name of the interface of the target to pxeboot from. Some targets with more than one interface try to get the rootfs from a different interface than the interface from where the pxeboot server is reachable. Using this variable, the kernel arguments will be filled to include the device. Change-Id: I022bf6b17a66d63f7f9b8830e72ca4020158a80a --- pxeboot.write | 18 ++++++++++++++---- pxeboot.write.help | 12 ++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) mode change 100755 => 100644 pxeboot.write diff --git a/pxeboot.write b/pxeboot.write old mode 100755 new mode 100644 index 7e4a995a..3a12ebcc --- a/pxeboot.write +++ b/pxeboot.write @@ -414,14 +414,20 @@ class PXEBoot(morphlib.writeexts.WriteExtension): os.path.basename(rootfs)) @staticmethod - def _write_pxe_config(fh, kernel_tftp_url, rootfs_nfs_url, + def _write_pxe_config(fh, kernel_tftp_url, rootfs_nfs_url, device=None, fdt_subpath=None, extra_args=''): + + if device is None: + ip_cfg = "ip=dhcp" + else: + ip_cfg = "ip=:::::{device}:dhcp::".format(device=device) + fh.write(textwrap.dedent('''\ DEFAULT default LABEL default LINUX {kernel_url} - APPEND root=/dev/nfs ip=dhcp nfsroot={rootfs_nfs_url} {extra_args} - ''').format(kernel_url=kernel_tftp_url, + APPEND root=/dev/nfs {ip_cfg} nfsroot={rootfs_nfs_url} {extra_args} + ''').format(kernel_url=kernel_tftp_url, ip_cfg=ip_cfg, rootfs_nfs_url=rootfs_nfs_url, extra_args=extra_args)) if fdt_subpath is not None: fh.write("FDT {}\n".format(fdt_subpath)) @@ -429,7 +435,7 @@ class PXEBoot(morphlib.writeexts.WriteExtension): @contextlib.contextmanager def local_pxeboot_config(self, tftproot, macaddr, ip, tftp_port, - nfsroot_dir): + nfsroot_dir, device=None): kernel_tftp_url = 'tftp://{}:{}/kernel'.format(ip, tftp_port) rootfs_nfs_url = '{}:{}'.format(ip, nfsroot_dir) pxe_cfg_filename = _normalise_macaddr(macaddr) @@ -438,6 +444,7 @@ class PXEBoot(morphlib.writeexts.WriteExtension): with open(pxe_cfg_path, 'w') as f: self._write_pxe_config(fh=f, kernel_tftp_url=kernel_tftp_url, rootfs_nfs_url=rootfs_nfs_url, + device=device, extra_args=os.environ.get('KERNEL_ARGS','')) try: @@ -637,6 +644,7 @@ class PXEBoot(morphlib.writeexts.WriteExtension): def process_args(self, (temp_root, macaddr)): interface = os.environ.get('PXEBOOT_DEPLOYER_INTERFACE', None) + target_interface = os.environ.get('PXEBOOT_TARGET_INTERFACE', None) vlan = os.environ.get('PXEBOOT_VLAN') if vlan is not None: vlan = int(vlan) mode = os.environ.get('PXEBOOT_MODE') @@ -662,6 +670,7 @@ class PXEBoot(morphlib.writeexts.WriteExtension): self.local_kernel(rootfs=temp_root, tftproot=tftproot), \ self.local_nfsroot(rootfs=temp_root, target_ip=target_ip), \ self.local_pxeboot_config(tftproot=tftproot, macaddr=macaddr, + device=target_interface, ip=host_ip, tftp_port=tftp_port, nfsroot_dir=temp_root), \ self.dhcp_server(interface=interface, host_ip=host_ip, @@ -682,6 +691,7 @@ class PXEBoot(morphlib.writeexts.WriteExtension): self.local_kernel(rootfs=temp_root, tftproot=tftproot), \ self.local_nfsroot(rootfs=temp_root, target_ip=target_ip), \ self.local_pxeboot_config(tftproot=tftproot, macaddr=macaddr, + device=target_interface, ip=host_ip, tftp_port=tftp_port, nfsroot_dir=temp_root), \ self.dhcp_server(interface=interface, host_ip=host_ip, diff --git a/pxeboot.write.help b/pxeboot.write.help index 3aefe75e..7cb78bce 100644 --- a/pxeboot.write.help +++ b/pxeboot.write.help @@ -152,3 +152,15 @@ help: > device tree blob if specified, will not be removed after the deployment finishes. This variable is only meanful on the `existing-server` mode. + + + ## PXEBOOT_TARGET_INTERFACE + + Name of the interface of the target to pxeboot from. Some targets + with more than one interface try to get the rootfs from a different + interface than the interface from where the pxeboot server is + reachable. Using this variable, the kernel arguments will be filled + to include the device. + + Note that the name of this interface is the kernel's default name, + usually called ethX, and is non-determinisic. -- cgit v1.2.1 From 7b23e26d1e2bb24ca72a186ed92c3369e05ab452 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 28 Apr 2015 17:16:17 +0100 Subject: Install /etc/os-release using the new install-essential-files extension This is currently hardcoded in morph Change-Id: I34446bbdf6ad3a7bdd0c34e4fcbd79433ce0fd71 --- essential-files/etc/os-release | 5 +++++ essential-files/manifest | 2 ++ systems/armv7lhf-cross-toolchain-system-x86_32.morph | 1 + systems/armv7lhf-cross-toolchain-system-x86_64.morph | 1 + systems/base-system-armv7-highbank.morph | 1 + systems/base-system-armv7-versatile.morph | 1 + systems/base-system-armv7b-highbank.morph | 1 + systems/base-system-armv7b-vexpress-tc2.morph | 1 + systems/base-system-armv7lhf-highbank.morph | 1 + systems/base-system-ppc64-generic.morph | 1 + systems/base-system-x86_32-generic.morph | 1 + systems/base-system-x86_64-generic.morph | 1 + systems/build-system-armv7lhf-highbank.morph | 1 + systems/build-system-armv7lhf-jetson.morph | 1 + systems/build-system-armv8b64.morph | 1 + systems/build-system-armv8l64.morph | 1 + systems/build-system-ppc64.morph | 1 + systems/build-system-x86_32-chroot.morph | 1 + systems/build-system-x86_32.morph | 1 + systems/build-system-x86_64-chroot.morph | 1 + systems/build-system-x86_64.morph | 1 + systems/ceph-service-x86_64-generic.morph | 1 + systems/cxmanage-system-x86_64-generic.morph | 1 + systems/devel-system-armv7-chroot.morph | 1 + systems/devel-system-armv7-highbank.morph | 1 + systems/devel-system-armv7-versatile.morph | 1 + systems/devel-system-armv7-wandboard.morph | 1 + systems/devel-system-armv7b-chroot.morph | 1 + systems/devel-system-armv7b-highbank.morph | 1 + systems/devel-system-armv7lhf-chroot.morph | 1 + systems/devel-system-armv7lhf-highbank.morph | 1 + systems/devel-system-armv7lhf-jetson.morph | 1 + systems/devel-system-armv7lhf-wandboard.morph | 1 + systems/devel-system-armv8b64.morph | 1 + systems/devel-system-armv8l64.morph | 1 + systems/devel-system-ppc64-chroot.morph | 1 + systems/devel-system-ppc64-generic.morph | 1 + systems/devel-system-x86_32-chroot.morph | 1 + systems/devel-system-x86_32-generic.morph | 1 + systems/devel-system-x86_64-chroot.morph | 1 + systems/devel-system-x86_64-generic.morph | 1 + systems/devel-system-x86_64-vagrant.morph | 1 + systems/genivi-baseline-system-armv7lhf-jetson.morph | 1 + systems/genivi-baseline-system-armv7lhf-versatile.morph | 1 + systems/genivi-baseline-system-x86_64-generic.morph | 1 + systems/installer-system-armv8b64.morph | 1 + systems/installer-system-x86_64.morph | 1 + systems/minimal-system-x86_32-generic.morph | 1 + systems/minimal-system-x86_64-generic.morph | 1 + systems/nodejs-system-x86_64.morph | 1 + systems/openstack-system-x86_64.morph | 1 + systems/qt4-devel-system-x86_64-generic.morph | 1 + systems/qt5-devel-system-x86_64-generic.morph | 1 + systems/swift-system-x86_64.morph | 1 + systems/trove-system-x86_64.morph | 1 + systems/web-system-x86_64-generic.morph | 1 + systems/weston-system-armv7lhf-jetson.morph | 1 + systems/weston-system-x86_64-generic.morph | 1 + systems/xfce-system.morph | 1 + systems/zookeeper-client-x86_64.morph | 1 + systems/zookeeper-server-x86_64.morph | 1 + 61 files changed, 66 insertions(+) create mode 100644 essential-files/etc/os-release create mode 100644 essential-files/manifest diff --git a/essential-files/etc/os-release b/essential-files/etc/os-release new file mode 100644 index 00000000..b729c75f --- /dev/null +++ b/essential-files/etc/os-release @@ -0,0 +1,5 @@ +NAME="Baserock" +ID=baserock +HOME_URL="http://wiki.baserock.org" +SUPPORT_URL="http://wiki.baserock.org/mailinglist" +BUG_REPORT_URL="http://wiki.baserock.org/mailinglist" diff --git a/essential-files/manifest b/essential-files/manifest new file mode 100644 index 00000000..504f9cbb --- /dev/null +++ b/essential-files/manifest @@ -0,0 +1,2 @@ +0040755 0 0 /etc +overwrite 0100644 0 0 /etc/os-release diff --git a/systems/armv7lhf-cross-toolchain-system-x86_32.morph b/systems/armv7lhf-cross-toolchain-system-x86_32.morph index 3f66d178..9fe7888a 100644 --- a/systems/armv7lhf-cross-toolchain-system-x86_32.morph +++ b/systems/armv7lhf-cross-toolchain-system-x86_32.morph @@ -16,3 +16,4 @@ configuration-extensions: - simple-network - nfsboot - install-files +- install-essential-files diff --git a/systems/armv7lhf-cross-toolchain-system-x86_64.morph b/systems/armv7lhf-cross-toolchain-system-x86_64.morph index 76197491..c1de199c 100644 --- a/systems/armv7lhf-cross-toolchain-system-x86_64.morph +++ b/systems/armv7lhf-cross-toolchain-system-x86_64.morph @@ -16,3 +16,4 @@ configuration-extensions: - simple-network - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-armv7-highbank.morph b/systems/base-system-armv7-highbank.morph index 47c69bad..ffc5e188 100644 --- a/systems/base-system-armv7-highbank.morph +++ b/systems/base-system-armv7-highbank.morph @@ -17,3 +17,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-armv7-versatile.morph b/systems/base-system-armv7-versatile.morph index e5b9d7f5..8de2b35f 100644 --- a/systems/base-system-armv7-versatile.morph +++ b/systems/base-system-armv7-versatile.morph @@ -17,3 +17,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-armv7b-highbank.morph b/systems/base-system-armv7b-highbank.morph index 169d490e..23bf4dbf 100644 --- a/systems/base-system-armv7b-highbank.morph +++ b/systems/base-system-armv7b-highbank.morph @@ -17,3 +17,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-armv7b-vexpress-tc2.morph b/systems/base-system-armv7b-vexpress-tc2.morph index 76d5c006..b06ead7b 100644 --- a/systems/base-system-armv7b-vexpress-tc2.morph +++ b/systems/base-system-armv7b-vexpress-tc2.morph @@ -16,3 +16,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-armv7lhf-highbank.morph b/systems/base-system-armv7lhf-highbank.morph index b889278d..c827f3a2 100644 --- a/systems/base-system-armv7lhf-highbank.morph +++ b/systems/base-system-armv7lhf-highbank.morph @@ -17,3 +17,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-ppc64-generic.morph b/systems/base-system-ppc64-generic.morph index 488bf5e4..3763cce5 100644 --- a/systems/base-system-ppc64-generic.morph +++ b/systems/base-system-ppc64-generic.morph @@ -17,3 +17,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-x86_32-generic.morph b/systems/base-system-x86_32-generic.morph index 612778d7..7ada4052 100644 --- a/systems/base-system-x86_32-generic.morph +++ b/systems/base-system-x86_32-generic.morph @@ -16,3 +16,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/base-system-x86_64-generic.morph b/systems/base-system-x86_64-generic.morph index bd331817..796c8185 100644 --- a/systems/base-system-x86_64-generic.morph +++ b/systems/base-system-x86_64-generic.morph @@ -17,3 +17,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/build-system-armv7lhf-highbank.morph b/systems/build-system-armv7lhf-highbank.morph index 08e76885..d43ac935 100644 --- a/systems/build-system-armv7lhf-highbank.morph +++ b/systems/build-system-armv7lhf-highbank.morph @@ -52,3 +52,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/build-system-armv7lhf-jetson.morph b/systems/build-system-armv7lhf-jetson.morph index 29e1ef24..fa948037 100644 --- a/systems/build-system-armv7lhf-jetson.morph +++ b/systems/build-system-armv7lhf-jetson.morph @@ -50,3 +50,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/build-system-armv8b64.morph b/systems/build-system-armv8b64.morph index 53f78f16..84495016 100644 --- a/systems/build-system-armv8b64.morph +++ b/systems/build-system-armv8b64.morph @@ -54,3 +54,4 @@ configuration-extensions: - mason - cloud-init - moonshot-kernel +- install-essential-files diff --git a/systems/build-system-armv8l64.morph b/systems/build-system-armv8l64.morph index c6f18bb9..f79fb76e 100644 --- a/systems/build-system-armv8l64.morph +++ b/systems/build-system-armv8l64.morph @@ -54,3 +54,4 @@ configuration-extensions: - mason - cloud-init - moonshot-kernel +- install-essential-files diff --git a/systems/build-system-ppc64.morph b/systems/build-system-ppc64.morph index bf99c769..38f2e9f3 100644 --- a/systems/build-system-ppc64.morph +++ b/systems/build-system-ppc64.morph @@ -50,3 +50,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/build-system-x86_32-chroot.morph b/systems/build-system-x86_32-chroot.morph index 1d94f3e4..f193841f 100644 --- a/systems/build-system-x86_32-chroot.morph +++ b/systems/build-system-x86_32-chroot.morph @@ -50,3 +50,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/build-system-x86_32.morph b/systems/build-system-x86_32.morph index 6a296819..a802b64f 100644 --- a/systems/build-system-x86_32.morph +++ b/systems/build-system-x86_32.morph @@ -52,3 +52,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/build-system-x86_64-chroot.morph b/systems/build-system-x86_64-chroot.morph index f2be63cf..fa54f9d3 100644 --- a/systems/build-system-x86_64-chroot.morph +++ b/systems/build-system-x86_64-chroot.morph @@ -50,3 +50,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/build-system-x86_64.morph b/systems/build-system-x86_64.morph index 922e26f7..8fe5f91f 100644 --- a/systems/build-system-x86_64.morph +++ b/systems/build-system-x86_64.morph @@ -52,3 +52,4 @@ configuration-extensions: - fstab - mason - cloud-init +- install-essential-files diff --git a/systems/ceph-service-x86_64-generic.morph b/systems/ceph-service-x86_64-generic.morph index e585c2d6..7431e56a 100644 --- a/systems/ceph-service-x86_64-generic.morph +++ b/systems/ceph-service-x86_64-generic.morph @@ -61,3 +61,4 @@ configuration-extensions: - install-files - ceph - cloud-init +- install-essential-files diff --git a/systems/cxmanage-system-x86_64-generic.morph b/systems/cxmanage-system-x86_64-generic.morph index d75fbd14..aaa0fa81 100644 --- a/systems/cxmanage-system-x86_64-generic.morph +++ b/systems/cxmanage-system-x86_64-generic.morph @@ -21,3 +21,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7-chroot.morph b/systems/devel-system-armv7-chroot.morph index d6c78c13..550395d6 100644 --- a/systems/devel-system-armv7-chroot.morph +++ b/systems/devel-system-armv7-chroot.morph @@ -57,3 +57,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7-highbank.morph b/systems/devel-system-armv7-highbank.morph index dae24fff..dd9e315a 100644 --- a/systems/devel-system-armv7-highbank.morph +++ b/systems/devel-system-armv7-highbank.morph @@ -60,3 +60,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7-versatile.morph b/systems/devel-system-armv7-versatile.morph index b0eafe82..720561bf 100644 --- a/systems/devel-system-armv7-versatile.morph +++ b/systems/devel-system-armv7-versatile.morph @@ -58,3 +58,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7-wandboard.morph b/systems/devel-system-armv7-wandboard.morph index df521772..b7395cee 100644 --- a/systems/devel-system-armv7-wandboard.morph +++ b/systems/devel-system-armv7-wandboard.morph @@ -58,3 +58,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7b-chroot.morph b/systems/devel-system-armv7b-chroot.morph index 2982f422..e4457246 100644 --- a/systems/devel-system-armv7b-chroot.morph +++ b/systems/devel-system-armv7b-chroot.morph @@ -49,3 +49,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7b-highbank.morph b/systems/devel-system-armv7b-highbank.morph index b1710b78..990aec67 100644 --- a/systems/devel-system-armv7b-highbank.morph +++ b/systems/devel-system-armv7b-highbank.morph @@ -56,3 +56,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7lhf-chroot.morph b/systems/devel-system-armv7lhf-chroot.morph index 894686fe..340a27ce 100644 --- a/systems/devel-system-armv7lhf-chroot.morph +++ b/systems/devel-system-armv7lhf-chroot.morph @@ -57,3 +57,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7lhf-highbank.morph b/systems/devel-system-armv7lhf-highbank.morph index 928f9ce2..a4ba2d92 100644 --- a/systems/devel-system-armv7lhf-highbank.morph +++ b/systems/devel-system-armv7lhf-highbank.morph @@ -63,3 +63,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7lhf-jetson.morph b/systems/devel-system-armv7lhf-jetson.morph index 14a3f193..1adde07b 100644 --- a/systems/devel-system-armv7lhf-jetson.morph +++ b/systems/devel-system-armv7lhf-jetson.morph @@ -61,3 +61,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv7lhf-wandboard.morph b/systems/devel-system-armv7lhf-wandboard.morph index 44c9e4e8..05648b97 100644 --- a/systems/devel-system-armv7lhf-wandboard.morph +++ b/systems/devel-system-armv7lhf-wandboard.morph @@ -61,3 +61,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-armv8b64.morph b/systems/devel-system-armv8b64.morph index 488574ed..33ceb5a6 100644 --- a/systems/devel-system-armv8b64.morph +++ b/systems/devel-system-armv8b64.morph @@ -62,3 +62,4 @@ configuration-extensions: - install-files - cloud-init - moonshot-kernel +- install-essential-files diff --git a/systems/devel-system-armv8l64.morph b/systems/devel-system-armv8l64.morph index e84caa74..b5765cac 100644 --- a/systems/devel-system-armv8l64.morph +++ b/systems/devel-system-armv8l64.morph @@ -63,3 +63,4 @@ configuration-extensions: - cloud-init - moonshot-kernel - fstab +- install-essential-files diff --git a/systems/devel-system-ppc64-chroot.morph b/systems/devel-system-ppc64-chroot.morph index 44df4803..a2baa9e0 100644 --- a/systems/devel-system-ppc64-chroot.morph +++ b/systems/devel-system-ppc64-chroot.morph @@ -55,3 +55,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-ppc64-generic.morph b/systems/devel-system-ppc64-generic.morph index a6bf2f0d..dd009bc1 100644 --- a/systems/devel-system-ppc64-generic.morph +++ b/systems/devel-system-ppc64-generic.morph @@ -58,3 +58,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-x86_32-chroot.morph b/systems/devel-system-x86_32-chroot.morph index 1cc2add1..f263897e 100644 --- a/systems/devel-system-x86_32-chroot.morph +++ b/systems/devel-system-x86_32-chroot.morph @@ -57,3 +57,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-x86_32-generic.morph b/systems/devel-system-x86_32-generic.morph index 8baf62aa..05fa6dcc 100644 --- a/systems/devel-system-x86_32-generic.morph +++ b/systems/devel-system-x86_32-generic.morph @@ -63,3 +63,4 @@ configuration-extensions: - install-files - cloud-init - fstab +- install-essential-files diff --git a/systems/devel-system-x86_64-chroot.morph b/systems/devel-system-x86_64-chroot.morph index 8e8ff87a..e2f9e20a 100644 --- a/systems/devel-system-x86_64-chroot.morph +++ b/systems/devel-system-x86_64-chroot.morph @@ -59,3 +59,4 @@ configuration-extensions: - nfsboot - install-files - fstab +- install-essential-files diff --git a/systems/devel-system-x86_64-generic.morph b/systems/devel-system-x86_64-generic.morph index 0f4bb371..ac6b52d5 100644 --- a/systems/devel-system-x86_64-generic.morph +++ b/systems/devel-system-x86_64-generic.morph @@ -64,3 +64,4 @@ configuration-extensions: - install-files - cloud-init - fstab +- install-essential-files diff --git a/systems/devel-system-x86_64-vagrant.morph b/systems/devel-system-x86_64-vagrant.morph index 4c3e0b33..a69028c2 100644 --- a/systems/devel-system-x86_64-vagrant.morph +++ b/systems/devel-system-x86_64-vagrant.morph @@ -61,3 +61,4 @@ configuration-extensions: - install-files - vagrant - fstab +- install-essential-files diff --git a/systems/genivi-baseline-system-armv7lhf-jetson.morph b/systems/genivi-baseline-system-armv7lhf-jetson.morph index 512248e2..9306426d 100644 --- a/systems/genivi-baseline-system-armv7lhf-jetson.morph +++ b/systems/genivi-baseline-system-armv7lhf-jetson.morph @@ -44,3 +44,4 @@ configuration-extensions: - install-files - strip-gplv3 - fstab +- install-essential-files diff --git a/systems/genivi-baseline-system-armv7lhf-versatile.morph b/systems/genivi-baseline-system-armv7lhf-versatile.morph index ee089536..698230bb 100644 --- a/systems/genivi-baseline-system-armv7lhf-versatile.morph +++ b/systems/genivi-baseline-system-armv7lhf-versatile.morph @@ -42,3 +42,4 @@ configuration-extensions: - install-files - strip-gplv3 - fstab +- install-essential-files diff --git a/systems/genivi-baseline-system-x86_64-generic.morph b/systems/genivi-baseline-system-x86_64-generic.morph index d50068e9..f04485bc 100644 --- a/systems/genivi-baseline-system-x86_64-generic.morph +++ b/systems/genivi-baseline-system-x86_64-generic.morph @@ -45,3 +45,4 @@ configuration-extensions: - nfsboot - install-files - strip-gplv3 +- install-essential-files diff --git a/systems/installer-system-armv8b64.morph b/systems/installer-system-armv8b64.morph index a5b7355d..726354c9 100644 --- a/systems/installer-system-armv8b64.morph +++ b/systems/installer-system-armv8b64.morph @@ -33,3 +33,4 @@ configuration-extensions: - fstab - installer - moonshot-kernel +- install-essential-files diff --git a/systems/installer-system-x86_64.morph b/systems/installer-system-x86_64.morph index 00ed7c69..3d0ced5d 100644 --- a/systems/installer-system-x86_64.morph +++ b/systems/installer-system-x86_64.morph @@ -32,3 +32,4 @@ configuration-extensions: - install-files - fstab - installer +- install-essential-files diff --git a/systems/minimal-system-x86_32-generic.morph b/systems/minimal-system-x86_32-generic.morph index 6c48361f..785a72a2 100644 --- a/systems/minimal-system-x86_32-generic.morph +++ b/systems/minimal-system-x86_32-generic.morph @@ -18,3 +18,4 @@ configuration-extensions: - nfsboot - install-files - busybox-init +- install-essential-files diff --git a/systems/minimal-system-x86_64-generic.morph b/systems/minimal-system-x86_64-generic.morph index 02fb7deb..9da22ec8 100644 --- a/systems/minimal-system-x86_64-generic.morph +++ b/systems/minimal-system-x86_64-generic.morph @@ -18,3 +18,4 @@ configuration-extensions: - nfsboot - install-files - busybox-init +- install-essential-files diff --git a/systems/nodejs-system-x86_64.morph b/systems/nodejs-system-x86_64.morph index 2692e2fc..d5ebcf30 100644 --- a/systems/nodejs-system-x86_64.morph +++ b/systems/nodejs-system-x86_64.morph @@ -19,3 +19,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 631fedb2..67d914af 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -76,3 +76,4 @@ configuration-extensions: - openstack-ceilometer - fstab - openstack-ironic +- install-essential-files diff --git a/systems/qt4-devel-system-x86_64-generic.morph b/systems/qt4-devel-system-x86_64-generic.morph index 0a98f205..15b85f70 100644 --- a/systems/qt4-devel-system-x86_64-generic.morph +++ b/systems/qt4-devel-system-x86_64-generic.morph @@ -41,3 +41,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/qt5-devel-system-x86_64-generic.morph b/systems/qt5-devel-system-x86_64-generic.morph index 0f768536..3cdce60c 100644 --- a/systems/qt5-devel-system-x86_64-generic.morph +++ b/systems/qt5-devel-system-x86_64-generic.morph @@ -43,3 +43,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/swift-system-x86_64.morph b/systems/swift-system-x86_64.morph index 442c2609..81738558 100644 --- a/systems/swift-system-x86_64.morph +++ b/systems/swift-system-x86_64.morph @@ -31,3 +31,4 @@ configuration-extensions: - install-files - fstab - swift-storage +- install-essential-files diff --git a/systems/trove-system-x86_64.morph b/systems/trove-system-x86_64.morph index 5881cb51..0a5692f5 100644 --- a/systems/trove-system-x86_64.morph +++ b/systems/trove-system-x86_64.morph @@ -54,3 +54,4 @@ configuration-extensions: - fstab - install-files - cloud-init +- install-essential-files diff --git a/systems/web-system-x86_64-generic.morph b/systems/web-system-x86_64-generic.morph index 22aa88c0..0b6e84b1 100644 --- a/systems/web-system-x86_64-generic.morph +++ b/systems/web-system-x86_64-generic.morph @@ -34,3 +34,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/weston-system-armv7lhf-jetson.morph b/systems/weston-system-armv7lhf-jetson.morph index e1979d44..ccb2c3ee 100644 --- a/systems/weston-system-armv7lhf-jetson.morph +++ b/systems/weston-system-armv7lhf-jetson.morph @@ -46,3 +46,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/weston-system-x86_64-generic.morph b/systems/weston-system-x86_64-generic.morph index dfa5c3df..84f0bad0 100644 --- a/systems/weston-system-x86_64-generic.morph +++ b/systems/weston-system-x86_64-generic.morph @@ -46,3 +46,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/xfce-system.morph b/systems/xfce-system.morph index 9570c1f6..643291d6 100644 --- a/systems/xfce-system.morph +++ b/systems/xfce-system.morph @@ -52,3 +52,4 @@ configuration-extensions: - add-config-files - nfsboot - install-files +- install-essential-files diff --git a/systems/zookeeper-client-x86_64.morph b/systems/zookeeper-client-x86_64.morph index a2d64a63..ad16f056 100644 --- a/systems/zookeeper-client-x86_64.morph +++ b/systems/zookeeper-client-x86_64.morph @@ -23,3 +23,4 @@ configuration-extensions: - simple-network - nfsboot - install-files +- install-essential-files diff --git a/systems/zookeeper-server-x86_64.morph b/systems/zookeeper-server-x86_64.morph index be0a8791..1fbb5456 100644 --- a/systems/zookeeper-server-x86_64.morph +++ b/systems/zookeeper-server-x86_64.morph @@ -23,3 +23,4 @@ configuration-extensions: - simple-network - nfsboot - install-files +- install-essential-files -- cgit v1.2.1 From faea8af5b347966602684deb02339733a708856d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 1 Apr 2015 21:55:11 +0100 Subject: Add essential-files/etc/profile Also source /etc/bash.bashrc so bash will work properly if we use it for login Change-Id: I4a4b238f84c44858904b0a208ef8737a859c355d --- essential-files/etc/profile | 9 +++++++++ essential-files/manifest | 1 + strata/build-essential/busybox.morph | 5 ----- 3 files changed, 10 insertions(+), 5 deletions(-) create mode 100644 essential-files/etc/profile diff --git a/essential-files/etc/profile b/essential-files/etc/profile new file mode 100644 index 00000000..c5bddd0d --- /dev/null +++ b/essential-files/etc/profile @@ -0,0 +1,9 @@ +# /etc/profile + +# Source global bash config +if test "$PS1" && test "$BASH" && test -r /etc/bash.bashrc; then + . /etc/bash.bashrc +fi + +# Set default pager to less +export MANPAGER='less -R' diff --git a/essential-files/manifest b/essential-files/manifest index 504f9cbb..1294534f 100644 --- a/essential-files/manifest +++ b/essential-files/manifest @@ -1,2 +1,3 @@ 0040755 0 0 /etc overwrite 0100644 0 0 /etc/os-release +overwrite 0100644 0 0 /etc/profile diff --git a/strata/build-essential/busybox.morph b/strata/build-essential/busybox.morph index 85327648..b5418bc0 100644 --- a/strata/build-essential/busybox.morph +++ b/strata/build-essential/busybox.morph @@ -67,11 +67,6 @@ install-commands: # Set up man environment variables - mkdir -p "$DESTDIR"/etc -- | - cat << EOF > "$DESTDIR/etc/profile" - # Set default pager to less - export MANPAGER='less -R' - EOF - | cat << EOF > "$DESTDIR/etc/man.conf" # This file is used by man to provide a manpath for those without one by -- cgit v1.2.1 From db1fe6e41bebf7da71d11fe9bc492ede1821f57b Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Sun, 19 Apr 2015 12:22:57 +0000 Subject: Move definitions to version 2 The version of morph we now have in definitions master supports definitions version 2 Version 2 makes paths to non-existent chunk morphs invalid, prior to version 2 morph would simply ignore paths to non-existent chunk morphs and either use the morph in the chunk repo (if there was one) or run build system detection. With version 2, if morph encounters a path to a chunk morph that doesn't exist it will error with an error message such as: "ERROR: Couldn't find morphology: strata/cats/xattr.morph referenced in strata/swift.morph" Change-Id: I8c1d6808567e0aaccee7a7c99740167ec956c007 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index b8255184..22817d2a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -version: 1 +version: 2 -- cgit v1.2.1 From 678a0e030366b5c33a44d8f5b42c12cdc3aa3f60 Mon Sep 17 00:00:00 2001 From: Javier Jardon Date: Wed, 1 Apr 2015 15:30:28 +0000 Subject: strata/core/bash.morph: Add configuration file /etc/bash.bashrc This will: - Enable bash autocompletion if it's installed - Reset the terminal title when exit the current process Change-Id: Ic46a1edd1f84cf54f189956559344a85d8b64638 --- strata/core/bash.morph | 39 ++++++++++++++++++++++++++++++++++----- 1 file changed, 34 insertions(+), 5 deletions(-) diff --git a/strata/core/bash.morph b/strata/core/bash.morph index 9639593b..5d0b8f03 100644 --- a/strata/core/bash.morph +++ b/strata/core/bash.morph @@ -1,8 +1,37 @@ name: bash kind: chunk +build-system: autotools configure-commands: -- ./configure --prefix=/usr --bindir=/bin --without-bash-malloc --with-installed-readline -build-commands: -- make -install-commands: -- make DESTDIR="$DESTDIR" install +- | + export CFLAGS="${CFLAGS} -DSYS_BASHRC='\"/etc/bash.bashrc\"'"; + ./configure --prefix="$PREFIX" \ + --bindir=/bin \ + --without-bash-malloc \ + --with-installed-readline \ + --enable-readline +post-install-commands: +- | + cat <<'EOF' >> bash.bashrc + # + # /etc/bash.bashrc + # + + # If not running interactively, don't do anything + [[ $- != *i* ]] && return + + # Configure prompt for different terminals + case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*) + PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' + + ;; + screen) + PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033_%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' + ;; + esac + + # Enable bash completion if present + [ -r /usr/share/bash-completion/bash_completion ] && . /usr/share/bash-completion/bash_completion + EOF +- mkdir -p "$DESTDIR"/etc +- install -m 644 bash.bashrc "$DESTDIR"/etc/bash.bashrc -- cgit v1.2.1 From aae1e3dec176ebc40cd233a29cf48c04d856fac5 Mon Sep 17 00:00:00 2001 From: Jonathan Maw Date: Wed, 22 Apr 2015 15:22:09 +0000 Subject: Fix linux-pam This involves: * Reordering the chunks linux-pam, acl, attr and libcap2 - this means moving them into the 'core' stratum, and fixing errors that occur because of the move. * Configuring pam correctly. * Fix acl failing to build in core. * Fix shadow to build against pam and reconfigure shadow to not do things covered by pam. * Fix tar not building - I am not sure what caused this to fail to build, but fixing it involved stopping it from trying to init submodules that were already checked out. Change-Id: I1b00ca0158c31ce5f31c11fe60816434508a05a1 --- strata/core.morph | 77 +++++++++++++++++++++++++++++++++------ strata/core/acl.morph | 6 +++ strata/core/attr.morph | 18 +++++++++ strata/core/libcap2.morph | 6 +++ strata/core/linux-pam.morph | 9 +++++ strata/core/shadow.morph | 36 +++++++++++++++++- strata/core/util-linux.morph | 6 ++- strata/coreutils-common/tar.morph | 3 +- strata/foundation.morph | 30 --------------- strata/foundation/acl.morph | 6 --- strata/foundation/attr.morph | 18 --------- strata/foundation/libcap2.morph | 6 --- strata/foundation/linux-pam.morph | 15 -------- 13 files changed, 147 insertions(+), 89 deletions(-) create mode 100644 strata/core/acl.morph create mode 100644 strata/core/attr.morph create mode 100644 strata/core/libcap2.morph create mode 100644 strata/core/linux-pam.morph delete mode 100644 strata/foundation/acl.morph delete mode 100644 strata/foundation/attr.morph delete mode 100644 strata/foundation/libcap2.morph delete mode 100644 strata/foundation/linux-pam.morph diff --git a/strata/core.morph b/strata/core.morph index 56cdd925..7f30de1c 100644 --- a/strata/core.morph +++ b/strata/core.morph @@ -234,25 +234,55 @@ chunks: - autoconf-tarball - automake - libtool-tarball -- name: util-linux - morph: strata/core/util-linux.morph - repo: upstream:util-linux - ref: 34760e62e0d5a25262a6aa801b2f1df61216363f - unpetrify-ref: v2.26.1 +- name: attr + morph: strata/core/attr.morph + repo: upstream:attr + ref: 4b005410f865895d4dcd56e2c135278a7a315877 + unpetrify-ref: baserock/morph + build-depends: + - autoconf-tarball + - automake + - gettext-tarball + - libtool-tarball +- name: acl + morph: strata/core/acl.morph + repo: upstream:acl + ref: f13e09bd54fd4a501c4952f002ed2752bdd9f93b + unpetrify-ref: v2.2.52 + build-depends: + - autoconf-tarball + - automake + - gettext-tarball + - libtool-tarball + - attr +- name: linux-pam + morph: strata/core/linux-pam.morph + repo: upstream:linux-pam + ref: b1521c97e73b10469f7b34c0571d51c647eca83c + unpetrify-ref: Linux-PAM-1.1.8 build-depends: - autoconf-tarball - automake - gettext-tarball - - git - libtool-tarball - pkg-config -- name: bc - repo: upstream:bc-tarball - ref: 0956d119432ff6a2e85bae1fa336df799cad70b0 + - flex + - attr + - acl +- name: libcap2 + morph: strata/core/libcap2.morph + repo: upstream:libcap2 + ref: 4f7cca1bc9c2a274edb39d351b65747010d3ba7b unpetrify-ref: baserock/morph build-depends: - - flex - - texinfo-tarball + - autoconf-tarball + - automake + - gettext-tarball + - libtool-tarball + - pkg-config + - attr + - acl + - linux-pam - name: shadow morph: strata/core/shadow.morph repo: upstream:shadow @@ -264,6 +294,31 @@ chunks: - gettext-tarball - libtool-tarball - bison + - attr + - acl + - linux-pam + - libcap2 +- name: util-linux + morph: strata/core/util-linux.morph + repo: upstream:util-linux + ref: 34760e62e0d5a25262a6aa801b2f1df61216363f + unpetrify-ref: v2.26.1 + build-depends: + - autoconf-tarball + - automake + - gettext-tarball + - git + - libtool-tarball + - pkg-config + - linux-pam + - shadow +- name: bc + repo: upstream:bc-tarball + ref: 0956d119432ff6a2e85bae1fa336df799cad70b0 + unpetrify-ref: baserock/morph + build-depends: + - flex + - texinfo-tarball - name: patch morph: strata/core/patch.morph repo: upstream:patch diff --git a/strata/core/acl.morph b/strata/core/acl.morph new file mode 100644 index 00000000..23f08c1f --- /dev/null +++ b/strata/core/acl.morph @@ -0,0 +1,6 @@ +name: acl +kind: chunk +build-commands: +- make +install-commands: +- make DESTDIR="$DESTDIR" install-lib install-dev diff --git a/strata/core/attr.morph b/strata/core/attr.morph new file mode 100644 index 00000000..46d0b9c0 --- /dev/null +++ b/strata/core/attr.morph @@ -0,0 +1,18 @@ +name: attr +kind: chunk +build-system: autotools +configure-commands: +- make configure +- | + ./configure --prefix="$PREFIX" \ + --exec-prefix="$PREFIX" \ + --sbindir="$PREFIX"/sbin \ + --bindir="$PREFIX"/bin \ + --libdir="$PREFIX"/lib \ + --libexecdir="$PREFIX"/lib \ + --enable-lib64=yes \ + --includedir="$PREFIX"/include \ + --mandir="$PREFIX"/share/man \ + --datadir="$PREFIX"/share +install-commands: +- make DESTDIR="$DESTDIR" install-lib install-dev diff --git a/strata/core/libcap2.morph b/strata/core/libcap2.morph new file mode 100644 index 00000000..3e4f205e --- /dev/null +++ b/strata/core/libcap2.morph @@ -0,0 +1,6 @@ +name: libcap2 +kind: chunk +build-commands: +- make prefix="$PREFIX" +install-commands: +- make prefix="$PREFIX" DESTDIR="$DESTDIR" RAISE_SETFCAP=no install lib=lib diff --git a/strata/core/linux-pam.morph b/strata/core/linux-pam.morph new file mode 100644 index 00000000..71ad98e9 --- /dev/null +++ b/strata/core/linux-pam.morph @@ -0,0 +1,9 @@ +name: linux-pam +kind: chunk +build-system: autotools +pre-configure-commands: +- autoreconf -ivf +configure-commands: +# libdir has to be specified or it'll go into lib64. It has to be /lib because +# systemd installs its pam library into /lib/security. +- ./configure --prefix="$PREFIX" --libdir="/lib" diff --git a/strata/core/shadow.morph b/strata/core/shadow.morph index 6887a6b3..d709ddcb 100644 --- a/strata/core/shadow.morph +++ b/strata/core/shadow.morph @@ -2,4 +2,38 @@ name: shadow kind: chunk build-system: autotools configure-commands: -- ./autogen.sh --with-selinux=no --sysconfdir=/etc +# Installing to /bin so that they overwrite busybox login. +- | + ./autogen.sh --with-selinux=no \ + --sysconfdir=/etc \ + --with-pam=yes \ + --prefix="$PREFIX" \ + --bindir=/bin +post-install-commands: +# Disable things handled by pam instead +- rm "$DESTDIR/etc/limits" +- rm "$DESTDIR/etc/login.access" +- | + for OPTION in FAIL_DELAY \ + FAILLOG_ENAB \ + LASTLOG_ENAB \ + MAIL_CHECK_ENAB \ + OBSCURE_CHECKS_ENAB \ + PORTTIME_CHECKS_ENAB \ + QUOTAS_ENAB \ + CONSOLE MOTD_FILE \ + FTMP_FILE \ + NOLOGINS_FILE \ + ENV_HZ \ + PASS_MIN_LEN \ + SU_WHEEL_ONLY \ + CRACKLIB_DICTPATH \ + PASS_CHANGE_TRIES \ + PASS_ALWAYS_WARN \ + CHFN_AUTH \ + ENCRYPT_METHOD \ + ENVIRON_FILE + do + sed -i "s/^${OPTION}.*/# & #This option is handled by PAM instead./" \ + "$DESTDIR/etc/login.defs" + done diff --git a/strata/core/util-linux.morph b/strata/core/util-linux.morph index 22f19529..eebba6f6 100644 --- a/strata/core/util-linux.morph +++ b/strata/core/util-linux.morph @@ -3,4 +3,8 @@ kind: chunk build-system: autotools configure-commands: - ./autogen.sh -- ./configure --prefix="$PREFIX" --disable-use-tty-group +# Installing to /bin so that they overwrite busybox login. +- | + ./configure --prefix="$PREFIX" \ + --disable-use-tty-group \ + --bindir=/bin diff --git a/strata/coreutils-common/tar.morph b/strata/coreutils-common/tar.morph index d9ee3a36..17d6a597 100644 --- a/strata/coreutils-common/tar.morph +++ b/strata/coreutils-common/tar.morph @@ -2,7 +2,8 @@ name: tar kind: chunk build-system: autotools pre-configure-commands: -- bash bootstrap --skip-po +- rm .gitmodules +- bash bootstrap --skip-po --gnulib-srcdir="$(pwd)/gnulib" --paxutils-srcdir="$(pwd)/paxutils" configure-commands: # Configure flag notes: # 1. Needed to run configure as root diff --git a/strata/foundation.morph b/strata/foundation.morph index c352ef1e..95652fb0 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -8,11 +8,6 @@ chunks: repo: upstream:bash-completion ref: 3085c7e12179817a02a611016606391295c69942 unpetrify-ref: 2.1 -- name: attr - morph: strata/foundation/attr.morph - repo: upstream:attr - ref: 4b005410f865895d4dcd56e2c135278a7a315877 - unpetrify-ref: baserock/morph - name: groff morph: strata/foundation/groff.morph repo: upstream:groff-git @@ -28,13 +23,6 @@ chunks: repo: upstream:tz ref: a0782484f101ac55c916568bc1c490d7761fc904 unpetrify-ref: 2015a -- name: libcap2 - morph: strata/foundation/libcap2.morph - repo: upstream:libcap2 - ref: 4f7cca1bc9c2a274edb39d351b65747010d3ba7b - unpetrify-ref: baserock/morph - build-depends: - - attr - name: pciutils morph: strata/foundation/pciutils.morph repo: upstream:pciutils @@ -53,11 +41,6 @@ chunks: ref: 412eed473b557ed2172d81d76fa1e1f53c973a67 build-depends: - libgpg-error -- name: linux-pam - morph: strata/foundation/linux-pam.morph - repo: upstream:linux-pam - ref: b1521c97e73b10469f7b34c0571d51c647eca83c - unpetrify-ref: Linux-PAM-1.1.8 - name: systemd morph: strata/foundation/systemd.morph repo: upstream:systemd @@ -66,9 +49,7 @@ chunks: build-depends: - dbus-pre - kmod - - libcap2 - libgcrypt - - linux-pam - name: libusb repo: upstream:libusb ref: e11525c66c7dd2db466c8f5785ff0b37d6a99ec9 @@ -91,13 +72,6 @@ chunks: repo: upstream:fuse ref: d69e627e79862e2df4ff9ff1ddb0363c4520d8a8 unpetrify-ref: baserock/morph -- name: acl - morph: strata/foundation/acl.morph - repo: upstream:acl - ref: f13e09bd54fd4a501c4952f002ed2752bdd9f93b - unpetrify-ref: v2.2.52 - build-depends: - - attr - name: e2fsprogs morph: strata/foundation/e2fsprogs.morph repo: upstream:e2fsprogs @@ -109,8 +83,6 @@ chunks: ref: 563ff3b07d85517e3589a1f2e6f45a8265e3f071 unpetrify-ref: v3.18.2 build-depends: - - attr - - acl - lzo - e2fsprogs - name: dbus @@ -132,8 +104,6 @@ chunks: repo: baserock:baserock/tbdiff ref: 47fb728f2432929868666afc915dbc5a64836c08 unpetrify-ref: master - build-depends: - - attr - name: dbus-glib repo: upstream:dbus-glib ref: 397e8297d433547c9bf4150ddd2b9e0b4c39628c diff --git a/strata/foundation/acl.morph b/strata/foundation/acl.morph deleted file mode 100644 index c742d8ae..00000000 --- a/strata/foundation/acl.morph +++ /dev/null @@ -1,6 +0,0 @@ -name: acl -kind: chunk -build-commands: -- make -install-commands: -- make DESTDIR="$DESTDIR" install-dev diff --git a/strata/foundation/attr.morph b/strata/foundation/attr.morph deleted file mode 100644 index 46d0b9c0..00000000 --- a/strata/foundation/attr.morph +++ /dev/null @@ -1,18 +0,0 @@ -name: attr -kind: chunk -build-system: autotools -configure-commands: -- make configure -- | - ./configure --prefix="$PREFIX" \ - --exec-prefix="$PREFIX" \ - --sbindir="$PREFIX"/sbin \ - --bindir="$PREFIX"/bin \ - --libdir="$PREFIX"/lib \ - --libexecdir="$PREFIX"/lib \ - --enable-lib64=yes \ - --includedir="$PREFIX"/include \ - --mandir="$PREFIX"/share/man \ - --datadir="$PREFIX"/share -install-commands: -- make DESTDIR="$DESTDIR" install-lib install-dev diff --git a/strata/foundation/libcap2.morph b/strata/foundation/libcap2.morph deleted file mode 100644 index 3e4f205e..00000000 --- a/strata/foundation/libcap2.morph +++ /dev/null @@ -1,6 +0,0 @@ -name: libcap2 -kind: chunk -build-commands: -- make prefix="$PREFIX" -install-commands: -- make prefix="$PREFIX" DESTDIR="$DESTDIR" RAISE_SETFCAP=no install lib=lib diff --git a/strata/foundation/linux-pam.morph b/strata/foundation/linux-pam.morph deleted file mode 100644 index 0dfbe759..00000000 --- a/strata/foundation/linux-pam.morph +++ /dev/null @@ -1,15 +0,0 @@ -name: linux-pam -kind: chunk -build-system: autotools -pre-configure-commands: -- autoreconf -ivf -post-install-commands: -# sudo command is expecting this file. -- | - install -D -m 0644 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/pam.d/other - #%PAM-1.0 - auth required pam_unix.so - account required pam_unix.so - password required pam_unix.so - session required pam_unix.so - EOF -- cgit v1.2.1 From 000136bd1ac5102cd6780928bf5ba4a4756f89a8 Mon Sep 17 00:00:00 2001 From: Jonathan Maw Date: Thu, 23 Apr 2015 17:04:01 +0000 Subject: Configure systemd to support user instances This involves: * A workaround to user@.service being shut down prematurely. * Fixing a systemd unit using 'kill' from a path that doesn't necessarily exist. Change-Id: Iacad155da9752313a2e4bbaae34a3e593d6ecc1b --- strata/foundation/systemd.morph | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/strata/foundation/systemd.morph b/strata/foundation/systemd.morph index c53cef39..efca734f 100644 --- a/strata/foundation/systemd.morph +++ b/strata/foundation/systemd.morph @@ -1,10 +1,20 @@ name: systemd kind: chunk build-system: autotools +pre-configure-commands: +# systemd prematurely kills the user session. This is a known bug in systemd +# https://bugs.freedesktop.org/show_bug.cgi?id=70593 +- | + cat >> units/user@.service.m4.in < Date: Mon, 27 Apr 2015 10:55:08 +0000 Subject: Update libgpg-error to latest release (1.19) This release fixed problems when compiling with GCC 5.1 Change-Id: I7c5f3f97cb124980eb04cca23bcf6cb5199e9d77 --- strata/foundation.morph | 3 ++- strata/foundation/libgpg-error.morph | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 strata/foundation/libgpg-error.morph diff --git a/strata/foundation.morph b/strata/foundation.morph index 95652fb0..81b2718a 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -34,8 +34,9 @@ chunks: ref: 3c055572ced8f63eb9756caa4b1a19225f22e6ff unpetrify-ref: baserock/dbus-1.8.16-1-g3c05557/genivi/J-1.0 - name: libgpg-error + morph: strata/foundation/libgpg-error.morph repo: upstream:libgpg-error - ref: a498812d767c59ae2b75b0c985f5280b139e7dc4 + ref: libgpg-error-1.19 - name: libgcrypt repo: upstream:libgcrypt ref: 412eed473b557ed2172d81d76fa1e1f53c973a67 diff --git a/strata/foundation/libgpg-error.morph b/strata/foundation/libgpg-error.morph new file mode 100644 index 00000000..bc8dcdab --- /dev/null +++ b/strata/foundation/libgpg-error.morph @@ -0,0 +1,7 @@ +name: libgpg-error +kind: chunk +build-system: autotools +pre-configure-commands: +- autoreconf -fi +configure-commands: +- ./configure --prefix="$PREFIX" --disable-doc -- cgit v1.2.1 From acb29d344d117133891199ea536d9c4d34c7d05e Mon Sep 17 00:00:00 2001 From: Javier Jardon Date: Mon, 27 Apr 2015 10:56:36 +0000 Subject: Upgrade to GCC 5.1 Change-Id: Iad8f11341a4a770c14393a50d1b0d3e26c076dbf --- strata/armv7lhf-cross-toolchain.morph | 12 ++++++------ strata/build-essential.morph | 20 ++++++++++---------- strata/build-essential/stage2-glibc.morph | 1 + strata/build-essential/stage2-libstdc++.morph | 2 +- 4 files changed, 18 insertions(+), 17 deletions(-) diff --git a/strata/armv7lhf-cross-toolchain.morph b/strata/armv7lhf-cross-toolchain.morph index ffc4a9dd..591fa587 100644 --- a/strata/armv7lhf-cross-toolchain.morph +++ b/strata/armv7lhf-cross-toolchain.morph @@ -19,8 +19,8 @@ chunks: - name: armv7lhf-cross-gcc-nolibc morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-gcc-nolibc.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - armv7lhf-cross-binutils @@ -37,8 +37,8 @@ chunks: - name: armv7lhf-cross-gcc morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-gcc.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - armv7lhf-cross-binutils - armv7lhf-cross-glibc @@ -46,8 +46,8 @@ chunks: - name: armv7lhf-cross-libstdc++ morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-libstdc++.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - armv7lhf-cross-binutils - armv7lhf-cross-gcc diff --git a/strata/build-essential.morph b/strata/build-essential.morph index 4eb5fdb9..3cb87fa4 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -59,8 +59,8 @@ chunks: - name: stage1-gcc morph: strata/build-essential/stage1-gcc.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - stage1-binutils build-mode: bootstrap @@ -92,8 +92,8 @@ chunks: - name: stage2-libstdc++ morph: strata/build-essential/stage2-libstdc++.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - stage1-binutils - stage1-gcc @@ -118,8 +118,8 @@ chunks: - name: stage2-gcc-fixed-headers morph: strata/build-essential/stage2-gcc-fixed-headers.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - stage1-binutils - stage1-gcc @@ -131,8 +131,8 @@ chunks: - name: stage2-gcc morph: strata/build-essential/stage2-gcc.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: cca9d546d497fac90f862e52c61177ba1daa9a84 + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc build-depends: - stage1-binutils - stage1-gcc @@ -356,8 +356,8 @@ chunks: - name: gcc morph: strata/build-essential/gcc.morph repo: upstream:gcc-tarball - ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 - unpetrify-ref: baserock/build-essential + ref: 7b410925ecc2c60653378a7ff26ce64f4095858c + unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc+docs_fix build-depends: - stage2-binutils - stage2-busybox diff --git a/strata/build-essential/stage2-glibc.morph b/strata/build-essential/stage2-glibc.morph index 9e5e745b..c480c875 100644 --- a/strata/build-essential/stage2-glibc.morph +++ b/strata/build-essential/stage2-glibc.morph @@ -21,6 +21,7 @@ configure-commands: $ARCH_FLAGS \ --build=$(../scripts/config.guess) --host=$TARGET_STAGE1 \ --prefix="$PREFIX" \ + --enable-obsolete-rpc \ `# [1]` --libdir="$PREFIX/lib" \ `# [2]` --with-headers="$(pwd)/../../$PREFIX/include" \ `# [3]` --disable-profile --enable-kernel=2.6.25 \ diff --git a/strata/build-essential/stage2-libstdc++.morph b/strata/build-essential/stage2-libstdc++.morph index 3d89ad85..f9f245c1 100644 --- a/strata/build-essential/stage2-libstdc++.morph +++ b/strata/build-essential/stage2-libstdc++.morph @@ -27,7 +27,7 @@ configure-commands: --disable-multilib \ `# [1]` --disable-libstdcxx-threads \ `# [2]` --disable-libstdcxx-pch \ - `# [3]` --with-gxx-include-dir=/tools/"$TARGET_STAGE1"/include/c++/4.9.2 + `# [3]` --with-gxx-include-dir=/tools/"$TARGET_STAGE1"/include/c++/5.1.0 build-commands: - cd o && make -- cgit v1.2.1 From e6befc339259a9d45295ae25e575a847033ac420 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 29 Apr 2015 09:04:11 +0100 Subject: Use latest morph This includes: e9f13c8 Fix lines bigger than 79 characters in install-essential-files.configure.help c41216a morphlib/builder.py: Add comment, os-release is now generated as an extension ed423dc Add install-essential-files configuration extension 93dd98f distbuild: Fix NameError when worker disconnects 87f8dbe Add version guessing function to gitdir and cached repo. Change-Id: Iaaf548bd6ea05b5fd10a31b4997fed6268d18904 --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 9fdc55e4..3d682729 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -41,7 +41,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: 2594f6d52878ef78d9809c52c7aebbe52434dba9 + ref: e9f13c83996ab2affe237ff800cf872dc229102e unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From f6a466bc2f86521a7f7050c654b7436190412349 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Wed, 29 Apr 2015 18:25:45 +0100 Subject: strata/foundation.morph: Use hash instead tag for libgpg-error Change-Id: I1b6b6117b272633a47b6ec1b48b0758ef47c315a --- strata/foundation.morph | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/strata/foundation.morph b/strata/foundation.morph index 81b2718a..29473e6d 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -36,7 +36,8 @@ chunks: - name: libgpg-error morph: strata/foundation/libgpg-error.morph repo: upstream:libgpg-error - ref: libgpg-error-1.19 + ref: d77c33ae608d67086ea057cca5ddee99a7202f8b + unpetrify-ref: libgpg-error-1.19 - name: libgcrypt repo: upstream:libgcrypt ref: 412eed473b557ed2172d81d76fa1e1f53c973a67 -- cgit v1.2.1 From 704e705654094395b1dfc9eb7b39f776db57e107 Mon Sep 17 00:00:00 2001 From: Mark Doffman Date: Mon, 13 Apr 2015 22:01:43 +0000 Subject: Add neccessary kernel config for google compute engine. Change-Id: Ic51480a7f1e3083bb245393336ecd2fad57fba67 --- strata/bsp-x86_64-generic/linux-x86-64-generic.morph | 3 +++ 1 file changed, 3 insertions(+) diff --git a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph index 31aec686..7364b033 100644 --- a/strata/bsp-x86_64-generic/linux-x86-64-generic.morph +++ b/strata/bsp-x86_64-generic/linux-x86-64-generic.morph @@ -260,6 +260,9 @@ configure-commands: - scripts/config -e SCSI_ISCSI_ATTRS - scripts/config -e ISCSI_TCP - scripts/config -e SCSI_LOWLEVEL +- scripts/config -e SCSI_VIRTIO +- scripts/config -e HYPERVISOR_GUEST +- scripts/config -e PARAVIRT - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1 From 6abe65e89459f3170e7a0abf12d3021a62d3beee Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Wed, 29 Apr 2015 14:03:15 +0000 Subject: Add base systems for armv8l64 and armv8b64 These were previously conspicuous by their absence Change-Id: I425da2784927cdb336b462898d894fd69faec3ce --- systems/base-system-armv8b64.morph | 21 +++++++++++++++++++++ systems/base-system-armv8l64.morph | 21 +++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 systems/base-system-armv8b64.morph create mode 100644 systems/base-system-armv8l64.morph diff --git a/systems/base-system-armv8b64.morph b/systems/base-system-armv8b64.morph new file mode 100644 index 00000000..43de2a01 --- /dev/null +++ b/systems/base-system-armv8b64.morph @@ -0,0 +1,21 @@ +name: base-system-armv8b64 +kind: system +description: The set of strata required to have a minimal + system for big endian 64-bit ARMv8 computers. +arch: armv8b64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-armv8b64-generic + morph: strata/bsp-armv8b64-generic.morph +configuration-extensions: +- set-hostname +- add-config-files +- nfsboot +- install-files +- moonshot-kernel +- install-essential-files diff --git a/systems/base-system-armv8l64.morph b/systems/base-system-armv8l64.morph new file mode 100644 index 00000000..4b28dff4 --- /dev/null +++ b/systems/base-system-armv8l64.morph @@ -0,0 +1,21 @@ +name: base-system-armv8l64 +kind: system +description: The set of strata required to have a minimal + system for little endian 64-bit ARMv8 computers. +arch: armv8l64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-armv8l64-generic + morph: strata/bsp-armv8l64-generic.morph +configuration-extensions: +- set-hostname +- add-config-files +- nfsboot +- install-files +- moonshot-kernel +- install-essential-files -- cgit v1.2.1 From 9cfa80796fcfad9520a77f65cf479e1cdbd3716c Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Thu, 30 Apr 2015 10:17:12 +0000 Subject: Disable werrors in qemu Change-Id: I7336a7233d87c5a7557743a65ab999763fd2d5be --- strata/virtualization/qemu.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/virtualization/qemu.morph b/strata/virtualization/qemu.morph index 17ffbeb6..89067cd2 100644 --- a/strata/virtualization/qemu.morph +++ b/strata/virtualization/qemu.morph @@ -2,4 +2,4 @@ name: qemu kind: chunk build-system: autotools configure-commands: -- ./configure --prefix="$PREFIX" +- ./configure --prefix="$PREFIX" --disable-werror -- cgit v1.2.1 From f8f9da28f93aa0ce767fad3b118085a66a396cb3 Mon Sep 17 00:00:00 2001 From: James Thomas Date: Mon, 27 Apr 2015 14:39:37 +0000 Subject: Upgrade libdrm to 2.4.60 and patch for jetson Jetson support now requires new features not found in mainline yet Change-Id: I3128058e8e821ec00f26877ed42a1c46dcbd12b5 --- strata/libdrm-common.morph | 4 ++-- strata/libdrm-common/drm.morph | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/strata/libdrm-common.morph b/strata/libdrm-common.morph index 0efac1e3..16ef2375 100644 --- a/strata/libdrm-common.morph +++ b/strata/libdrm-common.morph @@ -10,7 +10,7 @@ chunks: - name: drm repo: upstream:drm morph: strata/libdrm-common/drm.morph - ref: d2e0f552467ca11162fe04dfed55de4590280f23 - unpetrify-ref: libdrm-2.4.59 + ref: 5f7b6723e1bed755c230817eea0563bab5b2a8a7 + unpetrify-ref: libdrm-2.4.60 build-depends: - xorg-lib-libpciaccess diff --git a/strata/libdrm-common/drm.morph b/strata/libdrm-common/drm.morph index d1a5381b..a614a831 100644 --- a/strata/libdrm-common/drm.morph +++ b/strata/libdrm-common/drm.morph @@ -1,6 +1,15 @@ name: drm kind: chunk build-system: autotools +pre-configure-commands: + # Tegra requires a new coherent BO attribute, not currently upstream, so + # patch it here + - sed -i '/NOUVEAU_GEM_DOMAIN_MAPPABLE (1 << 3)/a#define NOUVEAU_GEM_DOMAIN_COHERENT (1 << 4)' include/drm/nouveau_drm.h + - | + sed -i '/info->domain |= NOUVEAU_GEM_DOMAIN_MAPPABLE;/a\ + if (bo->flags & NOUVEAU_BO_COHERENT)\ + info->domain |= NOUVEAU_GEM_DOMAIN_COHERENT;' nouveau/abi16.c + - sed -i '/NOUVEAU_BO_NOSNOOP 0x20000000/a#define NOUVEAU_BO_COHERENT 0x10000000' nouveau/nouveau.h configure-commands: - NOCONFIGURE=1 ./autogen.sh - ./configure --prefix="$PREFIX" --enable-tegra-experimental-api --enable-freedreno-experimental-api -- cgit v1.2.1 From 9451f889b0dff37ccb801fb2f24907b2eed84746 Mon Sep 17 00:00:00 2001 From: James Thomas Date: Mon, 27 Apr 2015 14:57:49 +0000 Subject: Add mesa-common-vm and use this for x86_64 systems We're locked at the last version of mesa that allows egl_gallium as we need to be able to use this in a VM, so add a separate run-time mesa for this. At build-time we can use the upgraded mesa Change-Id: I687fa98e12d99816efce2b61561cc8a07aa146f5 --- strata/mesa-common-vm.morph | 12 ++++++++++++ strata/mesa-common/mesa@vm.morph | 12 ++++++++++++ systems/genivi-baseline-system-x86_64-generic.morph | 4 ++-- systems/weston-system-x86_64-generic.morph | 4 ++-- 4 files changed, 28 insertions(+), 4 deletions(-) create mode 100644 strata/mesa-common-vm.morph create mode 100644 strata/mesa-common/mesa@vm.morph diff --git a/strata/mesa-common-vm.morph b/strata/mesa-common-vm.morph new file mode 100644 index 00000000..47394dea --- /dev/null +++ b/strata/mesa-common-vm.morph @@ -0,0 +1,12 @@ +name: mesa-common-vm +kind: stratum +build-depends: +- morph: strata/llvm-common.morph +- morph: strata/libdrm-common.morph +- morph: strata/wayland-generic.morph +chunks: +- name: mesa@vm + morph: strata/mesa-common/mesa@vm.morph + repo: upstream:mesa + ref: f7d157a4f011fd5ace94f55c8674be4b12d86f95 + unpetrify-ref: baserock/mesa-10.3.7-2-gf7d157a/fstat_fix diff --git a/strata/mesa-common/mesa@vm.morph b/strata/mesa-common/mesa@vm.morph new file mode 100644 index 00000000..517b6ba4 --- /dev/null +++ b/strata/mesa-common/mesa@vm.morph @@ -0,0 +1,12 @@ +name: mesa@vm +kind: chunk +build-system: autotools +configure-commands: +- | + ./autogen.sh --prefix="$PREFIX" \ + --enable-gles2 \ + --disable-glx \ + --with-egl-platforms=drm,wayland \ + --with-gallium-drivers="yes" \ + --with-dri-drivers="yes" \ + --enable-gallium-egl diff --git a/systems/genivi-baseline-system-x86_64-generic.morph b/systems/genivi-baseline-system-x86_64-generic.morph index f04485bc..7b339c43 100644 --- a/systems/genivi-baseline-system-x86_64-generic.morph +++ b/systems/genivi-baseline-system-x86_64-generic.morph @@ -33,8 +33,8 @@ strata: morph: strata/input-common.morph - name: llvm-common morph: strata/llvm-common.morph -- name: mesa-common - morph: strata/mesa-common.morph +- name: mesa-common-vm + morph: strata/mesa-common-vm.morph - name: x-common morph: strata/x-common.morph - name: weston-genivi diff --git a/systems/weston-system-x86_64-generic.morph b/systems/weston-system-x86_64-generic.morph index 84f0bad0..6cef12ff 100644 --- a/systems/weston-system-x86_64-generic.morph +++ b/systems/weston-system-x86_64-generic.morph @@ -31,8 +31,8 @@ strata: morph: strata/input-common.morph - name: llvm-common morph: strata/llvm-common.morph -- name: mesa-common - morph: strata/mesa-common.morph +- name: mesa-common-vm + morph: strata/mesa-common-vm.morph - name: weston-common morph: strata/weston-common.morph - name: x-common -- cgit v1.2.1 From 3663de6264df28fa9b6e213a42e8cfafa61b2feb Mon Sep 17 00:00:00 2001 From: James Thomas Date: Mon, 27 Apr 2015 15:00:50 +0000 Subject: Upgrade mesa to latest stable release + jetson specific patches Mesa now depends on python-core, since it requires mako Change-Id: I1d066756fdc57f50f134522a0cce58408bcae17f --- strata/mesa-common.morph | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/strata/mesa-common.morph b/strata/mesa-common.morph index 28c0cef3..ae6567d8 100644 --- a/strata/mesa-common.morph +++ b/strata/mesa-common.morph @@ -4,9 +4,10 @@ build-depends: - morph: strata/llvm-common.morph - morph: strata/libdrm-common.morph - morph: strata/wayland-generic.morph +- morph: strata/python-core.morph chunks: - name: mesa morph: strata/mesa-common/mesa.morph repo: upstream:mesa - ref: f7d157a4f011fd5ace94f55c8674be4b12d86f95 - unpetrify-ref: baserock/mesa-10.3.7-2-gf7d157a/fstat_fix + ref: d4407a29d0c64134999fed83dbbd8707ca449ce7 + unpetrify-ref: baserock/mesa-10.5.4-jetson -- cgit v1.2.1 From bd513d82ecdf0a45c7123a3bac458342b76a12dd Mon Sep 17 00:00:00 2001 From: James Thomas Date: Mon, 27 Apr 2015 16:50:19 +0000 Subject: Upgrade jetson to 4.0 Quite a lot of changes here, new firmware, nouveau platform driver no longer exists as a separate module, and we no longer need the bsp-support to set the scaling governor, as it's ON_DEMAND by default Change-Id: I7ab2b969659702929b9df3bcb1ab7dd6d68f73f4 --- strata/bsp-jetson.morph | 17 ++++++----------- strata/bsp-jetson/linux-firmware-jetson.morph | 11 ++++++++++- strata/bsp-jetson/linux-jetson-tk1.morph | 5 +++++ strata/bsp-jetson/nouveau-drm.morph | 6 +++--- 4 files changed, 24 insertions(+), 15 deletions(-) diff --git a/strata/bsp-jetson.morph b/strata/bsp-jetson.morph index 85ab5ecf..80e61871 100644 --- a/strata/bsp-jetson.morph +++ b/strata/bsp-jetson.morph @@ -27,22 +27,17 @@ chunks: - name: linux-jetson-tk1 morph: strata/bsp-jetson/linux-jetson-tk1.morph repo: upstream:linux - ref: 682c943b0159b1a4105f31020605bf8a0f155ffd - unpetrify-ref: baserock/v3.18-with-cpufreq -- name: bsp-support - morph: strata/bsp-jetson/bsp-support.morph - repo: baserock:baserock/bsp-support - ref: 19bc31ce3198a3c19cdd96d392bde34cb34ed525 - unpetrify-ref: baserock/arm/tegra-3.10 + ref: a6df05fd37874251833bd6f18404cd2efaa62603 + unpetrify-ref: baserock/tegra/4.0-with-cpufreq-gpu - name: nouveau-drm morph: strata/bsp-jetson/nouveau-drm.morph repo: upstream:nouveau - ref: 4d0929aa231a0c2d2b66fa1f8ea1c8fa4d872501 - unpetrify-ref: baserock/jetson/gk20a + ref: 73de0a7758eb447d6157d2ed79c84d1a4e6ca09b + unpetrify-ref: baserock/tegra/4.0 build-depends: - linux-jetson-tk1 - name: linux-firmware-jetson morph: strata/bsp-jetson/linux-firmware-jetson.morph repo: upstream:linux-firmware - ref: 9322ef5b14c78ec28163baa41bff240a0e098810 - unpetrify-ref: baserock/jetson + ref: ff2afc9d9649cab2a1f79b8d4eeb0cc0100a2f85 + unpetrify-ref: baserock/tegra/4.0 diff --git a/strata/bsp-jetson/linux-firmware-jetson.morph b/strata/bsp-jetson/linux-firmware-jetson.morph index c803eab2..e24e7ec7 100644 --- a/strata/bsp-jetson/linux-firmware-jetson.morph +++ b/strata/bsp-jetson/linux-firmware-jetson.morph @@ -2,5 +2,14 @@ name: linux-firmware-jetson kind: chunk install-commands: - install -d "$DESTDIR/lib/firmware/nvidia/tegra124" -- install -m644 nvidia/tegra124/gk20a_ctxsw.bin "$DESTDIR/lib/firmware/nvidia/tegra124" +- install -d "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_fuc409c "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_fuc409d "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_fuc41ac "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_fuc41ad "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_bundle "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_method "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_sw_ctx "$DESTDIR/lib/firmware/nouveau" +- install -m644 nouveau/nvea_sw_nonctx "$DESTDIR/lib/firmware/nouveau" - install -m644 nvidia/tegra124/xusb.bin "$DESTDIR/lib/firmware/nvidia/tegra124" +- install -m644 LICENCE.nvidia "$DESTDIR/lib/firmware" diff --git a/strata/bsp-jetson/linux-jetson-tk1.morph b/strata/bsp-jetson/linux-jetson-tk1.morph index 43972811..073a5a02 100644 --- a/strata/bsp-jetson/linux-jetson-tk1.morph +++ b/strata/bsp-jetson/linux-jetson-tk1.morph @@ -217,6 +217,11 @@ configure-commands: - scripts/config -e SCSI_ISCSI_ATTRS - scripts/config -e ISCSI_TCP - scripts/config -e SCSI_LOWLEVEL +- scripts/config -m DRM_NOUVEAU +- scripts/config -e NOUVEAU_PLATFORM_DRIVER +- scripts/config -e DRM_TEGRA_STAGING +- scripts/config --set-val NOUVEAU_DEBUG 5 +- scripts/config --set-val NOUVEAU_DEBUG_DEFAULT 3 - yes '' | make ARCH=arm oldconfig build-commands: - make $MAKEFLAGS ARCH=arm LOADADDR=0x80200000 zImage dtbs diff --git a/strata/bsp-jetson/nouveau-drm.morph b/strata/bsp-jetson/nouveau-drm.morph index e297a069..33221a70 100644 --- a/strata/bsp-jetson/nouveau-drm.morph +++ b/strata/bsp-jetson/nouveau-drm.morph @@ -1,12 +1,12 @@ name: nouveau-drm kind: chunk build-commands: - - cd drm && make ARCH=arm M=$(pwd) -C /usr/src/linux/ modules + - sed -e 's/.*android\/sync.*/#ifdef CONFIG_SYNC\n&\n#endif/' -i drm/nouveau/nouveau_fence.c + - cd drm/nouveau && make ARCH=arm M=$(pwd) -C /usr/src/linux/ modules install-commands: - - cd drm && make ARCH=arm M="$(pwd)" -C /usr/src/linux/ INSTALL_MOD_PATH="$DESTDIR" modules_install + - cd drm/nouveau && make ARCH=arm M="$(pwd)" -C /usr/src/linux/ INSTALL_MOD_PATH="$DESTDIR" modules_install system-integration: nouveau-drm-misc: 00-earlyconf: - (cd /lib/modules && for version in *; do rm "$version/kernel/drivers/gpu/drm/nouveau/nouveau.ko"; done) - - (cd /lib/modules && for version in *; do rm "$version/kernel/drivers/gpu/drm/nouveau/nouveau_platform.ko"; done) - (cd /lib/modules && for version in *; do depmod -a "$version"; done) -- cgit v1.2.1 From 7826424e10977e2f45e798ab598d58625b325fff Mon Sep 17 00:00:00 2001 From: James Thomas Date: Tue, 28 Apr 2015 14:41:11 +0000 Subject: Upgrade u-boot to latest release We can use mainline u-boot now, however this also requires us to bump dtc Change-Id: I35786072d3ff76b99ec8e6b4b2727b5487434498 --- strata/bsp-jetson.morph | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/strata/bsp-jetson.morph b/strata/bsp-jetson.morph index 80e61871..48d7218c 100644 --- a/strata/bsp-jetson.morph +++ b/strata/bsp-jetson.morph @@ -15,13 +15,13 @@ chunks: - name: device-tree-compiler morph: strata/bsp-jetson/device-tree-compiler.morph repo: upstream:device-tree-compiler - ref: c92f284c3cf76d471eb27a271de3a51cb45ed058 - unpetrify-ref: baserock/morph + ref: 302fca9f4c283e1994cf0a5a9ce1cf43ca15e6d2 + unpetrify-ref: v1.4.1 - name: u-boot@jetson morph: strata/bsp-jetson/u-boot@jetson.morph repo: upstream:u-boot - ref: c77921345b943cdf5f2f28bbe88c6d8970620d2e - unpetrify-ref: baserock/jetson/u-boot-tegra-next + ref: f33cdaa4c3da4a8fd35aa2f9a3172f31cc887b35 + unpetrify-ref: v2015.04 build-depends: - device-tree-compiler - name: linux-jetson-tk1 -- cgit v1.2.1 From 08f0098053afa5985277c8647ea6189bc026ae5d Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 09:21:33 +0000 Subject: openstack: fix typo on neutron-db.yml Change-Id: Id4c7228cfe3f72b0cdb90d66dcdb9da30c5e75c0 --- openstack/usr/share/openstack/neutron-db.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openstack/usr/share/openstack/neutron-db.yml b/openstack/usr/share/openstack/neutron-db.yml index 62340477..91dde6fe 100644 --- a/openstack/usr/share/openstack/neutron-db.yml +++ b/openstack/usr/share/openstack/neutron-db.yml @@ -3,7 +3,7 @@ vars_files: - "/etc/openstack/neutron.conf" tasks: - - name: Create neutron service user in service tenatnt + - name: Create neutron service user in service tenant keystone_user: user: "{{ NEUTRON_SERVICE_USER }}" password: "{{ NEUTRON_SERVICE_PASSWORD }}" -- cgit v1.2.1 From af482a38399c5d29fec245e3de4143cf19491965 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 14:55:36 +0000 Subject: openstack: fix three node cluster documentation Change-Id: I5ff7da209fc7710f508a3d89a32a917c939497cc --- clusters/openstack-three-node-installer.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index 19e51aa1..a368b349 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -11,7 +11,7 @@ description: | Alternatively it may be used to install directly onto a physical disk by running: - morph deploy clusters/openstack-installer.morph \ + morph deploy clusters/openstack-three-node-installer.morph \ network-installer network-installer.location=/dev/vdb Substituting network-installer for either compute-installer or -- cgit v1.2.1 From 0e9bcdbc969214e5c8880c260b1cb83b96b655a3 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 29 Apr 2015 16:08:34 +0000 Subject: openstack: update IP address for one-node cluster To be consistent with the other IP addresses used. Change-Id: Idf47ac2af56ea94575d4c534eefb61d5aa38b411 --- clusters/openstack-two-node-installer.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 2a278550..961f22b1 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -143,7 +143,7 @@ systems: CONTROLLER_HOST_ADDRESS: twonode-controller.os-mgmt MANAGEMENT_INTERFACE_IP_ADDRESS: 10.0.0.1 - HOSTS_SELF: 10.24.1.83 twonode-controller + HOSTS_SELF: 10.0.0.1 twonode-controller HOSTS_CONTROL: 10.0.0.1 twonode-controller.os-mgmt HOSTS_COMPUTE: 10.0.0.3 twonode-compute.os-mgmt EXTERNAL_INTERFACE: enp3s0 -- cgit v1.2.1 From 6dd0128cd1c943a16c38652ac0a8821844771cf7 Mon Sep 17 00:00:00 2001 From: Daniel Firth Date: Sun, 18 Jan 2015 22:26:03 +0000 Subject: Add ocaml chunk, strata and system Change-Id: I7b36e0e1ef55b4146896aaa3dbc9e4f61c4d205e --- strata/ocaml-language.morph | 11 +++++++++++ strata/ocaml/ocaml.morph | 8 ++++++++ systems/ocaml-system-x86_64.morph | 20 ++++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 strata/ocaml-language.morph create mode 100644 strata/ocaml/ocaml.morph create mode 100644 systems/ocaml-system-x86_64.morph diff --git a/strata/ocaml-language.morph b/strata/ocaml-language.morph new file mode 100644 index 00000000..3364763d --- /dev/null +++ b/strata/ocaml-language.morph @@ -0,0 +1,11 @@ +name: ocaml-language +kind: stratum +description: | + OCaml +build-depends: +- morph: strata/core.morph +chunks: +- name: ocaml + morph: strata/ocaml/ocaml.morph + repo: upstream:ocaml + ref: fa7961d5fada53056f38a9ae36615df26352028a diff --git a/strata/ocaml/ocaml.morph b/strata/ocaml/ocaml.morph new file mode 100644 index 00000000..00e36767 --- /dev/null +++ b/strata/ocaml/ocaml.morph @@ -0,0 +1,8 @@ +name: ocaml +kind: chunk +configure-commands: +- ./configure --prefix "$PREFIX" +build-commands: +- make world.opt +install-commands: +- make DESTDIR="$DESTDIR" install diff --git a/systems/ocaml-system-x86_64.morph b/systems/ocaml-system-x86_64.morph new file mode 100644 index 00000000..1903e4d6 --- /dev/null +++ b/systems/ocaml-system-x86_64.morph @@ -0,0 +1,20 @@ +name: ocaml-system-x86_64 +kind: system +description: OCaml base system +arch: x86_64 +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: foundation + morph: strata/foundation.morph +- name: bsp-x86_64-generic + morph: strata/bsp-x86_64-generic.morph +- name: ocaml-language + morph: strata/ocaml-language.morph +configuration-extensions: +- set-hostname +- add-config-files +- nfsboot +- install-files -- cgit v1.2.1 From 3678828f375d309463c4d756a11957a028296d47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Thu, 30 Apr 2015 18:08:42 +0100 Subject: clusters/release: Add the ability for x86_64 images to boot from a USB stick Change-Id: I07fad716d823813e91abb0c3f94dd9cec73b339f --- clusters/release.morph | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/clusters/release.morph b/clusters/release.morph index 57858f52..d0f4ede3 100644 --- a/clusters/release.morph +++ b/clusters/release.morph @@ -29,6 +29,13 @@ systems: type: rawdisk location: build-system-x86_64.img DISK_SIZE: 6G + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + initramfs: + type: initramfs + location: boot/initramfs.gz - morph: systems/build-system-armv7lhf-jetson.morph deploy: build-system-armv7lhf-jetson: @@ -48,6 +55,13 @@ systems: location: genivi-baseline-system-x86_64-generic.img DISK_SIZE: 4G KERNEL_ARGS: vga=788 + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + initramfs: + type: initramfs + location: boot/initramfs.gz - morph: systems/genivi-baseline-system-armv7lhf-jetson.morph deploy: genivi-baseline-system-armv7lhf-jetson: -- cgit v1.2.1 From 1a8ca07ea5b64d6c5ddb044a8d44de4304087e27 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 14:52:01 +0000 Subject: openstack: remove duplicated information in cluster Those variables were already defined somewhere in the cluster, so there is no need to duplicate them. Change-Id: Ia02e93b561f9d33580c45d96d7f01520acf3b678 --- clusters/openstack-three-node-installer.morph | 8 -------- clusters/openstack-two-node-installer.morph | 7 ------- 2 files changed, 15 deletions(-) diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index a368b349..150506d0 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -209,23 +209,15 @@ systems: <<: *stack-node HOSTNAME: threenode-compute - NOVA_VIRT_TYPE: kvm - CINDER_ENABLE_CONTROLLER: False CINDER_ENABLE_COMPUTE: True CINDER_ENABLE_STORAGE: True - CINDER_SERVICE_USER: cinder - CINDER_SERVICE_PASSWORD: veryinsecure - CINDER_DB_USER: cinderDB - CINDER_DB_PASSWORD: veryinsecure - CINDER_DEVICE: /dev/sdb NOVA_ENABLE_COMPUTE: True NEUTRON_ENABLE_AGENT: True NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: False - METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret CEILOMETER_ENABLE_CONTROLLER: False CEILOMETER_ENABLE_COMPUTE: True diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 961f22b1..dd0bfd58 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -167,23 +167,16 @@ systems: <<: *stack-node HOSTNAME: twonode-compute - NOVA_VIRT_TYPE: kvm NOVA_ENABLE_COMPUTE: True NOVA_ENABLE_CONTROLLER: False CINDER_ENABLE_CONTROLLER: False CINDER_ENABLE_COMPUTE: True CINDER_ENABLE_STORAGE: True - CINDER_SERVICE_USER: cinder - CINDER_SERVICE_PASSWORD: veryinsecure - CINDER_DB_USER: cinderDB - CINDER_DB_PASSWORD: veryinsecure - CINDER_DEVICE: /dev/sdb NEUTRON_ENABLE_AGENT: True NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: False - METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret IRONIC_ENABLE_SERVICE: False -- cgit v1.2.1 From c641db63dd75272033e60aade60b46c4f4c7f2ff Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 29 Apr 2015 16:01:27 +0000 Subject: openstack: tidy up cluster morphologies Change-Id: Ide6df1bb9128585973dfc3eec37fd46c5eda7a68 --- clusters/openstack-one-node.morph | 3 +-- clusters/openstack-three-node-installer.morph | 13 +++++++------ clusters/openstack-two-node-installer.morph | 1 + 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index be229084..b2971841 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -55,7 +55,6 @@ systems: CONTROLLER_HOST_ADDRESS: onenode MANAGEMENT_INTERFACE_IP_ADDRESS: - KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 KEYSTONE_ADMIN_PASSWORD: veryinsecure KEYSTONE_DB_USER: keystoneDB @@ -71,7 +70,7 @@ systems: NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: qemu - #NOVA_BAREMETAL_SCHEDULING: no + NOVA_BAREMETAL_SCHEDULING: no CINDER_SERVICE_USER: cinder CINDER_SERVICE_PASSWORD: veryinsecure diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index 150506d0..af293232 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -107,6 +107,7 @@ systems: NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: kvm + NOVA_BAREMETAL_SCHEDULING: no CINDER_ENABLE_CONTROLLER: False CINDER_ENABLE_COMPUTE: False @@ -172,6 +173,10 @@ systems: NOVA_ENABLE_CONTROLLER: True + CINDER_ENABLE_CONTROLLER: True + CINDER_ENABLE_COMPUTE: False + CINDER_ENABLE_STORAGE: False + NEUTRON_ENABLE_AGENT: False NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: True @@ -179,10 +184,6 @@ systems: IRONIC_ENABLE_SERVICE: True - CINDER_ENABLE_CONTROLLER: True - CINDER_ENABLE_COMPUTE: False - CINDER_ENABLE_STORAGE: False - CEILOMETER_ENABLE_CONTROLLER: True CEILOMETER_ENABLE_COMPUTE: False @@ -209,12 +210,12 @@ systems: <<: *stack-node HOSTNAME: threenode-compute + NOVA_ENABLE_COMPUTE: True + CINDER_ENABLE_CONTROLLER: False CINDER_ENABLE_COMPUTE: True CINDER_ENABLE_STORAGE: True - NOVA_ENABLE_COMPUTE: True - NEUTRON_ENABLE_AGENT: True NEUTRON_ENABLE_MANAGER: False NEUTRON_ENABLE_CONTROLLER: False diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index dd0bfd58..7295a534 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -106,6 +106,7 @@ systems: NOVA_DB_USER: novaDB NOVA_DB_PASSWORD: veryinsecure NOVA_VIRT_TYPE: kvm + NOVA_BAREMETAL_SCHEDULING: no CINDER_ENABLE_CONTROLLER: True CINDER_ENABLE_COMPUTE: False -- cgit v1.2.1 From cbbbca7493e907a0670c2cff39d8d341ce2915d8 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 13:12:12 +0000 Subject: openstack: enable keystone only in the controller Change-Id: I43f1cd43645ff8358a1d8d699352438633124038 --- clusters/openstack-one-node.morph | 1 + clusters/openstack-three-node-installer.morph | 3 ++ clusters/openstack-two-node-installer.morph | 3 ++ openstack-keystone.configure | 51 ++++++++++++++++----------- 4 files changed, 38 insertions(+), 20 deletions(-) diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index b2971841..497a0ba4 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -55,6 +55,7 @@ systems: CONTROLLER_HOST_ADDRESS: onenode MANAGEMENT_INTERFACE_IP_ADDRESS: + KEYSTONE_ENABLE_SERVICE: True KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 KEYSTONE_ADMIN_PASSWORD: veryinsecure KEYSTONE_DB_USER: keystoneDB diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index af293232..ff82f20f 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -90,6 +90,7 @@ systems: RABBITMQ_PASSWORD: veryinsecure # This token needs to be unique and secret + KEYSTONE_ENABLE_SERVICE: False KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 KEYSTONE_ADMIN_PASSWORD: veryinsecure KEYSTONE_DB_USER: keystoneDB @@ -171,6 +172,8 @@ systems: <<: *stack-node HOSTNAME: threenode-controller + KEYSTONE_ENABLE_SERVICE: True + NOVA_ENABLE_CONTROLLER: True CINDER_ENABLE_CONTROLLER: True diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 7295a534..93d126bc 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -89,6 +89,7 @@ systems: RABBITMQ_PASSWORD: veryinsecure # This token needs to be unique and secret + KEYSTONE_ENABLE_SERVICE: True KEYSTONE_TEMPORARY_ADMIN_TOKEN: 22f3aa1cf538e3f6d5e8 KEYSTONE_ADMIN_PASSWORD: veryinsecure KEYSTONE_DB_USER: keystoneDB @@ -168,6 +169,8 @@ systems: <<: *stack-node HOSTNAME: twonode-compute + KEYSTONE_ENABLE_SERVICE: False + NOVA_ENABLE_COMPUTE: True NOVA_ENABLE_CONTROLLER: False diff --git a/openstack-keystone.configure b/openstack-keystone.configure index 484a37b5..2a3cc0f7 100644 --- a/openstack-keystone.configure +++ b/openstack-keystone.configure @@ -18,32 +18,37 @@ set -e ROOT="$1" -########################################################################## - -ln -s "/usr/lib/systemd/system/openstack-keystone-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-keystone-setup.service" +enable(){ + ln -sf "/usr/lib/systemd/system/$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" +} -ln -s "/usr/lib/systemd/system/openstack-horizon-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-horizon-setup.service" +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} -ln -s "/usr/lib/systemd/system/postgres-server-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/postgres-server-setup.service" +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} ########################################################################## # Check variables ########################################################################## -if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ - -z "$KEYSTONE_ADMIN_PASSWORD" -a \ - -z "$KEYSTONE_DB_USER" -a \ - -z "$KEYSTONE_DB_PASSWORD" -a \ - -z "$RABBITMQ_HOST" -a \ - -z "$RABBITMQ_PORT" -a \ - -z "$RABBITMQ_USER" -a \ - -z "$RABBITMQ_PASSWORD" -a \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ - -z "$CONTROLLER_HOST_ADDRESS" ]; then - # No Keystone options defined, do nothing. +check_bool KEYSTONE_ENABLE_SERVICE + +if ! "$KEYSTONE_ENABLE_SERVICE"; then exit 0 fi @@ -61,7 +66,6 @@ if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ exit 1 fi - python <<'EOF' import socket import sys @@ -74,6 +78,13 @@ except: sys.exit(1) EOF +###################################### +# Enable relevant openstack services # +###################################### + +enable openstack-keystone-setup +enable openstack-horizon-setup +enable postgres-server-setup ########################################################################## # Generate configuration file -- cgit v1.2.1 From 8768d5d77a1a1b5f65e0856cfa41dc2861590200 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 13:12:28 +0000 Subject: openstack: enable glance only in the controller Change-Id: I506525f48952b1807732fb726aa16f9f33e608d7 --- clusters/openstack-one-node.morph | 1 + clusters/openstack-three-node-installer.morph | 3 ++ clusters/openstack-two-node-installer.morph | 3 ++ openstack-glance.configure | 48 ++++++++++++++++++--------- 4 files changed, 39 insertions(+), 16 deletions(-) diff --git a/clusters/openstack-one-node.morph b/clusters/openstack-one-node.morph index 497a0ba4..037cd23c 100644 --- a/clusters/openstack-one-node.morph +++ b/clusters/openstack-one-node.morph @@ -61,6 +61,7 @@ systems: KEYSTONE_DB_USER: keystoneDB KEYSTONE_DB_PASSWORD: veryinsecure + GLANCE_ENABLE_SERVICE: True GLANCE_SERVICE_USER: glance GLANCE_SERVICE_PASSWORD: veryinsecure GLANCE_DB_USER: glanceDB diff --git a/clusters/openstack-three-node-installer.morph b/clusters/openstack-three-node-installer.morph index ff82f20f..6285217a 100644 --- a/clusters/openstack-three-node-installer.morph +++ b/clusters/openstack-three-node-installer.morph @@ -96,6 +96,7 @@ systems: KEYSTONE_DB_USER: keystoneDB KEYSTONE_DB_PASSWORD: veryinsecure + GLANCE_ENABLE_SERVICE: False GLANCE_SERVICE_USER: glance GLANCE_SERVICE_PASSWORD: veryinsecure GLANCE_DB_USER: glanceDB @@ -174,6 +175,8 @@ systems: KEYSTONE_ENABLE_SERVICE: True + GLANCE_ENABLE_SERVICE: True + NOVA_ENABLE_CONTROLLER: True CINDER_ENABLE_CONTROLLER: True diff --git a/clusters/openstack-two-node-installer.morph b/clusters/openstack-two-node-installer.morph index 93d126bc..f05b0e9b 100644 --- a/clusters/openstack-two-node-installer.morph +++ b/clusters/openstack-two-node-installer.morph @@ -95,6 +95,7 @@ systems: KEYSTONE_DB_USER: keystoneDB KEYSTONE_DB_PASSWORD: veryinsecure + GLANCE_ENABLE_SERVICE: True GLANCE_SERVICE_USER: glance GLANCE_SERVICE_PASSWORD: veryinsecure GLANCE_DB_USER: glanceDB @@ -171,6 +172,8 @@ systems: KEYSTONE_ENABLE_SERVICE: False + GLANCE_ENABLE_SERVICE: False + NOVA_ENABLE_COMPUTE: True NOVA_ENABLE_CONTROLLER: False diff --git a/openstack-glance.configure b/openstack-glance.configure index 44b4d6aa..5da08895 100644 --- a/openstack-glance.configure +++ b/openstack-glance.configure @@ -18,28 +18,38 @@ set -e ROOT="$1" -########################################################################## +enable(){ + ln -sf "/usr/lib/systemd/system/$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" +} + +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} -ln -s "/usr/lib/systemd/system/openstack-glance-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-glance-setup.service" +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} ########################################################################## # Check variables ########################################################################## -if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ - -z "$GLANCE_SERVICE_USER" -a \ - -z "$GLANCE_SERVICE_PASSWORD" -a \ - -z "$GLANCE_DB_USER" -a \ - -z "$GLANCE_DB_PASSWORD" -a \ - -z "$RABBITMQ_HOST" -a \ - -z "$RABBITMQ_PORT" -a \ - -z "$RABBITMQ_USER" -a \ - -z "$RABBITMQ_PASSWORD" -a \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ - -z "$CONTROLLER_HOST_ADDRESS" ]; then - # No Glance options defined, do nothing. - exit 0 +check_bool GLANCE_ENABLE_SERVICE + +if ! "$GLANCE_ENABLE_SERVICE"; then + exit 0 fi if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ @@ -57,6 +67,12 @@ if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ exit 1 fi +###################################### +# Enable relevant openstack services # +###################################### + +enable openstack-glance-setup + ########################################################################## # Generate configuration file ########################################################################## -- cgit v1.2.1 From e015a8314483fdbf67665c304dcb83c661fdd169 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Mon, 27 Apr 2015 12:01:50 +0000 Subject: openstack: improve neutron configuration extension Change-Id: I05e7147ea9577557fe8adbe1c2fc46db33351090 --- openstack-neutron.configure | 83 ++++++++++++++++----------------------------- 1 file changed, 30 insertions(+), 53 deletions(-) diff --git a/openstack-neutron.configure b/openstack-neutron.configure index a0ab6b5f..210222db 100644 --- a/openstack-neutron.configure +++ b/openstack-neutron.configure @@ -23,33 +23,37 @@ enable(){ "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-neutron-$1.service" } -unrecognised_value(){ - eval echo Unrecognised value \$$1 for $1 >&2 +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 exit 1 } +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} ########################################################################## # Check variables ########################################################################## +check_bool NEUTRON_ENABLE_CONTROLLER +check_bool NEUTRON_ENABLE_MANAGER +check_bool NEUTRON_ENABLE_AGENT -if [ -z "$NEUTRON_SERVICE_USER" -a \ - -z "$NEUTRON_SERVICE_PASSWORD" -a \ - -z "$NEUTRON_DB_USER" -a \ - -z "$NEUTRON_DB_PASSWORD" -a \ - -z "$METADATA_PROXY_SHARED_SECRET" -a \ - -z "$NOVA_SERVICE_USER" -a \ - -z "$NOVA_SERVICE_PASSWORD" -a \ - -z "$RABBITMQ_HOST" -a \ - -z "$RABBITMQ_USER" -a \ - -z "$RABBITMQ_PASSWORD" -a \ - -z "$RABBITMQ_PORT" -a \ - -z "$CONTROLLER_HOST_ADDRESS" -a \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ - -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then - # No Neutron options defined, do nothing. - exit 0 +if ! "$NEUTRON_ENABLE_CONTROLLER" && \ + ! "$NEUTRON_ENABLE_MANAGER" && \ + ! "$NEUTRON_ENABLE_AGENT"; then + exit 0 fi if [ -z "$NEUTRON_SERVICE_USER" -o \ @@ -83,52 +87,25 @@ fi # Enable services # ################### -if [ x"${NEUTRON_ENABLE_CONTROLLER=True}" = xTrue -o \ - x"${NEUTRON_ENABLE_MANAGER=True}" = xTrue -o \ - x"${NEUTRON_ENABLE_AGENT=True}" = xTrue ]; then - enable config-setup -fi - -case "${NEUTRON_ENABLE_CONTROLLER}" in -True|yes|y) +if "$NEUTRON_ENABLE_CONTROLLER"; then enable config-setup enable db-setup enable server - ;; -False|no|n|'') - ;; -*) - unrecognised_value NEUTRON_ENABLE_CONTROLLER - ;; -esac - -case "${NEUTRON_ENABLE_MANAGER}" in -True|yes|y) +fi + +if "$NEUTRON_ENABLE_MANAGER"; then enable config-setup enable ovs-cleanup enable dhcp-agent enable l3-agent enable plugin-openvswitch-agent enable metadata-agent - ;; -False|no|n|'') - ;; -*) - unrecognised_value NEUTRON_ENABLE_MANAGER - ;; -esac - -case "${NEUTRON_ENABLE_AGENT}" in -True|yes|y) +fi + +if "$NEUTRON_ENABLE_AGENT"; then enable config-setup enable plugin-openvswitch-agent - ;; -False|no|n|'') - ;; -*) - unrecognised_value NEUTRON_ENABLE_AGENT - ;; -esac +fi ########################################################################## # Generate config variable shell snippet -- cgit v1.2.1 From 238cc03efc245e3ced3aca4c7280385365e1ac6d Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 12:59:30 +0000 Subject: openstack: improve cinder configuration extension Change-Id: I709085e7ca489510196cb6ea8c0502cdd34ff3a0 --- openstack-cinder.configure | 64 +++++++++++++++++++--------------------------- 1 file changed, 26 insertions(+), 38 deletions(-) diff --git a/openstack-cinder.configure b/openstack-cinder.configure index 1eeb25bd..4c32e11a 100644 --- a/openstack-cinder.configure +++ b/openstack-cinder.configure @@ -23,44 +23,6 @@ enable(){ "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" } -########################################################################## -# Check variables -########################################################################## - -if [ -z "$RABBITMQ_HOST" -a \ - -z "$RABBITMQ_PORT" -a \ - -z "$RABBITMQ_USER" -a \ - -z "$RABBITMQ_PASSWORD" -a \ - -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ - -z "$CINDER_DB_USER" -a \ - -z "$CINDER_DB_PASSWORD" -a \ - -z "$CONTROLLER_HOST_ADDRESS" -a \ - -z "$CINDER_SERVICE_USER" -a \ - -z "$CINDER_SERVICE_PASSWORD" -a \ - -z "$CINDER_DEVICE" -a \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then - # No Cinder options defined, do nothing. - exit 0 -fi - -if [ -z "$RABBITMQ_HOST" -o \ - -z "$RABBITMQ_PORT" -o \ - -z "$RABBITMQ_USER" -o \ - -z "$RABBITMQ_PASSWORD" -o \ - -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ - -z "$CINDER_DB_USER" -o \ - -z "$CINDER_DB_PASSWORD" -o \ - -z "$CONTROLLER_HOST_ADDRESS" -o \ - -z "$CINDER_SERVICE_USER" -o \ - -z "$CINDER_SERVICE_PASSWORD" -o \ - -z "$CINDER_DEVICE" -o \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then - echo Some options required for Cinder were defined, but not all. - exit 1 -fi - -# Check optional variables - unnaceptable(){ eval echo Unexpected value \$$1 for $1 >&2 exit 1 @@ -80,10 +42,36 @@ check_bool(){ esac } +########################################################################## +# Check variables +########################################################################## + check_bool CINDER_ENABLE_CONTROLLER check_bool CINDER_ENABLE_COMPUTE check_bool CINDER_ENABLE_STORAGE +if ! "$CINDER_ENABLE_CONTROLLER" && \ + ! "$CINDER_ENABLE_COMPUTE" && \ + ! "$CINDER_ENABLE_STORAGE"; then + exit 0 +fi + +if [ -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$CINDER_DB_USER" -o \ + -z "$CINDER_DB_PASSWORD" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$CINDER_SERVICE_USER" -o \ + -z "$CINDER_SERVICE_PASSWORD" -o \ + -z "$CINDER_DEVICE" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" ]; then + echo Some options required for Cinder were defined, but not all. + exit 1 +fi + ###################################### # Enable relevant openstack services # ###################################### -- cgit v1.2.1 From bce3046097b9f0b760225f28d5b268b006124145 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 13:02:16 +0000 Subject: openstack: improve nova configuration extension Change-Id: Ibc0b20feb13848d73dbc2ce5836efe565bc3381b --- openstack-nova.configure | 68 ++++++++++++++++++------------------------------ 1 file changed, 25 insertions(+), 43 deletions(-) diff --git a/openstack-nova.configure b/openstack-nova.configure index 4e30d93a..213f1852 100644 --- a/openstack-nova.configure +++ b/openstack-nova.configure @@ -23,29 +23,35 @@ enable(){ "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-$1.service" } +unnaceptable(){ + eval echo Unexpected value \$$1 for $1 >&2 + exit 1 +} + +check_bool(){ + case "$(eval echo \"\$$1\")" in + True|'') + eval "$1=true" + ;; + False) + eval "$1=false" + ;; + *) + unnaceptable "$1" + ;; + esac +} + ########################################################################## # Check variables ########################################################################## -if [ -z "$NOVA_SERVICE_USER" -a \ - -z "$NOVA_SERVICE_PASSWORD" -a \ - -z "$NOVA_DB_USER" -a \ - -z "$NOVA_DB_PASSWORD" -a \ - -z "$NOVA_VIRT_TYPE" -a \ - -z "$NEUTRON_SERVICE_USER" -a \ - -z "$NEUTRON_SERVICE_PASSWORD" -a \ - -z "$IRONIC_SERVICE_USER" -a \ - -z "$IRONIC_SERVICE_PASSWORD" -a \ - -z "$METADATA_PROXY_SHARED_SECRET" -a \ - -z "$RABBITMQ_HOST" -a \ - -z "$RABBITMQ_USER" -a \ - -z "$RABBITMQ_PASSWORD" -a \ - -z "$RABBITMQ_PORT" -a \ - -z "$CONTROLLER_HOST_ADDRESS" -a \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ - -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then - # No NOVA options defined, do nothing. - exit 0 +check_bool NOVA_ENABLE_CONTROLLER +check_bool NOVA_ENABLE_COMPUTE + +if ! "$NOVA_ENABLE_CONTROLLER" && \ + ! "$NOVA_ENABLE_COMPUTE"; then + exit 0 fi if [ -z "$NOVA_SERVICE_USER" -o \ @@ -69,30 +75,6 @@ if [ -z "$NOVA_SERVICE_USER" -o \ exit 1 fi -# Check optional variables - -unnaceptable(){ - eval echo Unexpected value \$$1 for $1 >&2 - exit 1 -} - -check_bool(){ - case "$(eval echo \"\$$1\")" in - True|'') - eval "$1=true" - ;; - False) - eval "$1=false" - ;; - *) - unnaceptable "$1" - ;; - esac -} - -check_bool NOVA_ENABLE_CONTROLLER -check_bool NOVA_ENABLE_COMPUTE - ############################################### # Enable libvirtd and libvirt-guests services # ############################################### -- cgit v1.2.1 From 05a6672c81c56d4c73a77582bc30d104ccece8aa Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 13:04:39 +0000 Subject: openstack: improve ceilometer configuration extension Change-Id: Ie14289e4fe23979d6d0d3f65658c0b48f0b1de18 --- openstack-ceilometer.configure | 58 ++++++++++++++++++------------------------ 1 file changed, 25 insertions(+), 33 deletions(-) diff --git a/openstack-ceilometer.configure b/openstack-ceilometer.configure index 0f51667e..9c0b7b6d 100644 --- a/openstack-ceilometer.configure +++ b/openstack-ceilometer.configure @@ -19,44 +19,11 @@ set -e ROOT="$1" -########################################################################## - enable(){ ln -sf "/usr/lib/systemd/system/$1.service" \ "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" } -########################################################################## -# Check variables -########################################################################## - -if [ -z "$CEILOMETER_SERVICE_USER" -a \ - -z "$CEILOMETER_SERVICE_PASSWORD" -a \ - -z "$CEILOMETER_DB_USER" -a \ - -z "$CEILOMETER_DB_PASSWORD" -a \ - -z "$METERING_SECRET" ]; then - # No Ceilometer options defined, do nothing. - exit 0 -fi - -if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ - -z "$CEILOMETER_SERVICE_USER" -o \ - -z "$CEILOMETER_SERVICE_PASSWORD" -o \ - -z "$CEILOMETER_DB_USER" -o \ - -z "$CEILOMETER_DB_PASSWORD" -o \ - -z "$METERING_SECRET" -o \ - -z "$RABBITMQ_HOST" -o \ - -z "$RABBITMQ_PORT" -o \ - -z "$RABBITMQ_USER" -o \ - -z "$RABBITMQ_PASSWORD" -o \ - -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ - -z "$CONTROLLER_HOST_ADDRESS" ]; then - echo Some options required for Ceilometer were defined, but not all. - exit 1 -fi - -# Check optional variables - unnaceptable(){ eval echo Unexpected value \$$1 for $1 >&2 exit 1 @@ -76,9 +43,34 @@ check_bool(){ esac } +########################################################################## +# Check variables +########################################################################## + check_bool CEILOMETER_ENABLE_CONTROLLER check_bool CEILOMETER_ENABLE_COMPUTE +if ! "$CEILOMETER_ENABLE_CONTROLLER" && \ + ! "$CEILOMETER_ENABLE_COMPUTE"; then + exit 0 +fi + +if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$CEILOMETER_SERVICE_USER" -o \ + -z "$CEILOMETER_SERVICE_PASSWORD" -o \ + -z "$CEILOMETER_DB_USER" -o \ + -z "$CEILOMETER_DB_PASSWORD" -o \ + -z "$METERING_SECRET" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$CONTROLLER_HOST_ADDRESS" ]; then + echo Some options required for Ceilometer were defined, but not all. + exit 1 +fi + ###################################### # Enable relevant openstack services # ###################################### -- cgit v1.2.1 From 55496bf01f072f9b45e9ec7733c4bf02080bb3a0 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Thu, 30 Apr 2015 11:51:34 +0300 Subject: distbuild: Disable strict SSH host key checking Although we scan the keys of the Trove, we can only do this for the exact hostname specified in TROVE_HOST. If the definitions being built point to repos in the Trove using an SSH URL but with a different hostname (e.g. as an IP address, or a differently qualified hostname) then the distbuild will fail with a fairly opaque error: ERROR: Build of xx failed: ERROR: Failed to update cached version of repo ssh://git@.../xxx Currently we expect distbuild to be deployed on a trusted private network, so this change doesn't make it less secure. However, it would be a problem in future if we want distbuild networks connecting to their Trove across a public, untrusted network. Change-Id: I6cf8b318cab8985e811b5ee5ac29df225b62270d --- distbuild/usr/lib/distbuild-setup/ansible/distbuild-setup.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/distbuild/usr/lib/distbuild-setup/ansible/distbuild-setup.yml b/distbuild/usr/lib/distbuild-setup/ansible/distbuild-setup.yml index e4f94f54..c3074c63 100644 --- a/distbuild/usr/lib/distbuild-setup/ansible/distbuild-setup.yml +++ b/distbuild/usr/lib/distbuild-setup/ansible/distbuild-setup.yml @@ -64,6 +64,16 @@ fi creates=/etc/ssh/ssh_known_hosts + # This is a kludge. We can add the host key for the TROVE_HOST that was + # specified, but users may access the Trove by other names, e.g. IP address + # or domain name. Distbuild is currently not safe to run except on a private + # network where host key checking is not important, so we disable it by + # default to avoid errors when users don't stick to using the exact same + # TROVE_HOST in repo URLs. + - name: Disable strict SSH host key checking + lineinfile: + dest: /etc/ssh/ssh_config + line: StrictHostKeyChecking no - name: Enable the morph-cache-server service service: name=morph-cache-server.service enabled=yes -- cgit v1.2.1 From fd85a8d8fd618b25582c1814481c0a76f86492be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Thu, 30 Apr 2015 17:59:08 +0100 Subject: clusters/weston-system-x86_64-generic-deploy: Add ability to boot from USB Change-Id: I312071ee1ff2d705af095ddff2b5db50b302d4af --- clusters/weston-system-x86_64-generic-deploy.morph | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/clusters/weston-system-x86_64-generic-deploy.morph b/clusters/weston-system-x86_64-generic-deploy.morph index ac63a93a..3a6f29ef 100644 --- a/clusters/weston-system-x86_64-generic-deploy.morph +++ b/clusters/weston-system-x86_64-generic-deploy.morph @@ -1,7 +1,11 @@ -name: release +name: weston-system-x86_64-generic-deploy kind: cluster description: | Deploy a stock weston system. + + The resulting image can be copied to a USB and booted from there, + as well as in a virtual machine. + systems: - morph: systems/weston-system-x86_64-generic.morph deploy: @@ -10,3 +14,10 @@ systems: location: /weston-system-x86_64-generic.img DISK_SIZE: 4G KERNEL_ARGS: vga=788 + INITRAMFS_PATH: boot/initramfs.gz + subsystems: + - morph: systems/initramfs-x86_64.morph + deploy: + initramfs: + type: initramfs + location: boot/initramfs.gz -- cgit v1.2.1 From e923ce37fe1e5e822eaf87558195e90c07c6129c Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 15:30:37 +0000 Subject: openstack: improve network configuration extension Also ensure that the /etc/openstack directory exists. Change-Id: I633cf3e9add94ff1d9622062e55b4d15db541cbf --- openstack-network.configure | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/openstack-network.configure b/openstack-network.configure index a4d43a6a..10be5a1c 100644 --- a/openstack-network.configure +++ b/openstack-network.configure @@ -18,13 +18,26 @@ set -e ROOT="$1" -ln -sf "/usr/lib/systemd/system/openvswitch-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openvswitch-setup.service" +enable(){ + ln -sf "/usr/lib/systemd/system/$1.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/$1.service" +} -ln -sf "/usr/lib/systemd/system/openstack-network-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-network-setup.service" +################### +# Enable services # +################### -python <<'EOF' >"$ROOT/etc/openstack/network.conf" +enable openvswitch-setup +enable openstack-network-setup + +########################################################################## +# Generate config variable shell snippet +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/network.conf" import os, sys, yaml network_configuration = {} -- cgit v1.2.1 From 5afd260b75077ef440accf7baf2354dbb47f929c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 21 Apr 2015 15:01:30 +0100 Subject: cluster/ci: Add genivi systems to the ci So our released systems are being tested in the ci Change-Id: Iced5b662a90d4586a13738f03471f8598058128a --- clusters/ci.morph | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/clusters/ci.morph b/clusters/ci.morph index dd146eae..cb56328c 100644 --- a/clusters/ci.morph +++ b/clusters/ci.morph @@ -49,6 +49,25 @@ systems: BOOTLOADER_CONFIG_FORMAT: "extlinux" BOOTLOADER_INSTALL: "none" KERNEL_ARGS: cma=256M console=tty0 console=ttyS0,115200n8 no_console_suspend=1 nouveau.pstate=1 +- morph: systems/genivi-baseline-system-x86_64-generic.morph + deploy: + genivi-baseline-system-x86_64-generic: + type: rawdisk + location: genivi-baseline-system-x86_64-generic.img + DISK_SIZE: 4G + KERNEL_ARGS: vga=788 +- morph: systems/genivi-baseline-system-armv7lhf-jetson.morph + deploy: + genivi-baseline-system-armv7lhf-jetson: + type: rawdisk + location: genivi-baseline-system-armv7lhf-jetson.img + DISK_SIZE: 4G + BOOT_DEVICE: "/dev/mmcblk0p1" + ROOT_DEVICE: "/dev/mmcblk0p2" + DTB_PATH: "boot/tegra124-jetson-tk1.dtb" + BOOTLOADER_CONFIG_FORMAT: "extlinux" + BOOTLOADER_INSTALL: "none" + KERNEL_ARGS: cma=256M console=tty0 console=ttyS0,115200n8 no_console_suspend=1 nouveau.pstate=1 - morph: systems/openstack-system-x86_64.morph deploy: openstack-system-x86_64: -- cgit v1.2.1 From e59372229e39549a97b8929208c5705ad827db99 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 1 May 2015 13:25:01 +0000 Subject: clusters/release.morph: Use unique names for deployment names Change-Id: I5ee7098ab77ceb408b3dff5aa8d6dd89dea03db2 --- clusters/release.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clusters/release.morph b/clusters/release.morph index d0f4ede3..c5bfffca 100644 --- a/clusters/release.morph +++ b/clusters/release.morph @@ -33,7 +33,7 @@ systems: subsystems: - morph: systems/initramfs-x86_64.morph deploy: - initramfs: + initramfs-build-system-x86_64: type: initramfs location: boot/initramfs.gz - morph: systems/build-system-armv7lhf-jetson.morph @@ -59,7 +59,7 @@ systems: subsystems: - morph: systems/initramfs-x86_64.morph deploy: - initramfs: + initramfs-genivi-baseline-system-x86_64-generic: type: initramfs location: boot/initramfs.gz - morph: systems/genivi-baseline-system-armv7lhf-jetson.morph -- cgit v1.2.1 From 763a7efb36818224e514b3d58262b26317ac80ed Mon Sep 17 00:00:00 2001 From: Edward Cragg Date: Thu, 30 Apr 2015 17:37:32 +0100 Subject: Fix syntax errors in armv8 base system definitions Change-Id: I74ce7ee1fe268359493750c452c2b6f699e99636 --- systems/base-system-armv8b64.morph | 3 ++- systems/base-system-armv8l64.morph | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/systems/base-system-armv8b64.morph b/systems/base-system-armv8b64.morph index 43de2a01..49e7dac7 100644 --- a/systems/base-system-armv8b64.morph +++ b/systems/base-system-armv8b64.morph @@ -1,6 +1,7 @@ name: base-system-armv8b64 kind: system -description: The set of strata required to have a minimal +description: | + The set of strata required to have a minimal system for big endian 64-bit ARMv8 computers. arch: armv8b64 strata: diff --git a/systems/base-system-armv8l64.morph b/systems/base-system-armv8l64.morph index 4b28dff4..560add69 100644 --- a/systems/base-system-armv8l64.morph +++ b/systems/base-system-armv8l64.morph @@ -1,6 +1,7 @@ name: base-system-armv8l64 kind: system -description: The set of strata required to have a minimal +description: | + The set of strata required to have a minimal system for little endian 64-bit ARMv8 computers. arch: armv8l64 strata: -- cgit v1.2.1 From 573fc7780fe411b36f8b14101babc68cb4f61df7 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Tue, 28 Apr 2015 17:05:30 +0000 Subject: Create test-tools stratum Move the test tools and frameworks from zookeper and openstack to it, but tempest because it is explicit for openstack. Move some python packages to python-common because they are shared by various strata. Change-Id: I51be08946572fd76075261f88fbe365a7049f286 --- strata/openstack-services.morph | 144 +------------------------------- strata/openstack-services/subunit.morph | 3 - strata/python-common.morph | 12 +++ strata/test-tools.morph | 113 +++++++++++++++++++++++++ strata/test-tools/subunit.morph | 3 + strata/zookeeper.morph | 5 +- systems/openstack-system-x86_64.morph | 2 + systems/zookeeper-client-x86_64.morph | 2 + systems/zookeeper-server-x86_64.morph | 2 + 9 files changed, 136 insertions(+), 150 deletions(-) delete mode 100644 strata/openstack-services/subunit.morph create mode 100644 strata/test-tools.morph create mode 100644 strata/test-tools/subunit.morph diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index aa73fa33..7e9e9032 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -6,6 +6,7 @@ build-depends: - morph: strata/django.morph - morph: strata/xstatic.morph - morph: strata/openstack-clients.morph +- morph: strata/test-tools.morph chunks: - name: rabbitmq-codegen morph: strata/openstack-services/rabbitmq-codegen.morph @@ -23,18 +24,6 @@ chunks: repo: upstream:openstack/oslo-rootwrap ref: 62d732277de5cf663172eafe6d3a6c149a9cf814 unpetrify-ref: master -- name: check - repo: upstream:check - ref: 8c872aca6675e95fa47e7514e28fbdf25fce6170 - unpetrify-ref: 0.9.8 -- name: cppunit - repo: upstream:cppunit - ref: 8133cf2b977f013216f0a41b6fcb740410d83926 - unpetrify-ref: 1.13.2 -- name: webob - repo: upstream:python-packages/webob - ref: ae0ac90f22f9e1ff351e445f92330efd89195f51 - unpetrify-ref: 1.4 - name: greenlet ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 unpetrify-ref: 0.4.5 @@ -100,14 +89,6 @@ chunks: repo: upstream:python-packages/creole ref: 6390231688adb5d8678a71cd33204e9bca555d4a unpetrify-ref: v1.2.1 -- name: mock - repo: upstream:python-packages/mock - ref: 35b35f7ad239005a950f870af57b44dbdc99d66b - unpetrify-ref: master -- name: nose - repo: upstream:python-packages/nose - ref: 08d134270b035dac3310cd877bb0fe9ab678303a - unpetrify-ref: release_1.3.4 - name: pygments repo: upstream:python-packages/pygments ref: f41e8c594e76855611b3b3dfca300894bd29f1c4 @@ -244,61 +225,14 @@ chunks: unpetrify-ref: baserock/v0.6.0 build-depends: - numpy -- name: python-mimeparse - repo: upstream:python-packages/python-mimeparse.git - ref: 2d600d3fc4a386af69d20fba433843b4df2b3c92 - unpetrify-ref: master - name: httplib2 ref: 058a1f9448d5c27c23772796f83a596caf9188e6 unpetrify-ref: v0.9 repo: upstream:python-packages/httplib2 -- name: extras - repo: upstream:python-packages/python-test-extras.git - ref: cdeb596f01241e9c779332e86f6edcd0c2e8e9f0 - unpetrify-ref: master -- name: testtools - repo: upstream:python-packages/testtools - ref: ee9946228ce5a03a84cf146027de0a8a9a46c4fe - unpetrify-ref: testools-1.1.0 - build-depends: - - extras - - python-mimeparse -- name: fixtures - repo: upstream:python-packages/fixtures - ref: 9f9d89ce718463b24cd3910b9a99efb60b3c9e1b - unpetrify-ref: 0.3.16 - build-depends: - - testtools -- name: subunit - morph: strata/openstack-services/subunit.morph - repo: upstream:python-packages/subunit - ref: e18ffe65a3229d5c1d91be988405d40219db0887 - unpetrify-ref: 0.0.21 - build-depends: - - extras - - testtools - - check - - cppunit -- name: testrepository - repo: upstream:python-packages/testrepository - ref: 6419a3dcaabaf09eaf438c6d8d85c90eba7a2b91 - unpetrify-ref: 0.0.19 - build-depends: - - fixtures - - subunit - - testtools - name: suds repo: upstream:python-packages/suds ref: badd30a87f676d632d7386b05401e6029a5df83c unpetrify-ref: release-0.3.2 -- name: testscenarios - repo: upstream:python-packages/testscenarios - ref: 475857af19a8190c9c0c7f8241b9907b942e19fd - unpetrify-ref: trunk -- name: mox - repo: upstream:python-packages/mox - ref: 160491d0384285698d726b1af21277f336107f51 - unpetrify-ref: master - name: jsonrpclib repo: upstream:python-packages/jsonrpclib ref: 53c8ffcfe4dd1718086cc551dce8ac459e8abc67 @@ -337,22 +271,6 @@ chunks: build-depends: - ply - python-decorator -- name: waitress - repo: upstream:python-packages/waitress.git - ref: b795d573a5a9e6e39b46a6e82da367a6a5db8dbd - unpetrify-ref: 0.8.9 -- name: beautifulsoup4 - repo: upstream:python-packages/beautifulsoup4.git - ref: bcd7af0e9159d97aa511fb2d879424d1c1c5aadf - unpetrify-ref: trunk -- name: webtest - repo: upstream:python-packages/webtest.git - ref: 6a24fba456d1c4ac2609b90f1fdc377c595608a4 - unpetrify-ref: 2.0.16 - build-depends: - - webob - - waitress - - beautifulsoup4 - name: logutils repo: upstream:python-packages/logutils.git ref: 095f14efbaaf838b7772bffd36a466abb9668efe @@ -362,8 +280,6 @@ chunks: ref: c7f241fd6bb8a0b10e02b8b43aaf1810c312cfbf unpetrify-ref: 0.8.0 build-depends: - - webob - - webtest - logutils - name: croniter repo: upstream:python-packages/croniter @@ -396,7 +312,6 @@ chunks: build-depends: - ipaddr-py - simplegeneric-tarball - - webob - name: pysnmp repo: upstream:python-packages/pysnmp ref: 1b377afeaf9ee96ab1d48aeebb2b7a6d65a4ac9d @@ -450,8 +365,6 @@ chunks: - docutils - creole - pycco - - mock - - nose - sphinx - pyjwt - name: happybase @@ -464,20 +377,6 @@ chunks: repo: upstream:python-packages/osprofiler ref: bbe39b517263017c9db56ae1d904d08846eacff7 unpetrify-ref: 0.3.0 - build-depends: - - webob -- name: oslotest - repo: upstream:openstack/oslotest - ref: cfdb562a6e07728570ca624a8c4faf3f5b61423b - unpetrify-ref: 1.2.0 - build-depends: - - fixtures - - subunit - - testrepository - - testscenarios - - testtools - - mock - - mox - name: pycadf repo: upstream:python-packages/pycadf ref: 52727bcea3a98e72331e748ce5f9e3a111a64cd1 @@ -485,7 +384,6 @@ chunks: build-depends: - oslo-messaging - posix-ipc-tarball - - webob - name: python-xattr morph: strata/openstack-services/python-xattr.morph repo: upstream:python-packages/xattr @@ -495,8 +393,6 @@ chunks: repo: upstream:openstack/keystonemiddleware ref: a7beb50b38be5c3dd4c44d68ad79d1bb206dab6b unpetrify-ref: 1.2.0 - build-depends: - - webob - name: oslo-db repo: upstream:openstack/oslo-db ref: 0bb1e236daae53a3f5b4b88761d7b19f7961ed6c @@ -522,7 +418,6 @@ chunks: - eventlet - pastedeploy - routes - - webob - boto - sqlalchemy-migrate - httplib2 @@ -545,7 +440,6 @@ chunks: ref: 615f79bb97883eee76923527cea13c2f72baa7ff unpetrify-ref: 2014.2.1 build-depends: - - webob - eventlet - greenlet - pastedeploy @@ -578,7 +472,6 @@ chunks: - jsonrpclib - keystonemiddleware - sqlalchemy - - webob - alembic - oslo-db - oslo-messaging @@ -640,7 +533,6 @@ chunks: - keystonemiddleware - kombu - routes - - webob - greenlet - pastedeploy - paste @@ -679,25 +571,11 @@ chunks: - sqlalchemy - sqlalchemy-migrate - suds - - webob - wsgiref -- name: kazoo - repo: upstream:python-packages/kazoo.git - ref: 93a718ea4c20df797766742c3d74de281613c651 - unpretrify-ref: 2.0 - name: pymemcache repo: upstream:python-packages/pymemcache.git ref: 3824d3b0bcdea3e8d0c08598bedfce10fd3c79e0 unpetrify-ref: master - build-depends: - - nose -- name: zake - repo: upstream:python-packages/zake.git - ref: 13b92d9db4ad37d9550ef5c5abd323a2530a1e72 - unpetrify-ref: master - build-depends: - - kazoo - - testtools - name: sysv_ipc-tarball repo: upstream:python-packages/sysv-ipc-tarball.git ref: a77e3a63f004e6ee789fa05e4a5bbc333b1529f1 @@ -707,9 +585,7 @@ chunks: ref: a90940a506b7c1bf52ef7d2f2ff52204fdcc6221 unpetrify-ref: 0.7 build-depends: - - kazoo - pymemcache - - zake - sysv_ipc-tarball - msgpack-python - retrying @@ -739,7 +615,6 @@ chunks: - sqlalchemy - sqlalchemy-migrate - tooz - - webob - wsme - name: django-openstack-auth repo: upstream:openstack/django_openstack_auth @@ -766,23 +641,6 @@ chunks: repo: upstream:python-packages/pyserial ref: bcfc1ec2fdb9a8c9c867481d7673e85fe512e667 unpetrify-ref: release2_7 -- name: testresources - repo: upstream:python-packages/testresources - ref: ef938bcce0e436f9e9ffef932a898dc248a1d6ea - unpetrify-ref: 0.2.7 - build-depends: - - testtools - - fixtures - - check - - cppunit -- name: mox3 - repo: upstream:python-packages/pymox - ref: 444fa40f4edb529efbffa2da8dbd97e9b8564b5c - unpetrify-ref: master -- name: mocker - repo: upstream:python-packages/mocker - ref: f7f87e4ac1c52342162cf2035f5fe3d273f8b07f - unpetrify-ref: master - name: tempest morph: strata/openstack-services/tempest.morph repo: upstream:openstack/tempest.git diff --git a/strata/openstack-services/subunit.morph b/strata/openstack-services/subunit.morph deleted file mode 100644 index b7b43a39..00000000 --- a/strata/openstack-services/subunit.morph +++ /dev/null @@ -1,3 +0,0 @@ -name: python-subunit -kind: chunk -build-system: autotools diff --git a/strata/python-common.morph b/strata/python-common.morph index 96d65330..affbb7f0 100644 --- a/strata/python-common.morph +++ b/strata/python-common.morph @@ -48,3 +48,15 @@ chunks: repo: upstream:configobj-git ref: 9d2aab01c77dce600b296ba9da1163cc0bbc14e0 unpetrify-ref: v5.0.6 +- name: python-mimeparse + repo: upstream:python-packages/python-mimeparse.git + ref: 2d600d3fc4a386af69d20fba433843b4df2b3c92 + unpetrify-ref: master +- name: kazoo + repo: upstream:python-packages/kazoo.git + ref: 93a718ea4c20df797766742c3d74de281613c651 + unpretrify-ref: 2.0 +- name: webob + repo: upstream:python-packages/webob + ref: ae0ac90f22f9e1ff351e445f92330efd89195f51 + unpetrify-ref: 1.4 diff --git a/strata/test-tools.morph b/strata/test-tools.morph new file mode 100644 index 00000000..6826c963 --- /dev/null +++ b/strata/test-tools.morph @@ -0,0 +1,113 @@ +name: test-tools +kind: stratum +description: Tools and frameworks used for testing +build-depends: +- morph: strata/python-common.morph +chunks: +- name: python-test-extras + repo: upstream:python-packages/python-test-extras.git + ref: cdeb596f01241e9c779332e86f6edcd0c2e8e9f0 + unpetrify-ref: master +- name: check + repo: upstream:check + ref: 8c872aca6675e95fa47e7514e28fbdf25fce6170 + unpetrify-ref: 0.9.8 +- name: cppunit + repo: upstream:cppunit + ref: 8133cf2b977f013216f0a41b6fcb740410d83926 + unpetrify-ref: 1.13.2 +- name: testtools + repo: upstream:python-packages/testtools + ref: ee9946228ce5a03a84cf146027de0a8a9a46c4fe + unpetrify-ref: testools-1.1.0 + build-depends: + - python-test-extras +- name: subunit + morph: strata/test-tools/subunit.morph + repo: upstream:python-packages/subunit + ref: e18ffe65a3229d5c1d91be988405d40219db0887 + unpetrify-ref: 0.0.21 + build-depends: + - python-test-extras + - testtools + - check + - cppunit +- name: fixtures + repo: upstream:python-packages/fixtures + ref: 9f9d89ce718463b24cd3910b9a99efb60b3c9e1b + unpetrify-ref: 0.3.16 + build-depends: + - testtools +- name: testrepository + repo: upstream:python-packages/testrepository + ref: 6419a3dcaabaf09eaf438c6d8d85c90eba7a2b91 + unpetrify-ref: 0.0.19 + build-depends: + - fixtures + - subunit + - testtools +- name: testscenarios + repo: upstream:python-packages/testscenarios + ref: 475857af19a8190c9c0c7f8241b9907b942e19fd + unpetrify-ref: trunk +- name: mox + repo: upstream:python-packages/mox + ref: 160491d0384285698d726b1af21277f336107f51 + unpetrify-ref: master +- name: mock + repo: upstream:python-packages/mock + ref: 35b35f7ad239005a950f870af57b44dbdc99d66b + unpetrify-ref: master +- name: oslotest + repo: upstream:openstack/oslotest + ref: cfdb562a6e07728570ca624a8c4faf3f5b61423b + unpetrify-ref: 1.2.0 + build-depends: + - fixtures + - subunit + - testrepository + - testscenarios + - testtools + - mock + - mox +- name: mox3 + repo: upstream:python-packages/pymox + ref: 444fa40f4edb529efbffa2da8dbd97e9b8564b5c + unpetrify-ref: master +- name: mocker + repo: upstream:python-packages/mocker + ref: f7f87e4ac1c52342162cf2035f5fe3d273f8b07f + unpetrify-ref: master +- name: zake + repo: upstream:python-packages/zake.git + ref: 13b92d9db4ad37d9550ef5c5abd323a2530a1e72 + unpetrify-ref: master + build-depends: + - testtools +- name: nose + repo: upstream:python-packages/nose + ref: 08d134270b035dac3310cd877bb0fe9ab678303a + unpetrify-ref: release_1.3.4 +- name: beautifulsoup4 + repo: upstream:python-packages/beautifulsoup4.git + ref: bcd7af0e9159d97aa511fb2d879424d1c1c5aadf +- name: waitress + repo: upstream:python-packages/waitress.git + ref: b795d573a5a9e6e39b46a6e82da367a6a5db8dbd + unpetrify-ref: 0.8.9 +- name: webtest + repo: upstream:python-packages/webtest.git + ref: 6a24fba456d1c4ac2609b90f1fdc377c595608a4 + unpetrify-ref: 2.0.16 + build-depends: + - waitress + - beautifulsoup4 +- name: testresources + repo: upstream:python-packages/testresources + ref: ef938bcce0e436f9e9ffef932a898dc248a1d6ea + unpetrify-ref: 0.2.7 + build-depends: + - testtools + - fixtures + - check + - cppunit diff --git a/strata/test-tools/subunit.morph b/strata/test-tools/subunit.morph new file mode 100644 index 00000000..b7b43a39 --- /dev/null +++ b/strata/test-tools/subunit.morph @@ -0,0 +1,3 @@ +name: python-subunit +kind: chunk +build-system: autotools diff --git a/strata/zookeeper.morph b/strata/zookeeper.morph index 6328d327..2baf6f58 100644 --- a/strata/zookeeper.morph +++ b/strata/zookeeper.morph @@ -4,10 +4,8 @@ description: | This stratum installs zookeeper and its dependencies. build-depends: - morph: strata/core.morph +- morph: strata/test-tools.morph chunks: -- name: cppunit - repo: upstream:cppunit - ref: 77bb121d73c4593d6e3addacacb1bfbd21f53dcf - name: java-binary morph: strata/zookeeper/java-binary.morph repo: github:franred/gerrit-installation-binaries @@ -18,7 +16,6 @@ chunks: repo: upstream:java/ant ref: master build-depends: - - cppunit - java-binary - name: zookeeper morph: strata/zookeeper/zookeeper.morph diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 67d914af..9072b065 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -59,6 +59,8 @@ strata: morph: strata/ntpd.morph - name: libsoup-common morph: strata/libsoup-common.morph +- name: test-tools + morph: strata/test-tools.morph configuration-extensions: - set-hostname - add-config-files diff --git a/systems/zookeeper-client-x86_64.morph b/systems/zookeeper-client-x86_64.morph index ad16f056..e410c1d3 100644 --- a/systems/zookeeper-client-x86_64.morph +++ b/systems/zookeeper-client-x86_64.morph @@ -17,6 +17,8 @@ strata: morph: strata/zookeeper.morph - name: zookeeper-client morph: strata/zookeeper-client.morph +- name: test-tools + morph: strata/test-tools configuration-extensions: - set-hostname - add-config-files diff --git a/systems/zookeeper-server-x86_64.morph b/systems/zookeeper-server-x86_64.morph index 1fbb5456..987ba9e1 100644 --- a/systems/zookeeper-server-x86_64.morph +++ b/systems/zookeeper-server-x86_64.morph @@ -17,6 +17,8 @@ strata: morph: strata/zookeeper.morph - name: zookeeper-server morph: strata/zookeeper-server.morph +- name: test-tools + morph: strata/test-tools.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From 1d8121c0a4c746c18a075e699ea3f94db99c21dd Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 09:24:26 +0000 Subject: Use swift stratum instead of having swift inside openstack-services To avoid duplication and make openstack-services more manageable. Also move duplicated chunk to openstack-common. Change-Id: I97468e5e7757d2250c643eacfcb76826e5c5ed92 --- strata/openstack-common.morph | 14 +++++++ strata/openstack-services.morph | 59 ---------------------------- strata/openstack-services/python-xattr.morph | 8 ---- strata/swift.morph | 21 ++-------- systems/openstack-system-x86_64.morph | 2 + 5 files changed, 19 insertions(+), 85 deletions(-) delete mode 100644 strata/openstack-services/python-xattr.morph diff --git a/strata/openstack-common.morph b/strata/openstack-common.morph index f59f6705..78c04ba6 100644 --- a/strata/openstack-common.morph +++ b/strata/openstack-common.morph @@ -96,3 +96,17 @@ chunks: repo: upstream:simplejson ref: 54d5ff15d508c51366986cc4f77f2f287f036582 unpetrify-ref: v3.6.4 +- name: greenlet + ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 + unpetrify-ref: 0.4.5 + repo: upstream:python-packages/greenlet +- name: eventlet + ref: 8d2474197de4827a7bca9c33e71a82573b6fc721 + unpetrify-ref: v0.15.2 + repo: upstream:python-packages/eventlet + build-depends: + - greenlet +- name: pastedeploy + repo: upstream:python-packages/pastedeploy + ref: 5ad87be617c2cc1dd31625688172e964db2756dc + unpetrify-ref: 1.5.2 diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 7e9e9032..2010a9cf 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -24,16 +24,6 @@ chunks: repo: upstream:openstack/oslo-rootwrap ref: 62d732277de5cf663172eafe6d3a6c149a9cf814 unpetrify-ref: master -- name: greenlet - ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 - unpetrify-ref: 0.4.5 - repo: upstream:python-packages/greenlet -- name: eventlet - ref: 8d2474197de4827a7bca9c33e71a82573b6fc721 - unpetrify-ref: v0.15.2 - repo: upstream:python-packages/eventlet - build-depends: - - greenlet - name: py-amqp repo: upstream:python-packages/py-amqp ref: 875b10d1715def640042c7ff2f42c00a6c07eed1 @@ -187,10 +177,6 @@ chunks: repo: upstream:python-packages/posix-ipc-tarball ref: f3765db04b903b3671733e07cf1541a51966dd14 unpetrify-ref: posix_ipc-0.9.8 -- name: pastedeploy - repo: upstream:python-packages/pastedeploy - ref: 5ad87be617c2cc1dd31625688172e964db2756dc - unpetrify-ref: 1.5.2 - name: paste repo: upstream:python-packages/paste ref: 4c177fce89fee925f0f4fbfde00ce2e1252562c0 @@ -242,20 +228,12 @@ chunks: ref: 8ffb4739d596fb1aac5d62d173d1e6f80270af9d unpetrify-ref: v2.1.fb52 morph: strata/openstack-services/rtslib-fb.morph -- name: netifaces - repo: upstream:python-packages/netifaces - ref: 885b200ba717df87f6e8044ec8c66c677c949bcb - unpetrify-ref: release_0_10_4 - name: networkx repo: upstream:python-packages/networkx ref: 8ac796aba866ade1a56b83e30f25ed392ca3512c unpetrify-ref: v1.9.1 build-depends: - python-decorator -- name: dnspython - repo: upstream:python-packages/dnspython - ref: e1369c62d14f82b80ef11197a490ace5d43bb3f3 - unpetrify-ref: v1.12.0 - name: pexpect repo: upstream:python-packages/pexpect ref: 671417beb41c21f772687c565196fdde444b053b @@ -334,7 +312,6 @@ chunks: ref: 6ea3b12492e86f9e8d109fc3490cc4d3a0edd8b6 unpetrify-ref: 1.4.0.0a5 build-depends: - - eventlet - kombu - name: oslo-vmware repo: upstream:openstack/oslo-vmware @@ -342,7 +319,6 @@ chunks: unpetrify-ref: 0.6.0 build-depends: - suds - - eventlet - name: taskflow repo: upstream:openstack/taskflow ref: 1caaecc5d6b2aa4cde4a50e31d1d993fce7a66c4 @@ -384,11 +360,6 @@ chunks: build-depends: - oslo-messaging - posix-ipc-tarball -- name: python-xattr - morph: strata/openstack-services/python-xattr.morph - repo: upstream:python-packages/xattr - ref: dd10d44e3eb9a1d2303c1f7d5126c099d56e97fc - unpetrify-ref: v0.7.6 - name: keystonemiddleware repo: upstream:openstack/keystonemiddleware ref: a7beb50b38be5c3dd4c44d68ad79d1bb206dab6b @@ -405,18 +376,13 @@ chunks: repo: upstream:openstack/glance_store.git ref: 54f673d4133c1244e2555e7ceb3344c104a74154 unpetrify-ref: 0.1.8 - build-depends: - - eventlet - name: glance repo: upstream:openstack/glance ref: 055adff1d95dca72074da898b541cb4a6b62406d unpetrify-ref: 2014.2.1 build-depends: - - greenlet - sqlalchemy - anyjson - - eventlet - - pastedeploy - routes - boto - sqlalchemy-migrate @@ -440,9 +406,6 @@ chunks: ref: 615f79bb97883eee76923527cea13c2f72baa7ff unpetrify-ref: 2014.2.1 build-depends: - - eventlet - - greenlet - - pastedeploy - paste - routes - sqlalchemy @@ -463,11 +426,8 @@ chunks: unpetrify-ref: 2014.2.1 build-depends: - paste - - pastedeploy - routes - anyjson - - eventlet - - greenlet - httplib2 - jsonrpclib - keystonemiddleware @@ -476,17 +436,6 @@ chunks: - oslo-db - oslo-messaging - oslo-rootwrap -- name: swift - repo: upstream:openstack/swift - ref: 2e8261a4dc0d0af0c4a46478b81e167bcf02220b - unpetrify-ref: 2.2.0 - build-depends: - - dnspython - - eventlet - - greenlet - - netifaces - - pastedeploy - - python-xattr - name: wsgiref repo: upstream:python-packages/wsgiref.git ref: e8360785eef259394e13b2062407edc3c2cbc1e0 @@ -529,12 +478,9 @@ chunks: - anyjson - boto - python-decorator - - eventlet - keystonemiddleware - kombu - routes - - greenlet - - pastedeploy - paste - sqlalchemy-migrate - suds @@ -555,8 +501,6 @@ chunks: unpetrify-ref: 2014.2.1 build-depends: - anyjson - - eventlet - - greenlet - keystonemiddleware - kombu - oslo-db @@ -564,7 +508,6 @@ chunks: - oslo-rootwrap - osprofiler - paste - - pastedeploy - routes - taskflow - rtslib-fb @@ -598,7 +541,6 @@ chunks: - alembic - anyjson - croniter - - eventlet - happybase - jsonpath-rw - keystonemiddleware @@ -607,7 +549,6 @@ chunks: - oslo-db - oslo-rootwrap - oslo-vmware - - pastedeploy - pecan - posix-ipc-tarball - oslo-messaging diff --git a/strata/openstack-services/python-xattr.morph b/strata/openstack-services/python-xattr.morph deleted file mode 100644 index 7916bbf2..00000000 --- a/strata/openstack-services/python-xattr.morph +++ /dev/null @@ -1,8 +0,0 @@ -name: python-xattr -kind: chunk -configure-commands: -- cp -r /usr/lib/python2.7/site-packages/cffi . -build-commands: -- python setup.py build -install-commands: -- python setup.py install --prefix "$PREFIX" --root "$DESTDIR" diff --git a/strata/swift.morph b/strata/swift.morph index 641485b3..22ca8a3a 100644 --- a/strata/swift.morph +++ b/strata/swift.morph @@ -2,30 +2,18 @@ name: swift kind: stratum description: Distributed object storage build-depends: -- morph: strata/openstack-common.morph # for simplejson, cffi +# openstack-common is required for simplejson, cffi, greenlet, +# eventlet, pastedeploy +- morph: strata/openstack-common.morph chunks: - name: dnspython repo: upstream:python-packages/dnspython ref: e1369c62d14f82b80ef11197a490ace5d43bb3f3 unpetrify-ref: v1.12.0 -- name: greenlet - ref: 42b65a7b67dfabd180625155cd4fcd8e51917fe2 - unpetrify-ref: 0.4.5 - repo: upstream:python-packages/greenlet -- name: eventlet - ref: 8d2474197de4827a7bca9c33e71a82573b6fc721 - unpetrify-ref: v0.15.2 - repo: upstream:python-packages/eventlet - build-depends: - - greenlet - name: netifaces repo: upstream:python-packages/netifaces ref: 885b200ba717df87f6e8044ec8c66c677c949bcb unpetrify-ref: release_0_10_4 -- name: pastedeploy - repo: upstream:python-packages/pastedeploy - ref: 5ad87be617c2cc1dd31625688172e964db2756dc - unpetrify-ref: 1.5.2 - name: xattr morph: strata/swift/xattr.morph repo: upstream:python-packages/xattr @@ -37,8 +25,5 @@ chunks: unpetrify-ref: 2.2.0 build-depends: - dnspython - - eventlet - - greenlet - netifaces - - pastedeploy - xattr diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 9072b065..5dffce9e 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -61,6 +61,8 @@ strata: morph: strata/libsoup-common.morph - name: test-tools morph: strata/test-tools.morph +- name: swift + morph: strata/swift.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From 33d16d161c0d3e2921499332594ebe3e8b289fa6 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 10:01:21 +0000 Subject: Add python-tools to Openstack system and stratum This removes duplicated chunks between these strata. Change-Id: Ibb62709034bb6543615a75d0ba440683292cbbf3 --- strata/openstack-services.morph | 19 +------------------ strata/python-tools.morph | 2 +- systems/openstack-system-x86_64.morph | 2 ++ 3 files changed, 4 insertions(+), 19 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 2010a9cf..52789901 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -7,6 +7,7 @@ build-depends: - morph: strata/xstatic.morph - morph: strata/openstack-clients.morph - morph: strata/test-tools.morph +- morph: strata/python-tools.morph chunks: - name: rabbitmq-codegen morph: strata/openstack-services/rabbitmq-codegen.morph @@ -99,23 +100,6 @@ chunks: - pygments - docutils - snowballstemmer -- name: logilab-common - repo: upstream:python-packages/logilab-common.git - ref: d1d8f793af6d015d885b9ea67b5741d5a093e2f4 - unpetrify-ref: logilab-common-version-0.62.0 -- name: astroid - repo: upstream:python-packages/astroid.git - ref: 7657331baa162122890aa4327f4f441cde9f5188 - unpetrify-ref: astroid-1.2.1 - build-depends: - - logilab-common -- name: pylint - repo: upstream:python-packages/pylint - ref: 541466c31aae21c7cfbf30470f0f6a2dc0a948c3 - unpetrify-ref: pylint-1.3.1 - build-depends: - - logilab-common - - astroid - name: python-markdown repo: upstream:python-markdown ref: f0c5b71acbc02af60a33d67c59558bb513b25e74 @@ -155,7 +139,6 @@ chunks: - isort - pep8 - pyflakes - - pylint - name: pycco repo: upstream:python-packages/pycco ref: 22e157e525760e843dba391ca85fbe9bd35fdc5b diff --git a/strata/python-tools.morph b/strata/python-tools.morph index e84a0691..a84697af 100644 --- a/strata/python-tools.morph +++ b/strata/python-tools.morph @@ -10,7 +10,7 @@ chunks: ref: 9205ff46a67130e8835f14bb4f802fd59e7dcf2c unpetrify-ref: 12.0.5 -## Pylint +## Pylint - required in openstack-services.morph - name: astroid repo: upstream:python-packages/astroid ref: 194dc114a33b80b4bfbbeb73f36712848f696025 diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 5dffce9e..8ab38bee 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -63,6 +63,8 @@ strata: morph: strata/test-tools.morph - name: swift morph: strata/swift.morph +- name: python-tools + morph: strata/python-tools.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From 5cf26a31e81b1aed9de3717e75f3315b400a5a0b Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 11:11:53 +0000 Subject: Move python-markdown to python-core Change-Id: I50bc8690a84324030e806dc124c80743e510b1b9 --- strata/morph-utils.morph | 5 ----- strata/openstack-services.morph | 5 ----- strata/python-core.morph | 4 ++++ 3 files changed, 4 insertions(+), 10 deletions(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 3d682729..1a640795 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -13,10 +13,6 @@ chunks: repo: upstream:python-ttystatus ref: 47d871216cea6ce3b9d6efd70e9a0f38ab8604f0 unpetrify-ref: baserock/morph -- name: python-markdown - repo: upstream:python-markdown - ref: a9ca97325e9039de90eae29fb3d8879bc9f367f6 - unpetrify-ref: baserock/morph - name: git-fat morph: strata/tools/git-fat.morph repo: upstream:git-fat @@ -34,7 +30,6 @@ chunks: unpetrify-ref: baserock/morph build-depends: - python-ttystatus - - python-markdown - name: pylru repo: upstream:python-packages/pylru ref: 221dd259f5c34562c835611d1cf62384b9019da4 diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 52789901..2a984922 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -100,10 +100,6 @@ chunks: - pygments - docutils - snowballstemmer -- name: python-markdown - repo: upstream:python-markdown - ref: f0c5b71acbc02af60a33d67c59558bb513b25e74 - unpetrify-ref: 2.5.1-final - name: pystache repo: upstream:python-packages/pystache.git ref: 0c5e61a4ccc05bde7f6c6132b4fb6c49a3c093fd @@ -144,7 +140,6 @@ chunks: ref: 22e157e525760e843dba391ca85fbe9bd35fdc5b unpetrify-ref: master build-depends: - - python-markdown - pygments - pystache - smartypants diff --git a/strata/python-core.morph b/strata/python-core.morph index dbd0891d..0f9d1653 100644 --- a/strata/python-core.morph +++ b/strata/python-core.morph @@ -46,3 +46,7 @@ chunks: repo: upstream:python-lxml ref: 14505bc62f5f1fc9fb0ff007955f3e67ab4562bb unpetrify-ref: lxml-3.4.0 +- name: python-markdown + repo: upstream:python-markdown + ref: f0c5b71acbc02af60a33d67c59558bb513b25e74 + unpetrify-ref: 2.5.1-final -- cgit v1.2.1 From 62d1a56a6629c287a1fe88040a893f401276b86c Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 11:19:09 +0000 Subject: Move python-decorator and networkx to python-common Change-Id: Ifa9fd4a7561bb92e4ae579ea5028bef76d68efa1 --- strata/baserock-import.morph | 10 ---------- strata/openstack-services.morph | 15 --------------- strata/python-common.morph | 8 ++++++++ 3 files changed, 8 insertions(+), 25 deletions(-) diff --git a/strata/baserock-import.morph b/strata/baserock-import.morph index c0861105..5623886e 100644 --- a/strata/baserock-import.morph +++ b/strata/baserock-import.morph @@ -9,14 +9,6 @@ chunks: repo: upstream:python-packages/ansicolor ref: 9d3adbaff35bb6cde1d63414a8cc72f572c4d0ef unpetrify-ref: 0.2.4 -- name: python-decorator - repo: upstream:python-packages/python-decorator - ref: b02f7a254c3679dfac57a824e08dd02ced850636 - unpetrify-ref: decorator-3.4.0 -- name: networkx - repo: upstream:python-packages/networkx - ref: 8ac796aba866ade1a56b83e30f25ed392ca3512c - unpetrify-ref: networkx-1.9.1 - name: requests-cache repo: upstream:python-packages/requests-cache ref: a1b5e65ccd715f1e8434f18f27913715340d6aaf @@ -27,5 +19,3 @@ chunks: unpetrify-ref: master build-depends: - ansicolor - - networkx - - python-decorator diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 2a984922..04e8fd8e 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -143,10 +143,6 @@ chunks: - pygments - pystache - smartypants -- name: python-decorator - repo: upstream:python-packages/python-decorator - ref: b02f7a254c3679dfac57a824e08dd02ced850636 - unpetrify-ref: decorator-3.4.0 - name: dateutil repo: upstream:python-packages/dateutil ref: 8c6026ba09716a4e164f5420120bfe2ebb2d9d82 @@ -206,12 +202,6 @@ chunks: ref: 8ffb4739d596fb1aac5d62d173d1e6f80270af9d unpetrify-ref: v2.1.fb52 morph: strata/openstack-services/rtslib-fb.morph -- name: networkx - repo: upstream:python-packages/networkx - ref: 8ac796aba866ade1a56b83e30f25ed392ca3512c - unpetrify-ref: v1.9.1 - build-depends: - - python-decorator - name: pexpect repo: upstream:python-packages/pexpect ref: 671417beb41c21f772687c565196fdde444b053b @@ -226,7 +216,6 @@ chunks: unpetrify-ref: 1.2.3 build-depends: - ply - - python-decorator - name: logutils repo: upstream:python-packages/logutils.git ref: 095f14efbaaf838b7772bffd36a466abb9668efe @@ -301,15 +290,12 @@ chunks: repo: upstream:openstack/taskflow ref: 1caaecc5d6b2aa4cde4a50e31d1d993fce7a66c4 unpetrify-ref: 0.5.0 - build-depends: - - networkx - name: sqlalchemy-migrate repo: upstream:python-packages/sqlalchemy-migrate ref: 089663761cc15f8b3cdb874b6a76270ccdd0a412 unpetrify-ref: 0.9.1 build-depends: - sqlalchemy - - python-decorator - tempita - name: oauthlib repo: upstream:python-packages/oauthlib @@ -455,7 +441,6 @@ chunks: - sqlalchemy - anyjson - boto - - python-decorator - keystonemiddleware - kombu - routes diff --git a/strata/python-common.morph b/strata/python-common.morph index affbb7f0..54048ed7 100644 --- a/strata/python-common.morph +++ b/strata/python-common.morph @@ -60,3 +60,11 @@ chunks: repo: upstream:python-packages/webob ref: ae0ac90f22f9e1ff351e445f92330efd89195f51 unpetrify-ref: 1.4 +- name: python-decorator + repo: upstream:python-packages/python-decorator + ref: b02f7a254c3679dfac57a824e08dd02ced850636 + unpetrify-ref: decorator-3.4.0 +- name: networkx + repo: upstream:python-packages/networkx + ref: 8ac796aba866ade1a56b83e30f25ed392ca3512c + unpetrify-ref: networkx-1.9.1 -- cgit v1.2.1 From 93db3685bce720ca523ba5be8699e7d18f33806a Mon Sep 17 00:00:00 2001 From: Richard Maw Date: Tue, 14 Apr 2015 16:21:16 +0100 Subject: shadow/PAM: Use SHA512 rather than DES for password hashes DES truncates passwords, so is an insecure default. Change-Id: I3fc7fe55a855ff762e51ef9d71fd6741b1cbc428 --- strata/core/shadow.morph | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/strata/core/shadow.morph b/strata/core/shadow.morph index d709ddcb..34ec6197 100644 --- a/strata/core/shadow.morph +++ b/strata/core/shadow.morph @@ -31,9 +31,20 @@ post-install-commands: PASS_CHANGE_TRIES \ PASS_ALWAYS_WARN \ CHFN_AUTH \ - ENCRYPT_METHOD \ ENVIRON_FILE do - sed -i "s/^${OPTION}.*/# & #This option is handled by PAM instead./" \ + sed -i -e "s/^${OPTION}.*/# & #This option is handled by PAM instead./" \ "$DESTDIR/etc/login.defs" done +# ENCRYPT_METHOD is handled specially with PAM, it will use the default as +# provided in login.defs, but it may be overridden in the pam.d config. +# We do not currently override this though, and it's better to guard oursleves +# against accidentally reducing password security by forgetting to include the +# algorithm as an argument to the PAM module, so ENCRYPT_METHOD is configured +# here, rather than in PAM. +- | + if grep -q '[\s#]ENCRYPT_METHOD' "$DESTDIR/etc/login.defs"; then + sed -i -e '/^[\s#]*ENCRYPT_METHOD /s/.*/ENCRYPT_METHOD SHA512/g' "$DESTDIR/etc/login.defs" + else + echo 'ENCRYPT_METHOD SHA512' >>"$DESTDIR/etc/login.defs" + fi -- cgit v1.2.1 From 18ec40bade8ca1f73c5da919e2810f0d7f0e4f22 Mon Sep 17 00:00:00 2001 From: Patrick Darley Date: Thu, 23 Apr 2015 14:27:42 +0000 Subject: Update ceph to latest release Change-Id: I95adef541f5c782cd54ad4766aa7edf26a57127b --- strata/ceph-service.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/ceph-service.morph b/strata/ceph-service.morph index 0fc987c4..14601fbf 100644 --- a/strata/ceph-service.morph +++ b/strata/ceph-service.morph @@ -48,8 +48,8 @@ chunks: - name: ceph morph: strata/ceph-service/ceph.morph repo: upstream:ceph - ref: d3f2ec34d26264ec4deb0b54678ee7bbb2ebc76f - unpetrify-ref: master + ref: e61c4f093f88e44961d157f65091733580cea79a + unpetrify-ref: v0.94 build-depends: - libaio - gperftools -- cgit v1.2.1 From ebf9125fb758c9b0fb74277e8babb5c4669534d6 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Wed, 6 May 2015 13:57:00 +0000 Subject: Revert "Upgrade to GCC 5.1" This reverts commit acb29d344d117133891199ea536d9c4d34c7d05e. We have discovered that Baserock systems built with GCC 5.1 cannot *deploy* working disk images. The images hang in SYSLINUX. We suspect that it is a bug in SYSLINUX that is triggered by the compiler upgrade, and upgrading SYSLINUX may well fix this issue, but we don't have time to do this and test it in time for a 15.19 release Change-Id: I3c661b14fb923eee37c4c0148904620362fe62e2 --- strata/armv7lhf-cross-toolchain.morph | 12 ++++++------ strata/build-essential.morph | 20 ++++++++++---------- strata/build-essential/stage2-glibc.morph | 1 - strata/build-essential/stage2-libstdc++.morph | 2 +- 4 files changed, 17 insertions(+), 18 deletions(-) diff --git a/strata/armv7lhf-cross-toolchain.morph b/strata/armv7lhf-cross-toolchain.morph index 591fa587..ffc4a9dd 100644 --- a/strata/armv7lhf-cross-toolchain.morph +++ b/strata/armv7lhf-cross-toolchain.morph @@ -19,8 +19,8 @@ chunks: - name: armv7lhf-cross-gcc-nolibc morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-gcc-nolibc.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - armv7lhf-cross-binutils @@ -37,8 +37,8 @@ chunks: - name: armv7lhf-cross-gcc morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-gcc.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - armv7lhf-cross-binutils - armv7lhf-cross-glibc @@ -46,8 +46,8 @@ chunks: - name: armv7lhf-cross-libstdc++ morph: strata/armv7lhf-cross-toolchain/armv7lhf-cross-libstdc++.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - armv7lhf-cross-binutils - armv7lhf-cross-gcc diff --git a/strata/build-essential.morph b/strata/build-essential.morph index 3cb87fa4..4eb5fdb9 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -59,8 +59,8 @@ chunks: - name: stage1-gcc morph: strata/build-essential/stage1-gcc.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - stage1-binutils build-mode: bootstrap @@ -92,8 +92,8 @@ chunks: - name: stage2-libstdc++ morph: strata/build-essential/stage2-libstdc++.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - stage1-binutils - stage1-gcc @@ -118,8 +118,8 @@ chunks: - name: stage2-gcc-fixed-headers morph: strata/build-essential/stage2-gcc-fixed-headers.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - stage1-binutils - stage1-gcc @@ -131,8 +131,8 @@ chunks: - name: stage2-gcc morph: strata/build-essential/stage2-gcc.morph repo: upstream:gcc-tarball - ref: cca9d546d497fac90f862e52c61177ba1daa9a84 - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - stage1-binutils - stage1-gcc @@ -356,8 +356,8 @@ chunks: - name: gcc morph: strata/build-essential/gcc.morph repo: upstream:gcc-tarball - ref: 7b410925ecc2c60653378a7ff26ce64f4095858c - unpetrify-ref: baserock/5.1.0/gmp_mpfr_mpc+docs_fix + ref: b3c9b176c1f10ebeff5700eb3760e9511f23fa06 + unpetrify-ref: baserock/build-essential build-depends: - stage2-binutils - stage2-busybox diff --git a/strata/build-essential/stage2-glibc.morph b/strata/build-essential/stage2-glibc.morph index c480c875..9e5e745b 100644 --- a/strata/build-essential/stage2-glibc.morph +++ b/strata/build-essential/stage2-glibc.morph @@ -21,7 +21,6 @@ configure-commands: $ARCH_FLAGS \ --build=$(../scripts/config.guess) --host=$TARGET_STAGE1 \ --prefix="$PREFIX" \ - --enable-obsolete-rpc \ `# [1]` --libdir="$PREFIX/lib" \ `# [2]` --with-headers="$(pwd)/../../$PREFIX/include" \ `# [3]` --disable-profile --enable-kernel=2.6.25 \ diff --git a/strata/build-essential/stage2-libstdc++.morph b/strata/build-essential/stage2-libstdc++.morph index f9f245c1..3d89ad85 100644 --- a/strata/build-essential/stage2-libstdc++.morph +++ b/strata/build-essential/stage2-libstdc++.morph @@ -27,7 +27,7 @@ configure-commands: --disable-multilib \ `# [1]` --disable-libstdcxx-threads \ `# [2]` --disable-libstdcxx-pch \ - `# [3]` --with-gxx-include-dir=/tools/"$TARGET_STAGE1"/include/c++/5.1.0 + `# [3]` --with-gxx-include-dir=/tools/"$TARGET_STAGE1"/include/c++/4.9.2 build-commands: - cd o && make -- cgit v1.2.1 From ef619b6115513dd36923c39190f907b55b0a4825 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 5 May 2015 11:25:43 +0000 Subject: Configure shadow to work with PAM. Also modify some /etc/pam.d files: - Make the requirement on pam_selinux.so optional in shadow default pam.d configuration files. - Modify 'system-auth' when installing systemd to add pam_deny.so, so that login attempts with wrong passwords fail now that shadow is configured to use PAM. Change-Id: I7110d27b6b46ce33eeaeae904dea854deb46c759 --- strata/core/shadow.morph | 9 ++++++--- strata/foundation/systemd.morph | 5 +++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/strata/core/shadow.morph b/strata/core/shadow.morph index 34ec6197..c8715a7d 100644 --- a/strata/core/shadow.morph +++ b/strata/core/shadow.morph @@ -6,13 +6,11 @@ configure-commands: - | ./autogen.sh --with-selinux=no \ --sysconfdir=/etc \ - --with-pam=yes \ + --with-libpam=yes \ --prefix="$PREFIX" \ --bindir=/bin post-install-commands: # Disable things handled by pam instead -- rm "$DESTDIR/etc/limits" -- rm "$DESTDIR/etc/login.access" - | for OPTION in FAIL_DELAY \ FAILLOG_ENAB \ @@ -48,3 +46,8 @@ post-install-commands: else echo 'ENCRYPT_METHOD SHA512' >>"$DESTDIR/etc/login.defs" fi + +# The default pam.d config files have pam_selinux.so as a requirement, even +# when shadow is configured '--with-selinux=no'. We change this default config +# to make this requirement optional. +- sed -i -e 's/\(.*\)required\(.*pam_selinux.so.*\)/\1optional\2/' "$DESTDIR"/etc/pam.d/* diff --git a/strata/foundation/systemd.morph b/strata/foundation/systemd.morph index efca734f..5dc48e70 100644 --- a/strata/foundation/systemd.morph +++ b/strata/foundation/systemd.morph @@ -39,3 +39,8 @@ post-install-commands: EOF # Use the pam config systemd provides - cp -a "$DESTDIR/$PREFIX"/share/factory/etc/pam.d/* "$DESTDIR/etc/pam.d" + +# Add pam_deny.so to the default systemd-auth pam.d config file. Without +# it, if shadow is configured to use PAM, it would be possible to login +# to a system with the wrong password. +- echo 'auth requisite pam_deny.so' >> "$DESTDIR"/etc/pam.d/system-auth -- cgit v1.2.1 From f86ef9af78a33f9826e1a800252a55777e1c240a Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Thu, 7 May 2015 15:50:19 +0000 Subject: Update Morph for various new changes Full list: 0b2b24a distbuild: Fix initiator hanging when protocol errors occur f6e3627 Fix sysroot.write trying to overwrite existing files e08f3e3 distbuild: Allow WorkerConnection to track multiple in-flight jobs 75ef3e9 distbuild: Track worker jobs using artifact basename only be3383e distbuild: Track state of a job in the Job class 44917b2 distbuild: Make Jobs class into a more generic JobQueue 42b915c Make str() of a GitDirectory return its location. 6db8c4f Make listing contents of local tarball cache more robust 07a0b83 Show progress of downloads when --verbose is passed, not --debug 11391bc GitDir: Fix setting fetch url when push url is already on-disk 534fe7a Update distbuild protocol version to 3 a030d42 Add yarns for basic `morph anchor` functionality 8956e5e Add `morph anchor` command b477acb yarns: Fix typo in system branch creation yarn f4ec3d2 yarns: Fix get-repo test falsely checking exit result eaa0685 RemoteRefManager: Fail all ref updates when one fails 2904830 GitDir: Set the fetch or push url when the other is set 9e074be yarns: Have non-bogus trove config 1f66776 CachedRepo: Fix reference to _gitdir 93b034f install-files.configure: make possible to overwrite symlinks 7e5bab5 Add a test for partial deployment 1d57b19 Allow the deployment of individual chunks/strata from systems 2985a46 morphlib: Add command to get build-log for a given chunk and system file 9867774 Add ssh keys conf ext 74ac75d Fix partial distbuilds of non-existant components f964cf0 Add a CSV manifest generator. 5ea105a Check number of args given to build commands 34870ac Improve 'Deploy failed as system is not yet build' error. c9ebfbf GitDirectory: Add a store_commit method ae17229 gitdir.PushFailureError: Show why pushes failed f489767 CachedRepo: Expose the internal gitdir object 7bf8fda morph help: Expand upon the importance of the first trove-id 442e62c Install licensecheck.pl with morphlib dd755f8 Ignore BuildProgress messages ac6d189 Remove n_state_machines_of_type function 4941d1d distbuild: Add distbuild status command 8409655 distbuild: Add distbuild start and cancel functionality 4a1c2d1 distbuild: Add protocol version checking for list-jobs command 8875e9c Bump supported definitions format version to 3 Change-Id: Ic827f1024ad4491938b5b0bfc1f2971dafd2f9e3 --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 1a640795..808d3907 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -36,7 +36,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: e9f13c83996ab2affe237ff800cf872dc229102e + ref: 0b2b24a53316bee939d8921d8eb11254be7ce8a2 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From 594b3cc535d757141c9fe65ce36f2d5c77ddf12f Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Thu, 7 May 2015 17:11:32 +0100 Subject: Upgrade ppc64 BSP kernel to 4.0 Change-Id: I20833b54c4f905785f982c693b3fdf4219889222 --- strata/bsp-ppc64-generic.morph | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/strata/bsp-ppc64-generic.morph b/strata/bsp-ppc64-generic.morph index 82395569..ea606a75 100644 --- a/strata/bsp-ppc64-generic.morph +++ b/strata/bsp-ppc64-generic.morph @@ -6,6 +6,6 @@ build-depends: chunks: - name: linux-ppc64 morph: strata/bsp-ppc64-generic/linux-ppc64.morph - repo: upstream:linux-stable - ref: 660613d1a4e94144490850b6c3d350331860fac4 - unpetrify-ref: v3.19.2 + repo: upstream:linux + ref: 39a8804455fb23f09157341d3ba7db6d7ae6ee76 + unpetrify-ref: v4.0 -- cgit v1.2.1 From 2df457330147cab89cd7ff3aeb7c2e0901c62a91 Mon Sep 17 00:00:00 2001 From: Richard Dale Date: Thu, 30 Apr 2015 14:40:48 +0000 Subject: Create /etc/ld.so.conf.d in the glibc chunks, not fhs-dirs as it is glibc specific Include ld.so.conf and ld.so.conf.d in the glibc-libs artifact This fixes a problem with minimal systems introduced by this commit: c9afefed2d2278046ec5c0fb11c32220f3b7380d It meant that /etc/ld.so.conf was missing in minimal systems Change-Id: I4b63c33c4572e78092e1b434489787f3e788a80f --- strata/build-essential/glibc.morph | 4 ++++ strata/build-essential/stage2-glibc.morph | 1 + 2 files changed, 5 insertions(+) diff --git a/strata/build-essential/glibc.morph b/strata/build-essential/glibc.morph index ecd7c7c4..f820547d 100644 --- a/strata/build-essential/glibc.morph +++ b/strata/build-essential/glibc.morph @@ -20,7 +20,10 @@ products: - (usr/)?lib/libSegFault\.so(\.\d+)*$ - artifact: glibc-libs include: + # This is processed after bins, so bins can take libSegFault.so - (usr/)?lib(32|64)?/lib[^/]*\.so(\.\d+)*$ + - etc/ld.so.conf + - etc/ld.so.conf.d - artifact: glibc-devel include: - (usr/)?include/.* @@ -67,6 +70,7 @@ build-commands: install-commands: - cd o && make install_root="$DESTDIR" localtime=UTC install - mkdir -p "$DESTDIR/etc" +- mkdir -p "$DESTDIR/etc/ld.so.conf.d" - | cat < nsswitch.conf passwd: compat diff --git a/strata/build-essential/stage2-glibc.morph b/strata/build-essential/stage2-glibc.morph index 9e5e745b..f44d0ebb 100644 --- a/strata/build-essential/stage2-glibc.morph +++ b/strata/build-essential/stage2-glibc.morph @@ -33,6 +33,7 @@ build-commands: install-commands: - cd o && make install_root="$DESTDIR" localtime=UTC install - mkdir -p "$DESTDIR/etc" +- mkdir -p "$DESTDIR/etc/ld.so.conf.d" - | cat < ld.so.conf /lib -- cgit v1.2.1 From 8138ea55e125e9bcca14b1730bfcd516425592c8 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Thu, 7 May 2015 17:13:03 +0000 Subject: Update Morph to fix `distbuild-morphology` command --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 808d3907..3fdaf125 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -36,7 +36,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: 0b2b24a53316bee939d8921d8eb11254be7ce8a2 + ref: 4c0d2a9f9c3b71345d1a59a403c81d2795917a75 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From 3b69cc0b14b5089b6c8f49f7cd7bb2bf0d0b58ac Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Thu, 7 May 2015 17:16:47 +0000 Subject: Update fhs-dirs to avoid creating /etc/ld.so.conf.d This is now done in the GLIBC chunk. --- strata/build-essential.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/build-essential.morph b/strata/build-essential.morph index 4eb5fdb9..4a03fe35 100644 --- a/strata/build-essential.morph +++ b/strata/build-essential.morph @@ -167,7 +167,7 @@ chunks: - name: stage2-fhs-dirs morph: strata/build-essential/stage2-fhs-dirs.morph repo: baserock:baserock/fhs-dirs - ref: 41bbb474cd4647ee715bc94c21c161d12a20deb4 + ref: 1218cbd38a4f4e9da75af6f7fae946ca92666afb unpetrify-ref: master build-mode: bootstrap prefix: /tools @@ -214,7 +214,7 @@ chunks: - name: fhs-dirs morph: strata/build-essential/fhs-dirs.morph repo: baserock:baserock/fhs-dirs - ref: 41bbb474cd4647ee715bc94c21c161d12a20deb4 + ref: 1218cbd38a4f4e9da75af6f7fae946ca92666afb unpetrify-ref: master build-depends: - stage2-binutils -- cgit v1.2.1 From 70159902d45c6309bfafa8416b077d9706a98b4a Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Mon, 27 Apr 2015 13:11:52 +0000 Subject: openstack: remove setup units from Wants section This way it is possible to avoid running the setup script in subsequent boots, either by disabling the setup service using systemctl, or removing the respective configuration file from /etc/openstack/. Change-Id: I9945e40eaebbc160bb21ca46f10a8b6121f66267 --- openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service | 1 - openstack/usr/lib/systemd/system/openstack-cinder-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service | 1 - openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service | 1 - openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service | 2 +- openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service | 2 +- .../usr/lib/systemd/system/openstack-neutron-metadata-agent.service | 2 +- openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service | 2 +- .../systemd/system/openstack-neutron-plugin-openvswitch-agent.service | 2 +- openstack/usr/lib/systemd/system/openstack-neutron-server.service | 2 +- openstack/usr/lib/systemd/system/openstack-nova-db-setup.service | 1 - 12 files changed, 8 insertions(+), 12 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service index 865b4b2c..8c6f39ab 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service @@ -2,7 +2,6 @@ Description=Run ceilometer-db-setup Ansible scripts ConditionPathExists=/etc/openstack/ceilometer.conf After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service openstack-ceilometer-config-setup.service -Wants=postgres-server.service openstack-keystone.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service index 2afb2d6e..cf84a0e0 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-api.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -2,7 +2,7 @@ Description=OpenStack Volume Service (code-named Cinder) API server ConditionPathExists=/etc/cinder/cinder.conf After=postgres-server-setup.service network-online.target openstack-cinder-db-setup.service openstack-cinder-config-setup.service -Wants=postgres-server-setup.service network-online.target +Wants=network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service index 1b9d43e0..d0568c70 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -2,7 +2,6 @@ Description=Run cinder-db-setup Ansible scripts ConditionPathExists=/etc/cinder/cinder.conf After=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service -Wants=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service index c7b3b5e0..7a1d812b 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service @@ -2,7 +2,6 @@ Description=Run neutron-config-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf After=openstack-keystone-setup.service -Wants=openstack-keystone-setup.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service index 840d0bee..9eff9ea5 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service @@ -2,7 +2,7 @@ Description=Run neutron-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf After=network-online.target postgres-server-setup.service openstack-keystone-setup.service openstack-neutron-config-setup.service -Wants=network-online.target postgres-server-setup.service openstack-keystone-setup.service +Wants=network-online.target [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service index cd9ed9fe..17a37750 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service @@ -2,7 +2,7 @@ Description=Neutron DHCP Agent ConditionPathExists=/etc/neutron/neutron.conf After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openstack-neutron-ovs-cleanup.service -Wants=network-online.target openstack-neutron-config-setup.service +Wants=network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service index 1a6b5928..2e966666 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service @@ -2,7 +2,7 @@ Description=Neutron Layer 3 Agent ConditionPathExists=/etc/neutron/neutron.conf After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openstack-neutron-ovs-cleanup.service -Wants=network-online.target openstack-neutron-config-setup.service +Wants=network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service index c96fa3a2..816abeed 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service @@ -2,7 +2,7 @@ Description=Neutron Metadata Plugin Agent ConditionPathExists=/etc/neutron/neutron.conf After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service -Wants=network-online.target openstack-neutron-config-setup.service +Wants=network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service index 386f50dd..0a794838 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service @@ -2,8 +2,8 @@ Description=Neutron OVS cleanup ConditionPathExists=/etc/neutron/neutron.conf After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openvswitch.service -Wants=network-online.target openstack-neutron-config-setup.service Before=openstack-neutron-plugin-openvswitch-agent.service +Wants=network-online.target ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service index ade14733..b162b11c 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service @@ -2,7 +2,7 @@ Description=Neutron OpenvSwitch Plugin Agent ConditionPathExists=/etc/neutron/neutron.conf After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service -Wants=network-online.target openstack-neutron-config-setup.service +Wants=network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-server.service b/openstack/usr/lib/systemd/system/openstack-neutron-server.service index 3c0e1bda..a43b5bb8 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-server.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-server.service @@ -1,8 +1,8 @@ [Unit] Description=Neutron Api Server ConditionPathExists=/etc/neutron/neutron.conf -Wants=openstack-neutron-network-configuration-one-node.service network-online.target openstack-neutron-config-setup.service After=openstack-neutron-network-configuration-one-node.service network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service +Wants=network-online.target [Service] Type=simple diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index a5bd1969..ee405279 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -2,7 +2,6 @@ Description=Run nova-db-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf After=postgres-server-setup.service openstack-keystone-setup.service openstack-nova-config-setup.service -Wants=postgres-server-setup.service openstack-keystone-setup.service [Service] Type=oneshot -- cgit v1.2.1 From 8f96be4bd3b9d9f8546b23bc43b51e5cdaaddf38 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Mon, 27 Apr 2015 15:31:58 +0000 Subject: openstack: explicitly set --config-file for ceilometer Change-Id: I2e14e9fc368eb160816719b5d70ce9746b246467 --- .../usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service | 2 +- .../usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-central.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service | 2 +- .../usr/lib/systemd/system/openstack-ceilometer-notification.service | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service index 6f9e2adf..ec972f85 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-alarm-evaluator --logfile /var/log/ceilometer/alarm-evaluator.log +ExecStart=/usr/bin/ceilometer-alarm-evaluator --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/alarm-evaluator.log [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service index 6452f737..30a94443 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-alarm-notifier --logfile /var/log/ceilometer/alarm-notifier.log +ExecStart=/usr/bin/ceilometer-alarm-notifier --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/alarm-notifier.log [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service index e0a8d00d..f5bd480c 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-api --logfile /var/log/ceilometer/api.log +ExecStart=/usr/bin/ceilometer-api --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/api.log [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service index 9defb885..05b91893 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-agent-central --logfile /var/log/ceilometer/central.log +ExecStart=/usr/bin/ceilometer-agent-central --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/central.log [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service index bb530360..5941c20e 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-collector --logfile /var/log/ceilometer/collector.log +ExecStart=/usr/bin/ceilometer-collector --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/collector.log [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service index 53e36e18..5dee8946 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-agent-compute --logfile /var/log/ceilometer/compute.log +ExecStart=/usr/bin/ceilometer-agent-compute --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/compute.log [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service index db723923..c78b3e30 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service @@ -6,7 +6,7 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-agent-notification --logfile /var/log/ceilometer/agent-notification.log +ExecStart=/usr/bin/ceilometer-agent-notification --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/agent-notification.log [Install] WantedBy=multi-user.target -- cgit v1.2.1 From cf991b0e46cdc7f81895e4f14106d1d4071c9a4e Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Mon, 27 Apr 2015 15:31:58 +0000 Subject: openstack: add missing ConditionPathExists And fix some existing as well. Generate a separate postgres.conf file so that we don't have to reference keystone on the postgres setup systemd unit and Ansible script. Change-Id: I0bb4428b7e88a508a37d1d43ddcd266369b05cd2 --- openstack-keystone.configure | 10 ++++++++++ .../system/openstack-ceilometer-alarm-evaluator.service | 1 + .../systemd/system/openstack-ceilometer-alarm-notifier.service | 1 + .../usr/lib/systemd/system/openstack-ceilometer-api.service | 1 + .../lib/systemd/system/openstack-ceilometer-central.service | 1 + .../lib/systemd/system/openstack-ceilometer-collector.service | 1 + .../lib/systemd/system/openstack-ceilometer-compute.service | 1 + .../systemd/system/openstack-ceilometer-notification.service | 1 + .../usr/lib/systemd/system/openstack-cinder-db-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-glance-api.service | 1 + .../usr/lib/systemd/system/openstack-glance-registry.service | 1 + .../usr/lib/systemd/system/openstack-glance-setup.service | 1 + openstack/usr/lib/systemd/system/openstack-ironic-api.service | 1 + .../usr/lib/systemd/system/openstack-ironic-conductor.service | 1 + .../usr/lib/systemd/system/openstack-ironic-setup.service | 1 + openstack/usr/lib/systemd/system/openstack-keystone.service | 1 + .../usr/lib/systemd/system/openstack-nova-config-setup.service | 2 +- .../usr/lib/systemd/system/openstack-nova-db-setup.service | 2 +- openstack/usr/lib/systemd/system/postgres-server-setup.service | 1 + openstack/usr/share/openstack/postgres.yml | 2 +- 20 files changed, 29 insertions(+), 4 deletions(-) diff --git a/openstack-keystone.configure b/openstack-keystone.configure index 2a3cc0f7..6b011b14 100644 --- a/openstack-keystone.configure +++ b/openstack-keystone.configure @@ -111,3 +111,13 @@ keystone_configuration={ yaml.dump(keystone_configuration, sys.stdout, default_flow_style=False) EOF + +python << 'EOF' > "$OPENSTACK_DATA/postgres.conf" +import os, sys, yaml + +postgres_configuration={ + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], +} + +yaml.dump(postgres_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service index ec972f85..627d261a 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer alarm evaluation service +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service index 30a94443..c30420ed 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer alarm notification service +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service index f5bd480c..8a6c44d9 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer API service +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service index 05b91893..48d6e5f6 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer central agent +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-collector.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service index 5941c20e..d1de528d 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer collection service +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service index 5dee8946..95c6d87d 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer compute agent +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-config-setup.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service index c78b3e30..3385ec9f 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack ceilometer notification agent +ConditionPathExists=/etc/ceilometer/ceilometer.conf After=syslog.target network-online.target openstack-ceilometer-collector.service Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service index d0568c70..cc99d0cb 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run cinder-db-setup Ansible scripts -ConditionPathExists=/etc/cinder/cinder.conf +ConditionPathExists=/etc/openstack/cinder.conf After=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-glance-api.service b/openstack/usr/lib/systemd/system/openstack-glance-api.service index e1387118..dc9fd2fd 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-api.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-api.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack Image Service (code-named Glance) API server +ConditionPathExists=/etc/glance/glance-api.conf After=syslog.target network-online.target Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-glance-registry.service b/openstack/usr/lib/systemd/system/openstack-glance-registry.service index f3134352..b2cc8b49 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-registry.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-registry.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack Image Service (code-named Glance) Registry server +ConditionPathExists=/etc/glance/glance-registry.conf After=syslog.target network-online.target Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-glance-setup.service b/openstack/usr/lib/systemd/system/openstack-glance-setup.service index 8fec1cfb..b4ec3f02 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-setup.service @@ -1,5 +1,6 @@ [Unit] Description=Run glance-setup Ansible scripts +ConditionPathExists=/etc/openstack/glance.conf After=local-fs.target openstack-keystone-setup.service postgres-server-setup.service [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-api.service b/openstack/usr/lib/systemd/system/openstack-ironic-api.service index 83d56787..8d05d424 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-api.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) API server +ConditionPathExists=/etc/ironic/ironic.conf After=syslog.target network-online.target Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service index f276f6f0..8ce3f840 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service @@ -1,5 +1,6 @@ [Unit] Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) Conductor server +ConditionPathExists=/etc/ironic/ironic.conf After=syslog.target network-online.target Wants=network-online.target diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service index 5560b881..6d118f18 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service @@ -1,5 +1,6 @@ [Unit] Description=Run ironic-setup Ansible scripts +ConditionPathExists=/etc/openstack/ironic.conf After=local-fs.target openstack-keystone-setup.service postgres-server-setup.service [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-keystone.service b/openstack/usr/lib/systemd/system/openstack-keystone.service index 0aa9e1ef..9e791659 100644 --- a/openstack/usr/lib/systemd/system/openstack-keystone.service +++ b/openstack/usr/lib/systemd/system/openstack-keystone.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Identity Service (code-named Keystone) After=syslog.target network-online.target +ConditionPathExists=/etc/keystone/keystone.conf Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service index eeb43899..2813081e 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run nova-config-setup Ansible scripts -ConditionPathExists=/etc/openstack/neutron.conf +ConditionPathExists=/etc/openstack/nova.conf After=openstack-keystone-setup.service [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index ee405279..238df3c7 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run nova-db-setup Ansible scripts -ConditionPathExists=/etc/openstack/neutron.conf +ConditionPathExists=/etc/openstack/nova.conf After=postgres-server-setup.service openstack-keystone-setup.service openstack-nova-config-setup.service [Service] diff --git a/openstack/usr/lib/systemd/system/postgres-server-setup.service b/openstack/usr/lib/systemd/system/postgres-server-setup.service index 5bb70eb7..a185db3d 100644 --- a/openstack/usr/lib/systemd/system/postgres-server-setup.service +++ b/openstack/usr/lib/systemd/system/postgres-server-setup.service @@ -1,5 +1,6 @@ [Unit] Description=Run postgres-setup Ansible scripts +ConditionPathExists=/etc/openstack/postgres.conf After=local-fs.target [Service] diff --git a/openstack/usr/share/openstack/postgres.yml b/openstack/usr/share/openstack/postgres.yml index 3cf23704..5ff9355e 100644 --- a/openstack/usr/share/openstack/postgres.yml +++ b/openstack/usr/share/openstack/postgres.yml @@ -1,7 +1,7 @@ --- - hosts: localhost vars_files: - - "/etc/openstack/keystone.conf" + - "/etc/openstack/postgres.conf" tasks: - name: Create postgres user -- cgit v1.2.1 From 08b86b8d76c3abce0588387f50c213a8b5d23b2b Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 10:28:22 +0000 Subject: openstack: add missing RemainAfterExit=yes Change-Id: I88e3e3e0f2b94b1ee84c706a29a439a09f370e8e --- openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service | 1 + openstack/usr/lib/systemd/system/openstack-keystone-setup.service | 1 + openstack/usr/lib/systemd/system/openstack-network-setup.service | 1 + openstack/usr/lib/systemd/system/openstack-nova-config-setup.service | 1 + openstack/usr/lib/systemd/system/openstack-nova-db-setup.service | 1 + openstack/usr/lib/systemd/system/openvswitch-setup.service | 1 + openstack/usr/lib/systemd/system/postgres-server-setup.service | 1 + openstack/usr/lib/systemd/system/swift-controller-setup.service | 1 + swift/usr/lib/systemd/system/swift-storage-setup.service | 1 + 9 files changed, 9 insertions(+) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service index 8c6f39ab..6ec58a70 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service @@ -5,6 +5,7 @@ After=postgres-server.service openstack-keystone.service openstack-keystone-setu [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ceilometer-db.yml [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service index b5348735..2406513c 100644 --- a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service @@ -6,6 +6,7 @@ ConditionPathExists=/etc/openstack/keystone.conf [Service] # Oneshot, since others setup have to wait until this service finishes Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/keystone.yml [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-network-setup.service b/openstack/usr/lib/systemd/system/openstack-network-setup.service index 90c9ecf7..bf79aaaa 100644 --- a/openstack/usr/lib/systemd/system/openstack-network-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-network-setup.service @@ -5,6 +5,7 @@ Before=systemd-networkd.service [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/network.yml [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service index 2813081e..973e16e1 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service @@ -5,6 +5,7 @@ After=openstack-keystone-setup.service [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova-config.yml [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index 238df3c7..20c31db0 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -5,6 +5,7 @@ After=postgres-server-setup.service openstack-keystone-setup.service openstack-n [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova-db.yml [Install] diff --git a/openstack/usr/lib/systemd/system/openvswitch-setup.service b/openstack/usr/lib/systemd/system/openvswitch-setup.service index 6fdd7db6..8393ebbc 100644 --- a/openstack/usr/lib/systemd/system/openvswitch-setup.service +++ b/openstack/usr/lib/systemd/system/openvswitch-setup.service @@ -4,6 +4,7 @@ After=local-fs.target [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/openstack/hosts /usr/share/openstack/openvswitch.yml [Install] diff --git a/openstack/usr/lib/systemd/system/postgres-server-setup.service b/openstack/usr/lib/systemd/system/postgres-server-setup.service index a185db3d..202c0636 100644 --- a/openstack/usr/lib/systemd/system/postgres-server-setup.service +++ b/openstack/usr/lib/systemd/system/postgres-server-setup.service @@ -5,6 +5,7 @@ After=local-fs.target [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/openstack/hosts /usr/share/openstack/postgres.yml [Install] diff --git a/openstack/usr/lib/systemd/system/swift-controller-setup.service b/openstack/usr/lib/systemd/system/swift-controller-setup.service index 558ab13d..ac5cc240 100644 --- a/openstack/usr/lib/systemd/system/swift-controller-setup.service +++ b/openstack/usr/lib/systemd/system/swift-controller-setup.service @@ -4,6 +4,7 @@ After=local-fs.target postgres-server-setup.service openstack-keystone-setup.ser [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/swift-controller.yml Restart=no diff --git a/swift/usr/lib/systemd/system/swift-storage-setup.service b/swift/usr/lib/systemd/system/swift-storage-setup.service index dcba1017..3df31163 100644 --- a/swift/usr/lib/systemd/system/swift-storage-setup.service +++ b/swift/usr/lib/systemd/system/swift-storage-setup.service @@ -4,6 +4,7 @@ After=local-fs.target postgres-server-setup.service [Service] Type=oneshot +RemainAfterExit=yes ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/swift/hosts /usr/share/swift/swift-storage.yml Restart=no -- cgit v1.2.1 From 18bd5288629a1891b9c0a38bded6b5970c264175 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Mon, 27 Apr 2015 15:41:26 +0000 Subject: openstack: improve services' logging The OpenStack services write their log to stderr even when use_syslog was set to True in the configuration file. This is then captured by journald, resulting in duplicated entries on the log. Set StandardOutput=null and StandardError=null in the unit files to prevent this. As the services log is being dumped on journald, there is no need to duplicate the log in separate log files, so remove --log-file from the unit files as well. Last but not least, enable writing to the syslog for Ironic and Keystone. Change-Id: I7808e8116fc92ecb807f700fd94c9ecf4ee13be2 --- .../lib/systemd/system/openstack-ceilometer-alarm-evaluator.service | 4 +++- .../lib/systemd/system/openstack-ceilometer-alarm-notifier.service | 4 +++- openstack/usr/lib/systemd/system/openstack-ceilometer-api.service | 4 +++- .../usr/lib/systemd/system/openstack-ceilometer-central.service | 4 +++- .../usr/lib/systemd/system/openstack-ceilometer-collector.service | 4 +++- .../usr/lib/systemd/system/openstack-ceilometer-compute.service | 4 +++- .../lib/systemd/system/openstack-ceilometer-notification.service | 4 +++- openstack/usr/lib/systemd/system/openstack-cinder-api.service | 4 +++- openstack/usr/lib/systemd/system/openstack-cinder-backup.service | 4 +++- openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service | 4 +++- openstack/usr/lib/systemd/system/openstack-cinder-volume.service | 4 +++- openstack/usr/lib/systemd/system/openstack-glance-api.service | 2 ++ openstack/usr/lib/systemd/system/openstack-glance-registry.service | 2 ++ openstack/usr/lib/systemd/system/openstack-ironic-api.service | 2 ++ openstack/usr/lib/systemd/system/openstack-ironic-conductor.service | 2 ++ openstack/usr/lib/systemd/system/openstack-keystone.service | 2 ++ .../usr/lib/systemd/system/openstack-neutron-dhcp-agent.service | 5 +++-- openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service | 5 +++-- .../usr/lib/systemd/system/openstack-neutron-metadata-agent.service | 5 +++-- .../usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service | 6 +++--- .../system/openstack-neutron-plugin-openvswitch-agent.service | 5 +++-- openstack/usr/lib/systemd/system/openstack-neutron-server.service | 5 +++-- openstack/usr/lib/systemd/system/openstack-nova-api.service | 2 ++ openstack/usr/lib/systemd/system/openstack-nova-cert.service | 2 ++ openstack/usr/lib/systemd/system/openstack-nova-compute.service | 2 ++ openstack/usr/lib/systemd/system/openstack-nova-conductor.service | 4 +++- openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service | 2 ++ openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service | 2 ++ openstack/usr/lib/systemd/system/openstack-nova-scheduler.service | 2 ++ openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service | 2 ++ openstack/usr/share/openstack/ironic/ironic.conf | 2 +- openstack/usr/share/openstack/keystone/keystone.conf | 2 +- 32 files changed, 80 insertions(+), 27 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service index 627d261a..a5228e4c 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-alarm-evaluator --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/alarm-evaluator.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-alarm-evaluator --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service index c30420ed..fc074b06 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-alarm-notifier --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/alarm-notifier.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-alarm-notifier --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service index 8a6c44d9..31bb78a6 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-api --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/api.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-api --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service index 48d6e5f6..daa91c13 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-agent-central --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/central.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-agent-central --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service index d1de528d..e510285c 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-collector --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/collector.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-collector --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service index 95c6d87d..ccb78e2a 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-agent-compute --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/compute.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-agent-compute --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service index 3385ec9f..fcd210fe 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=ceilometer -ExecStart=/usr/bin/ceilometer-agent-notification --config-file /etc/ceilometer/ceilometer.conf --logfile /var/log/ceilometer/agent-notification.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/ceilometer-agent-notification --config-file /etc/ceilometer/ceilometer.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service index cf84a0e0..d932f862 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-api.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=cinder -ExecStart=/usr/bin/cinder-api --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-api.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/cinder-api --config-file /etc/cinder/cinder.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service index 3293f222..c2c44dd5 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=cinder -ExecStart=/usr/bin/cinder-backup --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-backup.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/cinder-backup --config-file /etc/cinder/cinder.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service index 4de59c10..9e14ead5 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=cinder -ExecStart=/usr/bin/cinder-scheduler --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-scheduler.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/cinder-scheduler --config-file /etc/cinder/cinder.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service index 58afd992..e080b6b3 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service @@ -7,7 +7,9 @@ Wants=network-online.target [Service] Type=simple User=cinder -ExecStart=/usr/bin/cinder-volume --config-file /etc/cinder/cinder.conf --log-file=/var/log/cinder/cinder-volume.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/cinder-volume --config-file /etc/cinder/cinder.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-glance-api.service b/openstack/usr/lib/systemd/system/openstack-glance-api.service index dc9fd2fd..810e0965 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-api.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-api.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=glance +StandardOutput=null +StandardError=null ExecStart=/usr/bin/glance-api --config-file /etc/glance/glance-api.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-glance-registry.service b/openstack/usr/lib/systemd/system/openstack-glance-registry.service index b2cc8b49..02b062ca 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-registry.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-registry.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=glance +StandardOutput=null +StandardError=null ExecStart=/usr/bin/glance-registry --config-file /etc/glance/glance-registry.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-api.service b/openstack/usr/lib/systemd/system/openstack-ironic-api.service index 8d05d424..7b9357f2 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-api.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=ironic +StandardOutput=null +StandardError=null ExecStart=/usr/bin/ironic-api --config-file /etc/ironic/ironic.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service index 8ce3f840..b18f4abf 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=ironic +StandardOutput=null +StandardError=null ExecStart=/usr/bin/ironic-conductor --config-file /etc/ironic/ironic.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-keystone.service b/openstack/usr/lib/systemd/system/openstack-keystone.service index 9e791659..f9cc66f4 100644 --- a/openstack/usr/lib/systemd/system/openstack-keystone.service +++ b/openstack/usr/lib/systemd/system/openstack-keystone.service @@ -8,6 +8,8 @@ Wants=network-online.target Type=notify Restart=always User=keystone +StandardOutput=null +StandardError=null ExecStart=/usr/bin/keystone-all --config-file /etc/keystone/keystone.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service index 17a37750..9080f3c1 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-dhcp-agent.service @@ -7,10 +7,11 @@ Wants=network-online.target [Service] Type=simple User=neutron +StandardOutput=null +StandardError=null ExecStart=/usr/bin/neutron-dhcp-agent \ --config-file=/etc/neutron/neutron.conf \ - --config-file=/etc/neutron/dhcp_agent.ini \ - --log-file=/var/log/neutron/dhcp-agent.log + --config-file=/etc/neutron/dhcp_agent.ini [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service index 2e966666..76efea5c 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-l3-agent.service @@ -7,11 +7,12 @@ Wants=network-online.target [Service] Type=simple User=neutron +StandardOutput=null +StandardError=null ExecStart=/usr/bin/neutron-l3-agent \ --config-file=/etc/neutron/neutron.conf \ --config-file=/etc/neutron/l3_agent.ini \ - --config-file=/etc/neutron/fwaas_driver.ini \ - --log-file=/var/log/neutron/l3-agent.log + --config-file=/etc/neutron/fwaas_driver.ini [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service index 816abeed..20540e4c 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-metadata-agent.service @@ -7,10 +7,11 @@ Wants=network-online.target [Service] Type=simple User=neutron +StandardOutput=null +StandardError=null ExecStart=/usr/bin/neutron-metadata-agent \ --config-file=/etc/neutron/neutron.conf \ - --config-file=/etc/neutron/metadata_agent.ini \ - --log-file=/var/log/neutron/metadata-agent.log + --config-file=/etc/neutron/metadata_agent.ini [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service index 0a794838..b968232e 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service @@ -9,10 +9,10 @@ ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup [Service] Type=oneshot RemainAfterExit=yes +StandardOutput=null +StandardError=null User=neutron -ExecStart=/usr/bin/neutron-ovs-cleanup \ - --log-file /var/log/neutron/ovs-cleanup.log \ - --config-file /etc/neutron/neutron.conf --verbose +ExecStart=/usr/bin/neutron-ovs-cleanup --config-file /etc/neutron/neutron.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service index b162b11c..6c579a62 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-plugin-openvswitch-agent.service @@ -7,10 +7,11 @@ Wants=network-online.target [Service] Type=simple User=neutron +StandardOutput=null +StandardError=null ExecStart=/usr/bin/neutron-openvswitch-agent \ --config-file=/etc/neutron/neutron.conf \ - --config-file=/etc/neutron/plugins/ml2/ml2_conf.ini \ - --log-file=/var/log/neutron/openvswitch-agent.log + --config-file=/etc/neutron/plugins/ml2/ml2_conf.ini [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-server.service b/openstack/usr/lib/systemd/system/openstack-neutron-server.service index a43b5bb8..eb839f0c 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-server.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-server.service @@ -7,10 +7,11 @@ Wants=network-online.target [Service] Type=simple User=neutron +StandardOutput=null +StandardError=null ExecStart=/usr/bin/neutron-server \ --config-file=/etc/neutron/neutron.conf \ - --config-file=/etc/neutron/plugins/ml2/ml2_conf.ini \ - --log-file=/var/log/neutron/neutron-server.log + --config-file=/etc/neutron/plugins/ml2/ml2_conf.ini [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-api.service b/openstack/usr/lib/systemd/system/openstack-nova-api.service index d06afcaa..521353db 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-api.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-api.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-api --config-file /etc/nova/nova.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-cert.service b/openstack/usr/lib/systemd/system/openstack-nova-cert.service index 418b060c..b3733816 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-cert.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-cert.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-cert --config-file /etc/nova/nova.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service index c9c6924c..b1e76221 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service @@ -8,6 +8,8 @@ Requires=libvirtd.service [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/nova-compute.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service index bf8e0631..91021b5a 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service @@ -8,7 +8,9 @@ Requires=libvirtd.service [Service] Type=simple User=nova -ExecStart=/usr/bin/nova-conductor --config-file /etc/nova/nova.conf --logfile /var/log/nova/conductor.log +StandardOutput=null +StandardError=null +ExecStart=/usr/bin/nova-conductor --config-file /etc/nova/nova.conf [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service index 68607354..e22780a9 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-consoleauth --config-file /etc/nova/nova.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service index ecdadde2..8cbb20fd 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-novncproxy --config-file /etc/nova/nova.conf --web /usr/share/novnc [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service index 9009d49a..e89f0d3e 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-scheduler --config-file /etc/nova/nova.conf [Install] diff --git a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service index 5f5a5b41..30af8305 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service @@ -7,6 +7,8 @@ Wants=network-online.target [Service] Type=simple User=nova +StandardOutput=null +StandardError=null ExecStart=/usr/bin/nova-serialproxy --config-file /etc/nova/nova.conf [Install] diff --git a/openstack/usr/share/openstack/ironic/ironic.conf b/openstack/usr/share/openstack/ironic/ironic.conf index 6888ede6..75c62b8e 100644 --- a/openstack/usr/share/openstack/ironic/ironic.conf +++ b/openstack/usr/share/openstack/ironic/ironic.conf @@ -442,7 +442,7 @@ enabled_drivers=pxe_ipmitool,pxe_ssh # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) -#use_syslog=false +use_syslog=True # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog diff --git a/openstack/usr/share/openstack/keystone/keystone.conf b/openstack/usr/share/openstack/keystone/keystone.conf index 3d242a50..4e04c81b 100644 --- a/openstack/usr/share/openstack/keystone/keystone.conf +++ b/openstack/usr/share/openstack/keystone/keystone.conf @@ -421,7 +421,7 @@ rpc_backend=rabbit # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) -#use_syslog=false +use_syslog=True # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog -- cgit v1.2.1 From 95fccd0a35096fa9969ee43fffd74ce8f4ed584e Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 29 Apr 2015 15:12:01 +0000 Subject: openstack: update ceilometer-db-setup dependencies keystone.service and postgres.service are only enabled in their setup scripts. As disabled units are ignored in the After section, depend on their setup scripts instead. Change-Id: I6edd96e9fe97b10752f031086a3ea4700d52513c --- openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service index 6ec58a70..2e3fa75f 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run ceilometer-db-setup Ansible scripts ConditionPathExists=/etc/openstack/ceilometer.conf -After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service openstack-ceilometer-config-setup.service +After=postgres-server-setup.service openstack-keystone-setup.service openstack-ceilometer-config-setup.service [Service] Type=oneshot -- cgit v1.2.1 From 3f3a53a9e49d63e525d27a989ac1771c3d7d3d3a Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 09:29:40 +0000 Subject: openstack: nova-config-setup does not require keystone Change-Id: Ia1107891c479d4faf13ba1d85564171519a8fc80 --- openstack/usr/lib/systemd/system/openstack-nova-config-setup.service | 1 - 1 file changed, 1 deletion(-) diff --git a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service index 973e16e1..df669aa9 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service @@ -1,7 +1,6 @@ [Unit] Description=Run nova-config-setup Ansible scripts ConditionPathExists=/etc/openstack/nova.conf -After=openstack-keystone-setup.service [Service] Type=oneshot -- cgit v1.2.1 From 7e1e2e770d60f083be59285ea4eeb0214c3bf306 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 29 Apr 2015 13:47:42 +0000 Subject: openstack: add network-online dependency to some systemd units To use keystone and postgres the network needs to be online. Change-Id: Iaa0ed242b9cadca2bc8519cbc00e6cc9ea4745b4 --- openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service | 3 ++- openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service | 3 ++- openstack/usr/lib/systemd/system/openstack-glance-setup.service | 3 ++- openstack/usr/lib/systemd/system/openstack-ironic-setup.service | 3 ++- openstack/usr/lib/systemd/system/openstack-keystone-setup.service | 3 ++- .../usr/lib/systemd/system/openstack-neutron-config-setup.service | 3 ++- openstack/usr/lib/systemd/system/openstack-nova-db-setup.service | 3 ++- openstack/usr/lib/systemd/system/swift-controller-setup.service | 3 ++- openstack/usr/lib/systemd/system/swift-proxy.service | 3 ++- 9 files changed, 18 insertions(+), 9 deletions(-) diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service index 2e3fa75f..7a785227 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-db-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run ceilometer-db-setup Ansible scripts ConditionPathExists=/etc/openstack/ceilometer.conf -After=postgres-server-setup.service openstack-keystone-setup.service openstack-ceilometer-config-setup.service +After=network-online.target postgres-server-setup.service openstack-keystone-setup.service openstack-ceilometer-config-setup.service +Wants=network-online.target [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service index cc99d0cb..0e42bbc0 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run cinder-db-setup Ansible scripts ConditionPathExists=/etc/openstack/cinder.conf -After=postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service +After=network-online.target postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service +Wants=network-online.target [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-glance-setup.service b/openstack/usr/lib/systemd/system/openstack-glance-setup.service index b4ec3f02..95077873 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run glance-setup Ansible scripts ConditionPathExists=/etc/openstack/glance.conf -After=local-fs.target openstack-keystone-setup.service postgres-server-setup.service +After=local-fs.target network-online.target openstack-keystone-setup.service postgres-server-setup.service +Wants=network-online.target [Service] ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/glance.yml diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service index 6d118f18..626c1fb6 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run ironic-setup Ansible scripts ConditionPathExists=/etc/openstack/ironic.conf -After=local-fs.target openstack-keystone-setup.service postgres-server-setup.service +After=local-fs.target network-online.target openstack-keystone-setup.service postgres-server-setup.service +Wants=network-online.target [Service] ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/ironic.yml diff --git a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service index 2406513c..db9d0b2b 100644 --- a/openstack/usr/lib/systemd/system/openstack-keystone-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-keystone-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run keystone-setup Ansible scripts -After=local-fs.target postgres-server-setup.service ConditionPathExists=/etc/openstack/keystone.conf +After=local-fs.target network-online.target postgres-server-setup.service +Wants=network-online.target [Service] # Oneshot, since others setup have to wait until this service finishes diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service index 7a1d812b..b74f44ab 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-config-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run neutron-config-setup Ansible scripts ConditionPathExists=/etc/openstack/neutron.conf -After=openstack-keystone-setup.service +After=network-online.target openstack-keystone-setup.service +Wants=network-online.target [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service index 20c31db0..8e004327 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service @@ -1,7 +1,8 @@ [Unit] Description=Run nova-db-setup Ansible scripts ConditionPathExists=/etc/openstack/nova.conf -After=postgres-server-setup.service openstack-keystone-setup.service openstack-nova-config-setup.service +After=network-online.target postgres-server-setup.service openstack-keystone-setup.service openstack-nova-config-setup.service +Wants=network-online.target [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/swift-controller-setup.service b/openstack/usr/lib/systemd/system/swift-controller-setup.service index ac5cc240..ccfbcbe6 100644 --- a/openstack/usr/lib/systemd/system/swift-controller-setup.service +++ b/openstack/usr/lib/systemd/system/swift-controller-setup.service @@ -1,6 +1,7 @@ [Unit] Description=Run swift-controller-setup (once) -After=local-fs.target postgres-server-setup.service openstack-keystone-setup.service +After=local-fs.target network-online.target postgres-server-setup.service openstack-keystone-setup.service +Wants=network-online.target [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/swift-proxy.service b/openstack/usr/lib/systemd/system/swift-proxy.service index 0b98634a..37354364 100644 --- a/openstack/usr/lib/systemd/system/swift-proxy.service +++ b/openstack/usr/lib/systemd/system/swift-proxy.service @@ -1,6 +1,7 @@ [Unit] Description=OpenStack Swift Proxy Server -After=syslog.target network.target memcached.service openstack-keystone-setup.service swift-controller-setup.service +After=syslog.target network-online.target network.target memcached.service openstack-keystone-setup.service swift-controller-setup.service +Wants=network-online.target [Service] Type=forking -- cgit v1.2.1 From 690ced72fb60990d2de5ab02b2668b3cdbe13d0d Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Tue, 28 Apr 2015 17:09:47 +0000 Subject: openstack: remove a not existing unit in 'Afters' Change-Id: I6de006be2330be4d0bd84e48e9fc98d81d4b1aaf --- openstack/usr/lib/systemd/system/openstack-neutron-server.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-server.service b/openstack/usr/lib/systemd/system/openstack-neutron-server.service index eb839f0c..6376c3d8 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-server.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-server.service @@ -1,7 +1,7 @@ [Unit] Description=Neutron Api Server ConditionPathExists=/etc/neutron/neutron.conf -After=openstack-neutron-network-configuration-one-node.service network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service +After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service Wants=network-online.target [Service] -- cgit v1.2.1 From bca3346432cda978483f3908b3c2e005f283c310 Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Wed, 29 Apr 2015 14:08:26 +0000 Subject: openstack: finishing tidy up systemd unit files * Add db-setup to the 'Afters' for ceilometer * Improve order of units in 'Afters' * Remove deprecated syslog.target * Add missing Wants=network-online.target Change-Id: I4936126b78946dbdfe77213cc5202b39ea6a50cb --- openstack/usr/lib/systemd/system/iscsi-setup.service | 2 +- .../usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service | 2 +- .../usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-central.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service | 2 +- openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service | 2 +- .../usr/lib/systemd/system/openstack-ceilometer-notification.service | 2 +- openstack/usr/lib/systemd/system/openstack-cinder-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-cinder-backup.service | 2 +- openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service | 2 +- openstack/usr/lib/systemd/system/openstack-cinder-volume.service | 2 +- openstack/usr/lib/systemd/system/openstack-glance-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-glance-registry.service | 2 +- openstack/usr/lib/systemd/system/openstack-glance-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-ironic-api.service | 2 +- openstack/usr/lib/systemd/system/openstack-ironic-conductor.service | 2 +- openstack/usr/lib/systemd/system/openstack-ironic-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-keystone.service | 2 +- openstack/usr/lib/systemd/system/openstack-network-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service | 2 +- openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service | 2 +- openstack/usr/lib/systemd/system/openstack-nova-compute.service | 2 +- openstack/usr/lib/systemd/system/openstack-nova-conductor.service | 2 +- openstack/usr/lib/systemd/system/openvswitch.service | 2 +- openstack/usr/lib/systemd/system/postgres-server.service | 1 + openstack/usr/lib/systemd/system/rabbitmq-server.service | 2 +- openstack/usr/lib/systemd/system/swift-proxy.service | 2 +- 29 files changed, 29 insertions(+), 28 deletions(-) diff --git a/openstack/usr/lib/systemd/system/iscsi-setup.service b/openstack/usr/lib/systemd/system/iscsi-setup.service index c9e5ee59..4cb10045 100644 --- a/openstack/usr/lib/systemd/system/iscsi-setup.service +++ b/openstack/usr/lib/systemd/system/iscsi-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run iscsi-setup Ansible scripts Before=iscsid.service target.service -Wants= iscsid.service target.service +Wants=iscsid.service target.service [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service index a5228e4c..6e3ada59 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer alarm evaluation service ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-config-setup.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service index fc074b06..7a3e1c91 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer alarm notification service ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-config-setup.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service index 31bb78a6..eb0293bf 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-api.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer API service ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-config-setup.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service index daa91c13..a1bc11ee 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-central.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer central agent ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-collector.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service openstack-ceilometer-collector.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service index e510285c..dafc3ac7 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-collector.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer collection service ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-config-setup.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service index ccb78e2a..9fe8a1e6 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-compute.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer compute agent ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-config-setup.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service index fcd210fe..6696116e 100644 --- a/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service +++ b/openstack/usr/lib/systemd/system/openstack-ceilometer-notification.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack ceilometer notification agent ConditionPathExists=/etc/ceilometer/ceilometer.conf -After=syslog.target network-online.target openstack-ceilometer-collector.service +After=network-online.target openstack-ceilometer-config-setup.service openstack-ceilometer-db-setup.service openstack-ceilometer-collector.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-api.service b/openstack/usr/lib/systemd/system/openstack-cinder-api.service index d932f862..a284f31d 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-api.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-api.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Volume Service (code-named Cinder) API server ConditionPathExists=/etc/cinder/cinder.conf -After=postgres-server-setup.service network-online.target openstack-cinder-db-setup.service openstack-cinder-config-setup.service +After=network-online.target openstack-cinder-config-setup.service openstack-cinder-db-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service index c2c44dd5..c14e13aa 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-backup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-backup.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Cinder backup server ConditionPathExists=/etc/cinder/cinder.conf -After=network-online.target openstack-cinder-volume.service openstack-cinder-db-setup.service openstack-cinder-config-setup.service +After=network-online.target openstack-cinder-config-setup.service openstack-cinder-db-setup.service openstack-cinder-volume.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service index 0e42bbc0..a3c66d67 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-db-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run cinder-db-setup Ansible scripts ConditionPathExists=/etc/openstack/cinder.conf -After=network-online.target postgres-server-setup.service openstack-cinder-config-setup.service openstack-keystone-setup.service +After=network-online.target postgres-server-setup.service openstack-keystone-setup.service openstack-cinder-config-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service index 9e14ead5..f205aaff 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-scheduler.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Cinder scheduler server ConditionPathExists=/etc/cinder/cinder.conf -After=network-online.target openstack-cinder-volume.service openstack-cinder-db-setup.service openstack-cinder-config-setup.service +After=network-online.target openstack-cinder-config-setup.service openstack-cinder-db-setup.service openstack-cinder-volume.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service index e080b6b3..c56ee693 100644 --- a/openstack/usr/lib/systemd/system/openstack-cinder-volume.service +++ b/openstack/usr/lib/systemd/system/openstack-cinder-volume.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Cinder volume server ConditionPathExists=/etc/cinder/cinder.conf -After=network-online.target openstack-cinder-lv-setup.service openstack-cinder-config-setup.service openstack-cinder-db-setup.service lvm2-lvmetad.service iscsid.service target.service +After=network-online.target openstack-cinder-config-setup.service openstack-cinder-db-setup.service openstack-cinder-lv-setup.service lvm2-lvmetad.service iscsid.service target.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-glance-api.service b/openstack/usr/lib/systemd/system/openstack-glance-api.service index 810e0965..4c34ff10 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-api.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-api.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Image Service (code-named Glance) API server ConditionPathExists=/etc/glance/glance-api.conf -After=syslog.target network-online.target +After=network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-glance-registry.service b/openstack/usr/lib/systemd/system/openstack-glance-registry.service index 02b062ca..d53c8b33 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-registry.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-registry.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Image Service (code-named Glance) Registry server ConditionPathExists=/etc/glance/glance-registry.conf -After=syslog.target network-online.target +After=network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-glance-setup.service b/openstack/usr/lib/systemd/system/openstack-glance-setup.service index 95077873..43810797 100644 --- a/openstack/usr/lib/systemd/system/openstack-glance-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-glance-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run glance-setup Ansible scripts ConditionPathExists=/etc/openstack/glance.conf -After=local-fs.target network-online.target openstack-keystone-setup.service postgres-server-setup.service +After=local-fs.target network-online.target postgres-server-setup.service openstack-keystone-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-api.service b/openstack/usr/lib/systemd/system/openstack-ironic-api.service index 7b9357f2..5a286a95 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-api.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-api.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) API server ConditionPathExists=/etc/ironic/ironic.conf -After=syslog.target network-online.target +After=network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service index b18f4abf..b3b226e0 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-conductor.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Bare Metal Provisioning Service (code-named Ironic) Conductor server ConditionPathExists=/etc/ironic/ironic.conf -After=syslog.target network-online.target +After=network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service index 626c1fb6..e3a58eb5 100644 --- a/openstack/usr/lib/systemd/system/openstack-ironic-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-ironic-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run ironic-setup Ansible scripts ConditionPathExists=/etc/openstack/ironic.conf -After=local-fs.target network-online.target openstack-keystone-setup.service postgres-server-setup.service +After=local-fs.target network-online.target postgres-server-setup.service openstack-keystone-setup.service Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-keystone.service b/openstack/usr/lib/systemd/system/openstack-keystone.service index f9cc66f4..6f6ff644 100644 --- a/openstack/usr/lib/systemd/system/openstack-keystone.service +++ b/openstack/usr/lib/systemd/system/openstack-keystone.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Identity Service (code-named Keystone) -After=syslog.target network-online.target ConditionPathExists=/etc/keystone/keystone.conf +After=network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-network-setup.service b/openstack/usr/lib/systemd/system/openstack-network-setup.service index bf79aaaa..021370d9 100644 --- a/openstack/usr/lib/systemd/system/openstack-network-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-network-setup.service @@ -1,6 +1,6 @@ [Unit] Description=Run Ansible scripts to configure internal network for OpenStack -After=openvswitch.service openvswitch-setup.service +After=openvswitch-setup.service openvswitch.service Before=systemd-networkd.service [Service] diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service index 9eff9ea5..5d07da2e 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-db-setup.service @@ -6,8 +6,8 @@ Wants=network-online.target [Service] Type=oneshot -ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/neutron-db.yml RemainAfterExit=yes +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/neutron-db.yml [Install] WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service index b968232e..f5709028 100644 --- a/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service +++ b/openstack/usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service @@ -1,10 +1,10 @@ [Unit] Description=Neutron OVS cleanup ConditionPathExists=/etc/neutron/neutron.conf +ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup After=network-online.target openstack-neutron-config-setup.service openstack-neutron-db-setup.service openvswitch.service Before=openstack-neutron-plugin-openvswitch-agent.service Wants=network-online.target -ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup [Service] Type=oneshot diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service index b1e76221..4f9b8196 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-compute.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service @@ -1,7 +1,7 @@ [Unit] Description=OpenStack Compute Service (code-named Nova) compute server ConditionPathExists=/etc/nova/nova.conf -After=network-online.target libvirtd.service openstack-nova-config-setup.service openstack-nova-db-setup.service +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service libvirtd.service Wants=network-online.target Requires=libvirtd.service diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service index 91021b5a..4c0d7d43 100644 --- a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service +++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service @@ -1,7 +1,7 @@ [Unit] Description=Database-access support for Compute nodes (nova-conductor) ConditionPathExists=/etc/nova/nova.conf -After=network-online.target libvirtd.service openstack-nova-config-setup.service openstack-nova-db-setup.service +After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service libvirtd.service Wants=network-online.target Requires=libvirtd.service diff --git a/openstack/usr/lib/systemd/system/openvswitch.service b/openstack/usr/lib/systemd/system/openvswitch.service index 6f1a93a8..70a640de 100644 --- a/openstack/usr/lib/systemd/system/openvswitch.service +++ b/openstack/usr/lib/systemd/system/openvswitch.service @@ -1,8 +1,8 @@ [Unit] Description=Open vSwitch Daemon -Wants=network-pre.target After=openvswitch-initialize-db.service Before=network-pre.target +Wants=network-pre.target [Service] Type=forking diff --git a/openstack/usr/lib/systemd/system/postgres-server.service b/openstack/usr/lib/systemd/system/postgres-server.service index af0e9621..9e11f26d 100644 --- a/openstack/usr/lib/systemd/system/postgres-server.service +++ b/openstack/usr/lib/systemd/system/postgres-server.service @@ -1,6 +1,7 @@ [Unit] Description=PostgreSQL database server After=network-online.target +Wants=network-online.target [Service] Type=forking diff --git a/openstack/usr/lib/systemd/system/rabbitmq-server.service b/openstack/usr/lib/systemd/system/rabbitmq-server.service index f161b9d0..1a20f3e4 100644 --- a/openstack/usr/lib/systemd/system/rabbitmq-server.service +++ b/openstack/usr/lib/systemd/system/rabbitmq-server.service @@ -1,6 +1,6 @@ [Unit] Description=RabbitMQ broker -After=syslog.target network-online.target +After=network-online.target Wants=network-online.target [Service] diff --git a/openstack/usr/lib/systemd/system/swift-proxy.service b/openstack/usr/lib/systemd/system/swift-proxy.service index 37354364..7b0a2e17 100644 --- a/openstack/usr/lib/systemd/system/swift-proxy.service +++ b/openstack/usr/lib/systemd/system/swift-proxy.service @@ -1,6 +1,6 @@ [Unit] Description=OpenStack Swift Proxy Server -After=syslog.target network-online.target network.target memcached.service openstack-keystone-setup.service swift-controller-setup.service +After=network-online.target swift-controller-setup.service memcached.service Wants=network-online.target [Service] -- cgit v1.2.1 From 3991e8d0978dbaaa2ef12e932d6152882be63832 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 11:32:07 +0000 Subject: Rename pexpect in openstack-services to distinguish from cxmanage one The openstack-services pexpect is pointing to the active fork of the pexpect package, the cxmanage one is pointing to an old version of the package, so for the moment they will be distinguished by name. Change-Id: Ied5518a9c7502a43ad71c25fb6df3f7867951d4d --- strata/openstack-services.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 04e8fd8e..c02e126d 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -202,7 +202,7 @@ chunks: ref: 8ffb4739d596fb1aac5d62d173d1e6f80270af9d unpetrify-ref: v2.1.fb52 morph: strata/openstack-services/rtslib-fb.morph -- name: pexpect +- name: python-pexpect repo: upstream:python-packages/pexpect ref: 671417beb41c21f772687c565196fdde444b053b unpetrify-ref: 3.3 -- cgit v1.2.1 From 4c487598e3d25b304507d1b87d26d065714a24ad Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 12:01:33 +0000 Subject: Move boto to python-common stratum Remove duplicated boto chunk morphology and add it to a common strata. Change-Id: I532416013a767eb613c4e23a0538105f3795604b --- strata/cloudinit-support.morph | 5 ----- strata/openstack-services.morph | 6 ------ strata/python-common.morph | 4 ++++ 3 files changed, 4 insertions(+), 11 deletions(-) diff --git a/strata/cloudinit-support.morph b/strata/cloudinit-support.morph index 92d6f03d..9c89c7e4 100644 --- a/strata/cloudinit-support.morph +++ b/strata/cloudinit-support.morph @@ -11,15 +11,10 @@ chunks: repo: upstream:python-cheetah ref: 831aa6b99d9b4fb012ee644d8e80e0bc0eb6d6ed unpetrify-ref: baserock/morph -- name: boto - repo: upstream:boto - ref: bd49c22b5a30bf58096d58efc4762f1fea3e2caf - unpetrify-ref: baserock/morph - name: cloud-init morph: strata/cloudinit-support/cloud-init.morph repo: upstream:cloud-init ref: 130d51acc5b0becd64e7007f9dfe41a6e022eaec unpetrify-ref: baserock/morph build-depends: - - boto - python-cheetah diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index c02e126d..37c3a5c8 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -270,10 +270,6 @@ chunks: repo: upstream:python-packages/retrying ref: cab083eb5791615fadbc0c98ad77a70d64b77d0d unpetrify-ref: v1.3.1 -- name: boto - repo: upstream:boto - ref: 2517f660f8ef9012708d46da3a36ab967993d2f6 - unpetrify-ref: 2.33.0 - name: oslo-messaging repo: upstream:openstack/oslo-messaging ref: 6ea3b12492e86f9e8d109fc3490cc4d3a0edd8b6 @@ -348,7 +344,6 @@ chunks: - sqlalchemy - anyjson - routes - - boto - sqlalchemy-migrate - httplib2 - kombu @@ -440,7 +435,6 @@ chunks: build-depends: - sqlalchemy - anyjson - - boto - keystonemiddleware - kombu - routes diff --git a/strata/python-common.morph b/strata/python-common.morph index 54048ed7..e724d912 100644 --- a/strata/python-common.morph +++ b/strata/python-common.morph @@ -68,3 +68,7 @@ chunks: repo: upstream:python-packages/networkx ref: 8ac796aba866ade1a56b83e30f25ed392ca3512c unpetrify-ref: networkx-1.9.1 +- name: boto + repo: upstream:boto + ref: 2517f660f8ef9012708d46da3a36ab967993d2f6 + unpetrify-ref: 2.33.0 -- cgit v1.2.1 From a6a53e7dbef3c88c9d301456398544b76c93cebe Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 29 Apr 2015 14:17:02 +0000 Subject: Update openstack services to latest Juno tag 2014.2.3 Change-Id: I3ebe354e7c19dd2824cad7271fb7be66e9e96919 --- strata/openstack-services.morph | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 37c3a5c8..2da677e9 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -338,8 +338,8 @@ chunks: unpetrify-ref: 0.1.8 - name: glance repo: upstream:openstack/glance - ref: 055adff1d95dca72074da898b541cb4a6b62406d - unpetrify-ref: 2014.2.1 + ref: 1db07bd8c07bbcde4bd267985c4e3961c22b990e + unpetrify-ref: 2014.2.3 build-depends: - sqlalchemy - anyjson @@ -362,8 +362,8 @@ chunks: unpetrify-ref: 0.1.13 - name: keystone repo: upstream:openstack/keystone - ref: 615f79bb97883eee76923527cea13c2f72baa7ff - unpetrify-ref: 2014.2.1 + ref: 91a33875385ca296d24f67d4ef9629a2b33bed99 + unpetrify-ref: 2014.2.3 build-depends: - paste - routes @@ -381,8 +381,8 @@ chunks: - name: neutron morph: strata/openstack-services/neutron.morph repo: upstream:openstack/neutron - ref: dfa4b4b9b6b19a627cfb5eb5c6ab9db4961a06ea - unpetrify-ref: 2014.2.1 + ref: 96b5962646510ee67b322aa82242e02e3edfaa83 + unpetrify-ref: 2014.2.3 build-depends: - paste - routes @@ -430,8 +430,8 @@ chunks: - name: nova morph: strata/openstack-services/nova.morph repo: upstream:openstack/nova - ref: ba25e9ea6d0d42dd3b78cc6440710fd9362ae1b5 - unpetrify-ref: 2014.2.1 + ref: e6452b995023e89bf6f1a1fb14f39216f83c760b + unpetrify-ref: 2014.2.3 build-depends: - sqlalchemy - anyjson @@ -454,8 +454,8 @@ chunks: - name: cinder morph: strata/openstack-services/cinder.morph repo: upstream:openstack/cinder - ref: b48aee211ad9b2571c8554dd162b37b8a8d80a42 - unpetrify-ref: 2014.2.1 + ref: 48c792513fd342a5f82122b12e4ed2afd0de2ae7 + unpetrify-ref: 2014.2.3 build-depends: - anyjson - keystonemiddleware @@ -492,8 +492,8 @@ chunks: - name: ceilometer repo: upstream:openstack/ceilometer morph: strata/openstack-services/ceilometer.morph - ref: 1129b7013359bf242a2ea53be9d4faeccfbfac5a - unpetrify-ref: 2014.2.1 + ref: 720c2b4915caf5decd3da91ea2d6e6291316b940 + unpetrify-ref: 2014.2.3 build-depends: - alembic - anyjson @@ -521,8 +521,8 @@ chunks: - name: horizon morph: strata/openstack-services/horizon.morph repo: upstream:openstack/horizon - ref: 3d9a31e2a05288e9a48a51eb4fe693c42e92aac7 - unpetrify-ref: 2014.2.1 + ref: b37c1f3565e89a7fe3fef5ce76e9c26b22e3e7c4 + unpetrify-ref: 2014.2.3 build-depends: - django-openstack-auth - lockfile -- cgit v1.2.1 From 311537d3650cb106bacc852fed3ae16988ce5dbc Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Fri, 1 May 2015 14:39:04 +0000 Subject: openstack: ensure that /var/run/openvswitch exists This directory is created by the setup script, but as /var/run is a symbolic link to /run, which is a tmpfs mounting point, the directory will not persist across reboots. Hence, ensure that the directory exists before starting the services that require it. Note that we can't get away by adding the openvswitch-setup.service to the Wants of openvswitch.service and openvswitch-db-server.services, as those are enabled and started by the Ansible setup script, and so would create a deadlock. Also, remove non-existent service from the After section. Change-Id: Ic5c16f89a8e71e4ad42f468159d6e604a5ee8e47 --- openstack/usr/lib/systemd/system/openvswitch-db-server.service | 1 + openstack/usr/lib/systemd/system/openvswitch.service | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/openstack/usr/lib/systemd/system/openvswitch-db-server.service b/openstack/usr/lib/systemd/system/openvswitch-db-server.service index 7ea7942a..34a7c812 100644 --- a/openstack/usr/lib/systemd/system/openvswitch-db-server.service +++ b/openstack/usr/lib/systemd/system/openvswitch-db-server.service @@ -4,6 +4,7 @@ After=local-fs.target [Service] Type=forking +ExecStartPre=-/usr/bin/mkdir -p /var/run/openvswitch ExecStart=/usr/sbin/ovsdb-server --remote=punix:/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --pidfile --detach [Install] diff --git a/openstack/usr/lib/systemd/system/openvswitch.service b/openstack/usr/lib/systemd/system/openvswitch.service index 70a640de..113911f6 100644 --- a/openstack/usr/lib/systemd/system/openvswitch.service +++ b/openstack/usr/lib/systemd/system/openvswitch.service @@ -1,11 +1,11 @@ [Unit] Description=Open vSwitch Daemon -After=openvswitch-initialize-db.service Before=network-pre.target Wants=network-pre.target [Service] Type=forking +ExecStartPre=-/usr/bin/mkdir -p /var/run/openvswitch ExecStart=/usr/sbin/ovs-vswitchd --pidfile --detach [Install] -- cgit v1.2.1 From ef6dfb51ad82fb656cacc6e57051df5fc4e523ae Mon Sep 17 00:00:00 2001 From: Tiago Gomes Date: Thu, 7 May 2015 15:50:15 +0000 Subject: Update routes to 2.1 The OpenStack documentation states that Juno is not compatible with 2.0. Change-Id: I250203a4b9e006e54bf1147912600fbd9fef431f --- strata/openstack-services.morph | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/strata/openstack-services.morph b/strata/openstack-services.morph index 2da677e9..773a76f9 100644 --- a/strata/openstack-services.morph +++ b/strata/openstack-services.morph @@ -161,8 +161,8 @@ chunks: unpetrify-ref: 0.6 - name: routes repo: upstream:python-packages/routes - ref: 8b165a52ab568f6fcaaa11cbbc7402e0360f60a3 - unpetrify-ref: v2.0 + ref: 745a9207d9e48e309e292172543bc21075e65e09 + unpetrify-ref: v2.1 build-depends: - repoze-lru - name: passlib -- cgit v1.2.1 From 0bcae8fbd8096eebb8f7506d0ce2facce7b670d3 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Fri, 8 May 2015 11:49:15 +0000 Subject: Update Morph Changes: 524b17f Fix mistake in sysroot.write f9a0607 Raise an error if a stratum build-depends on itself --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 3fdaf125..0e305560 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -36,7 +36,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: 4c0d2a9f9c3b71345d1a59a403c81d2795917a75 + ref: 524b17f6a0aba61a80ec7f538d72ad26b8d157a6 unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From bbd46fd460dc8fb60819b93c992f35e27ad1b0af Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Fri, 8 May 2015 13:06:12 +0100 Subject: Mark that we use definitions version 3 in this repo. Commit 7b23e26d1e2bb24ca72a186 added a configure extension to all systems (install-essential-files.configure). From that point on, the only build tool able to deploy these definitions in Morph commit ed423dc974a61f1c033491 and newer. The first tagged version of Morph that contains this commit is 'baserock-definitions-v3'. Thus, we should consider the install-essential-files.configure extension part of definitions format version 3. It was already impossible to build the 15.19 release of Baserock with the version of Morph from the 15.10 release, due to other incompatible changes that were made to the definitions since 15.10 was released. Change-Id: I05c67cd039bb2124fef667bfe38a84dd9887b646 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 22817d2a..0a70affa 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -version: 2 +version: 3 -- cgit v1.2.1 From 287dd20264b803c1ddf1e0a2d15f63cd9ef12b9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Fri, 8 May 2015 16:19:07 +0100 Subject: Add bsp-armv5l-aspeed stratum Change-Id: I5dbfac93d9c53dd040c403b395303657108d5e43 --- strata/bsp-armv5l-openbmc-aspeed.morph | 19 +++++++++++++++++++ .../linux-armv5l-openbmc-aspeed.morph | 9 +++++++++ strata/bsp-armv5l-openbmc-aspeed/u-boot@aspeed.morph | 14 ++++++++++++++ 3 files changed, 42 insertions(+) create mode 100644 strata/bsp-armv5l-openbmc-aspeed.morph create mode 100644 strata/bsp-armv5l-openbmc-aspeed/linux-armv5l-openbmc-aspeed.morph create mode 100644 strata/bsp-armv5l-openbmc-aspeed/u-boot@aspeed.morph diff --git a/strata/bsp-armv5l-openbmc-aspeed.morph b/strata/bsp-armv5l-openbmc-aspeed.morph new file mode 100644 index 00000000..83bb74ef --- /dev/null +++ b/strata/bsp-armv5l-openbmc-aspeed.morph @@ -0,0 +1,19 @@ +name: bsp-armv5l-openbmc-aspeed +kind: stratum +description: +- | + The set of platform specific components required for booting + armvl5-openbmc-aspeed based systems +build-depends: +- morph: strata/core.morph +chunks: +- name: linux-armv5l-openbmc-aspeed-wedge + morph: strata/bsp-armv5l-openbmc-aspeed/linux-armv5l-openbmc-aspeed.morph + repo: upstream:linux-stable + ref: 5cbce86c2115075b8054e4dba8cdf328aa6fa5b6 + unpetrify-ref: baserock/v2.6.28.9/openbmc_aspeed_wedge +- name: u-boot@aspeed + morph: strata/bsp-armv5l-openbmc-aspeed/u-boot@aspeed.morph + repo: upstream:u-boot + ref: af962087db0b88f4073f8f5a6184cb7f011d224d + unpetrify-ref: baserock/v2013.07+aspeed_wedge diff --git a/strata/bsp-armv5l-openbmc-aspeed/linux-armv5l-openbmc-aspeed.morph b/strata/bsp-armv5l-openbmc-aspeed/linux-armv5l-openbmc-aspeed.morph new file mode 100644 index 00000000..c6e38c63 --- /dev/null +++ b/strata/bsp-armv5l-openbmc-aspeed/linux-armv5l-openbmc-aspeed.morph @@ -0,0 +1,9 @@ +name: linux-armv5l-openbmc-aspeed +kind: chunk +configure-commands: +- make ast2400_defconfig +build-commands: +- make $MAKEFLAGS +install-commands: +- mkdir -p "$DESTDIR"/boot +- cp arch/arm/boot/Image "$DESTDIR/boot/vmlinux" diff --git a/strata/bsp-armv5l-openbmc-aspeed/u-boot@aspeed.morph b/strata/bsp-armv5l-openbmc-aspeed/u-boot@aspeed.morph new file mode 100644 index 00000000..1ded05c5 --- /dev/null +++ b/strata/bsp-armv5l-openbmc-aspeed/u-boot@aspeed.morph @@ -0,0 +1,14 @@ +name: u-boot@aspeed +kind: chunk +configure-commands: +- make ast2400_spi_config +build-commands: +- make +- make tools +install-commands: +- mkdir -p "$DESTDIR$PREFIX/bin" +- install -m 755 tools/img2brec.sh "$DESTDIR$PREFIX/bin/" +- install -m 755 tools/jtagconsole "$DESTDIR$PREFIX/bin/" +- install -m 755 tools/netconsole "$DESTDIR$PREFIX/bin/" +- install -m 755 tools/mkenvimage "$DESTDIR$PREFIX/bin/" +- install -m 755 tools/mkimage "$DESTDIR$PREFIX/bin/" -- cgit v1.2.1 From 9a6003d9ab2ce87ac7db37020bc48c243bd470fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Fri, 8 May 2015 16:19:15 +0100 Subject: Add minimal-system-armv5l-aspeed system Change-Id: If69df4ffd226f2ab447471714d2823f74a201e3a --- systems/minimal-system-armv5l-openbmc-aspeed.morph | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 systems/minimal-system-armv5l-openbmc-aspeed.morph diff --git a/systems/minimal-system-armv5l-openbmc-aspeed.morph b/systems/minimal-system-armv5l-openbmc-aspeed.morph new file mode 100644 index 00000000..fe596057 --- /dev/null +++ b/systems/minimal-system-armv5l-openbmc-aspeed.morph @@ -0,0 +1,20 @@ +name: minimal-system-armv5l-openbmc-aspeed +kind: system +description: The set of strata required to have a minimal system for armv5l +arch: armv5l +strata: +- name: build-essential + morph: strata/build-essential.morph + artifacts: + - build-essential-minimal +- name: bsp-armv5l-openbmc-aspeed + morph: strata/bsp-armv5l-openbmc-aspeed.morph + artifacts: + - bsp-armv5l-openbmc-aspeed-runtime +configuration-extensions: +- set-hostname +- simple-network +- nfsboot +- install-files +- busybox-init +- install-essential-files -- cgit v1.2.1 From cb33af346072a1d2250c2ec74925987e35567ef5 Mon Sep 17 00:00:00 2001 From: Zara Date: Thu, 7 May 2015 11:02:34 +0000 Subject: Add OpenBMC stratum Change-Id: I904a82d332f4a13802e3d39b848ba296a128f6a4 --- strata/openbmc.morph | 22 ++++++++++++++++++++++ strata/openbmc/i2c-tools.morph | 16 ++++++++++++++++ strata/openbmc/isc-dhcp.morph | 3 +++ strata/openbmc/lm_sensors.morph | 7 +++++++ 4 files changed, 48 insertions(+) create mode 100644 strata/openbmc.morph create mode 100644 strata/openbmc/i2c-tools.morph create mode 100644 strata/openbmc/isc-dhcp.morph create mode 100644 strata/openbmc/lm_sensors.morph diff --git a/strata/openbmc.morph b/strata/openbmc.morph new file mode 100644 index 00000000..b1309a2a --- /dev/null +++ b/strata/openbmc.morph @@ -0,0 +1,22 @@ +name: openbmc +kind: stratum +description: OpenBMC components +build-depends: +- morph: strata/build-essential.morph +- morph: strata/core.morph +chunks: +- name: i2c-tools + morph: strata/openbmc/i2c-tools.morph + repo: upstream:i2c-tools + ref: 187dd637f7789c4cb12dfe2ba13f6e01d2a3c698 + unpetrify-ref: V3-1-1 +- name: lm_sensors + morph: strata/openbmc/lm_sensors.morph + repo: upstream:lm-sensors + ref: d9983967a89382f64c65db67026f85f073ef9b74 + unpetrify-ref: master +- name: isc-dhcp + repo: upstream:isc-dhcp-tarball + morph: strata/openbmc/isc-dhcp.morph + ref: f800382616186a5d30e28d8b2c51e97a9a8360f2 + unpetrify-ref: master diff --git a/strata/openbmc/i2c-tools.morph b/strata/openbmc/i2c-tools.morph new file mode 100644 index 00000000..5fba3b0a --- /dev/null +++ b/strata/openbmc/i2c-tools.morph @@ -0,0 +1,16 @@ +name: i2c-tools +kind: chunk +build-commands: +- make -C eepromer && make +install-commands: +- mkdir -p "$DESTDIR$PREFIX"/bin +- | + i2ctools="i2cdetect i2cdump i2cget i2cset" + for f in ${i2ctools}; do + install -m 755 tools/${f} "$DESTDIR$PREFIX"/bin/${f} + done +- | + eepromtools="eepromer eeprom eeprog" + for f in ${eepromtools}; do + install -m 755 eepromer/${f} "$DESTDIR$PREFIX"/bin/${f} + done diff --git a/strata/openbmc/isc-dhcp.morph b/strata/openbmc/isc-dhcp.morph new file mode 100644 index 00000000..5ee2e66b --- /dev/null +++ b/strata/openbmc/isc-dhcp.morph @@ -0,0 +1,3 @@ +name: isc-dhcp +kind: chunk +build-system: autotools diff --git a/strata/openbmc/lm_sensors.morph b/strata/openbmc/lm_sensors.morph new file mode 100644 index 00000000..27ee10d5 --- /dev/null +++ b/strata/openbmc/lm_sensors.morph @@ -0,0 +1,7 @@ +name: lm_sensors +kind: chunk +build-commands: +- make user PROG_EXTRA="sensors" +install-commands: +- make DESTDIR="$DESTDIR" PREFIX="$PREFIX" install +# TODO: If we need sensord too, we'll need rrdtool as a dependency and install instructions for sensord components -- cgit v1.2.1 From 8b66c3a67b38c6fa87ac6f9ac34ff0681cff8927 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Tue, 14 Apr 2015 15:40:51 +0100 Subject: systems: Add cross-bootstrap-system-armv5l-generic Change-Id: I85ccc845cd0bb03d4b589b3d1aa638fdbd1f38b5 --- systems/cross-bootstrap-system-armv5l-generic.morph | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 systems/cross-bootstrap-system-armv5l-generic.morph diff --git a/systems/cross-bootstrap-system-armv5l-generic.morph b/systems/cross-bootstrap-system-armv5l-generic.morph new file mode 100644 index 00000000..08cc11f6 --- /dev/null +++ b/systems/cross-bootstrap-system-armv5l-generic.morph @@ -0,0 +1,21 @@ +name: cross-bootstrap-system-armv5l-generic +kind: system +description: A system that produces the minimum needed to build a devel system +arch: armv5l +strata: +- name: build-essential + morph: strata/build-essential.morph +- name: core + morph: strata/core.morph +- name: python-cliapp + morph: strata/python-cliapp.morph +- name: python-pygobject + morph: strata/python-pygobject.morph +- name: libsoup-common + morph: strata/libsoup-common.morph +- name: ostree-core + morph: strata/ostree-core.morph +- name: morph-utils + morph: strata/morph-utils.morph +- name: cross-bootstrap + morph: strata/cross-bootstrap.morph -- cgit v1.2.1 From 7fffa53c15d6030eb2fcf9af82d22b34398d59c2 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 12 May 2015 17:11:43 +0100 Subject: Fix path of stratum morph in zookeeper-client system Change-Id: Ic4ff9fdabe6f3ec2b4d4d7a26905c490fce33078 --- systems/zookeeper-client-x86_64.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/zookeeper-client-x86_64.morph b/systems/zookeeper-client-x86_64.morph index e410c1d3..a9b01cd5 100644 --- a/systems/zookeeper-client-x86_64.morph +++ b/systems/zookeeper-client-x86_64.morph @@ -18,7 +18,7 @@ strata: - name: zookeeper-client morph: strata/zookeeper-client.morph - name: test-tools - morph: strata/test-tools + morph: strata/test-tools.morph configuration-extensions: - set-hostname - add-config-files -- cgit v1.2.1 From c3b8dd2b71d2a9d4ce15272b04c1529e0f94df20 Mon Sep 17 00:00:00 2001 From: Sam Thursfield Date: Tue, 12 May 2015 16:17:22 +0000 Subject: Update Morph This includes the following changes: eda5cb2 Explain how to cancel a distbuild eb9e43d distbuild: Set job status to failed when sending exec-cancel 43fed1e Revert "distbuild: Track worker jobs using artifact basename only" aa19fb9 Remove mention of MorphologyFactory in the unit tests 9cc12c9 Clean up artifact serialisation 2d19611 Move duplicate fix_chunk_build_mode function to a common location 1c45305 Enable native-bootstrap to continue build after recovered from fault. fdd6aeb Remove % from debug statement 733d6f9 Add a common func for handling build termination f4360e3 Add GraphProgress messages cc79a6b distbuild: Fix protocol version checking for distbuild commands 5aa34de yarns: Add yarn for morph diff 2d2774a yarns: Add the ability to tag chunks and commit updates to definitions e2e2ede morph: Add morph diff subcommand 812492d morphlib: Add utility module for parsing argv into lists of systems d22a4a2 distbuild: Builds currently break due to job being set twice 4cc7503 SourceResolver: Allow the resolution of multiple systems 43ae0cc LRC: Make get_updated_repo handle multiple refs 5f48a25 MorphologyLoader: Set filename attribute at parse time af5866c morph anchor: Handle updating refs 6aec7d7 morphlib.util: add word_join_list 7fe5c48 yarns: Fix incorrect chunk name in test suite Change-Id: Iaffcdd506dac6a31f1a11d9218afcb7f31b26758 --- strata/morph-utils.morph | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/strata/morph-utils.morph b/strata/morph-utils.morph index 0e305560..c024ea63 100644 --- a/strata/morph-utils.morph +++ b/strata/morph-utils.morph @@ -36,7 +36,7 @@ chunks: unpetrify-ref: master - name: morph repo: baserock:baserock/morph - ref: 524b17f6a0aba61a80ec7f538d72ad26b8d157a6 + ref: eda5cb29d0200ee55c0ed50d2afe1a17dbd7577a unpetrify-ref: master build-depends: - cmdtest -- cgit v1.2.1 From c15e0ed7b6912d014afb753441526c762178aa8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Jard=C3=B3n?= Date: Thu, 30 Apr 2015 15:17:11 +0100 Subject: sync linux-x86-32-generic with linux-x86-64-generic Change-Id: Ib1317670ec7bc2d8f504fde981d98fe1e4ae7ac1 --- strata/bsp-x86_32-generic/linux-x86-32-generic.morph | 3 +++ 1 file changed, 3 insertions(+) diff --git a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph index 3d936150..1616748f 100644 --- a/strata/bsp-x86_32-generic/linux-x86-32-generic.morph +++ b/strata/bsp-x86_32-generic/linux-x86-32-generic.morph @@ -260,6 +260,9 @@ configure-commands: - scripts/config -e SCSI_ISCSI_ATTRS - scripts/config -e ISCSI_TCP - scripts/config -e SCSI_LOWLEVEL +- scripts/config -e SCSI_VIRTIO +- scripts/config -e HYPERVISOR_GUEST +- scripts/config -e PARAVIRT - yes '' | make oldconfig build-commands: - make $MAKEFLAGS -- cgit v1.2.1