Hello community, here is the log from the commit of package openstack-quickstart for openSUSE:Factory checked in at 2013-01-14 09:43:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openstack-quickstart (Old) and /work/SRC/openSUSE:Factory/.openstack-quickstart.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-quickstart", Maintainer is "cth...@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/openstack-quickstart/openstack-quickstart.changes 2012-12-19 11:18:46.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openstack-quickstart.new/openstack-quickstart.changes 2013-01-14 09:43:46.000000000 +0100 @@ -1,0 +2,28 @@ +Fri Jan 11 13:46:56 UTC 2013 - sasc...@suse.de + +- Update to latest git (7e19698): + + Add cinder-rootwrap line to /etc/sudoers + +------------------------------------------------------------------- +Fri Jan 11 13:22:08 UTC 2013 - sasc...@suse.de + +- Update to latest git (6cb26b5): + + Use individual cinder init scripts + +------------------------------------------------------------------- +Fri Jan 11 09:15:34 UTC 2013 - sasc...@suse.de + +- Switch to stable/folsom upstream branch +- Update to latest git (272d661): + + Use cinder instead of nova volume + + Postgresql fixes + +------------------------------------------------------------------- +Tue Jan 8 12:28:58 UTC 2013 - jenk...@suse.de + +- Update to latest git (8af2c28): + + adapt nova conf syntax + + updates for Folsom glance + + better cleanup + +------------------------------------------------------------------- Old: ---- openstack-quickstart-2012.2+git.1355147147.9fef994.tar.gz New: ---- openstack-quickstart-2012.2+git.1357911807.7e19698.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openstack-quickstart.spec ++++++ --- /var/tmp/diff_new_pack.9EItIB/_old 2013-01-14 09:43:47.000000000 +0100 +++ /var/tmp/diff_new_pack.9EItIB/_new 2013-01-14 09:43:47.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package openstack-quickstart # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,8 +18,8 @@ Name: openstack-quickstart -Version: 2012.2+git.1355147147.9fef994 -Release: 1 +Version: 2012.2+git.1357911807.7e19698 +Release: 0 License: MIT Summary: OpenStack Quickstart Url: http://en.opensuse.org/SDB:Cloud_OpenStack_Quickstart ++++++ _service ++++++ --- /var/tmp/diff_new_pack.9EItIB/_old 2013-01-14 09:43:47.000000000 +0100 +++ /var/tmp/diff_new_pack.9EItIB/_new 2013-01-14 09:43:47.000000000 +0100 @@ -3,12 +3,8 @@ <param name="url">git://github.com/SUSE-Cloud/openstack-quickstart.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="exclude">.gitreview</param> - <param name="version">git-stable</param> - <param name="versionformat">2012.2+git.%ct.%h</param> - - <!-- Comment this if you want the latest git master. --> - <param name="revision">master</param> + <param name="versionformat">@PARENT_TAG@+git.%ct.%h</param> + <param name="revision">stable/folsom</param> </service> <service name="recompress" mode="disabled"> ++++++ openstack-quickstart-2012.2+git.1355147147.9fef994.tar.gz -> openstack-quickstart-2012.2+git.1357911807.7e19698.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1355147147.9fef994/README.md new/openstack-quickstart-2012.2+git.1357911807.7e19698/README.md --- old/openstack-quickstart-2012.2+git.1355147147.9fef994/README.md 2012-12-10 17:54:37.000000000 +0100 +++ new/openstack-quickstart-2012.2+git.1357911807.7e19698/README.md 2013-01-11 14:46:53.000000000 +0100 @@ -1,4 +1,14 @@ openstack-quickstart ==================== -Scripts and configs to easily generate an OpenStack demo setup \ No newline at end of file +Scripts and configs to easily generate an OpenStack demo setup. You should not run these +on a production machine because they heavily modify your system, use a VM if in doubt. + +To deploy a single node cloud it is sufficient to run: + + /usr/sbin/openstack-quickstart-demosetup + +Additionally, you can deploy further compute nodes by invoking (on a different machine / VM): + + /usr/sbin/openstack-quickstart-extranodesetup + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/keystone_data.sh new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/keystone_data.sh --- old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/keystone_data.sh 2012-12-10 17:54:37.000000000 +0100 +++ new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/keystone_data.sh 2013-01-11 14:46:53.000000000 +0100 @@ -9,16 +9,25 @@ # service nova admin, [ResellerAdmin (swift only)] # service quantum admin # if enabled # service swift admin # if enabled +# service cinder admin # if enabled +# service heat admin # if enabled # demo admin admin # demo demo Member, anotherrole # invisible_to_admin demo Member +# Tempest Only: +# alt_demo alt_demo Member # # Variables set before calling this script: # SERVICE_TOKEN - aka admin_token in keystone.conf # SERVICE_ENDPOINT - local Keystone admin endpoint # SERVICE_TENANT_NAME - name of tenant containing service accounts +# SERVICE_HOST - host used for endpoint creation # ENABLED_SERVICES - stack.sh's list of services to start # DEVSTACK_DIR - Top-level DevStack directory +# KEYSTONE_CATALOG_BACKEND - used to determine service catalog creation + +# Defaults +# -------- ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete} SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD} @@ -27,10 +36,13 @@ SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service} function get_id () { - echo `$@ | awk '/ id / { print $4 }'` + echo `"$@" | awk '/ id / { print $4 }'` } + # Tenants +# ------- + ADMIN_TENANT=$(get_id keystone tenant-create --name=admin) SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME) DEMO_TENANT=$(get_id keystone tenant-create --name=demo) @@ -38,6 +50,8 @@ # Users +# ----- + ADMIN_USER=$(get_id keystone user-create --name=admin \ --pass="$ADMIN_PASSWORD" \ --email=ad...@example.com) @@ -47,6 +61,8 @@ # Roles +# ----- + ADMIN_ROLE=$(get_id keystone role-create --name=admin) KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin) KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin) @@ -71,48 +87,237 @@ keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $INVIS_TENANT -# Configure service users/roles -NOVA_USER=$(get_id keystone user-create --name=nova \ - --pass="$SERVICE_PASSWORD" \ - --tenant_id $SERVICE_TENANT \ - --email=n...@example.com) -keystone user-role-add --tenant_id $SERVICE_TENANT \ - --user_id $NOVA_USER \ - --role_id $ADMIN_ROLE - -GLANCE_USER=$(get_id keystone user-create --name=glance \ - --pass="$SERVICE_PASSWORD" \ - --tenant_id $SERVICE_TENANT \ - --email=gla...@example.com) -keystone user-role-add --tenant_id $SERVICE_TENANT \ - --user_id $GLANCE_USER \ - --role_id $ADMIN_ROLE +# Services +# -------- -if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then - SWIFT_USER=$(get_id keystone user-create --name=swift \ - --pass="$SERVICE_PASSWORD" \ - --tenant_id $SERVICE_TENANT \ - --email=sw...@example.com) - keystone user-role-add --tenant_id $SERVICE_TENANT \ - --user_id $SWIFT_USER \ - --role_id $ADMIN_ROLE +# Keystone +if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + KEYSTONE_SERVICE=$(get_id keystone service-create \ + --name=keystone \ + --type=identity \ + --description="Keystone Identity Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $KEYSTONE_SERVICE \ + --publicurl "http://$SERVICE_HOST:\$(public_port)s/v2.0" \ + --adminurl "http://$SERVICE_HOST:\$(admin_port)s/v2.0" \ + --internalurl "http://$SERVICE_HOST:\$(public_port)s/v2.0" +fi + +# Nova +if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then + NOVA_USER=$(get_id keystone user-create \ + --name=nova \ + --pass="$SERVICE_PASSWORD" \ + --tenant_id $SERVICE_TENANT \ + --email=n...@example.com) + keystone user-role-add \ + --tenant_id $SERVICE_TENANT \ + --user_id $NOVA_USER \ + --role_id $ADMIN_ROLE + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + NOVA_SERVICE=$(get_id keystone service-create \ + --name=nova \ + --type=compute \ + --description="Nova Compute Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $NOVA_SERVICE \ + --publicurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \ + --adminurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" \ + --internalurl "http://$SERVICE_HOST:\$(compute_port)s/v2/\$(tenant_id)s" + fi # Nova needs ResellerAdmin role to download images when accessing # swift through the s3 api. The admin role in swift allows a user # to act as an admin for their tenant, but ResellerAdmin is needed # for a user to act as any tenant. The name of this role is also # configurable in swift-proxy.conf RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin) + keystone user-role-add \ + --tenant_id $SERVICE_TENANT \ + --user_id $NOVA_USER \ + --role_id $RESELLER_ROLE +fi + +# Volume +if [[ "$ENABLED_SERVICES" =~ "n-vol" ]]; then + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + VOLUME_SERVICE=$(get_id keystone service-create \ + --name=volume \ + --type=volume \ + --description="Volume Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $VOLUME_SERVICE \ + --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \ + --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \ + --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" + fi +fi + +# Heat +if [[ "$ENABLED_SERVICES" =~ "heat" ]]; then + HEAT_USER=$(get_id keystone user-create --name=heat \ + --pass="$SERVICE_PASSWORD" \ + --tenant_id $SERVICE_TENANT \ + --email=h...@example.com) keystone user-role-add --tenant_id $SERVICE_TENANT \ - --user_id $NOVA_USER \ - --role_id $RESELLER_ROLE + --user_id $HEAT_USER \ + --role_id $ADMIN_ROLE + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + HEAT_CFN_SERVICE=$(get_id keystone service-create \ + --name=heat \ + --type=orchestration \ + --description="Heat Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $HEAT_CFN_SERVICE \ + --publicurl "http://$SERVICE_HOST:$HEAT_API_CFN_PORT/v1" \ + --adminurl "http://$SERVICE_HOST:$HEAT_API_CFN_PORT/v1" \ + --internalurl "http://$SERVICE_HOST:$HEAT_API_CFN_PORT/v1" + fi fi -if [[ "$ENABLED_SERVICES" =~ "quantum" ]]; then - QUANTUM_USER=$(get_id keystone user-create --name=quantum \ - --pass="$SERVICE_PASSWORD" \ - --tenant_id $SERVICE_TENANT \ - --email=quan...@example.com) +# Glance +if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then + GLANCE_USER=$(get_id keystone user-create \ + --name=glance \ + --pass="$SERVICE_PASSWORD" \ + --tenant_id $SERVICE_TENANT \ + --email=gla...@example.com) + keystone user-role-add \ + --tenant_id $SERVICE_TENANT \ + --user_id $GLANCE_USER \ + --role_id $ADMIN_ROLE + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + GLANCE_SERVICE=$(get_id keystone service-create \ + --name=glance \ + --type=image \ + --description="Glance Image Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $GLANCE_SERVICE \ + --publicurl "http://$SERVICE_HOST:9292" \ + --adminurl "http://$SERVICE_HOST:9292" \ + --internalurl "http://$SERVICE_HOST:9292" + fi +fi + +# Swift +if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then + SWIFT_USER=$(get_id keystone user-create \ + --name=swift \ + --pass="$SERVICE_PASSWORD" \ + --tenant_id $SERVICE_TENANT \ + --email=sw...@example.com) + keystone user-role-add \ + --tenant_id $SERVICE_TENANT \ + --user_id $SWIFT_USER \ + --role_id $ADMIN_ROLE + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + SWIFT_SERVICE=$(get_id keystone service-create \ + --name=swift \ + --type="object-store" \ + --description="Swift Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $SWIFT_SERVICE \ + --publicurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \ + --adminurl "http://$SERVICE_HOST:8080" \ + --internalurl "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" + fi +fi + +if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then + QUANTUM_USER=$(get_id keystone user-create \ + --name=quantum \ + --pass="$SERVICE_PASSWORD" \ + --tenant_id $SERVICE_TENANT \ + --email=quan...@example.com) + keystone user-role-add \ + --tenant_id $SERVICE_TENANT \ + --user_id $QUANTUM_USER \ + --role_id $ADMIN_ROLE + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + QUANTUM_SERVICE=$(get_id keystone service-create \ + --name=quantum \ + --type=network \ + --description="Quantum Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $QUANTUM_SERVICE \ + --publicurl "http://$SERVICE_HOST:9696/" \ + --adminurl "http://$SERVICE_HOST:9696/" \ + --internalurl "http://$SERVICE_HOST:9696/" + fi +fi + +# EC2 +if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + EC2_SERVICE=$(get_id keystone service-create \ + --name=ec2 \ + --type=ec2 \ + --description="EC2 Compatibility Layer") + keystone endpoint-create \ + --region RegionOne \ + --service_id $EC2_SERVICE \ + --publicurl "http://$SERVICE_HOST:8773/services/Cloud" \ + --adminurl "http://$SERVICE_HOST:8773/services/Admin" \ + --internalurl "http://$SERVICE_HOST:8773/services/Cloud" + fi +fi + +# S3 +if [[ "$ENABLED_SERVICES" =~ "n-obj" || "$ENABLED_SERVICES" =~ "swift" ]]; then + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + S3_SERVICE=$(get_id keystone service-create \ + --name=s3 \ + --type=s3 \ + --description="S3") + keystone endpoint-create \ + --region RegionOne \ + --service_id $S3_SERVICE \ + --publicurl "http://$SERVICE_HOST:$S3_SERVICE_PORT" \ + --adminurl "http://$SERVICE_HOST:$S3_SERVICE_PORT" \ + --internalurl "http://$SERVICE_HOST:$S3_SERVICE_PORT" + fi +fi + +if [[ "$ENABLED_SERVICES" =~ "tempest" ]]; then + # Tempest has some tests that validate various authorization checks + # between two regular users in separate tenants + ALT_DEMO_TENANT=$(get_id keystone tenant-create \ + --name=alt_demo) + ALT_DEMO_USER=$(get_id keystone user-create \ + --name=alt_demo \ + --pass="$ADMIN_PASSWORD" \ + --email=alt_d...@example.com) + keystone user-role-add \ + --tenant_id $ALT_DEMO_TENANT \ + --user_id $ALT_DEMO_USER \ + --role_id $MEMBER_ROLE +fi + +if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then + CINDER_USER=$(get_id keystone user-create --name=cinder \ + --pass="$SERVICE_PASSWORD" \ + --tenant_id $SERVICE_TENANT \ + --email=cin...@example.com) keystone user-role-add --tenant_id $SERVICE_TENANT \ - --user_id $QUANTUM_USER \ + --user_id $CINDER_USER \ --role_id $ADMIN_ROLE + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + CINDER_SERVICE=$(get_id keystone service-create \ + --name=cinder \ + --type=volume \ + --description="Cinder Service") + keystone endpoint-create \ + --region RegionOne \ + --service_id $CINDER_SERVICE \ + --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \ + --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \ + --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" + fi fi + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-loopback-lvm new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-loopback-lvm --- old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-loopback-lvm 2012-12-10 17:54:37.000000000 +0100 +++ new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-loopback-lvm 2013-01-11 14:46:53.000000000 +0100 @@ -4,15 +4,15 @@ loop=/dev/loop0 modprobe loop -if vgscan |grep -q nova-volumes ; then - echo "using existing nova-volumes VG" - vgchange -ay nova-volumes +if vgscan |grep -q cinder-volumes ; then + echo "using existing cinder-volumes VG" + vgchange -ay cinder-volumes exit 0 fi # stop/cleanup -#vgremove nova-volumes -vgchange -an nova-volumes +#vgremove cinder-volumes +vgchange -an cinder-volumes #losetup -d $loop @@ -29,6 +29,6 @@ fi losetup $loop $f pvcreate $loop -vgcreate nova-volumes $loop +vgcreate cinder-volumes $loop -vgchange -ay nova-volumes +vgchange -ay cinder-volumes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-quickstart-democleanup new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-quickstart-democleanup --- old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-quickstart-democleanup 2012-12-10 17:54:37.000000000 +0100 +++ new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-quickstart-democleanup 2013-01-11 14:46:53.000000000 +0100 @@ -8,6 +8,7 @@ for i in /etc/init.d/{openstack-*,rabbitmq-server,memcached,libvirtd} ; do $i stop + insserv -r $i done killall dnsmasq killall postmaster @@ -31,3 +32,5 @@ rm -f /var/lib/nova/*/* /etc/init.d/postgresql stop +vgchange -an cinder-volumes +losetup -d /dev/loop0 && rm -f /var/lib/nova/volumes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-quickstart-demosetup new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-quickstart-demosetup --- old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-quickstart-demosetup 2012-12-10 17:54:37.000000000 +0100 +++ new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-quickstart-demosetup 2013-01-11 14:46:53.000000000 +0100 @@ -17,8 +17,15 @@ echo "Setting up OpenStack demo controller..." +function install_packages () { + test $# -gt 0 || return + rpm -q $* > /dev/null || zypper -n in $* +} + +install_packages patterns-OpenStack-controller patterns-OpenStack-compute-node + if [ "$DB" = "postgresql" ] ; then - zypper -n in postgresql-server python-psycopg2 + install_packages postgresql-server python-psycopg2 /etc/init.d/postgresql restart else # start mysql @@ -30,8 +37,8 @@ # use lxc or qemu, if kvm is unavailable if rpm -q openstack-nova-compute >/dev/null ; then if [ "$MODE" = lxc ] ; then - sed -i -e 's/\(--libvirt_type\).*/\1=lxc/' /etc/nova/nova.conf - zypper -n install lxc + sed -i -e 's/\(libvirt_type\).*/\1=lxc/' /etc/nova/nova.conf + install_packages lxc echo mount -t cgroup none /cgroup >> /etc/init.d/boot.local mkdir /cgroup mount -t cgroup none /cgroup @@ -91,18 +98,6 @@ DocumentRoot /var/lib/openstack-dashboard/ - Alias /static/horizon /var/lib/openstack-dashboard/horizon/static/horizon - <Directory /var/lib/openstack-dashboard/horizon/static/> - Order allow,deny - Allow from all - </Directory> - - Alias /static /var/lib/openstack-dashboard/openstack_dashboard/static - <Directory /var/lib/openstack-dashboard/openstack_dashboard/static/> - Order allow,deny - Allow from all - </Directory> - WSGIScriptAlias / /var/lib/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi <Directory /var/lib/openstack-dashboard/openstack_dashboard/wsgi/> Order allow,deny @@ -138,7 +133,11 @@ EODASHDB fi -sed -i -e "s/^USE_SSL =.*/USE_SSL = True/" $DASHBOARD_LOCAL_SET +if grep -q "^USE_SSL =" $DASHBOARD_LOCAL_SET; then + sed -i -e "s/^USE_SSL =.*/USE_SSL = True/" $DASHBOARD_LOCAL_SET +else + echo "USE_SSL = True" >> $DASHBOARD_LOCAL_SET +fi # Use 'secure' session and CSRF cookies (bnc#753582): cat >> $DASHBOARD_LOCAL_SET <<EOSEC # Use 'secure' cookies when we use SSL, see https://docs.djangoproject.com/en/1.4/topics/security/: @@ -149,25 +148,25 @@ sed -i -e "s;127.0.0.1;$IP;" /etc/nova/api-paste.ini /etc/glance/glance-api.conf /etc/glance/glance-registry.conf # configure nova -perl -i.bak -pe "s,--sql_connection=\w+://\w+:[^\@:]*,--sql_connection=$DB://nova:$mpw,; s/<IP>/$IP/g; s/(--network_manager).*/\$1=nova.network.manager.FlatDHCPManager/;" /etc/nova/nova.conf -echo "--flat_network_bridge=$br" >> /etc/nova/nova.conf -echo "--bridge_interface=$br" >> /etc/nova/nova.conf -echo '--allow_admin_api' >> /etc/nova/nova.conf -echo '--connection_type=libvirt' >> /etc/nova/nova.conf -echo '--image_service=nova.image.glance.GlanceImageService' >> /etc/nova/nova.conf -echo "--glance_api_servers=$IP:9292" >> /etc/nova/nova.conf -echo "--auth_strategy=keystone" >> /etc/nova/nova.conf -echo "--novncproxy_base_url=http://$IP:6080/vnc_auto.html" >> /etc/nova/nova.conf +perl -i.bak -pe "s,sql_connection=\w+://\w+:[^\@:]*,sql_connection=$DB://nova:$mpw,; s/<IP>/$IP/g; s/(network_manager).*/\$1=nova.network.manager.FlatDHCPManager/;" /etc/nova/nova.conf +echo "flat_network_bridge=$br" >> /etc/nova/nova.conf +echo "bridge_interface=$br" >> /etc/nova/nova.conf +echo 'connection_type=libvirt' >> /etc/nova/nova.conf +echo 'image_service=nova.image.glance.GlanceImageService' >> /etc/nova/nova.conf +echo "glance_api_servers=$IP:9292" >> /etc/nova/nova.conf +echo "auth_strategy=keystone" >> /etc/nova/nova.conf +echo "novncproxy_base_url=http://$IP:6080/vnc_auto.html" >> /etc/nova/nova.conf extensions_path=`ls -d /usr/lib*/python*/site-packages/extensions 2> /dev/null | head -n 1` if [ -n "$extensions_path" ]; then - echo "--osapi_extensions_path=" >> /etc/nova/nova.conf + echo "osapi_extensions_path=" >> /etc/nova/nova.conf fi grep -q nova-rootwrap /etc/sudoers || echo "openstack-nova ALL=(ALL) NOPASSWD:/usr/bin/nova-rootwrap" >> /etc/sudoers +grep -q cinder-rootwrap /etc/sudoers || echo "openstack-cinder ALL=(ALL) NOPASSWD:/usr/bin/cinder-rootwrap" >> /etc/sudoers perl -i -pe "s/%SERVICE_TOKEN%/$SERVICE_TOKEN/;" /etc/nova/api-paste.ini # obsolete 2012-03-19? for m in nova glance ; do - sed -i -e 's/%SERVICE_TENANT_NAME%/service/' -e "s/%SERVICE_USER%/$m/" -e "s/%SERVICE_PASSWORD%/$SERVICE_TOKEN\nadmin_token = $SERVICE_TOKEN/" /etc/$m/*.ini + sed -i -e 's/%SERVICE_TENANT_NAME%/service/' -e "s/%SERVICE_USER%/$m/" -e "s/%SERVICE_PASSWORD%/$SERVICE_TOKEN\nadmin_token = $SERVICE_TOKEN/" /etc/$m/*.ini /etc/$m/*.conf done # replace pipelines to use keystone @@ -218,17 +217,27 @@ # sync dashboard DB "after" the database is created -cd /var/lib/openstack-dashboard && su -s /bin/bash -c "umask 0027; python -m 'manage' syncdb" wwwrun +cd /var/lib/openstack-dashboard && su -s /bin/bash -c "umask 0027; python -m 'manage' syncdb --noinput" wwwrun +cinder-manage db sync nova-manage db sync # optional - makes life better with little RAM -echo " -use nova; -update instance_types set memory_mb=3072 where name='m1.medium'; -update instance_types set memory_mb=4096 where name='m1.large'; -update instance_types set memory_mb=5120 where name='m1.xlarge'; -" | mysql -u root $pwquery +if [ "$DB" = "postgresql" ] ; then + echo " + update instance_types set memory_mb=3072 where name='m1.medium'; + update instance_types set memory_mb=4096 where name='m1.large'; + update instance_types set memory_mb=5120 where name='m1.xlarge'; + " | sudo -u postgres psql -d nova +else + echo " + use nova; + update instance_types set memory_mb=3072 where name='m1.medium'; + update instance_types set memory_mb=4096 where name='m1.large'; + update instance_types set memory_mb=5120 where name='m1.xlarge'; + " | mysql -u root $pwquery +fi + #nova-manage network create 10.10.134.32/27 1 32 nova-manage network create --fixed_range_v4=$testnet --label=testnet @@ -238,17 +247,18 @@ for f in api registry ; do grep paste_deploy /etc/glance/glance-$f.conf || echo -e "[paste_deploy]\nflavor = keystone" >> /etc/glance/glance-$f.conf done -sed -i "s%sql_connection =.*%sql_connection = $DB://glance:$mpw@$IP/glance%" /etc/glance/glance-registry.conf # db_sync is broken for postgresql +sed -i "s%sql_connection =.*%sql_connection = $DB://glance:$mpw@$IP/glance%" /etc/glance/glance-registry.conf /etc/glance/glance-api.conf # db_sync is broken for postgresql #sed -i 's%sql_connection =.*%sql_connection = sqlite:////var/lib/glance/glance.sqlite%' /etc/glance/glance-registry.conf glance-manage db_sync chown -R $GLANCE_SYSTEM_USER:$GLANCE_SYSTEM_GROUP /var/lib/glance /var/log/glance # keystone demo setup, based on devstack.sh -sed -i -e 's/kvs/sql/' -e "s,^connection =.*,connection = $DB://keystone:$mpw@$IP/keystone," /etc/keystone/keystone.conf +sed -i -e 's/kvs/sql/' -e "s,^.*connection =.*,connection = $DB://keystone:$mpw@$IP/keystone," /etc/keystone/keystone.conf #sed -i -e 's/kvs/sql/' -e 's,^connection =.*,connection =sqlite:////var/lib/keystone/keystone.sqlite,' /etc/keystone/keystone.conf rm -f /var/lib/keystone/keystone.sqlite # cleanup DB as devstack's script fails otherwise -sed -i -e "s/^admin_token .*/admin_token = $SERVICE_TOKEN/" /etc/keystone/keystone.conf +sed -i -e "s/^.*admin_token .*/admin_token = $SERVICE_TOKEN/" /etc/keystone/keystone.conf +sed -i -e "s/.*\(driver = keystone.catalog.backends.templated.TemplatedCatalog\)/\1/" /etc/keystone/keystone.conf KEYSTONE_CATALOG=/etc/keystone/default_catalog.templates sed -e "s,%SERVICE_HOST%,$SERVICE_HOST,g" -e "s/%S3_SERVICE_PORT%/8080/" $KEYSTONE_CATALOG.sample > $KEYSTONE_CATALOG @@ -327,7 +337,7 @@ sed -i -e 's;.*user.*=.*;user = "qemu";' /etc/libvirt/qemu.conf # start services -for s in ntp libvirtd mysql rabbitmq-server iscsitarget open-iscsi tgtd memcached apache2 openstack-nova-api openstack-nova-scheduler openstack-nova-network openstack-nova-compute openstack-nova-vncproxy openstack-glance-api openstack-glance-registry openstack-keystone openstack-nova-consoleauth openstack-novncproxy +for s in ntp libvirtd $DB rabbitmq-server iscsitarget open-iscsi tgtd memcached apache2 openstack-nova-api openstack-nova-scheduler openstack-nova-network openstack-nova-compute openstack-nova-vncproxy openstack-glance-api openstack-glance-registry openstack-keystone openstack-nova-consoleauth openstack-novncproxy do i=/etc/init.d/$s if [ -x $i ] ; then @@ -339,10 +349,15 @@ /usr/sbin/openstack-loopback-lvm if [ "$?" -ne "0" ]; then # setup failed, so do not use - insserv -r openstack-nova-volume + for s in api scheduler volume ; do + insserv -r openstack-cinder-$s + done else grep -q openstack-loopback-lvm /etc/init.d/boot.local || echo /usr/sbin/openstack-loopback-lvm >> /etc/init.d/boot.local - /etc/init.d/openstack-nova-volume restart + for s in api scheduler volume ; do + /etc/init.d/openstack-cinder-$s restart + insserv openstack-cinder-$s + done fi grep -q bash.openstackrc /etc/bash.bashrc.local ||\ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-quickstart-extranodesetup new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-quickstart-extranodesetup --- old/openstack-quickstart-2012.2+git.1355147147.9fef994/scripts/openstack-quickstart-extranodesetup 2012-12-10 17:54:37.000000000 +0100 +++ new/openstack-quickstart-2012.2+git.1357911807.7e19698/scripts/openstack-quickstart-extranodesetup 2013-01-11 14:46:53.000000000 +0100 @@ -1,10 +1,16 @@ #!/bin/bash -x -# assumes the openstack-compute-node pattern installed . /etc/openstackquickstartrc echo "Setting up OpenStack demo extra node..." +function install_packages () { + test $# -gt 0 || return + rpm -q $* > /dev/null || zypper -n in $* +} + +install_packages patterns-OpenStack-compute-node + # use lxc or qemu, if kvm is unavailable if rpm -q openstack-nova-compute >/dev/null && ! grep -q -e vmx -e svm /proc/cpuinfo ; then sed -i -e 's/\(--libvirt_type\).*/\1=lxc/' /etc/nova/nova.conf -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org