Merge "Don't uninstall ceph packages at cleanup"
diff --git a/README.md b/README.md
index 750190b..acc3e5a 100644
--- a/README.md
+++ b/README.md
@@ -187,7 +187,7 @@
Basic Setup
-In order to enable Neutron a single node setup, you'll need the
+In order to enable Neutron in a single node setup, you'll need the
following settings in your `local.conf`:
disable_service n-net
@@ -197,47 +197,38 @@
enable_service q-l3
enable_service q-meta
enable_service q-metering
- # Optional, to enable tempest configuration as part of DevStack
- enable_service tempest
Then run `stack.sh` as normal.
DevStack supports setting specific Neutron configuration flags to the
-service, Open vSwitch plugin and LinuxBridge plugin configuration files.
-To make use of this feature, the settings can be added to ``local.conf``.
-The old ``Q_XXX_EXTRA_XXX_OPTS`` variables are deprecated and will be removed
-in the near future. The ``local.conf`` headers for the replacements are:
-
-* ``Q_SRV_EXTRA_OPTS``:
+service, ML2 plugin, DHCP and L3 configuration files:
[[post-config|/$Q_PLUGIN_CONF_FILE]]
- [linuxbridge] # or [ovs]
-
-Example extra config in `local.conf`:
-
- [[post-config|/$Q_PLUGIN_CONF_FILE]]
- [agent]
- tunnel_type=vxlan
- vxlan_udp_port=8472
+ [ml2]
+ mechanism_drivers=openvswitch,l2population
[[post-config|$NEUTRON_CONF]]
[DEFAULT]
- tenant_network_type=vxlan
+ quota_port=42
-DevStack also supports configuring the Neutron ML2 plugin. The ML2 plugin
-can run with the OVS, LinuxBridge, or Hyper-V agents on compute hosts. This
-is a simple way to configure the ml2 plugin:
+ [[post-config|$Q_L3_CONF_FILE]]
+ [DEFAULT]
+ agent_mode=legacy
+
+ [[post-config|$Q_DHCP_CONF_FILE]]
+ [DEFAULT]
+ dnsmasq_dns_servers = 8.8.8.8,8.8.4.4
+
+The ML2 plugin can run with the OVS, LinuxBridge, or Hyper-V agents on compute
+hosts. This is a simple way to configure the ml2 plugin:
# VLAN configuration
- Q_PLUGIN=ml2
ENABLE_TENANT_VLANS=True
# GRE tunnel configuration
- Q_PLUGIN=ml2
ENABLE_TENANT_TUNNELS=True
# VXLAN tunnel configuration
- Q_PLUGIN=ml2
Q_ML2_TENANT_NETWORK_TYPE=vxlan
The above will default in DevStack to using the OVS on each compute host.
@@ -370,6 +361,22 @@
one being security groups. The exercises have been patched to disable
functionality not supported by cells.
+# IPv6
+
+By default, most Openstack services are bound to 0.0.0.0
+and service endpoints are registered as IPv4 addresses.
+A new variable was created to control this behavior, and to
+allow for operation over IPv6 instead of IPv4.
+
+For this, add the following to `local.conf`:
+
+ SERVICE_IP_VERSION=6
+
+When set to "6" devstack services will open listen sockets on ::
+and service endpoints will be registered using HOST_IPV6 as the
+address. The default value for this setting is `4`. Dual-mode
+support, for example `4+6` is not currently supported.
+
# Local Configuration
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index e91012f..6052576 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -137,6 +137,11 @@
available for ``openrc`` to set ``OS_AUTH_URL``. ``HOST_IP`` is not set
by default.
+``HOST_IPV6`` is normally detected on the first run of ``stack.sh`` but
+will not be set if there is no IPv6 address on the default Ethernet interface.
+Setting it here also makes it available for ``openrc`` to set ``OS_AUTH_URL``.
+``HOST_IPV6`` is not set by default.
+
Common Configuration Variables
==============================
@@ -391,6 +396,8 @@
ENABLED_SERVICES=n-vol,n-cpu,n-net,n-api
IP Version
+----------
+
| Default: ``IP_VERSION=4+6``
| This setting can be used to configure DevStack to create either an IPv4,
IPv6, or dual stack tenant data network by setting ``IP_VERSION`` to
@@ -418,6 +425,25 @@
| *Note: ``FIXED_RANGE_V6`` and ``IPV6_PRIVATE_NETWORK_GATEWAY``
can be configured with any valid IPv6 prefix. The default values make
use of an auto-generated ``IPV6_GLOBAL_ID`` to comply with RFC 4193.*
+ |
+
+ | Default: ``SERVICE_IP_VERSION=4``
+ | This setting can be used to configure DevStack to enable services to
+ operate over either IPv4 or IPv6, by setting ``SERVICE_IP_VERSION`` to
+ either ``SERVICE_IP_VERSION=4`` or ``SERVICE_IP_VERSION=6`` respectively.
+ When set to ``4`` devstack services will open listen sockets on 0.0.0.0
+ and service endpoints will be registered using ``HOST_IP`` as the address.
+ When set to ``6`` devstack services will open listen sockets on :: and
+ service endpoints will be registered using ``HOST_IPV6`` as the address.
+ The default value for this setting is ``4``. Dual-mode support, for
+ example ``4+6`` is not currently supported.
+ | The following optional variable can be used to alter the default IPv6
+ address used:
+ |
+
+ ::
+
+ HOST_IPV6=${some_local_ipv6_address}
Examples
========
diff --git a/exercises/neutron-adv-test.sh b/exercises/neutron-adv-test.sh
index 04892b0..a0de4cc 100755
--- a/exercises/neutron-adv-test.sh
+++ b/exercises/neutron-adv-test.sh
@@ -19,18 +19,6 @@
set -o errtrace
-trap failed ERR
-function failed {
- local r=$?
- set +o errtrace
- set +o xtrace
- echo "Failed to execute"
- echo "Starting cleanup..."
- delete_all
- echo "Finished cleanup"
- exit $r
-}
-
# Print the commands being run so that we can see the command that triggers
# an error. It is also useful for following allowing as the install occurs.
set -o xtrace
@@ -441,6 +429,18 @@
fi
}
+trap failed ERR
+function failed {
+ local r=$?
+ set +o errtrace
+ set +o xtrace
+ echo "Failed to execute"
+ echo "Starting cleanup..."
+ delete_all
+ echo "Finished cleanup"
+ exit $r
+}
+
# Kick off script
# ---------------
diff --git a/files/apache-nova-api.template b/files/apache-nova-api.template
index 301a3bd..4908152 100644
--- a/files/apache-nova-api.template
+++ b/files/apache-nova-api.template
@@ -14,3 +14,12 @@
%SSLCERTFILE%
%SSLKEYFILE%
</VirtualHost>
+
+Alias /compute %PUBLICWSGI%
+<Location /compute>
+ SetHandler wsgi-script
+ Options +ExecCGI
+ WSGIProcessGroup nova-api
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+</Location>
diff --git a/functions-common b/functions-common
index 483b1fa..c80d3b2 100644
--- a/functions-common
+++ b/functions-common
@@ -46,7 +46,8 @@
# Save these variables to .stackenv
STACK_ENV_VARS="BASE_SQL_CONN DATA_DIR DEST ENABLED_SERVICES HOST_IP \
KEYSTONE_AUTH_PROTOCOL KEYSTONE_AUTH_URI KEYSTONE_SERVICE_URI \
- LOGFILE OS_CACERT SERVICE_HOST SERVICE_PROTOCOL STACK_USER TLS_IP"
+ LOGFILE OS_CACERT SERVICE_HOST SERVICE_PROTOCOL STACK_USER TLS_IP \
+ HOST_IPV6 SERVICE_IP_VERSION"
# Saves significant environment variables to .stackenv for later use
@@ -578,13 +579,14 @@
local floating_range=$2
local host_ip_iface=$3
local host_ip=$4
+ local af=$5
# Search for an IP unless an explicit is set by ``HOST_IP`` environment variable
if [ -z "$host_ip" -o "$host_ip" == "dhcp" ]; then
host_ip=""
# Find the interface used for the default route
- host_ip_iface=${host_ip_iface:-$(ip route | awk '/default/ {print $5}' | head -1)}
- local host_ips=$(LC_ALL=C ip -f inet addr show ${host_ip_iface} | awk '/inet/ {split($2,parts,"/"); print parts[1]}')
+ host_ip_iface=${host_ip_iface:-$(ip -f $af route | awk '/default/ {print $5}' | head -1)}
+ local host_ips=$(LC_ALL=C ip -f $af addr show ${host_ip_iface} | awk /$af'/ {split($2,parts,"/"); print parts[1]}')
local ip
for ip in $host_ips; do
# Attempt to filter out IP addresses that are part of the fixed and
@@ -593,6 +595,10 @@
# will be printed and the first IP from the interface will be used.
# If that is not correct set ``HOST_IP`` in ``localrc`` to the correct
# address.
+ if [[ "$af" == "inet6" ]]; then
+ host_ip=$ip
+ break;
+ fi
if ! (address_in_net $ip $fixed_range || address_in_net $ip $floating_range); then
host_ip=$ip
break;
@@ -806,7 +812,7 @@
# Gets service id
local service_id=$(
# Gets service id
- openstack service show $1 -f value -c id 2>/dev/null ||
+ openstack service show $2 -f value -c id 2>/dev/null ||
# Creates new service if not exists
openstack service create \
$2 \
diff --git a/lib/ceph b/lib/ceph
index 04e05e7..6cf481e 100644
--- a/lib/ceph
+++ b/lib/ceph
@@ -74,6 +74,10 @@
REMOTE_CEPH=$(trueorfalse False REMOTE_CEPH)
REMOTE_CEPH_ADMIN_KEY_PATH=${REMOTE_CEPH_ADMIN_KEY_PATH:-$CEPH_CONF_DIR/ceph.client.admin.keyring}
+# Cinder encrypted volume tests are not supported with a Ceph backend due to
+# bug 1463525.
+ATTACH_ENCRYPTED_VOLUME_AVAILABLE=False
+
# Functions
# ------------
diff --git a/lib/cinder b/lib/cinder
index 8117447..ab315ac 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -65,6 +65,7 @@
CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776}
CINDER_SERVICE_PORT_INT=${CINDER_SERVICE_PORT_INT:-18776}
CINDER_SERVICE_PROTOCOL=${CINDER_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+CINDER_SERVICE_LISTEN_ADDRESS=${CINDER_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS}
# What type of LVM device should Cinder use for LVM backend
# Defaults to default, which is thick, the other valid choice
@@ -222,6 +223,7 @@
iniset $CINDER_CONF DEFAULT api_paste_config $CINDER_API_PASTE_INI
iniset $CINDER_CONF DEFAULT rootwrap_config "$CINDER_CONF_DIR/rootwrap.conf"
iniset $CINDER_CONF DEFAULT osapi_volume_extension cinder.api.contrib.standard_extensions
+ iniset $CINDER_CONF DEFAULT osapi_volume_listen $CINDER_SERVICE_LISTEN_ADDRESS
iniset $CINDER_CONF DEFAULT state_path $CINDER_STATE_PATH
iniset $CINDER_CONF oslo_concurrency lock_path $CINDER_STATE_PATH
iniset $CINDER_CONF DEFAULT periodic_interval $CINDER_PERIODIC_INTERVAL
diff --git a/lib/database b/lib/database
index ff1fafe..5bbbe31 100644
--- a/lib/database
+++ b/lib/database
@@ -70,10 +70,19 @@
# For backward-compatibility, read in the MYSQL_HOST/USER variables and use
# them as the default values for the DATABASE_HOST/USER variables.
- MYSQL_HOST=${MYSQL_HOST:-127.0.0.1}
+ MYSQL_HOST=${MYSQL_HOST:-$SERVICE_LOCAL_HOST}
MYSQL_USER=${MYSQL_USER:-root}
- DATABASE_HOST=${DATABASE_HOST:-${MYSQL_HOST}}
+ # Set DATABASE_HOST equal to MYSQL_HOST. If SERVICE_IP_VERSION is equal to 6,
+ # set DATABASE_HOST equal to [MYSQL_HOST]. MYSQL_HOST cannot use brackets due
+ # to mysql not using bracketing for IPv6 addresses. DATABASE_HOST must have brackets
+ # due to sqlalchemy only reading IPv6 addresses with brackets.
+ if [[ "$SERVICE_IP_VERSION" == 6 ]]; then
+ DATABASE_HOST=${DATABASE_HOST:-[$MYSQL_HOST]}
+ else
+ DATABASE_HOST=${DATABASE_HOST:-${MYSQL_HOST}}
+ fi
+
DATABASE_USER=${DATABASE_USER:-${MYSQL_USER}}
if [ -n "$MYSQL_PASSWORD" ]; then
diff --git a/lib/databases/mysql b/lib/databases/mysql
index 0e477ca..9c9401e 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -90,10 +90,10 @@
# Now update ``my.cnf`` for some local needs and restart the mysql service
- # Change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and
+ # Change ‘bind-address’ from localhost (127.0.0.1) to any (::) and
# set default db type to InnoDB
sudo bash -c "source $TOP_DIR/functions && \
- iniset $my_conf mysqld bind-address 0.0.0.0 && \
+ iniset $my_conf mysqld bind-address "$SERVICE_LISTEN_ADDRESS" && \
iniset $my_conf mysqld sql_mode STRICT_ALL_TABLES && \
iniset $my_conf mysqld default-storage-engine InnoDB \
iniset $my_conf mysqld max_connections 1024 \
diff --git a/lib/glance b/lib/glance
index 4dbce9f..df7adfc 100644
--- a/lib/glance
+++ b/lib/glance
@@ -64,6 +64,7 @@
# Glance connection info. Note the port must be specified.
GLANCE_SERVICE_HOST=${GLANCE_SERVICE_HOST:-$SERVICE_HOST}
+GLANCE_SERVICE_LISTEN_ADDRESS=${GLANCE_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS}
GLANCE_SERVICE_PORT=${GLANCE_SERVICE_PORT:-9292}
GLANCE_SERVICE_PORT_INT=${GLANCE_SERVICE_PORT_INT:-19292}
GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$GLANCE_SERVICE_HOST:$GLANCE_SERVICE_PORT}
@@ -106,9 +107,10 @@
# Copy over our glance configurations and update them
cp $GLANCE_DIR/etc/glance-registry.conf $GLANCE_REGISTRY_CONF
iniset $GLANCE_REGISTRY_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
+ iniset $GLANCE_REGISTRY_CONF DEFAULT bind_host $GLANCE_SERVICE_LISTEN_ADDRESS
inicomment $GLANCE_REGISTRY_CONF DEFAULT log_file
local dburl=`database_connection_url glance`
- iniset $GLANCE_REGISTRY_CONF DEFAULT sql_connection $dburl
+ iniset $GLANCE_REGISTRY_CONF database connection $dburl
iniset $GLANCE_REGISTRY_CONF DEFAULT use_syslog $SYSLOG
iniset $GLANCE_REGISTRY_CONF DEFAULT workers "$API_WORKERS"
iniset $GLANCE_REGISTRY_CONF paste_deploy flavor keystone
@@ -118,8 +120,9 @@
cp $GLANCE_DIR/etc/glance-api.conf $GLANCE_API_CONF
iniset $GLANCE_API_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
+ iniset $GLANCE_API_CONF DEFAULT bind_host $GLANCE_SERVICE_LISTEN_ADDRESS
inicomment $GLANCE_API_CONF DEFAULT log_file
- iniset $GLANCE_API_CONF DEFAULT sql_connection $dburl
+ iniset $GLANCE_API_CONF database connection $dburl
iniset $GLANCE_API_CONF DEFAULT use_syslog $SYSLOG
iniset $GLANCE_API_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/
iniset $GLANCE_API_CONF paste_deploy flavor keystone+cachemanagement
@@ -136,6 +139,7 @@
# Store specific configs
iniset $GLANCE_API_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
+ iniset $GLANCE_API_CONF DEFAULT registry_host $GLANCE_SERVICE_HOST
iniset $GLANCE_API_CONF DEFAULT workers "$API_WORKERS"
@@ -202,6 +206,7 @@
iniset $GLANCE_CACHE_CONF DEFAULT admin_user glance
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_password
iniset $GLANCE_CACHE_CONF DEFAULT admin_password $SERVICE_PASSWORD
+ iniset $GLANCE_CACHE_CONF DEFAULT registry_host $GLANCE_SERVICE_HOST
# Store specific confs
iniset $GLANCE_CACHE_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
@@ -223,9 +228,10 @@
if is_service_enabled g-search; then
cp $GLANCE_DIR/etc/glance-search.conf $GLANCE_SEARCH_CONF
iniset $GLANCE_SEARCH_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
+ iniset $GLANCE_SEARCH_CONF DEFAULT bind_host $GLANCE_SERVICE_LISTEN_ADDRESS
inicomment $GLANCE_SEARCH_CONF DEFAULT log_file
iniset $GLANCE_SEARCH_CONF DEFAULT use_syslog $SYSLOG
- iniset $GLANCE_SEARCH_CONF DEFAULT sql_connection $dburl
+ iniset $GLANCE_SEARCH_CONF database connection $dburl
iniset $GLANCE_SEARCH_CONF paste_deploy flavor keystone
configure_auth_token_middleware $GLANCE_SEARCH_CONF glance $GLANCE_AUTH_CACHE_DIR/search
diff --git a/lib/neutron-legacy b/lib/neutron-legacy
index acc2851..ee98015 100644
--- a/lib/neutron-legacy
+++ b/lib/neutron-legacy
@@ -138,6 +138,8 @@
Q_HOST=${Q_HOST:-$SERVICE_HOST}
# Default protocol
Q_PROTOCOL=${Q_PROTOCOL:-$SERVICE_PROTOCOL}
+# Default listen address
+Q_LISTEN_ADDRESS=${Q_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS}
# Default admin username
Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-neutron}
# Default auth strategy
@@ -786,6 +788,7 @@
local from_intf=$1
local to_intf=$2
local add_ovs_port=$3
+ local af=$4
if [[ -n "$from_intf" && -n "$to_intf" ]]; then
# Remove the primary IP address from $from_intf and add it to $to_intf,
@@ -793,10 +796,18 @@
# on configure we will also add $from_intf as a port on $to_intf,
# assuming it is an OVS bridge.
- local IP_BRD=$(ip -4 a s dev $from_intf | awk '/inet/ { print $2, $3, $4; exit }')
+ local IP_BRD=$(ip -f $af a s dev $from_intf | awk '/inet/ { print $2, $3, $4; exit }')
local DEFAULT_ROUTE_GW=$(ip r | awk "/default.+$from_intf/ { print \$3; exit }")
local ADD_OVS_PORT=""
+ if [[ $af == "inet" ]]; then
+ IP_BRD=$(ip -f $af a s dev $from_intf | grep $HOST_IP | awk '{ print $2, $3, $4; exit }')
+ fi
+
+ if [[ $af == "inet6" ]]; then
+ IP_BRD=$(ip -f $af a s dev $from_intf | grep $HOST_IPV6 | awk '{ print $2, $3, $4; exit }')
+ fi
+
if [ "$DEFAULT_ROUTE_GW" != "" ]; then
ADD_DEFAULT_ROUTE="sudo ip r replace default via $DEFAULT_ROUTE_GW dev $to_intf"
fi
@@ -813,7 +824,13 @@
# runs that a clean run would need to clean up
function cleanup_neutron {
- _move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False
+ if [[ $(ip -f inet a s dev "$OVS_PHYSICAL_BRIDGE" | grep -c 'global') != 0 ]]; then
+ _move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False "inet"
+ fi
+
+ if [[ $(ip -f inet6 a s dev "$OVS_PHYSICAL_BRIDGE" | grep -c 'global') != 0 ]]; then
+ _move_neutron_addresses_route "$OVS_PHYSICAL_BRIDGE" "$PUBLIC_INTERFACE" False "inet6"
+ fi
if is_provider_network && is_ironic_hardware; then
for IP in $(ip addr show dev $OVS_PHYSICAL_BRIDGE | grep ' inet ' | awk '{print $2}'); do
@@ -871,6 +888,7 @@
iniset $NEUTRON_CONF database connection `database_connection_url $Q_DB_NAME`
iniset $NEUTRON_CONF DEFAULT state_path $DATA_DIR/neutron
iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG
+ iniset $NEUTRON_CONF DEFAULT bind_host $Q_LISTEN_ADDRESS
# If addition config files are set, make sure their path name is set as well
if [[ ${#Q_PLUGIN_EXTRA_CONF_FILES[@]} > 0 && $Q_PLUGIN_EXTRA_CONF_PATH == '' ]]; then
die $LINENO "Neutron additional plugin config not set.. exiting"
@@ -994,8 +1012,12 @@
neutron_plugin_configure_l3_agent
- if [[ $(ip -4 a s dev "$PUBLIC_INTERFACE" | grep -c 'inet') != 0 ]]; then
- _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" True
+ if [[ $(ip -f inet a s dev "$PUBLIC_INTERFACE" | grep -c 'global') != 0 ]]; then
+ _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" True "inet"
+ fi
+
+ if [[ $(ip -f inet6 a s dev "$PUBLIC_INTERFACE" | grep -c 'global') != 0 ]]; then
+ _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False "inet6"
fi
}
diff --git a/lib/neutron_plugins/midonet b/lib/neutron_plugins/midonet
index 9e72aa0..ca0b70c 100644
--- a/lib/neutron_plugins/midonet
+++ b/lib/neutron_plugins/midonet
@@ -1,4 +1,10 @@
#!/bin/bash
-# REVISIT(devvesa): This file is intentionally left empty
-# in order to keep Q_PLUGIN=midonet work.
+# REVISIT(devvesa): This file is needed so Q_PLUGIN=midonet will work.
+
+# FIXME(yamamoto): This function should not be here, but unfortunately
+# devstack calls it before the external plugins are fetched
+function has_neutron_plugin_security_group {
+ # 0 means True here
+ return 0
+}
diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2
old mode 100644
new mode 100755
index 2733f1f..13ffee9
--- a/lib/neutron_plugins/ml2
+++ b/lib/neutron_plugins/ml2
@@ -107,11 +107,6 @@
iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
fi
- if [[ "$ENABLE_TENANT_TUNNELS" == "True" ]]; then
- # Set local_ip if TENANT_TUNNELS are enabled.
- iniset /$Q_PLUGIN_CONF_FILE ovs local_ip $TUNNEL_ENDPOINT_IP
- fi
-
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 mechanism_drivers=$Q_ML2_PLUGIN_MECHANISM_DRIVERS
populate_ml2_config /$Q_PLUGIN_CONF_FILE ml2 type_drivers=$Q_ML2_PLUGIN_TYPE_DRIVERS
diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent
old mode 100644
new mode 100755
index 2a05e2d..1ff3a40
--- a/lib/neutron_plugins/openvswitch_agent
+++ b/lib/neutron_plugins/openvswitch_agent
@@ -50,6 +50,7 @@
die $LINENO "You are running OVS version $OVS_VERSION. OVS 1.4+ is required for tunneling between multiple hosts."
fi
iniset /$Q_PLUGIN_CONF_FILE ovs local_ip $TUNNEL_ENDPOINT_IP
+ iniset /$Q_PLUGIN_CONF_FILE ovs tunnel_bridge $OVS_TUNNEL_BRIDGE
fi
# Setup physical network bridge mappings. Override
diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base
old mode 100644
new mode 100755
index 4e750f0..f1f7f85
--- a/lib/neutron_plugins/ovs_base
+++ b/lib/neutron_plugins/ovs_base
@@ -9,6 +9,7 @@
OVS_BRIDGE=${OVS_BRIDGE:-br-int}
OVS_DATAPATH_TYPE=${OVS_DATAPATH_TYPE:-""}
+OVS_TUNNEL_BRIDGE=${OVS_TUNNEL_BRIDGE:-br-tun}
function is_neutron_ovs_base_plugin {
# Yes, we use OVS.
@@ -40,7 +41,7 @@
done
# remove all OVS bridges created by Neutron
- for bridge in $(sudo ovs-vsctl list-br | grep -o -e ${OVS_BRIDGE} -e ${PUBLIC_BRIDGE}); do
+ for bridge in $(sudo ovs-vsctl list-br | grep -o -e ${OVS_BRIDGE} -e ${PUBLIC_BRIDGE} -e ${OVS_TUNNEL_BRIDGE}); do
sudo ovs-vsctl del-br ${bridge}
done
}
diff --git a/lib/nova b/lib/nova
index 88b336a..5fbce5d 100644
--- a/lib/nova
+++ b/lib/nova
@@ -85,6 +85,8 @@
NOVA_SERVICE_PORT=${NOVA_SERVICE_PORT:-8774}
NOVA_SERVICE_PORT_INT=${NOVA_SERVICE_PORT_INT:-18774}
NOVA_SERVICE_PROTOCOL=${NOVA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+NOVA_SERVICE_LOCAL_HOST=${NOVA_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST}
+NOVA_SERVICE_LISTEN_ADDRESS=${NOVA_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS}
EC2_SERVICE_PORT=${EC2_SERVICE_PORT:-8773}
EC2_SERVICE_PORT_INT=${EC2_SERVICE_PORT_INT:-18773}
@@ -405,19 +407,25 @@
local nova_service=$(get_or_create_service "nova" \
"compute" "Nova Compute Service")
+ local nova_api_url
+ if [[ "$NOVA_USE_MOD_WSGI" == "False" ]]; then
+ nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT"
+ else
+ nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST/compute"
+ fi
get_or_create_endpoint $nova_service \
"$REGION_NAME" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s"
+ "$nova_api_url/v2/\$(tenant_id)s" \
+ "$nova_api_url/v2/\$(tenant_id)s" \
+ "$nova_api_url/v2/\$(tenant_id)s"
local nova_v21_service=$(get_or_create_service "novav21" \
"computev21" "Nova Compute Service V2.1")
get_or_create_endpoint $nova_v21_service \
"$REGION_NAME" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/\$(tenant_id)s" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/\$(tenant_id)s" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/\$(tenant_id)s"
+ "$nova_api_url/v2.1/\$(tenant_id)s" \
+ "$nova_api_url/v2.1/\$(tenant_id)s" \
+ "$nova_api_url/v2.1/\$(tenant_id)s"
fi
fi
@@ -476,11 +484,20 @@
iniset $NOVA_CONF DEFAULT default_floating_pool "$PUBLIC_NETWORK_NAME"
iniset $NOVA_CONF DEFAULT s3_host "$SERVICE_HOST"
iniset $NOVA_CONF DEFAULT s3_port "$S3_SERVICE_PORT"
- iniset $NOVA_CONF DEFAULT my_ip "$HOST_IP"
+ if [[ $SERVICE_IP_VERSION == 6 ]]; then
+ iniset $NOVA_CONF DEFAULT my_ip "$HOST_IPV6"
+ iniset $NOVA_CONF DEFAULT use_ipv6 "True"
+ else
+ iniset $NOVA_CONF DEFAULT my_ip "$HOST_IP"
+ fi
iniset $NOVA_CONF database connection `database_connection_url nova`
iniset $NOVA_CONF api_database connection `database_connection_url nova_api`
iniset $NOVA_CONF DEFAULT instance_name_template "${INSTANCE_NAME_PREFIX}%08x"
iniset $NOVA_CONF osapi_v3 enabled "True"
+ iniset $NOVA_CONF DEFAULT osapi_compute_listen "$NOVA_SERVICE_LISTEN_ADDRESS"
+ iniset $NOVA_CONF DEFAULT ec2_listen "$NOVA_SERVICE_LISTEN_ADDRESS"
+ iniset $NOVA_CONF DEFAULT metadata_listen "$NOVA_SERVICE_LISTEN_ADDRESS"
+ iniset $NOVA_CONF DEFAULT s3_listen "$NOVA_SERVICE_LISTEN_ADDRESS"
if is_fedora || is_suse; then
# nova defaults to /usr/local/bin, but fedora and suse pip like to
@@ -560,11 +577,13 @@
if is_service_enabled n-novnc || is_service_enabled n-xvnc || [ "$NOVA_VNC_ENABLED" != False ]; then
# Address on which instance vncservers will listen on compute hosts.
# For multi-host, this should be the management ip of the compute host.
- VNCSERVER_LISTEN=${VNCSERVER_LISTEN=127.0.0.1}
- VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=127.0.0.1}
+ VNCSERVER_LISTEN=${VNCSERVER_LISTEN=$NOVA_SERVICE_LOCAL_HOST}
+ VNCSERVER_PROXYCLIENT_ADDRESS=${VNCSERVER_PROXYCLIENT_ADDRESS=$NOVA_SERVICE_LOCAL_HOST}
iniset $NOVA_CONF DEFAULT vnc_enabled true
iniset $NOVA_CONF DEFAULT vncserver_listen "$VNCSERVER_LISTEN"
iniset $NOVA_CONF DEFAULT vncserver_proxyclient_address "$VNCSERVER_PROXYCLIENT_ADDRESS"
+ iniset $NOVA_CONF DEFAULT novncproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS"
+ iniset $NOVA_CONF DEFAULT xvpvncproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS"
else
iniset $NOVA_CONF DEFAULT vnc_enabled false
fi
@@ -572,11 +591,12 @@
if is_service_enabled n-spice; then
# Address on which instance spiceservers will listen on compute hosts.
# For multi-host, this should be the management ip of the compute host.
- SPICESERVER_PROXYCLIENT_ADDRESS=${SPICESERVER_PROXYCLIENT_ADDRESS=127.0.0.1}
- SPICESERVER_LISTEN=${SPICESERVER_LISTEN=127.0.0.1}
+ SPICESERVER_PROXYCLIENT_ADDRESS=${SPICESERVER_PROXYCLIENT_ADDRESS=$NOVA_SERVICE_LOCAL_HOST}
+ SPICESERVER_LISTEN=${SPICESERVER_LISTEN=$NOVA_SERVICE_LOCAL_HOST}
iniset $NOVA_CONF spice enabled true
iniset $NOVA_CONF spice server_listen "$SPICESERVER_LISTEN"
iniset $NOVA_CONF spice server_proxyclient_address "$SPICESERVER_PROXYCLIENT_ADDRESS"
+ iniset $NOVA_CONF spice html5proxy_host "$NOVA_SERVICE_LISTEN_ADDRESS"
else
iniset $NOVA_CONF spice enabled false
fi
@@ -616,6 +636,7 @@
fi
if is_service_enabled n-sproxy; then
+ iniset $NOVA_CONF serial_console serialproxy_host "$NOVA_SERVICE_LISTEN_ADDRESS"
iniset $NOVA_CONF serial_console enabled True
fi
}
diff --git a/lib/swift b/lib/swift
index 3207fac..8147b7a 100644
--- a/lib/swift
+++ b/lib/swift
@@ -45,6 +45,7 @@
SWIFT_SERVICE_PROTOCOL=${SWIFT_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
SWIFT_DEFAULT_BIND_PORT_INT=${SWIFT_DEFAULT_BIND_PORT_INT:-8081}
+SWIFT_SERVICE_LOCAL_HOST=${SWIFT_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST}
# TODO: add logging to different location.
@@ -668,9 +669,9 @@
swift-ring-builder account.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
for node_number in ${SWIFT_REPLICAS_SEQ}; do
- swift-ring-builder object.builder add z${node_number}-127.0.0.1:$(( OBJECT_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
- swift-ring-builder container.builder add z${node_number}-127.0.0.1:$(( CONTAINER_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
- swift-ring-builder account.builder add z${node_number}-127.0.0.1:$(( ACCOUNT_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
+ swift-ring-builder object.builder add z${node_number}-${SWIFT_SERVICE_LOCAL_HOST}:$(( OBJECT_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
+ swift-ring-builder container.builder add z${node_number}-${SWIFT_SERVICE_LOCAL_HOST}:$(( CONTAINER_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
+ swift-ring-builder account.builder add z${node_number}-${SWIFT_SERVICE_LOCAL_HOST}:$(( ACCOUNT_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
done
swift-ring-builder object.builder rebalance
swift-ring-builder container.builder rebalance
diff --git a/lib/tls b/lib/tls
index 09f1c2d..8ff2027 100644
--- a/lib/tls
+++ b/lib/tls
@@ -202,6 +202,7 @@
# Create root and intermediate CAs
# init_CA
function init_CA {
+ fix_system_ca_bundle_path
# Ensure CAs are built
make_root_CA $ROOT_CA_DIR
make_int_CA $INT_CA_DIR $ROOT_CA_DIR
@@ -338,6 +339,29 @@
-outform PEM
}
+# If a non-system python-requests is installed then it will use the
+# built-in CA certificate store rather than the distro-specific
+# CA certificate store. Detect this and symlink to the correct
+# one. If the value for the CA is not rooted in /etc then we know
+# we need to change it.
+function fix_system_ca_bundle_path {
+ if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then
+ local capath=$(python -c $'try:\n from requests import certs\n print certs.where()\nexcept ImportError: pass')
+
+ if [[ ! $capath == "" && ! $capath =~ ^/etc/.* && ! -L $capath ]]; then
+ if is_fedora; then
+ sudo rm -f $capath
+ sudo ln -s /etc/pki/tls/certs/ca-bundle.crt $capath
+ elif is_ubuntu; then
+ sudo rm -f $capath
+ sudo ln -s /etc/ssl/certs/ca-certificates.crt $capath
+ else
+ echo "Don't know how to set the CA bundle, expect the install to fail."
+ fi
+ fi
+ fi
+}
+
# Certificate Input Configuration
# ===============================
diff --git a/openrc b/openrc
index 64faa58..71ba5a6 100644
--- a/openrc
+++ b/openrc
@@ -56,18 +56,26 @@
# Region
export OS_REGION_NAME=${REGION_NAME:-RegionOne}
-# Set api HOST_IP endpoint. SERVICE_HOST may also be used to specify the endpoint,
-# which is convenient for some localrc configurations.
-HOST_IP=${HOST_IP:-127.0.0.1}
-SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
+# Set the host API endpoint. This will default to HOST_IP if SERVICE_IP_VERSION
+# is 4, else HOST_IPV6 if it's 6. SERVICE_HOST may also be used to specify the
+# endpoint, which is convenient for some localrc configurations. Additionally,
+# some exercises call Glance directly. On a single-node installation, Glance
+# should be listening on a local IP address, depending on the setting of
+# SERVICE_IP_VERSION. If its running elsewhere, it can be set here.
+if [[ $SERVICE_IP_VERSION == 6 ]]; then
+ HOST_IPV6=${HOST_IPV6:-::1}
+ SERVICE_HOST=${SERVICE_HOST:-[$HOST_IPV6]}
+ GLANCE_HOST=${GLANCE_HOST:-[$HOST_IPV6]}
+else
+ HOST_IP=${HOST_IP:-127.0.0.1}
+ SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
+ GLANCE_HOST=${GLANCE_HOST:-$HOST_IP}
+fi
+
SERVICE_PROTOCOL=${SERVICE_PROTOCOL:-http}
KEYSTONE_AUTH_PROTOCOL=${KEYSTONE_AUTH_PROTOCOL:-$SERVICE_PROTOCOL}
KEYSTONE_AUTH_HOST=${KEYSTONE_AUTH_HOST:-$SERVICE_HOST}
-# Some exercises call glance directly. On a single-node installation, Glance
-# should be listening on HOST_IP. If its running elsewhere, it can be set here
-GLANCE_HOST=${GLANCE_HOST:-$HOST_IP}
-
# Identity API version
export OS_IDENTITY_API_VERSION=${IDENTITY_API_VERSION:-2.0}
diff --git a/samples/local.conf b/samples/local.conf
index bd0cd9c..ce70073 100644
--- a/samples/local.conf
+++ b/samples/local.conf
@@ -32,14 +32,15 @@
RABBIT_PASSWORD=stackqueue
SERVICE_PASSWORD=$ADMIN_PASSWORD
-# ``HOST_IP`` should be set manually for best results if the NIC configuration
-# of the host is unusual, i.e. ``eth1`` has the default route but ``eth0`` is the
-# public interface. It is auto-detected in ``stack.sh`` but often is indeterminate
-# on later runs due to the IP moving from an Ethernet interface to a bridge on
-# the host. Setting it here also makes it available for ``openrc`` to include
-# when setting ``OS_AUTH_URL``.
-# ``HOST_IP`` is not set by default.
+# ``HOST_IP`` and ``HOST_IPV6`` should be set manually for best results if
+# the NIC configuration of the host is unusual, i.e. ``eth1`` has the default
+# route but ``eth0`` is the public interface. They are auto-detected in
+# ``stack.sh`` but often is indeterminate on later runs due to the IP moving
+# from an Ethernet interface to a bridge on the host. Setting it here also
+# makes it available for ``openrc`` to include when setting ``OS_AUTH_URL``.
+# Neither is set by default.
#HOST_IP=w.x.y.z
+#HOST_IPV6=2001:db8::7
# Logging
diff --git a/stack.sh b/stack.sh
index 17cbe75..15c4ffc 100755
--- a/stack.sh
+++ b/stack.sh
@@ -212,6 +212,15 @@
sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
+# Conditionally setup detailed logging for sudo
+if [[ -n "$LOG_SUDO" ]]; then
+ TEMPFILE=`mktemp`
+ echo "Defaults log_output" > $TEMPFILE
+ chmod 0440 $TEMPFILE
+ sudo chown root:root $TEMPFILE
+ sudo mv $TEMPFILE /etc/sudoers.d/00_logging
+fi
+
# Set up DevStack sudoers
TEMPFILE=`mktemp`
echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE
@@ -1403,7 +1412,10 @@
echo ""
echo ""
echo ""
-echo "This is your host ip: $HOST_IP"
+echo "This is your host IP address: $HOST_IP"
+if [ "$HOST_IPV6" != "" ]; then
+ echo "This is your host IPv6 address: $HOST_IPV6"
+fi
# If you installed Horizon on this server you should be able
# to access the site using your browser.
diff --git a/stackrc b/stackrc
index 342f9bf..3728813 100644
--- a/stackrc
+++ b/stackrc
@@ -669,14 +669,54 @@
FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
HOST_IP_IFACE=${HOST_IP_IFACE:-}
HOST_IP=${HOST_IP:-}
+HOST_IPV6=${HOST_IPV6:-}
-HOST_IP=$(get_default_host_ip $FIXED_RANGE $FLOATING_RANGE "$HOST_IP_IFACE" "$HOST_IP")
+HOST_IP=$(get_default_host_ip "$FIXED_RANGE" "$FLOATING_RANGE" "$HOST_IP_IFACE" "$HOST_IP" "inet")
if [ "$HOST_IP" == "" ]; then
die $LINENO "Could not determine host ip address. See local.conf for suggestions on setting HOST_IP."
fi
-# Allow the use of an alternate hostname (such as localhost/127.0.0.1) for service endpoints.
-SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
+HOST_IPV6=$(get_default_host_ip "" "" "$HOST_IP_IFACE" "$HOST_IPV6" "inet6")
+
+# SERVICE IP version
+# This is the IP version that services should be listening on, as well
+# as using to register their endpoints with keystone.
+SERVICE_IP_VERSION=${SERVICE_IP_VERSION:-4}
+
+# Validate SERVICE_IP_VERSION
+# It would be nice to support "4+6" here as well, but that will require
+# multiple calls into keystone to register endpoints, so for now let's
+# just support one or the other.
+if [[ $SERVICE_IP_VERSION != "4" ]] && [[ $SERVICE_IP_VERSION != "6" ]]; then
+ die $LINENO "SERVICE_IP_VERSION must be either 4 or 6"
+fi
+
+if [[ "$SERVICE_IP_VERSION" == 4 ]]; then
+ DEF_SERVICE_HOST=$HOST_IP
+ DEF_SERVICE_LOCAL_HOST=127.0.0.1
+ DEF_SERVICE_LISTEN_ADDRESS=0.0.0.0
+fi
+
+if [[ "$SERVICE_IP_VERSION" == 6 ]]; then
+ if [ "$HOST_IPV6" == "" ]; then
+ die $LINENO "Could not determine host IPv6 address. See local.conf for suggestions on setting HOST_IPV6."
+ fi
+
+ DEF_SERVICE_HOST=[$HOST_IPV6]
+ DEF_SERVICE_LOCAL_HOST=::1
+ DEF_SERVICE_LISTEN_ADDRESS=::
+fi
+
+# This is either 0.0.0.0 for IPv4 or :: for IPv6
+SERVICE_LISTEN_ADDRESS=${SERVICE_LISTEN_ADDRESS:-${DEF_SERVICE_LISTEN_ADDRESS}}
+
+# Allow the use of an alternate hostname (such as localhost/127.0.0.1) for
+# service endpoints. Default is dependent on SERVICE_IP_VERSION above.
+SERVICE_HOST=${SERVICE_HOST:-${DEF_SERVICE_HOST}}
+# This is either 127.0.0.1 for IPv4 or ::1 for IPv6
+SERVICE_LOCAL_HOST=${SERVICE_LOCAL_HOST:-${DEF_SERVICE_LOCAL_HOST}}
+
+REGION_NAME=${REGION_NAME:-RegionOne}
# Configure services to use syslog instead of writing to individual log files
SYSLOG=$(trueorfalse False SYSLOG)
diff --git a/tools/xen/build_domU_multi.sh b/tools/xen/build_domU_multi.sh
deleted file mode 100755
index 0eb2077..0000000
--- a/tools/xen/build_domU_multi.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/usr/bin/env bash
-
-# Echo commands
-set -o xtrace
-
-# Head node host, which runs glance, api, keystone
-HEAD_PUB_IP=${HEAD_PUB_IP:-192.168.1.57}
-HEAD_MGT_IP=${HEAD_MGT_IP:-172.16.100.57}
-
-COMPUTE_PUB_IP=${COMPUTE_PUB_IP:-192.168.1.58}
-COMPUTE_MGT_IP=${COMPUTE_MGT_IP:-172.16.100.58}
-
-# Networking params
-FLOATING_RANGE=${FLOATING_RANGE:-192.168.1.196/30}
-
-# Variables common amongst all hosts in the cluster
-COMMON_VARS="$STACKSH_PARAMS MYSQL_HOST=$HEAD_MGT_IP RABBIT_HOST=$HEAD_MGT_IP GLANCE_HOSTPORT=$HEAD_MGT_IP:9292 FLOATING_RANGE=$FLOATING_RANGE"
-
-# Helper to launch containers
-function build_xva {
- GUEST_NAME=$1 PUB_IP=$2 MGT_IP=$3 DO_SHUTDOWN=$4 TERMINATE=$TERMINATE STACKSH_PARAMS="$COMMON_VARS $5" ./build_xva.sh
-}
-
-# Launch the head node - headnode uses a non-ip domain name,
-# because rabbit won't launch with an ip addr hostname :(
-build_xva HEADNODE $HEAD_PUB_IP $HEAD_MGT_IP 1 "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,horizon,mysql,rabbit"
-
-# Build the HA compute host
-build_xva COMPUTENODE $COMPUTE_PUB_IP $COMPUTE_MGT_IP 0 "ENABLED_SERVICES=n-cpu,n-net,n-api"
diff --git a/tools/xen/files/fstab b/tools/xen/files/fstab
deleted file mode 100644
index 6c9b981..0000000
--- a/tools/xen/files/fstab
+++ /dev/null
@@ -1,5 +0,0 @@
-LABEL=vpxroot / ext3 defaults 1 1
-tmpfs /dev/shm tmpfs defaults 0 0
-devpts /dev/pts devpts gid=5,mode=620 0 0
-sysfs /sys sysfs defaults 0 0
-proc /proc proc defaults 0 0
diff --git a/tools/xen/files/hvc0.conf b/tools/xen/files/hvc0.conf
deleted file mode 100644
index 4eedaf6..0000000
--- a/tools/xen/files/hvc0.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-# hvc0 - getty
-#
-# This service maintains a getty on hvc0 from the point the system is
-# started until it is shut down again.
-
-start on stopped rc RUNLEVEL=[2345]
-stop on runlevel [!2345]
-
-respawn
-exec /sbin/getty -8 9600 hvc0
diff --git a/tools/xen/scripts/mkxva b/tools/xen/scripts/mkxva
deleted file mode 100755
index 392c05b..0000000
--- a/tools/xen/scripts/mkxva
+++ /dev/null
@@ -1,365 +0,0 @@
-#!/bin/bash
-#
-# Copyright (c) 2011 Citrix Systems, Inc.
-# Copyright 2011 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-
-set -eu
-
-set -o xtrace
-
-VBOX_IMG=/output/packages/vbox-img
-
-usage() {
- cat >&2 <<EOF
-$0 -o <output filenames> -t <types> -x <xml files> <fs-staging-dir> <fs-size-MiB> <tmpdir>
- -o: Colon-separated list of output filenames (one for each type).
- -p: Create a disk label and partition within the output image
- -t: Colon-separated list of types of output file. xva and ovf supported.
- -x: XML filenames (one for each type)
-
-EOF
- exit 1
-}
-
-# parse cmdline
-
-OPT_USE_PARTITION=
-OPT_TYPES=
-OPT_OUTPUT_FILES=
-OPT_XML_FILES=
-
-while getopts o:pt:x: o
-do case "$o" in
- o) OPT_OUTPUT_FILES=$(echo "$OPTARG" | sed -e 's/\s*:\s*/ /g')
- ;;
- p) OPT_USE_PARTITION=1
- ;;
- t) OPT_TYPES=$(echo "$OPTARG" | sed -e 's/\s*:\s*/ /g')
- ;;
- x) OPT_XML_FILES=$(echo "$OPTARG" | sed -e 's/\s*:\s*/ /g')
- ;;
- [?]) usage
- ;;
- esac
-done
-shift $((OPTIND-1))
-
-[ $# -ne 3 ] && usage
-FS_STAGING="$1"
-FS_SIZE_MIB="$2"
-TMPDIR="$3"
-
-if [ "$UID" = "0" ]
-then
- SUDO=
-else
- SUDO=sudo
-fi
-
-if [ "$FS_SIZE_MIB" = "0" ]
-then
- # Just create a dummy file. This allows developers to bypass bits of
- # the build by setting the size to 0.
- touch $OPT_OUTPUT_FILES
- exit 0
-fi
-
-# create temporary files and dirs
-FS_TMPFILE=$(mktemp "$TMPDIR/mkxva-fsimg-XXXXX")
-XVA_TARBALL_STAGING=$(mktemp -d "$TMPDIR/mkxva-tarball-staging-XXXXX")
-OVF_STAGING=$(mktemp -d "$TMPDIR/mkxva-ovf-staging-XXXXX")
-
-# Find udevsettle and udevtrigger on this installation
-if [ -x "/sbin/udevsettle" ] ; then
- UDEVSETTLE="/sbin/udevsettle --timeout=30"
-elif [ -x "/sbin/udevadm" ] ; then
- UDEVSETTLE='/sbin/udevadm settle'
-else
- UDEVSETTLE='/bin/true'
-fi
-
-if [ -x "/sbin/udevtrigger" ] ; then
- UDEVTRIGGER=/sbin/udevtrigger
-elif [ -x "/sbin/udevadm" ] ; then
- UDEVTRIGGER='/sbin/udevadm trigger'
-else
- UDEVTRIGGER=
-fi
-
-# CLEAN_ variables track devices and mounts that must be taken down
-# no matter how the script exits. Loop devices are vulnerable to
-# exhaustion so we make every effort to remove them
-
-CLEAN_KPARTX=
-CLEAN_LOSETUP=
-CLEAN_MOUNTPOINT=
-
-cleanup_devices () {
- if [ -n "$CLEAN_MOUNTPOINT" ] ; then
- echo "Mountpoint $CLEAN_MOUNTPOINT removed on abnormal exit"
- $SUDO umount "$CLEAN_MOUNTPOINT" || echo "umount failed"
- rmdir "$CLEAN_MOUNTPOINT" || echo "rmdir failed"
- fi
- if [ -n "$CLEAN_KPARTX" ] ; then
- echo "kpartx devices for $CLEAN_KPARTX removed on abnormal exit"
- $SUDO kpartx -d "$CLEAN_KPARTX" || echo "kpartx -d failed"
- fi
- if [ -n "$CLEAN_LOSETUP" ] ; then
- echo "Loop device $CLEAN_LOSETUP removed on abnormal exit"
- $SUDO losetup -d "$CLEAN_LOSETUP" # Allow losetup errors to propagate
- fi
-}
-
-trap "cleanup_devices" EXIT
-
-make_fs_inner () {
- local staging="$1"
- local output="$2"
- local options="$3"
- CLEAN_MOUNTPOINT=$(mktemp -d "$TMPDIR/mkfs-XXXXXX")
-
- # copy staging dir contents to fs image
- $SUDO mount $options "$output" "$CLEAN_MOUNTPOINT"
- $SUDO tar -C "$staging" -c . | tar -C "$CLEAN_MOUNTPOINT" -x
- $SUDO umount "$CLEAN_MOUNTPOINT"
- rmdir "$CLEAN_MOUNTPOINT"
- CLEAN_MOUNTPOINT=
-}
-
-# Turn a staging dir into an ext3 filesystem within a partition
-make_fs_in_partition () {
- local staging="$1"
- local output="$2"
-
- # create new empty disk
- dd if=/dev/zero of="$output" bs=1M count=$FS_SIZE_MIB
- # Set up a loop device on the empty disk image
- local loopdevice=$($SUDO losetup -f)
- $SUDO losetup "$loopdevice" "$output"
- CLEAN_LOSETUP="$loopdevice"
- # Create a partition table and single partition.
- # Start partition at sector 63 to allow space for grub
- cat <<EOF
-Errors from sfdisk below are expected because the new disk is uninitialised
- Expecting: sfdisk: ERROR: sector 0 does not have an msdos signature
- Expecting: /dev/loop0: unrecognized partition table type
-EOF
- $SUDO sfdisk -uS "$CLEAN_LOSETUP" <<EOF
-63 - - *
-EOF
-
- # kpartx creates a device for the new partition
- # in the form /dev/mapper/loop1p1
- $SUDO kpartx -av "$CLEAN_LOSETUP"
- CLEAN_KPARTX="$CLEAN_LOSETUP"
- # Wait for the device to appear
- $UDEVTRIGGER
- $UDEVSETTLE || echo "udev settle command return code non-zero"
- # Infer the name of the partition device
- local partition="${CLEAN_LOSETUP/dev/dev/mapper}p1"
- # Set permissive privileges on the device
- $SUDO chmod 0777 "$partition"
- # Make an ext3 filesystem on the partition
- /sbin/mkfs.ext3 -I 128 -m0 -F "$partition"
- /sbin/e2label "$partition" vpxroot
- make_fs_inner "$staging" "$partition" ""
-
- # Now run grub on the image we've created
- CLEAN_MOUNTPOINT=$(mktemp -d "$TMPDIR/mkfs-XXXXXX")
-
- # copy Set up[ grub files prior to installing grub within the image
- $SUDO mount "$partition" "$CLEAN_MOUNTPOINT"
- $SUDO cp $CLEAN_MOUNTPOINT/usr/share/grub/i386-redhat/* "$CLEAN_MOUNTPOINT/boot/grub"
- kernel_version=$($SUDO chroot "$CLEAN_MOUNTPOINT" rpm -qv kernel | sed -e 's/kernel-//')
- kernel_version_xen=$($SUDO chroot "$CLEAN_MOUNTPOINT" rpm -qv kernel-xen | sed -e 's/kernel-xen-//')
- $SUDO cat > "$CLEAN_MOUNTPOINT/boot/grub/grub.conf" <<EOF
-default 0
-timeout 2
-
-title vmlinuz-$kernel_version (HVM)
- root (hd0,0)
- kernel /boot/vmlinuz-$kernel_version ro root=LABEL=vpxroot
- initrd /boot/initrd-$kernel_version.img
-
-title vmlinuz-${kernel_version_xen}xen (PV)
- root (hd0,0)
- kernel /boot/vmlinuz-${kernel_version_xen}xen ro root=LABEL=vpxroot console=xvc0
- initrd /boot/initrd-${kernel_version_xen}xen.img
-EOF
-
- $SUDO umount "$CLEAN_MOUNTPOINT"
- CLEAN_MOUNTPOINT=
-
- # Grub expects a disk with name /dev/xxxx with a first partition
- # named /dev/xxxx1, so we give it what it wants using symlinks
- # Note: /dev is linked to the real /dev of the build machine, so
- # must be cleaned up
- local disk_name="/dev/osxva$$bld"
- local disk_part1_name="${disk_name}1"
- rm -f "$disk_name"
- rm -f "$disk_part1_name"
- ln -s "$CLEAN_LOSETUP" "$disk_name"
- ln -s "$partition" "$disk_part1_name"
-
- # Feed commands into the grub shell to setup the disk
- grub --no-curses --device-map=/dev/null <<EOF
-device (hd0) $disk_name
-setup (hd0) (hd0,0)
-quit
-EOF
-
- # Cleanup
- rm -f "$disk_name"
- rm -f "$disk_part1_name"
- $SUDO kpartx -dv "$CLEAN_KPARTX"
- CLEAN_KPARTX=
- $SUDO losetup -d "$CLEAN_LOSETUP"
- CLEAN_LOSETUP=
-}
-
-# turn a staging dir into an ext3 filesystem image
-make_fs () {
- local staging="$1"
- local output="$2"
-
- # create new empty fs
- dd if=/dev/zero of="$output" bs=1M count=0 seek=$FS_SIZE_MIB
- /sbin/mkfs.ext3 -m0 -F "$output"
- /sbin/e2label "$output" vpxroot
- make_fs_inner "$staging" "$output" "-oloop"
-}
-
-
-# split a virtual disk image into the format expected inside an xva file
-splitvdi () {
- local diskimg="$1"
- local outputdir="$2"
- local rio="$3"
-
- local n_bytes=$(stat --printf=%s "$diskimg")
- local n_meg=$((($n_bytes+$((1024*1024 -1)))/$((1024*1024))))
- local i=0
- while [ $i -lt $n_meg ] ; do
- if [ $rio -eq 0 ] ; then
- local file="$outputdir"/chunk-$(printf "%08d" $i)
- dd if="$diskimg" of="$file" skip=$i bs=1M count=1 2>/dev/null
- gzip "$file"
- else
- local file="$outputdir"/$(printf "%08d" $i)
- dd if="$diskimg" of="$file" skip=$i bs=1M count=1 2>/dev/null
- local chksum=$(sha1sum -b "$file")
- echo -n "${chksum/ */}" > "$file.checksum"
- fi
- i=$(($i + 1))
- done
-}
-
-if [ -n "$OPT_USE_PARTITION" ] ; then
- make_fs_in_partition "$FS_STAGING" "$FS_TMPFILE"
-else
- make_fs "$FS_STAGING" "$FS_TMPFILE"
-fi
-
-VDI_SIZE=$(stat --format=%s "$FS_TMPFILE")
-
-make_xva () {
- local output_file="$1"
- local xml_file="$2"
- local subdir
- local rio
-
- if [[ `cat $xml_file` =~ "<member>\s*<name>class</name>\s*<value>VDI</value>\s*</member>\s*<member>\s*<name>id</name>\s*<value>(Ref:[0-9]+)</value>" ]]
- then
- # it's a rio style xva
- subdir="${BASH_REMATCH[1]}";
- rio=1
- else
- # it's a geneva style xva
- subdir="xvda"
- rio=0
- fi
-
- cp "$xml_file" "$XVA_TARBALL_STAGING"/ova.xml
- sed -i -e "s/@VDI_SIZE@/$VDI_SIZE/" "$XVA_TARBALL_STAGING"/ova.xml
- mkdir "$XVA_TARBALL_STAGING/$subdir"
- splitvdi "$FS_TMPFILE" "$XVA_TARBALL_STAGING/$subdir" "$rio"
- TARFILE_MEMBERS=$(cd "$XVA_TARBALL_STAGING" && echo ova.xml $subdir/*)
- tar -C "$XVA_TARBALL_STAGING" --format=v7 -c $TARFILE_MEMBERS -f "$output_file.tmp"
- mv "$output_file.tmp" "$output_file"
-}
-
-make_ovf () {
- local output_dir="$1"
- local xml_file="$2"
- local output_base=$(basename "$output_dir")
- local disk="$output_dir/${output_base}.vmdk"
- local manifest="$output_dir/${output_base}.mf"
- local ovf="$output_dir/${output_base}.ovf"
-
- mkdir -p "$output_dir"
- rm -f "$disk"
- $VBOX_IMG convert --srcfilename="$FS_TMPFILE" --dstfilename="$disk" \
- --srcformat RAW --dstformat VMDK --variant Stream
- chmod 0644 "$disk"
-
- local n_bytes=$(stat --printf=%s "$disk")
- cp "$xml_file" "$ovf"
- sed -i -e "s/@MKXVA_DISK_FULLSIZE@/$VDI_SIZE/" "$ovf"
- sed -i -e "s/@MKXVA_DISK_SIZE@/$n_bytes/" "$ovf"
- sed -i -e "s/@MKXVA_DISK_MIB_SIZE@/$FS_SIZE_MIB/" "$ovf"
- sed -i -e "s/@MKXVA_DISK_FILENAME@/${output_base}.vmdk/" "$ovf"
-
- for to_sign in "$ovf" "$disk"
- do
- local sha1_sum=$(sha1sum "$to_sign" | cut -d' ' -f1)
- echo "SHA1($(basename "$to_sign"))= $sha1_sum" >> $manifest
- done
-}
-
-output_files="$OPT_OUTPUT_FILES"
-xml_files="$OPT_XML_FILES"
-# Iterate through the type list creating the relevant VMs
-for create_type in $OPT_TYPES
-do
- # Shift one parameter from the front of the lists
- create_output_file="${output_files%% *}"
- output_files="${output_files#* }"
- create_xml_file="${xml_files%% *}"
- xml_files="${xml_files#* }"
- echo "Creating $create_type appliance $create_output_file using metadata file $create_xml_file"
-
- case "$create_type" in
- xva)
- make_xva "$create_output_file" "$create_xml_file"
- ;;
- ovf)
- make_ovf "$create_output_file" "$create_xml_file"
- ;;
- *)
- echo "Unknown VM type '$create_type'"
- exit 1
- ;;
- esac
-
-done
-
-
-# cleanup
-if [ -z "${DO_NOT_CLEANUP:-}" ] ; then
- rm -rf "$XVA_TARBALL_STAGING"
- rm -f "$FS_TMPFILE"
-fi
diff --git a/tools/xen/scripts/templatedelete.sh b/tools/xen/scripts/templatedelete.sh
deleted file mode 100755
index 66765b2..0000000
--- a/tools/xen/scripts/templatedelete.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-#Usage: ./templatedelete.sh <template-uuid>
-
-templateuuid="$1"
-
-xe template-param-set other-config:default_template=false uuid="$templateuuid"
-xe template-param-set is-a-template=false uuid="$templateuuid"
-xe vm-destroy uuid="$templateuuid"
diff --git a/tools/xen/templates/hosts.in b/tools/xen/templates/hosts.in
deleted file mode 100644
index 8ab4c3e..0000000
--- a/tools/xen/templates/hosts.in
+++ /dev/null
@@ -1,8 +0,0 @@
-127.0.0.1 localhost
-127.0.0.1 %HOSTNAME%
-::1 localhost ip6-localhost ip6-loopback
-fe00::0 ip6-localnet
-ff00::0 ip6-mcastprefix
-ff02::1 ip6-allnodes
-ff02::2 ip6-allrouters
-
diff --git a/tools/xen/templates/menu.lst.in b/tools/xen/templates/menu.lst.in
deleted file mode 100644
index 8bc6426..0000000
--- a/tools/xen/templates/menu.lst.in
+++ /dev/null
@@ -1,6 +0,0 @@
-default 0
-
-title default
- root (hd0,0)
- kernel /boot/vmlinuz-@KERNEL_VERSION@ ro root=LABEL=vpxroot console=xvc0
- initrd /boot/initrd.img-@KERNEL_VERSION@
diff --git a/tools/xen/templates/ova.xml.in b/tools/xen/templates/ova.xml.in
deleted file mode 100644
index 01041e2..0000000
--- a/tools/xen/templates/ova.xml.in
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" ?>
-<appliance version="0.1">
- <vm name="vm">
- <label>
- @PRODUCT_BRAND@ @PRODUCT_VERSION@-@BUILD_NUMBER@
- </label>
- <shortdesc></shortdesc>
- <config mem_set="1073741824" vcpus="1"/>
- <hacks is_hvm="false"/>
- <vbd device="xvda" function="root" mode="w" vdi="vdi_xvda"/>
- </vm>
- <vdi name="vdi_xvda" size="@VDI_SIZE@" source="file://xvda" type="dir-gzipped-chunks" variety="system"/>
-</appliance>
-