[openstack-puppet-modules] Updated to 2014.1-19
Ivan Chavero
ichavero at fedoraproject.org
Wed Jul 30 23:34:40 UTC 2014
commit 7d3196e241dae916246c6b9aed488a9322ad7f8a
Author: Ivan Chavero <ichavero at redhat.com>
Date: Wed Jul 30 17:33:59 2014 -0600
Updated to 2014.1-19
- Bump to the latest stable puppet modules
- Removed puppetlabs-firewall-pull-request-367.patch
- Add puppetlabs-firewall-pull-request-367-2.patch
- Removed 0002-Refacfored-a-more-suitable-ovs_redhat-provider.patch
- Removed 0003-Fixes-bridge-addition-error-if-interface-has-no-IP.patch
- Add 0001-Refacfored-a-more-suitable-ovs_redhat-provider.patch
- Removed 0001-Refresh-Neutron-server.patch
- Add 0001-Remove-ability-to-manage-the-nova-uid-gid.patch
- Add 0001-Install-ceph-client-libraries-when-using-rbd.patch
- Add 0001-Configure-OVS-mechanism-agent-configs-in-its-config-.patch
...VS-mechanism-agent-configs-in-its-config-.patch | 274 ++++++++++++
0001-Fixes-agent_notification_service_name.patch | 19 +-
...tall-ceph-client-libraries-when-using-rbd.patch | 41 ++
...fored-a-more-suitable-ovs_redhat-provider.patch | 439 ++++++++++++++++++++
...Remove-ability-to-manage-the-nova-uid-gid.patch | 192 +++++++++
openstack-puppet-modules.spec | 126 +++---
puppetlabs-firewall-pull-request-367-2.patch | 75 ++++
7 files changed, 1099 insertions(+), 67 deletions(-)
---
diff --git a/0001-Configure-OVS-mechanism-agent-configs-in-its-config-.patch b/0001-Configure-OVS-mechanism-agent-configs-in-its-config-.patch
new file mode 100644
index 0000000..86b1edc
--- /dev/null
+++ b/0001-Configure-OVS-mechanism-agent-configs-in-its-config-.patch
@@ -0,0 +1,274 @@
+From f5fd94991b271dd38f336d968b7713453cf3933e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Mathieu=20Gagne=CC=81?= <mgagne at iweb.com>
+Date: Wed, 9 Jul 2014 20:44:07 -0400
+Subject: [PATCH] Configure OVS mechanism agent configs in its config file
+
+Configurations for the OVS agent should go in its config file:
+/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
+
+Therefore, we should not remove the agent config file and
+replace it with a symlink to plugin.ini or ml2_conf.ini.
+
+Those config files are meant to be used by the core plugin itself
+in neutron-server, not the agents themselves.
+
+- Remove symlink creation from ovs_neutron_plugin.ini to plugin.ini
+- Use neutron_plugin_ovs to configure OVS mechanism agent configs
+
+Change-Id: I53d9b923784587e8a2a934f004a3b054c716daaa
+---
+ manifests/agents/ml2/ovs.pp | 39 ++++++-----------
+ spec/classes/neutron_agents_ml2_ovs_spec.rb | 66 ++++++++++++-----------------
+ 2 files changed, 40 insertions(+), 65 deletions(-)
+
+diff --git a/manifests/agents/ml2/ovs.pp b/manifests/agents/ml2/ovs.pp
+index 34c1ddb..c999880 100644
+--- a/manifests/agents/ml2/ovs.pp
++++ b/manifests/agents/ml2/ovs.pp
+@@ -107,7 +107,8 @@ class neutron::agents::ml2::ovs (
+ fail('Local ip for ovs agent must be set when tunneling is enabled')
+ }
+
+- Neutron_plugin_ml2<||> ~> Service['neutron-ovs-agent-service']
++ Package['neutron-ovs-agent'] -> Neutron_plugin_ovs<||>
++ Neutron_plugin_ovs<||> ~> Service['neutron-ovs-agent-service']
+
+ if ($bridge_mappings != []) {
+ # bridge_mappings are used to describe external networks that are
+@@ -125,7 +126,7 @@ class neutron::agents::ml2::ovs (
+ # Set config for bridges that we're going to create
+ # The OVS neutron plugin will talk in terms of the networks in the bridge_mappings
+ $br_map_str = join($bridge_mappings, ',')
+- neutron_plugin_ml2 {
++ neutron_plugin_ovs {
+ 'ovs/bridge_mappings': value => $br_map_str;
+ }
+ neutron::plugins::ovs::bridge{ $bridge_mappings:
+@@ -136,19 +137,17 @@ class neutron::agents::ml2::ovs (
+ }
+ }
+
+- neutron_plugin_ml2 {
++ neutron_plugin_ovs {
+ 'agent/polling_interval': value => $polling_interval;
+ 'agent/l2_population': value => $l2_population;
+ 'agent/arp_responder': value => $arp_responder;
+ 'ovs/integration_bridge': value => $integration_bridge;
+ }
+
+- if ($firewall_driver) {
+- neutron_plugin_ml2 { 'securitygroup/firewall_driver':
+- value => $firewall_driver
+- }
++ if $firewall_driver {
++ neutron_plugin_ovs { 'securitygroup/firewall_driver': value => $firewall_driver }
+ } else {
+- neutron_plugin_ml2 { 'securitygroup/firewall_driver': ensure => absent }
++ neutron_plugin_ovs { 'securitygroup/firewall_driver': ensure => absent }
+ }
+
+ vs_bridge { $integration_bridge:
+@@ -161,25 +160,25 @@ class neutron::agents::ml2::ovs (
+ ensure => present,
+ before => Service['neutron-ovs-agent-service'],
+ }
+- neutron_plugin_ml2 {
++ neutron_plugin_ovs {
+ 'ovs/enable_tunneling': value => true;
+ 'ovs/tunnel_bridge': value => $tunnel_bridge;
+ 'ovs/local_ip': value => $local_ip;
+ }
+
+ if size($tunnel_types) > 0 {
+- neutron_plugin_ml2 {
++ neutron_plugin_ovs {
+ 'agent/tunnel_types': value => join($tunnel_types, ',');
+ }
+ }
+ if 'vxlan' in $tunnel_types {
+ validate_vxlan_udp_port($vxlan_udp_port)
+- neutron_plugin_ml2 {
++ neutron_plugin_ovs {
+ 'agent/vxlan_udp_port': value => $vxlan_udp_port;
+ }
+ }
+ } else {
+- neutron_plugin_ml2 {
++ neutron_plugin_ovs {
+ 'ovs/enable_tunneling': value => false;
+ 'ovs/tunnel_bridge': ensure => absent;
+ 'ovs/local_ip': ensure => absent;
+@@ -188,7 +187,6 @@ class neutron::agents::ml2::ovs (
+
+
+ if $::neutron::params::ovs_agent_package {
+- Package['neutron-ovs-agent'] -> Neutron_plugin_ml2<||>
+ package { 'neutron-ovs-agent':
+ ensure => $package_ensure,
+ name => $::neutron::params::ovs_agent_package,
+@@ -197,21 +195,11 @@ class neutron::agents::ml2::ovs (
+ # Some platforms (RedHat) do not provide a separate
+ # neutron plugin ovs agent package. The configuration file for
+ # the ovs agent is provided by the neutron ovs plugin package.
+- Package['neutron-ovs-agent'] -> Neutron_plugin_ml2<||>
+- Package['neutron-ovs-agent'] -> Service['ovs-cleanup-service']
+-
+ if ! defined(Package['neutron-ovs-agent']) {
+ package { 'neutron-ovs-agent':
+ ensure => $package_ensure,
+ name => $::neutron::params::ovs_server_package,
+- } ->
+- # https://bugzilla.redhat.com/show_bug.cgi?id=1087647
+- # Causes init script for agent to load the old ovs file
+- # instead of the ml2 config file.
+- file { '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini':
+- ensure => link,
+- target => '/etc/neutron/plugin.ini'
+- } ~> Service<| title == 'neutron-ovs-agent-service' |>
++ }
+ }
+ }
+
+@@ -229,7 +217,8 @@ class neutron::agents::ml2::ovs (
+ }
+
+ if $::neutron::params::ovs_cleanup_service {
+- service {'ovs-cleanup-service':
++ Package['neutron-ovs-agent'] -> Service['ovs-cleanup-service']
++ service { 'ovs-cleanup-service':
+ ensure => $service_ensure,
+ name => $::neutron::params::ovs_cleanup_service,
+ enable => $enabled,
+diff --git a/spec/classes/neutron_agents_ml2_ovs_spec.rb b/spec/classes/neutron_agents_ml2_ovs_spec.rb
+index a4e9f77..26d4812 100644
+--- a/spec/classes/neutron_agents_ml2_ovs_spec.rb
++++ b/spec/classes/neutron_agents_ml2_ovs_spec.rb
+@@ -33,15 +33,15 @@ describe 'neutron::agents::ml2::ovs' do
+ it { should contain_class('neutron::params') }
+
+ it 'configures ovs_neutron_plugin.ini' do
+- should contain_neutron_plugin_ml2('agent/polling_interval').with_value(p[:polling_interval])
+- should contain_neutron_plugin_ml2('agent/l2_population').with_value(p[:l2_population])
+- should contain_neutron_plugin_ml2('agent/arp_responder').with_value(p[:arp_responder])
+- should contain_neutron_plugin_ml2('ovs/integration_bridge').with_value(p[:integration_bridge])
+- should contain_neutron_plugin_ml2('securitygroup/firewall_driver').\
++ should contain_neutron_plugin_ovs('agent/polling_interval').with_value(p[:polling_interval])
++ should contain_neutron_plugin_ovs('agent/l2_population').with_value(p[:l2_population])
++ should contain_neutron_plugin_ovs('agent/arp_responder').with_value(p[:arp_responder])
++ should contain_neutron_plugin_ovs('ovs/integration_bridge').with_value(p[:integration_bridge])
++ should contain_neutron_plugin_ovs('securitygroup/firewall_driver').\
+ with_value(p[:firewall_driver])
+- should contain_neutron_plugin_ml2('ovs/enable_tunneling').with_value(false)
+- should contain_neutron_plugin_ml2('ovs/tunnel_bridge').with_ensure('absent')
+- should contain_neutron_plugin_ml2('ovs/local_ip').with_ensure('absent')
++ should contain_neutron_plugin_ovs('ovs/enable_tunneling').with_value(false)
++ should contain_neutron_plugin_ovs('ovs/tunnel_bridge').with_ensure('absent')
++ should contain_neutron_plugin_ovs('ovs/local_ip').with_ensure('absent')
+ end
+
+ it 'configures vs_bridge' do
+@@ -58,18 +58,20 @@ describe 'neutron::agents::ml2::ovs' do
+ :name => platform_params[:ovs_agent_package],
+ :ensure => p[:package_ensure]
+ )
+- should contain_package('neutron-ovs-agent').with_before(/Neutron_plugin_ml2\[.+\]/)
++ should contain_package('neutron-ovs-agent').with_before(/Neutron_plugin_ovs\[.+\]/)
+ else
+ end
+ end
+
+- it 'configures neutron ovs agent service' do
+- should contain_service('neutron-ovs-agent-service').with(
+- :name => platform_params[:ovs_agent_service],
+- :enable => true,
+- :ensure => 'running',
+- :require => 'Class[Neutron]'
+- )
++ it 'configures neutron ovs cleanup service (if any)' do
++ if platform_params.has_key?(:ovs_cleanup_service)
++ should contain_service('ovs-cleanup-service').with(
++ :name => platform_params[:ovs_cleanup_service],
++ :enable => true,
++ :ensure => 'running'
++ )
++ should contain_package('neutron-ovs-agent').with_before(/Service\[ovs-cleanup-service\]/)
++ end
+ end
+
+ context 'when supplying a firewall driver' do
+@@ -77,7 +79,7 @@ describe 'neutron::agents::ml2::ovs' do
+ params.merge!(:firewall_driver => false)
+ end
+ it 'should configure firewall driver' do
+- should contain_neutron_plugin_ml2('securitygroup/firewall_driver').with_ensure('absent')
++ should contain_neutron_plugin_ovs('securitygroup/firewall_driver').with_ensure('absent')
+ end
+ end
+
+@@ -86,7 +88,7 @@ describe 'neutron::agents::ml2::ovs' do
+ params.merge!(:arp_responder => true)
+ end
+ it 'should enable ARP responder' do
+- should contain_neutron_plugin_ml2('agent/arp_responder').with_value(true)
++ should contain_neutron_plugin_ovs('agent/arp_responder').with_value(true)
+ end
+ end
+
+@@ -96,7 +98,7 @@ describe 'neutron::agents::ml2::ovs' do
+ end
+
+ it 'configures bridge mappings' do
+- should contain_neutron_plugin_ml2('ovs/bridge_mappings')
++ should contain_neutron_plugin_ovs('ovs/bridge_mappings')
+ end
+
+ it 'should configure bridge mappings' do
+@@ -128,9 +130,9 @@ describe 'neutron::agents::ml2::ovs' do
+ params.merge!(:enable_tunneling => true, :local_ip => '127.0.0.1' )
+ end
+ it 'should configure ovs for tunneling' do
+- should contain_neutron_plugin_ml2('ovs/enable_tunneling').with_value(true)
+- should contain_neutron_plugin_ml2('ovs/tunnel_bridge').with_value(default_params[:tunnel_bridge])
+- should contain_neutron_plugin_ml2('ovs/local_ip').with_value('127.0.0.1')
++ should contain_neutron_plugin_ovs('ovs/enable_tunneling').with_value(true)
++ should contain_neutron_plugin_ovs('ovs/tunnel_bridge').with_value(default_params[:tunnel_bridge])
++ should contain_neutron_plugin_ovs('ovs/local_ip').with_value('127.0.0.1')
+ should contain_vs_bridge(default_params[:tunnel_bridge]).with(
+ :ensure => 'present',
+ :before => 'Service[neutron-ovs-agent-service]'
+@@ -147,8 +149,8 @@ describe 'neutron::agents::ml2::ovs' do
+ end
+
+ it 'should perform vxlan network configuration' do
+- should contain_neutron_plugin_ml2('agent/tunnel_types').with_value(params[:tunnel_types])
+- should contain_neutron_plugin_ml2('agent/vxlan_udp_port').with_value(params[:vxlan_udp_port])
++ should contain_neutron_plugin_ovs('agent/tunnel_types').with_value(params[:tunnel_types])
++ should contain_neutron_plugin_ovs('agent/vxlan_udp_port').with_value(params[:vxlan_udp_port])
+ end
+ end
+ end
+@@ -178,21 +180,5 @@ describe 'neutron::agents::ml2::ovs' do
+ end
+
+ it_configures 'neutron plugin ovs agent with ml2 plugin'
+-
+- it 'configures neutron ovs cleanup service' do
+- should contain_service('ovs-cleanup-service').with(
+- :name => platform_params[:ovs_cleanup_service],
+- :enable => true,
+- :ensure => 'running'
+- )
+- should contain_package('neutron-ovs-agent').with_before(/Service\[ovs-cleanup-service\]/)
+- end
+-
+- it 'links from ovs config to plugin config' do
+- should contain_file('/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini').with(
+- :ensure => 'link',
+- :target => '/etc/neutron/plugin.ini'
+- )
+- end
+ end
+ end
+--
+1.8.3.1
+
diff --git a/0001-Fixes-agent_notification_service_name.patch b/0001-Fixes-agent_notification_service_name.patch
index e48517e..1636194 100644
--- a/0001-Fixes-agent_notification_service_name.patch
+++ b/0001-Fixes-agent_notification_service_name.patch
@@ -1,33 +1,30 @@
-From 00bfaa1fa4709cec6a03e2772445dc8f27a89224 Mon Sep 17 00:00:00 2001
+From 536b22212dbaba70be514ea4f63e72364033f722 Mon Sep 17 00:00:00 2001
From: Ivan Chavero <ichavero at redhat.com>
Date: Mon, 26 May 2014 06:54:45 -0600
Subject: [PATCH] Fixes agent_notification_service_name
-This patch corrects the service name of the ceilometer notification
-agent, which was 'ceilometer-agent-notification' in pre-release RPMs but
-was later changed to 'ceilometer-notification'.
+In icehouse the agent_notification_service_name has changed
+from ceilometer-agent-notification service to ceilometer-notification
Change-Id: Ie2703a028ce154efa7fa1d0da58914230adfc7db
---
- manifests/params.pp | 3 +-
- spec/classes/ceilometer_agent_notification_spec.rb | 50 +++++++++++++++++++++-
- 2 files changed, 51 insertions(+), 2 deletions(-)
+ manifests/params.pp | 22 +++++++++++++++++++++-
+ 1 file changed, 21 insertions(+), 1 deletion(-)
diff --git a/manifests/params.pp b/manifests/params.pp
-index feb1e19..1c370ae 100644
+index feb1e19..916ee7c 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
-@@ -23,11 +23,12 @@ class ceilometer::params {
+@@ -23,11 +23,11 @@ class ceilometer::params {
$agent_compute_service_name = 'openstack-ceilometer-compute'
$api_service_name = 'openstack-ceilometer-api'
$collector_service_name = 'openstack-ceilometer-collector'
- $agent_notification_service_name = 'openstack-ceilometer-agent-notification'
++ $agent_notification_service_name = 'openstack-ceilometer-notification'
$alarm_notifier_service_name = 'openstack-ceilometer-alarm-notifier'
$alarm_evaluator_service_name = 'openstack-ceilometer-alarm-evaluator'
$pymongo_package_name = 'python-pymongo'
$psycopg_package_name = 'python-psycopg2'
-+ $agent_notification_service_name = 'openstack-ceilometer-notification'
-+
# db packages
if $::operatingsystem == 'Fedora' and $::operatingsystemrelease >= 18 {
# fallback to stdlib version, not provided on fedora
diff --git a/0001-Install-ceph-client-libraries-when-using-rbd.patch b/0001-Install-ceph-client-libraries-when-using-rbd.patch
new file mode 100644
index 0000000..0a4bb18
--- /dev/null
+++ b/0001-Install-ceph-client-libraries-when-using-rbd.patch
@@ -0,0 +1,41 @@
+From e523b5d1f2d56fa0e708371879cca659c592fbd4 Mon Sep 17 00:00:00 2001
+From: Ivan Chavero <ichavero at redhat.com>
+Date: Tue, 8 Jul 2014 21:51:04 -0600
+Subject: [PATCH] Install ceph client libraries when using rbd
+
+Ceph client libraries might not be installed when using the
+nova::compute::rbd class.
+
+Change-Id: Icc2c8e688abbc6d8a1877bfea7be6b30204d1a52
+---
+ manifests/compute/rbd.pp | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/manifests/compute/rbd.pp b/manifests/compute/rbd.pp
+index 009833d..e65d0cd 100644
+--- a/manifests/compute/rbd.pp
++++ b/manifests/compute/rbd.pp
+@@ -53,6 +53,20 @@ class nova::compute::rbd (
+
+ include nova::params
+
++ # Fedora is the only one that has a different name
++ # for the ceph client package
++ if $::operatingsystem == 'Fedora' {
++ $ceph_package = 'ceph'
++ }
++ else {
++ $ceph_package = 'ceph-common'
++ }
++
++ # Install ceph client libraries
++ package { $ceph_package:
++ ensure => 'installed',
++ }
++
+ nova_config {
+ 'libvirt/images_type': value => 'rbd';
+ 'libvirt/images_rbd_pool': value => $libvirt_images_rbd_pool;
+--
+1.9.3
+
diff --git a/0001-Refacfored-a-more-suitable-ovs_redhat-provider.patch b/0001-Refacfored-a-more-suitable-ovs_redhat-provider.patch
new file mode 100644
index 0000000..b2b9ce8
--- /dev/null
+++ b/0001-Refacfored-a-more-suitable-ovs_redhat-provider.patch
@@ -0,0 +1,439 @@
+From 1bdccc59fb9a97797a7130b2f1ac4e4a65d924a6 Mon Sep 17 00:00:00 2001
+From: Gilles Dubreuil <gilles at redhat.com>
+Date: Wed, 21 May 2014 10:13:00 +1000
+Subject: [PATCH] Refacfored a more suitable ovs_redhat provider
+
+ - Added a helper class/library to handle ifcfg content
+
+ - Removed keep_ip and sleep parameters, replaced by
+ automatic behaviour
+
+ - No need for a redhat vs_bridge provider
+
+ - Only port/bridge associated with a phyical interface get a
+ ifcfg file managed
+
+ - Requires Puppet 2.7.8+
+ Not using optional_commands anymore
+
+Change-Id: I584fb1442de9a760b3a092f96cbfcbcd6776fdba
+---
+ lib/puppet/provider/vs_bridge/ovs_redhat.rb | 51 ----------
+ lib/puppet/provider/vs_port/ovs_redhat.rb | 144 ++++++++++++----------------
+ lib/puppet/type/vs_port.rb | 20 +---
+ lib/puppet_x/redhat/ifcfg.rb | 135 ++++++++++++++++++++++++++
+ 4 files changed, 197 insertions(+), 153 deletions(-)
+ delete mode 100644 lib/puppet/provider/vs_bridge/ovs_redhat.rb
+ create mode 100644 lib/puppet_x/redhat/ifcfg.rb
+
+diff --git a/lib/puppet/provider/vs_bridge/ovs_redhat.rb b/lib/puppet/provider/vs_bridge/ovs_redhat.rb
+deleted file mode 100644
+index 5495d12..0000000
+--- a/lib/puppet/provider/vs_bridge/ovs_redhat.rb
++++ /dev/null
+@@ -1,51 +0,0 @@
+-require "puppet"
+-
+-Base="/etc/sysconfig/network-scripts/ifcfg-"
+-
+-Puppet::Type.type(:vs_bridge).provide(:ovs_redhat) do
+- desc "Openvswitch bridge manipulation for RedHat family OSs"
+-
+- confine :osfamily => :redhat
+- defaultfor :osfamily => :redhat
+-
+- optional_commands :vsctl => "/usr/bin/ovs-vsctl",
+- :ip => "/sbin/ip"
+-
+- def exists?
+- vsctl("br-exists", @resource[:name])
+- rescue Puppet::ExecutionFailure
+- return false
+- end
+-
+- def create
+- vsctl("add-br", @resource[:name])
+- ip("link", "set", @resource[:name], "up")
+- external_ids = @resource[:external_ids] if @resource[:external_ids]
+- end
+-
+- def destroy
+- vsctl("del-br", @resource[:name])
+- end
+-
+- def external_ids
+- result = vsctl("br-get-external-id", @resource[:name])
+- return result.split("\n").join(",")
+- end
+-
+- def external_ids=(value)
+- old_ids = _split(external_ids)
+- new_ids = _split(value)
+-
+- new_ids.each_pair do |k,v|
+- unless old_ids.has_key?(k)
+- vsctl("br-set-external-id", @resource[:name], k, v)
+- end
+- end
+- end
+-
+- private
+-
+- def _split(string, splitter=",")
+- return Hash[string.split(splitter).map{|i| i.split("=")}]
+- end
+-end
+diff --git a/lib/puppet/provider/vs_port/ovs_redhat.rb b/lib/puppet/provider/vs_port/ovs_redhat.rb
+index 6d43797..757c152 100644
+--- a/lib/puppet/provider/vs_port/ovs_redhat.rb
++++ b/lib/puppet/provider/vs_port/ovs_redhat.rb
+@@ -1,105 +1,83 @@
+-require "puppet"
++require File.expand_path(File.join(File.dirname(__FILE__), '..', '..', '..', 'puppet_x', 'redhat', 'ifcfg.rb'))
+
+-Puppet::Type.type(:vs_port).provide(:ovs_redhat) do
+- desc "Openvswitch port manipulation for RedHat family OSs"
++Puppet::Type.type(:vs_port).provide(:ovs_redhat, :parent => :ovs) do
++ desc 'Openvswitch port manipulation for RedHat OSes family'
+
+- confine :osfamily => :redhat
++ confine :osfamily => :redhat
+ defaultfor :osfamily => :redhat
+
+- optional_commands :vsctl => "/usr/bin/ovs-vsctl",
+- :sleep => "/bin/sleep"
++ commands :ip => 'ip'
++ commands :ifdown => 'ifdown'
++ commands :ifup => 'ifup'
++ commands :vsctl => 'ovs-vsctl'
+
+- def exists?
+- vsctl("list-ports", @resource[:bridge]).include? @resource[:interface]
++ def create
++ unless vsctl('list-ports', @resource[:bridge]).include? @resource[:interface]
++ super
++ end
++
++ if interface_physical?
++ IFCFG::Port.new(@resource[:interface], @resource[:bridge]).save
++
++ if link?
++ if dynamic?
++ # Persistent MAC address taken from interface
++ bridge_mac_address = File.read("/sys/class/net/#{@resource[:interface]}/address")
++ IFCFG::BridgeDynamic.new(@resource[:bridge], @resource[:interface], bridge_mac_address).save
++ else
++ device = ip('addr', 'show', @resource[:interface])
++ cidr = device.to_s.match(/inet (\d*\.\d*\.\d*\.\d*\/\d*)/)
++ cidr = cidr ? cidr[1] : ""
++ IFCFG::BridgeStatic.new(@resource[:bridge], cidr).save
++ end
++ ifdown(@resource[:interface])
++ ifdown(@resource[:bridge])
++ ifup(@resource[:interface])
++ ifup(@resource[:bridge])
++ else
++ IFCFG::Bridge.new(@resource[:bridge]).save
++ end
++ end
+ end
+
+- def create
+- if @resource[:keep_ip]
+- create_bridge_file
+- create_physical_interface_file
+- activate_port
++ def exists?
++ if interface_physical?
++ super &&
++ IFCFG::OVS.exists?(@resource[:interface]) &&
++ IFCFG::OVS.exists?(@resource[:bridge])
+ else
+- vsctl("add-port", @resource[:bridge], @resource[:interface])
++ super
+ end
+ end
+
+ def destroy
+- vsctl("del-port", @resource[:bridge], @resource[:interface])
++ if interface_physical?
++ ifdown(@resource[:bridge])
++ ifdown(@resource[:interface])
++ IFCFG::OVS.remove(@resource[:interface])
++ IFCFG::OVS.remove(@resource[:bridge])
++ end
++ super
+ end
+
+ private
+
+- def activate_port
+- atomic_operation="ifdown #{@resource[:interface]};
+- ovs-vsctl add-port #{@resource[:bridge]} #{@resource[:interface]};
+- ifup #{@resource[:interface]};
+- ifup #{@resource[:bridge]}"
+- system(atomic_operation)
+- sleep(@resource[:sleep]) if @resource[:sleep]
+- end
+-
+- def create_physical_interface_file
+- file = File.open(Base + @resource[:interface], 'w+')
+- file << "DEVICE=#{@resource[:interface]}\n"
+- file << "DEVICETYPE=ovs\n"
+- file << "TYPE=OVSPort\n"
+- file << "BOOTPROTO=none\n"
+- file << "OVS_BRIDGE=#{@resource[:bridge]}\n"
+- file << "ONBOOT=yes\n"
+- file.close
++ def dynamic?
++ device = ''
++ device = ip('addr', 'show', @resource[:interface])
++ return device =~ /dynamic/ ? true : false
+ end
+
+- def search(file_name, value)
+- File.open(file_name) { |file|
+- file.each_line { |line|
+- match = value.match(line)
+- return match[0] if match
+- }
+- }
++ def link?
++ # Cannot use commands for grep!
++ File.read("/sys/class/net/#{@resource[:interface]}/operstate") =~ /up/
+ end
+
+- def create_bridge_file
+- bridge_file = File.open(Base + @resource[:bridge], 'w+')
+- interface_file_name = Base + @resource[:interface]
+-
+- # Ultimately this to go to vs_bridge
+- bridge_file << "DEVICE=#{@resource[:bridge]}\n"
+- bridge_file << "TYPE=OVSBridge\n"
+- bridge_file << "DEVICETYPE=ovs\n"
+- bridge_file << "ONBOOT=yes\n"
+- # End ultimately
++ def interface_physical?
++ # OVS port don't have entries in /sys/class/net
+
+- case search(interface_file_name, /bootproto=.*/i)
+- when /dhcp/
+- bridge_file << "OVSBOOTPROTO=dhcp\n"
+- bridge_file << "OVSDHCPINTERFACES=#{@resource[:interface]}\n"
+- when /static/, /none/
+- bridge_file << "OVSBOOTPROTO=static\n"
+-
+- ipaddr = search(interface_file_name, /ipaddr=.*/i)
+- if ipaddr.class == String
+- bridge_file << ipaddr + "\n"
+- else
+- raise RuntimeError, 'Undefined IP address'
+- end
+-
+- mask = search(interface_file_name, /(prefix|netmask)=.*/i)
+- if mask.class == String
+- bridge_file << mask + "\n"
+- else
+- raise RuntimeError, 'Undefined netmask or prefix'
+- end
+- else
+- raise RuntimeError, 'Undefined boot protocol'
+- end
+-
+- # The idea here to have a fixed MAC address
+- datapath_id = vsctl("get", "bridge", @resource[:bridge], 'datapath_id')
+- bridge_mac_address = datapath_id[-14..-3].scan(/.{1,2}/).join(':') if datapath_id
+-
+- if bridge_mac_address
+- bridge_file << "OVS_EXTRA=\"set bridge #{@resource[:bridge]} other-config:hwaddr=#{bridge_mac_address}\"\n"
+- end
+- bridge_file.close
++ # Alias interfaces (ethX:Y) must use ethX entries
++ interface = @resource[:interface].sub(/:\d/, '')
++ ! Dir["/sys/class/net/#{interface}"].empty?
+ end
+-end
+\ No newline at end of file
++end
+diff --git a/lib/puppet/type/vs_port.rb b/lib/puppet/type/vs_port.rb
+index df4705e..4527bd9 100644
+--- a/lib/puppet/type/vs_port.rb
++++ b/lib/puppet/type/vs_port.rb
+@@ -16,7 +16,7 @@ Puppet::Type.newtype(:vs_port) do
+ end
+
+ newparam(:bridge) do
+- desc "What bridge to use"
++ desc 'The bridge to attach to'
+
+ validate do |value|
+ if !value.is_a?(String)
+@@ -25,24 +25,6 @@ Puppet::Type.newtype(:vs_port) do
+ end
+ end
+
+- newparam(:keep_ip) do
+- desc "True: keep physical interface's details and assign them to the bridge"
+-
+- defaultto false
+- end
+-
+- newparam(:sleep) do
+- desc "Waiting time, in seconds (0 by default), for network to sync after activating port, used with keep_ip only"
+-
+- defaultto '0'
+-
+- validate do |value|
+- if value.to_i.class != Fixnum || value.to_i < 0
+- raise ArgumentError, "sleep requires a positive integer"
+- end
+- end
+- end
+-
+ autorequire(:vs_bridge) do
+ self[:bridge] if self[:bridge]
+ end
+diff --git a/lib/puppet_x/redhat/ifcfg.rb b/lib/puppet_x/redhat/ifcfg.rb
+new file mode 100644
+index 0000000..2092804
+--- /dev/null
++++ b/lib/puppet_x/redhat/ifcfg.rb
+@@ -0,0 +1,135 @@
++module IFCFG
++ class OVS
++ Base = '/etc/sysconfig/network-scripts/ifcfg-'
++
++ def self.remove(name)
++ File.delete(Base + name)
++ rescue Errno::ENOENT
++ end
++
++ def self.exists?(name)
++ File.exist?(Base + name)
++ end
++
++ def initialize(name)
++ @name = name
++ @device_type = 'ovs'
++ @onboot = 'yes'
++ end
++
++ def ifcfg
++ { 'DEVICE' => @name,
++ 'DEVICETYPE' => @device_type,
++ 'TYPE' => @type,
++ 'ONBOOT' => @onboot,
++ 'OVSBOOTPROTO' => @bootproto }
++ end
++
++ def replace_or_add(obj, regexp, str)
++ if obj.scan(regexp) == []
++ obj << str << "\n"
++ else
++ obj.gsub(regexp, str)
++ end
++ end
++
++ def file_to_str(filename)
++ data = ''
++ if File.exists?(filename)
++ File.open(filename, 'r').each_line { |line| data << line }
++ end
++ data
++ end
++
++ def save
++ fname = Base + @name
++ str = file_to_str(fname)
++ ifcfg.each { |key, val|
++ str = replace_or_add(str, /^#{key}=.*$/, "#{key}=#{val}")
++ }
++ File.open(fname, 'w') { |file| file << str }
++ end
++
++ def to_s
++ res = ''
++ ifcfg.each { |x, y|
++ res << "#{x}=#{y}\n"
++ }
++ res
++ end
++ end
++
++ class Bridge < OVS
++ def initialize(name, bootproto = nil)
++ super(name)
++ @type = 'OVSBridge'
++ @bootproto = bootproto ? bootproto : 'none'
++ end
++ end
++
++ class BridgeDynamic < Bridge
++ def initialize(name, interface, bridge_mac_address=nil)
++ super(name, 'dhcp')
++ @interface = interface
++ @bridge_mac_address = bridge_mac_address
++ end
++
++ def ifcfg
++ cfg = super.merge!({ 'OVSDHCPINTERFACES' => @interface })
++ if @bridge_mac_address
++ cfg.merge!({ 'OVS_EXTRA' =>
++ "\"set bridge #{@name} other-config:hwaddr=#{@bridge_mac_address}\"" })
++ end
++ fname = Base + @interface
++ str = file_to_str(fname)
++ arr = ["PEERDNS", "DEFROUTE", "PEERROUTES", "DNS1", "DNS2", "MTU", "NM_CONTROLLED", "NOZEROCONF"]
++ arr.each { |a|
++ str.match(/^#{a}=.*$/) { |m|
++ val = m.to_s.split('=',2)[1]
++ cfg.merge!({ "#{a}" => "#{val}" })
++ }
++ }
++ cfg
++ end
++ end
++
++ class BridgeStatic < Bridge
++ def initialize(name, cidr)
++ super(name)
++ cidr.match('(.*)\/(.*)') { |m|
++ @ipaddr = m[1]
++ @prefix = m[2]
++ }
++ end
++
++ def ifcfg
++ cfg = super
++ if @cidr != ''
++ cfg.merge!({ 'IPADDR' => @ipaddr, 'PREFIX' => @prefix })
++ end
++ fname = Base + @interface
++ str = file_to_str(fname)
++ arr = ["PEERDNS", "DEFROUTE", "PEERROUTES", "DNS1", "DNS2", "MTU", "NM_CONTROLLED", "NOZEROCONF"]
++ arr.each { |a|
++ str.match(/^#{a}=.*$/) { |m|
++ val = m.to_s.split('=',2)[1]
++ cfg.merge!({ "#{a}" => "#{val}" })
++ }
++ }
++ cfg
++ end
++ end
++
++ class Port < OVS
++ def initialize(name, bridge)
++ super(name)
++ @type = 'OVSPort'
++ @bridge = bridge
++ @bootproto = 'none'
++ end
++
++ def ifcfg
++ super.merge!({ 'BOOTPROTO' => 'none', 'OVS_BRIDGE' => @bridge })
++ end
++ end
++end
+--
+1.9.3
+
diff --git a/0001-Remove-ability-to-manage-the-nova-uid-gid.patch b/0001-Remove-ability-to-manage-the-nova-uid-gid.patch
new file mode 100644
index 0000000..9ce8ff6
--- /dev/null
+++ b/0001-Remove-ability-to-manage-the-nova-uid-gid.patch
@@ -0,0 +1,192 @@
+From ea0541fea9310cd52e30fa2140c60c7bc75e0883 Mon Sep 17 00:00:00 2001
+From: Lukas Bezdicka <lbezdick at redhat.com>
+Date: Thu, 3 Jul 2014 15:37:59 +0200
+Subject: [PATCH] Remove ability to manage the nova uid/gid.
+
+Any user modification before standard system package creates the
+user is wrong. Usecase of patch adding the user is also broken as
+there are several other options: provide user before whole class
+nova, have user id enforced by package or as most humans do accept
+that in multi host enviroments there are 3 layers - user, group and
+netgroup. In all cases nova puppet module should never touch the
+user as it's provided by package on all supported systems.
+
+Closes-Bug: rhbz#1115946
+Change-Id: If22b27f5fb78ba6821f4d6e8c275f8b80c70dd59
+(cherry picked from commit 9e8bc0bac87efdf0d31fd62d638bce8106b3e7df)
+---
+ manifests/compute/libvirt.pp | 2 +-
+ manifests/consoleauth.pp | 2 +-
+ manifests/init.pp | 41 +----------------------------------------
+ manifests/objectstore.pp | 2 +-
+ spec/classes/nova_init_spec.rb | 40 +---------------------------------------
+ 5 files changed, 5 insertions(+), 82 deletions(-)
+
+diff --git a/manifests/compute/libvirt.pp b/manifests/compute/libvirt.pp
+index 5fd9f40..83073da 100644
+--- a/manifests/compute/libvirt.pp
++++ b/manifests/compute/libvirt.pp
+@@ -105,7 +105,7 @@ class nova::compute::libvirt (
+ package { "nova-compute-${libvirt_virt_type_real}":
+ ensure => present,
+ before => Package['nova-compute'],
+- require => User['nova'],
++ require => Package['nova-common'],
+ }
+ }
+
+diff --git a/manifests/consoleauth.pp b/manifests/consoleauth.pp
+index 953e712..4813b36 100644
+--- a/manifests/consoleauth.pp
++++ b/manifests/consoleauth.pp
+@@ -33,7 +33,7 @@ class nova::consoleauth(
+ package_name => $::nova::params::consoleauth_package_name,
+ service_name => $::nova::params::consoleauth_service_name,
+ ensure_package => $ensure_package,
+- require => User['nova'],
++ require => Package['nova-common'],
+ }
+
+ }
+diff --git a/manifests/init.pp b/manifests/init.pp
+index 3202db0..3526919 100644
+--- a/manifests/init.pp
++++ b/manifests/init.pp
+@@ -175,20 +175,6 @@
+ # (optional) Syslog facility to receive log lines.
+ # Defaults to 'LOG_USER'
+ #
+-# [*nova_user_id*]
+-# (optional) Create the nova user with the specified gid.
+-# Changing to a new uid after specifying a different uid previously,
+-# or using this option after the nova account already exists will break
+-# the ownership of all files/dirs owned by nova.
+-# Defaults to undef.
+-#
+-# [*nova_group_id*]
+-# (optional) Create the nova user with the specified gid.
+-# Changing to a new uid after specifying a different uid previously,
+-# or using this option after the nova account already exists will break
+-# the ownership of all files/dirs owned by nova.
+-# Defaults to undef.
+-#
+ # [*nova_public_key*]
+ # (optional) Install public key in .ssh/authorized_keys for the 'nova' user.
+ # Expects a hash of the form { type => 'key-type', key => 'key-data' } where
+@@ -271,8 +257,6 @@
+ $periodic_interval = '60',
+ $report_interval = '10',
+ $rootwrap_config = '/etc/nova/rootwrap.conf',
+- $nova_user_id = undef,
+- $nova_group_id = undef,
+ $nova_public_key = undef,
+ $nova_private_key = undef,
+ $nova_shell = '/bin/false',
+@@ -299,24 +283,6 @@
+ warning('The nova_cluster_id parameter is deprecated and has no effect.')
+ }
+
+- group { 'nova':
+- ensure => present,
+- system => true,
+- gid => $nova_group_id,
+- before => User['nova'],
+- }
+-
+- user { 'nova':
+- ensure => present,
+- system => true,
+- groups => 'nova',
+- home => '/var/lib/nova',
+- managehome => false,
+- shell => $nova_shell,
+- uid => $nova_user_id,
+- gid => $nova_group_id,
+- }
+-
+ if $nova_public_key or $nova_private_key {
+ file { '/var/lib/nova/.ssh':
+ ensure => directory,
+@@ -405,7 +371,7 @@
+ package { 'nova-common':
+ ensure => $ensure_package,
+ name => $::nova::params::common_package_name,
+- require => [Package['python-nova'], Anchor['nova-start'], User['nova']]
++ require => [Package['python-nova'], Anchor['nova-start']]
+ }
+
+ file { '/etc/nova/nova.conf':
+diff --git a/manifests/objectstore.pp b/manifests/objectstore.pp
+index d8b6359..466be81 100644
+--- a/manifests/objectstore.pp
++++ b/manifests/objectstore.pp
+@@ -35,7 +35,7 @@ class nova::objectstore(
+ package_name => $::nova::params::objectstore_package_name,
+ service_name => $::nova::params::objectstore_service_name,
+ ensure_package => $ensure_package,
+- require => User['nova'],
++ require => Package['nova-common'],
+ }
+
+ nova_config {
+diff --git a/spec/classes/nova_init_spec.rb b/spec/classes/nova_init_spec.rb
+index c66b04b..9ff3985 100644
+--- a/spec/classes/nova_init_spec.rb
++++ b/spec/classes/nova_init_spec.rb
+@@ -22,22 +22,6 @@ describe 'nova' do
+ )
+ end
+
+- it 'creates user and group' do
+- should contain_group('nova').with(
+- :ensure => 'present',
+- :system => true,
+- :before => 'User[nova]'
+- )
+- should contain_user('nova').with(
+- :ensure => 'present',
+- :system => true,
+- :groups => 'nova',
+- :home => '/var/lib/nova',
+- :managehome => false,
+- :shell => '/bin/false'
+- )
+- end
+-
+ it 'creates various files and folders' do
+ should contain_file('/var/log/nova').with(
+ :ensure => 'directory',
+@@ -130,29 +114,7 @@ describe 'nova' do
+ :notification_driver => 'ceilometer.compute.nova_notifier',
+ :notification_topics => 'openstack',
+ :notify_api_faults => true,
+- :nova_user_id => '499',
+- :nova_group_id => '499',
+- :report_interval => '60',
+- :nova_shell => '/bin/bash' }
+- end
+-
+- it 'creates user and group' do
+- should contain_group('nova').with(
+- :ensure => 'present',
+- :system => true,
+- :gid => '499',
+- :before => 'User[nova]'
+- )
+- should contain_user('nova').with(
+- :ensure => 'present',
+- :system => true,
+- :groups => 'nova',
+- :home => '/var/lib/nova',
+- :managehome => false,
+- :shell => '/bin/bash',
+- :uid => '499',
+- :gid => '499'
+- )
++ :report_interval => '60' }
+ end
+
+ it 'installs packages' do
+--
+1.9.3
+
diff --git a/openstack-puppet-modules.spec b/openstack-puppet-modules.spec
index d661ca4..ff14763 100644
--- a/openstack-puppet-modules.spec
+++ b/openstack-puppet-modules.spec
@@ -1,48 +1,48 @@
-%global apache_commit bbf9278b24931444022aa67140d3505b748151da
-%global ceilometer_commit c2f41fb1eb776bcfdaab79c120ac509a861d0828
-%global certmonger_commit 5fbf10fbbff4aed4db30e839c63c99b195e8425a
-%global cinder_commit 57da044279780af66479c429e5803825a87b785e
-%global common_commit 2c0ed2844c606fd806bde0c02e47e79c88fab4a9
-%global concat_commit 031bf261289dcbb32e63b053ed5b3a82117698c0
-%global firewall_commit c147a624fb3dba7df625d0d7571b1b6669bcfca5
-%global galera_commit 3f63bd5ffdd707b42ef37a0ead3c2cf7e803586f
-%global glance_commit cb0daf02d7a991be642e62294912d93b036c6a5a
-%global gluster_commit 80c2b13448c97c70a4b4bc0e402e00ecb5d681d5
-%global haproxy_commit f381510e940ee11feb044c1c728ba2e5af807c79
-%global heat_commit 17736b2fd726858cb83590f8a8b1d594a087ea44
-%global horizon_commit bd1c31e87dd0564a8fab8de0516dbbe48241b09a
-%global inifile_commit fe9b0d5229ea37179a08c4b49239da9bc950acd1
-%global keystone_commit e61e4c2ab5c67150237e59dab25679ec739d3ebf
-%global memcached_commit 49dbf102fb6eee90297b2ed6a1fa463a8c5ccee7
-%global module_data_commit 159fc5e0e21ce9df96c777f0064b5eca88e29cae
-%global mongodb_commit 3f392925710f1758a95f1775d700b5fb787a003d
-%global mysql_commit 8d5fed32c22c5e4231d5a475cfe8060ce8b2ed0f
-%global neutron_commit 66c436bc2f06c5a71d79c674697394a11ec227f9
-%global nova_commit 1e77a9d48a85a3ae6d30993b3c887f58e4a5973c
-%global nssdb_commit b3799a9a7c62c3b5b7968f9860220a885b45fb8a
-%global openstack_commit c20039004cb39e78c93cd00f154c3b9ba6404951
-%global pacemaker_commit 2aa760c3497840ad2474f15737846e2ad95c54e5
-%global puppet_commit 07ec49d1f67a498b31b4f164678a76c464e129c4
-%global qpid_commit 1f0c32b39ad17e7acbd440b50fb6f0875971f5e1
-%global rabbitmq_commit e7447851a60a419cd51a09ccf807964b36fdebac
-%global rsync_commit 357d51f3a6a22bc3da842736176c3510e507b4fb
-%global sahara_commit f4e5681cfb289113be1ba49c12709145ecbad938
-%global ssh_commit d6571f8c43ac55d20a6afd8a8ce3f86ac4b0d7a4
-%global staging_commit 887275d8fb20e148c6f9eb327f1f6c8ea5ee280f
-%global stdlib_commit 62e8c1d76902e6f22cb9f7b3abd43e757b4130a3
-%global swift_commit 80ec3a7576efad5e13d37a8c760ed0ad7f36055f
-%global sysctl_commit c4486acc2d66de857dbccd8b4b945ea803226705
-%global tempest_commit 792be887b61ad9c38706e968a21752cfb05c2381
-%global vcsrepo_commit 6f7507a2a48ff0a58c7db026760a2eb84e382a77
-%global vlan_commit c937de75c28e63fba8d8738ad6a5f2ede517e53d
-%global vswitch_commit a20f6355f048d2cb6206222b2d045b41ac875db4
-%global xinetd_commit 6b02de8d4f30a819eb404048e4258e3a5e8023c8
+%global apache_commit bbf9278b24931444022aa67140d3505b748151da
+%global ceilometer_commit c2f41fb1eb776bcfdaab79c120ac509a861d0828
+%global certmonger_commit 5fbf10fbbff4aed4db30e839c63c99b195e8425a
+%global cinder_commit 57da044279780af66479c429e5803825a87b785e
+%global common_commit 2c0ed2844c606fd806bde0c02e47e79c88fab4a9
+%global concat_commit 031bf261289dcbb32e63b053ed5b3a82117698c0
+%global firewall_commit c147a624fb3dba7df625d0d7571b1b6669bcfca5
+%global galera_commit 3f63bd5ffdd707b42ef37a0ead3c2cf7e803586f
+%global glance_commit cb0daf02d7a991be642e62294912d93b036c6a5a
+%global gluster_commit 80c2b13448c97c70a4b4bc0e402e00ecb5d681d5
+%global haproxy_commit f381510e940ee11feb044c1c728ba2e5af807c79
+%global heat_commit 17736b2fd726858cb83590f8a8b1d594a087ea44
+%global horizon_commit bd1c31e87dd0564a8fab8de0516dbbe48241b09a
+%global inifile_commit fe9b0d5229ea37179a08c4b49239da9bc950acd1
+%global keystone_commit e61e4c2ab5c67150237e59dab25679ec739d3ebf
+%global memcached_commit 49dbf102fb6eee90297b2ed6a1fa463a8c5ccee7
+%global module_data_commit 159fc5e0e21ce9df96c777f0064b5eca88e29cae
+%global mongodb_commit 3f392925710f1758a95f1775d700b5fb787a003d
+%global mysql_commit 8d5fed32c22c5e4231d5a475cfe8060ce8b2ed0f
+%global neutron_commit d7ea12e36542204ed737d3514e2f05f2846fd330
+%global nova_commit 1e77a9d48a85a3ae6d30993b3c887f58e4a5973c
+%global nssdb_commit b3799a9a7c62c3b5b7968f9860220a885b45fb8a
+%global openstack_commit c20039004cb39e78c93cd00f154c3b9ba6404951
+%global pacemaker_commit 2aa760c3497840ad2474f15737846e2ad95c54e5
+%global puppet_commit 07ec49d1f67a498b31b4f164678a76c464e129c4
+%global qpid_commit 1f0c32b39ad17e7acbd440b50fb6f0875971f5e1
+%global rabbitmq_commit e7447851a60a419cd51a09ccf807964b36fdebac
+%global rsync_commit 357d51f3a6a22bc3da842736176c3510e507b4fb
+%global sahara_commit f4e5681cfb289113be1ba49c12709145ecbad938
+%global ssh_commit d6571f8c43ac55d20a6afd8a8ce3f86ac4b0d7a4
+%global staging_commit 887275d8fb20e148c6f9eb327f1f6c8ea5ee280f
+%global stdlib_commit 62e8c1d76902e6f22cb9f7b3abd43e757b4130a3
+%global swift_commit 80ec3a7576efad5e13d37a8c760ed0ad7f36055f
+%global sysctl_commit c4486acc2d66de857dbccd8b4b945ea803226705
+%global tempest_commit 792be887b61ad9c38706e968a21752cfb05c2381
+%global vcsrepo_commit 6f7507a2a48ff0a58c7db026760a2eb84e382a77
+%global vlan_commit c937de75c28e63fba8d8738ad6a5f2ede517e53d
+%global vswitch_commit a20f6355f048d2cb6206222b2d045b41ac875db4
+%global xinetd_commit 6b02de8d4f30a819eb404048e4258e3a5e8023c8
Name: openstack-puppet-modules
Version: 2014.1
-Release: 18%{?dist}
+Release: 19%{?dist}
Summary: Puppet modules used to deploy OpenStack
License: ASL 2.0 and GPLv2 and GPLv3
@@ -99,15 +99,16 @@ Patch102: nova.patch
Patch103: 0001-Quickfix-to-remove-duplication-with-ceilometer-agent.patch
Patch104: puppetlabs-firewall-pull-request-337.patch
Patch105: puppetlabs-firewall-pull-request-365.patch
-Patch106: puppetlabs-firewall-pull-request-367.patch
-Patch108: 0001-Implement-Keystone-domain-creation.patch
-Patch109: 0001-Fixed-ovs-provider.patch
-Patch110: 0002-Refacfored-a-more-suitable-ovs_redhat-provider.patch
-Patch111: 0001-stop-puppet-from-breaking-neutron.patch
-Patch112: 0001-Fixes-bridge-interface-name-check.patch
-Patch113: 0003-Fixes-bridge-addition-error-if-interface-has-no-IP.patch
-Patch114: 0001-Refresh-Neutron-server.patch
-Patch115: cinder-target-service.patch
+Patch106: puppetlabs-firewall-pull-request-367-2.patch
+Patch107: 0001-Implement-Keystone-domain-creation.patch
+Patch108: 0001-Fixed-ovs-provider.patch
+Patch109: 0001-Refacfored-a-more-suitable-ovs_redhat-provider.patch
+Patch110: 0001-stop-puppet-from-breaking-neutron.patch
+Patch111: 0001-Fixes-bridge-interface-name-check.patch
+Patch112: cinder-target-service.patch
+Patch113: 0001-Remove-ability-to-manage-the-nova-uid-gid.patch
+Patch114: 0001-Install-ceph-client-libraries-when-using-rbd.patch
+Patch115: 0001-Configure-OVS-mechanism-agent-configs-in-its-config-.patch
BuildArch: noarch
Requires: rubygem-json
@@ -166,10 +167,12 @@ cd %{_builddir}/%{name}-%{version}/puppet-nova-%{nova_commit}
%patch100 -p1
%patch102 -p1
%patch103 -p1
+%patch113 -p1
+%patch114 -p1
# puppet-heat patches
cd %{_builddir}/%{name}-%{version}/puppet-heat-%{heat_commit}
-%patch108 -p1
+%patch107 -p1
# puppet-openstack patches
cd %{_builddir}/%{name}-%{version}/puppet-openstack-%{openstack_commit}
@@ -183,15 +186,14 @@ cd %{_builddir}/%{name}-%{version}/puppetlabs-firewall-%{firewall_commit}
# puppet-neutron patches
cd %{_builddir}/%{name}-%{version}/puppet-neutron-%{neutron_commit}
-%patch111 -p1
-%patch114 -p1
+%patch110 -p1
+%patch115 -p1
# puppet-vswitch patches
cd %{_builddir}/%{name}-%{version}/puppet-vswitch-%{vswitch_commit}
+%patch108 -p1
%patch109 -p1
-%patch110 -p1
-%patch112 -p1
-%patch113 -p1
+%patch111 -p1
# puppetlabs-rabbitmq patches
cd %{_builddir}/%{name}-%{version}/puppetlabs-rabbitmq-%{rabbitmq_commit}
@@ -199,7 +201,7 @@ cd %{_builddir}/%{name}-%{version}/puppetlabs-rabbitmq-%{rabbitmq_commit}
# puppet-cinder patches
cd %{_builddir}/%{name}-%{version}/puppet-cinder-%{cinder_commit}
-%patch115 -p1
+%patch112 -p1
find %{_builddir}/%{name}-%{version}/ -type f -name ".*" -exec rm {} +
find %{_builddir}/%{name}-%{version}/ -size 0 -exec rm {} +
@@ -261,6 +263,18 @@ rm -f %{buildroot}/%{_datadir}/openstack-puppet/modules/nova/files/nova-novncpro
%changelog
+* Wed Jul 30 2014 Iván Chavero <icahvero at redhat.com> - 2014.1-19
+- Bump to the latest stable puppet modules
+- Removed puppetlabs-firewall-pull-request-367.patch
+- Add puppetlabs-firewall-pull-request-367-2.patch
+- Removed 0002-Refacfored-a-more-suitable-ovs_redhat-provider.patch
+- Removed 0003-Fixes-bridge-addition-error-if-interface-has-no-IP.patch
+- Add 0001-Refacfored-a-more-suitable-ovs_redhat-provider.patch
+- Removed 0001-Refresh-Neutron-server.patch
+- Add 0001-Remove-ability-to-manage-the-nova-uid-gid.patch
+- Add 0001-Install-ceph-client-libraries-when-using-rbd.patch
+- Add 0001-Configure-OVS-mechanism-agent-configs-in-its-config-.patch
+
* Wed Jun 26 2014 Martin Mágr <mmagr at redhat.com> - 2014.1-18
- Updated modules to redhat-openstack/openstack-puppet-modules-2014.1-18
- Added 0001-Refresh-Neutron-server.patch (rhbz#1110281)
diff --git a/puppetlabs-firewall-pull-request-367-2.patch b/puppetlabs-firewall-pull-request-367-2.patch
new file mode 100644
index 0000000..2098a61
--- /dev/null
+++ b/puppetlabs-firewall-pull-request-367-2.patch
@@ -0,0 +1,75 @@
+From 176d79ea889849b1287dd773c5cc1a19b6ae6675 Mon Sep 17 00:00:00 2001
+From: Lars Kellogg-Stedman <lars at redhat.com>
+Date: Tue, 3 Jun 2014 12:44:06 -0400
+Subject: [PATCH 1/2] correct resource dependencies for fedora/redhat
+
+This patches makes Firewall resources depend upon the iptables-services
+package. Without this dependency, firewall rules will be instantiated
+in the running configuration but may not persist correctly because the
+necessary command is not (yet) available.
+
+Signed-off-by: Gael Chamoulaud <gchamoul at redhat.com>
+---
+ manifests/linux/redhat.pp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
+index a4c00b6..08965b8 100644
+--- a/manifests/linux/redhat.pp
++++ b/manifests/linux/redhat.pp
+@@ -23,13 +23,17 @@ class firewall::linux::redhat (
+ if $::operatingsystem == RedHat and $::operatingsystemrelease >= 7 {
+ package { 'iptables-services':
+ ensure => present,
++ before => Service['iptables'],
+ }
++ Package['iptables-services'] -> Firewall <||>
+ }
+
+ if $::operatingsystem == Fedora and $::operatingsystemrelease >= 15 {
+ package { 'iptables-services':
+ ensure => present,
++ before => Service['iptables'],
+ }
++ Package['iptables-services'] -> Firewall <||>
+ }
+
+ service { 'iptables':
+--
+1.9.3
+
+
+From 2e6885fc8e502beeb903edcda4b1fa6a7a5f1326 Mon Sep 17 00:00:00 2001
+From: Gael Chamoulaud <gchamoul at redhat.com>
+Date: Wed, 9 Jul 2014 12:54:53 +0200
+Subject: [PATCH 2/2] Fixes CentOS 7 new version numbers
+
+This patches fixes the comparison issue with the new CentOS 7 version numbers.
+
+Signed-off-by: Gael Chamoulaud <gchamoul at redhat.com>
+---
+ manifests/linux/redhat.pp | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
+index 08965b8..427f179 100644
+--- a/manifests/linux/redhat.pp
++++ b/manifests/linux/redhat.pp
+@@ -17,10 +17,12 @@ class firewall::linux::redhat (
+ $enable = true
+ ) {
+
++ $el_release = ['RedHat', 'CentOS']
++
+ # RHEL 7 and later and Fedora 15 and later require the iptables-services
+ # package, which provides the /usr/libexec/iptables/iptables.init used by
+ # lib/puppet/util/firewall.rb.
+- if $::operatingsystem == RedHat and $::operatingsystemrelease >= 7 {
++ if $::operatingsystem in $el_release and $::operatingsystemmajrelease >= 7 {
+ package { 'iptables-services':
+ ensure => present,
+ before => Service['iptables'],
+--
+1.9.3
+
+
More information about the scm-commits
mailing list