summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Add new python-testscenarios bbVu Tran2014-05-231-0/+19
| | | | | | | testscenarios package is required by heatclient tests, so pulling this package in. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* heat tests change project_dir pathVu Tran2014-05-232-0/+24
| | | | | | | | | | | By default, heat-tests sets project dir to /usr/<lib/lib64>/python2.7/site-packages/ which is the starting place for heat-tests to search for default environment setting file. However all the required file are in /etc/heat. So set project_dir to "/" Signed-off-by: Vu Tran <vu.tran@windriver.com>
* heat: add example hot templatesVu Tran2014-05-234-2/+211
| | | | | | | | Add 2 hot templates which can be used to create heat stack for demonstrating heat stack lifecycle management and autoscaling Signed-off-by: Vu Tran <vu.tran@windriver.com>
* heat change config file for autoscalingVu Tran2014-05-231-2/+2
| | | | | | | | Set heat_metadata_server_url, heat_waitcondition_server_url config options in heat.conf to allow Ceilometer to be able to invoke heat when resource alarm triggered. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* ceilometer: need to filter meter-id when doing sql queryingVu Tran2014-05-231-8/+9
| | | | | | | | | | | | | | | Currently statistic values for all the meters are the same, for example, 2 commands: $ ceilometer statistics -m cpu_util $ ceilometer statistics -m cpu return the same statistic values, and this is incorrect. It needs to query Ceilometer database for samples for the correct meter-id to calculate statistic. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* cinder: ensure log-dir is set correctlyVu Tran2014-05-232-2/+3
| | | | | | | | | Make sure all Cinder services have the right setting for log_dir in the init script as well as in the config setting in .conf file as we shouldn't only count on our init script launch to get logging right. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* cinder log postinsts missing var-log-cinderVu Tran2014-05-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By turning on "log_dir=/var/log/cinder" in /etc/cinder/cinder.conf all cinder services require folder /var/log/cinder exist to be able to start. This folder is created through startup scripts "/etc/init.d/cinder-xxxx" However, at very first boot, cinder postinst script invokes "cinder-manage db sync" without first creating folder /var/log/cinder which causes "cinder-manage db sync" to fail with the following errors: Tue May 20 18:26:59 2014: Running postinst /etc/rpm-postinsts/114... Tue May 20 18:26:59 2014: Starting postgres server...already running. Tue May 20 18:27:01 2014: Traceback (most recent call last): Tue May 20 18:27:01 2014: File "/usr/bin/cinder-manage", line 543, in <module> Tue May 20 18:27:01 2014: main() Tue May 20 18:27:01 2014: File "/usr/bin/cinder-manage", line 523, in main Tue May 20 18:27:01 2014: logging.setup("cinder") Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/site-packages/cinder/openstack/common/log.py", line 359, in setup Tue May 20 18:27:01 2014: _setup_logging_from_conf() Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/site-packages/cinder/openstack/common/log.py", line 406, in _setup_logging_from_conf Tue May 20 18:27:01 2014: filelog = logging.handlers.WatchedFileHandler(logpath) Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/handlers.py", line 386, in __init__ Tue May 20 18:27:01 2014: logging.FileHandler.__init__(self, filename, mode, encoding, delay) Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/__init__.py", line 893, in __init__ Tue May 20 18:27:01 2014: StreamHandler.__init__(self, self._open()) Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/__init__.py", line 912, in _open Tue May 20 18:27:01 2014: stream = open(self.baseFilename, self.mode) Tue May 20 18:27:01 2014: IOError: [Errno 2] No such file or directory: '/var/log/cinder/cinder-manage.log' So make sure "/var/log/cinder" is created before "cinder-manage db sync" is invoked. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* README.setup update compute launch commandVu Tran2014-05-211-1/+1
| | | | | | | | | | | | Currently qemu compute is instructed to start with 1 vcpu, this at least causes ceilometer report wrong avg cpu_util percentage when multiple VMs running on qemu compute. So increase qemu compute vcpu from 1 to 4 to fix the issue above and also provide qemu compute a bit more power to run more heavier tests. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* autotools: B != S build fixesBruce Ashfield2014-05-2112-4/+12
| | | | | | | | | | | | | Since oe-core introduced the autotools separated build and source directory changes, some package builds broke. With this change, we can build against the latest oe-core master. It should be noted that this masks the build issues, and the bbappends should be removed as dependency layers update or "real" fixes are generated. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* bbappends: update bbappends to match oe-core, meta-oe and ↵Bruce Ashfield2014-05-218-0/+22
| | | | | | meta-virtualization versions Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* libvirt: update bbappend to 1.2.4Bruce Ashfield2014-05-212-1/+14
| | | | | | | | Track the update of libvirt to 1.2.4 in meta-virtualization. We also move the 1.2.2 bbappend to dangling for layers and users that are not tracking the latest meta-virt. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* spice: allow separated src and build dirsMark Asselstine2014-05-212-1/+64
| | | | | | | | | Some minor fixes around generated .c and .h files were required to allow separated src and build dirs. Without these builds will fail and you would have to build in the src dir. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* mod-wsgi: allow builds with separated src/build dirsMark Asselstine2014-05-212-0/+71
| | | | | | | | | | Unfortunately the use of apxs, which isn't that friendly with separated src/build dirs, makes things tricky to acheive src/build separation. With the use of a symlink and a few other minor tweaks we are able to get this working. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* pycrypto: void src/build separationMark Asselstine2014-05-211-1/+1
| | | | | | | | distutils.bbclass does not work when there is a build/src separation so inherit autotools-brokensep so continue building in the src dir. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* keystone: allow ability to store tokens in UUID or PKI formatKeith Holman2014-05-122-1/+4
| | | | | | | | | | Since Grizzly release Keystone defaults to storing tokens in PKI format. Some software works better with keystone if tokens are in the older UUID format. This change allows a simple way to set the storage format within the bitbake receipes. The default is to use the newer PKI format. Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
* barbican: package /usr/bin, even when emptyBruce Ashfield2014-05-091-0/+1
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* core: update core components to latest havana/stable releasesBruce Ashfield2014-05-098-75/+14
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* barbican: remove unneeded files from being packagedKeith Holman2014-05-091-0/+2
| | | | | | | | | | | | Issue: US-34303 Barbican source code comes with scripts that are intended to control the service. Added previously was a script for this same purpose that is placed into init.d that integrates more consistently with the system. This makes the need for these scripts redundant. This patch removes the scripts being put into the final system package. Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
* CVE-2014-2828 openstack-keystone: denial of service via V3 API ↵Amy Fong2014-05-082-1/+62
| | | | | | | | | | | authentication chaining The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining." Signed-off-by: Amy Fong <amy.fong@windriver.com>
* CVE-2014-0006 Openstack Swift: TempURL timing attackAmy Fong2014-05-082-1/+61
| | | | | | | | | The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack. Signed-off-by: Amy Fong <amy.fong@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* keystone: CVE-2012-5483Amy Fong2014-05-081-1/+1
| | | | | | | | | | | | | tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file. Modify /etc/keystone to have permission 750 Signed-off-by: Amy Fong <amy.fong@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* pysqlite: fix license specification to Zlib (versus zlib)Bruce Ashfield2014-04-241-1/+1
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* python-neutron: the openvswitch agent requires iproute2Mark Asselstine2014-04-231-1/+1
| | | | | | | | We need iproute2 or the agent will fail to start as 'ip' from busybox is not capable enough. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* cleanup: leave source config files pristineMark Asselstine2014-04-236-89/+89
| | | | | | | | | | | | | | Editing the files in ${WORKDIR} using sed or similar tools as part of do_install means they can only be edited once. Supplying a modified CONTROLLER_IP in local.conf and building the image again will not result in the CONTROLLER_IP being properly updated since the substitution placeholders will no longer exist. We therefore simply swap the other of things, installing the configuration files first, then editing them to swap the placeholders. This means we can run the do_install again and again and get the results we expect. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* controller: add barbican to default package listBruce Ashfield2014-04-231-0/+1
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* barbican: ReST API designed for the secure storage, provisioning and ↵Bruce Ashfield2014-04-232-0/+201
| | | | | | | | | | | | management of secrets Introduce the barbican package: https://wiki.openstack.org/wiki/Barbican, to support the management of keys and secrets on an OpenStack system. The barbican api service can be started with the packaged initscript, and has been validated against the barbican quick start guide. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* keystone: add barbican users, roles and endpointsBruce Ashfield2014-04-231-4/+11
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* wsgi: WSGI (PEP 333) Reference LibraryBruce Ashfield2014-04-231-0/+27
| | | | | | barbican uses the standalone wsgi reference library. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* pysqlite: Python interface to SQLite 3Bruce Ashfield2014-04-231-0/+29
| | | | | | barbican uses sqlite for its database, and uses pysqlite to access data. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* oslo.messaging: Oslo Messaging APIBruce Ashfield2014-04-231-0/+27
| | | | | | | Barbican uses the standalone oslo.messaging API, so we introduce the pypi version. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* falcon: An unladen web framework for building APIs and app backendsBruce Ashfield2014-04-231-0/+31
| | | | | | To support Barbican, we introduce the recipe for falcon. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* uwsgi: introduce application serverBruce Ashfield2014-04-231-0/+26
| | | | | | | | While other wsgi integrations are possible (apache, nginx), barbican is developed and supported via uwsgi. So we integrate uwsgi, with the default configuration capable of acting as a gateway for python applications. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* OpenStack: all-in-one nodeAmy Fong2014-04-156-0/+105
| | | | | | Introduce image openstack-image-aio, integrating both compute and controller functionality Signed-off-by: Amy Fong <amy.fong@windriver.com>
* Documentation: add networking READMEsMark Asselstine2014-04-154-0/+1289
| | | | | | | These documents initially cover the 3 main networking building blocks with using Open vSwitch. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* python-neutron: openvswitch plugin read config filesMark Asselstine2014-04-152-2/+3
| | | | | | | | | | | | | Currently the openvswitch plugin doesn't read any config files so we are unable to configure it properly. Have the init script pass in the config files we are already installing. The config needs local_ip set otherwise it will fail to run. We can't just tack rabbit_host on the end of the conf file as it is in the wrong section, so change this to a substitution. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* python-neutron: cleanup dhcp agent packagingMark Asselstine2014-04-153-2/+92
| | | | | | | | Cleanup packaging to get the necessary .ini and related files into the dhcp-agent package. Add a cron job to keep things clean. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* python-neutron: get the l3-agent properly packagedMark Asselstine2014-04-153-4/+82
| | | | | | | | | The recipe had the initial groundwork established to create the l3-agent package but some aspects were incomplete. Add the necessary .ini file and create the initscript necessary to launch the l3-agent at boot time. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* python-neutron: don't install the empty log directoryMark Asselstine2014-04-151-2/+0
| | | | | | | | | | | Commit 984c2d69f51824a4c1e7b3a448fe24759e594026 [OpenStack: sysvinit scripts - enable logging] added the necessary code to create the log directories in the init scripts start() functions. In addition this directory exists in the 'volatiles' so this code was doing nothing. Removing this to avoid possible confusion around the creating of this directory. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* python-neutron: remove greedy FILES_Mark Asselstine2014-04-151-1/+3
| | | | | | | | | | We need to use specific filenames instead of a glob to prevent the linuxbridge and openvswitch ini files from being bundled as part of the main package as opposed to their respective packages. Without this change the FILES_ rules for the sub-packages are not effective and the resulting packages are not being populated as expected. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* python-ipaddr: setup.py for this pkg uses distutilsMark Asselstine2014-04-151-1/+1
| | | | | | | | | | | | Examining the setup.py we find "from distutils.core import setup" we therefor need to inherit distutils, not setuptools. Having the wrong inherit was under certain circumstances causing the do_install to fail with: | error: option --single-version-externally-managed not recognized | ERROR: python setup.py install execution failed. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* glanceclient: use BPN instead of PNMark Asselstine2014-04-151-1/+1
| | | | | | | | BPN should be used in this case and this also prevents confusing the fetcher code and getting a "The SRCREV_FORMAT variable must be set wh en multiple SCMs are used." error. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
* tgt: Fix the path of header files checkZhenhua Luo2014-04-152-2/+52
| | | | | | | | | | | | Current Makefile will check headers on host instead of Yocto sysroot, following error appears. Change the path of header check. | bs_aio.c:34:20: fatal error: libaio.h: No such file or directory | #include <libaio.h> | ^ | compilation terminated. Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* docs: add README.swiftBruce Ashfield2014-04-111-0/+447
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* add swift deploy layerVu Tran2014-04-114-0/+61
| | | | | | | | | | Create new layer meta-openstack-swift-deploy which when included into build will have Glance and Cinder Backup to use Swift as backend storage. This layer is also place for contain any Swift changes related to Swift deployment. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* glance: enable swift backendVu Tran2014-04-111-2/+6
| | | | | | | | Modify glance config file to allow it to be able to use Swift as backend driver. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* cinder-backup: enable swift backendVu Tran2014-04-112-1/+23
| | | | | | | | | | | | | Modify cinder config file allows cinder-backup to be able to use swift as backend for storing cinder backup volume on Swift cluster. Also add variable CINDER_BACKUP_BACKEND_DRIVER which allows setting default cinder backup backend driver. Right now set it to Swift. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* add swift into final imageVu Tran2014-04-111-0/+2
| | | | | | | | Include Swift into final image so that it can be built and included into final rootfs Signed-off-by: Vu Tran <vu.tran@windriver.com>
* keystone: to support swiftVu Tran2014-04-111-0/+11
| | | | | | | | Modify Keystone identity.sh to add Swift user, service, and service endpoints into Keystone. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* swiftclient: add testsVu Tran2014-04-111-1/+6
| | | | | | | | | | | | Introduce swiftclient test package which contains all Swiftclient unit tests. Swiftclient unit tests can be run as: $ cd /usr/lib64/python2.7/site-packages/swiftclient $ nosetests -v tests Signed-off-by: Vu Tran <vu.tran@windriver.com>
* swift: add setup packageVu Tran2014-04-114-2/+429
| | | | | | | | | | | | | | | | | | | | | | | | | Introduce swift setup package. At boot time, this package setups a simple swift cluster including: * 3 zones * each zone has 1 storage device which are based on loopback devices which the backing files size is controlled by variable SWIFT_BACKING_FILE_SIZE The script /etc/swift/swift_setup.sh is also provided to ease the task of setting up a complicated Swift cluster. It reads a cluster config file, which describes what storage devices are included in what rings, and constructs the cluster. For details of how to use swift_setup.sh and the format of Swift cluster config file please refer to the script's help: $ swift_setup.sh Signed-off-by: Vu Tran <vu.tran@windriver.com>