trove

Commit Graph

Author	SHA1	Message	Date
Lingxian Kong	aa1d4d2246	Datastore containerization Significant changes: * Using docker image to install datastore. * Datastore image is common to different datastores. * Using backup docker image to do backup and restore. * Support MariaDB replication * Set most of the functional jobs as non-voting as nested virtualization is not supported in CI. Change-Id: Ia9c97a63a961eebc336b70d28dc77638144c1834	2020-05-27 10:31:50 +12:00
Lingxian Kong	602c4d42de	Improve the function tests - Execute test groups in serial to make sure no more than 2 database instance are created at the same time. - Remove some unneccesary tests - Remove unneeded datastore, e.g. 'Test_Datastore_1' - Remove unsupported trovestack subcommands - Move unsupported DIB elements to the 'deprecated-elements' folder - Decrease default value of 'agent_call_high_timeout' to 5min - Add initial_deplay for pooling task - Use socket file to connect with database instead of using localhost IP Change-Id: Ie5030a671fbeb453eafa6cbe04e08da7b52e33c9	2020-01-28 14:27:52 +13:00
Tomasz Nowak	043ad08237	Configure guestagent on Ubuntu guest images to use CA certificates Currently there is no way to provide SSL configuration for Trove, so it fails e.g. when uploading backups to a secured Swift endpoint. This patch sets an environment variable (REQUESTS_CA_BUNDLE [1]) understood by Requests library for Python, so all HTTPS calls done by trove-guest service will trust the provided CAs. For Ubuntu Xenial and Fedora a systemd drop-in sets this environment variable for trove-guest service, so it uses Ubuntu's/Fedora's system certificate store to validate server certificates. For Ubuntu Trusty the upstart script is modified to build and use a bundle file from certificates in /usr/local/share/ca-certificates, because Requests library doesn't support CA directories in such old Python versions. On Ubuntu systems the custom certificates are taken from /usr/local/share/ca-certificates; please use PEM format, .crt extension and call update-ca-certificates. On Fedora systems custom certificates can be put in /usr/share/pki/ca-trust-source/anchors; please use PEM format, .pem extension and call update-ca-trust. [1] http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification Change-Id: I0025e7c72fa2d863ae9540941956b1ab63bcc636	2017-11-09 09:29:16 +00:00

Author

SHA1

Message

Date

Lingxian Kong

aa1d4d2246

Datastore containerization

Significant changes:

* Using docker image to install datastore.
* Datastore image is common to different datastores.
* Using backup docker image to do backup and restore.
* Support MariaDB replication
* Set most of the functional jobs as non-voting as nested
  virtualization is not supported in CI.

Change-Id: Ia9c97a63a961eebc336b70d28dc77638144c1834

2020-05-27 10:31:50 +12:00

Lingxian Kong

602c4d42de

Improve the function tests

- Execute test groups in serial to make sure no more than 2 database
  instance are created at the same time.
- Remove some unneccesary tests
- Remove unneeded datastore, e.g. 'Test_Datastore_1'
- Remove unsupported trovestack subcommands
- Move unsupported DIB elements to the 'deprecated-elements' folder
- Decrease default value of 'agent_call_high_timeout' to 5min
- Add initial_deplay for pooling task
- Use socket file to connect with database instead of using localhost
  IP

Change-Id: Ie5030a671fbeb453eafa6cbe04e08da7b52e33c9

2020-01-28 14:27:52 +13:00

Tomasz Nowak

043ad08237

Configure guestagent on Ubuntu guest images to use CA certificates

Currently there is no way to provide SSL configuration for Trove, so it
fails e.g. when uploading backups to a secured Swift endpoint. This
patch sets an environment variable (REQUESTS_CA_BUNDLE [1]) understood
by Requests library for Python, so all HTTPS calls done by trove-guest
service will trust the provided CAs.

For Ubuntu Xenial and Fedora a systemd drop-in sets this environment
variable for trove-guest service, so it uses Ubuntu's/Fedora's system
certificate store to validate server certificates.

For Ubuntu Trusty the upstart script is modified to build and use a
bundle file from certificates in /usr/local/share/ca-certificates,
because Requests library doesn't support CA directories in such old
Python versions.

On Ubuntu systems the custom certificates are taken from
/usr/local/share/ca-certificates; please use PEM format, .crt extension
and call update-ca-certificates.

On Fedora systems custom certificates can be put in
/usr/share/pki/ca-trust-source/anchors; please use PEM format, .pem
extension and call update-ca-trust.

[1] http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification

Change-Id: I0025e7c72fa2d863ae9540941956b1ab63bcc636

2017-11-09 09:29:16 +00:00

3 Commits