summaryrefslogtreecommitdiffstats
path: root/meta-openstack
Commit message (Collapse)AuthorAgeFilesLines
...
* barbican: increase uwsgi buffer-size to work with keystoneKeith Holman2014-05-233-1/+45
| | | | | | | | | | | | uWSGI defaults to a maximum packet size of 4096 bytes. This is too small to support working with PKI tokens that are now default in Keystone. The size of the packets within Barbican are dependent on both the size of the Keystone token and the size of the secret to be stored & retrieved. Increasing the buffer size to the maximum allowed by uWSGI allows Barbican to support the largest possible secrets. Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
* barbican: output a log file for debugging purposesKeith Holman2014-05-231-3/+4
| | | | | | | | Currently, the /var/log/barbican directory is created but remains empty. This change outputs a Barbican log file for debugging communication problems that occur via uWSGI. Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
* heat: change template version to 2013-05-23Bruce Ashfield2014-05-223-3/+3
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* heatclient: add heatclient-tests bbVu Tran2014-05-211-1/+7
| | | | | | | | Heatclient tests requires python-mox3 and python-testscenarios. Create additional heatclient-tests package when included into final image will also include these 2 packages into final image. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* Add new python-mox3 bbVu Tran2014-05-211-0/+22
| | | | | | | mox3 package is required by heatclient tests, so pulling this package in. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* Add new python-testscenarios bbVu Tran2014-05-211-0/+19
| | | | | | | testscenarios package is required by heatclient tests, so pulling this package in. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* heat tests change project_dir pathVu Tran2014-05-212-0/+24
| | | | | | | | | | | By default, heat-tests sets project dir to /usr/<lib/lib64>/python2.7/site-packages/ which is the starting place for heat-tests to search for default environment setting file. However all the required file are in /etc/heat. So set project_dir to "/" Signed-off-by: Vu Tran <vu.tran@windriver.com>
* heat: add example hot templatesVu Tran2014-05-214-2/+211
| | | | | | | | Add 2 hot templates which can be used to create heat stack for demonstrating heat stack lifecycle management and autoscaling Signed-off-by: Vu Tran <vu.tran@windriver.com>
* heat change config file for autoscalingVu Tran2014-05-211-2/+2
| | | | | | | | Set heat_metadata_server_url, heat_waitcondition_server_url config options in heat.conf to allow Ceilometer to be able to invoke heat when resource alarm triggered. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* ceilometer: need to filter meter-id when doing sql queryingVu Tran2014-05-211-8/+9
| | | | | | | | | | | | | | | Currently statistic values for all the meters are the same, for example, 2 commands: $ ceilometer statistics -m cpu_util $ ceilometer statistics -m cpu return the same statistic values, and this is incorrect. It needs to query Ceilometer database for samples for the correct meter-id to calculate statistic. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* cinder: ensure log-dir is set correctlyVu Tran2014-05-212-2/+3
| | | | | | | | | Make sure all Cinder services have the right setting for log_dir in the init script as well as in the config setting in .conf file as we shouldn't only count on our init script launch to get logging right. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* cinder log postinsts missing var-log-cinderVu Tran2014-05-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By turning on "log_dir=/var/log/cinder" in /etc/cinder/cinder.conf all cinder services require folder /var/log/cinder exist to be able to start. This folder is created through startup scripts "/etc/init.d/cinder-xxxx" However, at very first boot, cinder postinst script invokes "cinder-manage db sync" without first creating folder /var/log/cinder which causes "cinder-manage db sync" to fail with the following errors: Tue May 20 18:26:59 2014: Running postinst /etc/rpm-postinsts/114... Tue May 20 18:26:59 2014: Starting postgres server...already running. Tue May 20 18:27:01 2014: Traceback (most recent call last): Tue May 20 18:27:01 2014: File "/usr/bin/cinder-manage", line 543, in <module> Tue May 20 18:27:01 2014: main() Tue May 20 18:27:01 2014: File "/usr/bin/cinder-manage", line 523, in main Tue May 20 18:27:01 2014: logging.setup("cinder") Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/site-packages/cinder/openstack/common/log.py", line 359, in setup Tue May 20 18:27:01 2014: _setup_logging_from_conf() Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/site-packages/cinder/openstack/common/log.py", line 406, in _setup_logging_from_conf Tue May 20 18:27:01 2014: filelog = logging.handlers.WatchedFileHandler(logpath) Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/handlers.py", line 386, in __init__ Tue May 20 18:27:01 2014: logging.FileHandler.__init__(self, filename, mode, encoding, delay) Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/__init__.py", line 893, in __init__ Tue May 20 18:27:01 2014: StreamHandler.__init__(self, self._open()) Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/__init__.py", line 912, in _open Tue May 20 18:27:01 2014: stream = open(self.baseFilename, self.mode) Tue May 20 18:27:01 2014: IOError: [Errno 2] No such file or directory: '/var/log/cinder/cinder-manage.log' So make sure "/var/log/cinder" is created before "cinder-manage db sync" is invoked. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* README.setup update compute launch commandVu Tran2014-05-211-1/+1
| | | | | | | | | | | | Currently qemu compute is instructed to start with 1 vcpu, this at least causes ceilometer report wrong avg cpu_util percentage when multiple VMs running on qemu compute. So increase qemu compute vcpu from 1 to 4 to fix the issue above and also provide qemu compute a bit more power to run more heavier tests. Signed-off-by: Vu Tran <vu.tran@windriver.com>
* autotools: B != S build fixesBruce Ashfield2014-05-2111-3/+11
| | | | | | | | | | | | | Since oe-core introduced the autotools separated build and source directory changes, some package builds broke. With this change, we can build against the latest oe-core master. It should be noted that this masks the build issues, and the bbappends should be removed as dependency layers update or "real" fixes are generated. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* bbappends: update bbappends to match oe-core, meta-oe and ↵Bruce Ashfield2014-05-218-0/+22
| | | | | | meta-virtualization versions Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* libvirt: update bbappend to 1.2.4Bruce Ashfield2014-05-212-1/+14
| | | | | | | | Track the update of libvirt to 1.2.4 in meta-virtualization. We also move the 1.2.2 bbappend to dangling for layers and users that are not tracking the latest meta-virt. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* mod-wsgi: allow builds with separated src/build dirsMark Asselstine2014-05-132-0/+71
| | | | | | | | | | Unfortunately the use of apxs, which isn't that friendly with separated src/build dirs, makes things tricky to acheive src/build separation. With the use of a symlink and a few other minor tweaks we are able to get this working. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* pycrypto: void src/build separationMark Asselstine2014-05-131-1/+1
| | | | | | | | distutils.bbclass does not work when there is a build/src separation so inherit autotools-brokensep so continue building in the src dir. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* keystone: allow ability to store tokens in UUID or PKI formatKeith Holman2014-05-122-1/+4
| | | | | | | | | | Since Grizzly release Keystone defaults to storing tokens in PKI format. Some software works better with keystone if tokens are in the older UUID format. This change allows a simple way to set the storage format within the bitbake receipes. The default is to use the newer PKI format. Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
* barbican: package /usr/bin, even when emptyBruce Ashfield2014-05-091-0/+1
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* barbican: remove unneeded files from being packagedKeith Holman2014-05-091-0/+2
| | | | | | | | | | | | Issue: US-34303 Barbican source code comes with scripts that are intended to control the service. Added previously was a script for this same purpose that is placed into init.d that integrates more consistently with the system. This makes the need for these scripts redundant. This patch removes the scripts being put into the final system package. Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
* keystone: CVE-2012-5483Amy Fong2014-05-081-1/+1
| | | | | | | | | | | | | tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file. Modify /etc/keystone to have permission 750 Signed-off-by: Amy Fong <amy.fong@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* cinder: add keyston auth sectionBruce Ashfield2014-05-072-0/+11
| | | | | | | To avoid SSL default communications, and quota/volume errors, we expicitly add a keystone configuration section to the cinder configuration. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* swift: update to icehouse releaseBruce Ashfield2014-05-071-3/+3
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* tempest: update to icehouse master revisionBruce Ashfield2014-05-071-3/+4
| | | | | | | | | | | | tempest no longer branches per-release and instead ensures that the single branch works for all releases. As such, we change to master and update the SRCREV to the latest. There is one new binary part of the package, so we add it to the default tempest package. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* ceilometer: update to icehouse/stableBruce Ashfield2014-05-071-3/+3
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* glance: update to stable/icehouseBruce Ashfield2014-05-072-5/+46
| | | | | | | | | | | | | | | | | | | | | Updating glance to the icehouse release. Changes include: - patch glance to not load ALL backend modules, only the ones defined in the glance configuration. Without this patch, we must have support for all backends, even if we don't use them. To avoid including support for unused backends .. we prefer to only load used ones. - Add a variable GLANCE_KNOWN_STORES to the recipe, which will be copied into the glance configuration to enable the loading of supported options (as modifed by the first patch). - Change "sql_connection" to the new "connection" directive - Change the "notifier_strategy" to the new "notification_driver" Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* cinder: uprev to Icehouse releaseBruce Ashfield2014-04-301-3/+4
| | | | | | | | Introduce the uprev to the icehouse release. Outside of the core functionality and new dependencies, there are no recipe visible changes at the moment. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* cinder: add networkx dependencyBruce Ashfield2014-04-301-0/+27
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* cinder: introduce python-futures dependencyBruce Ashfield2014-04-301-0/+27
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* taskflow: easy, consistent, and reliable task executionBruce Ashfield2014-04-301-0/+33
| | | | | | | | | | | Introduce the OpenStack project "TaskFlow": https://wiki.openstack.org/wiki/TaskFlow To support the Icehouse cinder update (which is the only current user in meta-cloud-services). Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* heat: update to icehouse releaseBruce Ashfield2014-04-301-3/+3
| | | | | | | | | | No recipe-level changes required outside of the SRCREV bumps: python /usr/bin/heat-api --config-file /etc/heat/heat.conf --log-dir=/var/log/heat python /usr/bin/heat-api-cfn --config-file /etc/heat/heat.conf --log-dir=/var/log/heat python /usr/bin/heat-engine --config-file /etc/heat/heat.conf --log-dir=/var/log/heat Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* neutron: disable state reporting to novaBruce Ashfield2014-04-301-0/+6
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* barbican: introduce barbicanclientBruce Ashfield2014-04-302-0/+29
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* horizon: update to icehouse releaseBruce Ashfield2014-04-301-4/+5
| | | | | | | | Updating horizon to the icehouse release. Adding troveclient to the rdepends is the biggest recipe level change .. and even that isn't very big. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* python-troveclient: introduce trove clientBruce Ashfield2014-04-301-0/+31
| | | | | | | icehouse horizon looks for troveclient. So we introduce it (without full trove support), to keep it happy. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* neutron: update to icehouse/stableBruce Ashfield2014-04-302-3/+47
| | | | | | | | | | | Updating neutron to the icehouse/stable branch. As part of this change, we lay the ground work for better VIF reporting. The configuration files, which are slightly out of date, support basic operations, so we keep them the same .. for now. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* nova: uprev to icehouse/stable supportBruce Ashfield2014-04-302-5/+23
| | | | | | | | | | | Updating the recipe's branch and SRCREV to the icehouse/stable release branch. The configuration changes required for basic operation are limited, so we keep nearly everything the same, and will update the config in subsequent commits. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* linux-yocto: enable NBD and RTLINK supportBruce Ashfield2014-04-304-28/+6
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* pysqlite: fix license specification to Zlib (versus zlib)Bruce Ashfield2014-04-241-1/+1
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* python-neutron: the openvswitch agent requires iproute2Mark Asselstine2014-04-231-1/+1
| | | | | | | | We need iproute2 or the agent will fail to start as 'ip' from busybox is not capable enough. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* cleanup: leave source config files pristineMark Asselstine2014-04-236-89/+89
| | | | | | | | | | | | | | Editing the files in ${WORKDIR} using sed or similar tools as part of do_install means they can only be edited once. Supplying a modified CONTROLLER_IP in local.conf and building the image again will not result in the CONTROLLER_IP being properly updated since the substitution placeholders will no longer exist. We therefore simply swap the other of things, installing the configuration files first, then editing them to swap the placeholders. This means we can run the do_install again and again and get the results we expect. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* controller: add barbican to default package listBruce Ashfield2014-04-231-0/+1
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* barbican: ReST API designed for the secure storage, provisioning and ↵Bruce Ashfield2014-04-232-0/+201
| | | | | | | | | | | | management of secrets Introduce the barbican package: https://wiki.openstack.org/wiki/Barbican, to support the management of keys and secrets on an OpenStack system. The barbican api service can be started with the packaged initscript, and has been validated against the barbican quick start guide. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* keystone: add barbican users, roles and endpointsBruce Ashfield2014-04-231-4/+11
| | | | Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* wsgi: WSGI (PEP 333) Reference LibraryBruce Ashfield2014-04-231-0/+27
| | | | | | barbican uses the standalone wsgi reference library. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* pysqlite: Python interface to SQLite 3Bruce Ashfield2014-04-231-0/+29
| | | | | | barbican uses sqlite for its database, and uses pysqlite to access data. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* oslo.messaging: Oslo Messaging APIBruce Ashfield2014-04-231-0/+27
| | | | | | | Barbican uses the standalone oslo.messaging API, so we introduce the pypi version. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* falcon: An unladen web framework for building APIs and app backendsBruce Ashfield2014-04-231-0/+31
| | | | | | To support Barbican, we introduce the recipe for falcon. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* uwsgi: introduce application serverBruce Ashfield2014-04-231-0/+26
| | | | | | | | While other wsgi integrations are possible (apache, nginx), barbican is developed and supported via uwsgi. So we integrate uwsgi, with the default configuration capable of acting as a gateway for python applications. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>