Merge branch 'master' into syslog
diff --git a/exercise.sh b/exercise.sh
index 1a812f4..3f2c94e 100755
--- a/exercise.sh
+++ b/exercise.sh
@@ -19,44 +19,8 @@
# Settings
# ========
-# Use stackrc and localrc for settings
-source ./stackrc
-
-HOST=${HOST:-localhost}
-
-# Nova original used project_id as the *account* that owned resources (servers,
-# ip address, ...) With the addition of Keystone we have standardized on the
-# term **tenant** as the entity that owns the resources. **novaclient** still
-# uses the old deprecated terms project_id. Note that this field should now be
-# set to tenant_name, not tenant_id.
-export NOVA_PROJECT_ID=${TENANT:-demo}
-
-# In addition to the owning entity (tenant), nova stores the entity performing
-# the action as the **user**.
-export NOVA_USERNAME=${USERNAME:-demo}
-
-# With Keystone you pass the keystone password instead of an api key.
-export NOVA_API_KEY=${ADMIN_PASSWORD:-secrete}
-
-# With the addition of Keystone, to use an openstack cloud you should
-# authenticate against keystone, which returns a **Token** and **Service
-# Catalog**. The catalog contains the endpoint for all services the user/tenant
-# has access to - including nova, glance, keystone, swift, ... We currently
-# recommend using the 2.0 *auth api*.
-#
-# *NOTE*: Using the 2.0 *auth api* does mean that compute api is 2.0. We will
-# use the 1.1 *compute api*
-export NOVA_URL=${NOVA_URL:-http://$HOST:5000/v2.0/}
-
-# Currently novaclient needs you to specify the *compute api* version. This
-# needs to match the config of your catalog returned by Keystone.
-export NOVA_VERSION=1.1
-
-# FIXME - why does this need to be specified?
-export NOVA_REGION_NAME=RegionOne
-
-# set log level to DEBUG (helps debug issues)
-export NOVACLIENT_DEBUG=1
+# Use openrc + stackrc + localrc for settings
+source ./openrc
# Get a token for clients that don't support service catalog
# ==========================================================
@@ -65,7 +29,7 @@
# returns a token and catalog of endpoints. We use python to parse the token
# and save it.
-TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$NOVA_USERNAME\", \"password\": \"$NOVA_API_KEY\"}}}" -H "Content-type: application/json" http://$HOST:5000/v2.0/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
+TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$NOVA_USERNAME\", \"password\": \"$NOVA_API_KEY\"}}}" -H "Content-type: application/json" http://$HOST_IP:5000/v2.0/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
# Launching a server
# ==================
@@ -95,8 +59,8 @@
# Create a secgroup
nova secgroup-create $SECGROUP "test_secgroup description"
-# Flavors
-# -------
+# determine flavor
+# ----------------
# List of flavors:
nova flavor-list
@@ -108,6 +72,16 @@
nova boot --flavor $FLAVOR --image $IMAGE $NAME --security_groups=$SECGROUP
+# Testing
+# =======
+
+# First check if it spins up (becomes active and responds to ping on
+# internal ip). If you run this script from a nova node, you should
+# bypass security groups and have direct access to the server.
+
+# Waiting for boot
+# ----------------
+
# let's give it 10 seconds to launch
sleep 10
@@ -117,15 +91,23 @@
# get the IP of the server
IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
-# ping it once (timeout of a second)
-ping -c1 -w1 $IP || true
+# for single node deployments, we can ping private ips
+MULTI_HOST=${MULTI_HOST:-0}
+if [ "$MULTI_HOST" = "0" ]; then
+ # ping it once (timeout of a second)
+ ping -c1 -w1 $IP || true
-# sometimes the first ping fails (10 seconds isn't enough time for the VM's
-# network to respond?), so let's wait 5 seconds and really test ping
-sleep 5
+ # sometimes the first ping fails (10 seconds isn't enough time for the VM's
+ # network to respond?), so let's wait 5 seconds and really test ping
+ sleep 5
-ping -c1 -w1 $IP
-# allow icmp traffic
+ ping -c1 -w1 $IP
+fi
+
+# Security Groups & Floating IPs
+# ------------------------------
+
+# allow icmp traffic (ping)
nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0
# List rules for a secgroup
@@ -135,31 +117,31 @@
nova floating-ip-create
# store floating address
-FIP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed 's/ //g'`
+FLOATING_IP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed 's/ //g'`
# add floating ip to our server
-nova add-floating-ip $NAME $FIP
+nova add-floating-ip $NAME $FLOATING_IP
# sleep for a smidge
-sleep 1
+sleep 5
-# ping our fip
-ping -c1 -w1 $FIP
+# ping our floating ip
+ping -c1 -w1 $FLOATING_IP
-# dis-allow icmp traffic
+# dis-allow icmp traffic (ping)
nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0
# sleep for a smidge
-sleep 1
+sleep 5
-# ping our fip
-if ( ping -c1 -w1 $FIP); then
+# ping our floating ip
+if ( ping -c1 -w1 $FLOATING_IP ); then
print "Security group failure - ping should not be allowed!"
exit 1
fi
# de-allocate the floating ip
-nova floating-ip-delete $FIP
+nova floating-ip-delete $FLOATING_IP
# shutdown the server
nova delete $NAME
@@ -169,3 +151,9 @@
# FIXME: validate shutdown within 5 seconds
# (nova show $NAME returns 1 or status != ACTIVE)?
+
+# Testing Euca2ools
+# ==================
+
+# make sure that we can describe instances
+euca-describe-instances
diff --git a/files/apts/general b/files/apts/general
index b47a60d..31fa752 100644
--- a/files/apts/general
+++ b/files/apts/general
@@ -16,3 +16,4 @@
wget
curl
tcpdump
+euca2ools # only for testing client
diff --git a/files/apts/nova b/files/apts/nova
index eb85e26..594f2da 100644
--- a/files/apts/nova
+++ b/files/apts/nova
@@ -33,3 +33,7 @@
python-lockfile
python-m2crypto
python-boto
+
+# Stuff for diablo volumes
+iscsitarget
+lvm2
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index 2cca345..5349311 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -36,8 +36,8 @@
# Tokens
$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
-# EC2 related creds - note we are setting the token to user_password
+# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD
# but keystone doesn't parse them - it is just a blob from keystone's
# point of view
-$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials"
-$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials"
+$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin' '%ADMIN_PASSWORD%' admin || echo "no support for adding credentials"
+$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo' '%ADMIN_PASSWORD%' demo || echo "no support for adding credentials"
diff --git a/openrc b/openrc
new file mode 100644
index 0000000..324780b
--- /dev/null
+++ b/openrc
@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+
+# Load local configuration
+source ./stackrc
+
+# Set api host endpoint
+HOST_IP=${HOST_IP:-127.0.0.1}
+
+# Nova original used project_id as the *account* that owned resources (servers,
+# ip address, ...) With the addition of Keystone we have standardized on the
+# term **tenant** as the entity that owns the resources. **novaclient** still
+# uses the old deprecated terms project_id. Note that this field should now be
+# set to tenant_name, not tenant_id.
+export NOVA_PROJECT_ID=${TENANT:-demo}
+
+# In addition to the owning entity (tenant), nova stores the entity performing
+# the action as the **user**.
+export NOVA_USERNAME=${USERNAME:-demo}
+
+# With Keystone you pass the keystone password instead of an api key.
+export NOVA_API_KEY=${ADMIN_PASSWORD:-secrete}
+
+# With the addition of Keystone, to use an openstack cloud you should
+# authenticate against keystone, which returns a **Token** and **Service
+# Catalog**. The catalog contains the endpoint for all services the user/tenant
+# has access to - including nova, glance, keystone, swift, ... We currently
+# recommend using the 2.0 *auth api*.
+#
+# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We
+# will use the 1.1 *compute api*
+export NOVA_URL=${NOVA_URL:-http://$HOST_IP:5000/v2.0/}
+
+# Currently novaclient needs you to specify the *compute api* version. This
+# needs to match the config of your catalog returned by Keystone.
+export NOVA_VERSION=${NOVA_VERSION:-1.1}
+
+# FIXME - why does this need to be specified?
+export NOVA_REGION_NAME=${NOVA_REGION_NAME:-RegionOne}
+
+# Set the ec2 url so euca2ools works
+export EC2_URL=${EC2_URL:-http://$HOST_IP:8773/services/Cloud}
+
+# Access key is set in the initial keystone data to be the same as username
+export EC2_ACCESS_KEY=${USERNAME:-demo}
+
+# Secret key is set in the initial keystone data to the admin password
+export EC2_SECRET_KEY=${ADMIN_PASSWORD:-secrete}
+
+# set log level to DEBUG (helps debug issues)
+# export NOVACLIENT_DEBUG=1
+
diff --git a/stack.sh b/stack.sh
index 02267d2..add76bd 100755
--- a/stack.sh
+++ b/stack.sh
@@ -305,20 +305,31 @@
# be owned by the installation user, we create the directory and change the
# ownership to the proper user.
function git_clone {
- # if there is an existing checkout, move it out of the way
- if [[ "$RECLONE" == "yes" ]]; then
- # FIXME(ja): if we were smarter we could speed up RECLONE by
- # using the old git repo as the basis of our new clone...
- if [ -d $2 ]; then
- mv $2 /tmp/stack.`date +%s`
- fi
- fi
- if [ ! -d $2 ]; then
- git clone $1 $2
+ GIT_REMOTE=$1
+ GIT_DEST=$2
+ GIT_BRANCH=$3
+
+ # do a full clone only if the directory doesn't exist
+ if [ ! -d $GIT_DEST ]; then
+ git clone $GIT_REMOTE $GIT_DEST
cd $2
# This checkout syntax works for both branches and tags
- git checkout $3
+ git checkout $GIT_BRANCH
+ elif [[ "$RECLONE" == "yes" ]]; then
+ # if it does exist then simulate what clone does if asked to RECLONE
+ cd $GIT_DEST
+ # set the url to pull from and fetch
+ git remote set-url origin $GIT_REMOTE
+ git fetch origin
+ # remove the existing ignored files (like pyc) as they cause breakage
+ # (due to the py files having older timestamps than our pyc, so python
+ # thinks the pyc files are correct using them)
+ sudo git clean -f -d
+ git checkout -f origin/$GIT_BRANCH
+ # a local branch might not exist
+ git branch -D $GIT_BRANCH || true
+ git checkout -b $GIT_BRANCH
fi
}
@@ -475,11 +486,15 @@
# Nova
# ----
-# We are going to use the sample http middleware configuration from the keystone
-# project to launch nova. This paste config adds the configuration required
-# for nova to validate keystone tokens - except we need to switch the config
-# to use our service token instead (instead of the invalid token 999888777666).
-sudo sed -e "s,999888777666,$SERVICE_TOKEN,g" -i $KEYSTONE_DIR/examples/paste/nova-api-paste.ini
+if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
+ # We are going to use the sample http middleware configuration from the
+ # keystone project to launch nova. This paste config adds the configuration
+ # required for nova to validate keystone tokens - except we need to switch
+ # the config to use our service token instead (instead of the invalid token
+ # 999888777666).
+ cp $KEYSTONE_DIR/examples/paste/nova-api-paste.ini $NOVA_DIR/bin
+ sed -e "s,999888777666,$SERVICE_TOKEN,g" -i $NOVA_DIR/bin/nova-api-paste.ini
+fi
if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then
@@ -552,6 +567,31 @@
mkdir -p $NOVA_DIR/networks
fi
+# Volume Service
+# --------------
+
+if [[ "$ENABLED_SERVICES" =~ "n-vol" ]]; then
+ #
+ # Configure a default volume group called 'nova-volumes' for the nova-volume
+ # service if it does not yet exist. If you don't wish to use a file backed
+ # volume group, create your own volume group called 'nova-volumes' before
+ # invoking stack.sh.
+ #
+ # By default, the backing file is 2G in size, and is stored in /opt/stack.
+ #
+ if ! sudo vgdisplay | grep -q nova-volumes; then
+ VOLUME_BACKING_FILE=${VOLUME_BACKING_FILE:-/opt/stack/nova-volumes-backing-file}
+ VOLUME_BACKING_FILE_SIZE=${VOLUME_BACKING_FILE_SIZE:-2052M}
+ truncate -s $VOLUME_BACKING_FILE_SIZE $VOLUME_BACKING_FILE
+ DEV=`sudo losetup -f --show $VOLUME_BACKING_FILE`
+ sudo vgcreate nova-volumes $DEV
+ fi
+
+ # Configure iscsitarget
+ sudo sed 's/ISCSITARGET_ENABLE=false/ISCSITARGET_ENABLE=true/' -i /etc/default/iscsitarget
+ sudo /etc/init.d/iscsitarget restart
+fi
+
function add_nova_flag {
echo "$1" >> $NOVA_DIR/bin/nova.conf
}
@@ -571,7 +611,7 @@
add_nova_flag "--osapi_extensions_path=$OPENSTACKX_DIR/extensions"
add_nova_flag "--vncproxy_url=http://$HOST_IP:6080"
add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/"
-add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini"
+add_nova_flag "--api_paste_config=$NOVA_DIR/bin/nova-api-paste.ini"
add_nova_flag "--image_service=nova.image.glance.GlanceImageService"
add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST"
add_nova_flag "--rabbit_host=$RABBIT_HOST"
@@ -583,6 +623,7 @@
fi
if [ -n "$MULTI_HOST" ]; then
add_nova_flag "--multi_host=$MULTI_HOST"
+ add_nova_flag "--send_arp_for_ha=1"
fi
if [ "$SYSLOG" != "False" ]; then
add_nova_flag "--use_syslog=1"
@@ -695,6 +736,7 @@
# within the context of our original shell (so our groups won't be updated).
# Use 'sg' to execute nova-compute as a member of the libvirtd group.
screen_it n-cpu "cd $NOVA_DIR && sg libvirtd $NOVA_DIR/bin/nova-compute"
+screen_it n-vol "cd $NOVA_DIR && $NOVA_DIR/bin/nova-volume"
screen_it n-net "cd $NOVA_DIR && $NOVA_DIR/bin/nova-network"
screen_it n-sch "cd $NOVA_DIR && $NOVA_DIR/bin/nova-scheduler"
screen_it n-vnc "cd $NOVNC_DIR && ./utils/nova-wsproxy.py 6080 --web . --flagfile=../nova/bin/nova.conf"
@@ -722,8 +764,8 @@
for image_url in ${IMAGE_URLS//,/ }; do
# Downloads the image (uec ami+aki style), then extracts it.
- IMAGE_FNAME=`echo "$image_url" | python -c "import sys; print sys.stdin.read().split('/')[-1]"`
- IMAGE_NAME=`echo "$IMAGE_FNAME" | python -c "import sys; print sys.stdin.read().split('.tar.gz')[0].split('.tgz')[0]"`
+ IMAGE_FNAME=`basename "$image_url"`
+ IMAGE_NAME=`basename "$IMAGE_FNAME" .tar.gz`
if [ ! -f $FILES/$IMAGE_FNAME ]; then
wget -c $image_url -O $FILES/$IMAGE_FNAME
fi
diff --git a/stackrc b/stackrc
index aaee6ec..9ba1043 100644
--- a/stackrc
+++ b/stackrc
@@ -12,14 +12,14 @@
# a websockets/html5 or flash powered VNC console for vm instances
NOVNC_REPO=https://github.com/cloudbuilders/noVNC.git
-NOVNC_BRANCH=master
+NOVNC_BRANCH=diablo
# django powered web control panel for openstack
DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git
DASH_BRANCH=diablo
# python client library to nova that dashboard (and others) use
-NOVACLIENT_REPO=https://github.com/cloudbuilders/python-novaclient.git
+NOVACLIENT_REPO=https://github.com/rackspace/python-novaclient.git
NOVACLIENT_BRANCH=master
# openstackx is a collection of extensions to openstack.compute & nova
diff --git a/tools/build_kvm.sh b/tools/build_kvm.sh
index 207f86b..36457d5 100755
--- a/tools/build_kvm.sh
+++ b/tools/build_kvm.sh
@@ -1,5 +1,8 @@
#!/usr/bin/env bash
+# exit on error to stop unexpected errors
+set -o errexit
+
# Make sure that we have the proper version of ubuntu
UBUNTU_VERSION=`cat /etc/lsb-release | grep CODENAME | sed 's/.*=//g'`
if [ ! "oneiric" = "$UBUNTU_VERSION" ]; then
@@ -16,9 +19,6 @@
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
TOP_DIR=$TOOLS_DIR/..
-# Configure the root password of the vm
-ROOT_PASSWORD=${ROOT_PASSWORD:password}
-
# Where to store files and instances
KVMSTACK_DIR=${KVMSTACK_DIR:-/opt/kvmstack}
@@ -41,24 +41,28 @@
# Source params
source ./stackrc
+# Configure the root password of the vm to be the same as ``ADMIN_PASSWORD``
+ROOT_PASSWORD=${ADMIN_PASSWORD:-password}
+
+
# Base image (natty by default)
DIST_NAME=${DIST_NAME:-natty}
IMAGE_FNAME=$DIST_NAME.raw
+# Name of our instance, used by libvirt
+GUEST_NAME=${GUEST_NAME:-kvmstack}
+
# Original version of built image
-BASE_IMAGE=$KVMSTACK_DIR/images/natty.raw
+BASE_IMAGE=$KVMSTACK_DIR/images/$DIST_NAME.raw
# Copy of base image, which we pre-install with tasty treats
-BASE_IMAGE_COPY=$IMAGES_DIR/$DIST_NAME.raw.copy
-
-# Name of our instance, used by libvirt
-CONTAINER_NAME=${CONTAINER_NAME:-kvmstack}
+VM_IMAGE=$IMAGES_DIR/$DIST_NAME.$GUEST_NAME.raw
# Mop up after previous runs
-virsh destroy $CONTAINER_NAME
+virsh destroy $GUEST_NAME || true
# Where this vm is stored
-VM_DIR=$KVMSTACK_DIR/instances/$CONTAINER_NAME
+VM_DIR=$KVMSTACK_DIR/instances/$GUEST_NAME
# Create vm dir
mkdir -p $VM_DIR
@@ -70,14 +74,14 @@
# Create the base image if it does not yet exist
if [ ! -e $IMAGES_DIR/$IMAGE_FNAME ]; then
cd $TOOLS_DIR
- ./make_image.sh -m -r 5000 natty raw
- mv natty.raw $BASE_IMAGE
+ ./make_image.sh -m -r 5000 $DIST_NAME raw
+ mv $DIST_NAME.raw $BASE_IMAGE
cd $TOP_DIR
fi
# Create a copy of the base image
-if [ ! -e $BASE_IMAGE_COPY ]; then
- cp -p $BASE_IMAGE $BASE_IMAGE_COPY
+if [ ! -e $VM_IMAGE ]; then
+ cp -p $BASE_IMAGE $VM_IMAGE
fi
# Unmount the copied base image
@@ -98,8 +102,8 @@
exit 1
}
-# Install deps
-apt-get install -y --force-yes kvm libvirt-bin kpartx
+# Install deps if needed
+dpkg -l kvm libvirt-bin kpartx || apt-get install -y --force-yes kvm libvirt-bin kpartx
# Let Ctrl-c kill tail and exit
trap kill_unmount SIGINT
@@ -108,7 +112,7 @@
DEST=${DEST:-/opt/stack}
# Mount the file system
-mount -o loop,offset=32256 $BASE_IMAGE_COPY $COPY_DIR
+mount -o loop,offset=32256 $VM_IMAGE $COPY_DIR
# git clone only if directory doesn't exist already. Since ``DEST`` might not
# be owned by the installation user, we create the directory and change the
@@ -148,29 +152,28 @@
git_clone $KEYSTONE_REPO $COPY_DIR/$DEST/keystone $KEYSTONE_BRANCH
git_clone $NOVNC_REPO $COPY_DIR/$DEST/noVNC $NOVNC_BRANCH
-# Unmount the filesystems
-unmount_images
-
# Back to devstack
cd $TOP_DIR
+# Unmount the filesystems
+unmount_images
+
# Network configuration variables
BRIDGE=${BRIDGE:-br0}
-CONTAINER=${CONTAINER:-STACK}
-CONTAINER_IP=${CONTAINER_IP:-192.168.1.50}
-CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24}
-CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0}
-CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1}
-CONTAINER_MAC=${CONTAINER_MAC:-"02:16:3e:07:69:`printf '%02X' $(echo $CONTAINER_IP | sed "s/.*\.//")`"}
-CONTAINER_RAM=${CONTAINER_RAM:-1524288}
-CONTAINER_CORES=${CONTAINER_CORES:-1}
+GUEST_IP=${GUEST_IP:-192.168.1.50}
+GUEST_CIDR=${GUEST_CIDR:-$GUEST_IP/24}
+GUEST_NETMASK=${GUEST_NETMASK:-255.255.255.0}
+GUEST_GATEWAY=${GUEST_GATEWAY:-192.168.1.1}
+GUEST_MAC=${GUEST_MAC:-"02:16:3e:07:69:`printf '%02X' $(echo $GUEST_IP | sed "s/.*\.//")`"}
+GUEST_RAM=${GUEST_RAM:-1524288}
+GUEST_CORES=${GUEST_CORES:-1}
# libvirt.xml configuration
-LIBVIRT_XML=libvirt.xml
+LIBVIRT_XML=$VM_DIR/libvirt.xml
cat > $LIBVIRT_XML <<EOF
<domain type='kvm'>
- <name>$CONTAINER_NAME</name>
- <memory>$CONTAINER_RAM</memory>
+ <name>$GUEST_NAME</name>
+ <memory>$GUEST_RAM</memory>
<os>
<type>hvm</type>
<bootmenu enable='yes'/>
@@ -178,7 +181,7 @@
<features>
<acpi/>
</features>
- <vcpu>$CONTAINER_CORES</vcpu>
+ <vcpu>$GUEST_CORES</vcpu>
<devices>
<disk type='file'>
<driver type='qcow2'/>
@@ -188,7 +191,7 @@
<interface type='bridge'>
<source bridge='$BRIDGE'/>
- <mac address='$CONTAINER_MAC'/>
+ <mac address='$GUEST_MAC'/>
</interface>
<!-- The order is significant here. File must be defined first -->
@@ -231,13 +234,15 @@
rm -f $VM_DIR/disk
# Create our instance fs
-qemu-img create -f qcow2 -b $BASE_IMAGE_COPY disk
+qemu-img create -f qcow2 -b $VM_IMAGE disk
-sleep 5
-
+# Connect our nbd and wait till it is mountable
qemu-nbd -c $NBD disk
-
-sleep 5
+NBD_DEV=`basename $NBD`
+if ! timeout 60 sh -c "while ! [ -e /sys/block/$NBD_DEV/pid ]; do sleep 1; done"; then
+ echo "Couldn't connect $NBD"
+ exit 1
+fi
# Mount the instance
mount $NBD $ROOTFS -o offset=32256 -t ext4
@@ -250,13 +255,13 @@
auto eth0
iface eth0 inet static
- address $CONTAINER_IP
- netmask $CONTAINER_NETMASK
- gateway $CONTAINER_GATEWAY
+ address $GUEST_IP
+ netmask $GUEST_NETMASK
+ gateway $GUEST_GATEWAY
EOF
# User configuration for the instance
-chroot $ROOTFS groupadd libvirtd
+chroot $ROOTFS groupadd libvirtd || true
chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd
cp -pr $TOOLS_DIR/.. $ROOTFS/$DEST/devstack
echo "root:$ROOT_PASSWORD" | chroot $ROOTFS chpasswd
@@ -280,6 +285,15 @@
cp_it ~/.bashrc $ROOTFS/$DEST/.bashrc
fi
+# pre-cache uec images
+for image_url in ${IMAGE_URLS//,/ }; do
+ IMAGE_FNAME=`basename "$image_url"`
+ if [ ! -f $IMAGES_DIR/$IMAGE_FNAME ]; then
+ wget -c $image_url -O $IMAGES_DIR/$IMAGE_FNAME
+ fi
+ cp $IMAGES_DIR/$IMAGE_FNAME $ROOTFS/$DEST/devstack/files
+done
+
# Configure the runner
RUN_SH=$ROOTFS/$DEST/run.sh
cat > $RUN_SH <<EOF
@@ -306,7 +320,7 @@
RC_LOCAL=$ROOTFS/etc/init.d/local
cat > $RC_LOCAL <<EOF
#!/bin/sh -e
-# Reboot if this is our first run to enable console log on natty :(
+# Reboot if this is our first run to enable console log on $DIST_NAME :(
if [ ! -e /root/firstlaunch ]; then
touch /root/firstlaunch
reboot -f
@@ -372,6 +386,10 @@
done
kill $TAIL_PID
+
+ if grep -q "stack.sh failed" $VM_DIR/console.log; then
+ exit 1
+ fi
echo ""
echo "Finished - Zip-a-dee Doo-dah!"
fi
diff --git a/tools/build_lxc.sh b/tools/build_lxc.sh
index 4d2372b..b629183 100755
--- a/tools/build_lxc.sh
+++ b/tools/build_lxc.sh
@@ -27,18 +27,19 @@
# Configurable params
BRIDGE=${BRIDGE:-br0}
-CONTAINER=${CONTAINER:-STACK}
-CONTAINER_IP=${CONTAINER_IP:-192.168.1.50}
-CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24}
-CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0}
-CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1}
+GUEST_NAME=${GUEST_NAME:-STACK}
+GUEST_IP=${GUEST_IP:-192.168.1.50}
+GUEST_CIDR=${GUEST_CIDR:-$GUEST_IP/24}
+GUEST_NETMASK=${GUEST_NETMASK:-255.255.255.0}
+GUEST_GATEWAY=${GUEST_GATEWAY:-192.168.1.1}
NAMESERVER=${NAMESERVER:-`cat /etc/resolv.conf | grep nameserver | head -1 | cut -d " " -f2`}
COPYENV=${COPYENV:-1}
DEST=${DEST:-/opt/stack}
WAIT_TILL_LAUNCH=${WAIT_TILL_LAUNCH:-1}
# Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova"
-STACKSH_PARAMS=${STACKSH_PARAMS:-}
+# By default, n-vol is disabled for lxc, as iscsitarget doesn't work properly in lxc
+STACKSH_PARAMS=${STACKSH_PARAMS:-"ENABLED_SERVICES=g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit"}
# Option to use the version of devstack on which we are currently working
USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1}
@@ -59,22 +60,22 @@
fi
# Create lxc configuration
-LXC_CONF=/tmp/$CONTAINER.conf
+LXC_CONF=/tmp/$GUEST_NAME.conf
cat > $LXC_CONF <<EOF
lxc.network.type = veth
lxc.network.link = $BRIDGE
lxc.network.flags = up
-lxc.network.ipv4 = $CONTAINER_CIDR
+lxc.network.ipv4 = $GUEST_CIDR
# allow tap/tun devices
lxc.cgroup.devices.allow = c 10:200 rwm
EOF
# Shutdown any existing container
-lxc-stop -n $CONTAINER
+lxc-stop -n $GUEST_NAME
# This kills zombie containers
-if [ -d /cgroup/$CONTAINER ]; then
- cgdelete -r cpu,net_cls:$CONTAINER
+if [ -d /cgroup/$GUEST_NAME ]; then
+ cgdelete -r cpu,net_cls:$GUEST_NAME
fi
# git clone only if directory doesn't exist already. Since ``DEST`` might not
@@ -94,9 +95,9 @@
# Helper to create the container
function create_lxc {
if [ "natty" = "$UBUNTU_VERSION" ]; then
- lxc-create -n $CONTAINER -t natty -f $LXC_CONF
+ lxc-create -n $GUEST_NAME -t natty -f $LXC_CONF
else
- lxc-create -n $CONTAINER -t ubuntu -f $LXC_CONF
+ lxc-create -n $GUEST_NAME -t ubuntu -f $LXC_CONF
fi
}
@@ -116,7 +117,7 @@
if [ ! -f $CACHEDIR/bootstrapped ]; then
# by deleting the container, we force lxc-create to re-bootstrap (lxc is
# lazy and doesn't do anything if a container already exists)
- lxc-destroy -n $CONTAINER
+ lxc-destroy -n $GUEST_NAME
# trigger the initial debootstrap
create_lxc
touch $CACHEDIR/bootstrapped
@@ -152,7 +153,7 @@
fi
# Destroy the old container
-lxc-destroy -n $CONTAINER
+lxc-destroy -n $GUEST_NAME
# If this call is to TERMINATE the container then exit
if [ "$TERMINATE" = "1" ]; then
@@ -163,7 +164,7 @@
create_lxc
# Specify where our container rootfs lives
-ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/
+ROOTFS=/var/lib/lxc/$GUEST_NAME/rootfs/
# Create a stack user that is a member of the libvirtd group so that stack
# is able to interact with libvirt.
@@ -213,9 +214,9 @@
auto eth0
iface eth0 inet static
- address $CONTAINER_IP
- netmask $CONTAINER_NETMASK
- gateway $CONTAINER_GATEWAY
+ address $GUEST_IP
+ netmask $GUEST_NETMASK
+ gateway $GUEST_GATEWAY
EOF
# Configure the runner
@@ -226,7 +227,7 @@
echo "nameserver $NAMESERVER" | sudo resolvconf -a eth0
# Make there is a default route - needed for natty
if ! route | grep -q default; then
- sudo ip route add default via $CONTAINER_GATEWAY
+ sudo ip route add default via $GUEST_GATEWAY
fi
sleep 1
@@ -264,7 +265,7 @@
fi
# Start our container
-lxc-start -d -n $CONTAINER
+lxc-start -d -n $GUEST_NAME
if [ "$WAIT_TILL_LAUNCH" = "1" ]; then
# Done creating the container, let's tail the log
@@ -300,6 +301,11 @@
done
kill $TAIL_PID
+
+ if grep -q "stack.sh failed" $ROOTFS/$DEST/run.sh.log; then
+ exit 1
+ fi
+
echo ""
echo "Finished - Zip-a-dee Doo-dah!"
fi
diff --git a/tools/build_lxc_multi.sh b/tools/build_lxc_multi.sh
index 50be4f5..5418ac9 100755
--- a/tools/build_lxc_multi.sh
+++ b/tools/build_lxc_multi.sh
@@ -18,7 +18,7 @@
# Helper to launch containers
function run_lxc {
# For some reason container names with periods can cause issues :/
- CONTAINER=$1 CONTAINER_IP=$2 CONTAINER_NETMASK=$NETMASK CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER TERMINATE=$TERMINATE STACKSH_PARAMS="$COMMON_VARS $3" ./build_lxc.sh
+ GUEST_NAME=$1 GUEST_IP=$2 GUEST_NETMASK=$NETMASK GUEST_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER TERMINATE=$TERMINATE STACKSH_PARAMS="$COMMON_VARS $3" ./build_lxc.sh
}
# Launch the head node - headnode uses a non-ip domain name,
diff --git a/tools/build_ramdisk.sh b/tools/build_ramdisk.sh
index ca7bdd5..be6ca77 100755
--- a/tools/build_ramdisk.sh
+++ b/tools/build_ramdisk.sh
@@ -99,11 +99,10 @@
git_clone $NOVACLIENT_REPO $DEST/python-novaclient $NOVACLIENT_BRANCH
git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH
-# Use this version of devstack?
-if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then
- rm -rf $CHROOTCACHE/natty-stack/$DEST/devstack
- cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack
-fi
+# Use this version of devstack
+rm -rf $CHROOTCACHE/natty-stack/$DEST/devstack
+cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack
+chroot $CHROOTCACHE/natty-stack chown -R stack $DEST/devstack
# Configure host network for DHCP
mkdir -p $CHROOTCACHE/natty-stack/etc/network
diff --git a/tools/get_uec_image.sh b/tools/get_uec_image.sh
new file mode 100755
index 0000000..e9d708d
--- /dev/null
+++ b/tools/get_uec_image.sh
@@ -0,0 +1,159 @@
+#!/bin/bash
+# get_uec_image.sh - Prepare Ubuntu images in various formats
+#
+# Supported formats: qcow (kvm), vmdk (vmserver), vdi (vbox), vhd (vpc), raw
+#
+# Required to run as root
+
+CACHEDIR=${CACHEDIR:-/var/cache/devstack}
+FORMAT=${FORMAT:-qcow2}
+ROOTSIZE=${ROOTSIZE:-2000}
+MIN_PKGS=${MIN_PKGS:-"apt-utils gpgv openssh-server"}
+
+usage() {
+ echo "Usage: $0 - Prepare Ubuntu images"
+ echo ""
+ echo "$0 [-f format] [-r rootsize] release imagefile"
+ echo ""
+ echo "-f format - image format: qcow2 (default), vmdk, vdi, vhd, xen, raw, fs"
+ echo "-r size - root fs size in MB (min 2000MB)"
+ echo "release - Ubuntu release: jaunty - oneric"
+ echo "imagefile - output image file"
+ exit 1
+}
+
+while getopts f:hmr: c; do
+ case $c in
+ f) FORMAT=$OPTARG
+ ;;
+ h) usage
+ ;;
+ m) MINIMAL=1
+ ;;
+ r) ROOTSIZE=$OPTARG
+ if $(( ROOTSIZE < 2000 )); then
+ echo "root size must be greater than 2000MB"
+ exit 1
+ fi
+ ;;
+ esac
+done
+shift `expr $OPTIND - 1`
+
+if [ ! "$#" -eq "2" ]; then
+ usage
+fi
+
+# Default args
+DIST_NAME=$1
+IMG_FILE=$2
+
+case $FORMAT in
+ kvm|qcow2) FORMAT=qcow2
+ QFORMAT=qcow2
+ ;;
+ vmserver|vmdk)
+ FORMAT=vmdk
+ QFORMAT=vmdk
+ ;;
+ vbox|vdi) FORMAT=vdi
+ QFORMAT=vdi
+ ;;
+ vhd|vpc) FORMAT=vhd
+ QFORMAT=vpc
+ ;;
+ xen) FORMAT=raw
+ QFORMAT=raw
+ ;;
+ raw) FORMAT=raw
+ QFORMAT=raw
+ ;;
+ *) echo "Unknown format: $FORMAT"
+ usage
+esac
+
+case $DIST_NAME in
+ oneiric) ;;
+ natty) ;;
+ maverick) ;;
+ lucid) ;;
+ karmic) ;;
+ jaunty) ;;
+ *) echo "Unknown release: $DIST_NAME"
+ usage
+ ;;
+esac
+
+# Set up nbd
+modprobe nbd max_part=63
+NBD=${NBD:-/dev/nbd9}
+NBD_DEV=`basename $NBD`
+
+# Prepare the base image
+
+# Get the UEC image
+UEC_NAME=$DIST_NAME-server-cloudimg-amd64
+if [ ! -e $CACHEDIR/$UEC_NAME-disk1.img ]; then
+ (cd $CACHEDIR; wget -N http://uec-images.ubuntu.com/$DIST_NAME/current/$UEC_NAME-disk1.img)
+
+
+ # Connect to nbd and wait till it is ready
+ qemu-nbd -d $NBD
+ qemu-nbd -c $NBD $CACHEDIR/$UEC_NAME-disk1.img
+ if ! timeout 60 sh -c "while ! [ -e /sys/block/$NBD_DEV/pid ]; do sleep 1; done"; then
+ echo "Couldn't connect $NBD"
+ exit 1
+ fi
+ MNTDIR=`mktemp -d mntXXXXXXXX`
+ mount -t ext4 ${NBD}p1 $MNTDIR
+
+ # Install our required packages
+ cp -p files/sources.list $MNTDIR/etc/apt/sources.list
+ cp -p /etc/resolv.conf $MNTDIR/etc/resolv.conf
+ chroot $MNTDIR apt-get update
+ chroot $MNTDIR apt-get install -y $MIN_PKGS
+ rm -f $MNTDIR/etc/resolv.conf
+
+ umount $MNTDIR
+ rmdir $MNTDIR
+ qemu-nbd -d $NBD
+fi
+
+if [ "$FORMAT" = "qcow2" ]; then
+ # Just copy image
+ cp -p $CACHEDIR/$UEC_NAME-disk1.img $IMG_FILE
+else
+ # Convert image
+ qemu-img convert -O $QFORMAT $CACHEDIR/$UEC_NAME-disk1.img $IMG_FILE
+fi
+
+# Resize the image if necessary
+if [ $ROOTSIZE -gt 2000 ]; then
+ # Resize the container
+ qemu-img resize $IMG_FILE +$((ROOTSIZE - 2000))M
+
+ # Connect to nbd and wait till it is ready
+ qemu-nbd -c $NBD $IMG_FILE
+ if ! timeout 60 sh -c "while ! [ -e /sys/block/$NBD_DEV/pid ]; do sleep 1; done"; then
+ echo "Couldn't connect $NBD"
+ exit 1
+ fi
+
+ # Resize partition 1 to full size of the disk image
+ echo "d
+n
+p
+1
+2
+
+t
+83
+a
+1
+w
+" | fdisk $NBD
+ fsck -t ext4 -f ${NBD}p1
+ resize2fs ${NBD}p1
+
+ qemu-nbd -d $NBD
+fi
diff --git a/tools/make_image.sh b/tools/make_image.sh
index 32d59bd..e957c75 100755
--- a/tools/make_image.sh
+++ b/tools/make_image.sh
@@ -65,6 +65,13 @@
RELEASE="pass"
fi
+# Make sure that we have the proper version of ubuntu
+UBUNTU_VERSION=`cat /etc/lsb-release | grep CODENAME | sed 's/.*=//g'`
+if [ "$UBUNTU_VERSION" = "natty" -a "$RELEASE" = "oneiric" ]; then
+ echo "natty installs can't build oneiric images"
+ exit 1
+fi
+
case $FORMAT in
kvm|qcow2) FORMAT=qcow2
QFORMAT=qcow2
@@ -97,6 +104,7 @@
esac
case $RELEASE in
+ oneiric) ;;
natty) ;;
maverick) ;;
lucid) ;;