2 # Activate robotframework virtualenv
3 # ${ROBOT_VENV} comes from the integration-install-robotframework.sh
5 # shellcheck source=${ROBOT_VENV}/bin/activate disable=SC1091
6 source "${ROBOT_VENV}/bin/activate"
7 source /tmp/common-functions.sh "${BUNDLEFOLDER}"
8 # Ensure we fail the job if any steps fail.
13 PYTHON="${ROBOT_VENV}/bin/python"
15 ADMIN_PASSWORD="admin"
16 OPENSTACK_MASTER_CLIENTS_VERSION="queens"
17 #Size of the partition to /opt/stack in control and compute nodes
19 if [ "${ODL_ML2_BRANCH}" == "stable/rocky" ]; then
22 # TODO: remove this work to run changes.py if/when it's moved higher up to be visible at the Robot level
23 printf "\nshowing recent changes that made it into the distribution used by this job:\n"
24 $PYTHON -m pip install --upgrade urllib3
25 python "${WORKSPACE}/test/tools/distchanges/changes.py" -d /tmp/distribution_folder \
26 -u "${ACTUAL_BUNDLE_URL}" -b "${DISTROBRANCH}" \
27 -r "ssh://jenkins-${SILO}@git.opendaylight.org:29418" || true
29 printf "\nshowing recent changes that made it into integration/test used by this job:\n"
31 cd "${WORKSPACE}/test"
32 printf "Hash Author Date Commit Date Author Subject\n"
33 printf "%s\n" "------- ------------------------------ ------------------------------ -------------------- -----------------------------"
34 git --no-pager log --pretty=format:'%h %<(30)%ad %<(30)%cd %<(20,trunc)%an%d %s' -n20
39 #################################################
40 ## Deploy Openstack 3-node ##
41 #################################################
44 # Catch command errors and collect logs.
45 # This ensures logs are collected when script commands fail rather than simply exiting.
46 function trap_handler() {
50 echo "trap_handler: ${prog}: line ${lastline}: exit status of last command: ${lasterr}"
51 echo "trap_handler: command: ${BASH_COMMAND}"
55 trap 'trap_handler ${LINENO} ${$?}' ERR
59 function create_etc_hosts() {
62 : > "${WORKSPACE}/hosts_file"
63 for iter in $(seq 1 "${NUM_OPENSTACK_COMPUTE_NODES}"); do
64 COMPUTE_IP=OPENSTACK_COMPUTE_NODE_${iter}_IP
65 if [ "${!COMPUTE_IP}" == "${NODE_IP}" ]; then
66 CONTROL_HNAME=$(${SSH} "${CTRL_IP}" "hostname")
67 echo "${CTRL_IP} ${CONTROL_HNAME}" >> "${WORKSPACE}/hosts_file"
69 COMPUTE_HNAME=$(${SSH} "${!COMPUTE_IP}" "hostname")
70 echo "${!COMPUTE_IP} ${COMPUTE_HNAME}" >> "${WORKSPACE}/hosts_file"
74 echo "Created the hosts file for ${NODE_IP}:"
75 cat "${WORKSPACE}/hosts_file"
76 } # create_etc_hosts()
78 #function to install Openstack Clients for Testing
79 #This will pull the latest versions compatiable with the
81 function install_openstack_clients_in_robot_vm() {
82 packages=("python-novaclient" "python-neutronclient" "python-openstackclient")
84 os_plugins=$(csv2ssv "${ENABLE_OS_PLUGINS}")
85 for plugin_name in $os_plugins; do
86 if [ "$plugin_name" == "networking-sfc" ]; then
87 packages+=("networking-sfc")
90 openstack_version=$(echo "${OPENSTACK_BRANCH}" | cut -d/ -f2)
91 #If the job tests "master", we will use the clients from previous released stable version to avoid failures
92 if [ "${openstack_version}" == "master" ]; then
93 openstack_version=${OPENSTACK_MASTER_CLIENTS_VERSION}
95 for package in ${packages[*]}; do
96 echo "Get the current support version of the package ${package}"
97 wget "https://raw.githubusercontent.com/openstack/requirements/stable/${openstack_version}/upper-constraints.txt" -O /tmp/constraints.txt 2>/dev/null
98 #python openstackclient version in rocky contradicts with version in global-jjb and stops openstackclient installation in rocky. Will be removed based on version change in global-jjb.
99 sed -i s/python-openstackclient===3.16.2/python-openstackclient===3.14.0/ /tmp/constraints.txt
100 #Python uwsgi 2.0.19 is having errors, forcing it to pick 2.0.18
101 sed -i '1 auwsgi===2.0.18' /tmp/constraints.txt
102 #Python3 paramiko 2.7.1 has requirement cryptography>=2.5, Updating it to the latest
103 sed -i s/cryptography===2.3/cryptography===2.9.2/ /tmp/constraints.txt
104 echo "$PYTHON -m pip install --upgrade --no-deps ${package} --no-cache-dir -c /tmp/constraints.txt"
105 $PYTHON -m pip install --upgrade --no-deps "${package}" --no-cache-dir -c /tmp/constraints.txt
106 echo "$PYTHON -m pip install ${package} --no-cache-dir -c /tmp/constraints.txt"
107 $PYTHON -m pip install "${package}" --no-cache-dir -c /tmp/constraints.txt
110 if [ "${ENABLE_NETWORKING_L2GW}" == "yes" ]; then
111 #alembic 1.4.2 is having issues. Updating the package with 1.4.0
112 $PYTHON -m pip install alembic===1.4.0
113 #networking-l2gw is not officially available in any release yet. Getting the latest stable version.
114 $PYTHON -m pip install networking-l2gw==11.0.0 more-itertools==5.0.0
118 #Function to install rdo release
119 # This will help avoiding installing wrong version of packages which causes
120 # functionality failures
121 function install_rdo_release() {
123 case ${OPENSTACK_BRANCH} in
125 ${SSH} "${ip}" "sudo yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-rocky/rdo-release-rocky-1.noarch.rpm"
129 ${SSH} "${ip}" "sudo yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-queens/rdo-release-queens-1.noarch.rpm"
133 ${SSH} "${ip}" "sudo yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-rocky/rdo-release-rocky-1.noarch.rpm"
138 # Involves just setting up the shared directory
139 function setup_live_migration_control() {
141 printf "%s:Setup directory Share with NFS" "${control_ip}"
142 cat > "${WORKSPACE}/setup_live_migration_control.sh" << EOF
143 sudo mkdir --mode=777 /vm_instances
144 sudo chown -R jenkins:jenkins /vm_instances
145 sudo yum install -y nfs-utils
146 printf "/vm_instances *(rw,no_root_squash)" | sudo tee -a /etc/exports
147 sudo systemctl start rpcbind nfs-server
150 scp "${WORKSPACE}/setup_live_migration_control.sh" "${control_ip}:/tmp/setup_live_migration_control.sh"
151 ssh "${control_ip}" "bash /tmp/setup_live_migration_control.sh"
154 #Fix for broken requirements versions while bringing up the stack.
155 #Fix Problem caused due to new libvirt version in CentOS repo.
156 #The libvirt-python 3.10 does not support all the new API exposed
157 #This fix will force devstack to use latest libvirt-python
158 #from pypi.org (latest version as of 06-Dec-2018)
159 #Python uwsgi 2.0.19 is having errors, forcing it to pick 2.0.18
160 #more info: https://lists.opendaylight.org/g/app-dev/topic/netvirt_jobs_are_failing_with/74897077
161 function fix_broken_requirements_versions() {
165 git clone https://git.openstack.org/openstack/requirements;
167 git checkout ${ODL_ML2_BRANCH};
168 sed -i s/libvirt-python===3.10.0/libvirt-python===4.10.0/ upper-constraints.txt
169 sed -i '1 auwsgi===2.0.18' upper-constraints.txt
173 # Involves mounting the share and configuring the libvirtd
174 function setup_live_migration_compute() {
177 printf "%s:Mount Shared directory from ${control_ip}" "${compute_ip}"
178 printf "%s:Configure libvirt in listen mode" "${compute_ip}"
179 cat > "${WORKSPACE}/setup_live_migration_compute.sh" << EOF
180 sudo yum install -y libvirt libvirt-devel nfs-utils
181 sudo crudini --verbose --set --inplace /etc/libvirt/libvirtd.conf '' listen_tls 0
182 sudo crudini --verbose --set --inplace /etc/libvirt/libvirtd.conf '' listen_tcp 1
183 sudo crudini --verbose --set --inplace /etc/libvirt/libvirtd.conf '' auth_tcp '"none"'
184 sudo crudini --verbose --set --inplace /etc/sysconfig/libvirtd '' LIBVIRTD_ARGS '"--listen"'
185 sudo mkdir --mode=777 -p /var/instances
186 sudo chown -R jenkins:jenkins /var/instances
187 sudo chmod o+x /var/instances
188 sudo systemctl start rpcbind
189 sudo mount -t nfs ${control_ip}:/vm_instances /var/instances
192 scp "${WORKSPACE}/setup_live_migration_compute.sh" "${compute_ip}:/tmp/setup_live_migration_compute.sh"
193 ssh "${compute_ip}" "bash /tmp/setup_live_migration_compute.sh"
196 # Add enable_services and disable_services to the local.conf
197 function add_os_services() {
198 local core_services=$1
199 local enable_services=$2
200 local disable_services=$3
201 local local_conf_file_name=$4
202 local enable_network_services=$5
204 cat >> "${local_conf_file_name}" << EOF
205 enable_service $(csv2ssv "${core_services}")
207 if [ -n "${enable_services}" ]; then
208 cat >> "${local_conf_file_name}" << EOF
209 enable_service $(csv2ssv "${enable_services}")
212 if [ -n "${disable_services}" ]; then
213 cat >> "${local_conf_file_name}" << EOF
214 disable_service $(csv2ssv "${disable_services}")
217 if [ -n "${enable_network_services}" ]; then
218 cat >> "${local_conf_file_name}" << EOF
219 enable_service $(csv2ssv "${enable_network_services}")
224 function create_control_node_local_conf() {
227 ODL_OVS_MANAGERS="$3"
229 local_conf_file_name=${WORKSPACE}/local.conf_control_${HOSTIP}
230 cat > "${local_conf_file_name}" << EOF
236 # Increase the wait used by stack to poll for services
242 add_os_services "${CORE_OS_CONTROL_SERVICES}" "${ENABLE_OS_SERVICES}" "${DISABLE_OS_SERVICES}" "${local_conf_file_name}" "${ENABLE_OS_NETWORK_SERVICES}"
244 cat >> "${local_conf_file_name}" << EOF
247 SERVICE_HOST=\$HOST_IP
248 Q_ML2_TENANT_NETWORK_TYPE=${TENANT_NETWORK_TYPE}
249 NEUTRON_CREATE_INITIAL_NETWORKS=${CREATE_INITIAL_NETWORKS}
254 ODL_PORT_BINDING_CONTROLLER=${ODL_ML2_PORT_BINDING}
255 ODL_OVS_MANAGERS=${ODL_OVS_MANAGERS}
257 MYSQL_HOST=\$SERVICE_HOST
258 RABBIT_HOST=\$SERVICE_HOST
259 GLANCE_HOSTPORT=\$SERVICE_HOST:9292
260 KEYSTONE_AUTH_HOST=\$SERVICE_HOST
261 KEYSTONE_SERVICE_HOST=\$SERVICE_HOST
263 ADMIN_PASSWORD=${ADMIN_PASSWORD}
264 DATABASE_PASSWORD=${ADMIN_PASSWORD}
265 RABBIT_PASSWORD=${ADMIN_PASSWORD}
266 SERVICE_TOKEN=${ADMIN_PASSWORD}
267 SERVICE_PASSWORD=${ADMIN_PASSWORD}
269 NEUTRON_LBAAS_SERVICE_PROVIDERV2=${LBAAS_SERVICE_PROVIDER} # Only relevant if neutron-lbaas plugin is enabled
270 NEUTRON_SFC_DRIVERS=${ODL_SFC_DRIVER} # Only relevant if networking-sfc plugin is enabled
271 NEUTRON_FLOWCLASSIFIER_DRIVERS=${ODL_SFC_DRIVER} # Only relevant if networking-sfc plugin is enabled
273 PUBLIC_BRIDGE=${PUBLIC_BRIDGE}
274 PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK}
275 ML2_VLAN_RANGES=${PUBLIC_PHYSICAL_NETWORK}
276 ODL_PROVIDER_MAPPINGS=${ODL_PROVIDER_MAPPINGS}
278 if [ "${TENANT_NETWORK_TYPE}" == "local" ]; then
279 cat >> "${local_conf_file_name}" << EOF
280 ENABLE_TENANT_TUNNELS=false
284 if [ "${ODL_ML2_DRIVER_VERSION}" == "v2" ]; then
285 echo "ODL_V2DRIVER=True" >> "${local_conf_file_name}"
288 for plugin_name in ${ENABLE_OS_PLUGINS}; do
289 if [ "$plugin_name" == "networking-odl" ]; then
290 ENABLE_PLUGIN_ARGS="${ODL_ML2_DRIVER_REPO} ${ODL_ML2_BRANCH}"
291 elif [ "$plugin_name" == "kuryr-kubernetes" ]; then
292 ENABLE_PLUGIN_ARGS="${DEVSTACK_KUBERNETES_PLUGIN_REPO} master" # note: kuryr-kubernetes only exists in master at the moment
293 elif [ "$plugin_name" == "neutron-lbaas" ]; then
294 ENABLE_PLUGIN_ARGS="${DEVSTACK_LBAAS_PLUGIN_REPO} ${OPENSTACK_BRANCH}"
295 IS_LBAAS_PLUGIN_ENABLED="yes"
296 elif [ "$plugin_name" == "networking-sfc" ]; then
297 ENABLE_PLUGIN_ARGS="${DEVSTACK_NETWORKING_SFC_PLUGIN_REPO} ${OPENSTACK_BRANCH}"
298 IS_SFC_PLUGIN_ENABLED="yes"
300 echo "Error: Invalid plugin $plugin_name, unsupported"
303 cat >> "${local_conf_file_name}" << EOF
305 enable_plugin ${plugin_name} ${ENABLE_PLUGIN_ARGS}
310 if [ "${ENABLE_NETWORKING_L2GW}" == "yes" ]; then
311 cat >> "${local_conf_file_name}" << EOF
313 enable_plugin networking-l2gw ${NETWORKING_L2GW_DRIVER} ${ODL_ML2_BRANCH}
314 NETWORKING_L2GW_SERVICE_DRIVER=L2GW:OpenDaylight:networking_odl.l2gateway.driver_v2.OpenDaylightL2gwDriver:default
318 if [ "${ODL_ML2_DRIVER_VERSION}" == "v2" ]; then
319 SERVICE_PLUGINS="odl-router_v2"
321 SERVICE_PLUGINS="odl-router"
323 if [ "${ENABLE_NETWORKING_L2GW}" == "yes" ]; then
324 SERVICE_PLUGINS+=", networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin"
326 if [ "${IS_LBAAS_PLUGIN_ENABLED}" == "yes" ]; then
327 SERVICE_PLUGINS+=", lbaasv2"
329 if [ "${IS_SFC_PLUGIN_ENABLED}" == "yes" ]; then
330 SERVICE_PLUGINS+=", networking_sfc.services.flowclassifier.plugin.FlowClassifierPlugin,networking_sfc.services.sfc.plugin.SfcPlugin"
333 cat >> "${local_conf_file_name}" << EOF
335 [[post-config|\$NEUTRON_CONF]]
337 service_plugins = ${SERVICE_PLUGINS}
338 log_dir = /opt/stack/logs
340 [[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
342 minimize_polling=True
345 # Needed for VLAN provider tests - because our provider networks are always encapsulated in VXLAN (br-physnet1)
346 # MTU(1400) + VXLAN(50) + VLAN(4) = 1454 < MTU eth0/br-physnet1(1458)
347 physical_network_mtus = ${PUBLIC_PHYSICAL_NETWORK}:1400
350 if [ "${ENABLE_GRE_TYPE_DRIVERS}" == "yes" ]; then
351 cat >> "${local_conf_file_name}" << EOF
352 type_drivers = local,flat,vlan,gre,vxlan
354 tunnel_id_ranges = 1:1000
357 if [ "${ENABLE_NETWORKING_L2GW}" == "yes" ]; then
358 cat >> "${local_conf_file_name}" << EOF
361 enable_dhcp_service = True
365 cat >> "${local_conf_file_name}" << EOF
368 # Trigger n-odl full sync every 30 secs.
369 maintenance_interval = 30
371 [[post-config|/etc/neutron/dhcp_agent.ini]]
373 force_metadata = True
374 enable_isolated_metadata = True
375 log_dir = /opt/stack/logs
377 [[post-config|/etc/nova/nova.conf]]
379 discover_hosts_in_cells_interval = 30
382 force_config_drive = False
383 force_raw_images = False
384 log_dir = /opt/stack/logs
388 if [ "$(is_openstack_feature_enabled n-cpu)" == "1" ]; then
389 cat >> "${local_conf_file_name}" << EOF
391 force_raw_images = False
392 log_dir = /opt/stack/logs
394 live_migration_uri = qemu+tcp://%s/system
399 if [ "$(is_openstack_feature_enabled n-cpu)" == "1" ]; then
400 echo "Combo local.conf created:"
402 echo "Control local.conf created:"
404 cat "${local_conf_file_name}"
405 } # create_control_node_local_conf()
407 function create_compute_node_local_conf() {
411 ODL_OVS_MANAGERS="$4"
413 local_conf_file_name=${WORKSPACE}/local.conf_compute_${HOSTIP}
414 cat > "${local_conf_file_name}" << EOF
420 # Increase the wait used by stack to poll for the nova service on the control node
421 NOVA_READY_TIMEOUT=1800
426 add_os_services "${CORE_OS_COMPUTE_SERVICES}" "${ENABLE_OS_COMPUTE_SERVICES}" "${DISABLE_OS_SERVICES}" "${local_conf_file_name}"
428 cat >> "${local_conf_file_name}" << EOF
430 SERVICE_HOST=${SERVICEHOST}
431 Q_ML2_TENANT_NETWORK_TYPE=${TENANT_NETWORK_TYPE}
436 ODL_PORT_BINDING_CONTROLLER=${ODL_ML2_PORT_BINDING}
437 ODL_OVS_MANAGERS=${ODL_OVS_MANAGERS}
439 Q_HOST=\$SERVICE_HOST
440 MYSQL_HOST=\$SERVICE_HOST
441 RABBIT_HOST=\$SERVICE_HOST
442 GLANCE_HOSTPORT=\$SERVICE_HOST:9292
443 KEYSTONE_AUTH_HOST=\$SERVICE_HOST
444 KEYSTONE_SERVICE_HOST=\$SERVICE_HOST
446 ADMIN_PASSWORD=${ADMIN_PASSWORD}
447 DATABASE_PASSWORD=${ADMIN_PASSWORD}
448 RABBIT_PASSWORD=${ADMIN_PASSWORD}
449 SERVICE_TOKEN=${ADMIN_PASSWORD}
450 SERVICE_PASSWORD=${ADMIN_PASSWORD}
452 PUBLIC_BRIDGE=${PUBLIC_BRIDGE}
453 PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK}
454 ODL_PROVIDER_MAPPINGS=${ODL_PROVIDER_MAPPINGS}
457 if [[ "${ENABLE_OS_PLUGINS}" =~ networking-odl ]]; then
458 cat >> "${local_conf_file_name}" << EOF
460 enable_plugin networking-odl ${ODL_ML2_DRIVER_REPO} ${ODL_ML2_BRANCH}
464 cat >> "${local_conf_file_name}" << EOF
466 [[post-config|/etc/nova/nova.conf]]
468 auth_strategy = keystone
471 force_raw_images = False
472 log_dir = /opt/stack/logs
474 live_migration_uri = qemu+tcp://%s/system
478 echo "Compute local.conf created:"
479 cat "${local_conf_file_name}"
480 } # create_compute_node_local_conf()
482 function configure_haproxy_for_neutron_requests() {
483 local -r haproxy_ip=$1
484 # shellcheck disable=SC2206
485 local -r odl_ips=(${2//,/ })
487 cat > "${WORKSPACE}/install_ha_proxy.sh" << EOF
488 sudo systemctl stop firewalld
489 sudo yum -y install policycoreutils-python haproxy
492 cat > "${WORKSPACE}/haproxy.cfg" << EOF
496 log /dev/log local0 debug
498 pidfile /tmp/haproxy.pid
499 ssl-default-bind-ciphers !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES
500 ssl-default-bind-options no-sslv3 no-tlsv10
501 stats socket /var/lib/haproxy/stats mode 600 level user
507 option log-health-checks
511 timeout http-request 10s
518 bind ${haproxy_ip}:8181 transparent
520 http-request set-header X-Forwarded-Proto https if { ssl_fc }
521 http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
522 option httpchk GET /diagstatus
527 for odlip in ${odl_ips[*]}; do
528 echo " server opendaylight-rest-${odlindex} ${odlip}:8181 check fall 5 inter 2000 rise 2" >> "${WORKSPACE}/haproxy.cfg"
529 odlindex=$((odlindex+1))
532 cat >> "${WORKSPACE}/haproxy.cfg" << EOF
534 listen opendaylight_ws
535 bind ${haproxy_ip}:8185 transparent
538 option httpchk GET /data-change-event-subscription/neutron:neutron/neutron:ports/datastore=OPERATIONAL/scope=SUBTREE HTTP/1.1\r\nHost:\ ws.opendaylight.org\r\nConnection:\ Upgrade\r\nUpgrade:\ websocket\r\nSec-WebSocket-Key:\ haproxy\r\nSec-WebSocket-Version:\ 13\r\nSec-WebSocket-Protocol:\ echo-protocol
539 http-check expect status 101
543 for odlip in ${odl_ips[*]}; do
544 echo " server opendaylight-ws-${odlindex} ${odlip}:8185 check fall 3 inter 1000 rise 2" >> "${WORKSPACE}/haproxy.cfg"
545 odlindex=$((odlindex+1))
548 echo "Dump haproxy.cfg"
549 cat "${WORKSPACE}/haproxy.cfg"
551 cat > "${WORKSPACE}/deploy_ha_proxy.sh" << EOF
552 sudo chown haproxy:haproxy /tmp/haproxy.cfg
553 sudo sed -i 's/\\/etc\\/haproxy\\/haproxy.cfg/\\/tmp\\/haproxy.cfg/g' /usr/lib/systemd/system/haproxy.service
554 sudo /usr/sbin/semanage permissive -a haproxy_t
555 sudo systemctl restart haproxy
558 sudo systemctl status haproxy
562 scp "${WORKSPACE}/install_ha_proxy.sh" "${haproxy_ip}:/tmp"
563 ${SSH} "${haproxy_ip}" "sudo bash /tmp/install_ha_proxy.sh"
564 scp "${WORKSPACE}/haproxy.cfg" "${haproxy_ip}:/tmp"
565 scp "${WORKSPACE}/deploy_ha_proxy.sh" "${haproxy_ip}:/tmp"
566 ${SSH} "${haproxy_ip}" "sudo bash /tmp/deploy_ha_proxy.sh"
567 } # configure_haproxy_for_neutron_requests()
569 # Following three functions are debugging helpers when debugging devstack changes.
570 # Keeping them for now so we can simply call them when needed.
574 function get_hostnames () {
576 local ctrlip=${OPENSTACK_CONTROL_NODE_1_IP}
577 local comp1ip=${OPENSTACK_COMPUTE_NODE_1_IP}
578 local comp2ip=${OPENSTACK_COMPUTE_NODE_2_IP}
579 ctrlhn=$(${SSH} "${ctrlip}" "hostname")
580 comp1hn=$(${SSH} "${comp1ip}" "hostname")
581 comp2hn=$(${SSH} "${comp2ip}" "hostname")
582 echo "hostnames: ${ctrlhn}, ${comp1hn}, ${comp2hn}"
586 function check_firewall() {
589 local ctrlip=${OPENSTACK_CONTROL_NODE_1_IP}
590 local comp1ip=${OPENSTACK_COMPUTE_NODE_1_IP}
591 local comp2ip=${OPENSTACK_COMPUTE_NODE_2_IP}
593 echo "check_firewall on control"
595 sudo systemctl status firewalld
596 sudo systemctl -l status iptables
597 sudo iptables --line-numbers -nvL
599 echo "check_firewall on compute 1"
600 ${SSH} "${comp1ip}" "
601 sudo systemctl status firewalld
602 sudo systemctl -l status iptables
603 sudo iptables --line-numbers -nvL
605 echo "check_firewall on compute 2"
606 ${SSH} "${comp2ip}" "
607 sudo systemctl status firewalld
608 sudo systemctl -l status iptables
609 sudo iptables --line-numbers -nvL
613 function get_service () {
617 local ctrlip=${OPENSTACK_CONTROL_NODE_1_IP}
618 local comp1ip=${OPENSTACK_COMPUTE_NODE_1_IP}
620 #if [ ${idx} -eq 1 ]; then
621 if [ "${iter}" -eq 1 ] || [ "${iter}" -gt 16 ]; then
622 curl "http://${ctrlip}:5000"
623 curl "http://${ctrlip}:35357"
624 curl "http://${ctrlip}/identity"
626 source /opt/stack/devstack/openrc admin admin;
628 openstack configuration show --unmask;
629 openstack service list
630 openstack --os-cloud devstack-admin --os-region RegionOne compute service list
631 openstack hypervisor list;
639 # Check if rabbitmq is ready by looking for a pid in it's status.
640 # The function returns the status of the grep command which callers can check.
641 function is_rabbitmq_ready() {
643 local grepfor="nova_cell1"
645 ${SSH} "${ip}" "sudo rabbitmqctl list_vhosts" > rabbit.txt
646 grep "${grepfor}" rabbit.txt
649 # retry the given command ($3) until success for a number of iterations ($1)
650 # sleeping ($2) between tries.
652 local -r -i max_tries=${1}
653 local -r -i sleep_time=${2}
658 echo "retry ${cmd}: attempt: ${retries}"
661 # shellcheck disable=SC2004
662 if ((${rc} == 0)); then
665 # shellcheck disable=SC2004
666 if ((${retries} == ${max_tries})); then
670 sleep "${sleep_time}"
677 function install_ovs() {
679 local -r rpm_path=${2}
681 if [ "${OVS_INSTALL:0:1}" = "v" ]; then
682 # An OVS version was given, so we build it ourselves from OVS git repo.
683 # Only on the first node though, consecutive nodes will use RPMs
684 # built for the first one.
685 [ ! -d "${rpm_path}" ] && mkdir -p "${rpm_path}" && build_ovs "${node}" "${OVS_INSTALL}" "${rpm_path}"
686 # Install OVS from path
687 install_ovs_from_path "${node}" "${rpm_path}"
688 elif [ "${OVS_INSTALL:0:4}" = "http" ]; then
689 # Otherwise, install from rpm repo directly.
690 install_ovs_from_repo "${node}" "${OVS_INSTALL}"
692 echo "Expected either an OVS version git tag or a repo http url"
697 ODL_PROVIDER_MAPPINGS="\${PUBLIC_PHYSICAL_NETWORK}:${PUBLIC_BRIDGE}"
701 # Always compare the lists below against the devstack upstream ENABLED_SERVICES in
702 # https://github.com/openstack-dev/devstack/blob/master/stackrc#L52
703 # ODL CSIT does not use vnc, cinder, q-agt, q-l3 or horizon so they are not included below.
704 # collect performance stats
705 CORE_OS_CONTROL_SERVICES="dstat"
707 CORE_OS_CONTROL_SERVICES+=",g-api,g-reg"
709 CORE_OS_CONTROL_SERVICES+=",key"
710 # Nova - services to support libvirt
711 CORE_OS_CONTROL_SERVICES+=",n-api,n-api-meta,n-cauth,n-cond,n-crt,n-obj,n-sch"
712 # ODL - services to connect to ODL
713 CORE_OS_CONTROL_SERVICES+=",odl-compute,odl-neutron"
714 # Additional services
715 CORE_OS_CONTROL_SERVICES+=",mysql,rabbit"
717 # collect performance stats
718 CORE_OS_COMPUTE_SERVICES="dstat"
719 # computes only need nova and odl
720 CORE_OS_COMPUTE_SERVICES+=",n-cpu,odl-compute"
722 cat > "${WORKSPACE}/disable_firewall.sh" << EOF
723 sudo systemctl stop firewalld
724 # Open these ports to match the tutorial vms
725 # http/https (80/443), samba (445), netbios (137,138,139)
726 sudo iptables -I INPUT -p tcp -m multiport --dports 80,443,139,445 -j ACCEPT
727 sudo iptables -I INPUT -p udp -m multiport --dports 137,138 -j ACCEPT
728 # OpenStack services as well as vxlan tunnel ports 4789 and 9876
729 # identity public/admin (5000/35357), ampq (5672), vnc (6080), nova (8774), glance (9292), neutron (9696)
730 sudo sudo iptables -I INPUT -p tcp -m multiport --dports 5000,5672,6080,8774,9292,9696,35357 -j ACCEPT
731 sudo sudo iptables -I INPUT -p udp -m multiport --dports 4789,9876 -j ACCEPT
732 sudo iptables-save > /etc/sysconfig/iptables
733 sudo systemctl restart iptables
734 sudo iptables --line-numbers -nvL
738 #For SFC Tests a larger partition is required for creating instances with Ubuntu
739 if [[ "${ENABLE_OS_PLUGINS}" =~ networking-sfc ]]; then
742 cat > "${WORKSPACE}/get_devstack.sh" << EOF
743 sudo systemctl stop firewalld
744 sudo yum install bridge-utils python-pip -y
745 #sudo systemctl stop NetworkManager
746 #Disable NetworkManager and kill dhclient and dnsmasq
747 sudo systemctl stop NetworkManager
748 sudo killall dhclient
750 #Workaround for mysql failure
751 echo "127.0.0.1 localhost \${HOSTNAME}" >> /tmp/hosts
752 echo "::1 localhost \${HOSTNAME}" >> /tmp/hosts
753 sudo mv /tmp/hosts /etc/hosts
754 sudo mkdir /opt/stack
755 echo "Create RAM disk for /opt/stack"
756 sudo mount -t tmpfs -o size=${TMPFS_SIZE} tmpfs /opt/stack
757 sudo chmod 777 /opt/stack
759 echo "git clone https://git.openstack.org/openstack-dev/devstack --branch ${OPENSTACK_BRANCH}"
760 git clone https://git.openstack.org/openstack-dev/devstack --branch ${OPENSTACK_BRANCH}
762 if [ -n "${DEVSTACK_HASH}" ]; then
763 echo "git checkout ${DEVSTACK_HASH}"
764 git checkout ${DEVSTACK_HASH}
766 wget https://raw.githubusercontent.com/shague/odl_tools/master/fix-logging.patch.txt -O /tmp/fix-logging.patch.txt
767 patch --verbose -p1 -i /tmp/fix-logging.patch.txt
768 git --no-pager log --pretty=format:'%h %<(13)%ar%<(13)%cr %<(20,trunc)%an%d %s%b' -n20
771 echo "workaround: do not upgrade openvswitch"
772 sudo yum install -y yum-plugin-versionlock
773 sudo yum versionlock add openvswitch
776 cat > "${WORKSPACE}/setup_host_cell_mapping.sh" << EOF
777 sudo nova-manage cell_v2 map_cell0
778 sudo nova-manage cell_v2 simple_cell_setup
779 sudo nova-manage db sync
780 sudo nova-manage cell_v2 discover_hosts
783 cat > "${WORKSPACE}/workaround_networking_sfc.sh" << EOF
785 git clone https://git.openstack.org/openstack/networking-sfc
787 git checkout ${OPENSTACK_BRANCH}
788 git checkout master -- devstack/plugin.sh
791 NUM_OPENSTACK_SITES=${NUM_OPENSTACK_SITES:-1}
795 if [ "${ENABLE_HAPROXY_FOR_NEUTRON}" == "yes" ]; then
796 echo "Configure HAProxy"
797 ODL_HAPROXYIP_PARAM=OPENSTACK_HAPROXY_1_IP
798 ODL_IP_PARAM1=ODL_SYSTEM_1_IP
799 ODL_IP_PARAM2=ODL_SYSTEM_2_IP
800 ODL_IP_PARAM3=ODL_SYSTEM_3_IP
801 ODLMGRIP=${!ODL_HAPROXYIP_PARAM} # ODL Northbound uses HAProxy VIP
802 ODL_OVS_MGRS="${!ODL_IP_PARAM1},${!ODL_IP_PARAM2},${!ODL_IP_PARAM3}" # OVSDB connects to all ODL IPs
803 configure_haproxy_for_neutron_requests ${!ODL_HAPROXYIP_PARAM} "${ODL_OVS_MGRS}"
805 ODL_IP_PARAM=ODL_SYSTEM_1_IP
806 ODLMGRIP=${!ODL_IP_PARAM} # OVSDB connects to ODL IP
807 ODL_OVS_MGRS="${!ODL_IP_PARAM}" # ODL Northbound uses ODL IP
811 for i in $(seq 1 "${NUM_OPENSTACK_CONTROL_NODES}"); do
812 cip=OPENSTACK_CONTROL_NODE_${i}_IP
814 os_ip_list+=("${ip}")
817 for i in $(seq 1 "${NUM_OPENSTACK_COMPUTE_NODES}"); do
818 cip=OPENSTACK_COMPUTE_NODE_${i}_IP
820 os_ip_list+=("${ip}")
823 for i in "${!os_ip_list[@]}"; do
825 tcpdump_start "${i}" "${ip}" "port 6653"
829 # Begin stacking the nodes, starting with the controller(s) and then the compute(s)
831 for i in $(seq 1 "${NUM_OPENSTACK_CONTROL_NODES}"); do
832 CONTROLIP="OPENSTACK_CONTROL_NODE_${i}_IP"
833 echo "Configure the stack of the control node ${i} of ${NUM_OPENSTACK_CONTROL_NODES}: ${!CONTROLIP}"
834 scp "${WORKSPACE}/disable_firewall.sh" "${!CONTROLIP}":/tmp
835 ${SSH} "${!CONTROLIP}" "sudo bash /tmp/disable_firewall.sh"
836 create_etc_hosts "${!CONTROLIP}"
837 scp "${WORKSPACE}/hosts_file" "${!CONTROLIP}":/tmp/hosts
838 scp "${WORKSPACE}/get_devstack.sh" "${!CONTROLIP}":/tmp
839 # devstack Master is yet to migrate fully to lib/neutron, there are some ugly hacks that is
840 # affecting the stacking.
841 # Workaround For Queens, Make the physical Network as physnet1 in lib/neutron
842 # In Queens the neutron new libs are used and do not have the following options from Pike and earlier:
843 # Q_ML2_PLUGIN_FLAT_TYPE_OPTIONS could be used for the flat_networks
844 # and Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS could be used for the ml2_type_vlan
845 ${SSH} "${!CONTROLIP}" "bash /tmp/get_devstack.sh > /tmp/get_devstack.sh.txt 2>&1"
846 ssh "${!CONTROLIP}" "sed -i 's/flat_networks public/flat_networks public,physnet1/' /opt/stack/devstack/lib/neutron"
847 ssh "${!CONTROLIP}" "sed -i '186i iniset \$NEUTRON_CORE_PLUGIN_CONF ml2_type_vlan network_vlan_ranges public:1:4094,physnet1:1:4094' /opt/stack/devstack/lib/neutron"
848 #Workaround for networking-sfc to configure the paramaters in neutron.conf if the
849 # services used are neutron-api, neutron-dhcp etc instead of q-agt.
850 # Can be removed if the patch https://review.openstack.org/#/c/596287/ gets merged
851 if [[ "${ENABLE_OS_PLUGINS}" =~ networking-sfc ]]; then
852 scp "${WORKSPACE}/workaround_networking_sfc.sh" "${!CONTROLIP}":/tmp/
853 ssh "${!CONTROLIP}" "bash -x /tmp/workaround_networking_sfc.sh"
855 create_control_node_local_conf "${!CONTROLIP}" ${ODLMGRIP} "${ODL_OVS_MGRS}"
856 scp "${WORKSPACE}/local.conf_control_${!CONTROLIP}" "${!CONTROLIP}":/opt/stack/devstack/local.conf
857 echo "Install rdo release to avoid incompatible Package versions"
858 install_rdo_release "${!CONTROLIP}"
859 setup_live_migration_control "${!CONTROLIP}"
860 if [ "$(is_openstack_feature_enabled n-cpu)" == "1" ]; then
861 setup_live_migration_compute "${!CONTROLIP}" "${!CONTROLIP}"
863 [ -n "${OVS_INSTALL}" ] && install_ovs "${!CONTROLIP}" /tmp/ovs_rpms
864 if [[ "${ENABLE_OS_PLUGINS}" =~ networking-sfc ]]; then
865 # This should be really done by networking-odl devstack plugin,
866 # but in the meantime do it ourselves
867 ssh "${!CONTROLIP}" "sudo ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true"
869 fix_broken_requirements_versions "${!CONTROLIP}"
870 echo "Stack the control node ${i} of ${NUM_OPENSTACK_CONTROL_NODES}: ${CONTROLIP}"
871 # Workaround: fixing boneheaded polkit issue, to be removed later
872 ssh "${!CONTROLIP}" "sudo bash -c 'echo deltarpm=0 >> /etc/yum.conf && yum -y update polkit'"
873 ssh "${!CONTROLIP}" "cd /opt/stack/devstack; nohup ./stack.sh > /opt/stack/devstack/nohup.out 2>&1 &"
874 ssh "${!CONTROLIP}" "ps -ef | grep stack.sh"
875 ssh "${!CONTROLIP}" "ls -lrt /opt/stack/devstack/nohup.out"
876 os_node_list+=("${!CONTROLIP}")
879 # This is a backup to the CELLSV2_SETUP=singleconductor workaround. Keeping it here as an easy lookup
881 # Let the control node get started to avoid a race condition where the computes start and try to access
882 # the nova_cell1 on the control node before it is created. If that happens, the nova-compute service on the
883 # compute exits and does not attempt to restart.
884 # 180s is chosen because in test runs the control node usually finished in 17-20 minutes and the computes finished
885 # in 17 minutes, so take the max difference of 3 minutes and the jobs should still finish around the same time.
886 # one of the following errors is seen in the compute n-cpu.log:
887 # Unhandled error: NotAllowed: Connection.open: (530) NOT_ALLOWED - access to vhost 'nova_cell1' refused for user 'stackrabbit'
888 # AccessRefused: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
889 # Compare that timestamp to this log in the control stack.log: sudo rabbitmqctl set_permissions -p nova_cell1 stackrabbit
890 # If the n-cpu.log is earlier than the control stack.log timestamp then the failure condition is likely hit.
891 if [ "${NUM_OPENSTACK_COMPUTE_NODES}" -gt 0 ]; then
892 WAIT_FOR_RABBITMQ_MINUTES=60
893 echo "Wait a maximum of ${WAIT_FOR_RABBITMQ_MINUTES}m until rabbitmq is ready and nova_cell1 created to allow the controller to create nova_cell1 before the computes need it"
895 retry ${WAIT_FOR_RABBITMQ_MINUTES} 60 "is_rabbitmq_ready ${OPENSTACK_CONTROL_NODE_1_IP}"
898 # shellcheck disable=SC2004
899 if ((${rc} == 0)); then
900 echo "rabbitmq is ready, starting ${NUM_OPENSTACK_COMPUTE_NODES} compute(s)"
902 echo "rabbitmq was not ready in ${WAIT_FOR_RABBITMQ_MINUTES}m"
907 for i in $(seq 1 "${NUM_OPENSTACK_COMPUTE_NODES}"); do
908 COMPUTEIP=OPENSTACK_COMPUTE_NODE_${i}_IP
909 CONTROLIP=OPENSTACK_CONTROL_NODE_1_IP
910 echo "Configure the stack of the compute node ${i} of ${NUM_OPENSTACK_COMPUTE_NODES}: ${!COMPUTEIP}"
911 scp "${WORKSPACE}/disable_firewall.sh" "${!COMPUTEIP}:/tmp"
912 ${SSH} "${!COMPUTEIP}" "sudo bash /tmp/disable_firewall.sh"
913 create_etc_hosts "${!COMPUTEIP}" "${!CONTROLIP}"
914 scp "${WORKSPACE}/hosts_file" "${!COMPUTEIP}":/tmp/hosts
915 scp "${WORKSPACE}/get_devstack.sh" "${!COMPUTEIP}":/tmp
916 ${SSH} "${!COMPUTEIP}" "bash /tmp/get_devstack.sh > /tmp/get_devstack.sh.txt 2>&1"
917 create_compute_node_local_conf "${!COMPUTEIP}" "${!CONTROLIP}" "${ODLMGRIP}" "${ODL_OVS_MGRS}"
918 scp "${WORKSPACE}"/local.conf_compute_"${!COMPUTEIP}" "${!COMPUTEIP}":/opt/stack/devstack/local.conf
919 echo "Install rdo release to avoid incompatible Package versions"
920 install_rdo_release "${!COMPUTEIP}"
921 setup_live_migration_compute "${!COMPUTEIP}" "${!CONTROLIP}"
922 [ -n "${OVS_INSTALL}" ] && install_ovs "${!COMPUTEIP}" /tmp/ovs_rpms
923 if [[ "${ENABLE_OS_PLUGINS}" =~ networking-sfc ]]; then
924 # This should be really done by networking-odl devstack plugin,
925 # but in the meantime do it ourselves
926 ssh "${!COMPUTEIP}" "sudo ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true"
928 fix_broken_requirements_versions "${!COMPUTEIP}"
929 echo "Stack the compute node ${i} of ${NUM_OPENSTACK_COMPUTE_NODES}: ${!COMPUTEIP}"
930 ssh "${!COMPUTEIP}" "cd /opt/stack/devstack; nohup ./stack.sh > /opt/stack/devstack/nohup.out 2>&1 &"
931 ssh "${!COMPUTEIP}" "ps -ef | grep stack.sh"
932 os_node_list+=("${!COMPUTEIP}")
935 echo "nodelist: ${os_node_list[*]}"
937 # This script runs on the openstack nodes. It greps for a string that devstack writes when stacking is complete.
938 # The script then writes a status depending on the grep output that is later scraped by the robot vm to control
939 # the status polling.
940 cat > "${WORKSPACE}/check_stacking.sh" << EOF
941 > /tmp/stack_progress
942 ps -ef | grep "stack.sh" | grep -v grep
944 if [ \${ret} -eq 1 ]; then
945 grep "This is your host IP address:" /opt/stack/devstack/nohup.out
946 if [ \$? -eq 0 ]; then
947 echo "Stacking Complete" > /tmp/stack_progress
949 echo "Stacking Failed" > /tmp/stack_progress
951 elif [ \${ret} -eq 0 ]; then
952 echo "Still Stacking" > /tmp/stack_progress
959 # Check if the stacking is finished. Poll all nodes every 60s for one hour.
962 while [ ${in_progress} -eq 1 ]; do
963 # shellcheck disable=SC2004
964 iteration=$(($iteration + 1))
965 for index in "${!os_node_list[@]}"; do
966 echo "node $index ${os_node_list[index]}: checking stacking status attempt ${iteration} of 60"
967 scp "${WORKSPACE}/check_stacking.sh" "${os_node_list[index]}:/tmp"
968 ${SSH} "${os_node_list[index]}" "bash /tmp/check_stacking.sh"
969 scp "${os_node_list[index]}":/tmp/stack_progress .
971 stacking_status=$(cat stack_progress)
973 # get_service "${iteration}" "${index}"
974 if [ "$stacking_status" == "Still Stacking" ]; then
976 elif [ "$stacking_status" == "Stacking Failed" ]; then
977 echo "node $index ${os_node_list[index]}: stacking has failed"
979 elif [ "$stacking_status" == "Stacking Complete" ]; then
980 echo "node $index ${os_node_list[index]}: stacking complete"
981 unset 'os_node_list[index]'
982 if [ ${#os_node_list[@]} -eq 0 ]; then
987 echo "sleep for a minute before the next check"
989 if [ ${iteration} -eq 60 ]; then
990 echo "stacking has failed - took longer than 60m"
995 # Further configuration now that stacking is complete.
996 echo "Configure the Control Node"
997 CONTROLIP=OPENSTACK_CONTROL_NODE_1_IP
998 # Gather Compute IPs for the site
999 for i in $(seq 1 "${NUM_OPENSTACK_COMPUTE_NODES}"); do
1000 IP_VAR=OPENSTACK_COMPUTE_NODE_${i}_IP
1001 COMPUTE_IPS[$((i-1))]=${!IP_VAR}
1004 echo "sleep for 60s and print hypervisor-list"
1006 ${SSH} ${!CONTROLIP} "cd /opt/stack/devstack; source openrc admin admin; nova hypervisor-list"
1007 # in the case that we are doing openstack (control + compute) all in one node, then the number of hypervisors
1008 # will be the same as the number of openstack systems. However, if we are doing multinode openstack then the
1009 # assumption is we have a single control node and the rest are compute nodes, so the number of expected hypervisors
1010 # is one less than the total number of openstack systems
1011 if [ "${NUM_OPENSTACK_SYSTEM}" -eq 1 ]; then
1012 expected_num_hypervisors=1
1014 expected_num_hypervisors=${NUM_OPENSTACK_COMPUTE_NODES}
1015 if [ "$(is_openstack_feature_enabled n-cpu)" == "1" ]; then
1016 expected_num_hypervisors=$((expected_num_hypervisors + 1))
1019 num_hypervisors=$(${SSH} ${!CONTROLIP} "cd /opt/stack/devstack; source openrc admin admin; openstack hypervisor list -f value | wc -l" | tail -1 | tr -d "\r")
1020 if ! [ "${num_hypervisors}" ] || ! [ "${num_hypervisors}" -eq ${expected_num_hypervisors} ]; then
1021 echo "Error: Only $num_hypervisors hypervisors detected, expected $expected_num_hypervisors"
1026 echo "prepare external networks by adding vxlan tunnels between all nodes on a separate bridge..."
1027 # FIXME Should there be a unique gateway IP and devstack index for each site?
1029 for ip in ${!CONTROLIP} ${COMPUTE_IPS[*]}; do
1030 # FIXME - Workaround, ODL (new netvirt) currently adds PUBLIC_BRIDGE as a port in br-int since it doesn't see such a bridge existing when we stack
1031 ${SSH} "$ip" "sudo ovs-vsctl --if-exists del-port br-int $PUBLIC_BRIDGE"
1032 ${SSH} "$ip" "sudo ovs-vsctl --may-exist add-br $PUBLIC_BRIDGE -- set bridge $PUBLIC_BRIDGE other-config:disable-in-band=true other_config:hwaddr=f6:00:00:ff:01:0$((devstack_index++))"
1036 if [ "${IPSEC_VXLAN_TUNNELS_ENABLED}" == "yes" ]; then
1037 # shellcheck disable=SC2206
1038 ALL_NODES=(${!CONTROLIP} ${COMPUTE_IPS[*]})
1039 for ((inx_ip1=0; inx_ip1<$((${#ALL_NODES[@]} - 1)); inx_ip1++)); do
1040 for ((inx_ip2=$((inx_ip1 + 1)); inx_ip2<${#ALL_NODES[@]}; inx_ip2++)); do
1041 KEY1=0x$(dd if=/dev/urandom count=32 bs=1 2> /dev/null| xxd -p -c 64)
1042 KEY2=0x$(dd if=/dev/urandom count=32 bs=1 2> /dev/null| xxd -p -c 64)
1043 ID=0x$(dd if=/dev/urandom count=4 bs=1 2> /dev/null| xxd -p -c 8)
1044 ip1=${ALL_NODES[$inx_ip1]}
1045 ip2=${ALL_NODES[$inx_ip2]}
1046 ${SSH} "$ip1" "sudo ip xfrm state add src $ip1 dst $ip2 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
1047 ${SSH} "$ip1" "sudo ip xfrm state add src $ip2 dst $ip1 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
1048 ${SSH} "$ip1" "sudo ip xfrm policy add src $ip1 dst $ip2 proto udp dir out tmpl src $ip1 dst $ip2 proto esp reqid $ID mode transport"
1049 ${SSH} "$ip1" "sudo ip xfrm policy add src $ip2 dst $ip1 proto udp dir in tmpl src $ip2 dst $ip1 proto esp reqid $ID mode transport"
1051 ${SSH} "$ip2" "sudo ip xfrm state add src $ip2 dst $ip1 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
1052 ${SSH} "$ip2" "sudo ip xfrm state add src $ip1 dst $ip2 proto esp spi $ID reqid $ID mode transport auth sha256 $KEY1 enc aes $KEY2"
1053 ${SSH} "$ip2" "sudo ip xfrm policy add src $ip2 dst $ip1 proto udp dir out tmpl src $ip2 dst $ip1 proto esp reqid $ID mode transport"
1054 ${SSH} "$ip2" "sudo ip xfrm policy add src $ip1 dst $ip2 proto udp dir in tmpl src $ip1 dst $ip2 proto esp reqid $ID mode transport"
1058 for ip in ${!CONTROLIP} ${COMPUTE_IPS[*]}; do
1059 echo "ip xfrm configuration for node $ip:"
1060 ${SSH} "$ip" "sudo ip xfrm policy list"
1061 ${SSH} "$ip" "sudo ip xfrm state list"
1065 # Control Node - PUBLIC_BRIDGE will act as the external router
1066 # Parameter values below are used in integration/test - changing them requires updates in intergration/test as well
1067 EXTNET_GATEWAY_IP="10.10.10.250"
1068 EXTNET_INTERNET_IP="10.9.9.9"
1069 EXTNET_PNF_IP="10.10.10.253"
1070 ${SSH} ${!CONTROLIP} "sudo ifconfig ${PUBLIC_BRIDGE} up ${EXTNET_GATEWAY_IP}/24"
1072 # Control Node - external net PNF simulation
1073 ${SSH} ${!CONTROLIP} "
1074 sudo ip netns add pnf_ns;
1075 sudo ip link add pnf_veth0 type veth peer name pnf_veth1;
1076 sudo ip link set pnf_veth1 netns pnf_ns;
1077 sudo ip link set pnf_veth0 up;
1078 sudo ip netns exec pnf_ns ifconfig pnf_veth1 up ${EXTNET_PNF_IP}/24;
1079 sudo ovs-vsctl add-port ${PUBLIC_BRIDGE} pnf_veth0;
1082 # Control Node - external net internet address simulation
1083 ${SSH} ${!CONTROLIP} "
1084 sudo ip tuntap add dev internet_tap mode tap;
1085 sudo ifconfig internet_tap up ${EXTNET_INTERNET_IP}/24;
1090 for compute_ip in ${COMPUTE_IPS[*]}; do
1091 # Tunnel from controller to compute
1092 COMPUTEPORT=compute$(( compute_index++ ))_vxlan
1093 ${SSH} ${!CONTROLIP} "
1094 sudo ovs-vsctl add-port $PUBLIC_BRIDGE $COMPUTEPORT -- set interface $COMPUTEPORT type=vxlan options:local_ip=${!CONTROLIP} options:remote_ip=$compute_ip options:dst_port=9876 options:key=flow
1096 # Tunnel from compute to controller
1097 CONTROLPORT="control_vxlan"
1098 ${SSH} "$compute_ip" "
1099 sudo ovs-vsctl add-port $PUBLIC_BRIDGE $CONTROLPORT -- set interface $CONTROLPORT type=vxlan options:local_ip=$compute_ip options:remote_ip=${!CONTROLIP} options:dst_port=9876 options:key=flow
1103 if [ "${ENABLE_HAPROXY_FOR_NEUTRON}" == "yes" ]; then
1104 odlmgrip=OPENSTACK_HAPROXY_1_IP
1105 HA_PROXY_IP=${!odlmgrip}
1106 HA_PROXY_1_IP=${!odlmgrip}
1107 odlmgrip2=OPENSTACK_HAPROXY_2_IP
1108 HA_PROXY_2_IP=${!odlmgrip2}
1109 odlmgrip3=OPENSTACK_HAPROXY_1_IP
1110 HA_PROXY_3_IP=${!odlmgrip3}
1112 HA_PROXY_IP=${ODL_SYSTEM_IP}
1113 HA_PROXY_1_IP=${ODL_SYSTEM_1_IP}
1114 HA_PROXY_2_IP=${ODL_SYSTEM_2_IP}
1115 HA_PROXY_3_IP=${ODL_SYSTEM_3_IP}
1118 get_test_suites SUITES
1120 #install all client versions required for this job testing
1121 install_openstack_clients_in_robot_vm
1123 # TODO: run openrc on control node and then scrape the vars from it
1124 # Environment Variables Needed to execute Openstack Client for NetVirt Jobs
1125 cat > /tmp/os_netvirt_client_rc << EOF
1126 export OS_USERNAME=admin
1127 export OS_PASSWORD=admin
1128 export OS_PROJECT_NAME=admin
1129 export OS_USER_DOMAIN_NAME=default
1130 export OS_PROJECT_DOMAIN_NAME=default
1131 export OS_AUTH_URL="http://${!CONTROLIP}/identity"
1132 export OS_IDENTITY_API_VERSION=3
1133 export OS_IMAGE_API_VERSION=2
1134 export OS_TENANT_NAME=admin
1138 source /tmp/os_netvirt_client_rc
1140 echo "Get all versions before executing robot"
1141 echo "openstack --version"
1142 command -v openstack
1144 echo "nova --version"
1147 echo "neutron --version"
1151 stacktime=$(timer "$totaltmr")
1152 printf "Stacking elapsed time: %s\n" "${stacktime}"
1154 echo "Starting Robot test suites ${SUITES} ..."
1155 # please add robot -v arguments on a single line and alphabetized
1157 # ${TESTOPTIONS}, ${SUITES} are space-separated parameters and should not be quoted.
1158 # shellcheck disable=SC2086
1159 for suite in ${SUITES}; do
1160 # prepend an incremental counter to the suite name so that the full robot log combining all the suites as is done
1161 # in the rebot step below will list all the suites in chronological order as rebot seems to alphabetize them
1162 (( suite_num = suite_num + 1 ))
1163 suite_index="$(printf %02d "${suite_num}")"
1164 suite_name="$(basename "${suite}" | cut -d. -f1)"
1165 log_name="${suite_index}_${suite_name}"
1166 robot -N "${log_name}" \
1167 -c critical -e exclude -e "skip_if_${DISTROSTREAM}" \
1168 --log "log_${log_name}.html" --report "report_${log_name}.html" --output "output_${log_name}.xml" \
1169 --removekeywords wuks \
1170 --removekeywords name:SetupUtils.Setup_Utils_For_Setup_And_Teardown \
1171 --removekeywords name:SetupUtils.Setup_Test_With_Logging_And_Without_Fast_Failing \
1172 --removekeywords name:OpenStackOperations.Add_OVS_Logging_On_All_OpenStack_Nodes \
1173 -v BUNDLEFOLDER:"${BUNDLEFOLDER}" \
1174 -v BUNDLE_URL:"${ACTUAL_BUNDLE_URL}" \
1175 -v CMP_INSTANCES_SHARED_PATH:/var/instances \
1176 -v CONTROLLERFEATURES:"${CONTROLLERFEATURES}" \
1177 -v CONTROLLER_USER:"${USER}" \
1178 -v DEVSTACK_DEPLOY_PATH:/opt/stack/devstack \
1179 -v ENABLE_ITM_DIRECT_TUNNELS:"${ENABLE_ITM_DIRECT_TUNNELS}" \
1180 -v HA_PROXY_IP:"${HA_PROXY_IP}" \
1181 -v HA_PROXY_1_IP:"${HA_PROXY_1_IP}" \
1182 -v HA_PROXY_2_IP:"${HA_PROXY_2_IP}" \
1183 -v HA_PROXY_3_IP:"${HA_PROXY_3_IP}" \
1184 -v JDKVERSION:"${JDKVERSION}" \
1185 -v JENKINS_WORKSPACE:"${WORKSPACE}" \
1186 -v NEXUSURL_PREFIX:"${NEXUSURL_PREFIX}" \
1187 -v NUM_ODL_SYSTEM:"${NUM_ODL_SYSTEM}" \
1188 -v NUM_OS_SYSTEM:"${NUM_OPENSTACK_SYSTEM}" \
1189 -v NUM_TOOLS_SYSTEM:"${NUM_TOOLS_SYSTEM}" \
1190 -v ODL_SNAT_MODE:"${ODL_SNAT_MODE}" \
1191 -v GROUP_ADD_MOD_ENABLED:"${GROUP_ADD_MOD_ENABLED}" \
1192 -v ODL_STREAM:"${DISTROSTREAM}" \
1193 -v ODL_SYSTEM_IP:"${ODL_SYSTEM_IP}" \
1194 -v ODL_SYSTEM_1_IP:"${ODL_SYSTEM_1_IP}" \
1195 -v ODL_SYSTEM_2_IP:"${ODL_SYSTEM_2_IP}" \
1196 -v ODL_SYSTEM_3_IP:"${ODL_SYSTEM_3_IP}" \
1197 -v ODL_SYSTEM_4_IP:"${ODL_SYSTEM_4_IP}" \
1198 -v ODL_SYSTEM_5_IP:"${ODL_SYSTEM_5_IP}" \
1199 -v ODL_SYSTEM_6_IP:"${ODL_SYSTEM_6_IP}" \
1200 -v ODL_SYSTEM_7_IP:"${ODL_SYSTEM_7_IP}" \
1201 -v ODL_SYSTEM_8_IP:"${ODL_SYSTEM_8_IP}" \
1202 -v ODL_SYSTEM_9_IP:"${ODL_SYSTEM_9_IP}" \
1203 -v OS_CONTROL_NODE_IP:"${OPENSTACK_CONTROL_NODE_1_IP}" \
1204 -v OS_CONTROL_NODE_1_IP:"${OPENSTACK_CONTROL_NODE_1_IP}" \
1205 -v OS_CONTROL_NODE_2_IP:"${OPENSTACK_CONTROL_NODE_2_IP}" \
1206 -v OS_CONTROL_NODE_3_IP:"${OPENSTACK_CONTROL_NODE_3_IP}" \
1207 -v OPENSTACK_BRANCH:"${OPENSTACK_BRANCH}" \
1208 -v OS_COMPUTE_1_IP:"${OPENSTACK_COMPUTE_NODE_1_IP}" \
1209 -v OS_COMPUTE_2_IP:"${OPENSTACK_COMPUTE_NODE_2_IP}" \
1210 -v OS_COMPUTE_3_IP:"${OPENSTACK_COMPUTE_NODE_3_IP}" \
1211 -v OS_COMPUTE_4_IP:"${OPENSTACK_COMPUTE_NODE_4_IP}" \
1212 -v OS_COMPUTE_5_IP:"${OPENSTACK_COMPUTE_NODE_5_IP}" \
1213 -v OS_COMPUTE_6_IP:"${OPENSTACK_COMPUTE_NODE_6_IP}" \
1214 -v OPENSTACK_TOPO:"${OPENSTACK_TOPO}" \
1215 -v OS_USER:"${USER}" \
1216 -v PUBLIC_PHYSICAL_NETWORK:"${PUBLIC_PHYSICAL_NETWORK}" \
1217 -v SECURITY_GROUP_MODE:"${SECURITY_GROUP_MODE}" \
1218 -v TOOLS_SYSTEM_IP:"${TOOLS_SYSTEM_1_IP}" \
1219 -v TOOLS_SYSTEM_1_IP:"${TOOLS_SYSTEM_1_IP}" \
1220 -v TOOLS_SYSTEM_2_IP:"${TOOLS_SYSTEM_2_IP}" \
1221 -v TOOLS_SYSTEM_3_IP:"${TOOLS_SYSTEM_3_IP}" \
1222 -v USER_HOME:"${HOME}" \
1224 ${TESTOPTIONS} ${suite} || true
1226 #rebot exit codes seem to be different
1227 rebot --output "${WORKSPACE}/output.xml" --log log_full.html --report report.html -N openstack output_*.xml || true
1229 echo "Examining the files in data/log and checking file size"
1230 # shellcheck disable=SC2029
1231 ssh "${ODL_SYSTEM_IP}" "ls -altr /tmp/${BUNDLEFOLDER}/data/log/"
1232 # shellcheck disable=SC2029
1233 ssh "${ODL_SYSTEM_IP}" "du -hs /tmp/${BUNDLEFOLDER}/data/log/*"
1235 echo "Tests Executed"
1236 printf "Total elapsed time: %s, stacking time: %s\n" "$(timer "$totaltmr")" "${stacktime}"
1237 true # perhaps Jenkins is testing last exit code
1238 # vim: ts=4 sw=4 sts=4 et ft=sh :