Merge "Adds trove-conductor service to trove."
diff --git a/HACKING.rst b/HACKING.rst
index dd665a2..5f33d77 100644
--- a/HACKING.rst
+++ b/HACKING.rst
@@ -38,7 +38,7 @@
A number of additional scripts can be found in the ``tools`` directory that may
be useful in supporting DevStack installations. Of particular note are ``info.sh``
-to collect and report information about the installed system, and ``instal_prereqs.sh``
+to collect and report information about the installed system, and ``install_prereqs.sh``
that handles installation of the prerequisite packages for DevStack. It is
suitable, for example, to pre-load a system for making a snapshot.
diff --git a/README.md b/README.md
index 99e9838..66e36b2 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@
# Start A Dev Cloud
-Installing in a dedicated disposable vm is safer than installing on your dev machine! To start a dev cloud:
+Installing in a dedicated disposable vm is safer than installing on your dev machine! Plus you can pick one of the supported Linux distros for your VM. To start a dev cloud run the following NOT AS ROOT (see below for more):
./stack.sh
@@ -57,6 +57,12 @@
# list instances using ec2 api
euca-describe-instances
+# DevStack Execution Environment
+
+DevStack runs rampant over the system it runs on, installing things and uninstalling other things. Running this on a system you care about is a recipe for disappointment, or worse. Alas, we're all in the virtualization business here, so run it in a VM. And take advantage of the snapshot capabilities of your hypervisor of choice to reduce testing cycle times. You might even save enough time to write one more feature before the next feature freeze...
+
+``stack.sh`` needs to have root access for a lot of tasks, but it also needs to have not-root permissions for most of its work and for all of the OpenStack services. So ``stack.sh`` specifically does not run if you are root. This is a recent change (Oct 2013) from the previous behaviour of automatically creating a ``stack`` user. Automatically creating a user account is not always the right response to running as root, so that bit is now an explicit step using ``tools/create-stack-user.sh``. Run that (as root!) if you do not want to just use your normal login here, which works perfectly fine.
+
# Customizing
You can override environment variables used in `stack.sh` by creating file name `localrc`. It is likely that you will need to do this to tweak your networking configuration should you need to access your cloud from a different host.
@@ -244,3 +250,42 @@
enable_service n-cell
Be aware that there are some features currently missing in cells, one notable one being security groups. The exercises have been patched to disable functionality not supported by cells.
+
+
+# Local Configuration
+
+Historically DevStack has used ``localrc`` to contain all local configuration and customizations. More and more of the configuration variables available for DevStack are passed-through to the individual project configuration files. The old mechanism for this required specific code for each file and did not scale well. This is handled now by a master local configuration file.
+
+# local.conf
+
+The new config file ``local.conf`` is an extended-INI format that introduces a new meta-section header that provides some additional information such as a phase name and destination config filename:
+
+ [[ <phase> | <filename> ]]
+
+where <phase> is one of a set of phase names defined by ``stack.sh`` and <filename> is the project config filename. The filename is eval'ed in the stack.sh context so all environment variables are available and may be used. Using the project config file variables in the header is strongly suggested (see example of NOVA_CONF below). If the path of the config file does not exist it is skipped.
+
+The defined phases are:
+
+* local - extracts ``localrc`` from ``local.conf`` before ``stackrc`` is sourced
+* post-config - runs after the layer 2 services are configured and before they are started
+* extra - runs after services are started and before any files in ``extra.d`` are executes
+
+The file is processed strictly in sequence; meta-sections may be specified more than once but if any settings are duplicated the last to appear in the file will be used.
+
+ [[post-config|$NOVA_CONF]]
+ [DEFAULT]
+ use_syslog = True
+
+ [osapi_v3]
+ enabled = False
+
+A specific meta-section ``local:localrc`` is used to provide a default localrc file. This allows all custom settings for DevStack to be contained in a single file. ``localrc`` is not overwritten if it exists to preserve compatability.
+
+ [[local|localrc]]
+ FIXED_RANGE=10.254.1.0/24
+ ADMIN_PASSWORD=speciale
+ LOGFILE=$DEST/logs/stack.sh.log
+
+Note that ``Q_PLUGIN_CONF_FILE`` is unique in that it is assumed to _NOT_ start with a ``/`` (slash) character. A slash will need to be added:
+
+ [[post-config|/$Q_PLUGIN_CONF_FILE]]
diff --git a/files/rpms-suse/general b/files/rpms-suse/general
index 355af88..98c2795 100644
--- a/files/rpms-suse/general
+++ b/files/rpms-suse/general
@@ -1,4 +1,5 @@
bridge-utils
+ca-certificates-mozilla
curl
euca2ools
git-core
@@ -10,7 +11,6 @@
python-cmd2 # dist:opensuse-12.3
python-pylint
python-unittest2
-python-virtualenv
screen
tar
tcpdump
diff --git a/functions b/functions
index 83826f9..9e99cb2 100644
--- a/functions
+++ b/functions
@@ -2,7 +2,7 @@
#
# The following variables are assumed to be defined by certain functions:
# ``ENABLED_SERVICES``
-# ``EROR_ON_CLONE``
+# ``ERROR_ON_CLONE``
# ``FILES``
# ``GLANCE_HOSTPORT``
# ``OFFLINE``
@@ -155,6 +155,22 @@
}
+# Prints line number and "message" in warning format
+# warn $LINENO "message"
+function warn() {
+ local exitcode=$?
+ errXTRACE=$(set +o | grep xtrace)
+ set +o xtrace
+ local msg="[WARNING] ${BASH_SOURCE[2]}:$1 $2"
+ echo $msg 1>&2;
+ if [[ -n ${SCREEN_LOGDIR} ]]; then
+ echo $msg >> "${SCREEN_LOGDIR}/error.log"
+ fi
+ $errXTRACE
+ return $exitcode
+}
+
+
# HTTP and HTTPS proxy servers are supported via the usual environment variables [1]
# ``http_proxy``, ``https_proxy`` and ``no_proxy``. They can be set in
# ``localrc`` or on the command line if necessary::
@@ -364,7 +380,7 @@
# GetOSVersion
GetOSVersion() {
# Figure out which vendor we are
- if [[ -n "`which sw_vers 2>/dev/null`" ]]; then
+ if [[ -x "`which sw_vers 2>/dev/null`" ]]; then
# OS/X
os_VENDOR=`sw_vers -productName`
os_RELEASE=`sw_vers -productVersion`
@@ -926,7 +942,7 @@
elif is_fedora; then
sudo yum remove -y "$@"
elif is_suse; then
- sudo rpm -e "$@"
+ sudo zypper rm "$@"
else
exit_distro_not_supported "uninstalling packages"
fi
@@ -1335,7 +1351,7 @@
vmdk_net_adapter="${props[2]}"
fi
- glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$IMAGE_NAME" --is-public=True --container-format bare --disk-format vmdk --property vmware-disktype="$vmdk_disktype" --property vmware_adaptertype="$vmdk_adapter_type" --property hw_vif_model="$vmdk_net_adapter" < "${IMAGE}"
+ glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$IMAGE_NAME" --is-public=True --container-format bare --disk-format vmdk --property vmware_disktype="$vmdk_disktype" --property vmware_adaptertype="$vmdk_adapter_type" --property hw_vif_model="$vmdk_net_adapter" < "${IMAGE}"
return
fi
@@ -1484,7 +1500,7 @@
function wait_for_service() {
local timeout=$1
local url=$2
- timeout $timeout sh -c "while ! http_proxy= https_proxy= curl -s $url >/dev/null; do sleep 1; done"
+ timeout $timeout sh -c "while ! curl --noproxy '*' -s $url >/dev/null; do sleep 1; done"
}
diff --git a/lib/cinder b/lib/cinder
index bec65ed..220488a 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -233,6 +233,7 @@
iniset $CINDER_CONF DEFAULT rootwrap_config "$CINDER_CONF_DIR/rootwrap.conf"
iniset $CINDER_CONF DEFAULT osapi_volume_extension cinder.api.contrib.standard_extensions
iniset $CINDER_CONF DEFAULT state_path $CINDER_STATE_PATH
+ iniset $CINDER_CONF DEFAULT lock_path $CINDER_STATE_PATH
iniset $CINDER_CONF DEFAULT periodic_interval $CINDER_PERIODIC_INTERVAL
if is_service_enabled ceilometer; then
@@ -496,6 +497,8 @@
# name, and would need to be adjusted too
exit_distro_not_supported "restarting tgt"
fi
+ # NOTE(gfidente): ensure tgtd is running in debug mode
+ sudo tgtadm --mode system --op update --name debug --value on
fi
screen_it c-api "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-api --config-file $CINDER_CONF"
diff --git a/lib/config b/lib/config
new file mode 100644
index 0000000..6f686e9
--- /dev/null
+++ b/lib/config
@@ -0,0 +1,130 @@
+# lib/config - Configuration file manipulation functions
+
+# These functions have no external dependencies and the following side-effects:
+#
+# CONFIG_AWK_CMD is defined, default is ``awk``
+
+# Meta-config files contain multiple INI-style configuration files
+# using a specific new section header to delimit them:
+#
+# [[group-name|file-name]]
+#
+# group-name refers to the group of configuration file changes to be processed
+# at a particular time. These are called phases in ``stack.sh`` but
+# group here as these functions are not DevStack-specific.
+#
+# file-name is the destination of the config file
+
+# Save trace setting
+C_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Allow the awk command to be overridden on legacy platforms
+CONFIG_AWK_CMD=${CONFIG_AWK_CMD:-awk}
+
+# Get the section for the specific group and config file
+# get_meta_section infile group configfile
+function get_meta_section() {
+ local file=$1
+ local matchgroup=$2
+ local configfile=$3
+
+ [[ -r $file ]] || return 0
+ [[ -z $configfile ]] && return 0
+
+ $CONFIG_AWK_CMD -v matchgroup=$matchgroup -v configfile=$configfile '
+ BEGIN { group = "" }
+ /^\[\[.+|.*\]\]/ {
+ if (group == "") {
+ gsub("[][]", "", $1);
+ split($1, a, "|");
+ if (a[1] == matchgroup && a[2] == configfile) {
+ group=a[1]
+ }
+ } else {
+ group=""
+ }
+ next
+ }
+ {
+ if (group != "")
+ print $0
+ }
+ ' $file
+}
+
+
+# Get a list of config files for a specific group
+# get_meta_section_files infile group
+function get_meta_section_files() {
+ local file=$1
+ local matchgroup=$2
+
+ [[ -r $file ]] || return 0
+
+ $CONFIG_AWK_CMD -v matchgroup=$matchgroup '
+ /^\[\[.+\|.*\]\]/ {
+ gsub("[][]", "", $1);
+ split($1, a, "|");
+ if (a[1] == matchgroup)
+ print a[2]
+ }
+ ' $file
+}
+
+
+# Merge the contents of a meta-config file into its destination config file
+# If configfile does not exist it will be created.
+# merge_config_file infile group configfile
+function merge_config_file() {
+ local file=$1
+ local matchgroup=$2
+ local configfile=$3
+
+ [[ -r $configfile ]] || touch $configfile
+
+ get_meta_section $file $matchgroup $configfile | \
+ $CONFIG_AWK_CMD -v configfile=$configfile '
+ BEGIN { section = "" }
+ /^\[.+\]/ {
+ gsub("[][]", "", $1);
+ section=$1
+ next
+ }
+ /^ *\#/ {
+ next
+ }
+ /^.+/ {
+ split($0, d, " *= *")
+ print "iniset " configfile " " section " " d[1] " \"" d[2] "\""
+ }
+ ' | while read a; do eval "$a"; done
+
+}
+
+
+# Merge all of the files specified by group
+# merge_config_group infile group [group ...]
+function merge_config_group() {
+ local localfile=$1; shift
+ local matchgroups=$@
+
+ [[ -r $localfile ]] || return 0
+
+ for group in $matchgroups; do
+ for configfile in $(get_meta_section_files $localfile $group); do
+ if [[ -d $(dirname $configfile) ]]; then
+ merge_config_file $localfile $group $configfile
+ fi
+ done
+ done
+}
+
+
+# Restore xtrace
+$C_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/database b/lib/database
index 442ed56..3c15609 100644
--- a/lib/database
+++ b/lib/database
@@ -64,7 +64,7 @@
# For backward-compatibility, read in the MYSQL_HOST/USER variables and use
# them as the default values for the DATABASE_HOST/USER variables.
- MYSQL_HOST=${MYSQL_HOST:-localhost}
+ MYSQL_HOST=${MYSQL_HOST:-127.0.0.1}
MYSQL_USER=${MYSQL_USER:-root}
DATABASE_HOST=${DATABASE_HOST:-${MYSQL_HOST}}
diff --git a/lib/glance b/lib/glance
index 7e69682..c6f11d0 100644
--- a/lib/glance
+++ b/lib/glance
@@ -193,7 +193,7 @@
screen_it g-reg "cd $GLANCE_DIR; $GLANCE_BIN_DIR/glance-registry --config-file=$GLANCE_CONF_DIR/glance-registry.conf"
screen_it g-api "cd $GLANCE_DIR; $GLANCE_BIN_DIR/glance-api --config-file=$GLANCE_CONF_DIR/glance-api.conf"
echo "Waiting for g-api ($GLANCE_HOSTPORT) to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= wget -q -O- http://$GLANCE_HOSTPORT; do sleep 1; done"; then
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- http://$GLANCE_HOSTPORT; do sleep 1; done"; then
die $LINENO "g-api did not start"
fi
}
diff --git a/lib/heat b/lib/heat
index ff9473e..8acadb4 100644
--- a/lib/heat
+++ b/lib/heat
@@ -86,7 +86,7 @@
iniset $HEAT_CONF DEFAULT use_syslog $SYSLOG
if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
# Add color to logging output
- setup_colorized_logging $HEAT_CONF DEFAULT
+ setup_colorized_logging $HEAT_CONF DEFAULT tenant user
fi
# keystone authtoken
diff --git a/lib/horizon b/lib/horizon
index 5973eb2..63caf3c 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -130,8 +130,10 @@
HORIZON_REQUIRE='Require all granted'
fi
sudo sed '/^Listen/s/^.*$/Listen 0.0.0.0:80/' -i /etc/httpd/conf/httpd.conf
+ elif is_suse; then
+ : # nothing to do
else
- exit_distro_not_supported "apache configuration"
+ exit_distro_not_supported "horizon apache configuration"
fi
# Remove old log files that could mess with how devstack detects whether Horizon
diff --git a/lib/ironic b/lib/ironic
index 072d2de..f3b4a72 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -194,7 +194,7 @@
function start_ironic_api() {
screen_it ir-api "cd $IRONIC_DIR; $IRONIC_BIN_DIR/ironic-api --config-file=$IRONIC_CONF_FILE"
echo "Waiting for ir-api ($IRONIC_HOSTPORT) to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= wget -q -O- http://$IRONIC_HOSTPORT; do sleep 1; done"; then
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- http://$IRONIC_HOSTPORT; do sleep 1; done"; then
die $LINENO "ir-api did not start"
fi
}
diff --git a/lib/keystone b/lib/keystone
index 699b94a..c93a436 100755
--- a/lib/keystone
+++ b/lib/keystone
@@ -372,7 +372,7 @@
fi
echo "Waiting for keystone to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= curl -s http://$SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! curl --noproxy '*' -s http://$SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
die $LINENO "keystone did not start"
fi
diff --git a/lib/neutron b/lib/neutron
index b1f96fc..778717d 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -419,7 +419,7 @@
# Start the Neutron service
screen_it q-svc "cd $NEUTRON_DIR && python $NEUTRON_BIN_DIR/neutron-server $CFG_FILE_OPTIONS"
echo "Waiting for Neutron to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= wget -q -O- http://$Q_HOST:$Q_PORT; do sleep 1; done"; then
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- http://$Q_HOST:$Q_PORT; do sleep 1; done"; then
die $LINENO "Neutron did not start"
fi
}
diff --git a/lib/neutron_plugins/midonet b/lib/neutron_plugins/midonet
index 0ad760b..193055f 100644
--- a/lib/neutron_plugins/midonet
+++ b/lib/neutron_plugins/midonet
@@ -12,7 +12,7 @@
}
function neutron_plugin_create_nova_conf() {
- NOVA_VIF_DRIVER=${NOVA_VIF_DRIVER:-"midonet.nova.virt.libvirt.vif.MidonetVifDriver"}
+ NOVA_VIF_DRIVER=${NOVA_VIF_DRIVER:-"nova.virt.libvirt.vif.LibvirtGenericVIFDriver"}
}
function neutron_plugin_install_agent_packages() {
diff --git a/lib/neutron_plugins/nicira b/lib/neutron_plugins/nicira
index e9deb64..082c846 100644
--- a/lib/neutron_plugins/nicira
+++ b/lib/neutron_plugins/nicira
@@ -119,6 +119,17 @@
if [[ "$NVP_REDIRECTS" != "" ]]; then
iniset /$Q_PLUGIN_CONF_FILE DEFAULT redirects $NVP_REDIRECTS
fi
+ if [[ "$AGENT_MODE" != "" ]]; then
+ iniset /$Q_PLUGIN_CONF_FILE nvp agent_mode $AGENT_MODE
+ if [[ "$AGENT_MODE" == "agentless" ]]; then
+ if [[ "$DEFAULT_SERVICE_CLUSTER_UUID" != "" ]]; then
+ iniset /$Q_PLUGIN_CONF_FILE DEFAULT default_service_cluster_uuid $DEFAULT_SERVICE_CLUSTER_UUID
+ else
+ die $LINENO "Agentless mode requires a service cluster."
+ fi
+ iniset /$Q_PLUGIN_CONF_FILE nvp_metadata metadata_server_address $Q_META_DATA_IP
+ fi
+ fi
}
function neutron_plugin_setup_interface_driver() {
diff --git a/lib/nova b/lib/nova
index e5c78d8..8deb3a0 100644
--- a/lib/nova
+++ b/lib/nova
@@ -71,31 +71,24 @@
NOVNC_DIR=$DEST/noVNC
SPICE_DIR=$DEST/spice-html5
+# Set default defaults here as some hypervisor drivers override these
+PUBLIC_INTERFACE_DEFAULT=br100
+GUEST_INTERFACE_DEFAULT=eth0
+FLAT_NETWORK_BRIDGE_DEFAULT=br100
+
+# Get hypervisor configuration
+# ----------------------------
+
+NOVA_PLUGINS=$TOP_DIR/lib/nova_plugins
+if is_service_enabled nova && [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
+ # Load plugin
+ source $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER
+fi
+
# Nova Network Configuration
# --------------------------
-# Set defaults according to the virt driver
-if [ "$VIRT_DRIVER" = 'xenserver' ]; then
- PUBLIC_INTERFACE_DEFAULT=eth2
- GUEST_INTERFACE_DEFAULT=eth1
- # Allow ``build_domU.sh`` to specify the flat network bridge via kernel args
- FLAT_NETWORK_BRIDGE_DEFAULT=$(sed -e 's/.* flat_network_bridge=\([[:alnum:]]*\).*$/\1/g' /proc/cmdline)
- if is_service_enabled neutron; then
- XEN_INTEGRATION_BRIDGE=$(sed -e 's/.* xen_integration_bridge=\([[:alnum:]]*\).*$/\1/g' /proc/cmdline)
- fi
-elif [ "$VIRT_DRIVER" = 'baremetal' ]; then
- NETWORK_MANAGER=${NETWORK_MANAGER:-FlatManager}
- PUBLIC_INTERFACE_DEFAULT=eth0
- FLAT_INTERFACE=${FLAT_INTERFACE:-eth0}
- FLAT_NETWORK_BRIDGE_DEFAULT=br100
- STUB_NETWORK=${STUB_NETWORK:-False}
-else
- PUBLIC_INTERFACE_DEFAULT=br100
- GUEST_INTERFACE_DEFAULT=eth0
- FLAT_NETWORK_BRIDGE_DEFAULT=br100
-fi
-
NETWORK_MANAGER=${NETWORK_MANAGER:-${NET_MAN:-FlatDHCPManager}}
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-$PUBLIC_INTERFACE_DEFAULT}
VLAN_INTERFACE=${VLAN_INTERFACE:-$GUEST_INTERFACE_DEFAULT}
@@ -282,83 +275,6 @@
fi
fi
- # Prepare directories and packages for baremetal driver
- if is_baremetal; then
- configure_baremetal_nova_dirs
- fi
-
- if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
- if is_service_enabled neutron && is_neutron_ovs_base_plugin && ! sudo grep -q '^cgroup_device_acl' $QEMU_CONF; then
- # Add /dev/net/tun to cgroup_device_acls, needed for type=ethernet interfaces
- cat <<EOF | sudo tee -a $QEMU_CONF
-cgroup_device_acl = [
- "/dev/null", "/dev/full", "/dev/zero",
- "/dev/random", "/dev/urandom",
- "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
- "/dev/rtc", "/dev/hpet","/dev/net/tun",
-]
-EOF
- fi
-
- if is_ubuntu; then
- LIBVIRT_DAEMON=libvirt-bin
- else
- LIBVIRT_DAEMON=libvirtd
- fi
-
- if is_fedora || is_suse; then
- if is_fedora && [[ $DISTRO =~ (rhel6) || "$os_RELEASE" -le "17" ]]; then
- sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
-[libvirt Management Access]
-Identity=unix-group:$LIBVIRT_GROUP
-Action=org.libvirt.unix.manage
-ResultAny=yes
-ResultInactive=yes
-ResultActive=yes
-EOF"
- elif is_suse && [[ $os_RELEASE = 12.2 || "$os_VENDOR" = "SUSE LINUX" ]]; then
- # openSUSE < 12.3 or SLE
- # Work around the fact that polkit-default-privs overrules pklas
- # with 'unix-group:$group'.
- sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
-[libvirt Management Access]
-Identity=unix-user:$USER
-Action=org.libvirt.unix.manage
-ResultAny=yes
-ResultInactive=yes
-ResultActive=yes
-EOF"
- else
- # Starting with fedora 18 and opensuse-12.3 enable stack-user to
- # virsh -c qemu:///system by creating a policy-kit rule for
- # stack-user using the new Javascript syntax
- rules_dir=/etc/polkit-1/rules.d
- sudo mkdir -p $rules_dir
- sudo bash -c "cat <<EOF > $rules_dir/50-libvirt-$STACK_USER.rules
-polkit.addRule(function(action, subject) {
- if (action.id == 'org.libvirt.unix.manage' &&
- subject.user == '"$STACK_USER"') {
- return polkit.Result.YES;
- }
-});
-EOF"
- unset rules_dir
- fi
- fi
-
- # The user that nova runs as needs to be member of **libvirtd** group otherwise
- # nova-compute will be unable to use libvirt.
- if ! getent group $LIBVIRT_GROUP >/dev/null; then
- sudo groupadd $LIBVIRT_GROUP
- fi
- add_user_to_group $STACK_USER $LIBVIRT_GROUP
-
- # libvirt detects various settings on startup, as we potentially changed
- # the system configuration (modules, filesystems), we need to restart
- # libvirt to detect those changes.
- restart_service $LIBVIRT_DAEMON
- fi
-
# Instance Storage
# ----------------
@@ -376,6 +292,14 @@
fi
fi
fi
+
+ # Rebuild the config file from scratch
+ create_nova_conf
+
+ if [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
+ # Configure hypervisor plugin
+ configure_nova_hypervisor
+ fi
}
# create_nova_accounts() - Set up common required nova accounts
@@ -455,14 +379,6 @@
iniset $NOVA_CONF DEFAULT ec2_workers "4"
iniset $NOVA_CONF DEFAULT metadata_workers "4"
iniset $NOVA_CONF DEFAULT sql_connection `database_connection_url nova`
- if is_baremetal; then
- iniset $NOVA_CONF baremetal sql_connection `database_connection_url nova_bm`
- fi
- if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
- iniset $NOVA_CONF DEFAULT libvirt_type "$LIBVIRT_TYPE"
- iniset $NOVA_CONF DEFAULT libvirt_cpu_mode "none"
- iniset $NOVA_CONF DEFAULT use_usb_tablet "False"
- fi
iniset $NOVA_CONF DEFAULT instance_name_template "${INSTANCE_NAME_PREFIX}%08x"
iniset $NOVA_CONF osapi_v3 enabled "True"
@@ -510,6 +426,7 @@
iniset $NOVA_CONF DEFAULT instance_usage_audit "True"
iniset $NOVA_CONF DEFAULT instance_usage_audit_period "hour"
iniset $NOVA_CONF DEFAULT notify_on_state_change "vm_and_task_state"
+ iniset $NOVA_CONF DEFAULT notification_driver "nova.openstack.common.notifier.rpc_notifier"
fi
# Provide some transition from ``EXTRA_FLAGS`` to ``EXTRA_OPTS``
@@ -534,16 +451,12 @@
SPICEHTML5PROXY_URL=${SPICEHTML5PROXY_URL:-"http://$SERVICE_HOST:6082/spice_auto.html"}
iniset $NOVA_CONF spice html5proxy_base_url "$SPICEHTML5PROXY_URL"
fi
- if [ "$VIRT_DRIVER" = 'xenserver' ]; then
- VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=169.254.0.1}
- else
- VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=127.0.0.1}
- fi
if is_service_enabled n-novnc || is_service_enabled n-xvnc; then
# Address on which instance vncservers will listen on compute hosts.
# For multi-host, this should be the management ip of the compute host.
VNCSERVER_LISTEN=${VNCSERVER_LISTEN=127.0.0.1}
+ VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=127.0.0.1}
iniset $NOVA_CONF DEFAULT vnc_enabled true
iniset $NOVA_CONF DEFAULT vncserver_listen "$VNCSERVER_LISTEN"
iniset $NOVA_CONF DEFAULT vncserver_proxyclient_address "$VNCSERVER_PROXYCLIENT_ADDRESS"
@@ -657,37 +570,8 @@
# install_nova() - Collect source and prepare
function install_nova() {
- if is_service_enabled n-cpu; then
- if [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
- install_nova_hypervisor
- elif [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
- if is_ubuntu; then
- install_package kvm
- install_package libvirt-bin
- install_package python-libvirt
- elif is_fedora || is_suse; then
- install_package kvm
- install_package libvirt
- install_package libvirt-python
- else
- exit_distro_not_supported "libvirt installation"
- fi
-
- # Install and configure **LXC** if specified. LXC is another approach to
- # splitting a system into many smaller parts. LXC uses cgroups and chroot
- # to simulate multiple systems.
- if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then
- if is_ubuntu; then
- if [[ "$DISTRO" > natty ]]; then
- install_package cgroup-lite
- fi
- else
- ### FIXME(dtroyer): figure this out
- echo "RPM-based cgroup not implemented yet"
- yum_install libcgroup-tools
- fi
- fi
- fi
+ if is_service_enabled n-cpu && [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
+ install_nova_hypervisor
fi
git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH
diff --git a/lib/nova_plugins/hypervisor-baremetal b/lib/nova_plugins/hypervisor-baremetal
new file mode 100644
index 0000000..4e7c173
--- /dev/null
+++ b/lib/nova_plugins/hypervisor-baremetal
@@ -0,0 +1,93 @@
+# lib/nova_plugins/hypervisor-baremetal
+# Configure the baremetal hypervisor
+
+# Enable with:
+# VIRT_DRIVER=baremetal
+
+# Dependencies:
+# ``functions`` file
+# ``nova`` configuration
+
+# install_nova_hypervisor - install any external requirements
+# configure_nova_hypervisor - make configuration changes, including those to other services
+# start_nova_hypervisor - start any external services
+# stop_nova_hypervisor - stop any external services
+# cleanup_nova_hypervisor - remove transient data and cache
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+
+NETWORK_MANAGER=${NETWORK_MANAGER:-FlatManager}
+PUBLIC_INTERFACE_DEFAULT=eth0
+FLAT_INTERFACE=${FLAT_INTERFACE:-eth0}
+FLAT_NETWORK_BRIDGE_DEFAULT=br100
+STUB_NETWORK=${STUB_NETWORK:-False}
+
+
+# Entry Points
+# ------------
+
+# clean_nova_hypervisor - Clean up an installation
+function cleanup_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# configure_nova_hypervisor - Set config files, create data dirs, etc
+function configure_nova_hypervisor() {
+ configure_baremetal_nova_dirs
+
+ iniset $NOVA_CONF baremetal sql_connection `database_connection_url nova_bm`
+ LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.firewall.NoopFirewallDriver"}
+ iniset $NOVA_CONF DEFAULT compute_driver nova.virt.baremetal.driver.BareMetalDriver
+ iniset $NOVA_CONF DEFAULT firewall_driver $LIBVIRT_FIREWALL_DRIVER
+ iniset $NOVA_CONF DEFAULT scheduler_host_manager nova.scheduler.baremetal_host_manager.BaremetalHostManager
+ iniset $NOVA_CONF DEFAULT ram_allocation_ratio 1.0
+ iniset $NOVA_CONF DEFAULT reserved_host_memory_mb 0
+ iniset $NOVA_CONF baremetal instance_type_extra_specs cpu_arch:$BM_CPU_ARCH
+ iniset $NOVA_CONF baremetal driver $BM_DRIVER
+ iniset $NOVA_CONF baremetal power_manager $BM_POWER_MANAGER
+ iniset $NOVA_CONF baremetal tftp_root /tftpboot
+ if [[ "$BM_DNSMASQ_FROM_NOVA_NETWORK" = "True" ]]; then
+ BM_DNSMASQ_CONF=$NOVA_CONF_DIR/dnsmasq-for-baremetal-from-nova-network.conf
+ sudo cp "$FILES/dnsmasq-for-baremetal-from-nova-network.conf" "$BM_DNSMASQ_CONF"
+ iniset $NOVA_CONF DEFAULT dnsmasq_config_file "$BM_DNSMASQ_CONF"
+ fi
+
+ # Define extra baremetal nova conf flags by defining the array ``EXTRA_BAREMETAL_OPTS``.
+ for I in "${EXTRA_BAREMETAL_OPTS[@]}"; do
+ # Attempt to convert flags to options
+ iniset $NOVA_CONF baremetal ${I/=/ }
+ done
+}
+
+# install_nova_hypervisor() - Install external components
+function install_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# start_nova_hypervisor - Start any required external services
+function start_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# stop_nova_hypervisor - Stop any external services
+function stop_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/nova_plugins/hypervisor-libvirt b/lib/nova_plugins/hypervisor-libvirt
new file mode 100644
index 0000000..caf0296
--- /dev/null
+++ b/lib/nova_plugins/hypervisor-libvirt
@@ -0,0 +1,165 @@
+# lib/nova_plugins/hypervisor-libvirt
+# Configure the libvirt hypervisor
+
+# Enable with:
+# VIRT_DRIVER=libvirt
+
+# Dependencies:
+# ``functions`` file
+# ``nova`` configuration
+
+# install_nova_hypervisor - install any external requirements
+# configure_nova_hypervisor - make configuration changes, including those to other services
+# start_nova_hypervisor - start any external services
+# stop_nova_hypervisor - stop any external services
+# cleanup_nova_hypervisor - remove transient data and cache
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+
+
+# Entry Points
+# ------------
+
+# clean_nova_hypervisor - Clean up an installation
+function cleanup_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# configure_nova_hypervisor - Set config files, create data dirs, etc
+function configure_nova_hypervisor() {
+ if is_service_enabled neutron && is_neutron_ovs_base_plugin && ! sudo grep -q '^cgroup_device_acl' $QEMU_CONF; then
+ # Add /dev/net/tun to cgroup_device_acls, needed for type=ethernet interfaces
+ cat <<EOF | sudo tee -a $QEMU_CONF
+cgroup_device_acl = [
+ "/dev/null", "/dev/full", "/dev/zero",
+ "/dev/random", "/dev/urandom",
+ "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
+ "/dev/rtc", "/dev/hpet","/dev/net/tun",
+]
+EOF
+ fi
+
+ if is_ubuntu; then
+ LIBVIRT_DAEMON=libvirt-bin
+ else
+ LIBVIRT_DAEMON=libvirtd
+ fi
+
+ if is_fedora || is_suse; then
+ if is_fedora && [[ $DISTRO =~ (rhel6) || "$os_RELEASE" -le "17" ]]; then
+ sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
+[libvirt Management Access]
+Identity=unix-group:$LIBVIRT_GROUP
+Action=org.libvirt.unix.manage
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes
+EOF"
+ elif is_suse && [[ $os_RELEASE = 12.2 || "$os_VENDOR" = "SUSE LINUX" ]]; then
+ # openSUSE < 12.3 or SLE
+ # Work around the fact that polkit-default-privs overrules pklas
+ # with 'unix-group:$group'.
+ sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
+[libvirt Management Access]
+Identity=unix-user:$USER
+Action=org.libvirt.unix.manage
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes
+EOF"
+ else
+ # Starting with fedora 18 and opensuse-12.3 enable stack-user to
+ # virsh -c qemu:///system by creating a policy-kit rule for
+ # stack-user using the new Javascript syntax
+ rules_dir=/etc/polkit-1/rules.d
+ sudo mkdir -p $rules_dir
+ sudo bash -c "cat <<EOF > $rules_dir/50-libvirt-$STACK_USER.rules
+polkit.addRule(function(action, subject) {
+ if (action.id == 'org.libvirt.unix.manage' &&
+ subject.user == '"$STACK_USER"') {
+ return polkit.Result.YES;
+ }
+});
+EOF"
+ unset rules_dir
+ fi
+ fi
+
+ # The user that nova runs as needs to be member of **libvirtd** group otherwise
+ # nova-compute will be unable to use libvirt.
+ if ! getent group $LIBVIRT_GROUP >/dev/null; then
+ sudo groupadd $LIBVIRT_GROUP
+ fi
+ add_user_to_group $STACK_USER $LIBVIRT_GROUP
+
+ # libvirt detects various settings on startup, as we potentially changed
+ # the system configuration (modules, filesystems), we need to restart
+ # libvirt to detect those changes.
+ restart_service $LIBVIRT_DAEMON
+
+ iniset $NOVA_CONF DEFAULT libvirt_type "$LIBVIRT_TYPE"
+ iniset $NOVA_CONF DEFAULT libvirt_cpu_mode "none"
+ iniset $NOVA_CONF DEFAULT use_usb_tablet "False"
+ iniset $NOVA_CONF DEFAULT compute_driver "libvirt.LibvirtDriver"
+ LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.libvirt.firewall.IptablesFirewallDriver"}
+ iniset $NOVA_CONF DEFAULT firewall_driver "$LIBVIRT_FIREWALL_DRIVER"
+ # Power architecture currently does not support graphical consoles.
+ if is_arch "ppc64"; then
+ iniset $NOVA_CONF DEFAULT vnc_enabled "false"
+ fi
+}
+
+# install_nova_hypervisor() - Install external components
+function install_nova_hypervisor() {
+ if is_ubuntu; then
+ install_package kvm
+ install_package libvirt-bin
+ install_package python-libvirt
+ elif is_fedora || is_suse; then
+ install_package kvm
+ install_package libvirt
+ install_package libvirt-python
+ fi
+
+ # Install and configure **LXC** if specified. LXC is another approach to
+ # splitting a system into many smaller parts. LXC uses cgroups and chroot
+ # to simulate multiple systems.
+ if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then
+ if is_ubuntu; then
+ if [[ "$DISTRO" > natty ]]; then
+ install_package cgroup-lite
+ fi
+ else
+ ### FIXME(dtroyer): figure this out
+ echo "RPM-based cgroup not implemented yet"
+ yum_install libcgroup-tools
+ fi
+ fi
+}
+
+# start_nova_hypervisor - Start any required external services
+function start_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# stop_nova_hypervisor - Stop any external services
+function stop_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/nova_plugins/hypervisor-openvz b/lib/nova_plugins/hypervisor-openvz
new file mode 100644
index 0000000..fc5ed0c
--- /dev/null
+++ b/lib/nova_plugins/hypervisor-openvz
@@ -0,0 +1,67 @@
+# lib/nova_plugins/hypervisor-openvz
+# Configure the openvz hypervisor
+
+# Enable with:
+# VIRT_DRIVER=openvz
+
+# Dependencies:
+# ``functions`` file
+# ``nova`` configuration
+
+# install_nova_hypervisor - install any external requirements
+# configure_nova_hypervisor - make configuration changes, including those to other services
+# start_nova_hypervisor - start any external services
+# stop_nova_hypervisor - stop any external services
+# cleanup_nova_hypervisor - remove transient data and cache
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+
+
+# Entry Points
+# ------------
+
+# clean_nova_hypervisor - Clean up an installation
+function cleanup_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# configure_nova_hypervisor - Set config files, create data dirs, etc
+function configure_nova_hypervisor() {
+ iniset $NOVA_CONF DEFAULT compute_driver "openvz.OpenVzDriver"
+ iniset $NOVA_CONF DEFAULT connection_type "openvz"
+ LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.libvirt.firewall.IptablesFirewallDriver"}
+ iniset $NOVA_CONF DEFAULT firewall_driver "$LIBVIRT_FIREWALL_DRIVER"
+}
+
+# install_nova_hypervisor() - Install external components
+function install_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# start_nova_hypervisor - Start any required external services
+function start_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# stop_nova_hypervisor - Stop any external services
+function stop_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/nova_plugins/hypervisor-powervm b/lib/nova_plugins/hypervisor-powervm
new file mode 100644
index 0000000..561dd9f
--- /dev/null
+++ b/lib/nova_plugins/hypervisor-powervm
@@ -0,0 +1,76 @@
+# lib/nova_plugins/hypervisor-powervm
+# Configure the PowerVM hypervisor
+
+# Enable with:
+# VIRT_DRIVER=powervm
+
+# Dependencies:
+# ``functions`` file
+# ``nova`` configuration
+
+# install_nova_hypervisor - install any external requirements
+# configure_nova_hypervisor - make configuration changes, including those to other services
+# start_nova_hypervisor - start any external services
+# stop_nova_hypervisor - stop any external services
+# cleanup_nova_hypervisor - remove transient data and cache
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+
+
+# Entry Points
+# ------------
+
+# clean_nova_hypervisor - Clean up an installation
+function cleanup_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# configure_nova_hypervisor - Set config files, create data dirs, etc
+function configure_nova_hypervisor() {
+ POWERVM_MGR_TYPE=${POWERVM_MGR_TYPE:-"ivm"}
+ POWERVM_MGR_HOST=${POWERVM_MGR_HOST:-"powervm.host"}
+ POWERVM_MGR_USER=${POWERVM_MGR_USER:-"padmin"}
+ POWERVM_MGR_PASSWD=${POWERVM_MGR_PASSWD:-"password"}
+ POWERVM_IMG_REMOTE_PATH=${POWERVM_IMG_REMOTE_PATH:-"/tmp"}
+ POWERVM_IMG_LOCAL_PATH=${POWERVM_IMG_LOCAL_PATH:-"/tmp"}
+ iniset $NOVA_CONF DEFAULT compute_driver nova.virt.powervm.PowerVMDriver
+ iniset $NOVA_CONF DEFAULT powervm_mgr_type $POWERVM_MGR_TYPE
+ iniset $NOVA_CONF DEFAULT powervm_mgr $POWERVM_MGR_HOST
+ iniset $NOVA_CONF DEFAULT powervm_mgr_user $POWERVM_MGR_USER
+ iniset $NOVA_CONF DEFAULT powervm_mgr_passwd $POWERVM_MGR_PASSWD
+ iniset $NOVA_CONF DEFAULT powervm_img_remote_path $POWERVM_IMG_REMOTE_PATH
+ iniset $NOVA_CONF DEFAULT powervm_img_local_path $POWERVM_IMG_LOCAL_PATH
+}
+
+# install_nova_hypervisor() - Install external components
+function install_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# start_nova_hypervisor - Start any required external services
+function start_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# stop_nova_hypervisor - Stop any external services
+function stop_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/nova_plugins/hypervisor-xenserver b/lib/nova_plugins/hypervisor-xenserver
new file mode 100644
index 0000000..f47994f
--- /dev/null
+++ b/lib/nova_plugins/hypervisor-xenserver
@@ -0,0 +1,85 @@
+# lib/nova_plugins/hypervisor-xenserver
+# Configure the XenServer hypervisor
+
+# Enable with:
+# VIRT_DRIVER=xenserver
+
+# Dependencies:
+# ``functions`` file
+# ``nova`` configuration
+
+# install_nova_hypervisor - install any external requirements
+# configure_nova_hypervisor - make configuration changes, including those to other services
+# start_nova_hypervisor - start any external services
+# stop_nova_hypervisor - stop any external services
+# cleanup_nova_hypervisor - remove transient data and cache
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+
+PUBLIC_INTERFACE_DEFAULT=eth2
+GUEST_INTERFACE_DEFAULT=eth1
+# Allow ``build_domU.sh`` to specify the flat network bridge via kernel args
+FLAT_NETWORK_BRIDGE_DEFAULT=$(sed -e 's/.* flat_network_bridge=\([[:alnum:]]*\).*$/\1/g' /proc/cmdline)
+if is_service_enabled neutron; then
+ XEN_INTEGRATION_BRIDGE=$(sed -e 's/.* xen_integration_bridge=\([[:alnum:]]*\).*$/\1/g' /proc/cmdline)
+fi
+
+VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=169.254.0.1}
+
+
+# Entry Points
+# ------------
+
+# clean_nova_hypervisor - Clean up an installation
+function cleanup_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# configure_nova_hypervisor - Set config files, create data dirs, etc
+function configure_nova_hypervisor() {
+ if [ -z "$XENAPI_CONNECTION_URL" ]; then
+ die $LINENO "XENAPI_CONNECTION_URL is not specified"
+ fi
+ read_password XENAPI_PASSWORD "ENTER A PASSWORD TO USE FOR XEN."
+ iniset $NOVA_CONF DEFAULT compute_driver "xenapi.XenAPIDriver"
+ iniset $NOVA_CONF DEFAULT xenapi_connection_url "$XENAPI_CONNECTION_URL"
+ iniset $NOVA_CONF DEFAULT xenapi_connection_username "$XENAPI_USER"
+ iniset $NOVA_CONF DEFAULT xenapi_connection_password "$XENAPI_PASSWORD"
+ iniset $NOVA_CONF DEFAULT flat_injected "False"
+ # Need to avoid crash due to new firewall support
+ XEN_FIREWALL_DRIVER=${XEN_FIREWALL_DRIVER:-"nova.virt.firewall.IptablesFirewallDriver"}
+ iniset $NOVA_CONF DEFAULT firewall_driver "$XEN_FIREWALL_DRIVER"
+}
+
+# install_nova_hypervisor() - Install external components
+function install_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# start_nova_hypervisor - Start any required external services
+function start_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+# stop_nova_hypervisor - Stop any external services
+function stop_nova_hypervisor() {
+ # This function intentionally left blank
+ :
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/rpc_backend b/lib/rpc_backend
index ff87aae..63edc07 100644
--- a/lib/rpc_backend
+++ b/lib/rpc_backend
@@ -131,6 +131,9 @@
else
exit_distro_not_supported "zeromq installation"
fi
+ # Necessary directory for socket location.
+ sudo mkdir -p /var/run/openstack
+ sudo chown $STACK_USER /var/run/openstack
fi
}
diff --git a/lib/swift b/lib/swift
index 9c80802..6ab43c4 100644
--- a/lib/swift
+++ b/lib/swift
@@ -39,6 +39,7 @@
# Set ``SWIFT_DATA_DIR`` to the location of swift drives and objects.
# Default is the common DevStack data directory.
SWIFT_DATA_DIR=${SWIFT_DATA_DIR:-${DATA_DIR}/swift}
+SWIFT_DISK_IMAGE=${SWIFT_DATA_DIR}/drives/images/swift.img
# Set ``SWIFT_CONF_DIR`` to the location of the configuration files.
# Default is ``/etc/swift``.
@@ -55,10 +56,10 @@
# swift data. Set ``SWIFT_LOOPBACK_DISK_SIZE`` to the disk size in
# kilobytes.
# Default is 1 gigabyte.
-SWIFT_LOOPBACK_DISK_SIZE_DEFAULT=1048576
+SWIFT_LOOPBACK_DISK_SIZE_DEFAULT=1G
# if tempest enabled the default size is 4 Gigabyte.
if is_service_enabled tempest; then
- SWIFT_LOOPBACK_DISK_SIZE_DEFAULT=${SWIFT_LOOPBACK_DISK_SIZE:-4194304}
+ SWIFT_LOOPBACK_DISK_SIZE_DEFAULT=${SWIFT_LOOPBACK_DISK_SIZE:-4G}
fi
SWIFT_LOOPBACK_DISK_SIZE=${SWIFT_LOOPBACK_DISK_SIZE:-$SWIFT_LOOPBACK_DISK_SIZE_DEFAULT}
@@ -67,6 +68,10 @@
# Default is ``staticweb, tempurl, formpost``
SWIFT_EXTRAS_MIDDLEWARE=${SWIFT_EXTRAS_MIDDLEWARE:-tempurl formpost staticweb}
+# Set ``SWIFT_EXTRAS_MIDDLEWARE_LAST`` to extras middlewares that need to be at
+# the end of the pipeline.
+SWIFT_EXTRAS_MIDDLEWARE_LAST=${SWIFT_EXTRAS_MIDDLEWARE_LAST}
+
# The ring uses a configurable number of bits from a path’s MD5 hash as
# a partition index that designates a device. The number of bits kept
# from the hash is known as the partition power, and 2 to the partition
@@ -103,8 +108,8 @@
if egrep -q ${SWIFT_DATA_DIR}/drives/sdb1 /proc/mounts; then
sudo umount ${SWIFT_DATA_DIR}/drives/sdb1
fi
- if [[ -e ${SWIFT_DATA_DIR}/drives/images/swift.img ]]; then
- rm ${SWIFT_DATA_DIR}/drives/images/swift.img
+ if [[ -e ${SWIFT_DISK_IMAGE} ]]; then
+ rm ${SWIFT_DISK_IMAGE}
fi
rm -rf ${SWIFT_DATA_DIR}/run/
if is_apache_enabled_service swift; then
@@ -255,6 +260,12 @@
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port
iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT:-8080}
+ # Configure Ceilometer
+ if is_service_enabled ceilometer; then
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:ceilometer use "egg:ceilometer#swift"
+ SWIFT_EXTRAS_MIDDLEWARE_LAST="${SWIFT_EXTRAS_MIDDLEWARE_LAST} ceilometer"
+ fi
+
# By default Swift will be installed with keystone and tempauth middleware
# and add the swift3 middleware if its configured for it. The token for
# tempauth would be prefixed with the reseller_prefix setting TEMPAUTH_ the
@@ -264,6 +275,7 @@
fi
swift_pipeline+=" authtoken keystoneauth tempauth "
sed -i "/^pipeline/ { s/tempauth/${swift_pipeline} ${SWIFT_EXTRAS_MIDDLEWARE}/ ;}" ${SWIFT_CONFIG_PROXY_SERVER}
+ sed -i "/^pipeline/ { s/proxy-server/${SWIFT_EXTRAS_MIDDLEWARE_LAST} proxy-server/ ; }" ${SWIFT_CONFIG_PROXY_SERVER}
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:tempauth account_autocreate
iniset ${SWIFT_CONFIG_PROXY_SERVER} app:proxy-server account_autocreate true
@@ -409,28 +421,27 @@
sudo chown -R $USER:${USER_GROUP} ${SWIFT_DATA_DIR}
# Create a loopback disk and format it to XFS.
- if [[ -e ${SWIFT_DATA_DIR}/drives/images/swift.img ]]; then
+ if [[ -e ${SWIFT_DISK_IMAGE} ]]; then
if egrep -q ${SWIFT_DATA_DIR}/drives/sdb1 /proc/mounts; then
sudo umount ${SWIFT_DATA_DIR}/drives/sdb1
- sudo rm -f ${SWIFT_DATA_DIR}/drives/images/swift.img
+ sudo rm -f ${SWIFT_DISK_IMAGE}
fi
fi
mkdir -p ${SWIFT_DATA_DIR}/drives/images
- sudo touch ${SWIFT_DATA_DIR}/drives/images/swift.img
- sudo chown $USER: ${SWIFT_DATA_DIR}/drives/images/swift.img
+ sudo touch ${SWIFT_DISK_IMAGE}
+ sudo chown $USER: ${SWIFT_DISK_IMAGE}
- dd if=/dev/zero of=${SWIFT_DATA_DIR}/drives/images/swift.img \
- bs=1024 count=0 seek=${SWIFT_LOOPBACK_DISK_SIZE}
+ truncate -s ${SWIFT_LOOPBACK_DISK_SIZE} ${SWIFT_DISK_IMAGE}
# Make a fresh XFS filesystem
- mkfs.xfs -f -i size=1024 ${SWIFT_DATA_DIR}/drives/images/swift.img
+ mkfs.xfs -f -i size=1024 ${SWIFT_DISK_IMAGE}
# Mount the disk with mount options to make it as efficient as possible
mkdir -p ${SWIFT_DATA_DIR}/drives/sdb1
if ! egrep -q ${SWIFT_DATA_DIR}/drives/sdb1 /proc/mounts; then
sudo mount -t xfs -o loop,noatime,nodiratime,nobarrier,logbufs=8 \
- ${SWIFT_DATA_DIR}/drives/images/swift.img ${SWIFT_DATA_DIR}/drives/sdb1
+ ${SWIFT_DISK_IMAGE} ${SWIFT_DATA_DIR}/drives/sdb1
fi
# Create a link to the above mount and
diff --git a/samples/localrc b/samples/localrc
index fd7221a..80cf0e7 100644
--- a/samples/localrc
+++ b/samples/localrc
@@ -83,7 +83,8 @@
# Set this to 1 to save some resources:
SWIFT_REPLICAS=1
-# The data for Swift is stored in the source tree by default (``$DEST/swift/data``)
-# and can be moved by setting ``SWIFT_DATA_DIR``. The directory will be created
+# The data for Swift is stored by default in (``$DEST/data/swift``),
+# or (``$DATA_DIR/swift``) if ``DATA_DIR`` has been set, and can be
+# moved by setting ``SWIFT_DATA_DIR``. The directory will be created
# if it does not exist.
SWIFT_DATA_DIR=$DEST/data
diff --git a/stack.sh b/stack.sh
index 03d5632..14ec023 100755
--- a/stack.sh
+++ b/stack.sh
@@ -29,6 +29,9 @@
# Import common functions
source $TOP_DIR/functions
+# Import config functions
+source $TOP_DIR/lib/config
+
# Determine what system we are running on. This provides ``os_VENDOR``,
# ``os_RELEASE``, ``os_UPDATE``, ``os_PACKAGE``, ``os_CODENAME``
# and ``DISTRO``
@@ -38,6 +41,25 @@
# Global Settings
# ===============
+# Check for a ``localrc`` section embedded in ``local.conf`` and extract if
+# ``localrc`` does not already exist
+
+# Phase: local
+rm -f $TOP_DIR/.localrc.auto
+if [[ -r $TOP_DIR/local.conf ]]; then
+ LRC=$(get_meta_section_files $TOP_DIR/local.conf local)
+ for lfile in $LRC; do
+ if [[ "$lfile" == "localrc" ]]; then
+ if [[ -r $TOP_DIR/localrc ]]; then
+ warn $LINENO "localrc and local.conf:[[local]] both exist, using localrc"
+ else
+ echo "# Generated file, do not exit" >$TOP_DIR/.localrc.auto
+ get_meta_section $TOP_DIR/local.conf local $lfile >>$TOP_DIR/.localrc.auto
+ fi
+ fi
+ done
+fi
+
# ``stack.sh`` is customizable by setting environment variables. Override a
# default setting via export::
#
@@ -150,8 +172,8 @@
if [[ is_fedora && $DISTRO =~ (rhel6) ]]; then
# Installing Open vSwitch on RHEL6 requires enabling the RDO repo.
- RHEL6_RDO_REPO_RPM=${RHEL6_RDO_REPO_RPM:-"http://rdo.fedorapeople.org/openstack/openstack-grizzly/rdo-release-grizzly-3.noarch.rpm"}
- RHEL6_RDO_REPO_ID=${RHEL6_RDO_REPO_ID:-"openstack-grizzly"}
+ RHEL6_RDO_REPO_RPM=${RHEL6_RDO_REPO_RPM:-"http://rdo.fedorapeople.org/openstack-havana/rdo-release-havana.rpm"}
+ RHEL6_RDO_REPO_ID=${RHEL6_RDO_REPO_ID:-"openstack-havana"}
if ! yum repolist enabled $RHEL6_RDO_REPO_ID | grep -q $RHEL6_RDO_REPO_ID; then
echo "RDO repo not detected; installing"
yum_install $RHEL6_RDO_REPO_RPM || \
@@ -172,67 +194,37 @@
# -----------
# OpenStack is designed to be run as a non-root user; Horizon will fail to run
-# as **root** since Apache will not serve content from **root** user). If
-# ``stack.sh`` is run as **root**, it automatically creates a **stack** user with
-# sudo privileges and runs as that user.
+# as **root** since Apache will not serve content from **root** user).
+# ``stack.sh`` must not be run as **root**. It aborts and suggests one course of
+# action to create a suitable user account.
if [[ $EUID -eq 0 ]]; then
- ROOTSLEEP=${ROOTSLEEP:-10}
echo "You are running this script as root."
- echo "In $ROOTSLEEP seconds, we will create a user '$STACK_USER' and run as that user"
- sleep $ROOTSLEEP
-
- # Give the non-root user the ability to run as **root** via ``sudo``
- is_package_installed sudo || install_package sudo
- if ! getent group $STACK_USER >/dev/null; then
- echo "Creating a group called $STACK_USER"
- groupadd $STACK_USER
- fi
- if ! getent passwd $STACK_USER >/dev/null; then
- echo "Creating a user called $STACK_USER"
- useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER
- fi
-
- echo "Giving stack user passwordless sudo privileges"
- # UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
- grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
- echo "#includedir /etc/sudoers.d" >> /etc/sudoers
- ( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \
- > /etc/sudoers.d/50_stack_sh )
-
- echo "Copying files to $STACK_USER user"
- STACK_DIR="$DEST/${TOP_DIR##*/}"
- cp -r -f -T "$TOP_DIR" "$STACK_DIR"
- safe_chown -R $STACK_USER "$STACK_DIR"
- cd "$STACK_DIR"
- if [[ "$SHELL_AFTER_RUN" != "no" ]]; then
- exec sudo -u $STACK_USER bash -l -c "set -e; bash stack.sh; bash"
- else
- exec sudo -u $STACK_USER bash -l -c "set -e; source stack.sh"
- fi
+ echo "Cut it out."
+ echo "Really."
+ echo "If you need an account to run DevStack, do this (as root, heh) to create $STACK_USER:"
+ echo "$TOP_DIR/tools/create-stack-user.sh"
exit 1
-else
- # We're not **root**, make sure ``sudo`` is available
- is_package_installed sudo || die "Sudo is required. Re-run stack.sh as root ONE TIME ONLY to set up sudo."
-
- # UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
- sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
- echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
-
- # Set up devstack sudoers
- TEMPFILE=`mktemp`
- echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE
- # Some binaries might be under /sbin or /usr/sbin, so make sure sudo will
- # see them by forcing PATH
- echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE
- chmod 0440 $TEMPFILE
- sudo chown root:root $TEMPFILE
- sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
-
- # Remove old file
- sudo rm -f /etc/sudoers.d/stack_sh_nova
fi
+# We're not **root**, make sure ``sudo`` is available
+is_package_installed sudo || install_package sudo
+
+# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
+sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
+ echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
+
+# Set up devstack sudoers
+TEMPFILE=`mktemp`
+echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE
+# Some binaries might be under /sbin or /usr/sbin, so make sure sudo will
+# see them by forcing PATH
+echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE
+chmod 0440 $TEMPFILE
+sudo chown root:root $TEMPFILE
+sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
+
+
# Create the destination directory and ensure it is writable by the user
# and read/executable by everybody for daemons (e.g. apache run for horizon)
sudo mkdir -p $DEST
@@ -321,13 +313,6 @@
source $TOP_DIR/lib/ironic
source $TOP_DIR/lib/trove
-# Look for Nova hypervisor plugin
-NOVA_PLUGINS=$TOP_DIR/lib/nova_plugins
-if is_service_enabled nova && [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
- # Load plugin
- source $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER
-fi
-
# Set the destination directories for other OpenStack projects
OPENSTACKCLIENT_DIR=$DEST/python-openstackclient
@@ -842,6 +827,9 @@
fi
+# Start Services
+# ==============
+
# Keystone
# --------
@@ -912,6 +900,7 @@
init_glance
fi
+
# Ironic
# ------
@@ -921,7 +910,6 @@
fi
-
# Neutron
# -------
@@ -947,11 +935,6 @@
# Nova
# ----
-if is_service_enabled nova; then
- echo_summary "Configuring Nova"
- configure_nova
-fi
-
if is_service_enabled n-net q-dhcp; then
# Delete traces of nova networks from prior runs
# Do not kill any dnsmasq instance spawned by NetworkManager
@@ -994,8 +977,6 @@
if is_service_enabled nova; then
echo_summary "Configuring Nova"
- # Rebuild the config file from scratch
- create_nova_conf
init_nova
# Additional Nova configuration that is dependent on other services
@@ -1005,104 +986,6 @@
create_nova_conf_nova_network
fi
-
- if [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
- # Configure hypervisor plugin
- configure_nova_hypervisor
-
-
- # XenServer
- # ---------
-
- elif [ "$VIRT_DRIVER" = 'xenserver' ]; then
- echo_summary "Using XenServer virtualization driver"
- if [ -z "$XENAPI_CONNECTION_URL" ]; then
- die $LINENO "XENAPI_CONNECTION_URL is not specified"
- fi
- read_password XENAPI_PASSWORD "ENTER A PASSWORD TO USE FOR XEN."
- iniset $NOVA_CONF DEFAULT compute_driver "xenapi.XenAPIDriver"
- iniset $NOVA_CONF DEFAULT xenapi_connection_url "$XENAPI_CONNECTION_URL"
- iniset $NOVA_CONF DEFAULT xenapi_connection_username "$XENAPI_USER"
- iniset $NOVA_CONF DEFAULT xenapi_connection_password "$XENAPI_PASSWORD"
- iniset $NOVA_CONF DEFAULT flat_injected "False"
- # Need to avoid crash due to new firewall support
- XEN_FIREWALL_DRIVER=${XEN_FIREWALL_DRIVER:-"nova.virt.firewall.IptablesFirewallDriver"}
- iniset $NOVA_CONF DEFAULT firewall_driver "$XEN_FIREWALL_DRIVER"
-
-
- # OpenVZ
- # ------
-
- elif [ "$VIRT_DRIVER" = 'openvz' ]; then
- echo_summary "Using OpenVZ virtualization driver"
- iniset $NOVA_CONF DEFAULT compute_driver "openvz.OpenVzDriver"
- iniset $NOVA_CONF DEFAULT connection_type "openvz"
- LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.libvirt.firewall.IptablesFirewallDriver"}
- iniset $NOVA_CONF DEFAULT firewall_driver "$LIBVIRT_FIREWALL_DRIVER"
-
-
- # Bare Metal
- # ----------
-
- elif [ "$VIRT_DRIVER" = 'baremetal' ]; then
- echo_summary "Using BareMetal driver"
- LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.firewall.NoopFirewallDriver"}
- iniset $NOVA_CONF DEFAULT compute_driver nova.virt.baremetal.driver.BareMetalDriver
- iniset $NOVA_CONF DEFAULT firewall_driver $LIBVIRT_FIREWALL_DRIVER
- iniset $NOVA_CONF DEFAULT scheduler_host_manager nova.scheduler.baremetal_host_manager.BaremetalHostManager
- iniset $NOVA_CONF DEFAULT ram_allocation_ratio 1.0
- iniset $NOVA_CONF DEFAULT reserved_host_memory_mb 0
- iniset $NOVA_CONF baremetal instance_type_extra_specs cpu_arch:$BM_CPU_ARCH
- iniset $NOVA_CONF baremetal driver $BM_DRIVER
- iniset $NOVA_CONF baremetal power_manager $BM_POWER_MANAGER
- iniset $NOVA_CONF baremetal tftp_root /tftpboot
- if [[ "$BM_DNSMASQ_FROM_NOVA_NETWORK" = "True" ]]; then
- BM_DNSMASQ_CONF=$NOVA_CONF_DIR/dnsmasq-for-baremetal-from-nova-network.conf
- sudo cp "$FILES/dnsmasq-for-baremetal-from-nova-network.conf" "$BM_DNSMASQ_CONF"
- iniset $NOVA_CONF DEFAULT dnsmasq_config_file "$BM_DNSMASQ_CONF"
- fi
-
- # Define extra baremetal nova conf flags by defining the array ``EXTRA_BAREMETAL_OPTS``.
- for I in "${EXTRA_BAREMETAL_OPTS[@]}"; do
- # Attempt to convert flags to options
- iniset $NOVA_CONF baremetal ${I/=/ }
- done
-
-
- # PowerVM
- # -------
-
- elif [ "$VIRT_DRIVER" = 'powervm' ]; then
- echo_summary "Using PowerVM driver"
- POWERVM_MGR_TYPE=${POWERVM_MGR_TYPE:-"ivm"}
- POWERVM_MGR_HOST=${POWERVM_MGR_HOST:-"powervm.host"}
- POWERVM_MGR_USER=${POWERVM_MGR_USER:-"padmin"}
- POWERVM_MGR_PASSWD=${POWERVM_MGR_PASSWD:-"password"}
- POWERVM_IMG_REMOTE_PATH=${POWERVM_IMG_REMOTE_PATH:-"/tmp"}
- POWERVM_IMG_LOCAL_PATH=${POWERVM_IMG_LOCAL_PATH:-"/tmp"}
- iniset $NOVA_CONF DEFAULT compute_driver nova.virt.powervm.PowerVMDriver
- iniset $NOVA_CONF DEFAULT powervm_mgr_type $POWERVM_MGR_TYPE
- iniset $NOVA_CONF DEFAULT powervm_mgr $POWERVM_MGR_HOST
- iniset $NOVA_CONF DEFAULT powervm_mgr_user $POWERVM_MGR_USER
- iniset $NOVA_CONF DEFAULT powervm_mgr_passwd $POWERVM_MGR_PASSWD
- iniset $NOVA_CONF DEFAULT powervm_img_remote_path $POWERVM_IMG_REMOTE_PATH
- iniset $NOVA_CONF DEFAULT powervm_img_local_path $POWERVM_IMG_LOCAL_PATH
-
-
- # Default libvirt
- # ---------------
-
- else
- echo_summary "Using libvirt virtualization driver"
- iniset $NOVA_CONF DEFAULT compute_driver "libvirt.LibvirtDriver"
- LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.libvirt.firewall.IptablesFirewallDriver"}
- iniset $NOVA_CONF DEFAULT firewall_driver "$LIBVIRT_FIREWALL_DRIVER"
- # Power architecture currently does not support graphical consoles.
- if is_arch "ppc64"; then
- iniset $NOVA_CONF DEFAULT vnc_enabled "false"
- fi
- fi
-
init_nova_cells
fi
@@ -1117,6 +1000,14 @@
fi
+# Local Configuration
+# ===================
+
+# Apply configuration from local.conf if it exists for layer 2 services
+# Phase: post-config
+merge_config_group $TOP_DIR/local.conf post-config
+
+
# Launch Services
# ===============
@@ -1312,6 +1203,14 @@
done
+# Local Configuration
+# ===================
+
+# Apply configuration from local.conf if it exists for layer 2 services
+# Phase: extra
+merge_config_group $TOP_DIR/local.conf extra
+
+
# Run extras
# ==========
@@ -1384,5 +1283,66 @@
echo_summary "WARNING: $DEPRECATED_TEXT"
fi
+# Specific warning for deprecated configs
+if [[ -n "$EXTRA_OPTS" ]]; then
+ echo ""
+ echo_summary "WARNING: EXTRA_OPTS is used"
+ echo "You are using EXTRA_OPTS to pass configuration into nova.conf."
+ echo "Please convert that configuration in localrc to a nova.conf section in local.conf:"
+ echo "
+[[post-config|\$NOVA_CONF]]
+[DEFAULT]
+"
+ for I in "${EXTRA_OPTS[@]}"; do
+ # Replace the first '=' with ' ' for iniset syntax
+ echo ${I}
+ done
+fi
+
+if [[ -n "$EXTRA_BAREMETAL_OPTS" ]]; then
+ echo ""
+ echo_summary "WARNING: EXTRA_OPTS is used"
+ echo "You are using EXTRA_OPTS to pass configuration into nova.conf."
+ echo "Please convert that configuration in localrc to a nova.conf section in local.conf:"
+ echo "
+[[post-config|\$NOVA_CONF]]
+[baremetal]
+"
+ for I in "${EXTRA_BAREMETAL_OPTS[@]}"; do
+ # Replace the first '=' with ' ' for iniset syntax
+ echo ${I}
+ done
+fi
+
+if [[ -n "$Q_DHCP_EXTRA_DEFAULT_OPTS" ]]; then
+ echo ""
+ echo_summary "WARNING: Q_DHCP_EXTRA_DEFAULT_OPTS is used"
+ echo "You are using Q_DHCP_EXTRA_DEFAULT_OPTS to pass configuration into $Q_DHCP_CONF_FILE."
+ echo "Please convert that configuration in localrc to a $Q_DHCP_CONF_FILE section in local.conf:"
+ echo "
+[[post-config|\$Q_DHCP_CONF_FILE]]
+[DEFAULT]
+"
+ for I in "${Q_DHCP_EXTRA_DEFAULT_OPTS[@]}"; do
+ # Replace the first '=' with ' ' for iniset syntax
+ echo ${I}
+ done
+fi
+
+if [[ -n "$Q_SRV_EXTRA_DEFAULT_OPTS" ]]; then
+ echo ""
+ echo_summary "WARNING: Q_SRV_EXTRA_DEFAULT_OPTS is used"
+ echo "You are using Q_SRV_EXTRA_DEFAULT_OPTS to pass configuration into $NEUTRON_CONF."
+ echo "Please convert that configuration in localrc to a $NEUTRON_CONF section in local.conf:"
+ echo "
+[[post-config|\$NEUTRON_CONF]]
+[DEFAULT]
+"
+ for I in "${Q_SRV_EXTRA_DEFAULT_OPTS[@]}"; do
+ # Replace the first '=' with ' ' for iniset syntax
+ echo ${I}
+ done
+fi
+
# Indicate how long this took to run (bash maintained variable ``SECONDS``)
echo_summary "stack.sh completed in $SECONDS seconds."
diff --git a/stackrc b/stackrc
index 3a338d1..3f740b5 100644
--- a/stackrc
+++ b/stackrc
@@ -48,8 +48,12 @@
USE_SCREEN=True
# allow local overrides of env variables, including repo config
-if [ -f $RC_DIR/localrc ]; then
+if [[ -f $RC_DIR/localrc ]]; then
+ # Old-style user-supplied config
source $RC_DIR/localrc
+elif [[ -f $RC_DIR/.localrc.auto ]]; then
+ # New-style user-supplied config extracted from local.conf
+ source $RC_DIR/.localrc.auto
fi
@@ -160,7 +164,7 @@
# diskimage-builder
-BM_IMAGE_BUILD_REPO=${BM_IMAGE_BUILD_REPO:-${GIT_BASE}/stackforge/diskimage-builder.git}
+BM_IMAGE_BUILD_REPO=${BM_IMAGE_BUILD_REPO:-${GIT_BASE}/openstack/diskimage-builder.git}
BM_IMAGE_BUILD_BRANCH=${BM_IMAGE_BUILD_BRANCH:-master}
# bm_poseur
diff --git a/tests/test_config.sh b/tests/test_config.sh
new file mode 100755
index 0000000..fed2e7d
--- /dev/null
+++ b/tests/test_config.sh
@@ -0,0 +1,179 @@
+#!/usr/bin/env bash
+
+# Tests for DevStack meta-config functions
+
+TOP=$(cd $(dirname "$0")/.. && pwd)
+
+# Import common functions
+source $TOP/functions
+
+# Import config functions
+source $TOP/lib/config
+
+# check_result() tests and reports the result values
+# check_result "actual" "expected"
+function check_result() {
+ local actual=$1
+ local expected=$2
+ if [[ "$actual" == "$expected" ]]; then
+ echo "OK"
+ else
+ echo -e "failed: $actual != $expected\n"
+ fi
+}
+
+TEST_1C_ADD="[eee]
+type=new
+multi = foo2"
+
+function create_test1c() {
+ cat >test1c.conf <<EOF
+[eee]
+# original comment
+type=original
+EOF
+}
+
+function create_test2a() {
+ cat >test2a.conf <<EOF
+[ddd]
+# original comment
+type=original
+EOF
+}
+
+cat >test.conf <<EOF
+[[test1|test1a.conf]]
+[default]
+# comment an option
+#log_file=./log.conf
+log_file=/etc/log.conf
+handlers=do not disturb
+
+[aaa]
+# the commented option should not change
+#handlers=cc,dd
+handlers = aa, bb
+
+[[test1|test1b.conf]]
+[bbb]
+handlers=ee,ff
+
+[ ccc ]
+spaces = yes
+
+[[test2|test2a.conf]]
+[ddd]
+# new comment
+type=new
+additional=true
+
+[[test1|test1c.conf]]
+$TEST_1C_ADD
+EOF
+
+
+echo -n "get_meta_section_files: test0 doesn't exist: "
+VAL=$(get_meta_section_files test.conf test0)
+check_result "$VAL" ""
+
+echo -n "get_meta_section_files: test1 3 files: "
+VAL=$(get_meta_section_files test.conf test1)
+EXPECT_VAL="test1a.conf
+test1b.conf
+test1c.conf"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "get_meta_section_files: test2 1 file: "
+VAL=$(get_meta_section_files test.conf test2)
+EXPECT_VAL="test2a.conf"
+check_result "$VAL" "$EXPECT_VAL"
+
+
+# Get a section from a group that doesn't exist
+echo -n "get_meta_section: test0 doesn't exist: "
+VAL=$(get_meta_section test.conf test0 test0.conf)
+check_result "$VAL" ""
+
+# Get a single section from a group with multiple files
+echo -n "get_meta_section: test1c single section: "
+VAL=$(get_meta_section test.conf test1 test1c.conf)
+check_result "$VAL" "$TEST_1C_ADD"
+
+# Get a single section from a group with a single file
+echo -n "get_meta_section: test2a single section: "
+VAL=$(get_meta_section test.conf test2 test2a.conf)
+EXPECT_VAL="[ddd]
+# new comment
+type=new
+additional=true"
+check_result "$VAL" "$EXPECT_VAL"
+
+# Get a single section that doesn't exist from a group
+echo -n "get_meta_section: test2z.conf not in test2: "
+VAL=$(get_meta_section test.conf test2 test2z.conf)
+check_result "$VAL" ""
+
+# Get a section from a conf file that doesn't exist
+echo -n "get_meta_section: nofile doesn't exist: "
+VAL=$(get_meta_section nofile.ini test1)
+check_result "$VAL" ""
+
+echo -n "get_meta_section: nofile doesn't exist: "
+VAL=$(get_meta_section nofile.ini test0 test0.conf)
+check_result "$VAL" ""
+
+echo -n "merge_config_file test1c exists: "
+create_test1c
+merge_config_file test.conf test1 test1c.conf
+VAL=$(cat test1c.conf)
+# iniset adds values immediately under the section header
+EXPECT_VAL="[eee]
+multi = foo2
+# original comment
+type=new"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_file test2a exists: "
+create_test2a
+merge_config_file test.conf test2 test2a.conf
+VAL=$(cat test2a.conf)
+# iniset adds values immediately under the section header
+EXPECT_VAL="[ddd]
+additional = true
+# original comment
+type=new"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_file test2a not exist: "
+rm test2a.conf
+merge_config_file test.conf test2 test2a.conf
+VAL=$(cat test2a.conf)
+# iniset adds a blank line if it creates the file...
+EXPECT_VAL="
+[ddd]
+additional = true
+type = new"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_group test2: "
+rm test2a.conf
+merge_config_group test.conf test2
+VAL=$(cat test2a.conf)
+# iniset adds a blank line if it creates the file...
+EXPECT_VAL="
+[ddd]
+additional = true
+type = new"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_group test2 no conf file: "
+rm test2a.conf
+merge_config_group x-test.conf test2
+if [[ ! -r test2a.conf ]]; then
+ echo "OK"
+else
+ echo "failed: $VAL != $EXPECT_VAL"
+fi
+
+rm -f test.conf test1c.conf test2a.conf
diff --git a/tools/create-stack-user.sh b/tools/create-stack-user.sh
new file mode 100644
index 0000000..2251d1e
--- /dev/null
+++ b/tools/create-stack-user.sh
@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+
+# **create-stack-user.sh**
+
+# Create a user account suitable for running DevStack
+# - create a group named $STACK_USER if it does not exist
+# - create a user named $STACK_USER if it does not exist
+# - home is $DEST
+# - configure sudo for $STACK_USER
+
+# ``stack.sh`` was never intended to run as root. It had a hack to do what is
+# now in this script and re-launch itself, but that hack was less than perfect
+# and it was time for this nonsense to stop. Run this script as root to create
+# the user and configure sudo.
+
+
+# Keep track of the devstack directory
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+
+# Import common functions
+source $TOP_DIR/functions
+
+# Determine what system we are running on. This provides ``os_VENDOR``,
+# ``os_RELEASE``, ``os_UPDATE``, ``os_PACKAGE``, ``os_CODENAME``
+# and ``DISTRO``
+GetDistro
+
+# Needed to get ``ENABLED_SERVICES``
+source $TOP_DIR/stackrc
+
+# Give the non-root user the ability to run as **root** via ``sudo``
+is_package_installed sudo || install_package sudo
+
+if ! getent group $STACK_USER >/dev/null; then
+ echo "Creating a group called $STACK_USER"
+ groupadd $STACK_USER
+fi
+
+if ! getent passwd $STACK_USER >/dev/null; then
+ echo "Creating a user called $STACK_USER"
+ useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER
+fi
+
+echo "Giving stack user passwordless sudo privileges"
+# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
+grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
+ echo "#includedir /etc/sudoers.d" >> /etc/sudoers
+( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \
+ > /etc/sudoers.d/50_stack_sh )
diff --git a/tools/create_userrc.sh b/tools/create_userrc.sh
index 619d63f..44b0f6b 100755
--- a/tools/create_userrc.sh
+++ b/tools/create_userrc.sh
@@ -6,6 +6,9 @@
# Warning: This script just for development purposes
+set -o errexit
+set -o xtrace
+
ACCOUNT_DIR=./accrc
display_help()
@@ -138,10 +141,14 @@
mkdir -p "$ACCOUNT_DIR"
ACCOUNT_DIR=`readlink -f "$ACCOUNT_DIR"`
EUCALYPTUS_CERT=$ACCOUNT_DIR/cacert.pem
-mv "$EUCALYPTUS_CERT" "$EUCALYPTUS_CERT.old" &>/dev/null
+if [ -e "$EUCALYPTUS_CERT" ]; then
+ mv "$EUCALYPTUS_CERT" "$EUCALYPTUS_CERT.old"
+fi
if ! nova x509-get-root-cert "$EUCALYPTUS_CERT"; then
echo "Failed to update the root certificate: $EUCALYPTUS_CERT" >&2
- mv "$EUCALYPTUS_CERT.old" "$EUCALYPTUS_CERT" &>/dev/null
+ if [ -e "$EUCALYPTUS_CERT.old" ]; then
+ mv "$EUCALYPTUS_CERT.old" "$EUCALYPTUS_CERT"
+ fi
fi
@@ -168,12 +175,20 @@
local ec2_cert="$rcfile-cert.pem"
local ec2_private_key="$rcfile-pk.pem"
# Try to preserve the original file on fail (best effort)
- mv -f "$ec2_private_key" "$ec2_private_key.old" &>/dev/null
- mv -f "$ec2_cert" "$ec2_cert.old" &>/dev/null
+ if [ -e "$ec2_private_key" ]; then
+ mv -f "$ec2_private_key" "$ec2_private_key.old"
+ fi
+ if [ -e "$ec2_cert" ]; then
+ mv -f "$ec2_cert" "$ec2_cert.old"
+ fi
# It will not create certs when the password is incorrect
if ! nova --os-password "$user_passwd" --os-username "$user_name" --os-tenant-name "$tenant_name" x509-create-cert "$ec2_private_key" "$ec2_cert"; then
- mv -f "$ec2_private_key.old" "$ec2_private_key" &>/dev/null
- mv -f "$ec2_cert.old" "$ec2_cert" &>/dev/null
+ if [ -e "$ec2_private_key.old" ]; then
+ mv -f "$ec2_private_key.old" "$ec2_private_key"
+ fi
+ if [ -e "$ec2_cert.old" ]; then
+ mv -f "$ec2_cert.old" "$ec2_cert"
+ fi
fi
cat >"$rcfile" <<EOF
# you can source this file
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index 87922c8..f3c0f98 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -16,6 +16,8 @@
# - pre-install hgtools to work around a bug in RHEL6 distribute
# - install nose 1.1 from EPEL
+set -o errexit
+set -o xtrace
# Keep track of the current directory
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
diff --git a/tools/install_pip.sh b/tools/install_pip.sh
index fc1c195..455323e 100755
--- a/tools/install_pip.sh
+++ b/tools/install_pip.sh
@@ -9,6 +9,9 @@
# Assumptions:
# - update pip to $INSTALL_PIP_VERSION
+set -o errexit
+set -o xtrace
+
# Keep track of the current directory
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
TOP_DIR=`cd $TOOLS_DIR/..; pwd`
@@ -47,10 +50,12 @@
echo "Distro: $DISTRO"
function get_versions() {
- PIP=$(which pip 2>/dev/null || which pip-python 2>/dev/null)
+ PIP=$(which pip 2>/dev/null || which pip-python 2>/dev/null || true)
if [[ -n $PIP ]]; then
PIP_VERSION=$($PIP --version | awk '{ print $2}')
echo "pip: $PIP_VERSION"
+ else
+ echo "pip: Not Installed"
fi
}
@@ -67,9 +72,9 @@
function install_pip_tarball() {
(cd $FILES; \
curl -O $PIP_TAR_URL; \
- tar xvfz pip-$INSTALL_PIP_VERSION.tar.gz; \
+ tar xvfz pip-$INSTALL_PIP_VERSION.tar.gz 1>/dev/null; \
cd pip-$INSTALL_PIP_VERSION; \
- sudo python setup.py install; \
+ sudo python setup.py install 1>/dev/null; \
)
}
diff --git a/tools/xen/devstackubuntupreseed.cfg b/tools/xen/devstackubuntupreseed.cfg
index c559b1e..6a1ae89 100644
--- a/tools/xen/devstackubuntupreseed.cfg
+++ b/tools/xen/devstackubuntupreseed.cfg
@@ -34,7 +34,7 @@
# If you have a slow dhcp server and the installer times out waiting for
# it, this might be useful.
-#d-i netcfg/dhcp_timeout string 60
+d-i netcfg/dhcp_timeout string 120
# If you prefer to configure the network manually, uncomment this line and
# the static network configuration below.
diff --git a/tools/xen/functions b/tools/xen/functions
index a5c4b70..c65d919 100644
--- a/tools/xen/functions
+++ b/tools/xen/functions
@@ -287,3 +287,35 @@
dynamic-max=${memory}MiB \
uuid=$vm
}
+
+function max_vcpus() {
+ local vm_name_label
+
+ vm_name_label="$1"
+
+ local vm
+ local host
+ local cpu_count
+
+ host=$(xe host-list --minimal)
+ vm=$(_vm_uuid "$vm_name_label")
+
+ cpu_count=$(xe host-param-get \
+ param-name=cpu_info \
+ uuid=$host |
+ sed -e 's/^.*cpu_count: \([0-9]*\);.*$/\1/g')
+
+ if [ -z "$cpu_count" ]; then
+ # get dom0's vcpu count
+ cpu_count=$(cat /proc/cpuinfo | grep processor | wc -l)
+ fi
+
+ # Assert cpu_count is not empty
+ [ -n "$cpu_count" ]
+
+ # Assert ithas a numeric nonzero value
+ expr "$cpu_count" + 0
+
+ xe vm-param-set uuid=$vm VCPUs-max=$cpu_count
+ xe vm-param-set uuid=$vm VCPUs-at-startup=$cpu_count
+}
diff --git a/tools/xen/install_os_domU.sh b/tools/xen/install_os_domU.sh
index 110bbd9..0f314bf 100755
--- a/tools/xen/install_os_domU.sh
+++ b/tools/xen/install_os_domU.sh
@@ -96,6 +96,10 @@
#
# Configure Networking
#
+
+MGT_NETWORK=`xe pif-list management=true params=network-uuid minimal=true`
+MGT_BRIDGE_OR_NET_NAME=`xe network-list uuid=$MGT_NETWORK params=bridge minimal=true`
+
setup_network "$VM_BRIDGE_OR_NET_NAME"
setup_network "$MGT_BRIDGE_OR_NET_NAME"
setup_network "$PUB_BRIDGE_OR_NET_NAME"
@@ -203,6 +207,7 @@
#
# Install Ubuntu over network
#
+ UBUNTU_INST_BRIDGE_OR_NET_NAME=${UBUNTU_INST_BRIDGE_OR_NET_NAME:-"$MGT_BRIDGE_OR_NET_NAME"}
# always update the preseed file, incase we have a newer one
PRESEED_URL=${PRESEED_URL:-""}
@@ -263,6 +268,9 @@
# Set virtual machine parameters
set_vm_memory "$GUEST_NAME" "$OSDOMU_MEM_MB"
+# Max out VCPU count for better performance
+max_vcpus "$GUEST_NAME"
+
# start the VM to run the prepare steps
xe vm-start vm="$GUEST_NAME"
diff --git a/tools/xen/xenrc b/tools/xen/xenrc
index f698be1..bdcaf99 100644
--- a/tools/xen/xenrc
+++ b/tools/xen/xenrc
@@ -13,16 +13,14 @@
# Size of image
VDI_MB=${VDI_MB:-5000}
-OSDOMU_MEM_MB=2048
+OSDOMU_MEM_MB=3072
OSDOMU_VDI_GB=8
# Network mapping. Specify bridge names or network names. Network names may
# differ across localised versions of XenServer. If a given bridge/network
# was not found, a new network will be created with the specified name.
-# The management network is specified by the bridge name. xenbr0 is usually
-# the name of the bridge of the network associated with the hypervisor's eth0.
-MGT_BRIDGE_OR_NET_NAME="xenbr0"
+# Get the management network from the XS installation
VM_BRIDGE_OR_NET_NAME="OpenStack VM Network"
PUB_BRIDGE_OR_NET_NAME="OpenStack Public Network"
XEN_INT_BRIDGE_OR_NET_NAME="OpenStack VM Integration Network"
@@ -72,7 +70,6 @@
UBUNTU_INST_LOCALE="en_US"
UBUNTU_INST_KEYBOARD="us"
# network configuration for ubuntu netinstall
-UBUNTU_INST_BRIDGE_OR_NET_NAME=${UBUNTU_INST_BRIDGE_OR_NET_NAME:-"$MGT_BRIDGE_OR_NET_NAME"}
UBUNTU_INST_IP="dhcp"
UBUNTU_INST_NAMESERVERS=""
UBUNTU_INST_NETMASK=""
diff --git a/unstack.sh b/unstack.sh
index 05d9fb7..c944ccc 100755
--- a/unstack.sh
+++ b/unstack.sh
@@ -24,6 +24,12 @@
# Destination path for service data
DATA_DIR=${DATA_DIR:-${DEST}/data}
+if [[ $EUID -eq 0 ]]; then
+ echo "You are running this script as root."
+ echo "It might work but you will have a better day running it as $STACK_USER"
+ exit 1
+fi
+
# Import apache functions
source $TOP_DIR/lib/apache