upper_constraints_remove() macro allows to remove line
upper_constraints_version_change() allows to change versions
This way we have cleaner way to alter u-c in those images which need it.
Change-Id: I8fc354b8aa4d03fcd3ecfb9cbfe75de67492a0e3
This patch adds support for the new OVN Neutron Agent [1]. This
new agent will include any needed OVN functionality not implemented
in ovn-controller. This agent will, in a future, include the
metadata service, superseding the OVN Metadata Agent.
[1]https://review.opendev.org/c/openstack/neutron-specs/+/868076
Related-Bug: #2000385
Related-Bug: #1998608
Change-Id: Ib15a89ce9ba7b1c5121a627da9d130dc5bf5a044
Fixes a hypothetical security issue related to privilege escalation via
rootwrap/privsep. A potential vulnerable service could previously allow
writes to its rootwrap/privsep config and thus allow for more commands
to be run with root privileges via rootwrap/privsep. For a succesful
attack, this would also require the service to allow to run arbitrary
commands via rootwrap/privsep. Thus far, no such vulnerabilities have
been reported and thus this fix is simply strengthening the container
images against such an issue in the future.
Change-Id: I92c81c77e6a16570a108cde8031f7977930fb02a
Closes-Bug: #1874298
OpenStack 'zed' requires Python 3.8+ so RHEL 8 family has to go.
This changeset moves to CentOS Stream 9 while move to RockyLinux 9 is
planned as final solution.
CI moved to CentOS Stream 9 nodes.
Depends-on: https://review.opendev.org/c/openstack/kolla-ansible/+/839715
Change-Id: I113b9984294cf8663d3fc0c8840320e1d40ea731
Tim Shearer started it in 1d96a2bbe1.
Since all extend_start files are sourced rather than executed, the executable
bits are now cleared throughout the project.
Change-Id: Ia1797c32fc6a35f9f077c673abf4d8e16e51a760
As we have one type of images now some RUN calls could be merged so we
will have less layers in resulting images.
Change-Id: I5178c58fbd8c65efe825dc249c0f1368ef0fe8e0
Explicitly set the permissions on the kolla-toolbox kolla_extend_start
file. Also, since all extend_start files are sourced rather than
executed, the executable bits are now cleared throughout the project.
Change-Id: I5c2deb4a2e33575d57c852089f856a9acc6818d0
Big patch drops all mentions of binary images support. Suggestions are
welcome how to split it into parts or handle better.
Change-Id: I5d5a46c6ce7734ceb8b844e17b43e359d7cac6e3
--query is not supported before update-alternatives 1.15
and CentOS uses 1.13
Closes-Bug: #1936947
Change-Id: I78da7eb2b6b5eae2b04fd95b24615bd4a572a1d6
We have been configuring neutron to use /etc/neutron/api-paste.ini for
more than a month now. Remove this file from its old location before
Xena is released. Stop creating /usr/share/neutron which is now unused.
Change-Id: Ic90cd8e3065fa629d5ad67abaf7c193fd845259a
CentOS binary packages for Xena have moved Neutron's api-paste.ini file
to /etc/neutron [1]. Make this file available at the old location [2]
for compatiblity with kolla-ansible, until the configuration is modified
to use the new location.
[1] https://review.rdoproject.org/r/c/openstack/neutron-distgit/+/34845
[2] /usr/share/neutron/api-paste.ini
Change-Id: I2295884ef3b4c3bf4b087599322b0c5761e7b775
With RDO use we did not disabled some repositories. This patch disable
them and enable where needed.
Change-Id: Ia9d537fe9c1ad54789d2bfb4027254fbb3defe7e
There are several images installing 'python3-libvirt' package. Which for
Debian reside in 'libvirt' repo. So let's enable it where needed.
Change-Id: I1c91d27f2578f5ca7c83c4747725b1d9371880b0
1. stop pinning networking-hyperv
Pike release was long time ago so maybe it is time to unpin it?
commit 6dc8e97846
Author: Dan Ardelean <dardelean@cloudbasesolutions.com>
Date: Mon Aug 28 12:56:25 2017 +0300
Change networking-hyperv version for Pike
2. stop install vmware-nsxlib as a plugin
vmware-nsx is a plugin and we install it already
vmware-nsxlib can be fetched from Pypi
Solves:
INFO:kolla.common.utils.neutron-server:The conflict is caused by:
INFO:kolla.common.utils.neutron-server: The user requested vmware-nsxlib 15.0.8.dev129 (from /plugins/vmware-nsxlib-15.0.8.dev129)
INFO:kolla.common.utils.neutron-server: vmware-nsx 15.0.1.dev424 depends on vmware-nsxlib>=17.0.0
Change-Id: I6ef344d463333e5cdc3a0850c8e068218779fdbd
Only the final image in a hierarchy should have the footer block.
neutron-infoblox-ipam-agent image still has two footers because it
inherits from the neutron-server image. We set the user to root at the
beginning of that Dockerfile, so that headers and footers have the right
context.
Change-Id: I95e5bb5583be2a76e289749e8adfc303a4e7197a
Make start.sh run with pipefail and nounset to avoid common errors
in the start scripts and detect them early.
Httpd code had to be patched to allow it to pass on Debuntu.
Also fix the two missed applications of httpd to make sure all
its path are covered.
And also fix Horizon's ENABLE_ZAQAR - K-A does not use Zaqar.
Yet another - Horizon's settings_bundle. :-)
Finally, fix Neutron for Debuntu (KOLLA_LEGACY_IPTABLES).
Change-Id: I39b8d78f6758df1f92b8b0d2c06ea99b038b843b
Depends-On: https://review.opendev.org/711923
1) makes bifrost unbuildable as it evolves rapidly at the moment
2) makes neutron bootstrap/upgrade only the core service [1]
1) will be reverted
2) will be made more flexible
[1] https://bugs.launchpad.net/bgpvpn/+bug/1894056
Change-Id: I1eefcfceded985b5f61ee8d796f9d8994c9ee97c
python-vmware-nsx is not installed anywhere, we don't need the FIXED message
thi PS to clean it up
Change-Id: I1b05c03002e142c7b0f26808ad423b569140a7bc
Those have been deprecated in previous cycle - see [1].
[1]: https://review.opendev.org/#/c/701074/
Change-Id: Ifde221e807df75d884a3f8cc4fc29eb0cb303472
In [1] we have removed opendaylight image, but left neutron-server-opendaylight
image.
[1]: https://review.opendev.org/#/c/739446/
Change-Id: Iae312e24a4ff9ab79979328abac3410fbb1a3cc2
ovs images which based on centos miss libibverbs package.
this ps add the package to neutron-ovs-agent and ovs-base
images.
Closes-Bug: 1882863
Change-Id: I3e307efc43f934a944a91d5d131a11f607411df2
With the move to RHEL/CentOS 8 we no longer have Python 2 in our images
so there is no need for checking which Python version (2.x or 3.x) is
used inside of containers.
We also no longer have to support yum as a value for
distro_package_manager.
Partially-Implements: blueprint centos-rhel-8
Change-Id: Ie45cf3465fedddbde7856961527421883ba3d5c9
A followup to change [1].
Remove networking-ovn sources from kolla/common/config.py and
neutron-db-manage call in neutron-server/extend_start.sh
[1]: https://review.opendev.org/712762/
Change-Id: I976d60e5f2bf3e8a55b90485a77584d9e7579d62
* Some further changes for python2 vs python3 packages
* Allow rabbitmq 3.7.*, since a newer erlang is available
* Switch from qemu-img-ev to qemu-img on CentOS 8
* bridge-utils no longer available on CentOS 8
* libvirt-daemon-driver-lxc no longer available on CentOS 8
* Mark some more images buildable for CentOS 8
Change-Id: Iaf5b68ff6d944ae730ca0b1d5832172c106a6c08
Partially-Implements: blueprint centos-rhel-8
Partially-Implements: blueprint centos-rhel-python-3
When [1] was committed, neutron stopped building for Train.
Analogous patch is proposed to other stable branches.
This patch removes neutron from upper-constraints.
Kolla master is affected directly because we build Train
for CentOS 7 atm.
1. https://review.opendev.org/#/c/697370/
Change-Id: I944e8e42fef1d359d767cbc6e1c13371ed753f31
Michal Nasiadka