Introduced in devstack by I2d7348c4a72af96c0ed2ef6c0ab75d16e9aec8fc and
long tested by nova-next this enabled by most deployment tools by
default now and should be enabled by default in devstack.
Depends-On: https://review.opendev.org/885901
Change-Id: Ia76b96fe87d99560db947a59cd0660aab9b05335
(cherry picked from commit b516efedf9)
Tox 4.0.0 has some incompatible changes, epecially more
strict on allowlist_externals. Tempest recently changed
allowlist_externals not to be *[1] causing the failure
on jobs where lib/tempest failing to run the tempest
as command in virtual env.
----------
venv: commands[0]> tempest verify-config -uro /tmp/tmp.qH5KgJHTF4
venv: failed with tempest is not allowed, use allowlist_externals to allow it
------
We do not need to test/fix the <=stable/zed branches with tox 4.0.0
and pinning them with the compatible tox version of the time stable
brnaches were releaased is better way.
This commit proposes:
1. Pinning the tox<4.0.0 for <=stable/ze branches testing
2. Workaround to unblock the master gate by pinning it <4.0.0 but
we should make our testing compatible with tox 4.0.0 soon.
Related-Bug: #1999183
[1] https://review.opendev.org/c/openstack/tempest/+/865314 devstack based job started failing to run tempest command on venv.
Change-Id: I9a138af94dedc0d8ce5a0d519d75779415d3c30b
(cherry picked from commit ba54baa425)
(cherry picked from commit a3227ba0c0)
(cherry picked from commit 395f447085)
(cherry picked from commit 02f286a80a)
(cherry picked from commit 0a72476d89)
In case of online mode, there is a procedure to recreate tempest venv.
For consistency of tempest venv during the entire stack.sh process,
add logic to consider the TEMPEST_VENV_UPPER_CONSTRAINTS option here.
Closes-bug: #1980483
Signed-off-by: June Yi <june.yi@samsung.com>
Change-Id: I0cea282152fd363af8671cab1b5f733ebe2bd4df
(cherry picked from commit 8355e81306)
Without it segment plugin fails to connect with
placement api. Configure the placement section
if service is deployed.
Closes-Bug: #1973783
Change-Id: Ie7f37770a04f622735cf2263c601257669ab5064
(cherry picked from commit 92a34dbe95)
(cherry picked from commit ebd72a5e00)
When deploying devstack in a stable branch, the master branch is
available locally only in a CI environment where Zuul prepares all
available branches. For a non-CI deployment we need to stick to using
the remote branch as was the case before [0].
While the situation on the master branch isn't really broken, we apply
the fix here anyway so that future stable branches are created in a
working state.
[0] I5d42ac6b54bf20804d7e5faa39d1289102318b64
Closes-Bug: #1956219
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: Ib7719cb2d48b34db70f885e0afe77d904abba3b5
(cherry picked from commit 2ef4a4c851)
The current initiator name embedded in our CI images is not unique at
present and can often cause failures during live migrations with
attached volumes. This change ensures the name is unique by running
iscsi-iname again and overwriting the existing name.
We could potentially do this during the image build process itself but
given that devstack systems are not supposed to be multi-purpose this
should be safe to do during the devstack run.
NOTE(lyarwood): Conflict due to
If2f74f146a166b9721540aaf3f1f9fce3030525c not being present on
stable/wallaby.
Conflicts:
lib/nova
Closes-Bug: #1945983
Change-Id: I9ed26a17858df96c04be9ae52bf2e33e023869a5
(cherry picked from commit 714826d1a2)
(cherry picked from commit ee629cc775)
(cherry picked from commit a41fff99b3)
The apache mod_proxy documentation[0] says that trailing slashes need to
match for the ProxyPass statement. Since adding a slash to the redirected
url would break things that need to access endpoints like /identity
without anything added, we need to drop the trailing slash for the
target URL. See [1] for the discussion of the CVE fix that changed the
previous behavior.
For stable/victoria the devstack-platform-opensuse-15 and
nova-ceph-multistore jobs are currently broken, drop them for now,
they can be re-added when they got fixed.
[0] https://httpd.apache.org/docs/trunk/mod/mod_proxy.html#proxypass
[1] https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1945274
Change-Id: I99fbc91be1e7764a71a65b5abadd26144e0d1446
As set out in bug #1933096 these bindings are dynamically built against
the version of libvirt present in the environment at build time.
As a result using a pre-built wheel can cause AttributeError's when the
bindings have previously been built elsewhere against an older version
of libvirt installed on the host. This is currently the case in CentOS 8
stream based CI jobs where we try to use 7.4.0 bindings that appear to
be built against libvirt <= 6.10 leading to bug #1933096.
This change seeks to avoid this by installing the bindings from packages
that will always be built against the correct corresponding version of
libvirt.
Change-Id: I76184c17a776c4e1ecaab9549d9d36c8c07c60fa
Closes-Bug: #1933096
We use Tempest master for testing the supported stable
branches so using master upper constraints works fine but
when we need to use old Tempest in the below cases then master
upper constraints do not work and devstack will not be
able to install Tempest in vnenv:
- Testing Extended Maintenance branch
- Testing py2.7 jobs until stable/train with in-tree tempest plugins
This commit adds a variable to set the compatible upper constraint
to use for Tempest's old version.
Few of the current failure which can be fixed by this new configurable var:
- networking-generic-switch-tempest-dlm-python2
- https://zuul.opendev.org/t/openstack/build/ebcf3d68d62c4af3a43a222aa9ce5556
- devstack-platform-xenial on stable/steinand stable/train
- https://zuul.opendev.org/t/openstack/build/37ffc1af6f3f4b44b5ca8cbfa27068ac
Change-Id: I5b2217d85e6871ca3f7a3f6f859fdce9a50d3946
(cherry picked from commit 3bdc8f66ad)
As added in notes for INSTALL_TEMPEST variable we need to set
this as False for stable branch so that devstack does not
install Tempest at system wide.
- aa2821eb89/lib/tempest (L61)
This should be done at the time when we cut the stable branch but
we forgot to do that for ussuri and victoria.
Change-Id: I23c77f98c2e969d8046d5212b883e343c36cd1b1
available_features for Neutron tempest tests is default to "all" and
used from Victoria to enable/disable tests that has no API extension.
It is added here to make sure that stable gating will not execute these
tests (like for IPv6 metadata in neutron-tempest-plugin or updating
min_bw QoS values for port already attached to VMs)
Change-Id: Id1db503c8842477b0716fb75e953240f7982e74b
Related-Bug: #1882804
Since the introduction of I8f24b839bf42e2fb9803dc7df3a30ae20cf264
s-proxy is no longer able to launch as keystonemiddleware (listed under
test-requirements.txt) has not been installed.
keystonemiddleware is listed as extras requirements in swift
- e0d46d77fa/setup.cfg (L79)
Let's install swift keystone extra requirements also.
Closes-Bug: #1909018
Change-Id: I02c692e95d70017eea03d82d75ae6c5e87bde8b1
(cherry picked from commit 04b0b61557)
This commit cap the network, volume and swift extensions on
Tempest's config option api_extensions.
Change-Id: I2874640e116f2b89fbc14c5271c9535cda5e8a87
Sometimes instances don't have an IPv4 default route, so only check for
it when we actually need it. In a followup patch we could extend the
code to check for an IPv6 default route instead or in addition.
Related-Bug: 1902002
Change-Id: Ie6cd241721f6b1f8e030960921a696939b2dab10
(cherry picked from commit 47f76acbba)
This patch will enable user to configure single cinder store as well as
multiple cinder stores for glance. Below are the parameters needs to be
added in local.conf.
A. For single store
USE_CINDER_FOR_GLANCE=True
B. For Multiple stores
USE_CINDER_FOR_GLANCE=True
GLANCE_ENABLE_MULTIPLE_STORES=True
CINDER_ENABLED_BACKENDS=${CINDER_ENABLED_BACKENDS:-lvm:lvmdriver-1,lvm:lvmdriver-2,nfs:nfsdriver-1,ceph:cephdriver-1}
GLANCE_CINDER_DEFAULT_BACKEND=lvmdriver-1
enable_plugin devstack-plugin-nfs https://opendev.org/openstack/devstack-plugin-nfs
enable_plugin devstack-plugin-ceph https://opendev.org/openstack/devstack-plugin-ceph
NOTE:
GLANCE_CINDER_DEFAULT_BACKEND should be one of the value from CINDER_ENABLED_BACKENDS.
If you need to configure nfs and ceph backend for cinder then you need to add respective plugins in
local.conf file.
If GLANCE_ENABLE_MULTIPLE_STORES is True then it will not configure
swift store for glance even if it is enabled in local.conf file.
Needed-by: https://review.opendev.org/#/c/750018
Change-Id: Id0d63c4ea41cce389eee8dc9a96913a7d427f186
There is flag Q_BUILD_OVS_FROM_GIT which can be used to not compile
ovs from source.
But this wasn't respected in the ovn_agent's module in install_ovn
function which was always installing from source ovn and ovs.
We need to disable that e.g. on grenade jobs when new version is
installed.
Change-Id: I7d3f92365e880191dcfe7c618a6f79d5f741144f
This patch is a follow-up of Ib4194329474e8d68a90886d2a04f027eecd741df.
This patch removes the configure_port_forwarding call from the
neutron-legacy module because port forwarding (just like other
extensions such as DNS, QOS, etc...) are already enabled in the
plugin.sh file in the neutron repository [0]. The
configure_port_forwarding method itself is also defined in the neutron
repository so calling it here may result in a failure in case the plugin
is not enabled.
We are also removing the "dns" extensions from the default
Q_ML2_PLUGIN_EXT_DRIVERS variable because this extension conflicts with
the default DNS extensions that is enabled by Neutron when
q-dns/neutron-dns service is enabled (also in [0]). The LP for this
conflict problem is: https://bugs.launchpad.net/neutron/+bug/1887163.
[0]
945a244588/devstack/plugin.sh (L101-L103)
Change-Id: Iafb9e45520798b2a612192cfc6cca28501465862
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
As part of the Victoria PTG the Neutron team entertained the idea of
having the OVN driver as the default backend in DevStack (this hasn't
yet being decided by the community, this will be discussed within this
cycle).
For this to happen, we also would need to move the module that configures
OVN to the DevStack repository. This is what this patch is doing.
Note that we are updating the lib/neutron-legacy module instead of
lib/neutron in this patch, this is because as part of the PTG the
Neutron team has decided to un-deprecate the neutron-legacy module since
the "new" lib/neutron module is broken and nobody is current working on
it (also all services uses neutron-legacy).
Also, the ovsdbapp has been added to the ALL_LIBS list because a gate
job in the ovsdbapp project repository relies on installing the library
from source instead of pip to run.
Depends-On: https://review.opendev.org/#/c/740663/
Change-Id: Ib4194329474e8d68a90886d2a04f027eecd741df
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Most libs maintain their own system packages in a local bindep.txt file.
We don't currently use those when installing packages from source, which
can result in broken package installs.
This adds a flag to always attempt to install bindep packages if the
bindep.txt file exists. If a file cannot be found, it will just emit a
warning and carry on.
Change-Id: Ia0570f837b8af1c3fee0a314b026a4a7ed27e6a9
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
If glance is in standalone mode, image import works
fine so enable the tempest tests. Once we will have image
import or other async tasks working with glance under uwsgi
then we can remove this flag and run import tests by default.
Depends-On: https://review.opendev.org/#/c/741425/
Change-Id: I853e8a3815187f0aa8f05c70488ec948a97e55a6
As of the referenced patch in glance, we can do import in wsgi mode.
Also remove the enforcement that import methods are disabled.
Change-Id: I8da4b4ad6105bb64c4045ca80db9742591d01564
Depends-On: https://review.opendev.org/#/c/742065
We always want to start glance on the internal port now,
regardless of whether or not tls-proxy is in use, because we
write_local_proxy_http_config() for the standalone case.
Change-Id: I47dea645d4a852e02e25af0e1df9c28fec92c42a
Co-Authored-By: Radosław Piliszek <radoslaw.piliszek@gmail.com>
While removing registry [1] we by mistake removed some code related to
multiple store configuration for glance. This must be happened during
resolving merged conflicts.
Adding it back.
[1] https://review.opendev.org/708062
Change-Id: I2b84f7b7c51b7b20765a06b48c75006fd2e8ab71
Glance should not be exposing import methods that cannot work via its
API, but it does today. In order for tempest (et al) to be able to
properly detect whether import is possible, we must configure the
import methods in standalone mode, or disable them in wsgi mode. The
referenced Glance patch will make this a requirement.
Change-Id: I3bf3498d83607c5e98b70877c061dc54fc3c0a6e
Needed-By: https://review.opendev.org/#/c/741497/
A whole set of Glance functionality is not usable under uwsgi, including any
of the more powerful async import, customization, and copying functions.
In order to facilitate writing and running tempest tests for these features
in all environments covered by the various jobs across all the projects that
include Glance, we should default to this deployment method.
It is still possible to deploy glance in uwsgi mode by setting the flag to
False, and we can do that for some jobs to make sure that it continues to
work. However, the default should be what we expect deployers will use,
which is standalone mode.
Depends-On: https://review.opendev.org/741479
Change-Id: I141acab2a07a4eebd8d850f900058bc8cbf9c7bf
Full Glance functionality requires Glance being run in a configuration
where it can spawn long-running task threads. The default uwsgi mode
does not allow this, and the current workaround is to set WSGI_MODE
to something other than uwsgi to get the devstack code to deploy
Glance as a standalone service. Since this affects the entire rest of
the deployment, this patch separates out a flag to control this behavior
specifically for Glance. When WSGI_MODE=uwsgi, control of the Glance
deployment mechanism is allowed via GLANCE_STANDALONE=True|False. If
WSGI_MODE!= uwsgi then we deploy standalone Glance anyway.
Change-Id: I79068ce0bd7414bc48ff534ee22f0de5d7b091cb
Added new boolean option 'GLANCE_USE_IMPORT_WORKFLOW' default to False.
If this parameter set in local.conf as True then devstack will use the
new import workflow to create the image.
In order to use new import workflow of glance;
user need to set below options in local.conf
GLANCE_USE_IMPORT_WORKFLOW=True
Note that the import workflow does not work in uwsgi because of
some fundamental restrictions it has. Thus, devstack must be configured
with WSGI_MODE=mod_wsgi, otherwise glance will not be able to process
the imports. The new helper function will abort to avoid in that case
to avoid the image never being moved to "active" state by an import
task that will never be executed.
Co-Authored-By: Abhishek Kekane <akekane@redhat.com>
Co-Authored-By: Dan Smith <dansmith@redhat.com>
Needed-By: https://review.opendev.org/#/c/734184
Change-Id: I1306fe816b7a3eca1e2312c0c454be3d81118eca
The old peakmem_tracker service has been disabled in [0], now enable
the replacement memory_tracker.
Also fail when the old service is still configured, otherwise
consumers might never notice.
Depends-On: https://review.opendev.org/739995
Change-Id: I583caf3f36a8ff41d7d4106dabc6c5f24243085e
