Merge "Revert "Set the rabbit_durable_queues to match local consumers""
diff --git a/files/keystone_data.sh b/files/keystone_data.sh
index 20749bc..c8e68dd 100755
--- a/files/keystone_data.sh
+++ b/files/keystone_data.sh
@@ -4,7 +4,6 @@
#
# Tenant User Roles
# ------------------------------------------------------------------
-# admin admin admin
# service glance admin
# service nova admin, [ResellerAdmin (swift only)]
# service quantum admin # if enabled
@@ -12,9 +11,6 @@
# service cinder admin # if enabled
# service heat admin # if enabled
# service ceilometer admin # if enabled
-# demo admin admin
-# demo demo Member, anotherrole
-# invisible_to_admin demo Member
# Tempest Only:
# alt_demo alt_demo Member
#
@@ -40,53 +36,14 @@
echo `"$@" | awk '/ id / { print $4 }'`
}
-
-# Tenants
-# -------
-
-ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
-SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
-DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
-INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
-
-
-# Users
-# -----
-
-ADMIN_USER=$(get_id keystone user-create --name=admin \
- --pass="$ADMIN_PASSWORD" \
- --email=admin@example.com)
-DEMO_USER=$(get_id keystone user-create --name=demo \
- --pass="$ADMIN_PASSWORD" \
- --email=demo@example.com)
+# Lookups
+SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
# Roles
# -----
-ADMIN_ROLE=$(get_id keystone role-create --name=admin)
-KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
-KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
-# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
-# TODO(sleepsonthefloor): show how this can be used for rbac in the future!
-ANOTHER_ROLE=$(get_id keystone role-create --name=anotherrole)
-
-
-# Add Roles to Users in Tenants
-keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id $ADMIN_TENANT
-keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id $DEMO_TENANT
-keystone user-role-add --user_id $DEMO_USER --role_id $ANOTHER_ROLE --tenant_id $DEMO_TENANT
-
-# TODO(termie): these two might be dubious
-keystone user-role-add --user_id $ADMIN_USER --role_id $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
-keystone user-role-add --user_id $ADMIN_USER --role_id $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
-
-
-# The Member role is used by Horizon and Swift so we need to keep it:
-MEMBER_ROLE=$(get_id keystone role-create --name=Member)
-keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $DEMO_TENANT
-keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $INVIS_TENANT
-
# The ResellerAdmin role is used by Nova and Ceilometer so we need to keep it.
# The admin role in swift allows a user to act as an admin for their tenant,
# but ResellerAdmin is needed for a user to act as any tenant. The name of this
@@ -96,20 +53,6 @@
# Services
# --------
-# Keystone
-if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- KEYSTONE_SERVICE=$(get_id keystone service-create \
- --name=keystone \
- --type=identity \
- --description="Keystone Identity Service")
- keystone endpoint-create \
- --region RegionOne \
- --service_id $KEYSTONE_SERVICE \
- --publicurl "http://$SERVICE_HOST:\$(public_port)s/v2.0" \
- --adminurl "http://$SERVICE_HOST:\$(admin_port)s/v2.0" \
- --internalurl "http://$SERVICE_HOST:\$(public_port)s/v2.0"
-fi
-
# Nova
if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
NOVA_USER=$(get_id keystone user-create \
diff --git a/files/rpms-suse/ceilometer-collector b/files/rpms-suse/ceilometer-collector
new file mode 100644
index 0000000..c76454f
--- /dev/null
+++ b/files/rpms-suse/ceilometer-collector
@@ -0,0 +1,4 @@
+# Not available in openSUSE main repositories, but can be fetched from OBS
+# (devel:languages:python and server:database projects)
+mongodb
+python-pymongo
diff --git a/files/rpms-suse/cinder b/files/rpms-suse/cinder
new file mode 100644
index 0000000..e5b4727
--- /dev/null
+++ b/files/rpms-suse/cinder
@@ -0,0 +1,2 @@
+lvm2
+tgt
diff --git a/files/rpms-suse/general b/files/rpms-suse/general
new file mode 100644
index 0000000..8ed74ec
--- /dev/null
+++ b/files/rpms-suse/general
@@ -0,0 +1,23 @@
+bridge-utils
+curl
+euca2ools
+git-core
+iputils
+openssh
+psmisc
+python-cmd2 # dist:opensuse-12.3
+python-netaddr
+python-pep8
+python-pip
+python-pylint
+python-unittest2
+python-virtualenv
+screen
+tar
+tcpdump
+unzip
+vim-enhanced
+wget
+
+findutils-locate # useful when debugging
+lsof # useful when debugging
diff --git a/files/rpms-suse/glance b/files/rpms-suse/glance
new file mode 100644
index 0000000..dd68ac0
--- /dev/null
+++ b/files/rpms-suse/glance
@@ -0,0 +1,12 @@
+gcc
+libxml2-devel
+python-PasteDeploy
+python-Routes
+python-SQLAlchemy
+python-argparse
+python-devel
+python-eventlet
+python-greenlet
+python-iso8601
+python-wsgiref
+python-xattr
diff --git a/files/rpms-suse/horizon b/files/rpms-suse/horizon
new file mode 100644
index 0000000..7e46ffe
--- /dev/null
+++ b/files/rpms-suse/horizon
@@ -0,0 +1,23 @@
+apache2 # NOPRIME
+apache2-mod_wsgi # NOPRIME
+nodejs
+python-CherryPy # why? (coming from apts)
+python-Paste
+python-PasteDeploy
+python-Routes
+python-Sphinx
+python-SQLAlchemy
+python-WebOb
+python-anyjson
+python-beautifulsoup
+python-coverage
+python-dateutil
+python-eventlet
+python-kombu
+python-mox
+python-netaddr
+python-nose
+python-pep8
+python-pylint
+python-sqlalchemy-migrate
+python-xattr
diff --git a/files/rpms-suse/keystone b/files/rpms-suse/keystone
new file mode 100644
index 0000000..b3c876a
--- /dev/null
+++ b/files/rpms-suse/keystone
@@ -0,0 +1,17 @@
+cyrus-sasl-devel
+openldap2-devel
+python-Paste
+python-PasteDeploy
+python-PasteScript
+python-Routes
+python-SQLAlchemy
+python-WebOb
+python-devel
+python-distribute
+python-setuptools # instead of python-distribute; dist:sle11sp2
+python-greenlet
+python-lxml
+python-mysql
+python-py-bcrypt
+python-pysqlite
+sqlite3
diff --git a/files/rpms-suse/n-api b/files/rpms-suse/n-api
new file mode 100644
index 0000000..ad943ff
--- /dev/null
+++ b/files/rpms-suse/n-api
@@ -0,0 +1,2 @@
+gcc # temporary because this pulls in glance to get the client without running the glance prereqs
+python-dateutil
diff --git a/files/rpms-suse/n-cpu b/files/rpms-suse/n-cpu
new file mode 100644
index 0000000..27d3254
--- /dev/null
+++ b/files/rpms-suse/n-cpu
@@ -0,0 +1,4 @@
+# Stuff for diablo volumes
+genisoimage
+lvm2
+open-iscsi
diff --git a/files/rpms-suse/n-novnc b/files/rpms-suse/n-novnc
new file mode 100644
index 0000000..c8722b9
--- /dev/null
+++ b/files/rpms-suse/n-novnc
@@ -0,0 +1 @@
+python-numpy
diff --git a/files/rpms-suse/n-vol b/files/rpms-suse/n-vol
new file mode 100644
index 0000000..e5b4727
--- /dev/null
+++ b/files/rpms-suse/n-vol
@@ -0,0 +1,2 @@
+lvm2
+tgt
diff --git a/files/rpms-suse/nova b/files/rpms-suse/nova
new file mode 100644
index 0000000..0c03678
--- /dev/null
+++ b/files/rpms-suse/nova
@@ -0,0 +1,48 @@
+curl
+# Note: we need to package dhcp_release in dnsmasq!
+dnsmasq
+ebtables
+gawk
+iptables
+iputils
+kpartx
+kvm
+libvirt # NOPRIME
+libvirt-python
+libxml2-python
+mysql-community-server # NOPRIME
+parted
+python-M2Crypto
+python-m2crypto # dist:sle11sp2
+python-Paste
+python-PasteDeploy
+python-Routes
+python-SQLAlchemy
+python-Tempita
+python-boto
+python-carrot
+python-cheetah
+python-eventlet
+python-feedparser
+python-greenlet
+python-iso8601
+python-kombu
+python-lockfile
+python-lxml # needed for glance which is needed for nova --- this shouldn't be here
+python-mox
+python-mysql
+python-netaddr
+python-paramiko
+python-python-gflags
+python-sqlalchemy-migrate
+python-suds
+python-xattr # needed for glance which is needed for nova --- this shouldn't be here
+rabbitmq-server # NOPRIME
+socat
+sqlite3
+sudo
+vlan
+
+# FIXME: qpid is not part of openSUSE, those names are tentative
+python-qpid # NOPRIME
+qpidd # NOPRIME
diff --git a/files/rpms-suse/postgresql b/files/rpms-suse/postgresql
new file mode 100644
index 0000000..bf19d39
--- /dev/null
+++ b/files/rpms-suse/postgresql
@@ -0,0 +1 @@
+python-psycopg2
diff --git a/files/rpms-suse/quantum b/files/rpms-suse/quantum
new file mode 100644
index 0000000..068c15c
--- /dev/null
+++ b/files/rpms-suse/quantum
@@ -0,0 +1,27 @@
+# Note: we need to package dhcp_release in dnsmasq!
+dnsmasq
+ebtables
+iptables
+iputils
+mysql-community-server # NOPRIME
+python-boto
+python-eventlet
+python-greenlet
+python-iso8601
+python-kombu
+python-mysql
+python-netaddr
+python-Paste
+python-PasteDeploy
+python-pyudev
+python-Routes
+python-SQLAlchemy
+python-suds
+rabbitmq-server # NOPRIME
+sqlite3
+sudo
+vlan
+
+# FIXME: qpid is not part of openSUSE, those names are tentative
+python-qpid # NOPRIME
+qpidd # NOPRIME
diff --git a/files/rpms-suse/ryu b/files/rpms-suse/ryu
new file mode 100644
index 0000000..763fd24
--- /dev/null
+++ b/files/rpms-suse/ryu
@@ -0,0 +1,5 @@
+python-distribute
+python-setuptools # instead of python-distribute; dist:sle11sp2
+python-Sphinx
+python-gevent
+python-python-gflags
diff --git a/files/rpms-suse/swift b/files/rpms-suse/swift
new file mode 100644
index 0000000..db379bb
--- /dev/null
+++ b/files/rpms-suse/swift
@@ -0,0 +1,19 @@
+curl
+gcc
+memcached
+python-PasteDeploy
+python-WebOb
+python-configobj
+python-coverage
+python-devel
+python-distribute
+python-setuptools # instead of python-distribute; dist:sle11sp2
+python-eventlet
+python-greenlet
+python-netifaces
+python-nose
+python-simplejson
+python-xattr
+sqlite3
+xfsprogs
+xinetd
diff --git a/lib/databases/mysql b/lib/databases/mysql
index fc6a3b7..eb84f2c 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -84,7 +84,11 @@
chmod 0600 $HOME/.my.cnf
fi
# Install mysql-server
- install_package mysql-server
+ if is_suse; then
+ install_package mysql-community-server
+ else
+ install_package mysql-server
+ fi
}
function database_connection_url_mysql {
diff --git a/lib/horizon b/lib/horizon
index 6173042..189ca10 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -113,6 +113,8 @@
if [[ "$os_PACKAGE" = "deb" ]]; then
# Install apache2, which is NOPRIME'd
install_package apache2 libapache2-mod-wsgi
+ elif is_suse; then
+ install_package apache2 apache2-mod_wsgi
else
sudo rm -f /etc/httpd/conf.d/000-*
install_package httpd mod_wsgi
diff --git a/lib/keystone b/lib/keystone
index ae89056..f6a6d66 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -15,6 +15,7 @@
# configure_keystone
# init_keystone
# start_keystone
+# create_keystone_accounts
# stop_keystone
# cleanup_keystone
@@ -45,7 +46,6 @@
KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-PKI}
# Set Keystone interface configuration
-KEYSTONE_API_PORT=${KEYSTONE_API_PORT:-5000}
KEYSTONE_AUTH_HOST=${KEYSTONE_AUTH_HOST:-$SERVICE_HOST}
KEYSTONE_AUTH_PORT=${KEYSTONE_AUTH_PORT:-35357}
KEYSTONE_AUTH_PROTOCOL=${KEYSTONE_AUTH_PROTOCOL:-http}
@@ -144,6 +144,100 @@
}
+# create_keystone_accounts() - Sets up common required keystone accounts
+
+# Tenant User Roles
+# ------------------------------------------------------------------
+# service -- --
+# -- -- Member
+# admin admin admin
+# demo admin admin
+# demo demo Member, anotherrole
+# invisible_to_admin demo Member
+
+# Migrated from keystone_data.sh
+create_keystone_accounts() {
+
+ # admin
+ ADMIN_TENANT=$(keystone tenant-create \
+ --name admin \
+ | grep " id " | get_field 2)
+ ADMIN_USER=$(keystone user-create \
+ --name admin \
+ --pass "$ADMIN_PASSWORD" \
+ --email admin@example.com \
+ | grep " id " | get_field 2)
+ ADMIN_ROLE=$(keystone role-create \
+ --name admin \
+ | grep " id " | get_field 2)
+ keystone user-role-add \
+ --user_id $ADMIN_USER \
+ --role_id $ADMIN_ROLE \
+ --tenant_id $ADMIN_TENANT
+
+ # service
+ SERVICE_TENANT=$(keystone tenant-create \
+ --name $SERVICE_TENANT_NAME \
+ | grep " id " | get_field 2)
+
+ # The Member role is used by Horizon and Swift so we need to keep it:
+ MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)
+ # ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
+ # TODO(sleepsonthefloor): show how this can be used for rbac in the future!
+ ANOTHER_ROLE=$(keystone role-create --name=anotherrole | grep " id " | get_field 2)
+
+ # invisible tenant - admin can't see this one
+ INVIS_TENANT=$(keystone tenant-create --name=invisible_to_admin | grep " id " | get_field 2)
+
+ # demo
+ DEMO_TENANT=$(keystone tenant-create \
+ --name=demo \
+ | grep " id " | get_field 2)
+ DEMO_USER=$(keystone user-create \
+ --name demo \
+ --pass "$ADMIN_PASSWORD" \
+ --email demo@example.com \
+ | grep " id " | get_field 2)
+ keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $DEMO_TENANT
+ keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id $DEMO_TENANT
+ keystone user-role-add --user_id $DEMO_USER --role_id $ANOTHER_ROLE --tenant_id $DEMO_TENANT
+ keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $INVIS_TENANT
+
+ # Keystone
+ if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+ KEYSTONE_SERVICE=$(keystone service-create \
+ --name keystone \
+ --type identity \
+ --description "Keystone Identity Service" \
+ | grep " id " | get_field 2)
+ keystone endpoint-create \
+ --region RegionOne \
+ --service_id $KEYSTONE_SERVICE \
+ --publicurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:\$(public_port)s/v2.0" \
+ --adminurl "$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:\$(admin_port)s/v2.0" \
+ --internalurl "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:\$(public_port)s/v2.0"
+ fi
+
+ # TODO(dtroyer): This is part of a series of changes...remove these when
+ # complete if they are really unused
+# KEYSTONEADMIN_ROLE=$(keystone role-create \
+# --name KeystoneAdmin \
+# | grep " id " | get_field 2)
+# KEYSTONESERVICE_ROLE=$(keystone role-create \
+# --name KeystoneServiceAdmin \
+# | grep " id " | get_field 2)
+
+ # TODO(termie): these two might be dubious
+# keystone user-role-add \
+# --user_id $ADMIN_USER \
+# --role_id $KEYSTONEADMIN_ROLE \
+# --tenant_id $ADMIN_TENANT
+# keystone user-role-add \
+# --user_id $ADMIN_USER \
+# --role_id $KEYSTONESERVICE_ROLE \
+# --tenant_id $ADMIN_TENANT
+}
+
# init_keystone() - Initialize databases, etc.
function init_keystone() {
# (Re)create keystone database
@@ -176,6 +270,11 @@
function start_keystone() {
# Start Keystone in a screen window
screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $KEYSTONE_LOG_CONFIG -d --debug"
+ echo "Waiting for keystone to start..."
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= curl -s $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ >/dev/null; do sleep 1; done"; then
+ echo "keystone did not start"
+ exit 1
+ fi
}
# stop_keystone() - Stop running processes
diff --git a/stack.sh b/stack.sh
index 8e8c519..55eafa8 100755
--- a/stack.sh
+++ b/stack.sh
@@ -679,12 +679,18 @@
echo_summary "Installing package prerequisites"
if [[ "$os_PACKAGE" = "deb" ]]; then
install_package $(get_packages $FILES/apts)
+elif is_suse; then
+ install_package $(get_packages $FILES/rpms-suse)
else
install_package $(get_packages $FILES/rpms)
fi
if [[ $SYSLOG != "False" ]]; then
- install_package rsyslog-relp
+ if is_suse; then
+ install_package rsyslog-module-relp
+ else
+ install_package rsyslog-relp
+ fi
fi
if is_service_enabled rabbit; then
@@ -702,7 +708,11 @@
fi
elif is_service_enabled zeromq; then
if [[ "$os_PACKAGE" = "rpm" ]]; then
- install_package zeromq python-zmq
+ if is_suse; then
+ install_package libzmq1 python-pyzmq
+ else
+ install_package zeromq python-zmq
+ fi
else
install_package libzmq1 python-zmq
fi
@@ -953,15 +963,16 @@
configure_keystone
init_keystone
start_keystone
- echo "Waiting for keystone to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= curl -s $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_API_PORT/v2.0/ >/dev/null; do sleep 1; done"; then
- echo "keystone did not start"
- exit 1
- fi
- # ``keystone_data.sh`` creates services, admin and demo users, and roles.
+ # Set up a temporary admin URI for Keystone
SERVICE_ENDPOINT=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0
+ # Do the keystone-specific bits from keystone_data.sh
+ export OS_SERVICE_TOKEN=$SERVICE_TOKEN
+ export OS_SERVICE_ENDPOINT=$SERVICE_ENDPOINT
+ create_keystone_accounts
+
+ # ``keystone_data.sh`` creates services, admin and demo users, and roles.
ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD \
SERVICE_TOKEN=$SERVICE_TOKEN SERVICE_ENDPOINT=$SERVICE_ENDPOINT SERVICE_HOST=$SERVICE_HOST \
S3_SERVICE_PORT=$S3_SERVICE_PORT KEYSTONE_CATALOG_BACKEND=$KEYSTONE_CATALOG_BACKEND \
@@ -974,6 +985,7 @@
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASSWORD
+ unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
fi
@@ -1750,7 +1762,7 @@
# If Keystone is present you can point ``nova`` cli to this server
if is_service_enabled key; then
- echo "Keystone is serving at $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_API_PORT/v2.0/"
+ echo "Keystone is serving at $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/"
echo "Examples on using novaclient command line is in exercise.sh"
echo "The default users are: admin and demo"
echo "The password: $ADMIN_PASSWORD"