| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
CodeRay is a Ruby library for syntax highlighting.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Chef Zero is a simple, easy-install, in-memory Chef
server that can be useful for Chef Client testing and chef-solo-like
tasks that require a full Chef Server. It IS intended to be simple,
Chef 11 compliant, easy to run and fast to start. It is NOT intended
to be secure, scalable, performant or persistent. It does NO input
validation, authentication or authorization (it will not throw a 400,
401 or 403). It does not save data, and will start up empty each time
you start it.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bundler makes sure Ruby applications run the same code
on every machine. It does this by managing the gems that the
application depends on. Given a list of gems, it can automatically
download and install those gems, as well as any other gems needed by
the gems that are listed. Before installing gems, it checks the
versions of every gem to make sure that they are compatible, and can
all be loaded at the same time. After the gems have been installed,
Bundler can help you update some or all of them when new versions
become available. Finally, it records the exact versions that have
been installed, so that others can install the exact same gems.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In order to build chef we create a new ruby.bbclass to handle
packaging ruby gems.
The gem install technique we make use of avoids dependency issues
which are not easily worked around yet care must be taken to ensure
runtime dependencies are properly listed.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
The following 2 layers are now needed for the builds, adding to README.setup
/meta-openembedded/meta-webserver
/meta-openembedded/meta-ruby
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
shipped in any package
A number of license and installation files were installed to ${D}, move these to
${D}/usr/share/doc
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
| |
Change license to MIT
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Modifying license to LGPL-3.0
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Using Barbican with Keystone authentication has some known
problems. Specifically, the problme is that Keystone now uses PKI
tokens, which are too long for the Barbican protocol to handle in
its current configuration. This patch delivers a readme file to
document these issues for the end-user.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Add documentation for testing swift, ceph, heat.
Create a script and instructions on a script that launches a controller
and a specified number of compute nodes.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
uWSGI defaults to a maximum packet size of 4096 bytes. This
is too small to support working with PKI tokens that are now default
in Keystone. The size of the packets within Barbican are dependent
on both the size of the Keystone token and the size of the secret to
be stored & retrieved. Increasing the buffer size to the maximum
allowed by uWSGI allows Barbican to support the largest possible
secrets.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
|
| |
|
|
|
|
|
|
| |
Currently, the /var/log/barbican directory is created but remains
empty. This change outputs a Barbican log file for debugging
communication problems that occur via uWSGI.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Heatclient tests requires python-mox3 and python-testscenarios.
Create additional heatclient-tests package when included into
final image will also include these 2 packages into final image.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
| |
mox3 package is required by heatclient tests,
so pulling this package in.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
| |
testscenarios package is required by heatclient tests,
so pulling this package in.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
By default, heat-tests sets project dir to
/usr/<lib/lib64>/python2.7/site-packages/ which
is the starting place for heat-tests to search
for default environment setting file. However all
the required file are in /etc/heat. So
set project_dir to "/"
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
| |
Add 2 hot templates which can be used to create
heat stack for demonstrating heat stack lifecycle
management and autoscaling
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
| |
Set heat_metadata_server_url, heat_waitcondition_server_url
config options in heat.conf to allow Ceilometer to be
able to invoke heat when resource alarm triggered.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently statistic values for all the meters are the same,
for example, 2 commands:
$ ceilometer statistics -m cpu_util
$ ceilometer statistics -m cpu
return the same statistic values, and this is incorrect.
It needs to query Ceilometer database for samples for the
correct meter-id to calculate statistic.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Make sure all Cinder services have the right setting
for log_dir in the init script as well as in the
config setting in .conf file as we shouldn't only
count on our init script launch to get logging right.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By turning on "log_dir=/var/log/cinder" in /etc/cinder/cinder.conf
all cinder services require folder /var/log/cinder exist to be
able to start. This folder is created through startup
scripts "/etc/init.d/cinder-xxxx"
However, at very first boot, cinder postinst script invokes
"cinder-manage db sync" without first creating folder /var/log/cinder
which causes "cinder-manage db sync" to fail with the following errors:
Tue May 20 18:26:59 2014: Running postinst /etc/rpm-postinsts/114...
Tue May 20 18:26:59 2014: Starting postgres server...already running.
Tue May 20 18:27:01 2014: Traceback (most recent call last):
Tue May 20 18:27:01 2014: File "/usr/bin/cinder-manage", line 543, in <module>
Tue May 20 18:27:01 2014: main()
Tue May 20 18:27:01 2014: File "/usr/bin/cinder-manage", line 523, in main
Tue May 20 18:27:01 2014: logging.setup("cinder")
Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/site-packages/cinder/openstack/common/log.py", line 359, in setup
Tue May 20 18:27:01 2014: _setup_logging_from_conf()
Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/site-packages/cinder/openstack/common/log.py", line 406, in _setup_logging_from_conf
Tue May 20 18:27:01 2014: filelog = logging.handlers.WatchedFileHandler(logpath)
Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/handlers.py", line 386, in __init__
Tue May 20 18:27:01 2014: logging.FileHandler.__init__(self, filename, mode, encoding, delay)
Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/__init__.py", line 893, in __init__
Tue May 20 18:27:01 2014: StreamHandler.__init__(self, self._open())
Tue May 20 18:27:01 2014: File "/usr/lib64/python2.7/logging/__init__.py", line 912, in _open
Tue May 20 18:27:01 2014: stream = open(self.baseFilename, self.mode)
Tue May 20 18:27:01 2014: IOError: [Errno 2] No such file or directory: '/var/log/cinder/cinder-manage.log'
So make sure "/var/log/cinder" is created before "cinder-manage db sync"
is invoked.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently qemu compute is instructed to start with 1 vcpu,
this at least causes ceilometer report wrong avg cpu_util
percentage when multiple VMs running on qemu compute.
So increase qemu compute vcpu from 1 to 4 to fix the
issue above and also provide qemu compute a bit more power
to run more heavier tests.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Since oe-core introduced the autotools separated build and source
directory changes, some package builds broke.
With this change, we can build against the latest oe-core master.
It should be noted that this masks the build issues, and the bbappends
should be removed as dependency layers update or "real" fixes are
generated.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
meta-virtualization versions
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Track the update of libvirt to 1.2.4 in meta-virtualization. We also move
the 1.2.2 bbappend to dangling for layers and users that are not tracking
the latest meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Unfortunately the use of apxs, which isn't that friendly with
separated src/build dirs, makes things tricky to acheive src/build
separation. With the use of a symlink and a few other minor tweaks we
are able to get this working.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
distutils.bbclass does not work when there is a build/src separation
so inherit autotools-brokensep so continue building in the src dir.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Since Grizzly release Keystone defaults to storing tokens in PKI
format. Some software works better with keystone if tokens
are in the older UUID format. This change allows a simple way
to set the storage format within the bitbake receipes. The default
is to use the newer PKI format.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Issue: US-34303
Barbican source code comes with scripts that are intended to control
the service. Added previously was a script for this same purpose
that is placed into init.d that integrates more consistently with
the system. This makes the need for these scripts redundant. This
patch removes the scripts being put into the final system package.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
authentication chaining
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and
icehouse before icehouse-rc2 allows remote attackers to cause a denial of
service (CPU consumption) via a large number of the same authentication
method in a request, aka "authentication chaining."
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through
1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain
secret URLs by leveraging an object name and a timing side-channel attack.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon
Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable
permissions for /etc/keystone/ec2rc, which allows local users to obtain
access to EC2 services by reading administrative access and secret values
from this file.
Modify /etc/keystone to have permission 750
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
We need iproute2 or the agent will fail to start as 'ip' from busybox
is not capable enough.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Editing the files in ${WORKDIR} using sed or similar tools as part of
do_install means they can only be edited once. Supplying a modified
CONTROLLER_IP in local.conf and building the image again will not
result in the CONTROLLER_IP being properly updated since the
substitution placeholders will no longer exist. We therefore simply
swap the other of things, installing the configuration files first,
then editing them to swap the placeholders. This means we can run the
do_install again and again and get the results we expect.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
management of secrets
Introduce the barbican package: https://wiki.openstack.org/wiki/Barbican, to
support the management of keys and secrets on an OpenStack system.
The barbican api service can be started with the packaged initscript, and has
been validated against the barbican quick start guide.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
barbican uses the standalone wsgi reference library.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
barbican uses sqlite for its database, and uses pysqlite to access data.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Barbican uses the standalone oslo.messaging API, so we introduce the
pypi version.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
To support Barbican, we introduce the recipe for falcon.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
While other wsgi integrations are possible (apache, nginx), barbican is developed
and supported via uwsgi. So we integrate uwsgi, with the default configuration
capable of acting as a gateway for python applications.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
Introduce image openstack-image-aio, integrating both compute and controller functionality
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
| |
These documents initially cover the 3 main networking building blocks
with using Open vSwitch.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
|
