Merge "Fix issues when working through an outbound proxy"
diff --git a/AUTHORS b/AUTHORS
index f9aa9ea..ff05f82 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -26,6 +26,7 @@
Kiall Mac Innes <kiall@managedit.ie>
Russell Bryant <rbryant@redhat.com>
Scott Moser <smoser@ubuntu.com>
+Thierry Carrez <thierry@openstack.org>
Todd Willey <xtoddx@gmail.com>
Tres Henry <tres@treshenry.net>
Vishvananda Ishaya <vishvananda@gmail.com>
diff --git a/files/swift/account-server.conf b/files/swift/account-server.conf
deleted file mode 100644
index 763c306..0000000
--- a/files/swift/account-server.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-[DEFAULT]
-devices = %NODE_PATH%/node
-mount_check = false
-bind_port = %BIND_PORT%
-user = %USER%
-log_facility = LOG_LOCAL%LOG_FACILITY%
-swift_dir = %SWIFT_CONFIG_DIR%
-
-[pipeline:main]
-pipeline = account-server
-
-[app:account-server]
-use = egg:swift#account
-
-[account-replicator]
-vm_test_mode = yes
-
-[account-auditor]
-
-[account-reaper]
diff --git a/files/swift/container-server.conf b/files/swift/container-server.conf
deleted file mode 100644
index 106dcab..0000000
--- a/files/swift/container-server.conf
+++ /dev/null
@@ -1,22 +0,0 @@
-[DEFAULT]
-devices = %NODE_PATH%/node
-mount_check = false
-bind_port = %BIND_PORT%
-user = %USER%
-log_facility = LOG_LOCAL%LOG_FACILITY%
-swift_dir = %SWIFT_CONFIG_DIR%
-
-[pipeline:main]
-pipeline = container-server
-
-[app:container-server]
-use = egg:swift#container
-
-[container-replicator]
-vm_test_mode = yes
-
-[container-updater]
-
-[container-auditor]
-
-[container-sync]
diff --git a/files/swift/object-server.conf b/files/swift/object-server.conf
deleted file mode 100644
index 7eea67d..0000000
--- a/files/swift/object-server.conf
+++ /dev/null
@@ -1,22 +0,0 @@
-[DEFAULT]
-devices = %NODE_PATH%/node
-mount_check = false
-bind_port = %BIND_PORT%
-user = %USER%
-log_facility = LOG_LOCAL%LOG_FACILITY%
-swift_dir = %SWIFT_CONFIG_DIR%
-
-[pipeline:main]
-pipeline = object-server
-
-[app:object-server]
-use = egg:swift#object
-
-[object-replicator]
-vm_test_mode = yes
-
-[object-updater]
-
-[object-auditor]
-
-[object-expirer]
diff --git a/files/swift/proxy-server.conf b/files/swift/proxy-server.conf
deleted file mode 100644
index 84bf9cd..0000000
--- a/files/swift/proxy-server.conf
+++ /dev/null
@@ -1,57 +0,0 @@
-[DEFAULT]
-bind_port = 8080
-user = %USER%
-swift_dir = %SWIFT_CONFIG_DIR%
-workers = 1
-log_name = swift
-log_facility = LOG_LOCAL1
-log_level = DEBUG
-
-[pipeline:main]
-pipeline = healthcheck cache swift3 %AUTH_SERVER% proxy-server
-
-[app:proxy-server]
-use = egg:swift#proxy
-allow_account_management = true
-account_autocreate = true
-
-[filter:keystone]
-paste.filter_factory = keystone.middleware.swift_auth:filter_factory
-operator_roles = Member,admin
-
-# NOTE(chmou): s3token middleware is not updated yet to use only
-# username and password.
-[filter:s3token]
-paste.filter_factory = keystone.middleware.s3_token:filter_factory
-auth_port = %KEYSTONE_AUTH_PORT%
-auth_host = %KEYSTONE_AUTH_HOST%
-auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
-auth_token = %SERVICE_TOKEN%
-admin_token = %SERVICE_TOKEN%
-
-[filter:authtoken]
-paste.filter_factory = keystone.middleware.auth_token:filter_factory
-auth_host = %KEYSTONE_AUTH_HOST%
-auth_port = %KEYSTONE_AUTH_PORT%
-auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
-auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USERNAME%
-admin_password = %SERVICE_PASSWORD%
-
-[filter:swift3]
-use = egg:swift3#middleware
-
-[filter:tempauth]
-use = egg:swift#tempauth
-user_admin_admin = admin .admin .reseller_admin
-user_test_tester = testing .admin
-user_test2_tester2 = testing2 .admin
-user_test_tester3 = testing3
-bind_ip = 0.0.0.0
-
-[filter:healthcheck]
-use = egg:swift#healthcheck
-
-[filter:cache]
-use = egg:swift#memcache
diff --git a/files/swift/swift.conf b/files/swift/swift.conf
deleted file mode 100644
index 98df466..0000000
--- a/files/swift/swift.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-[swift-hash]
-# random unique string that can never change (DO NOT LOSE)
-swift_hash_path_suffix = %SWIFT_HASH%
diff --git a/functions b/functions
index 7fd726e..32427a4 100644
--- a/functions
+++ b/functions
@@ -184,7 +184,7 @@
# Comment an option in an INI file
-# iniset config-file section option
+# inicomment config-file section option
function inicomment() {
local file=$1
local section=$2
@@ -192,6 +192,15 @@
sed -i -e "/^\[$section\]/,/^\[.*\]/ s|^\($option[ \t]*=.*$\)|#\1|" $file
}
+# Uncomment an option in an INI file
+# iniuncomment config-file section option
+function iniuncomment() {
+ local file=$1
+ local section=$2
+ local option=$3
+ sed -i -e "/^\[$section\]/,/^\[.*\]/ s|[^ \t]*#[ \t]*\($option[ \t]*=.*$\)|\1|" $file
+}
+
# Get an option from an INI file
# iniget config-file section option
diff --git a/stack.sh b/stack.sh
index 4f26e1e..71c2f9e 100755
--- a/stack.sh
+++ b/stack.sh
@@ -192,13 +192,6 @@
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
- # Set up the rootwrap sudoers
- TEMPFILE=`mktemp`
- echo "$USER ALL=(root) NOPASSWD: $NOVA_ROOTWRAP" >$TEMPFILE
- chmod 0440 $TEMPFILE
- sudo chown root:root $TEMPFILE
- sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
-
# Remove old file
sudo rm -f /etc/sudoers.d/stack_sh_nova
fi
@@ -274,6 +267,9 @@
SYSLOG_HOST=${SYSLOG_HOST:-$HOST_IP}
SYSLOG_PORT=${SYSLOG_PORT:-516}
+# Use color for logging output
+LOG_COLOR=`trueorfalse True $LOG_COLOR`
+
# Service startup timeout
SERVICE_TIMEOUT=${SERVICE_TIMEOUT:-60}
@@ -638,13 +634,13 @@
continue
fi
- if [[ $line =~ (.*)#.*dist:([^ ]*) ]]; then # We are using BASH regexp matching feature.
- package=${BASH_REMATCH[1]}
- distros=${BASH_REMATCH[2]}
- for distro in ${distros//,/ }; do #In bash ${VAR,,} will lowecase VAR
- [[ ${distro,,} == ${DISTRO,,} ]] && echo $package
- done
- continue
+ if [[ $line =~ (.*)#.*dist:([^ ]*) ]]; then
+ # We are using BASH regexp matching feature.
+ package=${BASH_REMATCH[1]}
+ distros=${BASH_REMATCH[2]}
+ # In bash ${VAR,,} will lowecase VAR
+ [[ ${distros,,} =~ ${DISTRO,,} ]] && echo $package
+ continue
fi
echo ${line%#*}
@@ -1182,6 +1178,13 @@
cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR
+# Set up the rootwrap sudoers
+TEMPFILE=`mktemp`
+echo "$USER ALL=(root) NOPASSWD: $NOVA_ROOTWRAP" >$TEMPFILE
+chmod 0440 $TEMPFILE
+sudo chown root:root $TEMPFILE
+sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
+
if is_service_enabled n-api; then
# Use the sample http middleware configuration supplied in the
# Nova sources. This paste config adds the configuration required
@@ -1436,34 +1439,69 @@
sudo sed -i '/disable *= *yes/ { s/yes/no/ }' /etc/xinetd.d/rsync
fi
- # By default Swift will be installed with the tempauth middleware
- # which has some default username and password if you have
- # configured keystone it will checkout the directory.
- if is_service_enabled key; then
- swift_auth_server="s3token authtoken keystone"
- else
- swift_auth_server=tempauth
- fi
+ # By default Swift will be installed with the tempauth middleware
+ # which has some default username and password if you have
+ # configured keystone it will checkout the directory.
+ if is_service_enabled key; then
+ swift_auth_server="s3token authtoken keystone"
+ else
+ swift_auth_server=tempauth
+ fi
- # We do the install of the proxy-server and swift configuration
- # replacing a few directives to match our configuration.
- sed -e "
- s,%SWIFT_CONFIG_DIR%,${SWIFT_CONFIG_DIR},g;
- s,%USER%,$USER,g;
- s,%SERVICE_TENANT_NAME%,$SERVICE_TENANT_NAME,g;
- s,%SERVICE_USERNAME%,swift,g;
- s,%SERVICE_PASSWORD%,$SERVICE_PASSWORD,g;
- s,%KEYSTONE_SERVICE_PROTOCOL%,$KEYSTONE_SERVICE_PROTOCOL,g;
- s,%SERVICE_TOKEN%,${SERVICE_TOKEN},g;
- s,%KEYSTONE_API_PORT%,${KEYSTONE_API_PORT},g;
- s,%KEYSTONE_AUTH_HOST%,${KEYSTONE_AUTH_HOST},g;
- s,%KEYSTONE_AUTH_PORT%,${KEYSTONE_AUTH_PORT},g;
- s,%KEYSTONE_AUTH_PROTOCOL%,${KEYSTONE_AUTH_PROTOCOL},g;
- s/%AUTH_SERVER%/${swift_auth_server}/g;
- " $FILES/swift/proxy-server.conf | \
- sudo tee ${SWIFT_CONFIG_DIR}/proxy-server.conf
+ SWIFT_CONFIG_PROXY_SERVER=${SWIFT_CONFIG_DIR}/proxy-server.conf
+ cp ${SWIFT_DIR}/etc/proxy-server.conf-sample ${SWIFT_CONFIG_PROXY_SERVER}
- sed -e "s/%SWIFT_HASH%/$SWIFT_HASH/" $FILES/swift/swift.conf > ${SWIFT_CONFIG_DIR}/swift.conf
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user ${USER}
+
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT swift_dir
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT swift_dir ${SWIFT_CONFIG_DIR}
+
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT workers
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT workers 1
+
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT log_level
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT log_level DEBUG
+
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT:-8080}
+
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} pipeline:main pipeline "catch_errors healthcheck cache ratelimit swift3 ${swift_auth_server} proxy-logging proxy-server"
+
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} app:proxy-server account_autocreate true
+
+ cat <<EOF>>${SWIFT_CONFIG_PROXY_SERVER}
+
+[filter:keystone]
+paste.filter_factory = keystone.middleware.swift_auth:filter_factory
+operator_roles = Member,admin
+
+# NOTE(chmou): s3token middleware is not updated yet to use only
+# username and password.
+[filter:s3token]
+paste.filter_factory = keystone.middleware.s3_token:filter_factory
+auth_port = ${KEYSTONE_AUTH_PORT}
+auth_host = ${KEYSTONE_AUTH_HOST}
+auth_protocol = ${KEYSTONE_AUTH_PROTOCOL}
+auth_token = ${SERVICE_TOKEN}
+admin_token = ${SERVICE_TOKEN}
+
+[filter:authtoken]
+paste.filter_factory = keystone.middleware.auth_token:filter_factory
+auth_host = ${KEYSTONE_AUTH_HOST}
+auth_port = ${KEYSTONE_AUTH_PORT}
+auth_protocol = ${KEYSTONE_AUTH_PROTOCOL}
+auth_uri = ${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/
+admin_tenant_name = ${SERVICE_TENANT_NAME}
+admin_user = swift
+admin_password = ${SERVICE_PASSWORD}
+
+[filter:swift3]
+use = egg:swift3#middleware
+EOF
+
+ cp ${SWIFT_DIR}/etc/swift.conf-sample ${SWIFT_CONFIG_DIR}/swift.conf
+ iniset ${SWIFT_CONFIG_DIR}/swift.conf swift-hash swift_hash_path_suffix ${SWIFT_HASH}
# We need to generate a object/account/proxy configuration
# emulating 4 nodes on different ports we have a little function
@@ -1473,16 +1511,35 @@
local bind_port=$2
local log_facility=$3
local node_number
+ local swift_node_config
for node_number in $(seq ${SWIFT_REPLICAS}); do
node_path=${SWIFT_DATA_DIR}/${node_number}
- sed -e "
- s,%SWIFT_CONFIG_DIR%,${SWIFT_CONFIG_DIR},;
- s,%USER%,$USER,;
- s,%NODE_PATH%,${node_path},;
- s,%BIND_PORT%,${bind_port},;
- s,%LOG_FACILITY%,${log_facility},
- " $FILES/swift/${server_type}-server.conf > ${SWIFT_CONFIG_DIR}/${server_type}-server/${node_number}.conf
+ swift_node_config=${SWIFT_CONFIG_DIR}/${server_type}-server/${node_number}.conf
+
+ cp ${SWIFT_DIR}/etc/${server_type}-server.conf-sample ${swift_node_config}
+
+ iniuncomment ${swift_node_config} DEFAULT user
+ iniset ${swift_node_config} DEFAULT user ${USER}
+
+ iniuncomment ${swift_node_config} DEFAULT bind_port
+ iniset ${swift_node_config} DEFAULT bind_port ${bind_port}
+
+ iniuncomment ${swift_node_config} DEFAULT swift_dir
+ iniset ${swift_node_config} DEFAULT swift_dir ${SWIFT_CONFIG_DIR}
+
+ iniuncomment ${swift_node_config} DEFAULT devices
+ iniset ${swift_node_config} DEFAULT devices ${node_path}
+
+ iniuncomment ${swift_node_config} DEFAULT log_facility
+ iniset ${swift_node_config} DEFAULT log_facility LOG_LOCAL${log_facility}
+
+ iniuncomment ${swift_node_config} DEFAULT mount_check
+ iniset ${swift_node_config} DEFAULT mount_check false
+
+ iniuncomment ${swift_node_config} ${server_type}-replicator vm_test_mode
+ iniset ${swift_node_config} ${server_type}-replicator vm_test_mode yes
+
bind_port=$(( ${bind_port} + 10 ))
log_facility=$(( ${log_facility} + 1 ))
done
@@ -1491,48 +1548,47 @@
generate_swift_configuration container 6011 2
generate_swift_configuration account 6012 2
+ # We have some specific configuration for swift for rsyslog. See
+ # the file /etc/rsyslog.d/10-swift.conf for more info.
+ swift_log_dir=${SWIFT_DATA_DIR}/logs
+ rm -rf ${swift_log_dir}
+ mkdir -p ${swift_log_dir}/hourly
+ sudo chown -R $USER:adm ${swift_log_dir}
+ sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \
+ tee /etc/rsyslog.d/10-swift.conf
+ restart_service rsyslog
- # We have some specific configuration for swift for rsyslog. See
- # the file /etc/rsyslog.d/10-swift.conf for more info.
- swift_log_dir=${SWIFT_DATA_DIR}/logs
- rm -rf ${swift_log_dir}
- mkdir -p ${swift_log_dir}/hourly
- sudo chown -R $USER:adm ${swift_log_dir}
- sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \
- tee /etc/rsyslog.d/10-swift.conf
- restart_service rsyslog
+ # This is where we create three different rings for swift with
+ # different object servers binding on different ports.
+ pushd ${SWIFT_CONFIG_DIR} >/dev/null && {
- # This is where we create three different rings for swift with
- # different object servers binding on different ports.
- pushd ${SWIFT_CONFIG_DIR} >/dev/null && {
+ rm -f *.builder *.ring.gz backups/*.builder backups/*.ring.gz
- rm -f *.builder *.ring.gz backups/*.builder backups/*.ring.gz
+ port_number=6010
+ swift-ring-builder object.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
+ for x in $(seq ${SWIFT_REPLICAS}); do
+ swift-ring-builder object.builder add z${x}-127.0.0.1:${port_number}/sdb1 1
+ port_number=$[port_number + 10]
+ done
+ swift-ring-builder object.builder rebalance
- port_number=6010
- swift-ring-builder object.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
- for x in $(seq ${SWIFT_REPLICAS}); do
- swift-ring-builder object.builder add z${x}-127.0.0.1:${port_number}/sdb1 1
- port_number=$[port_number + 10]
- done
- swift-ring-builder object.builder rebalance
+ port_number=6011
+ swift-ring-builder container.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
+ for x in $(seq ${SWIFT_REPLICAS}); do
+ swift-ring-builder container.builder add z${x}-127.0.0.1:${port_number}/sdb1 1
+ port_number=$[port_number + 10]
+ done
+ swift-ring-builder container.builder rebalance
- port_number=6011
- swift-ring-builder container.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
- for x in $(seq ${SWIFT_REPLICAS}); do
- swift-ring-builder container.builder add z${x}-127.0.0.1:${port_number}/sdb1 1
- port_number=$[port_number + 10]
- done
- swift-ring-builder container.builder rebalance
+ port_number=6012
+ swift-ring-builder account.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
+ for x in $(seq ${SWIFT_REPLICAS}); do
+ swift-ring-builder account.builder add z${x}-127.0.0.1:${port_number}/sdb1 1
+ port_number=$[port_number + 10]
+ done
+ swift-ring-builder account.builder rebalance
- port_number=6012
- swift-ring-builder account.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
- for x in $(seq ${SWIFT_REPLICAS}); do
- swift-ring-builder account.builder add z${x}-127.0.0.1:${port_number}/sdb1 1
- port_number=$[port_number + 10]
- done
- swift-ring-builder account.builder rebalance
-
- } && popd >/dev/null
+ } && popd >/dev/null
# We then can start rsync.
if [[ "$os_PACKAGE" = "deb" ]]; then
@@ -1702,6 +1758,16 @@
if [ "$API_RATE_LIMIT" != "True" ]; then
add_nova_opt "api_rate_limit=False"
fi
+if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
+ # Add color to logging output
+ add_nova_opt "logging_context_format_string=%(asctime)s %(color)s%(levelname)s %(name)s [�[01;36m%(request_id)s �[00;36m%(user_name)s %(project_name)s%(color)s] �[01;35m%(instance)s%(color)s%(message)s�[00m"
+ add_nova_opt "logging_default_format_string=%(asctime)s %(color)s%(levelname)s %(name)s [�[00;36m-%(color)s] �[01;35m%(instance)s%(color)s%(message)s�[00m"
+ add_nova_opt "logging_debug_format_suffix=�[00;33mfrom (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d�[00m"
+ add_nova_opt "logging_exception_prefix=%(color)s%(asctime)s TRACE %(name)s �[01;35m%(instance)s�[00m"
+else
+ # Show user_name and project_name instead of user_id and project_id
+ add_nova_opt "logging_context_format_string=%(asctime)s %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s"
+fi
# Provide some transition from EXTRA_FLAGS to EXTRA_OPTS
diff --git a/unstack.sh b/unstack.sh
index 7de0d74..341270d 100755
--- a/unstack.sh
+++ b/unstack.sh
@@ -25,9 +25,12 @@
fi
# Shut down devstack's screen to get the bulk of OpenStack services in one shot
-SESSION=$(screen -ls | grep "[0-9].stack" | awk '{ print $1 }')
-if [[ -n "$SESSION" ]]; then
- screen -X -S $SESSION quit
+SCREEN=$(which screen)
+if [[ -n "$SCREEN" ]]; then
+ SESSION=$(screen -ls | awk '/[0-9].stack/ { print $1 }')
+ if [[ -n "$SESSION" ]]; then
+ screen -X -S $SESSION quit
+ fi
fi
# Swift runs daemons