Hello community,
here is the log from the commit of package openstack-quickstart for
openSUSE:Factory checked in at 2013-10-21 12:30:34
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openstack-quickstart (Old)
and /work/SRC/openSUSE:Factory/.openstack-quickstart.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-quickstart"
Changes:
--------
---
/work/SRC/openSUSE:Factory/openstack-quickstart/openstack-quickstart.changes
2013-09-16 16:23:42.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.openstack-quickstart.new/openstack-quickstart.changes
2013-10-21 12:30:35.000000000 +0200
@@ -1,0 +2,23 @@
+Tue Oct 1 12:05:11 UTC 2013 - [email protected]
+
+- update to latest git (cc514df):
+ + Set up Keystone V3 endpoint
+
+-------------------------------------------------------------------
+Mon Sep 30 13:48:27 UTC 2013 - [email protected]
+
+- change requires
+
+-------------------------------------------------------------------
+Sat Sep 28 00:53:30 UTC 2013 - [email protected]
+
+- Update to latest git (2c030af):
+ + Use crudini instead of openstack-utils
+
+-------------------------------------------------------------------
+Mon Sep 23 23:52:19 UTC 2013 - [email protected]
+
+- Update to latest git (a7446e5):
+ + Configure Neutron configuration in Tempest properly
+
+-------------------------------------------------------------------
Old:
----
openstack-quickstart-2013.2+git.1379105044.0e0a541.tar.gz
New:
----
openstack-quickstart-2013.2+git.1380614452.cc514df.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openstack-quickstart.spec ++++++
--- /var/tmp/diff_new_pack.RvbxGQ/_old 2013-10-21 12:30:36.000000000 +0200
+++ /var/tmp/diff_new_pack.RvbxGQ/_new 2013-10-21 12:30:36.000000000 +0200
@@ -17,7 +17,7 @@
Name: openstack-quickstart
-Version: 2013.2+git.1379105044.0e0a541
+Version: 2013.2+git.1380614452.cc514df
Release: 0
Summary: OpenStack Quickstart
License: MIT
@@ -29,7 +29,7 @@
Suggests: patterns-OpenStack-compute-node
Suggests: patterns-OpenStack-controller
Suggests: patterns-OpenStack-network-node
-Requires: openstack-utils
+Requires: crudini
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
++++++ _service ++++++
--- /var/tmp/diff_new_pack.RvbxGQ/_old 2013-10-21 12:30:36.000000000 +0200
+++ /var/tmp/diff_new_pack.RvbxGQ/_new 2013-10-21 12:30:36.000000000 +0200
@@ -4,7 +4,7 @@
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="versionformat">@PARENT_TAG@+git.%ct.%h</param>
- <param name="revision">master</param>
+ <param name="revision">stable/havana</param>
</service>
<service name="recompress" mode="disabled">
++++++ devstack-master.tar.gz ++++++
++++ 3851 lines of diff (skipped)
++++++ openstack-quickstart-2013.2+git.1379105044.0e0a541.tar.gz ->
openstack-quickstart-2013.2+git.1380614452.cc514df.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/openstack-quickstart-2013.2+git.1379105044.0e0a541/etc/openstackquickstartrc
new/openstack-quickstart-2013.2+git.1380614452.cc514df/etc/openstackquickstartrc
---
old/openstack-quickstart-2013.2+git.1379105044.0e0a541/etc/openstackquickstartrc
2013-09-16 02:05:08.000000000 +0200
+++
new/openstack-quickstart-2013.2+git.1380614452.cc514df/etc/openstackquickstartrc
2013-10-21 02:01:24.000000000 +0200
@@ -15,7 +15,7 @@
testnet=10.10.134.16/29
# floating ip address, should not be a part of your network
-floatingnet=172.31.0.0/29
+floatingnet=172.31.0.0/24
# this defines which database to use
#DB=mysql
@@ -23,6 +23,9 @@
SERVICE_TOKEN=999888777666
+# Setup Horizon dashboard
+with_horizon=yes
+
# Setup Tempest ?
with_tempest=no
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/openstack-quickstart-2013.2+git.1379105044.0e0a541/scripts/keystone_data.sh
new/openstack-quickstart-2013.2+git.1380614452.cc514df/scripts/keystone_data.sh
---
old/openstack-quickstart-2013.2+git.1379105044.0e0a541/scripts/keystone_data.sh
2013-09-16 02:05:08.000000000 +0200
+++
new/openstack-quickstart-2013.2+git.1380614452.cc514df/scripts/keystone_data.sh
2013-10-21 02:01:24.000000000 +0200
@@ -70,14 +70,14 @@
# Add Roles to Users in Tenants
-keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id
$ADMIN_TENANT
-keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id
$DEMO_TENANT
-keystone user-role-add --user_id $DEMO_USER --role_id $ANOTHER_ROLE
--tenant_id $DEMO_TENANT
+keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id
$ADMIN_TENANT
+keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id
$DEMO_TENANT
+keystone user-role-add --user-id $DEMO_USER --role-id $ANOTHER_ROLE
--tenant-id $DEMO_TENANT
# The Member role is used by Horizon and Swift so we need to keep it:
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
-keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id
$DEMO_TENANT
-keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id
$INVIS_TENANT
+keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id
$DEMO_TENANT
+keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id
$INVIS_TENANT
# Services
@@ -102,12 +102,12 @@
NOVA_USER=$(get_id keystone user-create \
--name=nova \
--pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
+ --tenant-id $SERVICE_TENANT \
[email protected])
keystone user-role-add \
- --tenant_id $SERVICE_TENANT \
- --user_id $NOVA_USER \
- --role_id $ADMIN_ROLE
+ --tenant-id $SERVICE_TENANT \
+ --user-id $NOVA_USER \
+ --role-id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NOVA_SERVICE=$(get_id keystone service-create \
--name=nova \
@@ -119,7 +119,20 @@
--publicurl
"http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--adminurl
"http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \
--internalurl
"http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s"
+
+ # Create Nova V3 Services
+ NOVA_V3_SERVICE=$(get_id keystone service-create \
+ --name=nova \
+ --type=computev3 \
+ --description="Nova Compute Service V3")
+ keystone endpoint-create \
+ --region RegionOne \
+ --service_id $NOVA_V3_SERVICE \
+ --publicurl "http://$SERVICE_HOST:9696/v3"; \
+ --adminurl "http://$SERVICE_HOST:9696/v3"; \
+ --internalurl "http://$SERVICE_HOST:9696/v3";
fi
+
# Nova needs ResellerAdmin role to download images when accessing
# swift through the s3 api. The admin role in swift allows a user
# to act as an admin for their tenant, but ResellerAdmin is needed
@@ -127,9 +140,9 @@
# configurable in swift-proxy.conf
RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
keystone user-role-add \
- --tenant_id $SERVICE_TENANT \
- --user_id $NOVA_USER \
- --role_id $RESELLER_ROLE
+ --tenant-id $SERVICE_TENANT \
+ --user-id $NOVA_USER \
+ --role-id $RESELLER_ROLE
fi
# Volume
@@ -152,11 +165,11 @@
if [[ "$ENABLED_SERVICES" =~ "heat" ]]; then
HEAT_USER=$(get_id keystone user-create --name=heat \
--pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
+ --tenant-id $SERVICE_TENANT \
[email protected])
- keystone user-role-add --tenant_id $SERVICE_TENANT \
- --user_id $HEAT_USER \
- --role_id $ADMIN_ROLE
+ keystone user-role-add --tenant-id $SERVICE_TENANT \
+ --user-id $HEAT_USER \
+ --role-id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
HEAT_CFN_SERVICE=$(get_id keystone service-create \
--name=heat \
@@ -176,12 +189,12 @@
GLANCE_USER=$(get_id keystone user-create \
--name=glance \
--pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
+ --tenant-id $SERVICE_TENANT \
[email protected])
keystone user-role-add \
- --tenant_id $SERVICE_TENANT \
- --user_id $GLANCE_USER \
- --role_id $ADMIN_ROLE
+ --tenant-id $SERVICE_TENANT \
+ --user-id $GLANCE_USER \
+ --role-id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
GLANCE_SERVICE=$(get_id keystone service-create \
--name=glance \
@@ -201,12 +214,12 @@
SWIFT_USER=$(get_id keystone user-create \
--name=swift \
--pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
+ --tenant-id $SERVICE_TENANT \
[email protected])
keystone user-role-add \
- --tenant_id $SERVICE_TENANT \
- --user_id $SWIFT_USER \
- --role_id $ADMIN_ROLE
+ --tenant-id $SERVICE_TENANT \
+ --user-id $SWIFT_USER \
+ --role-id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
SWIFT_SERVICE=$(get_id keystone service-create \
--name=swift \
@@ -225,12 +238,12 @@
NEUTRON_USER=$(get_id keystone user-create \
--name=neutron \
--pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
+ --tenant-id $SERVICE_TENANT \
[email protected])
keystone user-role-add \
- --tenant_id $SERVICE_TENANT \
- --user_id $NEUTRON_USER \
- --role_id $ADMIN_ROLE
+ --tenant-id $SERVICE_TENANT \
+ --user-id $NEUTRON_USER \
+ --role-id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
NEUTRON_SERVICE=$(get_id keystone service-create \
--name=neutron \
@@ -287,19 +300,19 @@
--pass="$ADMIN_PASSWORD" \
[email protected])
keystone user-role-add \
- --tenant_id $ALT_DEMO_TENANT \
- --user_id $ALT_DEMO_USER \
- --role_id $MEMBER_ROLE
+ --tenant-id $ALT_DEMO_TENANT \
+ --user-id $ALT_DEMO_USER \
+ --role-id $MEMBER_ROLE
fi
if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
CINDER_USER=$(get_id keystone user-create --name=cinder \
--pass="$SERVICE_PASSWORD" \
- --tenant_id $SERVICE_TENANT \
+ --tenant-id $SERVICE_TENANT \
[email protected])
- keystone user-role-add --tenant_id $SERVICE_TENANT \
- --user_id $CINDER_USER \
- --role_id $ADMIN_ROLE
+ keystone user-role-add --tenant-id $SERVICE_TENANT \
+ --user-id $CINDER_USER \
+ --role-id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
CINDER_SERVICE=$(get_id keystone service-create \
--name=cinder \
@@ -311,6 +324,19 @@
--publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
--adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \
--internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s"
+
+
+ # Create Cinder V2 API
+ CINDER_V2_SERVICE=$(get_id keystone service-create \
+ --name=cinder \
+ --type=volumev2 \
+ --description="Cinder Volume Service V2")
+ keystone endpoint-create \
+ --region RegionOne \
+ --service_id $CINDER_V2_SERVICE \
+ --publicurl
"http://$SERVICE_HOST:8776/v2/\$(tenant_id)s" \
+ --adminurl
"http://$SERVICE_HOST:8776/v2/\$(tenant_id)s" \
+ --internalurl
"http://$SERVICE_HOST:8776/v2/\$(tenant_id)s"
fi
fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/openstack-quickstart-2013.2+git.1379105044.0e0a541/scripts/openstack-quickstart-demosetup
new/openstack-quickstart-2013.2+git.1380614452.cc514df/scripts/openstack-quickstart-demosetup
---
old/openstack-quickstart-2013.2+git.1379105044.0e0a541/scripts/openstack-quickstart-demosetup
2013-09-16 02:05:08.000000000 +0200
+++
new/openstack-quickstart-2013.2+git.1380614452.cc514df/scripts/openstack-quickstart-demosetup
2013-10-21 02:01:24.000000000 +0200
@@ -1,28 +1,19 @@
#!/bin/bash -x
-# for development testing
-PREFIX=
-
# go in a directory everybody can access
# (postgresql commands usually have a 'could not change to "$PWD"' error
# message if the postgres user cannot have access to $PWD...)
cd /
-. $PREFIX/etc/openstackquickstartrc
+. /etc/openstackquickstartrc
ADMIN_PASSWORD=$pw
SERVICE_HOST=$IP
KEYSTONE_SYSTEM_USER=openstack-keystone
-KEYSTONE_SYSTEM_GROUP=openstack-keystone
GLANCE_SYSTEM_USER=openstack-glance
-GLANCE_SYSTEM_GROUP=openstack-glance
CINDER_SYSTEM_USER=openstack-cinder
-CINDER_SYSTEM_GROUP=openstack-cinder
NEUTRON_SYTEM_USER=openstack-neutron
-NEUTRON_SYTEM_GROUP=openstack-neutron
NOVA_SYSTEM_USER=openstack-nova
-NOVA_SYSTEM_GROUP=openstack-nova
-HORIZON_SYSTEM_USER=openstack-horizon
echo "Setting up OpenStack demo controller..."
@@ -51,9 +42,19 @@
i=/etc/init.d/$1
if [ -x $i ] ; then
insserv $1
- $i restart
+ if [ -n "$(type -p systemctl)" ]; then
+
+ systemctl start ${1}.service
+ systemctl enable ${1}.service
+ else
+ $i start
+ fi
$i status
- [ $? -eq 3 ] && { "Service $i is not running"; exit 1; }
+ if [ $? -eq 3 ]; then
+ journalctl -xn || :
+ echo "Service $1 is not running"
+ exit 1
+ fi
fi
}
@@ -133,7 +134,7 @@
. /etc/bash.openstackrc
setcreds admin $pw" >> /etc/bash.bashrc.local
-install_packages patterns-OpenStack-controller patterns-OpenStack-compute-node
patterns-OpenStack-clients patterns-OpenStack-network-node openstack-utils
+install_packages patterns-OpenStack-controller patterns-OpenStack-compute-node
patterns-OpenStack-clients patterns-OpenStack-network-node crudini psmisc
if [ "$DB" = "postgresql" ] ; then
if grep -q "SUSE Linux Enterprise Server 11" /etc/SuSE-release; then
@@ -141,18 +142,86 @@
else
install_packages postgresql-server python-psycopg2
fi
- /etc/init.d/postgresql restart
+fi
+
+# configure NTP, because we need synchronized time between nodes
+grep -q ntp.org /etc/ntp.conf || echo server pool.ntp.org >> /etc/ntp.conf
+
+# change libvirt to run qemu as user qemu
+sed -i -e 's;.*user.*=.*;user = "qemu";' /etc/libvirt/qemu.conf
+if [ -e /dev/kvm ]; then
+ chown root:kvm /dev/kvm
+ chmod 660 /dev/kvm
+fi
+
+# configure tgt for cinder
+if [ -f /etc/tgt/targets.conf ]; then
+ grep -q "include /var/lib/cinder/volumes" /etc/tgt/targets.conf || {
+ echo "include /var/lib/cinder/volumes/*" >> /etc/tgt/targets.conf
+ start_and_enable_service tgtd
+ }
+fi
+
+# Set up the database
+if [ "$DB" = "postgresql" ] ; then
+ DATADIR=/var/lib/pgsql/data
+ # No database exists? Start and Stop to create the initial files
+ if [ ! -f $DATADIR/PG_VERSION ]; then
+ start_and_enable_service $DB
+ stop_and_disable_service $DB
+ fi
+ if ! grep -q ::/0 $DATADIR/pg_hba.conf ; then
+ sed -i "s/^\(host .*\) ident\(.*\)/\1 md5 \2/" "$DATADIR/pg_hba.conf"
+ sed -i "s/^\(local \)/local horizon all md5 sameuser\n\1/"
"$DATADIR/pg_hba.conf"
+ # allow remote connections:
+ echo "listen_addresses = '*'" >> $DATADIR/postgresql.conf
+ echo "host all all 0.0.0.0/0 md5 sameuser" >> $DATADIR/pg_hba.conf
+ echo "host all all ::/0 md5 sameuser" >> $DATADIR/pg_hba.conf
+ if ! rpm -q postgresql | grep -q postgresql-8 ; then
+ sed -i 's/\s*sameuser$//' $DATADIR/pg_hba.conf # adapt config
syntax to postgresql-9
+ fi
+ fi
else
- # start mysql
- /etc/init.d/mysql start
+ echo | mysql -u root || pwquery=-p
+ for DBNAME in nova cinder keystone glance horizon neutron ; do
+ echo "
+ set global character_set_server=latin1;
+ set session character_set_server=latin1;
+ CREATE DATABASE IF NOT EXISTS $DBNAME;
+ GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBNAME'@localhost IDENTIFIED BY
'$mpw';
+ GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBNAME'@'%' IDENTIFIED BY
'$mpw';
+ " | mysql -u root $pwquery
+ done
fi
+# start some initial services
+for s in ntp libvirtd $DB tgtd memcached
+do
+ start_and_enable_service $s
+done
+
+start_and_enable_service open-iscsi || :
+
+
+# Set up the database
+if [ "$DB" = "postgresql" ] ; then
+ sudo -u postgres dropdb keystone || true # needed for keystone_data.sh
+ for DBNAME in nova cinder keystone glance horizon heat neutron ; do
+ # use ALTER if CREATE fails: the role probably already exists
+ # in that case
+ sudo -u postgres psql -c "CREATE ROLE $DBNAME PASSWORD '$mpw' LOGIN;"
|| \
+ sudo -u postgres psql -c "ALTER ROLE $DBNAME PASSWORD '$mpw' LOGIN;"
+ sudo -u postgres createdb -O $DBNAME $DBNAME || true
+ done
+ sudo -u postgres createuser -s root || :
+fi
+
grep -q -e vmx -e svm /proc/cpuinfo || MODE=lxc
# use lxc or qemu, if kvm is unavailable
if rpm -q openstack-nova-compute >/dev/null ; then
if [ "$MODE" = lxc ] ; then
- openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_type lxc
+ crudini --set /etc/nova/nova.conf DEFAULT libvirt_type lxc
install_packages lxc
# not sure what this is good for, cgroups is and should be mounted
under /sys/fs/cgroup
#echo mount -t cgroup none /cgroup >> /etc/init.d/boot.local
@@ -176,8 +245,7 @@
fi
# activate ip-forwarding
[ -e /etc/sysconfig/sysctl ] && sed -i -e
's;IP_FORWARD="no";IP_FORWARD="yes";' /etc/sysconfig/sysctl
-grep -q 'net.ipv4.ip_forward' /etc/sysctl.conf
-if [[ $? -eq 0 ]] ; then
+if grep -q 'net.ipv4.ip_forward' /etc/sysctl.conf; then
sed -i -e 's;net.ipv4.ip_forward.*;net.ipv4.ip_forward = 1;'
/etc/sysctl.conf
else
#sysctl file may not have ending new line
@@ -220,17 +288,18 @@
/etc/init.d/network start
fi
-
#-----------------------------------------
# setup OpenStack Dashboard (optional)
#-----------------------------------------
-if rpmqpack |grep -qx openstack-dashboard; then
+
+if [ "x$with_horizon" = "xyes" ]; then
# configure dashboard/apache sample configuration from the package:
install -m 644 /etc/apache2/conf.d/openstack-dashboard.conf{.sample,}
a2enmod rewrite
a2enmod ssl
a2enmod wsgi
+ a2enmod socache_shmcb
a2enflag SSL
DASHBOARD_LOCAL_SET=/usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py
@@ -242,14 +311,15 @@
if [ "$DB" = "postgresql" ] ; then
cat >> $DASHBOARD_LOCAL_SET <<EODASHDB
- DATABASES = {
- 'default': {
- 'ENGINE': 'django.db.backends.postgresql_psycopg2',
- 'NAME': 'horizon',
- 'USER': 'horizon',
- 'PASSWORD': '$mpw',
- }
+DATABASES = {
+ 'default': {
+ 'ENGINE': 'django.db.backends.postgresql_psycopg2',
+ 'HOST': '$IP',
+ 'NAME': 'horizon',
+ 'USER': 'horizon',
+ 'PASSWORD': '$mpw',
}
+}
EODASHDB
fi
@@ -260,8 +330,8 @@
fi
# Use 'secure' session and CSRF cookies (bnc#753582):
cat >> $DASHBOARD_LOCAL_SET <<EOSEC
- # Use 'secure' cookies when we use SSL, see
https://docs.djangoproject.com/en/1.4/topics/security/:
- SESSION_COOKIE_SECURE = CSRF_COOKIE_SECURE = USE_SSL
+# Use 'secure' cookies when we use SSL, see
https://docs.djangoproject.com/en/1.4/topics/security/:
+SESSION_COOKIE_SECURE = CSRF_COOKIE_SECURE = USE_SSL
EOSEC
# sync dashboard DB "after" the database is created
run_as wwwrun "cd /usr/share/openstack-dashboard; umask 0027; python -m
'manage' syncdb --noinput"
@@ -269,53 +339,56 @@
KEYSTONE_AUTH_HOST=${KEYSTONE_AUTH_HOST:-$SERVICE_HOST}
KEYSTONE_AUTH_PORT=${KEYSTONE_AUTH_PORT:-35357}
+KEYSTONE_SERVICE_PORT=${KEYSTONE_AUTH_PORT:-5000}
KEYSTONE_AUTH_PROTOCOL=${KEYSTONE_AUTH_PROTOCOL:-http}
-SERVICE_ENDPOINT=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0
+KEYSTONE_PUBLIC_ENDPOINT=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_SERVICE_PORT/v2.0
+KEYSTONE_PUBLIC_ENDPOINT_V3=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_SERVICE_PORT/v3
#-----------------------------------------
# setup keystone client endpoint configuration
#-----------------------------------------
for c in /etc/glance/glance-api.conf /etc/glance/glance-registry.conf \
- /etc/neutron/neutron.conf /etc/cinder/cinder.conf ; do
- openstack-config --set $c keystone_authtoken auth_host $IP
- openstack-config --set $c keystone_authtoken auth_port 35357
- openstack-config --set $c keystone_authtoken auth_protocol http
- openstack-config --set $c keystone_authtoken auth_uri $SERVICE_ENDPOINT
- openstack-config --set $c keystone_authtoken admin_tenant_name service
+ /etc/neutron/neutron.conf /etc/cinder/cinder.conf \
+ /etc/heat/heat.conf /etc/nova/nova.conf ; do
+ crudini --set $c keystone_authtoken auth_host $IP
+ crudini --set $c keystone_authtoken auth_port 35357
+ crudini --set $c keystone_authtoken auth_protocol http
+ crudini --set $c keystone_authtoken auth_uri $KEYSTONE_PUBLIC_ENDPOINT
+ crudini --set $c keystone_authtoken admin_tenant_name service
+ crudini --set $c keystone_authtoken admin_user '%SERVICE_USER%'
+ crudini --set $c keystone_authtoken admin_password '%SERVICE_PASSWORD%'
done
#-----------------------------------------
## setup glance configuration
#-----------------------------------------
+sed -i "s%sql_connection =.*%sql_connection = $DB://glance:$mpw@$IP/glance%"
/etc/glance/glance-registry.conf /etc/glance/glance-api.conf # db_sync is
broken for postgresql
+#sed -i 's%sql_connection =.*%sql_connection =
sqlite:////var/lib/glance/glance.sqlite%' /etc/glance/glance-registry.conf
+run_as $GLANCE_SYSTEM_USER "glance-manage db_sync"
+
+#-----------------------------------------
+## setup nova configuration
+#-----------------------------------------
+
# replace default IP in all configuration files
-openstack-config --set /etc/nova/nova.conf DEFAULT sql_connection
"$DB://nova:$mpw@$IP/nova"
-openstack-config --set /etc/nova/nova.conf DEFAULT glance_api_servers
"$IP:9292"
-openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url
"http://$IP:6080/vnc_auto.html";
+crudini --set /etc/nova/nova.conf DEFAULT sql_connection
"$DB://nova:$mpw@$IP/nova"
+crudini --set /etc/nova/nova.conf DEFAULT glance_api_servers "$IP:9292"
+crudini --set /etc/nova/nova.conf DEFAULT novncproxy_base_url
"http://$IP:6080/vnc_auto.html";
# TODO: neutron security group is broken for network shared beetwen
# multiple tenants https://bugs.launchpad.net/neutron/+bug/1171997
# we revert to nova one
-openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api nova
-openstack-config --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
SECURITYGROUP firewall_driver neutron.agent.firewall.NoopFirewallDriver
-# TODO: this needs to be set as a default in openstack-nova package
-#openstack-config --set /etc/nova/nova.conf DEFAULT service_neutron true
+crudini --set /etc/nova/nova.conf DEFAULT security_group_api nova
+crudini --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True
extensions_path=$(ls -d /usr/lib*/python*/site-packages/extensions 2>
/dev/null | head -n 1)
if [ -n "$extensions_path" ]; then
- openstack-config --set /etc/nova/nova.conf DEFAULT osapi_extensions_path
"$extensions_path"
+ crudini --set /etc/nova/nova.conf DEFAULT osapi_extensions_path
"$extensions_path"
fi
# configure cinder
-openstack-config --set /etc/cinder/cinder.conf DEFAULT sql_connection
"$DB://cinder:${mpw}@${IP}/cinder"
-
-# configure tgt for cinder
-if [ -f /etc/tgt/targets.conf ]; then
- grep -q "include /var/lib/cinder/volumes" /etc/tgt/targets.conf || {
- echo "include /var/lib/cinder/volumes/*" >> /etc/tgt/targets.conf
- rctgtd restart
- }
-fi
+crudini --set /etc/cinder/cinder.conf DEFAULT sql_connection
"$DB://cinder:${mpw}@${IP}/cinder"
for m in cinder heat nova glance neutron ; do
sed -i -e 's/%SERVICE_TENANT_NAME%/service/' \
@@ -324,42 +397,6 @@
/etc/$m/*.ini /etc/$m/$m*.conf
done
-if [ "$DB" = "postgresql" ] ; then
- DATADIR=/var/lib/pgsql/data
- if ! grep -q ::/0 $DATADIR/pg_hba.conf ; then
- sed -i "s/^\(host .*\) ident\(.*\)/\1 md5 \2/" "$DATADIR/pg_hba.conf"
- sed -i "s/^\(local \)/local horizon all md5 sameuser\n\1/"
"$DATADIR/pg_hba.conf"
- # allow remote connections:
- echo "listen_addresses = '*'" >> $DATADIR/postgresql.conf
- echo "host all all 0.0.0.0/0 md5 sameuser" >> $DATADIR/pg_hba.conf
- echo "host all all ::/0 md5 sameuser" >> $DATADIR/pg_hba.conf
- if ! rpm -q postgresql | grep -q postgresql-8 ; then
- sed -i 's/\s*sameuser$//' $DATADIR/pg_hba.conf # adapt config
syntax to postgresql-9
- fi
- fi
- sudo -u postgres dropdb keystone || true # needed for keystone_data.sh
- for DBNAME in nova cinder keystone glance horizon heat neutron ; do
- # use ALTER if CREATE fails: the role probably already exists
- # in that case
- sudo -u postgres psql -c "CREATE ROLE $DBNAME PASSWORD '$mpw' LOGIN;"
|| \
- sudo -u postgres psql -c "ALTER ROLE $DBNAME PASSWORD '$mpw' LOGIN;"
- sudo -u postgres createdb -O $DBNAME $DBNAME || true
- done
- sudo -u postgres createuser -s root || :
- start_and_enable_service postgresql
-else
- echo | mysql -u root || pwquery=-p
- for DBNAME in nova cinder keystone glance horizon neutron ; do
- echo "
- set global character_set_server=latin1;
- set session character_set_server=latin1;
- CREATE DATABASE IF NOT EXISTS $DBNAME;
- GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBNAME'@localhost IDENTIFIED BY
'$mpw';
- GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBNAME'@'%' IDENTIFIED BY
'$mpw';
- " | mysql -u root $pwquery
- done
-fi
-
run_as $CINDER_SYSTEM_USER "cinder-manage db sync"
run_as $NOVA_SYSTEM_USER "nova-manage db sync"
@@ -379,17 +416,6 @@
" | mysql -u root $pwquery
fi
-#run_as $NOVA_SYSTEM_USER "nova-manage network create 10.10.134.32/27 1 32"
-#migrated to neutron
-#run_as $NOVA_SYSTEM_USER "nova-manage network create
--fixed_range_v4=$testnet --label=testnet"
-
-
-# setup glance
-
-sed -i "s%sql_connection =.*%sql_connection = $DB://glance:$mpw@$IP/glance%"
/etc/glance/glance-registry.conf /etc/glance/glance-api.conf # db_sync is
broken for postgresql
-#sed -i 's%sql_connection =.*%sql_connection =
sqlite:////var/lib/glance/glance.sqlite%' /etc/glance/glance-registry.conf
-run_as $GLANCE_SYSTEM_USER "glance-manage db_sync"
-
# keystone demo setup, based on devstack.sh
sed -i -e 's/kvs/sql/' -e "s,^.*connection =.*,connection =
$DB://keystone:$mpw@$IP/keystone," /etc/keystone/keystone.conf
@@ -397,21 +423,21 @@
KEYSTONE_CATALOG=/etc/keystone/default_catalog.templates
sed -e "s,%SERVICE_HOST%,$SERVICE_HOST,g" -e "s/%S3_SERVICE_PORT%/8080/"
$KEYSTONE_CATALOG.sample > $KEYSTONE_CATALOG
-openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token
"$SERVICE_TOKEN"
+crudini --set /etc/keystone/keystone.conf DEFAULT admin_token "$SERVICE_TOKEN"
# Upgrade the database to the latest schema
run_as $KEYSTONE_SYSTEM_USER "keystone-manage
--config-file=/etc/keystone/keystone.conf db_sync"
/etc/init.d/openstack-keystone restart
-if [ -z $PREFIX ] ; then
- keystone_data=/usr/lib/devstack/keystone_data.sh
-else
- keystone_data=$PREFIX/scripts/keystone_data.sh
+keystone_data=/usr/lib/devstack/keystone_data.sh
+ENABLED_SERVICES="g-api,g-reg,key,n-api,n-cpu,n-net,n-vol,c-api,n-sch,n-novnc,n-xvnc,q-svc,heat,mysql,rabbit"
+if [ "x$with_horizon" = "xyes" ]; then
+ ENABLED_SERVICES+=",horizon"
fi
-ENABLED_SERVICES="g-api,g-reg,key,n-api,n-cpu,n-net,n-vol,c-api,n-sch,n-novnc,n-xvnc,q-svc,heat,horizon,swift,mysql,rabbit"
if [ "x$with_tempest" = "xyes" ]; then
ENABLED_SERVICES+=",tempest"
fi
+SERVICE_ENDPOINT=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TOKEN=$SERVICE_TOKEN
SERVICE_ENDPOINT=$SERVICE_ENDPOINT DEVSTACK_DIR=/root
ENABLED_SERVICES=$ENABLED_SERVICES bash $keystone_data
. /etc/bash.bashrc.local
@@ -426,37 +452,30 @@
stop_and_disable_service dnsmasq
fi
-# configure NTP, because we need synchronized time between nodes
-grep -q ntp.org /etc/ntp.conf || echo server pool.ntp.org >> /etc/ntp.conf
-
-# change libvirt to run qemu as user qemu
-sed -i -e 's;.*user.*=.*;user = "qemu";' /etc/libvirt/qemu.conf
-if [ -e /dev/kvm ]; then
- chown root:kvm /dev/kvm
- chmod 660 /dev/kvm
-fi
-
-#-----------------------------------------
-## setup heat configuration
-#-----------------------------------------
-
-openstack-config --set /etc/heat/heat.conf DEFAULT sql_connection
$DB://heat:$mpw@$IP/heat
-
#-----------------------------------------
## setup neutron configuration
#-----------------------------------------
-openstack-config --set /etc/neutron/neutron.conf database connection
$DB://neutron:$mpw@$IP/neutron
-openstack-config --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
DATABASE sql_connection $DB://neutron:$mpw@$IP/neutron
-openstack-config --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
LINUX_BRIDGE physical_interface_mappings root-bridge:vefq,physnet1:eth0
-openstack-config --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
VLANS network_vlan_ranges root-bridge,physnet1
+crudini --set /etc/neutron/neutron.conf database connection
$DB://neutron:$mpw@$IP/neutron
+crudini --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
SECURITYGROUP firewall_driver neutron.agent.firewall.NoopFirewallDriver
+crudini --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini DATABASE
sql_connection $DB://neutron:$mpw@$IP/neutron
+crudini --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
LINUX_BRIDGE physical_interface_mappings root-bridge:vefq,physnet1:eth0
+crudini --set /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini VLANS
network_vlan_ranges root-bridge,physnet1
# TODO: should be default openstack-neutron-l3-agent package
-openstack-config --set /etc/neutron/l3_agent.ini DEFAULT
external_network_bridge ""
+crudini --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge ""
### turnof namespace to allow connecting to VMs from demo admin node (simple
setup for demo purposes only)
-openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT use_namespaces False
+crudini --set /etc/neutron/dhcp_agent.ini DEFAULT use_namespaces False
### start neutron api
start_and_enable_service rabbitmq-server
-start_and_enable_service openstack-neutron
+
+# Start Keystone and Neutron
+for s in openstack-keystone \
+ openstack-neutron openstack-neutron-linuxbridge-agent
openstack-neutron-dhcp-agent \
+ openstack-neutron-l3-agent openstack-neutron-metadata-agent
+do
+ start_and_enable_service $s
+done
+
### wait until neutron will start
cnt=0
while : ; do
@@ -480,6 +499,8 @@
neutron router-interface-add main fixed
## floating/external
neutron net-create ext --tenant-id $SERVICE_TENANT_ID --provider:network_type
local --router:external True
+ext_network_id=$(neutron net-list | grep ' ext ' | cut -d' ' -f2)
+ext_router_id=$(neutron router-list | grep $ext_network_id | cut -d' ' -f2)
neutron subnet-create --name ext --disable-dhcp --tenant-id $SERVICE_TENANT_ID
ext $floatingnet
neutron router-gateway-set main ext
# create four floatingip pools
@@ -496,17 +517,30 @@
## end neutron setup configuration
#---------------------------------------
-# start services
-for s in ntp libvirtd $DB iscsitarget open-iscsi tgtd memcached apache2
openstack-nova-api openstack-nova-conductor openstack-nova-scheduler
openstack-nova-compute openstack-nova-vncproxy openstack-glance-api
openstack-glance-registry openstack-keystone openstack-nova-consoleauth
openstack-novncproxy openstack-neutron-linuxbridge-agent
openstack-neutron-dhcp-agent openstack-neutron-l3-agent
openstack-neutron-metadata-agent
+# Start glance and nova
+for s in openstack-glance-api openstack-glance-registry \
+ openstack-nova-api openstack-nova-conductor openstack-nova-scheduler
openstack-nova-compute openstack-novncproxy \
+ openstack-nova-consoleauth
do
start_and_enable_service $s
done
-if [ -z $PREFIX ] ; then
- openstack_loopback_lvm=/usr/sbin/openstack-loopback-lvm
-else
- openstack_loopback_lvm=$PREFIX/scripts/openstack-loopback-lvm
-fi
+#-----------------------------------------
+## setup heat configuration
+#-----------------------------------------
+
+crudini --set /etc/heat/heat.conf DEFAULT sql_connection
$DB://heat:$mpw@$IP/heat
+
+for s in openstack-heat-engine openstack-heat-api-cfn openstack-heat-api; do
+ start_and_enable_service $s
+done
+
+#-----------------------------------------
+## setup loopback LVM configuration
+#-----------------------------------------
+
+
+openstack_loopback_lvm=/usr/sbin/openstack-loopback-lvm
$openstack_loopback_lvm
if [ "$?" -ne "0" ]; then
# setup failed, so do not use
@@ -515,29 +549,34 @@
done
else
grep -q openstack-loopback-lvm /etc/init.d/boot.local || echo
$openstack_loopback_lvm >> /etc/init.d/boot.local
- start_and_enable_service openstack-cinder-api
- start_and_enable_service openstack-cinder-scheduler
start_and_enable_service openstack-cinder-volume
+ start_and_enable_service openstack-cinder-scheduler
+ start_and_enable_service openstack-cinder-api
fi
-for user in demo admin ; do
- setcreds $user $pw
- nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 # to allow ping
- nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 # to allow only SSH or
do
- nova secgroup-add-rule default tcp 1 65535 0.0.0.0/0 # to allow all TCP
- nova secgroup-add-rule default udp 1 65535 0.0.0.0/0 # and all UDP
- nova secgroup-list-rules default # lists the rules
-done
+setcreds admin $pw
+nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 # to allow ping
+nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 # to allow only SSH or do
+nova secgroup-add-rule default tcp 1 65535 0.0.0.0/0 # to allow all TCP
+nova secgroup-add-rule default udp 1 65535 0.0.0.0/0 # and all UDP
+nova secgroup-list-rules default # lists the rules
#-----------------------------------------
# setup tempest configuration
#-----------------------------------------
-if [ "x$with_tempest" = "xyes" ]; then
- openstack-config --set /etc/tempest/tempest.conf identity uri
$SERVICE_ENDPOINT
- openstack-config --set /etc/tempest/tempest.conf identity admin_username
admin
- openstack-config --set /etc/tempest/tempest.conf identity admin_password
$pw
- openstack-config --set /etc/tempest/tempest.conf identity alt_password $pw
- openstack-config --set /etc/tempest/tempest.conf identity password $pw
+if [ "x$with_tempest" = "xyes" -a -e /etc/tempest/tempest.conf ]; then
+ crudini --set /etc/tempest/tempest.conf identity uri
$KEYSTONE_PUBLIC_ENDPOINT
+ crudini --set /etc/tempest/tempest.conf identity uri_v3
$KEYSTONE_PUBLIC_ENDPOINT_V3
+ crudini --set /etc/tempest/tempest.conf identity admin_username admin
+ crudini --set /etc/tempest/tempest.conf identity admin_password $pw
+ crudini --set /etc/tempest/tempest.conf identity alt_password $pw
+ crudini --set /etc/tempest/tempest.conf identity password $pw
+ crudini --set /etc/tempest/tempest.conf network public_network_id
$ext_network_id
+ crudini --set /etc/tempest/tempest.conf network public_router_id
$ext_router_id
+ crudini --set /etc/tempest/tempest.conf service_available neutron True
+ crudini --set /etc/tempest/tempest.conf service_available swift False
+ crudini --set /etc/tempest/tempest.conf stress max_instances 2
+ crudini --set /etc/tempest/tempest.conf service_available horizon
$with_horizon
fi
--
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
